From 6ceafb6c5338b1bd03d8cffbf2e8ac793c85b6c2 Mon Sep 17 00:00:00 2001 From: Release Configuration Management Date: Thu, 8 Oct 2020 18:58:09 +0000 Subject: [PATCH 01/41] New branch setup --- .gitignore | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e69de29 From 16459847f1409258960e2290fd213ab089837b02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0abata?= Date: Thu, 15 Oct 2020 22:27:53 +0200 Subject: [PATCH 02/41] RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/openssl#7ae2c9cd854539d3f09c5da76a55f6ff55ce55a8 --- .gitignore | 50 + Makefile.certificate | 82 + README.FIPS | 72 + ec_curve.c | 582 ++ ectest.c | 1464 +++ fixpatch | 15 + hobble-openssl | 40 + make-dummy-cert | 28 + openssl-1.1.0-issuer-hash.patch | 11 + openssl-1.1.1-alpn-cb.patch | 27 + openssl-1.1.1-apps-dgst.patch | 12 + openssl-1.1.1-arm-update.patch | 1434 +++ openssl-1.1.1-build.patch | 40 + openssl-1.1.1-conf-paths.patch | 56 + openssl-1.1.1-defaults.patch | 51 + openssl-1.1.1-disable-ssl3.patch | 91 + openssl-1.1.1-ec-curves.patch | 210 + openssl-1.1.1-edk2-build.patch | 57 + openssl-1.1.1-evp-kdf.patch | 5238 ++++++++++ openssl-1.1.1-fips-crng-test.patch | 408 + openssl-1.1.1-fips-curves.patch | 200 + openssl-1.1.1-fips-dh.patch | 2806 ++++++ openssl-1.1.1-fips-drbg-selftest.patch | 587 ++ openssl-1.1.1-fips-post-rand.patch | 189 + openssl-1.1.1-fips.patch | 11655 ++++++++++++++++++++++ openssl-1.1.1-ignore-bound.patch | 14 + openssl-1.1.1-intel-cet.patch | 500 + openssl-1.1.1-kdf-selftest.patch | 170 + openssl-1.1.1-krb5-kdf.patch | 3030 ++++++ openssl-1.1.1-man-rename.patch | 19 + openssl-1.1.1-no-brainpool.patch | 112 + openssl-1.1.1-no-html.patch | 12 + openssl-1.1.1-no-weak-verify.patch | 26 + openssl-1.1.1-reneg-no-extms.patch | 44 + openssl-1.1.1-rewire-fips-drbg.patch | 170 + openssl-1.1.1-s390x-ecc.patch | 2306 +++++ openssl-1.1.1-s390x-update.patch | 5502 ++++++++++ openssl-1.1.1-seclevel.patch | 160 + openssl-1.1.1-ssh-kdf.patch | 5612 +++++++++++ openssl-1.1.1-system-cipherlist.patch | 310 + openssl-1.1.1-ts-sha256-default.patch | 50 + openssl-1.1.1-version-add-engines.patch | 38 + openssl-1.1.1-version-override.patch | 12 + openssl-1.1.1-weak-ciphers.patch | 57 + openssl.spec | 2206 ++++ opensslconf-new-warning.h | 7 + opensslconf-new.h | 47 + renew-dummy-cert | 39 + sources | 1 + tests/simple-rsapss-test/Makefile | 63 + tests/simple-rsapss-test/PURPOSE | 3 + tests/simple-rsapss-test/runtest.sh | 74 + tests/tests.yml | 15 + tests/tests_python.yml | 18 + 54 files changed, 46022 insertions(+) create mode 100644 Makefile.certificate create mode 100644 README.FIPS create mode 100644 ec_curve.c create mode 100644 ectest.c create mode 100755 fixpatch create mode 100755 hobble-openssl create mode 100755 make-dummy-cert create mode 100644 openssl-1.1.0-issuer-hash.patch create mode 100644 openssl-1.1.1-alpn-cb.patch create mode 100644 openssl-1.1.1-apps-dgst.patch create mode 100644 openssl-1.1.1-arm-update.patch create mode 100644 openssl-1.1.1-build.patch create mode 100644 openssl-1.1.1-conf-paths.patch create mode 100644 openssl-1.1.1-defaults.patch create mode 100644 openssl-1.1.1-disable-ssl3.patch create mode 100644 openssl-1.1.1-ec-curves.patch create mode 100644 openssl-1.1.1-edk2-build.patch create mode 100644 openssl-1.1.1-evp-kdf.patch create mode 100644 openssl-1.1.1-fips-crng-test.patch create mode 100644 openssl-1.1.1-fips-curves.patch create mode 100644 openssl-1.1.1-fips-dh.patch create mode 100644 openssl-1.1.1-fips-drbg-selftest.patch create mode 100644 openssl-1.1.1-fips-post-rand.patch create mode 100644 openssl-1.1.1-fips.patch create mode 100644 openssl-1.1.1-ignore-bound.patch create mode 100644 openssl-1.1.1-intel-cet.patch create mode 100644 openssl-1.1.1-kdf-selftest.patch create mode 100644 openssl-1.1.1-krb5-kdf.patch create mode 100644 openssl-1.1.1-man-rename.patch create mode 100644 openssl-1.1.1-no-brainpool.patch create mode 100644 openssl-1.1.1-no-html.patch create mode 100644 openssl-1.1.1-no-weak-verify.patch create mode 100644 openssl-1.1.1-reneg-no-extms.patch create mode 100644 openssl-1.1.1-rewire-fips-drbg.patch create mode 100644 openssl-1.1.1-s390x-ecc.patch create mode 100644 openssl-1.1.1-s390x-update.patch create mode 100644 openssl-1.1.1-seclevel.patch create mode 100644 openssl-1.1.1-ssh-kdf.patch create mode 100644 openssl-1.1.1-system-cipherlist.patch create mode 100644 openssl-1.1.1-ts-sha256-default.patch create mode 100644 openssl-1.1.1-version-add-engines.patch create mode 100644 openssl-1.1.1-version-override.patch create mode 100644 openssl-1.1.1-weak-ciphers.patch create mode 100644 openssl.spec create mode 100644 opensslconf-new-warning.h create mode 100644 opensslconf-new.h create mode 100755 renew-dummy-cert create mode 100644 sources create mode 100644 tests/simple-rsapss-test/Makefile create mode 100644 tests/simple-rsapss-test/PURPOSE create mode 100755 tests/simple-rsapss-test/runtest.sh create mode 100644 tests/tests.yml create mode 100644 tests/tests_python.yml diff --git a/.gitignore b/.gitignore index e69de29..c6aba1d 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1,50 @@ +.build*.log +clog +000*.patch +*.src.rpm +openssl-1.0.0a-usa.tar.bz2 +/openssl-1.0.0b-usa.tar.bz2 +/openssl-1.0.0c-usa.tar.bz2 +/openssl-1.0.0d-usa.tar.bz2 +/openssl-1.0.0e-usa.tar.bz2 +/openssl-1.0.0f-usa.tar.bz2 +/openssl-1.0.0g-usa.tar.xz +/openssl-1.0.1-beta2-usa.tar.xz +/openssl-1.0.1-beta3-usa.tar.xz +/openssl-1.0.1-usa.tar.xz +/openssl-1.0.1a-usa.tar.xz +/openssl-1.0.1b-usa.tar.xz +/openssl-1.0.1c-usa.tar.xz +/openssl-1.0.1e-usa.tar.xz +/openssl-1.0.1e-hobbled.tar.xz +/openssl-1.0.1g-hobbled.tar.xz +/openssl-1.0.1h-hobbled.tar.xz +/openssl-1.0.1i-hobbled.tar.xz +/openssl-1.0.1j-hobbled.tar.xz +/openssl-1.0.1k-hobbled.tar.xz +/openssl-1.0.2a-hobbled.tar.xz +/openssl-1.0.2c-hobbled.tar.xz +/openssl-1.0.2d-hobbled.tar.xz +/openssl-1.0.2e-hobbled.tar.xz +/openssl-1.0.2f-hobbled.tar.xz +/openssl-1.0.2g-hobbled.tar.xz +/openssl-1.0.2h-hobbled.tar.xz +/openssl-1.0.2i-hobbled.tar.xz +/openssl-1.0.2j-hobbled.tar.xz +/openssl-1.1.0b-hobbled.tar.xz +/openssl-1.1.0c-hobbled.tar.xz +/openssl-1.1.0d-hobbled.tar.xz +/openssl-1.1.0e-hobbled.tar.xz +/openssl-1.1.0f-hobbled.tar.xz +/openssl-1.1.0g-hobbled.tar.xz +/openssl-1.1.0h-hobbled.tar.xz +/openssl-1.1.1-pre8-hobbled.tar.xz +/openssl-1.1.1-pre9-hobbled.tar.xz +/openssl-1.1.1-hobbled.tar.xz +/openssl-1.1.1a-hobbled.tar.xz +/openssl-1.1.1b-hobbled.tar.xz +/openssl-1.1.1c-hobbled.tar.xz +/openssl-1.1.1d-hobbled.tar.xz +/openssl-1.1.1e-hobbled.tar.xz +/openssl-1.1.1f-hobbled.tar.xz +/openssl-1.1.1g-hobbled.tar.xz diff --git a/Makefile.certificate b/Makefile.certificate new file mode 100644 index 0000000..cc88c52 --- /dev/null +++ b/Makefile.certificate @@ -0,0 +1,82 @@ +UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8) +DAYS=365 +KEYLEN=2048 +TYPE=rsa:$(KEYLEN) +EXTRA_FLAGS= +ifdef SERIAL + EXTRA_FLAGS+=-set_serial $(SERIAL) +endif + +.PHONY: usage +.SUFFIXES: .key .csr .crt .pem +.PRECIOUS: %.key %.csr %.crt %.pem + +usage: + @echo "This makefile allows you to create:" + @echo " o public/private key pairs" + @echo " o SSL certificate signing requests (CSRs)" + @echo " o self-signed SSL test certificates" + @echo + @echo "To create a key pair, run \"make SOMETHING.key\"." + @echo "To create a CSR, run \"make SOMETHING.csr\"." + @echo "To create a test certificate, run \"make SOMETHING.crt\"." + @echo "To create a key and a test certificate in one file, run \"make SOMETHING.pem\"." + @echo + @echo "To create a key for use with Apache, run \"make genkey\"." + @echo "To create a CSR for use with Apache, run \"make certreq\"." + @echo "To create a test certificate for use with Apache, run \"make testcert\"." + @echo + @echo "To create a test certificate with serial number other than random, add SERIAL=num" + @echo "You can also specify key length with KEYLEN=n and expiration in days with DAYS=n" + @echo "Any additional options can be passed to openssl req via EXTRA_FLAGS" + @echo + @echo Examples: + @echo " make server.key" + @echo " make server.csr" + @echo " make server.crt" + @echo " make stunnel.pem" + @echo " make genkey" + @echo " make certreq" + @echo " make testcert" + @echo " make server.crt SERIAL=1" + @echo " make stunnel.pem EXTRA_FLAGS=-sha384" + @echo " make testcert DAYS=600" + +%.pem: + umask 77 ; \ + PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \ + PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \ + /usr/bin/openssl req $(UTF8) -newkey $(TYPE) -keyout $$PEM1 -nodes -x509 -days $(DAYS) -out $$PEM2 $(EXTRA_FLAGS) ; \ + cat $$PEM1 > $@ ; \ + echo "" >> $@ ; \ + cat $$PEM2 >> $@ ; \ + $(RM) $$PEM1 $$PEM2 + +%.key: + umask 77 ; \ + /usr/bin/openssl genrsa -aes128 $(KEYLEN) > $@ + +%.csr: %.key + umask 77 ; \ + /usr/bin/openssl req $(UTF8) -new -key $^ -out $@ + +%.crt: %.key + umask 77 ; \ + /usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days $(DAYS) -out $@ $(EXTRA_FLAGS) + +TLSROOT=/etc/pki/tls +KEY=$(TLSROOT)/private/localhost.key +CSR=$(TLSROOT)/certs/localhost.csr +CRT=$(TLSROOT)/certs/localhost.crt + +genkey: $(KEY) +certreq: $(CSR) +testcert: $(CRT) + +$(CSR): $(KEY) + umask 77 ; \ + /usr/bin/openssl req $(UTF8) -new -key $(KEY) -out $(CSR) + +$(CRT): $(KEY) + umask 77 ; \ + /usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days $(DAYS) -out $(CRT) $(EXTRA_FLAGS) diff --git a/README.FIPS b/README.FIPS new file mode 100644 index 0000000..a36c547 --- /dev/null +++ b/README.FIPS @@ -0,0 +1,72 @@ +User guide for the FIPS Red Hat Enterprise Linux - OpenSSL Module +================================================================= + +This package contains libraries which comprise the FIPS 140-2 +Red Hat Enterprise Linux - OPENSSL Module. + +The module files +================ +/usr/lib[64]/libcrypto.so.1.1.0 +/usr/lib[64]/libssl.so.1.1.0 +/usr/lib[64]/.libcrypto.so.1.1.0.hmac +/usr/lib[64]/.libssl.so.1.1.0.hmac + +Dependencies +============ + +The approved mode of operation requires kernel with /dev/urandom RNG running +with properties as defined in the security policy of the module. This is +provided by kernel packages with validated Red Hat Enterprise Linux Kernel +Crytographic Module. + +Installation +============ + +The RPM package of the module can be installed by standard tools recommended +for installation of RPM packages on the Red Hat Enterprise Linux system (yum, +rpm, RHN remote management tool). + +The RPM package dracut-fips must be installed for the approved mode of +operation. + +Usage and API +============= + +The module respects kernel command line FIPS setting. If the kernel command +line contains option fips=1 the module will initialize in the FIPS approved +mode of operation automatically. To allow for the automatic initialization the +application using the module has to call one of the following API calls: + +- void OPENSSL_init_library(void) - this will do only a basic initialization +of the library and does initialization of the FIPS approved mode without setting +up EVP API with supported algorithms. + +- void OPENSSL_add_all_algorithms(void) - this API function calls +OPENSSL_init() implicitly and also adds all approved algorithms to the EVP API +in the approved mode + +- void SSL_library_init(void) - it calls OPENSSL_init() implicitly and also +adds algorithms which are necessary for TLS protocol support and initializes +the SSL library. + +To explicitely put the library to the approved mode the application can call +the following function: + +- int FIPS_mode_set(int on) - if called with 1 as a parameter it will switch +the library from the non-approved to the approved mode. If any of the selftests +and integrity verification tests fail, the library is put into the error state +and 0 is returned. If they succeed the return value is 1. + +To query the module whether it is in the approved mode or not: + +- int FIPS_mode(void) - returns 1 if the module is in the approved mode, +0 otherwise. + +To query whether the module is in the error state: + +- int FIPS_selftest_failed(void) - returns 1 if the module is in the error +state, 0 otherwise. + +To zeroize the FIPS RNG key and internal state the application calls: + +- void RAND_cleanup(void) diff --git a/ec_curve.c b/ec_curve.c new file mode 100644 index 0000000..9171ed4 --- /dev/null +++ b/ec_curve.c @@ -0,0 +1,582 @@ +/* + * Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include "ec_local.h" +#include +#include +#include +#include "internal/nelem.h" + +typedef struct { + int field_type, /* either NID_X9_62_prime_field or + * NID_X9_62_characteristic_two_field */ + seed_len, param_len; + unsigned int cofactor; /* promoted to BN_ULONG */ +} EC_CURVE_DATA; + +/* the nist prime curves */ +static const struct { + EC_CURVE_DATA h; + unsigned char data[20 + 28 * 6]; +} _EC_NIST_PRIME_224 = { + { + NID_X9_62_prime_field, 20, 28, 1 + }, + { + /* seed */ + 0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45, 0xB5, 0x9F, + 0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5, + /* p */ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01, + /* a */ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, + /* b */ + 0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56, + 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43, + 0x23, 0x55, 0xFF, 0xB4, + /* x */ + 0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9, + 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6, + 0x11, 0x5C, 0x1D, 0x21, + /* y */ + 0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6, + 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99, + 0x85, 0x00, 0x7e, 0x34, + /* order */ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45, + 0x5C, 0x5C, 0x2A, 0x3D + } +}; + +static const struct { + EC_CURVE_DATA h; + unsigned char data[20 + 48 * 6]; +} _EC_NIST_PRIME_384 = { + { + NID_X9_62_prime_field, 20, 48, 1 + }, + { + /* seed */ + 0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00, 0x89, 0x6A, + 0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73, + /* p */ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + /* a */ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC, + /* b */ + 0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E, 0x05, 0x6B, + 0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12, + 0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D, + 0x8A, 0x2E, 0xD1, 0x9D, 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF, + /* x */ + 0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E, + 0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98, + 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D, + 0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7, + /* y */ + 0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, 0x98, 0xbf, + 0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c, + 0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce, + 0x1d, 0x7e, 0x81, 0x9d, 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f, + /* order */ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2, + 0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73 + } +}; + +static const struct { + EC_CURVE_DATA h; + unsigned char data[20 + 66 * 6]; +} _EC_NIST_PRIME_521 = { + { + NID_X9_62_prime_field, 20, 66, 1 + }, + { + /* seed */ + 0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC, 0x67, 0x17, + 0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA, + /* p */ + 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + /* a */ + 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, + /* b */ + 0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F, 0x92, 0x9A, + 0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3, + 0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19, + 0x39, 0x51, 0xEC, 0x7E, 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1, + 0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45, + 0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00, + /* x */ + 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E, + 0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F, + 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B, + 0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF, + 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E, + 0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66, + /* y */ + 0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a, + 0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b, + 0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee, + 0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad, + 0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe, + 0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50, + /* order */ + 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86, + 0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09, + 0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F, + 0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09 + } +}; + +static const struct { + EC_CURVE_DATA h; + unsigned char data[20 + 32 * 6]; +} _EC_X9_62_PRIME_256V1 = { + { + NID_X9_62_prime_field, 20, 32, 1 + }, + { + /* seed */ + 0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66, 0x78, 0xE1, + 0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90, + /* p */ + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + /* a */ + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, + /* b */ + 0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55, + 0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6, + 0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B, + /* x */ + 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5, + 0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, + 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96, + /* y */ + 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a, + 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce, + 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5, + /* order */ + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, + 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51 + } +}; + +static const struct { + EC_CURVE_DATA h; + unsigned char data[0 + 32 * 6]; +} _EC_SECG_PRIME_256K1 = { + { + NID_X9_62_prime_field, 0, 32, 1 + }, + { + /* no seed */ + /* p */ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F, + /* a */ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + /* b */ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, + /* x */ + 0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, 0x55, 0xA0, 0x62, 0x95, + 0xCE, 0x87, 0x0B, 0x07, 0x02, 0x9B, 0xFC, 0xDB, 0x2D, 0xCE, 0x28, 0xD9, + 0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8, 0x17, 0x98, + /* y */ + 0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc, + 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19, + 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8, + /* order */ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B, + 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41 + } +}; + +typedef struct _ec_list_element_st { + int nid; + const EC_CURVE_DATA *data; + const EC_METHOD *(*meth) (void); + const char *comment; +} ec_list_element; + +static const ec_list_element curve_list[] = { + /* prime field curves */ + /* secg curves */ +#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 + {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, + "NIST/SECG curve over a 224 bit prime field"}, +#else + {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, + "NIST/SECG curve over a 224 bit prime field"}, +#endif + {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, + "SECG curve over a 256 bit prime field"}, + /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ + {NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, + "NIST/SECG curve over a 384 bit prime field"}, +#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 + {NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method, + "NIST/SECG curve over a 521 bit prime field"}, +#else + {NID_secp521r1, &_EC_NIST_PRIME_521.h, 0, + "NIST/SECG curve over a 521 bit prime field"}, +#endif + /* X9.62 curves */ + {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, +#if defined(ECP_NISTZ256_ASM) + EC_GFp_nistz256_method, +#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) + EC_GFp_nistp256_method, +#else + 0, +#endif + "X9.62/SECG curve over a 256 bit prime field"}, +}; + +#define curve_list_length OSSL_NELEM(curve_list) + +static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) +{ + EC_GROUP *group = NULL; + EC_POINT *P = NULL; + BN_CTX *ctx = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order = + NULL; + int ok = 0; + int seed_len, param_len; + const EC_METHOD *meth; + const EC_CURVE_DATA *data; + const unsigned char *params; + + /* If no curve data curve method must handle everything */ + if (curve.data == NULL) + return EC_GROUP_new(curve.meth != NULL ? curve.meth() : NULL); + + if ((ctx = BN_CTX_new()) == NULL) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE); + goto err; + } + + data = curve.data; + seed_len = data->seed_len; + param_len = data->param_len; + params = (const unsigned char *)(data + 1); /* skip header */ + params += seed_len; /* skip seed */ + + if ((p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) == NULL + || (a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) == NULL + || (b = BN_bin2bn(params + 2 * param_len, param_len, NULL)) == NULL) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); + goto err; + } + + if (curve.meth != 0) { + meth = curve.meth(); + if (((group = EC_GROUP_new(meth)) == NULL) || + (!(group->meth->group_set_curve(group, p, a, b, ctx)))) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + goto err; + } + } else if (data->field_type == NID_X9_62_prime_field) { + if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + goto err; + } + } +#ifndef OPENSSL_NO_EC2M + else { /* field_type == + * NID_X9_62_characteristic_two_field */ + + if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + goto err; + } + } +#endif + + EC_GROUP_set_curve_name(group, curve.nid); + + if ((P = EC_POINT_new(group)) == NULL) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + goto err; + } + + if ((x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) == NULL + || (y = BN_bin2bn(params + 4 * param_len, param_len, NULL)) == NULL) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); + goto err; + } + if (!EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + goto err; + } + if ((order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) == NULL + || !BN_set_word(x, (BN_ULONG)data->cofactor)) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); + goto err; + } + if (!EC_GROUP_set_generator(group, P, order, x)) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + goto err; + } + if (seed_len) { + if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) { + ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + goto err; + } + } + ok = 1; + err: + if (!ok) { + EC_GROUP_free(group); + group = NULL; + } + EC_POINT_free(P); + BN_CTX_free(ctx); + BN_free(p); + BN_free(a); + BN_free(b); + BN_free(order); + BN_free(x); + BN_free(y); + return group; +} + +EC_GROUP *EC_GROUP_new_by_curve_name(int nid) +{ + size_t i; + EC_GROUP *ret = NULL; + + if (nid <= 0) + return NULL; + + for (i = 0; i < curve_list_length; i++) + if (curve_list[i].nid == nid) { + ret = ec_group_new_from_data(curve_list[i]); + break; + } + + if (ret == NULL) { + ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP); + return NULL; + } + + return ret; +} + +size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems) +{ + size_t i, min; + + if (r == NULL || nitems == 0) + return curve_list_length; + + min = nitems < curve_list_length ? nitems : curve_list_length; + + for (i = 0; i < min; i++) { + r[i].nid = curve_list[i].nid; + r[i].comment = curve_list[i].comment; + } + + return curve_list_length; +} + +/* Functions to translate between common NIST curve names and NIDs */ + +typedef struct { + const char *name; /* NIST Name of curve */ + int nid; /* Curve NID */ +} EC_NIST_NAME; + +static EC_NIST_NAME nist_curves[] = { + {"B-163", NID_sect163r2}, + {"B-233", NID_sect233r1}, + {"B-283", NID_sect283r1}, + {"B-409", NID_sect409r1}, + {"B-571", NID_sect571r1}, + {"K-163", NID_sect163k1}, + {"K-233", NID_sect233k1}, + {"K-283", NID_sect283k1}, + {"K-409", NID_sect409k1}, + {"K-571", NID_sect571k1}, + {"P-192", NID_X9_62_prime192v1}, + {"P-224", NID_secp224r1}, + {"P-256", NID_X9_62_prime256v1}, + {"P-384", NID_secp384r1}, + {"P-521", NID_secp521r1} +}; + +const char *EC_curve_nid2nist(int nid) +{ + size_t i; + for (i = 0; i < OSSL_NELEM(nist_curves); i++) { + if (nist_curves[i].nid == nid) + return nist_curves[i].name; + } + return NULL; +} + +int EC_curve_nist2nid(const char *name) +{ + size_t i; + for (i = 0; i < OSSL_NELEM(nist_curves); i++) { + if (strcmp(nist_curves[i].name, name) == 0) + return nist_curves[i].nid; + } + return NID_undef; +} + +#define NUM_BN_FIELDS 6 +/* + * Validates EC domain parameter data for known named curves. + * This can be used when a curve is loaded explicitly (without a curve + * name) or to validate that domain parameters have not been modified. + * + * Returns: The nid associated with the found named curve, or NID_undef + * if not found. If there was an error it returns -1. + */ +int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx) +{ + int ret = -1, nid, len, field_type, param_len; + size_t i, seed_len; + const unsigned char *seed, *params_seed, *params; + unsigned char *param_bytes = NULL; + const EC_CURVE_DATA *data; + const EC_POINT *generator = NULL; + const EC_METHOD *meth; + const BIGNUM *cofactor = NULL; + /* An array of BIGNUMs for (p, a, b, x, y, order) */ + BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL}; + + meth = EC_GROUP_method_of(group); + if (meth == NULL) + return -1; + /* Use the optional named curve nid as a search field */ + nid = EC_GROUP_get_curve_name(group); + field_type = EC_METHOD_get_field_type(meth); + seed_len = EC_GROUP_get_seed_len(group); + seed = EC_GROUP_get0_seed(group); + cofactor = EC_GROUP_get0_cofactor(group); + + BN_CTX_start(ctx); + + /* + * The built-in curves contains data fields (p, a, b, x, y, order) that are + * all zero-padded to be the same size. The size of the padding is + * determined by either the number of bytes in the field modulus (p) or the + * EC group order, whichever is larger. + */ + param_len = BN_num_bytes(group->order); + len = BN_num_bytes(group->field); + if (len > param_len) + param_len = len; + + /* Allocate space to store the padded data for (p, a, b, x, y, order) */ + param_bytes = OPENSSL_malloc(param_len * NUM_BN_FIELDS); + if (param_bytes == NULL) + goto end; + + /* Create the bignums */ + for (i = 0; i < NUM_BN_FIELDS; ++i) { + if ((bn[i] = BN_CTX_get(ctx)) == NULL) + goto end; + } + /* + * Fill in the bn array with the same values as the internal curves + * i.e. the values are p, a, b, x, y, order. + */ + /* Get p, a & b */ + if (!(EC_GROUP_get_curve(group, bn[0], bn[1], bn[2], ctx) + && ((generator = EC_GROUP_get0_generator(group)) != NULL) + /* Get x & y */ + && EC_POINT_get_affine_coordinates(group, generator, bn[3], bn[4], ctx) + /* Get order */ + && EC_GROUP_get_order(group, bn[5], ctx))) + goto end; + + /* + * Convert the bignum array to bytes that are joined together to form + * a single buffer that contains data for all fields. + * (p, a, b, x, y, order) are all zero padded to be the same size. + */ + for (i = 0; i < NUM_BN_FIELDS; ++i) { + if (BN_bn2binpad(bn[i], ¶m_bytes[i*param_len], param_len) <= 0) + goto end; + } + + for (i = 0; i < curve_list_length; i++) { + const ec_list_element curve = curve_list[i]; + + data = curve.data; + /* Get the raw order byte data */ + params_seed = (const unsigned char *)(data + 1); /* skip header */ + params = params_seed + data->seed_len; + + /* Look for unique fields in the fixed curve data */ + if (data->field_type == field_type + && param_len == data->param_len + && (nid <= 0 || nid == curve.nid) + /* check the optional cofactor (ignore if its zero) */ + && (BN_is_zero(cofactor) + || BN_is_word(cofactor, (const BN_ULONG)curve.data->cofactor)) + /* Check the optional seed (ignore if its not set) */ + && (data->seed_len == 0 || seed_len == 0 + || ((size_t)data->seed_len == seed_len + && memcmp(params_seed, seed, seed_len) == 0)) + /* Check that the groups params match the built-in curve params */ + && memcmp(param_bytes, params, param_len * NUM_BN_FIELDS) + == 0) { + ret = curve.nid; + goto end; + } + } + /* Gets here if the group was not found */ + ret = NID_undef; +end: + OPENSSL_free(param_bytes); + BN_CTX_end(ctx); + return ret; +} diff --git a/ectest.c b/ectest.c new file mode 100644 index 0000000..c16642e --- /dev/null +++ b/ectest.c @@ -0,0 +1,1464 @@ +/* + * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "internal/nelem.h" +#include "testutil.h" + +#ifndef OPENSSL_NO_EC +# include +# ifndef OPENSSL_NO_ENGINE +# include +# endif +# include +# include +# include +# include +# include +# include + +static size_t crv_len = 0; +static EC_builtin_curve *curves = NULL; + +/* test multiplication with group order, long and negative scalars */ +static int group_order_tests(EC_GROUP *group) +{ + BIGNUM *n1 = NULL, *n2 = NULL, *order = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL, *S = NULL; + const EC_POINT *G = NULL; + BN_CTX *ctx = NULL; + int i = 0, r = 0; + + if (!TEST_ptr(n1 = BN_new()) + || !TEST_ptr(n2 = BN_new()) + || !TEST_ptr(order = BN_new()) + || !TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(G = EC_GROUP_get0_generator(group)) + || !TEST_ptr(P = EC_POINT_new(group)) + || !TEST_ptr(Q = EC_POINT_new(group)) + || !TEST_ptr(R = EC_POINT_new(group)) + || !TEST_ptr(S = EC_POINT_new(group))) + goto err; + + if (!TEST_true(EC_GROUP_get_order(group, order, ctx)) + || !TEST_true(EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, Q)) + || !TEST_true(EC_GROUP_precompute_mult(group, ctx)) + || !TEST_true(EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, Q)) + || !TEST_true(EC_POINT_copy(P, G)) + || !TEST_true(BN_one(n1)) + || !TEST_true(EC_POINT_mul(group, Q, n1, NULL, NULL, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) + || !TEST_true(BN_sub(n1, order, n1)) + || !TEST_true(EC_POINT_mul(group, Q, n1, NULL, NULL, ctx)) + || !TEST_true(EC_POINT_invert(group, Q, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx))) + goto err; + + for (i = 1; i <= 2; i++) { + const BIGNUM *scalars[6]; + const EC_POINT *points[6]; + + if (!TEST_true(BN_set_word(n1, i)) + /* + * If i == 1, P will be the predefined generator for which + * EC_GROUP_precompute_mult has set up precomputation. + */ + || !TEST_true(EC_POINT_mul(group, P, n1, NULL, NULL, ctx)) + || (i == 1 && !TEST_int_eq(0, EC_POINT_cmp(group, P, G, ctx))) + || !TEST_true(BN_one(n1)) + /* n1 = 1 - order */ + || !TEST_true(BN_sub(n1, n1, order)) + || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n1, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) + + /* n2 = 1 + order */ + || !TEST_true(BN_add(n2, order, BN_value_one())) + || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) + + /* n2 = (1 - order) * (1 + order) = 1 - order^2 */ + || !TEST_true(BN_mul(n2, n1, n2, ctx)) + || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx))) + goto err; + + /* n2 = order^2 - 1 */ + BN_set_negative(n2, 0); + if (!TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) + /* Add P to verify the result. */ + || !TEST_true(EC_POINT_add(group, Q, Q, P, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, Q)) + + /* Exercise EC_POINTs_mul, including corner cases. */ + || !TEST_false(EC_POINT_is_at_infinity(group, P))) + goto err; + + scalars[0] = scalars[1] = BN_value_one(); + points[0] = points[1] = P; + + if (!TEST_true(EC_POINTs_mul(group, R, NULL, 2, points, scalars, ctx)) + || !TEST_true(EC_POINT_dbl(group, S, points[0], ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, R, S, ctx))) + goto err; + + scalars[0] = n1; + points[0] = Q; /* => infinity */ + scalars[1] = n2; + points[1] = P; /* => -P */ + scalars[2] = n1; + points[2] = Q; /* => infinity */ + scalars[3] = n2; + points[3] = Q; /* => infinity */ + scalars[4] = n1; + points[4] = P; /* => P */ + scalars[5] = n2; + points[5] = Q; /* => infinity */ + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err; + } + + r = 1; +err: + if (r == 0 && i != 0) + TEST_info(i == 1 ? "allowing precomputation" : + "without precomputation"); + EC_POINT_free(P); + EC_POINT_free(Q); + EC_POINT_free(R); + EC_POINT_free(S); + BN_free(n1); + BN_free(n2); + BN_free(order); + BN_CTX_free(ctx); + return r; +} + +static int prime_field_tests(void) +{ + BN_CTX *ctx = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL, *scalar3 = NULL; + EC_GROUP *group = NULL, *tmp = NULL; + EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, + *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL; + BIGNUM *x = NULL, *y = NULL, *z = NULL, *yplusone = NULL; + const EC_POINT *points[4]; + const BIGNUM *scalars[4]; + unsigned char buf[100]; + size_t len, r = 0; + int k; + + if (!TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + /* + * applications should use EC_GROUP_new_curve_GFp so + * that the library gets to choose the EC_METHOD + */ + || !TEST_ptr(group = EC_GROUP_new(EC_GFp_mont_method())) + || !TEST_ptr(tmp = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(tmp, group))) + goto err; + EC_GROUP_free(group); + group = tmp; + tmp = NULL; + + buf[0] = 0; + if (!TEST_ptr(P = EC_POINT_new(group)) + || !TEST_ptr(Q = EC_POINT_new(group)) + || !TEST_ptr(R = EC_POINT_new(group)) + || !TEST_ptr(x = BN_new()) + || !TEST_ptr(y = BN_new()) + || !TEST_ptr(z = BN_new()) + || !TEST_ptr(yplusone = BN_new())) + goto err; + + /* Curve P-224 (FIPS PUB 186-2, App. 6) */ + + if (!TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFF000000000000000000000001")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) + || !TEST_true(BN_hex2bn(&b, "B4050A850C04B3ABF5413256" + "5044B0B7D7BFD8BA270B39432355FFB4")) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + || !TEST_true(BN_hex2bn(&x, "B70E0CBD6BB4BF7F321390B9" + "4A03C1D356C21122343280D6115C1D21")) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 0, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF" + "FFFF16A2E0B8F03E13DD29455C5C2A3D")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + + TEST_info("NIST curve P-224 -- Generator"); + test_output_bignum("x", x); + test_output_bignum("y", y); + /* G_y value taken from the standard: */ + if (!TEST_true(BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6" + "CD4375A05A07476444D5819985007E34")) + || !TEST_BN_eq(y, z) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, + ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 224) + || !group_order_tests(group) + || !TEST_ptr(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_224, group)) + + /* Curve P-256 (FIPS PUB 186-2, App. 6) */ + + || !TEST_true(BN_hex2bn(&p, "FFFFFFFF000000010000000000000000" + "00000000FFFFFFFFFFFFFFFFFFFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFF000000010000000000000000" + "00000000FFFFFFFFFFFFFFFFFFFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC" + "651D06B0CC53B0F63BCE3C3E27D2604B")) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + + || !TEST_true(BN_hex2bn(&x, "6B17D1F2E12C4247F8BCE6E563A440F2" + "77037D812DEB33A0F4A13945D898C296")) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 1, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFF" + "BCE6FAADA7179E84F3B9CAC2FC632551")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + + TEST_info("NIST curve P-256 -- Generator"); + test_output_bignum("x", x); + test_output_bignum("y", y); + /* G_y value taken from the standard: */ + if (!TEST_true(BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E16" + "2BCE33576B315ECECBB6406837BF51F5")) + || !TEST_BN_eq(y, z) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, + ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 256) + || !group_order_tests(group) + || !TEST_ptr(P_256 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_256, group)) + + /* Curve P-384 (FIPS PUB 186-2, App. 6) */ + + || !TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" + "FFFFFFFF0000000000000000FFFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" + "FFFFFFFF0000000000000000FFFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19" + "181D9C6EFE8141120314088F5013875A" + "C656398D8A2ED19D2A85C8EDD3EC2AEF")) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + + || !TEST_true(BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD74" + "6E1D3B628BA79B9859F741E082542A38" + "5502F25DBF55296C3A545E3872760AB7")) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 1, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFC7634D81F4372DDF" + "581A0DB248B0A77AECEC196ACCC52973")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + + TEST_info("NIST curve P-384 -- Generator"); + test_output_bignum("x", x); + test_output_bignum("y", y); + /* G_y value taken from the standard: */ + if (!TEST_true(BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29" + "F8F41DBD289A147CE9DA3113B5F0B8C0" + "0A60B1CE1D7E819D7A431D7C90EA0E5F")) + || !TEST_BN_eq(y, z) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, + ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 384) + || !group_order_tests(group) + || !TEST_ptr(P_384 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_384, group)) + + /* Curve P-521 (FIPS PUB 186-2, App. 6) */ + || !TEST_true(BN_hex2bn(&p, "1FF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "1FF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "051" + "953EB9618E1C9A1F929A21A0B68540EE" + "A2DA725B99B315F3B8B489918EF109E1" + "56193951EC7E937B1652C0BD3BB1BF07" + "3573DF883D2C34F1EF451FD46B503F00")) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + || !TEST_true(BN_hex2bn(&x, "C6" + "858E06B70404E9CD9E3ECB662395B442" + "9C648139053FB521F828AF606B4D3DBA" + "A14B5E77EFE75928FE1DC127A2FFA8DE" + "3348B3C1856A429BF97E7E31C2E5BD66")) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 0, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "1FF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA" + "51868783BF2F966B7FCC0148F709A5D0" + "3BB5C9B8899C47AEBB6FB71E91386409")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + + TEST_info("NIST curve P-521 -- Generator"); + test_output_bignum("x", x); + test_output_bignum("y", y); + /* G_y value taken from the standard: */ + if (!TEST_true(BN_hex2bn(&z, "118" + "39296A789A3BC0045C8A5FB42C7D1BD9" + "98F54449579B446817AFBD17273E662C" + "97EE72995EF42640C550B9013FAD0761" + "353C7086A272C24088BE94769FD16650")) + || !TEST_BN_eq(y, z) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, + ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 521) + || !group_order_tests(group) + || !TEST_ptr(P_521 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_521, group)) + + /* more tests using the last curve */ + + /* Restore the point that got mangled in the (x, y + 1) test. */ + || !TEST_true(EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) + || !TEST_true(EC_POINT_copy(Q, P)) + || !TEST_false(EC_POINT_is_at_infinity(group, Q)) + || !TEST_true(EC_POINT_dbl(group, P, P, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(EC_POINT_invert(group, Q, ctx)) /* P = -2Q */ + || !TEST_true(EC_POINT_add(group, R, P, Q, ctx)) + || !TEST_true(EC_POINT_add(group, R, R, Q, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, R)) /* R = P + 2Q */ + || !TEST_false(EC_POINT_is_at_infinity(group, Q))) + goto err; + points[0] = Q; + points[1] = Q; + points[2] = Q; + points[3] = Q; + + if (!TEST_true(EC_GROUP_get_order(group, z, ctx)) + || !TEST_true(BN_add(y, z, BN_value_one())) + || !TEST_BN_even(y) + || !TEST_true(BN_rshift1(y, y))) + goto err; + scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */ + scalars[1] = y; + + TEST_note("combined multiplication ..."); + + /* z is still the group order */ + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) + || !TEST_true(EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, R, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, R, Q, ctx)) + || !TEST_true(BN_rand(y, BN_num_bits(y), 0, 0)) + || !TEST_true(BN_add(z, z, y))) + goto err; + BN_set_negative(z, 1); + scalars[0] = y; + scalars[1] = z; /* z = -(order + y) */ + + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P)) + || !TEST_true(BN_rand(x, BN_num_bits(y) - 1, 0, 0)) + || !TEST_true(BN_add(z, x, y))) + goto err; + BN_set_negative(z, 1); + scalars[0] = x; + scalars[1] = y; + scalars[2] = z; /* z = -(x+y) */ + + if (!TEST_ptr(scalar3 = BN_new())) + goto err; + BN_zero(scalar3); + scalars[3] = scalar3; + + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err; + + TEST_note(" ok\n"); + + + r = 1; +err: + BN_CTX_free(ctx); + BN_free(p); + BN_free(a); + BN_free(b); + EC_GROUP_free(group); + EC_GROUP_free(tmp); + EC_POINT_free(P); + EC_POINT_free(Q); + EC_POINT_free(R); + BN_free(x); + BN_free(y); + BN_free(z); + BN_free(yplusone); + BN_free(scalar3); + + EC_GROUP_free(P_224); + EC_GROUP_free(P_256); + EC_GROUP_free(P_384); + EC_GROUP_free(P_521); + return r; +} + +static int internal_curve_test(int n) +{ + EC_GROUP *group = NULL; + int nid = curves[n].nid; + + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))) { + TEST_info("EC_GROUP_new_curve_name() failed with curve %s\n", + OBJ_nid2sn(nid)); + return 0; + } + if (!TEST_true(EC_GROUP_check(group, NULL))) { + TEST_info("EC_GROUP_check() failed with curve %s\n", OBJ_nid2sn(nid)); + EC_GROUP_free(group); + return 0; + } + EC_GROUP_free(group); + return 1; +} + +static int internal_curve_test_method(int n) +{ + int r, nid = curves[n].nid; + EC_GROUP *group; + + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))) { + TEST_info("Curve %s failed\n", OBJ_nid2sn(nid)); + return 0; + } + r = group_order_tests(group); + EC_GROUP_free(group); + return r; +} + +# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +/* + * nistp_test_params contains magic numbers for testing our optimized + * implementations of several NIST curves with characteristic > 3. + */ +struct nistp_test_params { + const EC_METHOD *(*meth) (void); + int degree; + /* + * Qx, Qy and D are taken from + * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf + * Otherwise, values are standard curve parameters from FIPS 180-3 + */ + const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d; +}; + +static const struct nistp_test_params nistp_tests_params[] = { + { + /* P-224 */ + EC_GFp_nistp224_method, + 224, + /* p */ + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", + /* a */ + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", + /* b */ + "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", + /* Qx */ + "E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E", + /* Qy */ + "4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555", + /* Gx */ + "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", + /* Gy */ + "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", + /* order */ + "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", + /* d */ + "3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8", + }, + { + /* P-256 */ + EC_GFp_nistp256_method, + 256, + /* p */ + "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + /* a */ + "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc", + /* b */ + "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", + /* Qx */ + "b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19", + /* Qy */ + "3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09", + /* Gx */ + "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", + /* Gy */ + "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", + /* order */ + "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + /* d */ + "c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96", + }, + { + /* P-521 */ + EC_GFp_nistp521_method, + 521, + /* p */ + "1ff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", + /* a */ + "1ff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc", + /* b */ + "051" + "953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e1" + "56193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00", + /* Qx */ + "0098" + "e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e" + "59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4", + /* Qy */ + "0164" + "350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8" + "554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e", + /* Gx */ + "c6" + "858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dba" + "a14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", + /* Gy */ + "118" + "39296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c" + "97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", + /* order */ + "1ff" + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa" + "51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409", + /* d */ + "0100" + "085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eee" + "df09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722", + }, +}; + +static int nistp_single_test(int idx) +{ + const struct nistp_test_params *test = nistp_tests_params + idx; + BN_CTX *ctx = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; + BIGNUM *n = NULL, *m = NULL, *order = NULL, *yplusone = NULL; + EC_GROUP *NISTP = NULL; + EC_POINT *G = NULL, *P = NULL, *Q = NULL, *Q_CHECK = NULL; + int r = 0; + + TEST_note("NIST curve P-%d (optimised implementation):", + test->degree); + if (!TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(x = BN_new()) + || !TEST_ptr(y = BN_new()) + || !TEST_ptr(m = BN_new()) + || !TEST_ptr(n = BN_new()) + || !TEST_ptr(order = BN_new()) + || !TEST_ptr(yplusone = BN_new()) + + || !TEST_ptr(NISTP = EC_GROUP_new(test->meth())) + || !TEST_true(BN_hex2bn(&p, test->p)) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, test->a)) + || !TEST_true(BN_hex2bn(&b, test->b)) + || !TEST_true(EC_GROUP_set_curve(NISTP, p, a, b, ctx)) + || !TEST_ptr(G = EC_POINT_new(NISTP)) + || !TEST_ptr(P = EC_POINT_new(NISTP)) + || !TEST_ptr(Q = EC_POINT_new(NISTP)) + || !TEST_ptr(Q_CHECK = EC_POINT_new(NISTP)) + || !TEST_true(BN_hex2bn(&x, test->Qx)) + || !TEST_true(BN_hex2bn(&y, test->Qy)) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + || !TEST_false(EC_POINT_set_affine_coordinates(NISTP, Q_CHECK, x, + yplusone, ctx)) + || !TEST_true(EC_POINT_set_affine_coordinates(NISTP, Q_CHECK, x, y, + ctx)) + || !TEST_true(BN_hex2bn(&x, test->Gx)) + || !TEST_true(BN_hex2bn(&y, test->Gy)) + || !TEST_true(EC_POINT_set_affine_coordinates(NISTP, G, x, y, ctx)) + || !TEST_true(BN_hex2bn(&order, test->order)) + || !TEST_true(EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) + || !TEST_int_eq(EC_GROUP_get_degree(NISTP), test->degree)) + goto err; + + TEST_note("NIST test vectors ... "); + if (!TEST_true(BN_hex2bn(&n, test->d))) + goto err; + /* fixed point multiplication */ + EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx); + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) + goto err; + /* random point multiplication */ + EC_POINT_mul(NISTP, Q, NULL, G, n, ctx); + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) + + /* set generator to P = 2*G, where G is the standard generator */ + || !TEST_true(EC_POINT_dbl(NISTP, P, G, ctx)) + || !TEST_true(EC_GROUP_set_generator(NISTP, P, order, BN_value_one())) + /* set the scalar to m=n/2, where n is the NIST test scalar */ + || !TEST_true(BN_rshift(m, n, 1))) + goto err; + + /* test the non-standard generator */ + /* fixed point multiplication */ + EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx); + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) + goto err; + /* random point multiplication */ + EC_POINT_mul(NISTP, Q, NULL, P, m, ctx); + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) + + /* + * We have not performed precomputation so have_precompute mult should be + * false + */ + || !TEST_false(EC_GROUP_have_precompute_mult(NISTP)) + + /* now repeat all tests with precomputation */ + || !TEST_true(EC_GROUP_precompute_mult(NISTP, ctx)) + || !TEST_true(EC_GROUP_have_precompute_mult(NISTP))) + goto err; + + /* fixed point multiplication */ + EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx); + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) + goto err; + /* random point multiplication */ + EC_POINT_mul(NISTP, Q, NULL, P, m, ctx); + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) + + /* reset generator */ + || !TEST_true(EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))) + goto err; + /* fixed point multiplication */ + EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx); + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) + goto err; + /* random point multiplication */ + EC_POINT_mul(NISTP, Q, NULL, G, n, ctx); + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) + goto err; + + /* regression test for felem_neg bug */ + if (!TEST_true(BN_set_word(m, 32)) + || !TEST_true(BN_set_word(n, 31)) + || !TEST_true(EC_POINT_copy(P, G)) + || !TEST_true(EC_POINT_invert(NISTP, P, ctx)) + || !TEST_true(EC_POINT_mul(NISTP, Q, m, P, n, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, G, ctx))) + goto err; + + r = group_order_tests(NISTP); +err: + EC_GROUP_free(NISTP); + EC_POINT_free(G); + EC_POINT_free(P); + EC_POINT_free(Q); + EC_POINT_free(Q_CHECK); + BN_free(n); + BN_free(m); + BN_free(p); + BN_free(a); + BN_free(b); + BN_free(x); + BN_free(y); + BN_free(order); + BN_free(yplusone); + BN_CTX_free(ctx); + return r; +} + +/* + * Tests a point known to cause an incorrect underflow in an old version of + * ecp_nist521.c + */ +static int underflow_test(void) +{ + BN_CTX *ctx = NULL; + EC_GROUP *grp = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL; + BIGNUM *x1 = NULL, *y1 = NULL, *z1 = NULL, *x2 = NULL, *y2 = NULL; + BIGNUM *k = NULL; + int testresult = 0; + const char *x1str = + "1534f0077fffffe87e9adcfe000000000000000000003e05a21d2400002e031b1f4" + "b80000c6fafa4f3c1288798d624a247b5e2ffffffffffffffefe099241900004"; + const char *p521m1 = + "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe"; + + ctx = BN_CTX_new(); + if (!TEST_ptr(ctx)) + return 0; + + BN_CTX_start(ctx); + x1 = BN_CTX_get(ctx); + y1 = BN_CTX_get(ctx); + z1 = BN_CTX_get(ctx); + x2 = BN_CTX_get(ctx); + y2 = BN_CTX_get(ctx); + k = BN_CTX_get(ctx); + if (!TEST_ptr(k)) + goto err; + + grp = EC_GROUP_new_by_curve_name(NID_secp521r1); + P = EC_POINT_new(grp); + Q = EC_POINT_new(grp); + R = EC_POINT_new(grp); + if (!TEST_ptr(grp) || !TEST_ptr(P) || !TEST_ptr(Q) || !TEST_ptr(R)) + goto err; + + if (!TEST_int_gt(BN_hex2bn(&x1, x1str), 0) + || !TEST_int_gt(BN_hex2bn(&y1, p521m1), 0) + || !TEST_int_gt(BN_hex2bn(&z1, p521m1), 0) + || !TEST_int_gt(BN_hex2bn(&k, "02"), 0) + || !TEST_true(EC_POINT_set_Jprojective_coordinates_GFp(grp, P, x1, + y1, z1, ctx)) + || !TEST_true(EC_POINT_mul(grp, Q, NULL, P, k, ctx)) + || !TEST_true(EC_POINT_get_affine_coordinates(grp, Q, x1, y1, ctx)) + || !TEST_true(EC_POINT_dbl(grp, R, P, ctx)) + || !TEST_true(EC_POINT_get_affine_coordinates(grp, R, x2, y2, ctx))) + goto err; + + if (!TEST_int_eq(BN_cmp(x1, x2), 0) + || !TEST_int_eq(BN_cmp(y1, y2), 0)) + goto err; + + testresult = 1; + + err: + BN_CTX_end(ctx); + EC_POINT_free(P); + EC_POINT_free(Q); + EC_POINT_free(R); + EC_GROUP_free(grp); + BN_CTX_free(ctx); + + return testresult; +} +# endif + +static const unsigned char p521_named[] = { + 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23, +}; + +static const unsigned char p521_explicit[] = { + 0x30, 0x82, 0x01, 0xc3, 0x02, 0x01, 0x01, 0x30, 0x4d, 0x06, 0x07, 0x2a, + 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x42, 0x01, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0x30, 0x81, 0x9f, 0x04, 0x42, 0x01, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xfc, 0x04, 0x42, 0x00, 0x51, 0x95, 0x3e, 0xb9, 0x61, 0x8e, 0x1c, 0x9a, + 0x1f, 0x92, 0x9a, 0x21, 0xa0, 0xb6, 0x85, 0x40, 0xee, 0xa2, 0xda, 0x72, + 0x5b, 0x99, 0xb3, 0x15, 0xf3, 0xb8, 0xb4, 0x89, 0x91, 0x8e, 0xf1, 0x09, + 0xe1, 0x56, 0x19, 0x39, 0x51, 0xec, 0x7e, 0x93, 0x7b, 0x16, 0x52, 0xc0, + 0xbd, 0x3b, 0xb1, 0xbf, 0x07, 0x35, 0x73, 0xdf, 0x88, 0x3d, 0x2c, 0x34, + 0xf1, 0xef, 0x45, 0x1f, 0xd4, 0x6b, 0x50, 0x3f, 0x00, 0x03, 0x15, 0x00, + 0xd0, 0x9e, 0x88, 0x00, 0x29, 0x1c, 0xb8, 0x53, 0x96, 0xcc, 0x67, 0x17, + 0x39, 0x32, 0x84, 0xaa, 0xa0, 0xda, 0x64, 0xba, 0x04, 0x81, 0x85, 0x04, + 0x00, 0xc6, 0x85, 0x8e, 0x06, 0xb7, 0x04, 0x04, 0xe9, 0xcd, 0x9e, 0x3e, + 0xcb, 0x66, 0x23, 0x95, 0xb4, 0x42, 0x9c, 0x64, 0x81, 0x39, 0x05, 0x3f, + 0xb5, 0x21, 0xf8, 0x28, 0xaf, 0x60, 0x6b, 0x4d, 0x3d, 0xba, 0xa1, 0x4b, + 0x5e, 0x77, 0xef, 0xe7, 0x59, 0x28, 0xfe, 0x1d, 0xc1, 0x27, 0xa2, 0xff, + 0xa8, 0xde, 0x33, 0x48, 0xb3, 0xc1, 0x85, 0x6a, 0x42, 0x9b, 0xf9, 0x7e, + 0x7e, 0x31, 0xc2, 0xe5, 0xbd, 0x66, 0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, + 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a, 0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, + 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b, 0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, + 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee, 0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, + 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad, 0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, + 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe, 0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50, + 0x02, 0x42, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfa, + 0x51, 0x86, 0x87, 0x83, 0xbf, 0x2f, 0x96, 0x6b, 0x7f, 0xcc, 0x01, 0x48, + 0xf7, 0x09, 0xa5, 0xd0, 0x3b, 0xb5, 0xc9, 0xb8, 0x89, 0x9c, 0x47, 0xae, + 0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09, 0x02, 0x01, 0x01, +}; + +/* + * Sometime we cannot compare nids for equality, as the built-in curve table + * includes aliases with different names for the same curve. + * + * This function returns TRUE (1) if the checked nids are identical, or if they + * alias to the same curve. FALSE (0) otherwise. + */ +static ossl_inline +int are_ec_nids_compatible(int n1d, int n2d) +{ + int ret = 0; + switch (n1d) { +# ifndef OPENSSL_NO_EC2M + case NID_sect113r1: + case NID_wap_wsg_idm_ecid_wtls4: + ret = (n2d == NID_sect113r1 || n2d == NID_wap_wsg_idm_ecid_wtls4); + break; + case NID_sect163k1: + case NID_wap_wsg_idm_ecid_wtls3: + ret = (n2d == NID_sect163k1 || n2d == NID_wap_wsg_idm_ecid_wtls3); + break; + case NID_sect233k1: + case NID_wap_wsg_idm_ecid_wtls10: + ret = (n2d == NID_sect233k1 || n2d == NID_wap_wsg_idm_ecid_wtls10); + break; + case NID_sect233r1: + case NID_wap_wsg_idm_ecid_wtls11: + ret = (n2d == NID_sect233r1 || n2d == NID_wap_wsg_idm_ecid_wtls11); + break; + case NID_X9_62_c2pnb163v1: + case NID_wap_wsg_idm_ecid_wtls5: + ret = (n2d == NID_X9_62_c2pnb163v1 + || n2d == NID_wap_wsg_idm_ecid_wtls5); + break; +# endif /* OPENSSL_NO_EC2M */ + case NID_secp112r1: + case NID_wap_wsg_idm_ecid_wtls6: + ret = (n2d == NID_secp112r1 || n2d == NID_wap_wsg_idm_ecid_wtls6); + break; + case NID_secp160r2: + case NID_wap_wsg_idm_ecid_wtls7: + ret = (n2d == NID_secp160r2 || n2d == NID_wap_wsg_idm_ecid_wtls7); + break; +# ifdef OPENSSL_NO_EC_NISTP_64_GCC_128 + case NID_secp224r1: + case NID_wap_wsg_idm_ecid_wtls12: + ret = (n2d == NID_secp224r1 || n2d == NID_wap_wsg_idm_ecid_wtls12); + break; +# else + /* + * For SEC P-224 we want to ensure that the SECP nid is returned, as + * that is associated with a specialized method. + */ + case NID_wap_wsg_idm_ecid_wtls12: + ret = (n2d == NID_secp224r1); + break; +# endif /* def(OPENSSL_NO_EC_NISTP_64_GCC_128) */ + + default: + ret = (n1d == n2d); + } + return ret; +} + +/* + * This checks that EC_GROUP_bew_from_ecparameters() returns a "named" + * EC_GROUP for built-in curves. + * + * Note that it is possible to retrieve an alternative alias that does not match + * the original nid. + * + * Ensure that the OPENSSL_EC_EXPLICIT_CURVE ASN1 flag is set. + */ +static int check_named_curve_from_ecparameters(int id) +{ + int ret = 0, nid, tnid; + EC_GROUP *group = NULL, *tgroup = NULL, *tmpg = NULL; + const EC_POINT *group_gen = NULL; + EC_POINT *other_gen = NULL; + BIGNUM *group_cofactor = NULL, *other_cofactor = NULL; + BIGNUM *other_gen_x = NULL, *other_gen_y = NULL; + const BIGNUM *group_order = NULL; + BIGNUM *other_order = NULL; + BN_CTX *bn_ctx = NULL; + static const unsigned char invalid_seed[] = "THIS IS NOT A VALID SEED"; + static size_t invalid_seed_len = sizeof(invalid_seed); + ECPARAMETERS *params = NULL, *other_params = NULL; + EC_GROUP *g_ary[8] = {NULL}; + EC_GROUP **g_next = &g_ary[0]; + ECPARAMETERS *p_ary[8] = {NULL}; + ECPARAMETERS **p_next = &p_ary[0]; + + /* Do some setup */ + nid = curves[id].nid; + TEST_note("Curve %s", OBJ_nid2sn(nid)); + if (!TEST_ptr(bn_ctx = BN_CTX_new())) + return ret; + BN_CTX_start(bn_ctx); + + if (/* Allocations */ + !TEST_ptr(group_cofactor = BN_CTX_get(bn_ctx)) + || !TEST_ptr(other_gen_x = BN_CTX_get(bn_ctx)) + || !TEST_ptr(other_gen_y = BN_CTX_get(bn_ctx)) + || !TEST_ptr(other_order = BN_CTX_get(bn_ctx)) + || !TEST_ptr(other_cofactor = BN_CTX_get(bn_ctx)) + /* Generate reference group and params */ + || !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid)) + || !TEST_ptr(params = EC_GROUP_get_ecparameters(group, NULL)) + || !TEST_ptr(group_gen = EC_GROUP_get0_generator(group)) + || !TEST_ptr(group_order = EC_GROUP_get0_order(group)) + || !TEST_true(EC_GROUP_get_cofactor(group, group_cofactor, NULL)) + /* compute `other_*` values */ + || !TEST_ptr(tmpg = EC_GROUP_dup(group)) + || !TEST_ptr(other_gen = EC_POINT_dup(group_gen, group)) + || !TEST_true(EC_POINT_add(group, other_gen, group_gen, group_gen, NULL)) + || !TEST_true(EC_POINT_get_affine_coordinates(group, other_gen, + other_gen_x, other_gen_y, bn_ctx)) + || !TEST_true(BN_copy(other_order, group_order)) + || !TEST_true(BN_add_word(other_order, 1)) + || !TEST_true(BN_copy(other_cofactor, group_cofactor)) + || !TEST_true(BN_add_word(other_cofactor, 1))) + goto err; + + EC_POINT_free(other_gen); + other_gen = NULL; + + if (!TEST_ptr(other_gen = EC_POINT_new(tmpg)) + || !TEST_true(EC_POINT_set_affine_coordinates(tmpg, other_gen, + other_gen_x, other_gen_y, + bn_ctx))) + goto err; + + /* + * ########################### + * # Actual tests start here # + * ########################### + */ + + /* + * Creating a group from built-in explicit parameters returns a + * "named" EC_GROUP + */ + if (!TEST_ptr(tgroup = *g_next++ = EC_GROUP_new_from_ecparameters(params)) + || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)) + goto err; + /* + * We cannot always guarantee the names match, as the built-in table + * contains aliases for the same curve with different names. + */ + if (!TEST_true(are_ec_nids_compatible(nid, tnid))) { + TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid)); + goto err; + } + /* Ensure that the OPENSSL_EC_EXPLICIT_CURVE ASN1 flag is set. */ + if (!TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), OPENSSL_EC_EXPLICIT_CURVE)) + goto err; + + /* + * An invalid seed in the parameters should be ignored: expect a "named" + * group. + */ + if (!TEST_int_eq(EC_GROUP_set_seed(tmpg, invalid_seed, invalid_seed_len), + invalid_seed_len) + || !TEST_ptr(other_params = *p_next++ = + EC_GROUP_get_ecparameters(tmpg, NULL)) + || !TEST_ptr(tgroup = *g_next++ = + EC_GROUP_new_from_ecparameters(other_params)) + || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) + || !TEST_true(are_ec_nids_compatible(nid, tnid)) + || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), + OPENSSL_EC_EXPLICIT_CURVE)) { + TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid)); + goto err; + } + + /* + * A null seed in the parameters should be ignored, as it is optional: + * expect a "named" group. + */ + if (!TEST_int_eq(EC_GROUP_set_seed(tmpg, NULL, 0), 1) + || !TEST_ptr(other_params = *p_next++ = + EC_GROUP_get_ecparameters(tmpg, NULL)) + || !TEST_ptr(tgroup = *g_next++ = + EC_GROUP_new_from_ecparameters(other_params)) + || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) + || !TEST_true(are_ec_nids_compatible(nid, tnid)) + || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), + OPENSSL_EC_EXPLICIT_CURVE)) { + TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid)); + goto err; + } + + /* + * Check that changing any of the generator parameters does not yield a + * match with the built-in curves + */ + if (/* Other gen, same group order & cofactor */ + !TEST_true(EC_GROUP_set_generator(tmpg, other_gen, group_order, + group_cofactor)) + || !TEST_ptr(other_params = *p_next++ = + EC_GROUP_get_ecparameters(tmpg, NULL)) + || !TEST_ptr(tgroup = *g_next++ = + EC_GROUP_new_from_ecparameters(other_params)) + || !TEST_int_eq((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) + /* Same gen & cofactor, different order */ + || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, other_order, + group_cofactor)) + || !TEST_ptr(other_params = *p_next++ = + EC_GROUP_get_ecparameters(tmpg, NULL)) + || !TEST_ptr(tgroup = *g_next++ = + EC_GROUP_new_from_ecparameters(other_params)) + || !TEST_int_eq((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) + /* The order is not an optional field, so this should fail */ + || !TEST_false(EC_GROUP_set_generator(tmpg, group_gen, NULL, + group_cofactor)) + /* Check that a wrong cofactor is ignored, and we still match */ + || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order, + other_cofactor)) + || !TEST_ptr(other_params = *p_next++ = + EC_GROUP_get_ecparameters(tmpg, NULL)) + || !TEST_ptr(tgroup = *g_next++ = + EC_GROUP_new_from_ecparameters(other_params)) + || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) + || !TEST_true(are_ec_nids_compatible(nid, tnid)) + || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), + OPENSSL_EC_EXPLICIT_CURVE) + /* Check that if the cofactor is not set then it still matches */ + || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order, + NULL)) + || !TEST_ptr(other_params = *p_next++ = + EC_GROUP_get_ecparameters(tmpg, NULL)) + || !TEST_ptr(tgroup = *g_next++ = + EC_GROUP_new_from_ecparameters(other_params)) + || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) + || !TEST_true(are_ec_nids_compatible(nid, tnid)) + || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), + OPENSSL_EC_EXPLICIT_CURVE) + /* check that restoring the generator passes */ + || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order, + group_cofactor)) + || !TEST_ptr(other_params = *p_next++ = + EC_GROUP_get_ecparameters(tmpg, NULL)) + || !TEST_ptr(tgroup = *g_next++ = + EC_GROUP_new_from_ecparameters(other_params)) + || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) + || !TEST_true(are_ec_nids_compatible(nid, tnid)) + || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), + OPENSSL_EC_EXPLICIT_CURVE)) + goto err; + + ret = 1; +err: + for (g_next = &g_ary[0]; g_next < g_ary + OSSL_NELEM(g_ary); g_next++) + EC_GROUP_free(*g_next); + for (p_next = &p_ary[0]; p_next < p_ary + OSSL_NELEM(g_ary); p_next++) + ECPARAMETERS_free(*p_next); + ECPARAMETERS_free(params); + EC_POINT_free(other_gen); + EC_GROUP_free(tmpg); + EC_GROUP_free(group); + BN_CTX_end(bn_ctx); + BN_CTX_free(bn_ctx); + return ret; +} + +static int parameter_test(void) +{ + EC_GROUP *group = NULL, *group2 = NULL; + ECPARAMETERS *ecparameters = NULL; + unsigned char *buf = NULL; + int r = 0, len; + + /* must use a curve without a special group method */ + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp256k1)) + || !TEST_ptr(ecparameters = EC_GROUP_get_ecparameters(group, NULL)) + || !TEST_ptr(group2 = EC_GROUP_new_from_ecparameters(ecparameters)) + || !TEST_int_eq(EC_GROUP_cmp(group, group2, NULL), 0)) + goto err; + + EC_GROUP_free(group); + group = NULL; + + /* Test the named curve encoding, which should be default. */ + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp521r1)) + || !TEST_true((len = i2d_ECPKParameters(group, &buf)) >= 0) + || !TEST_mem_eq(buf, len, p521_named, sizeof(p521_named))) + goto err; + + OPENSSL_free(buf); + buf = NULL; + + /* + * Test the explicit encoding. P-521 requires correctly zero-padding the + * curve coefficients. + */ + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_EXPLICIT_CURVE); + if (!TEST_true((len = i2d_ECPKParameters(group, &buf)) >= 0) + || !TEST_mem_eq(buf, len, p521_explicit, sizeof(p521_explicit))) + goto err; + + r = 1; +err: + EC_GROUP_free(group); + EC_GROUP_free(group2); + ECPARAMETERS_free(ecparameters); + OPENSSL_free(buf); + return r; +} + +/*- + * random 256-bit explicit parameters curve, cofactor absent + * order: 0x0c38d96a9f892b88772ec2e39614a82f4f (132 bit) + * cofactor: 0x12bc94785251297abfafddf1565100da (125 bit) + */ +static const unsigned char params_cf_pass[] = { + 0x30, 0x81, 0xcd, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, + 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xe5, 0x00, 0x1f, 0xc5, + 0xca, 0x71, 0x9d, 0x8e, 0xf7, 0x07, 0x4b, 0x48, 0x37, 0xf9, 0x33, 0x2d, + 0x71, 0xbf, 0x79, 0xe7, 0xdc, 0x91, 0xc2, 0xff, 0xb6, 0x7b, 0xc3, 0x93, + 0x44, 0x88, 0xe6, 0x91, 0x30, 0x44, 0x04, 0x20, 0xe5, 0x00, 0x1f, 0xc5, + 0xca, 0x71, 0x9d, 0x8e, 0xf7, 0x07, 0x4b, 0x48, 0x37, 0xf9, 0x33, 0x2d, + 0x71, 0xbf, 0x79, 0xe7, 0xdc, 0x91, 0xc2, 0xff, 0xb6, 0x7b, 0xc3, 0x93, + 0x44, 0x88, 0xe6, 0x8e, 0x04, 0x20, 0x18, 0x8c, 0x59, 0x57, 0xc4, 0xbc, + 0x85, 0x57, 0xc3, 0x66, 0x9f, 0x89, 0xd5, 0x92, 0x0d, 0x7e, 0x42, 0x27, + 0x07, 0x64, 0xaa, 0x26, 0xed, 0x89, 0xc4, 0x09, 0x05, 0x4d, 0xc7, 0x23, + 0x47, 0xda, 0x04, 0x41, 0x04, 0x1b, 0x6b, 0x41, 0x0b, 0xf9, 0xfb, 0x77, + 0xfd, 0x50, 0xb7, 0x3e, 0x23, 0xa3, 0xec, 0x9a, 0x3b, 0x09, 0x31, 0x6b, + 0xfa, 0xf6, 0xce, 0x1f, 0xff, 0xeb, 0x57, 0x93, 0x24, 0x70, 0xf3, 0xf4, + 0xba, 0x7e, 0xfa, 0x86, 0x6e, 0x19, 0x89, 0xe3, 0x55, 0x6d, 0x5a, 0xe9, + 0xc0, 0x3d, 0xbc, 0xfb, 0xaf, 0xad, 0xd4, 0x7e, 0xa6, 0xe5, 0xfa, 0x1a, + 0x58, 0x07, 0x9e, 0x8f, 0x0d, 0x3b, 0xf7, 0x38, 0xca, 0x02, 0x11, 0x0c, + 0x38, 0xd9, 0x6a, 0x9f, 0x89, 0x2b, 0x88, 0x77, 0x2e, 0xc2, 0xe3, 0x96, + 0x14, 0xa8, 0x2f, 0x4f +}; + +/*- + * random 256-bit explicit parameters curve, cofactor absent + * order: 0x045a75c0c17228ebd9b169a10e34a22101 (131 bit) + * cofactor: 0x2e134b4ede82649f67a2e559d361e5fe (126 bit) + */ +static const unsigned char params_cf_fail[] = { + 0x30, 0x81, 0xcd, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, + 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xc8, 0x95, 0x27, 0x37, + 0xe8, 0xe1, 0xfd, 0xcc, 0xf9, 0x6e, 0x0c, 0xa6, 0x21, 0xc1, 0x7d, 0x6b, + 0x9d, 0x44, 0x42, 0xea, 0x73, 0x4e, 0x04, 0xb6, 0xac, 0x62, 0x50, 0xd0, + 0x33, 0xc2, 0xea, 0x13, 0x30, 0x44, 0x04, 0x20, 0xc8, 0x95, 0x27, 0x37, + 0xe8, 0xe1, 0xfd, 0xcc, 0xf9, 0x6e, 0x0c, 0xa6, 0x21, 0xc1, 0x7d, 0x6b, + 0x9d, 0x44, 0x42, 0xea, 0x73, 0x4e, 0x04, 0xb6, 0xac, 0x62, 0x50, 0xd0, + 0x33, 0xc2, 0xea, 0x10, 0x04, 0x20, 0xbf, 0xa6, 0xa8, 0x05, 0x1d, 0x09, + 0xac, 0x70, 0x39, 0xbb, 0x4d, 0xb2, 0x90, 0x8a, 0x15, 0x41, 0x14, 0x1d, + 0x11, 0x86, 0x9f, 0x13, 0xa2, 0x63, 0x1a, 0xda, 0x95, 0x22, 0x4d, 0x02, + 0x15, 0x0a, 0x04, 0x41, 0x04, 0xaf, 0x16, 0x71, 0xf9, 0xc4, 0xc8, 0x59, + 0x1d, 0xa3, 0x6f, 0xe7, 0xc3, 0x57, 0xa1, 0xfa, 0x9f, 0x49, 0x7c, 0x11, + 0x27, 0x05, 0xa0, 0x7f, 0xff, 0xf9, 0xe0, 0xe7, 0x92, 0xdd, 0x9c, 0x24, + 0x8e, 0xc7, 0xb9, 0x52, 0x71, 0x3f, 0xbc, 0x7f, 0x6a, 0x9f, 0x35, 0x70, + 0xe1, 0x27, 0xd5, 0x35, 0x8a, 0x13, 0xfa, 0xa8, 0x33, 0x3e, 0xd4, 0x73, + 0x1c, 0x14, 0x58, 0x9e, 0xc7, 0x0a, 0x87, 0x65, 0x8d, 0x02, 0x11, 0x04, + 0x5a, 0x75, 0xc0, 0xc1, 0x72, 0x28, 0xeb, 0xd9, 0xb1, 0x69, 0xa1, 0x0e, + 0x34, 0xa2, 0x21, 0x01 +}; + +/*- + * Test two random 256-bit explicit parameters curves with absent cofactor. + * The two curves are chosen to roughly straddle the bounds at which the lib + * can compute the cofactor automatically, roughly 4*sqrt(p). So test that: + * + * - params_cf_pass: order is sufficiently close to p to compute cofactor + * - params_cf_fail: order is too far away from p to compute cofactor + * + * For standards-compliant curves, cofactor is chosen as small as possible. + * So you can see neither of these curves are fit for cryptographic use. + * + * Some standards even mandate an upper bound on the cofactor, e.g. SECG1 v2: + * h <= 2**(t/8) where t is the security level of the curve, for which the lib + * will always succeed in computing the cofactor. Neither of these curves + * conform to that -- this is just robustness testing. + */ +static int cofactor_range_test(void) +{ + EC_GROUP *group = NULL; + BIGNUM *cf = NULL; + int ret = 0; + const unsigned char *b1 = (const unsigned char *)params_cf_fail; + const unsigned char *b2 = (const unsigned char *)params_cf_pass; + + if (!TEST_ptr(group = d2i_ECPKParameters(NULL, &b1, sizeof(params_cf_fail))) + || !TEST_BN_eq_zero(EC_GROUP_get0_cofactor(group)) + || !TEST_ptr(group = d2i_ECPKParameters(&group, &b2, + sizeof(params_cf_pass))) + || !TEST_int_gt(BN_hex2bn(&cf, "12bc94785251297abfafddf1565100da"), 0) + || !TEST_BN_eq(cf, EC_GROUP_get0_cofactor(group))) + goto err; + ret = 1; + err: + BN_free(cf); + EC_GROUP_free(group); + return ret; +} + +/*- + * For named curves, test that: + * - the lib correctly computes the cofactor if passed a NULL or zero cofactor + * - a nonsensical cofactor throws an error (negative test) + * - nonsensical orders throw errors (negative tests) + */ +static int cardinality_test(int n) +{ + int ret = 0; + int nid = curves[n].nid; + BN_CTX *ctx = NULL; + EC_GROUP *g1 = NULL, *g2 = NULL; + EC_POINT *g2_gen = NULL; + BIGNUM *g1_p = NULL, *g1_a = NULL, *g1_b = NULL, *g1_x = NULL, *g1_y = NULL, + *g1_order = NULL, *g1_cf = NULL, *g2_cf = NULL; + + TEST_info("Curve %s cardinality test", OBJ_nid2sn(nid)); + + if (!TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(g1 = EC_GROUP_new_by_curve_name(nid)) + || !TEST_ptr(g2 = EC_GROUP_new(EC_GROUP_method_of(g1)))) { + EC_GROUP_free(g1); + EC_GROUP_free(g2); + BN_CTX_free(ctx); + return 0; + } + + BN_CTX_start(ctx); + g1_p = BN_CTX_get(ctx); + g1_a = BN_CTX_get(ctx); + g1_b = BN_CTX_get(ctx); + g1_x = BN_CTX_get(ctx); + g1_y = BN_CTX_get(ctx); + g1_order = BN_CTX_get(ctx); + g1_cf = BN_CTX_get(ctx); + + if (!TEST_ptr(g2_cf = BN_CTX_get(ctx)) + /* pull out the explicit curve parameters */ + || !TEST_true(EC_GROUP_get_curve(g1, g1_p, g1_a, g1_b, ctx)) + || !TEST_true(EC_POINT_get_affine_coordinates(g1, + EC_GROUP_get0_generator(g1), g1_x, g1_y, ctx)) + || !TEST_true(BN_copy(g1_order, EC_GROUP_get0_order(g1))) + || !TEST_true(EC_GROUP_get_cofactor(g1, g1_cf, ctx)) + /* construct g2 manually with g1 parameters */ + || !TEST_true(EC_GROUP_set_curve(g2, g1_p, g1_a, g1_b, ctx)) + || !TEST_ptr(g2_gen = EC_POINT_new(g2)) + || !TEST_true(EC_POINT_set_affine_coordinates(g2, g2_gen, g1_x, g1_y, ctx)) + /* pass NULL cofactor: lib should compute it */ + || !TEST_true(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL)) + || !TEST_true(EC_GROUP_get_cofactor(g2, g2_cf, ctx)) + || !TEST_BN_eq(g1_cf, g2_cf) + /* pass zero cofactor: lib should compute it */ + || !TEST_true(BN_set_word(g2_cf, 0)) + || !TEST_true(EC_GROUP_set_generator(g2, g2_gen, g1_order, g2_cf)) + || !TEST_true(EC_GROUP_get_cofactor(g2, g2_cf, ctx)) + || !TEST_BN_eq(g1_cf, g2_cf) + /* negative test for invalid cofactor */ + || !TEST_true(BN_set_word(g2_cf, 0)) + || !TEST_true(BN_sub(g2_cf, g2_cf, BN_value_one())) + || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, g2_cf)) + /* negative test for NULL order */ + || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, NULL, NULL)) + /* negative test for zero order */ + || !TEST_true(BN_set_word(g1_order, 0)) + || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL)) + /* negative test for negative order */ + || !TEST_true(BN_set_word(g2_cf, 0)) + || !TEST_true(BN_sub(g2_cf, g2_cf, BN_value_one())) + || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL)) + /* negative test for too large order */ + || !TEST_true(BN_lshift(g1_order, g1_p, 2)) + || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))) + goto err; + ret = 1; + err: + EC_POINT_free(g2_gen); + EC_GROUP_free(g1); + EC_GROUP_free(g2); + BN_CTX_end(ctx); + BN_CTX_free(ctx); + return ret; +} + +/* + * Helper for ec_point_hex2point_test + * + * Self-tests EC_POINT_point2hex() against EC_POINT_hex2point() for the given + * (group,P) pair. + * + * If P is NULL use point at infinity. + */ +static ossl_inline +int ec_point_hex2point_test_helper(const EC_GROUP *group, const EC_POINT *P, + point_conversion_form_t form, + BN_CTX *bnctx) +{ + int ret = 0; + EC_POINT *Q = NULL, *Pinf = NULL; + char *hex = NULL; + + if (P == NULL) { + /* If P is NULL use point at infinity. */ + if (!TEST_ptr(Pinf = EC_POINT_new(group)) + || !TEST_true(EC_POINT_set_to_infinity(group, Pinf))) + goto err; + P = Pinf; + } + + if (!TEST_ptr(hex = EC_POINT_point2hex(group, P, form, bnctx)) + || !TEST_ptr(Q = EC_POINT_hex2point(group, hex, NULL, bnctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, bnctx))) + goto err; + + /* + * The next check is most likely superfluous, as EC_POINT_cmp should already + * cover this. + * Nonetheless it increases the test coverage for EC_POINT_is_at_infinity, + * so we include it anyway! + */ + if (Pinf != NULL + && !TEST_true(EC_POINT_is_at_infinity(group, Q))) + goto err; + + ret = 1; + + err: + EC_POINT_free(Pinf); + OPENSSL_free(hex); + EC_POINT_free(Q); + + return ret; +} + +/* + * This test self-validates EC_POINT_hex2point() and EC_POINT_point2hex() + */ +static int ec_point_hex2point_test(int id) +{ + int ret = 0, nid; + EC_GROUP *group = NULL; + const EC_POINT *G = NULL; + EC_POINT *P = NULL; + BN_CTX * bnctx = NULL; + + /* Do some setup */ + nid = curves[id].nid; + if (!TEST_ptr(bnctx = BN_CTX_new()) + || !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid)) + || !TEST_ptr(G = EC_GROUP_get0_generator(group)) + || !TEST_ptr(P = EC_POINT_dup(G, group))) + goto err; + + if (!TEST_true(ec_point_hex2point_test_helper(group, P, + POINT_CONVERSION_COMPRESSED, + bnctx)) + || !TEST_true(ec_point_hex2point_test_helper(group, NULL, + POINT_CONVERSION_COMPRESSED, + bnctx)) + || !TEST_true(ec_point_hex2point_test_helper(group, P, + POINT_CONVERSION_UNCOMPRESSED, + bnctx)) + || !TEST_true(ec_point_hex2point_test_helper(group, NULL, + POINT_CONVERSION_UNCOMPRESSED, + bnctx)) + || !TEST_true(ec_point_hex2point_test_helper(group, P, + POINT_CONVERSION_HYBRID, + bnctx)) + || !TEST_true(ec_point_hex2point_test_helper(group, NULL, + POINT_CONVERSION_HYBRID, + bnctx))) + goto err; + + ret = 1; + + err: + EC_POINT_free(P); + EC_GROUP_free(group); + BN_CTX_free(bnctx); + + return ret; +} + +#endif /* OPENSSL_NO_EC */ + +int setup_tests(void) +{ +#ifndef OPENSSL_NO_EC + crv_len = EC_get_builtin_curves(NULL, 0); + if (!TEST_ptr(curves = OPENSSL_malloc(sizeof(*curves) * crv_len)) + || !TEST_true(EC_get_builtin_curves(curves, crv_len))) + return 0; + + ADD_TEST(parameter_test); + ADD_TEST(cofactor_range_test); + ADD_ALL_TESTS(cardinality_test, crv_len); + ADD_TEST(prime_field_tests); +# ifndef OPENSSL_NO_EC2M + ADD_TEST(char2_field_tests); + ADD_ALL_TESTS(char2_curve_test, OSSL_NELEM(char2_curve_tests)); +# endif +# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 + ADD_ALL_TESTS(nistp_single_test, OSSL_NELEM(nistp_tests_params)); + ADD_TEST(underflow_test); +# endif + ADD_ALL_TESTS(internal_curve_test, crv_len); + ADD_ALL_TESTS(internal_curve_test_method, crv_len); + + ADD_ALL_TESTS(check_named_curve_from_ecparameters, crv_len); + ADD_ALL_TESTS(ec_point_hex2point_test, crv_len); +#endif /* OPENSSL_NO_EC */ + return 1; +} + +void cleanup_tests(void) +{ +#ifndef OPENSSL_NO_EC + OPENSSL_free(curves); +#endif +} diff --git a/fixpatch b/fixpatch new file mode 100755 index 0000000..bf5eb67 --- /dev/null +++ b/fixpatch @@ -0,0 +1,15 @@ +#!/bin/sh +# Fixes patch from upstream tracker view +gawk ' +BEGIN { + dir="" +} +/^Index: openssl\// { + dir = $2 +} +/^(---|\+\+\+)/ { + $2 = dir +} +{ + print +}' diff --git a/hobble-openssl b/hobble-openssl new file mode 100755 index 0000000..9a23ca6 --- /dev/null +++ b/hobble-openssl @@ -0,0 +1,40 @@ +#!/bin/sh + +# Quit out if anything fails. +set -e + +# Clean out patent-or-otherwise-encumbered code. +# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway +# IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore +# RC5: 5,724,428 01/11/2015 - expired, we do not remove it anymore +# EC: ????????? ??/??/2020 +# SRP: ????????? ??/??/2017 - expired, we do not remove it anymore + +# Remove assembler portions of IDEA, MDC2, and RC5. +# (find crypto/rc5/asm -type f | xargs -r rm -fv) + +for c in `find crypto/bn -name "*gf2m.c"`; do + echo Destroying $c + > $c +done + +for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c"`; do + echo Destroying $c + > $c +done + +for c in `find test -name "ectest.c"`; do + echo Destroying $c + > $c +done + +for h in `find crypto ssl apps test -name "*.h"` ; do + echo Removing EC2M references from $h + cat $h | \ + awk 'BEGIN {ech=1;} \ + /^#[ \t]*ifndef.*NO_EC2M/ {ech--; next;} \ + /^#[ \t]*if/ {if(ech < 1) ech--;} \ + {if(ech>0) {;print $0};} \ + /^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \ + mv $h.hobbled $h +done diff --git a/make-dummy-cert b/make-dummy-cert new file mode 100755 index 0000000..f5f0453 --- /dev/null +++ b/make-dummy-cert @@ -0,0 +1,28 @@ +#!/bin/sh +umask 077 + +answers() { + echo -- + echo SomeState + echo SomeCity + echo SomeOrganization + echo SomeOrganizationalUnit + echo localhost.localdomain + echo root@localhost.localdomain +} + +if [ $# -eq 0 ] ; then + echo $"Usage: `basename $0` filename [...]" + exit 0 +fi + +for target in $@ ; do + PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` + PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` + trap "rm -f $PEM1 $PEM2" SIGINT + answers | /usr/bin/openssl req -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 2> /dev/null + cat $PEM1 > ${target} + echo "" >> ${target} + cat $PEM2 >> ${target} + rm -f $PEM1 $PEM2 +done diff --git a/openssl-1.1.0-issuer-hash.patch b/openssl-1.1.0-issuer-hash.patch new file mode 100644 index 0000000..1b824e0 --- /dev/null +++ b/openssl-1.1.0-issuer-hash.patch @@ -0,0 +1,11 @@ +diff -up openssl-1.1.0-pre5/crypto/x509/x509_cmp.c.issuer-hash openssl-1.1.0-pre5/crypto/x509/x509_cmp.c +--- openssl-1.1.0-pre5/crypto/x509/x509_cmp.c.issuer-hash 2016-07-18 15:16:32.788881100 +0200 ++++ openssl-1.1.0-pre5/crypto/x509/x509_cmp.c 2016-07-18 15:17:16.671871840 +0200 +@@ -87,6 +87,7 @@ unsigned long X509_issuer_and_serial_has + + if (ctx == NULL) + goto err; ++ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0); + if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL)) + goto err; diff --git a/openssl-1.1.1-alpn-cb.patch b/openssl-1.1.1-alpn-cb.patch new file mode 100644 index 0000000..465f7b8 --- /dev/null +++ b/openssl-1.1.1-alpn-cb.patch @@ -0,0 +1,27 @@ +commit 9e885a707d604e9528b5491b78fb9c00f41193fc +Author: Tomas Mraz +Date: Thu Mar 26 15:59:00 2020 +0100 + + s_server: Properly indicate ALPN protocol mismatch + + Return SSL_TLSEXT_ERR_ALERT_FATAL from alpn_select_cb so that + an alert is sent to the client on ALPN protocol mismatch. + + Fixes: #2708 + + Reviewed-by: Matt Caswell + (Merged from https://github.com/openssl/openssl/pull/11415) + +diff --git a/apps/s_server.c b/apps/s_server.c +index bcc83e562c..591c6c19c5 100644 +--- a/apps/s_server.c ++++ b/apps/s_server.c +@@ -707,7 +707,7 @@ static int alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen, + if (SSL_select_next_proto + ((unsigned char **)out, outlen, alpn_ctx->data, alpn_ctx->len, in, + inlen) != OPENSSL_NPN_NEGOTIATED) { +- return SSL_TLSEXT_ERR_NOACK; ++ return SSL_TLSEXT_ERR_ALERT_FATAL; + } + + if (!s_quiet) { diff --git a/openssl-1.1.1-apps-dgst.patch b/openssl-1.1.1-apps-dgst.patch new file mode 100644 index 0000000..655b6e2 --- /dev/null +++ b/openssl-1.1.1-apps-dgst.patch @@ -0,0 +1,12 @@ +diff -up openssl-1.1.1b/apps/ca.c.dgst openssl-1.1.1b/apps/ca.c +--- openssl-1.1.1b/apps/ca.c.dgst 2019-02-26 15:15:30.000000000 +0100 ++++ openssl-1.1.1b/apps/ca.c 2019-03-15 15:53:46.622267688 +0100 +@@ -169,7 +169,7 @@ const OPTIONS ca_options[] = { + {"enddate", OPT_ENDDATE, 's', + "YYMMDDHHMMSSZ cert notAfter (overrides -days)"}, + {"days", OPT_DAYS, 'p', "Number of days to certify the cert for"}, +- {"md", OPT_MD, 's', "md to use; one of md2, md5, sha or sha1"}, ++ {"md", OPT_MD, 's', "md to use; see openssl help for list"}, + {"policy", OPT_POLICY, 's', "The CA 'policy' to support"}, + {"keyfile", OPT_KEYFILE, 's', "Private key"}, + {"keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)"}, diff --git a/openssl-1.1.1-arm-update.patch b/openssl-1.1.1-arm-update.patch new file mode 100644 index 0000000..998905f --- /dev/null +++ b/openssl-1.1.1-arm-update.patch @@ -0,0 +1,1434 @@ +diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl +--- openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl 2019-11-20 11:36:22.389506155 +0100 +@@ -27,44 +27,72 @@ + # CBC encrypt case. On Cortex-A57 parallelizable mode performance + # seems to be limited by sheer amount of NEON instructions... + # ++# April 2019 ++# ++# Key to performance of parallelize-able modes is round instruction ++# interleaving. But which factor to use? There is optimal one for ++# each combination of instruction latency and issue rate, beyond ++# which increasing interleave factor doesn't pay off. While on cons ++# side we have code size increase and resource waste on platforms for ++# which interleave factor is too high. In other words you want it to ++# be just right. So far interleave factor of 3x was serving well all ++# platforms. But for ThunderX2 optimal interleave factor was measured ++# to be 5x... ++# + # Performance in cycles per byte processed with 128-bit key: + # + # CBC enc CBC dec CTR + # Apple A7 2.39 1.20 1.20 +-# Cortex-A53 1.32 1.29 1.46 +-# Cortex-A57(*) 1.95 0.85 0.93 +-# Denver 1.96 0.86 0.80 +-# Mongoose 1.33 1.20 1.20 +-# Kryo 1.26 0.94 1.00 ++# Cortex-A53 1.32 1.17/1.29(**) 1.36/1.46 ++# Cortex-A57(*) 1.95 0.82/0.85 0.89/0.93 ++# Cortex-A72 1.33 0.85/0.88 0.92/0.96 ++# Denver 1.96 0.65/0.86 0.76/0.80 ++# Mongoose 1.33 1.23/1.20 1.30/1.20 ++# Kryo 1.26 0.87/0.94 1.00/1.00 ++# ThunderX2 5.95 1.25 1.30 + # + # (*) original 3.64/1.34/1.32 results were for r0p0 revision + # and are still same even for updated module; ++# (**) numbers after slash are for 32-bit code, which is 3x- ++# interleaved; + +-$flavour = shift; +-$output = shift; ++# $output is the last argument if it looks like a file (it has an extension) ++# $flavour is the first argument if it doesn't look like a file ++$output = $#ARGV >= 0 && $ARGV[$#ARGV] =~ m|\.\w+$| ? pop : undef; ++$flavour = $#ARGV >= 0 && $ARGV[0] !~ m|\.| ? shift : undef; + + $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; + ( $xlate="${dir}arm-xlate.pl" and -f $xlate ) or + ( $xlate="${dir}../../perlasm/arm-xlate.pl" and -f $xlate) or + die "can't locate arm-xlate.pl"; + +-open OUT,"| \"$^X\" $xlate $flavour $output"; ++open OUT,"| \"$^X\" $xlate $flavour \"$output\"" ++ or die "can't call $xlate: $!"; + *STDOUT=*OUT; + + $prefix="aes_v8"; + ++$_byte = ($flavour =~ /win/ ? "DCB" : ".byte"); ++ + $code=<<___; + #include "arm_arch.h" + + #if __ARM_MAX_ARCH__>=7 +-.text + ___ +-$code.=".arch armv8-a+crypto\n" if ($flavour =~ /64/); ++$code.=".arch armv8-a+crypto\n.text\n" if ($flavour =~ /64/); + $code.=<<___ if ($flavour !~ /64/); + .arch armv7-a // don't confuse not-so-latest binutils with argv8 :-) + .fpu neon ++#ifdef __thumb2__ ++.syntax unified ++.thumb ++# define INST(a,b,c,d) $_byte c,d|0xc,a,b ++#else + .code 32 +-#undef __thumb2__ ++# define INST(a,b,c,d) $_byte a,b,c,d ++#endif ++ ++.text + ___ + + # Assembler mnemonics are an eclectic mix of 32- and 64-bit syntax, +@@ -514,6 +542,13 @@ $code.=<<___; + ___ + { + my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); ++ ++my ($dat3,$in3,$tmp3); # used only in 64-bit mode ++my ($dat4,$in4,$tmp4); ++if ($flavour =~ /64/) { ++ ($dat2,$dat3,$dat4,$in2,$in3,$in4,$tmp3,$tmp4)=map("q$_",(16..23)); ++} ++ + $code.=<<___; + .align 5 + .Lcbc_dec: +@@ -530,7 +565,196 @@ $code.=<<___; + vorr $in0,$dat,$dat + vorr $in1,$dat1,$dat1 + vorr $in2,$dat2,$dat2 ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ cmp $len,#32 ++ b.lo .Loop3x_cbc_dec ++ ++ vld1.8 {$dat3},[$inp],#16 ++ vld1.8 {$dat4},[$inp],#16 ++ sub $len,$len,#32 // bias ++ mov $cnt,$rounds ++ vorr $in3,$dat3,$dat3 ++ vorr $in4,$dat4,$dat4 ++ ++.Loop5x_cbc_dec: ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q8 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q8 ++ aesimc $dat4,$dat4 ++ vld1.32 {q8},[$key_],#16 ++ subs $cnt,$cnt,#2 ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q9 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q9 ++ aesimc $dat4,$dat4 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Loop5x_cbc_dec ++ ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q8 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q8 ++ aesimc $dat4,$dat4 ++ cmp $len,#0x40 // because .Lcbc_tail4x ++ sub $len,$len,#0x50 ++ ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q9 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q9 ++ aesimc $dat4,$dat4 ++ csel x6,xzr,$len,gt // borrow x6, $cnt, "gt" is not typo ++ mov $key_,$key ++ ++ aesd $dat0,q10 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q10 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q10 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q10 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q10 ++ aesimc $dat4,$dat4 ++ add $inp,$inp,x6 // $inp is adjusted in such way that ++ // at exit from the loop $dat1-$dat4 ++ // are loaded with last "words" ++ add x6,$len,#0x60 // because .Lcbc_tail4x ++ ++ aesd $dat0,q11 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q11 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q11 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q11 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q11 ++ aesimc $dat4,$dat4 ++ ++ aesd $dat0,q12 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q12 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q12 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q12 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q12 ++ aesimc $dat4,$dat4 ++ ++ aesd $dat0,q13 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q13 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q13 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q13 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q13 ++ aesimc $dat4,$dat4 ++ ++ aesd $dat0,q14 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q14 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q14 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q14 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q14 ++ aesimc $dat4,$dat4 ++ ++ veor $tmp0,$ivec,$rndlast ++ aesd $dat0,q15 ++ veor $tmp1,$in0,$rndlast ++ vld1.8 {$in0},[$inp],#16 ++ aesd $dat1,q15 ++ veor $tmp2,$in1,$rndlast ++ vld1.8 {$in1},[$inp],#16 ++ aesd $dat2,q15 ++ veor $tmp3,$in2,$rndlast ++ vld1.8 {$in2},[$inp],#16 ++ aesd $dat3,q15 ++ veor $tmp4,$in3,$rndlast ++ vld1.8 {$in3},[$inp],#16 ++ aesd $dat4,q15 ++ vorr $ivec,$in4,$in4 ++ vld1.8 {$in4},[$inp],#16 ++ cbz x6,.Lcbc_tail4x ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ veor $tmp0,$tmp0,$dat0 ++ vorr $dat0,$in0,$in0 ++ veor $tmp1,$tmp1,$dat1 ++ vorr $dat1,$in1,$in1 ++ veor $tmp2,$tmp2,$dat2 ++ vorr $dat2,$in2,$in2 ++ veor $tmp3,$tmp3,$dat3 ++ vorr $dat3,$in3,$in3 ++ veor $tmp4,$tmp4,$dat4 ++ vst1.8 {$tmp0},[$out],#16 ++ vorr $dat4,$in4,$in4 ++ vst1.8 {$tmp1},[$out],#16 ++ mov $cnt,$rounds ++ vst1.8 {$tmp2},[$out],#16 ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ vst1.8 {$tmp3},[$out],#16 ++ vst1.8 {$tmp4},[$out],#16 ++ b.hs .Loop5x_cbc_dec ++ ++ add $len,$len,#0x50 ++ cbz $len,.Lcbc_done ++ ++ add $cnt,$rounds,#2 ++ subs $len,$len,#0x30 ++ vorr $dat0,$in2,$in2 ++ vorr $in0,$in2,$in2 ++ vorr $dat1,$in3,$in3 ++ vorr $in1,$in3,$in3 ++ vorr $dat2,$in4,$in4 ++ vorr $in2,$in4,$in4 ++ b.lo .Lcbc_dec_tail ++ ++ b .Loop3x_cbc_dec + ++.align 4 ++.Lcbc_tail4x: ++ veor $tmp1,$tmp0,$dat1 ++ veor $tmp2,$tmp2,$dat2 ++ veor $tmp3,$tmp3,$dat3 ++ veor $tmp4,$tmp4,$dat4 ++ vst1.8 {$tmp1},[$out],#16 ++ vst1.8 {$tmp2},[$out],#16 ++ vst1.8 {$tmp3},[$out],#16 ++ vst1.8 {$tmp4},[$out],#16 ++ ++ b .Lcbc_done ++.align 4 ++___ ++$code.=<<___; + .Loop3x_cbc_dec: + aesd $dat0,q8 + aesimc $dat0,$dat0 +@@ -691,6 +915,9 @@ my $step="x12"; # aliases with $tctr2 + my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$ivec,$rndlast)=map("q$_",(0..7)); + my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); + ++# used only in 64-bit mode... ++my ($dat3,$dat4,$in3,$in4)=map("q$_",(16..23)); ++ + my ($dat,$tmp)=($dat0,$tmp0); + + ### q8-q15 preloaded key schedule +@@ -743,6 +970,175 @@ $code.=<<___; + rev $tctr2, $ctr + sub $len,$len,#3 // bias + vmov.32 ${dat2}[3],$tctr2 ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ cmp $len,#2 ++ b.lo .Loop3x_ctr32 ++ ++ add w13,$ctr,#1 ++ add w14,$ctr,#2 ++ vorr $dat3,$dat0,$dat0 ++ rev w13,w13 ++ vorr $dat4,$dat0,$dat0 ++ rev w14,w14 ++ vmov.32 ${dat3}[3],w13 ++ sub $len,$len,#2 // bias ++ vmov.32 ${dat4}[3],w14 ++ add $ctr,$ctr,#2 ++ b .Loop5x_ctr32 ++ ++.align 4 ++.Loop5x_ctr32: ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ aese $dat3,q8 ++ aesmc $dat3,$dat3 ++ aese $dat4,q8 ++ aesmc $dat4,$dat4 ++ vld1.32 {q8},[$key_],#16 ++ subs $cnt,$cnt,#2 ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ aese $dat3,q9 ++ aesmc $dat3,$dat3 ++ aese $dat4,q9 ++ aesmc $dat4,$dat4 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Loop5x_ctr32 ++ ++ mov $key_,$key ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ aese $dat3,q8 ++ aesmc $dat3,$dat3 ++ aese $dat4,q8 ++ aesmc $dat4,$dat4 ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ aese $dat3,q9 ++ aesmc $dat3,$dat3 ++ aese $dat4,q9 ++ aesmc $dat4,$dat4 ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ ++ aese $dat0,q12 ++ aesmc $dat0,$dat0 ++ add $tctr0,$ctr,#1 ++ add $tctr1,$ctr,#2 ++ aese $dat1,q12 ++ aesmc $dat1,$dat1 ++ add $tctr2,$ctr,#3 ++ add w13,$ctr,#4 ++ aese $dat2,q12 ++ aesmc $dat2,$dat2 ++ add w14,$ctr,#5 ++ rev $tctr0,$tctr0 ++ aese $dat3,q12 ++ aesmc $dat3,$dat3 ++ rev $tctr1,$tctr1 ++ rev $tctr2,$tctr2 ++ aese $dat4,q12 ++ aesmc $dat4,$dat4 ++ rev w13,w13 ++ rev w14,w14 ++ ++ aese $dat0,q13 ++ aesmc $dat0,$dat0 ++ aese $dat1,q13 ++ aesmc $dat1,$dat1 ++ aese $dat2,q13 ++ aesmc $dat2,$dat2 ++ aese $dat3,q13 ++ aesmc $dat3,$dat3 ++ aese $dat4,q13 ++ aesmc $dat4,$dat4 ++ ++ aese $dat0,q14 ++ aesmc $dat0,$dat0 ++ vld1.8 {$in0},[$inp],#16 ++ aese $dat1,q14 ++ aesmc $dat1,$dat1 ++ vld1.8 {$in1},[$inp],#16 ++ aese $dat2,q14 ++ aesmc $dat2,$dat2 ++ vld1.8 {$in2},[$inp],#16 ++ aese $dat3,q14 ++ aesmc $dat3,$dat3 ++ vld1.8 {$in3},[$inp],#16 ++ aese $dat4,q14 ++ aesmc $dat4,$dat4 ++ vld1.8 {$in4},[$inp],#16 ++ ++ aese $dat0,q15 ++ veor $in0,$in0,$rndlast ++ aese $dat1,q15 ++ veor $in1,$in1,$rndlast ++ aese $dat2,q15 ++ veor $in2,$in2,$rndlast ++ aese $dat3,q15 ++ veor $in3,$in3,$rndlast ++ aese $dat4,q15 ++ veor $in4,$in4,$rndlast ++ ++ veor $in0,$in0,$dat0 ++ vorr $dat0,$ivec,$ivec ++ veor $in1,$in1,$dat1 ++ vorr $dat1,$ivec,$ivec ++ veor $in2,$in2,$dat2 ++ vorr $dat2,$ivec,$ivec ++ veor $in3,$in3,$dat3 ++ vorr $dat3,$ivec,$ivec ++ veor $in4,$in4,$dat4 ++ vorr $dat4,$ivec,$ivec ++ ++ vst1.8 {$in0},[$out],#16 ++ vmov.32 ${dat0}[3],$tctr0 ++ vst1.8 {$in1},[$out],#16 ++ vmov.32 ${dat1}[3],$tctr1 ++ vst1.8 {$in2},[$out],#16 ++ vmov.32 ${dat2}[3],$tctr2 ++ vst1.8 {$in3},[$out],#16 ++ vmov.32 ${dat3}[3],w13 ++ vst1.8 {$in4},[$out],#16 ++ vmov.32 ${dat4}[3],w14 ++ ++ mov $cnt,$rounds ++ cbz $len,.Lctr32_done ++ ++ add $ctr,$ctr,#5 ++ subs $len,$len,#5 ++ b.hs .Loop5x_ctr32 ++ ++ add $len,$len,#5 ++ sub $ctr,$ctr,#5 ++ ++ cmp $len,#2 ++ mov $step,#16 ++ cclr $step,lo ++ b.ls .Lctr32_tail ++ ++ sub $len,$len,#3 // bias ++ add $ctr,$ctr,#3 ++___ ++$code.=<<___; + b .Loop3x_ctr32 + + .align 4 +@@ -955,7 +1351,7 @@ if ($flavour =~ /64/) { ######## 64-bi + # since ARMv7 instructions are always encoded little-endian. + # correct solution is to use .inst directive, but older + # assemblers don't implement it:-( +- sprintf ".byte\t0x%02x,0x%02x,0x%02x,0x%02x\t@ %s %s", ++ sprintf "INST(0x%02x,0x%02x,0x%02x,0x%02x)\t@ %s %s", + $word&0xff,($word>>8)&0xff, + ($word>>16)&0xff,($word>>24)&0xff, + $mnemonic,$arg; +@@ -996,14 +1392,17 @@ if ($flavour =~ /64/) { ######## 64-bi + s/\],#[0-9]+/]!/o; + + s/[v]?(aes\w+)\s+([qv].*)/unaes($1,$2)/geo or +- s/cclr\s+([^,]+),\s*([a-z]+)/mov$2 $1,#0/o or ++ s/cclr\s+([^,]+),\s*([a-z]+)/mov.$2 $1,#0/o or + s/vtbl\.8\s+(.*)/unvtbl($1)/geo or + s/vdup\.32\s+(.*)/unvdup32($1)/geo or + s/vmov\.32\s+(.*)/unvmov32($1)/geo or + s/^(\s+)b\./$1b/o or +- s/^(\s+)mov\./$1mov/o or + s/^(\s+)ret/$1bx\tlr/o; + ++ if (s/^(\s+)mov\.([a-z]+)/$1mov$2/) { ++ print " it $2\n"; ++ } ++ + print $_,"\n"; + } + } +diff -up openssl-1.1.1c/crypto/aes/asm/vpaes-armv8.pl.arm-update openssl-1.1.1c/crypto/aes/asm/vpaes-armv8.pl +--- openssl-1.1.1c/crypto/aes/asm/vpaes-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/crypto/aes/asm/vpaes-armv8.pl 2019-11-20 11:36:22.389506155 +0100 +@@ -30,6 +30,7 @@ + # Denver(***) 16.6(**) 15.1/17.8(**) [8.80/9.93 ] + # Apple A7(***) 22.7(**) 10.9/14.3 [8.45/10.0 ] + # Mongoose(***) 26.3(**) 21.0/25.0(**) [13.3/16.8 ] ++# ThunderX2(***) 39.4(**) 33.8/48.6(**) + # + # (*) ECB denotes approximate result for parallelizable modes + # such as CBC decrypt, CTR, etc.; +diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl +--- openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl 2019-11-21 16:44:50.814651553 +0100 +@@ -18,32 +18,44 @@ + # + # ChaCha20 for ARMv8. + # ++# April 2019 ++# ++# Replace 3xNEON+1xIALU code path with 4+1. 4+1 is actually fastest ++# option on most(*), but not all, processors, yet 6+2 is retained. ++# This is because penalties are considered tolerable in comparison to ++# improvement on processors where 6+2 helps. Most notably +37% on ++# ThunderX2. It's server-oriented processor which will have to serve ++# as many requests as possible. While others are mostly clients, when ++# performance doesn't have to be absolute top-notch, just fast enough, ++# as majority of time is spent "entertaining" relatively slow human. ++# + # Performance in cycles per byte out of large buffer. + # +-# IALU/gcc-4.9 3xNEON+1xIALU 6xNEON+2xIALU ++# IALU/gcc-4.9 4xNEON+1xIALU 6xNEON+2xIALU + # +-# Apple A7 5.50/+49% 3.33 1.70 +-# Cortex-A53 8.40/+80% 4.72 4.72(*) +-# Cortex-A57 8.06/+43% 4.90 4.43(**) +-# Denver 4.50/+82% 2.63 2.67(*) +-# X-Gene 9.50/+46% 8.82 8.89(*) +-# Mongoose 8.00/+44% 3.64 3.25 +-# Kryo 8.17/+50% 4.83 4.65 ++# Apple A7 5.50/+49% 2.72 1.60 ++# Cortex-A53 8.40/+80% 4.06 4.45(*) ++# Cortex-A57 8.06/+43% 4.15 4.40(*) ++# Denver 4.50/+82% 2.30 2.70(*) ++# X-Gene 9.50/+46% 8.20 8.90(*) ++# Mongoose 8.00/+44% 2.74 3.12(*) ++# Kryo 8.17/+50% 4.47 4.65(*) ++# ThunderX2 7.22/+48% 5.64 4.10 + # +-# (*) it's expected that doubling interleave factor doesn't help +-# all processors, only those with higher NEON latency and +-# higher instruction issue rate; +-# (**) expected improvement was actually higher; ++# (*) slower than 4+1:-( + +-$flavour=shift; +-$output=shift; ++# $output is the last argument if it looks like a file (it has an extension) ++# $flavour is the first argument if it doesn't look like a file ++$output = $#ARGV >= 0 && $ARGV[$#ARGV] =~ m|\.\w+$| ? pop : undef; ++$flavour = $#ARGV >= 0 && $ARGV[0] !~ m|\.| ? shift : undef; + + $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; + ( $xlate="${dir}arm-xlate.pl" and -f $xlate ) or + ( $xlate="${dir}../../perlasm/arm-xlate.pl" and -f $xlate) or + die "can't locate arm-xlate.pl"; + +-open OUT,"| \"$^X\" $xlate $flavour $output"; ++open OUT,"| \"$^X\" $xlate $flavour \"$output\"" ++ or die "can't call $xlate: $!"; + *STDOUT=*OUT; + + sub AUTOLOAD() # thunk [simplified] x86-style perlasm +@@ -120,41 +132,36 @@ my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1) + } + + $code.=<<___; +-#include "arm_arch.h" ++#ifndef __KERNEL__ ++# include "arm_arch.h" ++.extern OPENSSL_armcap_P ++#endif + + .text + +-.extern OPENSSL_armcap_P +- + .align 5 + .Lsigma: + .quad 0x3320646e61707865,0x6b20657479622d32 // endian-neutral + .Lone: +-.long 1,0,0,0 +-.LOPENSSL_armcap_P: +-#ifdef __ILP32__ +-.long OPENSSL_armcap_P-. +-#else +-.quad OPENSSL_armcap_P-. +-#endif +-.asciz "ChaCha20 for ARMv8, CRYPTOGAMS by " ++.long 1,2,3,4 ++.Lrot24: ++.long 0x02010003,0x06050407,0x0a09080b,0x0e0d0c0f ++.asciz "ChaCha20 for ARMv8, CRYPTOGAMS by \@dot-asm" + + .globl ChaCha20_ctr32 + .type ChaCha20_ctr32,%function + .align 5 + ChaCha20_ctr32: + cbz $len,.Labort +- adr @x[0],.LOPENSSL_armcap_P + cmp $len,#192 + b.lo .Lshort +-#ifdef __ILP32__ +- ldrsw @x[1],[@x[0]] +-#else +- ldr @x[1],[@x[0]] +-#endif +- ldr w17,[@x[1],@x[0]] ++ ++#ifndef __KERNEL__ ++ adrp x17,OPENSSL_armcap_P ++ ldr w17,[x17,#:lo12:OPENSSL_armcap_P] + tst w17,#ARMV7_NEON +- b.ne ChaCha20_neon ++ b.ne .LChaCha20_neon ++#endif + + .Lshort: + .inst 0xd503233f // paciasp +@@ -173,7 +180,7 @@ ChaCha20_ctr32: + ldp @d[2],@d[3],[$key] // load key + ldp @d[4],@d[5],[$key,#16] + ldp @d[6],@d[7],[$ctr] // load counter +-#ifdef __ARMEB__ ++#ifdef __AARCH64EB__ + ror @d[2],@d[2],#32 + ror @d[3],@d[3],#32 + ror @d[4],@d[4],#32 +@@ -242,7 +249,7 @@ $code.=<<___; + add @x[14],@x[14],@x[15],lsl#32 + ldp @x[13],@x[15],[$inp,#48] + add $inp,$inp,#64 +-#ifdef __ARMEB__ ++#ifdef __AARCH64EB__ + rev @x[0],@x[0] + rev @x[2],@x[2] + rev @x[4],@x[4] +@@ -299,7 +306,7 @@ $code.=<<___; + add @x[10],@x[10],@x[11],lsl#32 + add @x[12],@x[12],@x[13],lsl#32 + add @x[14],@x[14],@x[15],lsl#32 +-#ifdef __ARMEB__ ++#ifdef __AARCH64EB__ + rev @x[0],@x[0] + rev @x[2],@x[2] + rev @x[4],@x[4] +@@ -340,46 +347,91 @@ $code.=<<___; + ___ + + {{{ +-my ($A0,$B0,$C0,$D0,$A1,$B1,$C1,$D1,$A2,$B2,$C2,$D2,$T0,$T1,$T2,$T3) = +- map("v$_.4s",(0..7,16..23)); +-my (@K)=map("v$_.4s",(24..30)); +-my $ONE="v31.4s"; ++my @K = map("v$_.4s",(0..3)); ++my ($xt0,$xt1,$xt2,$xt3, $CTR,$ROT24) = map("v$_.4s",(4..9)); ++my @X = map("v$_.4s",(16,20,24,28, 17,21,25,29, 18,22,26,30, 19,23,27,31)); ++my ($xa0,$xa1,$xa2,$xa3, $xb0,$xb1,$xb2,$xb3, ++ $xc0,$xc1,$xc2,$xc3, $xd0,$xd1,$xd2,$xd3) = @X; + +-sub NEONROUND { +-my $odd = pop; +-my ($a,$b,$c,$d,$t)=@_; ++sub NEON_lane_ROUND { ++my ($a0,$b0,$c0,$d0)=@_; ++my ($a1,$b1,$c1,$d1)=map(($_&~3)+(($_+1)&3),($a0,$b0,$c0,$d0)); ++my ($a2,$b2,$c2,$d2)=map(($_&~3)+(($_+1)&3),($a1,$b1,$c1,$d1)); ++my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2)); ++my @x=map("'$_'",@X); + + ( +- "&add ('$a','$a','$b')", +- "&eor ('$d','$d','$a')", +- "&rev32_16 ('$d','$d')", # vrot ($d,16) +- +- "&add ('$c','$c','$d')", +- "&eor ('$t','$b','$c')", +- "&ushr ('$b','$t',20)", +- "&sli ('$b','$t',12)", +- +- "&add ('$a','$a','$b')", +- "&eor ('$t','$d','$a')", +- "&ushr ('$d','$t',24)", +- "&sli ('$d','$t',8)", +- +- "&add ('$c','$c','$d')", +- "&eor ('$t','$b','$c')", +- "&ushr ('$b','$t',25)", +- "&sli ('$b','$t',7)", +- +- "&ext ('$c','$c','$c',8)", +- "&ext ('$d','$d','$d',$odd?4:12)", +- "&ext ('$b','$b','$b',$odd?12:4)" ++ "&add (@x[$a0],@x[$a0],@x[$b0])", # Q1 ++ "&add (@x[$a1],@x[$a1],@x[$b1])", # Q2 ++ "&add (@x[$a2],@x[$a2],@x[$b2])", # Q3 ++ "&add (@x[$a3],@x[$a3],@x[$b3])", # Q4 ++ "&eor (@x[$d0],@x[$d0],@x[$a0])", ++ "&eor (@x[$d1],@x[$d1],@x[$a1])", ++ "&eor (@x[$d2],@x[$d2],@x[$a2])", ++ "&eor (@x[$d3],@x[$d3],@x[$a3])", ++ "&rev32_16 (@x[$d0],@x[$d0])", ++ "&rev32_16 (@x[$d1],@x[$d1])", ++ "&rev32_16 (@x[$d2],@x[$d2])", ++ "&rev32_16 (@x[$d3],@x[$d3])", ++ ++ "&add (@x[$c0],@x[$c0],@x[$d0])", ++ "&add (@x[$c1],@x[$c1],@x[$d1])", ++ "&add (@x[$c2],@x[$c2],@x[$d2])", ++ "&add (@x[$c3],@x[$c3],@x[$d3])", ++ "&eor ('$xt0',@x[$b0],@x[$c0])", ++ "&eor ('$xt1',@x[$b1],@x[$c1])", ++ "&eor ('$xt2',@x[$b2],@x[$c2])", ++ "&eor ('$xt3',@x[$b3],@x[$c3])", ++ "&ushr (@x[$b0],'$xt0',20)", ++ "&ushr (@x[$b1],'$xt1',20)", ++ "&ushr (@x[$b2],'$xt2',20)", ++ "&ushr (@x[$b3],'$xt3',20)", ++ "&sli (@x[$b0],'$xt0',12)", ++ "&sli (@x[$b1],'$xt1',12)", ++ "&sli (@x[$b2],'$xt2',12)", ++ "&sli (@x[$b3],'$xt3',12)", ++ ++ "&add (@x[$a0],@x[$a0],@x[$b0])", ++ "&add (@x[$a1],@x[$a1],@x[$b1])", ++ "&add (@x[$a2],@x[$a2],@x[$b2])", ++ "&add (@x[$a3],@x[$a3],@x[$b3])", ++ "&eor ('$xt0',@x[$d0],@x[$a0])", ++ "&eor ('$xt1',@x[$d1],@x[$a1])", ++ "&eor ('$xt2',@x[$d2],@x[$a2])", ++ "&eor ('$xt3',@x[$d3],@x[$a3])", ++ "&tbl (@x[$d0],'{$xt0}','$ROT24')", ++ "&tbl (@x[$d1],'{$xt1}','$ROT24')", ++ "&tbl (@x[$d2],'{$xt2}','$ROT24')", ++ "&tbl (@x[$d3],'{$xt3}','$ROT24')", ++ ++ "&add (@x[$c0],@x[$c0],@x[$d0])", ++ "&add (@x[$c1],@x[$c1],@x[$d1])", ++ "&add (@x[$c2],@x[$c2],@x[$d2])", ++ "&add (@x[$c3],@x[$c3],@x[$d3])", ++ "&eor ('$xt0',@x[$b0],@x[$c0])", ++ "&eor ('$xt1',@x[$b1],@x[$c1])", ++ "&eor ('$xt2',@x[$b2],@x[$c2])", ++ "&eor ('$xt3',@x[$b3],@x[$c3])", ++ "&ushr (@x[$b0],'$xt0',25)", ++ "&ushr (@x[$b1],'$xt1',25)", ++ "&ushr (@x[$b2],'$xt2',25)", ++ "&ushr (@x[$b3],'$xt3',25)", ++ "&sli (@x[$b0],'$xt0',7)", ++ "&sli (@x[$b1],'$xt1',7)", ++ "&sli (@x[$b2],'$xt2',7)", ++ "&sli (@x[$b3],'$xt3',7)" + ); + } + + $code.=<<___; + ++#ifdef __KERNEL__ ++.globl ChaCha20_neon ++#endif + .type ChaCha20_neon,%function + .align 5 + ChaCha20_neon: ++.LChaCha20_neon: + .inst 0xd503233f // paciasp + stp x29,x30,[sp,#-96]! + add x29,sp,#0 +@@ -402,8 +454,9 @@ ChaCha20_neon: + ld1 {@K[1],@K[2]},[$key] + ldp @d[6],@d[7],[$ctr] // load counter + ld1 {@K[3]},[$ctr] +- ld1 {$ONE},[@x[0]] +-#ifdef __ARMEB__ ++ stp d8,d9,[sp] // meet ABI requirements ++ ld1 {$CTR,$ROT24},[@x[0]] ++#ifdef __AARCH64EB__ + rev64 @K[0],@K[0] + ror @d[2],@d[2],#32 + ror @d[3],@d[3],#32 +@@ -412,115 +465,129 @@ ChaCha20_neon: + ror @d[6],@d[6],#32 + ror @d[7],@d[7],#32 + #endif +- add @K[3],@K[3],$ONE // += 1 +- add @K[4],@K[3],$ONE +- add @K[5],@K[4],$ONE +- shl $ONE,$ONE,#2 // 1 -> 4 + + .Loop_outer_neon: +- mov.32 @x[0],@d[0] // unpack key block +- lsr @x[1],@d[0],#32 +- mov $A0,@K[0] +- mov.32 @x[2],@d[1] +- lsr @x[3],@d[1],#32 +- mov $A1,@K[0] +- mov.32 @x[4],@d[2] +- lsr @x[5],@d[2],#32 +- mov $A2,@K[0] +- mov.32 @x[6],@d[3] +- mov $B0,@K[1] +- lsr @x[7],@d[3],#32 +- mov $B1,@K[1] +- mov.32 @x[8],@d[4] +- mov $B2,@K[1] +- lsr @x[9],@d[4],#32 +- mov $D0,@K[3] +- mov.32 @x[10],@d[5] +- mov $D1,@K[4] +- lsr @x[11],@d[5],#32 +- mov $D2,@K[5] +- mov.32 @x[12],@d[6] +- mov $C0,@K[2] +- lsr @x[13],@d[6],#32 +- mov $C1,@K[2] +- mov.32 @x[14],@d[7] +- mov $C2,@K[2] +- lsr @x[15],@d[7],#32 ++ dup $xa0,@{K[0]}[0] // unpack key block ++ mov.32 @x[0],@d[0] ++ dup $xa1,@{K[0]}[1] ++ lsr @x[1],@d[0],#32 ++ dup $xa2,@{K[0]}[2] ++ mov.32 @x[2],@d[1] ++ dup $xa3,@{K[0]}[3] ++ lsr @x[3],@d[1],#32 ++ dup $xb0,@{K[1]}[0] ++ mov.32 @x[4],@d[2] ++ dup $xb1,@{K[1]}[1] ++ lsr @x[5],@d[2],#32 ++ dup $xb2,@{K[1]}[2] ++ mov.32 @x[6],@d[3] ++ dup $xb3,@{K[1]}[3] ++ lsr @x[7],@d[3],#32 ++ dup $xd0,@{K[3]}[0] ++ mov.32 @x[8],@d[4] ++ dup $xd1,@{K[3]}[1] ++ lsr @x[9],@d[4],#32 ++ dup $xd2,@{K[3]}[2] ++ mov.32 @x[10],@d[5] ++ dup $xd3,@{K[3]}[3] ++ lsr @x[11],@d[5],#32 ++ add $xd0,$xd0,$CTR ++ mov.32 @x[12],@d[6] ++ dup $xc0,@{K[2]}[0] ++ lsr @x[13],@d[6],#32 ++ dup $xc1,@{K[2]}[1] ++ mov.32 @x[14],@d[7] ++ dup $xc2,@{K[2]}[2] ++ lsr @x[15],@d[7],#32 ++ dup $xc3,@{K[2]}[3] + + mov $ctr,#10 +- subs $len,$len,#256 ++ subs $len,$len,#320 + .Loop_neon: + sub $ctr,$ctr,#1 + ___ +- my @thread0=&NEONROUND($A0,$B0,$C0,$D0,$T0,0); +- my @thread1=&NEONROUND($A1,$B1,$C1,$D1,$T1,0); +- my @thread2=&NEONROUND($A2,$B2,$C2,$D2,$T2,0); +- my @thread3=&ROUND(0,4,8,12); +- +- foreach (@thread0) { +- eval; eval(shift(@thread3)); +- eval(shift(@thread1)); eval(shift(@thread3)); +- eval(shift(@thread2)); eval(shift(@thread3)); +- } +- +- @thread0=&NEONROUND($A0,$B0,$C0,$D0,$T0,1); +- @thread1=&NEONROUND($A1,$B1,$C1,$D1,$T1,1); +- @thread2=&NEONROUND($A2,$B2,$C2,$D2,$T2,1); +- @thread3=&ROUND(0,5,10,15); ++ my @plus_one=&ROUND(0,4,8,12); ++ foreach (&NEON_lane_ROUND(0,4,8,12)) { eval; eval(shift(@plus_one)); } + +- foreach (@thread0) { +- eval; eval(shift(@thread3)); +- eval(shift(@thread1)); eval(shift(@thread3)); +- eval(shift(@thread2)); eval(shift(@thread3)); +- } ++ @plus_one=&ROUND(0,5,10,15); ++ foreach (&NEON_lane_ROUND(0,5,10,15)) { eval; eval(shift(@plus_one)); } + $code.=<<___; + cbnz $ctr,.Loop_neon + +- add.32 @x[0],@x[0],@d[0] // accumulate key block +- add $A0,$A0,@K[0] +- add @x[1],@x[1],@d[0],lsr#32 +- add $A1,$A1,@K[0] +- add.32 @x[2],@x[2],@d[1] +- add $A2,$A2,@K[0] +- add @x[3],@x[3],@d[1],lsr#32 +- add $C0,$C0,@K[2] +- add.32 @x[4],@x[4],@d[2] +- add $C1,$C1,@K[2] +- add @x[5],@x[5],@d[2],lsr#32 +- add $C2,$C2,@K[2] +- add.32 @x[6],@x[6],@d[3] +- add $D0,$D0,@K[3] +- add @x[7],@x[7],@d[3],lsr#32 +- add.32 @x[8],@x[8],@d[4] +- add $D1,$D1,@K[4] +- add @x[9],@x[9],@d[4],lsr#32 +- add.32 @x[10],@x[10],@d[5] +- add $D2,$D2,@K[5] +- add @x[11],@x[11],@d[5],lsr#32 +- add.32 @x[12],@x[12],@d[6] +- add $B0,$B0,@K[1] +- add @x[13],@x[13],@d[6],lsr#32 +- add.32 @x[14],@x[14],@d[7] +- add $B1,$B1,@K[1] +- add @x[15],@x[15],@d[7],lsr#32 +- add $B2,$B2,@K[1] ++ add $xd0,$xd0,$CTR ++ ++ zip1 $xt0,$xa0,$xa1 // transpose data ++ zip1 $xt1,$xa2,$xa3 ++ zip2 $xt2,$xa0,$xa1 ++ zip2 $xt3,$xa2,$xa3 ++ zip1.64 $xa0,$xt0,$xt1 ++ zip2.64 $xa1,$xt0,$xt1 ++ zip1.64 $xa2,$xt2,$xt3 ++ zip2.64 $xa3,$xt2,$xt3 ++ ++ zip1 $xt0,$xb0,$xb1 ++ zip1 $xt1,$xb2,$xb3 ++ zip2 $xt2,$xb0,$xb1 ++ zip2 $xt3,$xb2,$xb3 ++ zip1.64 $xb0,$xt0,$xt1 ++ zip2.64 $xb1,$xt0,$xt1 ++ zip1.64 $xb2,$xt2,$xt3 ++ zip2.64 $xb3,$xt2,$xt3 ++ ++ zip1 $xt0,$xc0,$xc1 ++ add.32 @x[0],@x[0],@d[0] // accumulate key block ++ zip1 $xt1,$xc2,$xc3 ++ add @x[1],@x[1],@d[0],lsr#32 ++ zip2 $xt2,$xc0,$xc1 ++ add.32 @x[2],@x[2],@d[1] ++ zip2 $xt3,$xc2,$xc3 ++ add @x[3],@x[3],@d[1],lsr#32 ++ zip1.64 $xc0,$xt0,$xt1 ++ add.32 @x[4],@x[4],@d[2] ++ zip2.64 $xc1,$xt0,$xt1 ++ add @x[5],@x[5],@d[2],lsr#32 ++ zip1.64 $xc2,$xt2,$xt3 ++ add.32 @x[6],@x[6],@d[3] ++ zip2.64 $xc3,$xt2,$xt3 ++ add @x[7],@x[7],@d[3],lsr#32 ++ ++ zip1 $xt0,$xd0,$xd1 ++ add.32 @x[8],@x[8],@d[4] ++ zip1 $xt1,$xd2,$xd3 ++ add @x[9],@x[9],@d[4],lsr#32 ++ zip2 $xt2,$xd0,$xd1 ++ add.32 @x[10],@x[10],@d[5] ++ zip2 $xt3,$xd2,$xd3 ++ add @x[11],@x[11],@d[5],lsr#32 ++ zip1.64 $xd0,$xt0,$xt1 ++ add.32 @x[12],@x[12],@d[6] ++ zip2.64 $xd1,$xt0,$xt1 ++ add @x[13],@x[13],@d[6],lsr#32 ++ zip1.64 $xd2,$xt2,$xt3 ++ add.32 @x[14],@x[14],@d[7] ++ zip2.64 $xd3,$xt2,$xt3 ++ add @x[15],@x[15],@d[7],lsr#32 + + b.lo .Ltail_neon + + add @x[0],@x[0],@x[1],lsl#32 // pack + add @x[2],@x[2],@x[3],lsl#32 + ldp @x[1],@x[3],[$inp,#0] // load input ++ add $xa0,$xa0,@K[0] // accumulate key block + add @x[4],@x[4],@x[5],lsl#32 + add @x[6],@x[6],@x[7],lsl#32 + ldp @x[5],@x[7],[$inp,#16] ++ add $xb0,$xb0,@K[1] + add @x[8],@x[8],@x[9],lsl#32 + add @x[10],@x[10],@x[11],lsl#32 + ldp @x[9],@x[11],[$inp,#32] ++ add $xc0,$xc0,@K[2] + add @x[12],@x[12],@x[13],lsl#32 + add @x[14],@x[14],@x[15],lsl#32 + ldp @x[13],@x[15],[$inp,#48] ++ add $xd0,$xd0,@K[3] + add $inp,$inp,#64 +-#ifdef __ARMEB__ ++#ifdef __AARCH64EB__ + rev @x[0],@x[0] + rev @x[2],@x[2] + rev @x[4],@x[4] +@@ -530,48 +597,68 @@ $code.=<<___; + rev @x[12],@x[12] + rev @x[14],@x[14] + #endif +- ld1.8 {$T0-$T3},[$inp],#64 ++ ld1.8 {$xt0-$xt3},[$inp],#64 + eor @x[0],@x[0],@x[1] ++ add $xa1,$xa1,@K[0] + eor @x[2],@x[2],@x[3] ++ add $xb1,$xb1,@K[1] + eor @x[4],@x[4],@x[5] ++ add $xc1,$xc1,@K[2] + eor @x[6],@x[6],@x[7] ++ add $xd1,$xd1,@K[3] + eor @x[8],@x[8],@x[9] +- eor $A0,$A0,$T0 ++ eor $xa0,$xa0,$xt0 ++ movi $xt0,#5 + eor @x[10],@x[10],@x[11] +- eor $B0,$B0,$T1 ++ eor $xb0,$xb0,$xt1 + eor @x[12],@x[12],@x[13] +- eor $C0,$C0,$T2 ++ eor $xc0,$xc0,$xt2 + eor @x[14],@x[14],@x[15] +- eor $D0,$D0,$T3 +- ld1.8 {$T0-$T3},[$inp],#64 ++ eor $xd0,$xd0,$xt3 ++ add $CTR,$CTR,$xt0 // += 5 ++ ld1.8 {$xt0-$xt3},[$inp],#64 + + stp @x[0],@x[2],[$out,#0] // store output +- add @d[6],@d[6],#4 // increment counter ++ add @d[6],@d[6],#5 // increment counter + stp @x[4],@x[6],[$out,#16] +- add @K[3],@K[3],$ONE // += 4 + stp @x[8],@x[10],[$out,#32] +- add @K[4],@K[4],$ONE + stp @x[12],@x[14],[$out,#48] +- add @K[5],@K[5],$ONE + add $out,$out,#64 + +- st1.8 {$A0-$D0},[$out],#64 +- ld1.8 {$A0-$D0},[$inp],#64 +- +- eor $A1,$A1,$T0 +- eor $B1,$B1,$T1 +- eor $C1,$C1,$T2 +- eor $D1,$D1,$T3 +- st1.8 {$A1-$D1},[$out],#64 +- +- eor $A2,$A2,$A0 +- eor $B2,$B2,$B0 +- eor $C2,$C2,$C0 +- eor $D2,$D2,$D0 +- st1.8 {$A2-$D2},[$out],#64 ++ st1.8 {$xa0-$xd0},[$out],#64 ++ add $xa2,$xa2,@K[0] ++ add $xb2,$xb2,@K[1] ++ add $xc2,$xc2,@K[2] ++ add $xd2,$xd2,@K[3] ++ ld1.8 {$xa0-$xd0},[$inp],#64 ++ ++ eor $xa1,$xa1,$xt0 ++ eor $xb1,$xb1,$xt1 ++ eor $xc1,$xc1,$xt2 ++ eor $xd1,$xd1,$xt3 ++ st1.8 {$xa1-$xd1},[$out],#64 ++ add $xa3,$xa3,@K[0] ++ add $xb3,$xb3,@K[1] ++ add $xc3,$xc3,@K[2] ++ add $xd3,$xd3,@K[3] ++ ld1.8 {$xa1-$xd1},[$inp],#64 ++ ++ eor $xa2,$xa2,$xa0 ++ eor $xb2,$xb2,$xb0 ++ eor $xc2,$xc2,$xc0 ++ eor $xd2,$xd2,$xd0 ++ st1.8 {$xa2-$xd2},[$out],#64 ++ ++ eor $xa3,$xa3,$xa1 ++ eor $xb3,$xb3,$xb1 ++ eor $xc3,$xc3,$xc1 ++ eor $xd3,$xd3,$xd1 ++ st1.8 {$xa3-$xd3},[$out],#64 + + b.hi .Loop_outer_neon + ++ ldp d8,d9,[sp] // meet ABI requirements ++ + ldp x19,x20,[x29,#16] + add sp,sp,#64 + ldp x21,x22,[x29,#32] +@@ -582,8 +669,10 @@ $code.=<<___; + .inst 0xd50323bf // autiasp + ret + ++.align 4 + .Ltail_neon: +- add $len,$len,#256 ++ add $len,$len,#320 ++ ldp d8,d9,[sp] // meet ABI requirements + cmp $len,#64 + b.lo .Less_than_64 + +@@ -600,7 +689,7 @@ $code.=<<___; + add @x[14],@x[14],@x[15],lsl#32 + ldp @x[13],@x[15],[$inp,#48] + add $inp,$inp,#64 +-#ifdef __ARMEB__ ++#ifdef __AARCH64EB__ + rev @x[0],@x[0] + rev @x[2],@x[2] + rev @x[4],@x[4] +@@ -620,48 +709,68 @@ $code.=<<___; + eor @x[14],@x[14],@x[15] + + stp @x[0],@x[2],[$out,#0] // store output +- add @d[6],@d[6],#4 // increment counter ++ add $xa0,$xa0,@K[0] // accumulate key block + stp @x[4],@x[6],[$out,#16] ++ add $xb0,$xb0,@K[1] + stp @x[8],@x[10],[$out,#32] ++ add $xc0,$xc0,@K[2] + stp @x[12],@x[14],[$out,#48] ++ add $xd0,$xd0,@K[3] + add $out,$out,#64 + b.eq .Ldone_neon + sub $len,$len,#64 + cmp $len,#64 +- b.lo .Less_than_128 ++ b.lo .Last_neon + +- ld1.8 {$T0-$T3},[$inp],#64 +- eor $A0,$A0,$T0 +- eor $B0,$B0,$T1 +- eor $C0,$C0,$T2 +- eor $D0,$D0,$T3 +- st1.8 {$A0-$D0},[$out],#64 ++ ld1.8 {$xt0-$xt3},[$inp],#64 ++ eor $xa0,$xa0,$xt0 ++ eor $xb0,$xb0,$xt1 ++ eor $xc0,$xc0,$xt2 ++ eor $xd0,$xd0,$xt3 ++ st1.8 {$xa0-$xd0},[$out],#64 + b.eq .Ldone_neon ++ ++ add $xa0,$xa1,@K[0] ++ add $xb0,$xb1,@K[1] + sub $len,$len,#64 ++ add $xc0,$xc1,@K[2] + cmp $len,#64 +- b.lo .Less_than_192 ++ add $xd0,$xd1,@K[3] ++ b.lo .Last_neon + +- ld1.8 {$T0-$T3},[$inp],#64 +- eor $A1,$A1,$T0 +- eor $B1,$B1,$T1 +- eor $C1,$C1,$T2 +- eor $D1,$D1,$T3 +- st1.8 {$A1-$D1},[$out],#64 ++ ld1.8 {$xt0-$xt3},[$inp],#64 ++ eor $xa1,$xa0,$xt0 ++ eor $xb1,$xb0,$xt1 ++ eor $xc1,$xc0,$xt2 ++ eor $xd1,$xd0,$xt3 ++ st1.8 {$xa1-$xd1},[$out],#64 + b.eq .Ldone_neon ++ ++ add $xa0,$xa2,@K[0] ++ add $xb0,$xb2,@K[1] + sub $len,$len,#64 ++ add $xc0,$xc2,@K[2] ++ cmp $len,#64 ++ add $xd0,$xd2,@K[3] ++ b.lo .Last_neon + +- st1.8 {$A2-$D2},[sp] +- b .Last_neon ++ ld1.8 {$xt0-$xt3},[$inp],#64 ++ eor $xa2,$xa0,$xt0 ++ eor $xb2,$xb0,$xt1 ++ eor $xc2,$xc0,$xt2 ++ eor $xd2,$xd0,$xt3 ++ st1.8 {$xa2-$xd2},[$out],#64 ++ b.eq .Ldone_neon + +-.Less_than_128: +- st1.8 {$A0-$D0},[sp] +- b .Last_neon +-.Less_than_192: +- st1.8 {$A1-$D1},[sp] +- b .Last_neon ++ add $xa0,$xa3,@K[0] ++ add $xb0,$xb3,@K[1] ++ add $xc0,$xc3,@K[2] ++ add $xd0,$xd3,@K[3] ++ sub $len,$len,#64 + +-.align 4 + .Last_neon: ++ st1.8 {$xa0-$xd0},[sp] ++ + sub $out,$out,#1 + add $inp,$inp,$len + add $out,$out,$len +@@ -694,9 +803,41 @@ $code.=<<___; + .size ChaCha20_neon,.-ChaCha20_neon + ___ + { ++my @K = map("v$_.4s",(0..6)); + my ($T0,$T1,$T2,$T3,$T4,$T5)=@K; + my ($A0,$B0,$C0,$D0,$A1,$B1,$C1,$D1,$A2,$B2,$C2,$D2, +- $A3,$B3,$C3,$D3,$A4,$B4,$C4,$D4,$A5,$B5,$C5,$D5) = map("v$_.4s",(0..23)); ++ $A3,$B3,$C3,$D3,$A4,$B4,$C4,$D4,$A5,$B5,$C5,$D5) = map("v$_.4s",(8..31)); ++my $rot24 = @K[6]; ++my $ONE = "v7.4s"; ++ ++sub NEONROUND { ++my $odd = pop; ++my ($a,$b,$c,$d,$t)=@_; ++ ++ ( ++ "&add ('$a','$a','$b')", ++ "&eor ('$d','$d','$a')", ++ "&rev32_16 ('$d','$d')", # vrot ($d,16) ++ ++ "&add ('$c','$c','$d')", ++ "&eor ('$t','$b','$c')", ++ "&ushr ('$b','$t',20)", ++ "&sli ('$b','$t',12)", ++ ++ "&add ('$a','$a','$b')", ++ "&eor ('$d','$d','$a')", ++ "&tbl ('$d','{$d}','$rot24')", ++ ++ "&add ('$c','$c','$d')", ++ "&eor ('$t','$b','$c')", ++ "&ushr ('$b','$t',25)", ++ "&sli ('$b','$t',7)", ++ ++ "&ext ('$c','$c','$c',8)", ++ "&ext ('$d','$d','$d',$odd?4:12)", ++ "&ext ('$b','$b','$b',$odd?12:4)" ++ ); ++} + + $code.=<<___; + .type ChaCha20_512_neon,%function +@@ -716,6 +857,7 @@ ChaCha20_512_neon: + .L512_or_more_neon: + sub sp,sp,#128+64 + ++ eor $ONE,$ONE,$ONE + ldp @d[0],@d[1],[@x[0]] // load sigma + ld1 {@K[0]},[@x[0]],#16 + ldp @d[2],@d[3],[$key] // load key +@@ -723,8 +865,9 @@ ChaCha20_512_neon: + ld1 {@K[1],@K[2]},[$key] + ldp @d[6],@d[7],[$ctr] // load counter + ld1 {@K[3]},[$ctr] +- ld1 {$ONE},[@x[0]] +-#ifdef __ARMEB__ ++ ld1 {$ONE}[0],[@x[0]] ++ add $key,@x[0],#16 // .Lrot24 ++#ifdef __AARCH64EB__ + rev64 @K[0],@K[0] + ror @d[2],@d[2],#32 + ror @d[3],@d[3],#32 +@@ -791,9 +934,10 @@ ChaCha20_512_neon: + mov $C4,@K[2] + stp @K[3],@K[4],[sp,#48] // off-load key block, variable part + mov $C5,@K[2] +- str @K[5],[sp,#80] ++ stp @K[5],@K[6],[sp,#80] + + mov $ctr,#5 ++ ld1 {$rot24},[$key] + subs $len,$len,#512 + .Loop_upper_neon: + sub $ctr,$ctr,#1 +@@ -866,7 +1010,7 @@ $code.=<<___; + add @x[14],@x[14],@x[15],lsl#32 + ldp @x[13],@x[15],[$inp,#48] + add $inp,$inp,#64 +-#ifdef __ARMEB__ ++#ifdef __AARCH64EB__ + rev @x[0],@x[0] + rev @x[2],@x[2] + rev @x[4],@x[4] +@@ -955,6 +1099,7 @@ $code.=<<___; + add.32 @x[2],@x[2],@d[1] + ldp @K[4],@K[5],[sp,#64] + add @x[3],@x[3],@d[1],lsr#32 ++ ldr @K[6],[sp,#96] + add $A0,$A0,@K[0] + add.32 @x[4],@x[4],@d[2] + add $A1,$A1,@K[0] +@@ -1007,7 +1152,7 @@ $code.=<<___; + add $inp,$inp,#64 + add $B5,$B5,@K[1] + +-#ifdef __ARMEB__ ++#ifdef __AARCH64EB__ + rev @x[0],@x[0] + rev @x[2],@x[2] + rev @x[4],@x[4] +@@ -1085,26 +1230,26 @@ $code.=<<___; + b.hs .Loop_outer_512_neon + + adds $len,$len,#512 +- ushr $A0,$ONE,#2 // 4 -> 1 ++ ushr $ONE,$ONE,#1 // 4 -> 2 + +- ldp d8,d9,[sp,#128+0] // meet ABI requirements + ldp d10,d11,[sp,#128+16] + ldp d12,d13,[sp,#128+32] + ldp d14,d15,[sp,#128+48] + +- stp @K[0],$ONE,[sp,#0] // wipe off-load area +- stp @K[0],$ONE,[sp,#32] +- stp @K[0],$ONE,[sp,#64] ++ stp @K[0],@K[0],[sp,#0] // wipe off-load area ++ stp @K[0],@K[0],[sp,#32] ++ stp @K[0],@K[0],[sp,#64] + + b.eq .Ldone_512_neon + ++ sub $key,$key,#16 // .Lone + cmp $len,#192 +- sub @K[3],@K[3],$A0 // -= 1 +- sub @K[4],@K[4],$A0 +- sub @K[5],@K[5],$A0 + add sp,sp,#128 ++ sub @K[3],@K[3],$ONE // -= 2 ++ ld1 {$CTR,$ROT24},[$key] + b.hs .Loop_outer_neon + ++ ldp d8,d9,[sp,#0] // meet ABI requirements + eor @K[1],@K[1],@K[1] + eor @K[2],@K[2],@K[2] + eor @K[3],@K[3],@K[3] +@@ -1114,6 +1259,7 @@ $code.=<<___; + b .Loop_outer + + .Ldone_512_neon: ++ ldp d8,d9,[sp,#128+0] // meet ABI requirements + ldp x19,x20,[x29,#16] + add sp,sp,#128+64 + ldp x21,x22,[x29,#32] +@@ -1132,9 +1278,11 @@ foreach (split("\n",$code)) { + s/\`([^\`]*)\`/eval $1/geo; + + (s/\b([a-z]+)\.32\b/$1/ and (s/x([0-9]+)/w$1/g or 1)) or +- (m/\b(eor|ext|mov)\b/ and (s/\.4s/\.16b/g or 1)) or ++ (m/\b(eor|ext|mov|tbl)\b/ and (s/\.4s/\.16b/g or 1)) or + (s/\b((?:ld|st)1)\.8\b/$1/ and (s/\.4s/\.16b/g or 1)) or + (m/\b(ld|st)[rp]\b/ and (s/v([0-9]+)\.4s/q$1/g or 1)) or ++ (m/\b(dup|ld1)\b/ and (s/\.4(s}?\[[0-3]\])/.$1/g or 1)) or ++ (s/\b(zip[12])\.64\b/$1/ and (s/\.4s/\.2d/g or 1)) or + (s/\brev32\.16\b/rev32/ and (s/\.4s/\.8h/g or 1)); + + #s/\bq([0-9]+)#(lo|hi)/sprintf "d%d",2*$1+($2 eq "hi")/geo; +diff -up openssl-1.1.1c/crypto/modes/asm/ghashv8-armx.pl.arm-update openssl-1.1.1c/crypto/modes/asm/ghashv8-armx.pl +--- openssl-1.1.1c/crypto/modes/asm/ghashv8-armx.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/crypto/modes/asm/ghashv8-armx.pl 2019-11-20 11:36:22.389506155 +0100 +@@ -42,6 +42,7 @@ + # Denver 0.51 0.65 6.02 + # Mongoose 0.65 1.10 8.06 + # Kryo 0.76 1.16 8.00 ++# ThunderX2 1.05 + # + # (*) presented for reference/comparison purposes; + +diff -up openssl-1.1.1c/crypto/poly1305/asm/poly1305-armv8.pl.arm-update openssl-1.1.1c/crypto/poly1305/asm/poly1305-armv8.pl +--- openssl-1.1.1c/crypto/poly1305/asm/poly1305-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/crypto/poly1305/asm/poly1305-armv8.pl 2019-11-20 11:36:22.390506137 +0100 +@@ -29,6 +29,7 @@ + # X-Gene 2.13/+68% 2.27 + # Mongoose 1.77/+75% 1.12 + # Kryo 2.70/+55% 1.13 ++# ThunderX2 1.17/+95% 1.36 + # + # (*) estimate based on resources availability is less than 1.0, + # i.e. measured result is worse than expected, presumably binary +diff -up openssl-1.1.1c/crypto/sha/asm/keccak1600-armv8.pl.arm-update openssl-1.1.1c/crypto/sha/asm/keccak1600-armv8.pl +--- openssl-1.1.1c/crypto/sha/asm/keccak1600-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/crypto/sha/asm/keccak1600-armv8.pl 2019-11-20 11:36:22.390506137 +0100 +@@ -51,6 +51,7 @@ + # Kryo 12 + # Denver 7.8 + # Apple A7 7.2 ++# ThunderX2 9.7 + # + # (*) Corresponds to SHA3-256. No improvement coefficients are listed + # because they vary too much from compiler to compiler. Newer +diff -up openssl-1.1.1c/crypto/sha/asm/sha1-armv8.pl.arm-update openssl-1.1.1c/crypto/sha/asm/sha1-armv8.pl +--- openssl-1.1.1c/crypto/sha/asm/sha1-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/crypto/sha/asm/sha1-armv8.pl 2019-11-20 11:36:22.390506137 +0100 +@@ -27,6 +27,7 @@ + # X-Gene 8.80 (+200%) + # Mongoose 2.05 6.50 (+160%) + # Kryo 1.88 8.00 (+90%) ++# ThunderX2 2.64 6.36 (+150%) + # + # (*) Software results are presented mostly for reference purposes. + # (**) Keep in mind that Denver relies on binary translation, which +diff -up openssl-1.1.1c/crypto/sha/asm/sha512-armv8.pl.arm-update openssl-1.1.1c/crypto/sha/asm/sha512-armv8.pl +--- openssl-1.1.1c/crypto/sha/asm/sha512-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/crypto/sha/asm/sha512-armv8.pl 2019-11-20 11:36:22.390506137 +0100 +@@ -28,6 +28,7 @@ + # X-Gene 20.0 (+100%) 12.8 (+300%(***)) + # Mongoose 2.36 13.0 (+50%) 8.36 (+33%) + # Kryo 1.92 17.4 (+30%) 11.2 (+8%) ++# ThunderX2 2.54 13.2 (+40%) 8.40 (+18%) + # + # (*) Software SHA256 results are of lesser relevance, presented + # mostly for informational purposes. diff --git a/openssl-1.1.1-build.patch b/openssl-1.1.1-build.patch new file mode 100644 index 0000000..c0ef62b --- /dev/null +++ b/openssl-1.1.1-build.patch @@ -0,0 +1,40 @@ +diff -up openssl-1.1.1f/Configurations/10-main.conf.build openssl-1.1.1f/Configurations/10-main.conf +--- openssl-1.1.1f/Configurations/10-main.conf.build 2020-03-31 14:17:45.000000000 +0200 ++++ openssl-1.1.1f/Configurations/10-main.conf 2020-04-07 16:42:10.920546387 +0200 +@@ -678,6 +678,7 @@ my %targets = ( + cxxflags => add("-m64"), + lib_cppflags => add("-DL_ENDIAN"), + perlasm_scheme => "linux64le", ++ multilib => "64", + }, + + "linux-armv4" => { +@@ -718,6 +719,7 @@ my %targets = ( + "linux-aarch64" => { + inherit_from => [ "linux-generic64", asm("aarch64_asm") ], + perlasm_scheme => "linux64", ++ multilib => "64", + }, + "linux-arm64ilp32" => { # https://wiki.linaro.org/Platform/arm64-ilp32 + inherit_from => [ "linux-generic32", asm("aarch64_asm") ], +diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build openssl-1.1.1f/Configurations/unix-Makefile.tmpl +--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build 2020-04-07 16:42:10.920546387 +0200 ++++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-04-07 16:44:23.539142108 +0200 +@@ -823,7 +823,7 @@ uninstall_runtime_libs: + install_man_docs: + @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) + @$(ECHO) "*** Installing manpages" +- $(PERL) $(SRCDIR)/util/process_docs.pl \ ++ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \ + "--destdir=$(DESTDIR)$(MANDIR)" --type=man --suffix=$(MANSUFFIX) + + uninstall_man_docs: +@@ -835,7 +835,7 @@ uninstall_man_docs: + install_html_docs: + @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) + @$(ECHO) "*** Installing HTML manpages" +- $(PERL) $(SRCDIR)/util/process_docs.pl \ ++ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \ + "--destdir=$(DESTDIR)$(HTMLDIR)" --type=html + + uninstall_html_docs: diff --git a/openssl-1.1.1-conf-paths.patch b/openssl-1.1.1-conf-paths.patch new file mode 100644 index 0000000..819007b --- /dev/null +++ b/openssl-1.1.1-conf-paths.patch @@ -0,0 +1,56 @@ +diff -up openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths openssl-1.1.1-pre8/apps/CA.pl.in +--- openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths 2018-06-20 16:48:09.000000000 +0200 ++++ openssl-1.1.1-pre8/apps/CA.pl.in 2018-07-25 17:26:58.388624296 +0200 +@@ -33,7 +33,7 @@ my $X509 = "$openssl x509"; + my $PKCS12 = "$openssl pkcs12"; + + # default openssl.cnf file has setup as per the following +-my $CATOP = "./demoCA"; ++my $CATOP = "/etc/pki/CA"; + my $CAKEY = "cakey.pem"; + my $CAREQ = "careq.pem"; + my $CACERT = "cacert.pem"; +diff -up openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths openssl-1.1.1-pre8/apps/openssl.cnf +--- openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths 2018-07-25 17:26:58.378624057 +0200 ++++ openssl-1.1.1-pre8/apps/openssl.cnf 2018-07-27 13:20:08.198513471 +0200 +@@ -23,6 +23,22 @@ oid_section = new_oids + # (Alternatively, use a configuration file that has only + # X.509v3 extensions in its main [= default] section.) + ++# Load default TLS policy configuration ++ ++openssl_conf = default_modules ++ ++[ default_modules ] ++ ++ssl_conf = ssl_module ++ ++[ ssl_module ] ++ ++system_default = crypto_policy ++ ++[ crypto_policy ] ++ ++.include = /etc/crypto-policies/back-ends/opensslcnf.config ++ + [ new_oids ] + + # We can add new OIDs in here for use by 'ca', 'req' and 'ts'. +@@ -43,7 +59,7 @@ default_ca = CA_default # The default c + #################################################################### + [ CA_default ] + +-dir = ./demoCA # Where everything is kept ++dir = /etc/pki/CA # Where everything is kept + certs = $dir/certs # Where the issued certs are kept + crl_dir = $dir/crl # Where the issued crl are kept + database = $dir/index.txt # database index file. +@@ -329,7 +345,7 @@ default_tsa = tsa_config1 # the default + [ tsa_config1 ] + + # These are used by the TSA reply generation only. +-dir = ./demoCA # TSA root directory ++dir = /etc/pki/CA # TSA root directory + serial = $dir/tsaserial # The current serial number (mandatory) + crypto_device = builtin # OpenSSL engine to use for signing + signer_cert = $dir/tsacert.pem # The TSA signing certificate diff --git a/openssl-1.1.1-defaults.patch b/openssl-1.1.1-defaults.patch new file mode 100644 index 0000000..291ed88 --- /dev/null +++ b/openssl-1.1.1-defaults.patch @@ -0,0 +1,51 @@ +diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cnf +--- openssl-1.1.1a/apps/openssl.cnf.defaults 2018-11-20 14:35:37.000000000 +0100 ++++ openssl-1.1.1a/apps/openssl.cnf 2019-01-15 13:56:50.841719776 +0100 +@@ -74,7 +74,7 @@ cert_opt = ca_default # Certificate fi + + default_days = 365 # how long to certify for + default_crl_days= 30 # how long before next CRL +-default_md = default # use public key default MD ++default_md = sha256 # use SHA-256 by default + preserve = no # keep passed DN ordering + + # A few difference way of specifying how similar the request should look +@@ -106,6 +106,7 @@ emailAddress = optional + #################################################################### + [ req ] + default_bits = 2048 ++default_md = sha256 + default_keyfile = privkey.pem + distinguished_name = req_distinguished_name + attributes = req_attributes +@@ -128,17 +129,18 @@ string_mask = utf8only + + [ req_distinguished_name ] + countryName = Country Name (2 letter code) +-countryName_default = AU ++countryName_default = XX + countryName_min = 2 + countryName_max = 2 + + stateOrProvinceName = State or Province Name (full name) +-stateOrProvinceName_default = Some-State ++#stateOrProvinceName_default = Default Province + + localityName = Locality Name (eg, city) ++localityName_default = Default City + + 0.organizationName = Organization Name (eg, company) +-0.organizationName_default = Internet Widgits Pty Ltd ++0.organizationName_default = Default Company Ltd + + # we can do this but it is not needed normally :-) + #1.organizationName = Second Organization Name (eg, company) +@@ -147,7 +149,7 @@ localityName = Locality Name (eg, city + organizationalUnitName = Organizational Unit Name (eg, section) + #organizationalUnitName_default = + +-commonName = Common Name (e.g. server FQDN or YOUR name) ++commonName = Common Name (eg, your name or your server\'s hostname) + commonName_max = 64 + + emailAddress = Email Address diff --git a/openssl-1.1.1-disable-ssl3.patch b/openssl-1.1.1-disable-ssl3.patch new file mode 100644 index 0000000..fdec0a8 --- /dev/null +++ b/openssl-1.1.1-disable-ssl3.patch @@ -0,0 +1,91 @@ +diff -up openssl-1.1.1-pre8/apps/s_client.c.disable-ssl3 openssl-1.1.1-pre8/apps/s_client.c +--- openssl-1.1.1-pre8/apps/s_client.c.disable-ssl3 2018-07-16 18:08:20.000487628 +0200 ++++ openssl-1.1.1-pre8/apps/s_client.c 2018-07-16 18:16:40.070186323 +0200 +@@ -1681,6 +1681,9 @@ int s_client_main(int argc, char **argv) + if (sdebug) + ssl_ctx_security_debug(ctx, sdebug); + ++ if (min_version == SSL3_VERSION && max_version == SSL3_VERSION) ++ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3); ++ + if (!config_ctx(cctx, ssl_args, ctx)) + goto end; + +diff -up openssl-1.1.1-pre8/apps/s_server.c.disable-ssl3 openssl-1.1.1-pre8/apps/s_server.c +--- openssl-1.1.1-pre8/apps/s_server.c.disable-ssl3 2018-07-16 18:08:20.000487628 +0200 ++++ openssl-1.1.1-pre8/apps/s_server.c 2018-07-16 18:17:17.300055551 +0200 +@@ -1760,6 +1760,9 @@ int s_server_main(int argc, char *argv[] + if (sdebug) + ssl_ctx_security_debug(ctx, sdebug); + ++ if (min_version == SSL3_VERSION && max_version == SSL3_VERSION) ++ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3); ++ + if (!config_ctx(cctx, ssl_args, ctx)) + goto end; + +diff -up openssl-1.1.1-pre8/ssl/ssl_lib.c.disable-ssl3 openssl-1.1.1-pre8/ssl/ssl_lib.c +--- openssl-1.1.1-pre8/ssl/ssl_lib.c.disable-ssl3 2018-06-20 16:48:13.000000000 +0200 ++++ openssl-1.1.1-pre8/ssl/ssl_lib.c 2018-07-16 18:08:20.001487652 +0200 +@@ -3016,6 +3016,16 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m + */ + ret->options |= SSL_OP_NO_COMPRESSION | SSL_OP_ENABLE_MIDDLEBOX_COMPAT; + ++ if (meth->version != SSL3_VERSION) { ++ /* ++ * Disable SSLv3 by default. Applications can ++ * re-enable it by configuring ++ * SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3); ++ * or by using the SSL_CONF API. ++ */ ++ ret->options |= SSL_OP_NO_SSLv3; ++ } ++ + ret->ext.status_type = TLSEXT_STATUSTYPE_nothing; + + /* +diff -up openssl-1.1.1-pre8/test/ssl_test.c.disable-ssl3 openssl-1.1.1-pre8/test/ssl_test.c +--- openssl-1.1.1-pre8/test/ssl_test.c.disable-ssl3 2018-06-20 16:48:15.000000000 +0200 ++++ openssl-1.1.1-pre8/test/ssl_test.c 2018-07-16 18:18:34.806865121 +0200 +@@ -443,6 +443,7 @@ static int test_handshake(int idx) + SSL_TEST_SERVERNAME_CB_NONE) { + if (!TEST_ptr(server2_ctx = SSL_CTX_new(TLS_server_method()))) + goto err; ++ SSL_CTX_clear_options(server2_ctx, SSL_OP_NO_SSLv3); + if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, + TLS_MAX_VERSION))) + goto err; +@@ -464,6 +465,8 @@ static int test_handshake(int idx) + if (!TEST_ptr(resume_server_ctx) + || !TEST_ptr(resume_client_ctx)) + goto err; ++ SSL_CTX_clear_options(resume_server_ctx, SSL_OP_NO_SSLv3); ++ SSL_CTX_clear_options(resume_client_ctx, SSL_OP_NO_SSLv3); + } + } + +@@ -477,6 +480,9 @@ static int test_handshake(int idx) + || !TEST_int_gt(CONF_modules_load(conf, test_app, 0), 0)) + goto err; + ++ SSL_CTX_clear_options(server_ctx, SSL_OP_NO_SSLv3); ++ SSL_CTX_clear_options(client_ctx, SSL_OP_NO_SSLv3); ++ + if (!SSL_CTX_config(server_ctx, "server") + || !SSL_CTX_config(client_ctx, "client")) { + goto err; +diff -up openssl-1.1.1-pre8/test/ssltest_old.c.disable-ssl3 openssl-1.1.1-pre8/test/ssltest_old.c +--- openssl-1.1.1-pre8/test/ssltest_old.c.disable-ssl3 2018-06-20 16:48:15.000000000 +0200 ++++ openssl-1.1.1-pre8/test/ssltest_old.c 2018-07-16 18:08:20.002487676 +0200 +@@ -1358,6 +1358,11 @@ int main(int argc, char *argv[]) + ERR_print_errors(bio_err); + goto end; + } ++ ++ SSL_CTX_clear_options(c_ctx, SSL_OP_NO_SSLv3); ++ SSL_CTX_clear_options(s_ctx, SSL_OP_NO_SSLv3); ++ SSL_CTX_clear_options(s_ctx2, SSL_OP_NO_SSLv3); ++ + /* + * Since we will use low security ciphersuites and keys for testing set + * security level to zero by default. Tests can override this by adding diff --git a/openssl-1.1.1-ec-curves.patch b/openssl-1.1.1-ec-curves.patch new file mode 100644 index 0000000..a83a331 --- /dev/null +++ b/openssl-1.1.1-ec-curves.patch @@ -0,0 +1,210 @@ +diff -up openssl-1.1.1c/apps/speed.c.curves openssl-1.1.1c/apps/speed.c +--- openssl-1.1.1c/apps/speed.c.curves 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/apps/speed.c 2019-05-29 15:36:53.332224470 +0200 +@@ -490,90 +490,30 @@ static double rsa_results[RSA_NUM][2]; + #endif /* OPENSSL_NO_RSA */ + + enum { +- R_EC_P160, +- R_EC_P192, + R_EC_P224, + R_EC_P256, + R_EC_P384, + R_EC_P521, +-#ifndef OPENSSL_NO_EC2M +- R_EC_K163, +- R_EC_K233, +- R_EC_K283, +- R_EC_K409, +- R_EC_K571, +- R_EC_B163, +- R_EC_B233, +- R_EC_B283, +- R_EC_B409, +- R_EC_B571, +-#endif +- R_EC_BRP256R1, +- R_EC_BRP256T1, +- R_EC_BRP384R1, +- R_EC_BRP384T1, +- R_EC_BRP512R1, +- R_EC_BRP512T1, + R_EC_X25519, + R_EC_X448 + }; + + #ifndef OPENSSL_NO_EC + static OPT_PAIR ecdsa_choices[] = { +- {"ecdsap160", R_EC_P160}, +- {"ecdsap192", R_EC_P192}, + {"ecdsap224", R_EC_P224}, + {"ecdsap256", R_EC_P256}, + {"ecdsap384", R_EC_P384}, + {"ecdsap521", R_EC_P521}, +-# ifndef OPENSSL_NO_EC2M +- {"ecdsak163", R_EC_K163}, +- {"ecdsak233", R_EC_K233}, +- {"ecdsak283", R_EC_K283}, +- {"ecdsak409", R_EC_K409}, +- {"ecdsak571", R_EC_K571}, +- {"ecdsab163", R_EC_B163}, +- {"ecdsab233", R_EC_B233}, +- {"ecdsab283", R_EC_B283}, +- {"ecdsab409", R_EC_B409}, +- {"ecdsab571", R_EC_B571}, +-# endif +- {"ecdsabrp256r1", R_EC_BRP256R1}, +- {"ecdsabrp256t1", R_EC_BRP256T1}, +- {"ecdsabrp384r1", R_EC_BRP384R1}, +- {"ecdsabrp384t1", R_EC_BRP384T1}, +- {"ecdsabrp512r1", R_EC_BRP512R1}, +- {"ecdsabrp512t1", R_EC_BRP512T1} + }; + # define ECDSA_NUM OSSL_NELEM(ecdsa_choices) + + static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */ + + static const OPT_PAIR ecdh_choices[] = { +- {"ecdhp160", R_EC_P160}, +- {"ecdhp192", R_EC_P192}, + {"ecdhp224", R_EC_P224}, + {"ecdhp256", R_EC_P256}, + {"ecdhp384", R_EC_P384}, + {"ecdhp521", R_EC_P521}, +-# ifndef OPENSSL_NO_EC2M +- {"ecdhk163", R_EC_K163}, +- {"ecdhk233", R_EC_K233}, +- {"ecdhk283", R_EC_K283}, +- {"ecdhk409", R_EC_K409}, +- {"ecdhk571", R_EC_K571}, +- {"ecdhb163", R_EC_B163}, +- {"ecdhb233", R_EC_B233}, +- {"ecdhb283", R_EC_B283}, +- {"ecdhb409", R_EC_B409}, +- {"ecdhb571", R_EC_B571}, +-# endif +- {"ecdhbrp256r1", R_EC_BRP256R1}, +- {"ecdhbrp256t1", R_EC_BRP256T1}, +- {"ecdhbrp384r1", R_EC_BRP384R1}, +- {"ecdhbrp384t1", R_EC_BRP384T1}, +- {"ecdhbrp512r1", R_EC_BRP512R1}, +- {"ecdhbrp512t1", R_EC_BRP512T1}, + {"ecdhx25519", R_EC_X25519}, + {"ecdhx448", R_EC_X448} + }; +@@ -1504,31 +1444,10 @@ int speed_main(int argc, char **argv) + unsigned int bits; + } test_curves[] = { + /* Prime Curves */ +- {"secp160r1", NID_secp160r1, 160}, +- {"nistp192", NID_X9_62_prime192v1, 192}, + {"nistp224", NID_secp224r1, 224}, + {"nistp256", NID_X9_62_prime256v1, 256}, + {"nistp384", NID_secp384r1, 384}, + {"nistp521", NID_secp521r1, 521}, +-# ifndef OPENSSL_NO_EC2M +- /* Binary Curves */ +- {"nistk163", NID_sect163k1, 163}, +- {"nistk233", NID_sect233k1, 233}, +- {"nistk283", NID_sect283k1, 283}, +- {"nistk409", NID_sect409k1, 409}, +- {"nistk571", NID_sect571k1, 571}, +- {"nistb163", NID_sect163r2, 163}, +- {"nistb233", NID_sect233r1, 233}, +- {"nistb283", NID_sect283r1, 283}, +- {"nistb409", NID_sect409r1, 409}, +- {"nistb571", NID_sect571r1, 571}, +-# endif +- {"brainpoolP256r1", NID_brainpoolP256r1, 256}, +- {"brainpoolP256t1", NID_brainpoolP256t1, 256}, +- {"brainpoolP384r1", NID_brainpoolP384r1, 384}, +- {"brainpoolP384t1", NID_brainpoolP384t1, 384}, +- {"brainpoolP512r1", NID_brainpoolP512r1, 512}, +- {"brainpoolP512t1", NID_brainpoolP512t1, 512}, + /* Other and ECDH only ones */ + {"X25519", NID_X25519, 253}, + {"X448", NID_X448, 448} +@@ -2028,9 +1947,9 @@ int speed_main(int argc, char **argv) + # endif + + # ifndef OPENSSL_NO_EC +- ecdsa_c[R_EC_P160][0] = count / 1000; +- ecdsa_c[R_EC_P160][1] = count / 1000 / 2; +- for (i = R_EC_P192; i <= R_EC_P521; i++) { ++ ecdsa_c[R_EC_P224][0] = count / 1000; ++ ecdsa_c[R_EC_P224][1] = count / 1000 / 2; ++ for (i = R_EC_P256; i <= R_EC_P521; i++) { + ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2; + ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2; + if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0) +@@ -2042,7 +1961,7 @@ int speed_main(int argc, char **argv) + } + } + } +-# ifndef OPENSSL_NO_EC2M ++# if 0 + ecdsa_c[R_EC_K163][0] = count / 1000; + ecdsa_c[R_EC_K163][1] = count / 1000 / 2; + for (i = R_EC_K233; i <= R_EC_K571; i++) { +@@ -2073,8 +1992,8 @@ int speed_main(int argc, char **argv) + } + # endif + +- ecdh_c[R_EC_P160][0] = count / 1000; +- for (i = R_EC_P192; i <= R_EC_P521; i++) { ++ ecdh_c[R_EC_P224][0] = count / 1000; ++ for (i = R_EC_P256; i <= R_EC_P521; i++) { + ecdh_c[i][0] = ecdh_c[i - 1][0] / 2; + if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0) + ecdh_doit[i] = 0; +@@ -2084,7 +2003,7 @@ int speed_main(int argc, char **argv) + } + } + } +-# ifndef OPENSSL_NO_EC2M ++# if 0 + ecdh_c[R_EC_K163][0] = count / 1000; + for (i = R_EC_K233; i <= R_EC_K571; i++) { + ecdh_c[i][0] = ecdh_c[i - 1][0] / 2; +diff -up openssl-1.1.1c/crypto/ec/ecp_smpl.c.curves openssl-1.1.1c/crypto/ec/ecp_smpl.c +--- openssl-1.1.1c/crypto/ec/ecp_smpl.c.curves 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/crypto/ec/ecp_smpl.c 2019-05-29 15:30:09.071349520 +0200 +@@ -145,6 +145,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO + return 0; + } + ++ if (BN_num_bits(p) < 224) { ++ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD); ++ return 0; ++ } ++ + if (ctx == NULL) { + ctx = new_ctx = BN_CTX_new(); + if (ctx == NULL) +diff -up openssl-1.1.1c/test/ecdsatest.h.curves openssl-1.1.1c/test/ecdsatest.h +--- openssl-1.1.1c/test/ecdsatest.h.curves 2019-05-29 15:30:09.010350595 +0200 ++++ openssl-1.1.1c/test/ecdsatest.h 2019-05-29 15:41:24.586444294 +0200 +@@ -32,23 +32,6 @@ typedef struct { + } ecdsa_cavs_kat_t; + + static const ecdsa_cavs_kat_t ecdsa_cavs_kats[] = { +- /* prime KATs from X9.62 */ +- {NID_X9_62_prime192v1, NID_sha1, +- "616263", /* "abc" */ +- "1a8d598fc15bf0fd89030b5cb1111aeb92ae8baf5ea475fb", +- "0462b12d60690cdcf330babab6e69763b471f994dd702d16a563bf5ec08069705ffff65e" +- "5ca5c0d69716dfcb3474373902", +- "fa6de29746bbeb7f8bb1e761f85f7dfb2983169d82fa2f4e", +- "885052380ff147b734c330c43d39b2c4a89f29b0f749fead", +- "e9ecc78106def82bf1070cf1d4d804c3cb390046951df686"}, +- {NID_X9_62_prime239v1, NID_sha1, +- "616263", /* "abc" */ +- "7ef7c6fabefffdea864206e80b0b08a9331ed93e698561b64ca0f7777f3d", +- "045b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c707fd9f1ed2e" +- "65f09f6ce0893baf5e8e31e6ae82ea8c3592335be906d38dee", +- "656c7196bf87dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", +- "2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0", +- "2eeae988104e9c2234a3c2beb1f53bfa5dc11ff36a875d1e3ccb1f7e45cf"}, + /* prime KATs from NIST CAVP */ + {NID_secp224r1, NID_sha224, + "699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1" diff --git a/openssl-1.1.1-edk2-build.patch b/openssl-1.1.1-edk2-build.patch new file mode 100644 index 0000000..b13708e --- /dev/null +++ b/openssl-1.1.1-edk2-build.patch @@ -0,0 +1,57 @@ +diff -up openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build openssl-1.1.1g/crypto/evp/pkey_kdf.c +--- openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build 2020-05-18 12:55:53.299548432 +0200 ++++ openssl-1.1.1g/crypto/evp/pkey_kdf.c 2020-05-18 12:55:53.340548788 +0200 +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include "internal/numbers.h" + #include "crypto/evp.h" + + static int pkey_kdf_init(EVP_PKEY_CTX *ctx) +diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build openssl-1.1.1g/crypto/kdf/hkdf.c +--- openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build 2020-05-18 12:55:53.340548788 +0200 ++++ openssl-1.1.1g/crypto/kdf/hkdf.c 2020-05-18 12:57:18.648288904 +0200 +@@ -13,6 +13,7 @@ + #include + #include + #include ++#include "internal/numbers.h" + #include "internal/cryptlib.h" + #include "crypto/evp.h" + #include "kdf_local.h" +diff -up openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build openssl-1.1.1g/crypto/rand/rand_unix.c +--- openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build 2020-05-18 12:56:05.646655554 +0200 ++++ openssl-1.1.1g/crypto/rand/rand_unix.c 2020-05-18 12:58:51.088090896 +0200 +@@ -20,7 +20,7 @@ + #include "crypto/fips.h" + #include + #include "internal/dso.h" +-#ifdef __linux ++#if defined(__linux) && !defined(OPENSSL_SYS_UEFI) + # include + # include + # ifdef DEVRANDOM_WAIT +diff -up openssl-1.1.1g/include/crypto/fips.h.edk2-build openssl-1.1.1g/include/crypto/fips.h +--- openssl-1.1.1g/include/crypto/fips.h.edk2-build 2020-05-18 12:55:53.296548406 +0200 ++++ openssl-1.1.1g/include/crypto/fips.h 2020-05-18 12:55:53.340548788 +0200 +@@ -50,10 +50,6 @@ + #include + #include + +-#ifndef OPENSSL_FIPS +-# error FIPS is disabled. +-#endif +- + #ifdef OPENSSL_FIPS + + int FIPS_module_mode_set(int onoff); +@@ -97,4 +93,8 @@ void fips_set_selftest_fail(void); + + void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); + ++#else ++ ++# define fips_in_post() 0 ++ + #endif diff --git a/openssl-1.1.1-evp-kdf.patch b/openssl-1.1.1-evp-kdf.patch new file mode 100644 index 0000000..f1d7618 --- /dev/null +++ b/openssl-1.1.1-evp-kdf.patch @@ -0,0 +1,5238 @@ +diff -up openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf openssl-1.1.1e/crypto/err/openssl.txt +--- openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/err/openssl.txt 2020-03-19 16:04:11.299063517 +0100 +@@ -747,6 +747,9 @@ EVP_F_EVP_DIGESTINIT_EX:128:EVP_DigestIn + EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate + EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex + EVP_F_EVP_ENCRYPTUPDATE:167:EVP_EncryptUpdate ++EVP_F_EVP_KDF_CTRL:224:EVP_KDF_ctrl ++EVP_F_EVP_KDF_CTRL_STR:225:EVP_KDF_ctrl_str ++EVP_F_EVP_KDF_CTX_NEW_ID:226:EVP_KDF_CTX_new_id + EVP_F_EVP_MD_CTX_COPY_EX:110:EVP_MD_CTX_copy_ex + EVP_F_EVP_MD_SIZE:162:EVP_MD_size + EVP_F_EVP_OPENINIT:102:EVP_OpenInit +@@ -809,12 +812,31 @@ EVP_F_PKCS5_PBE_KEYIVGEN:117:PKCS5_PBE_k + EVP_F_PKCS5_V2_PBE_KEYIVGEN:118:PKCS5_v2_PBE_keyivgen + EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN:164:PKCS5_v2_PBKDF2_keyivgen + EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN:180:PKCS5_v2_scrypt_keyivgen ++EVP_F_PKEY_KDF_CTRL:227:pkey_kdf_ctrl + EVP_F_PKEY_SET_TYPE:158:pkey_set_type + EVP_F_RC2_MAGIC_TO_METH:109:rc2_magic_to_meth + EVP_F_RC5_CTRL:125:rc5_ctrl + EVP_F_R_32_12_16_INIT_KEY:242:r_32_12_16_init_key + EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_gcm_ctrl ++EVP_F_SCRYPT_ALG:228:scrypt_alg + EVP_F_UPDATE:173:update ++KDF_F_HKDF_EXTRACT:112:HKDF_Extract ++KDF_F_KDF_HKDF_DERIVE:113:kdf_hkdf_derive ++KDF_F_KDF_HKDF_NEW:114:kdf_hkdf_new ++KDF_F_KDF_HKDF_SIZE:115:kdf_hkdf_size ++KDF_F_KDF_MD2CTRL:116:kdf_md2ctrl ++KDF_F_KDF_PBKDF2_CTRL_STR:117:kdf_pbkdf2_ctrl_str ++KDF_F_KDF_PBKDF2_DERIVE:118:kdf_pbkdf2_derive ++KDF_F_KDF_PBKDF2_NEW:119:kdf_pbkdf2_new ++KDF_F_KDF_SCRYPT_CTRL_STR:120:kdf_scrypt_ctrl_str ++KDF_F_KDF_SCRYPT_CTRL_UINT32:121:kdf_scrypt_ctrl_uint32 ++KDF_F_KDF_SCRYPT_CTRL_UINT64:122:kdf_scrypt_ctrl_uint64 ++KDF_F_KDF_SCRYPT_DERIVE:123:kdf_scrypt_derive ++KDF_F_KDF_SCRYPT_NEW:124:kdf_scrypt_new ++KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str ++KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive ++KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new ++KDF_F_PBKDF2_SET_MEMBUF:128:pbkdf2_set_membuf + KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str + KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive + KDF_F_PKEY_HKDF_INIT:108:pkey_hkdf_init +@@ -826,6 +848,7 @@ KDF_F_PKEY_SCRYPT_SET_MEMBUF:107:pkey_sc + KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tls1_prf_ctrl_str + KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive + KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init ++KDF_F_SCRYPT_SET_MEMBUF:129:scrypt_set_membuf + KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg + OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object + OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid +@@ -2277,6 +2300,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only on + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\ + operation not supported for this keytype + EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized ++EVP_R_PARAMETER_TOO_LARGE:187:parameter too large + EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers + EVP_R_PBKDF2_ERROR:181:pbkdf2 error + EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\ +@@ -2313,6 +2337,7 @@ KDF_R_MISSING_SEED:106:missing seed + KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type + KDF_R_VALUE_ERROR:108:value error + KDF_R_VALUE_MISSING:102:value missing ++KDF_R_WRONG_OUTPUT_BUFFER_SIZE:112:wrong output buffer size + OBJ_R_OID_EXISTS:102:oid exists + OBJ_R_UNKNOWN_NID:101:unknown nid + OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error +diff -up openssl-1.1.1e/crypto/evp/build.info.evp-kdf openssl-1.1.1e/crypto/evp/build.info +--- openssl-1.1.1e/crypto/evp/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/build.info 2020-03-19 16:04:11.300063500 +0100 +@@ -9,7 +9,8 @@ SOURCE[../../libcrypto]=\ + p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ + bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ + c_allc.c c_alld.c evp_lib.c bio_ok.c \ +- evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \ ++ evp_pkey.c kdf_lib.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \ ++ pkey_kdf.c \ + e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \ + e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \ + e_chacha20_poly1305.c cmeth_lib.c +diff -up openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c +--- openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf 2020-03-19 16:04:11.300063500 +0100 ++++ openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c 2020-03-19 16:16:46.497967633 +0100 +@@ -14,9 +14,9 @@ + + # include + # include +-# include "evp_local.h" + # include "crypto/evp.h" + # include "crypto/chacha.h" ++# include "evp_local.h" + + typedef struct { + union { +diff -up openssl-1.1.1e/crypto/evp/encode.c.evp-kdf openssl-1.1.1e/crypto/evp/encode.c +--- openssl-1.1.1e/crypto/evp/encode.c.evp-kdf 2020-03-19 16:04:11.301063483 +0100 ++++ openssl-1.1.1e/crypto/evp/encode.c 2020-03-19 16:14:13.147628683 +0100 +@@ -11,8 +11,8 @@ + #include + #include "internal/cryptlib.h" + #include +-#include "evp_local.h" + #include "crypto/evp.h" ++#include "evp_local.h" + + static unsigned char conv_ascii2bin(unsigned char a, + const unsigned char *table); +diff -up openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1e/crypto/evp/evp_err.c +--- openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf 2020-03-19 16:04:11.218064919 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-19 16:04:11.302063465 +0100 +@@ -60,6 +60,9 @@ static const ERR_STRING_DATA EVP_str_fun + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, 0), + "EVP_EncryptFinal_ex"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTUPDATE, 0), "EVP_EncryptUpdate"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTRL, 0), "EVP_KDF_ctrl"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTRL_STR, 0), "EVP_KDF_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTX_NEW_ID, 0), "EVP_KDF_CTX_new_id"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_CTX_COPY_EX, 0), "EVP_MD_CTX_copy_ex"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_SIZE, 0), "EVP_MD_size"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_OPENINIT, 0), "EVP_OpenInit"}, +@@ -151,12 +154,14 @@ static const ERR_STRING_DATA EVP_str_fun + "PKCS5_v2_PBKDF2_keyivgen"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, 0), + "PKCS5_v2_scrypt_keyivgen"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_KDF_CTRL, 0), "pkey_kdf_ctrl"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_SET_TYPE, 0), "pkey_set_type"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_RC2_MAGIC_TO_METH, 0), "rc2_magic_to_meth"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_RC5_CTRL, 0), "rc5_ctrl"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_R_32_12_16_INIT_KEY, 0), + "r_32_12_16_init_key"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_S390X_AES_GCM_CTRL, 0), "s390x_aes_gcm_ctrl"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_SCRYPT_ALG, 0), "scrypt_alg"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"}, + {0, NULL} + }; +@@ -241,6 +246,8 @@ static const ERR_STRING_DATA EVP_str_rea + "operation not supported for this keytype"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED), + "operaton not initialized"}, ++ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARAMETER_TOO_LARGE), ++ "parameter too large"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING), + "partially overlapping buffers"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"}, +diff -up openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf openssl-1.1.1e/crypto/evp/evp_local.h +--- openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf 2020-03-19 16:04:10.657074629 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_local.h 2020-03-19 16:04:20.722900404 +0100 +@@ -41,6 +41,11 @@ struct evp_cipher_ctx_st { + unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */ + } /* EVP_CIPHER_CTX */ ; + ++struct evp_kdf_ctx_st { ++ const EVP_KDF_METHOD *kmeth; ++ EVP_KDF_IMPL *impl; /* Algorithm-specific data */ ++} /* EVP_KDF_CTX */ ; ++ + int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, + int passlen, ASN1_TYPE *param, + const EVP_CIPHER *c, const EVP_MD *md, +diff -up openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf openssl-1.1.1e/crypto/evp/evp_pbe.c +--- openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf 2020-03-19 16:04:20.723900386 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_pbe.c 2020-03-19 16:11:56.425001210 +0100 +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include "crypto/evp.h" + #include "evp_local.h" + + /* Password based encryption (PBE) functions */ +diff -up openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1e/crypto/evp/kdf_lib.c +--- openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf 2020-03-19 16:04:20.723900386 +0100 ++++ openssl-1.1.1e/crypto/evp/kdf_lib.c 2020-03-19 16:04:20.723900386 +0100 +@@ -0,0 +1,165 @@ ++/* ++ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include "internal/cryptlib.h" ++#include ++#include ++#include ++#include ++#include "crypto/asn1.h" ++#include "crypto/evp.h" ++#include "internal/numbers.h" ++#include "evp_local.h" ++ ++typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); ++ ++/* This array needs to be in order of NIDs */ ++static const EVP_KDF_METHOD *standard_methods[] = { ++ &pbkdf2_kdf_meth, ++#ifndef OPENSSL_NO_SCRYPT ++ &scrypt_kdf_meth, ++#endif ++ &tls1_prf_kdf_meth, ++ &hkdf_kdf_meth ++}; ++ ++DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, ++ kmeth); ++ ++static int kmeth_cmp(const EVP_KDF_METHOD *const *a, ++ const EVP_KDF_METHOD *const *b) ++{ ++ return ((*a)->type - (*b)->type); ++} ++ ++IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, ++ kmeth); ++ ++static const EVP_KDF_METHOD *kdf_meth_find(int type) ++{ ++ EVP_KDF_METHOD tmp; ++ const EVP_KDF_METHOD *t = &tmp, **ret; ++ ++ tmp.type = type; ++ ret = OBJ_bsearch_kmeth(&t, standard_methods, ++ OSSL_NELEM(standard_methods)); ++ if (ret == NULL || *ret == NULL) ++ return NULL; ++ ++ return *ret; ++} ++ ++EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id) ++{ ++ EVP_KDF_CTX *ret; ++ const EVP_KDF_METHOD *kmeth; ++ ++ kmeth = kdf_meth_find(id); ++ if (kmeth == NULL) { ++ EVPerr(EVP_F_EVP_KDF_CTX_NEW_ID, EVP_R_UNSUPPORTED_ALGORITHM); ++ return NULL; ++ } ++ ++ ret = OPENSSL_zalloc(sizeof(*ret)); ++ if (ret == NULL) { ++ EVPerr(EVP_F_EVP_KDF_CTX_NEW_ID, ERR_R_MALLOC_FAILURE); ++ return NULL; ++ } ++ ++ if (kmeth->new != NULL && (ret->impl = kmeth->new()) == NULL) { ++ EVP_KDF_CTX_free(ret); ++ return NULL; ++ } ++ ++ ret->kmeth = kmeth; ++ return ret; ++} ++ ++void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx) ++{ ++ if (ctx == NULL) ++ return; ++ ++ ctx->kmeth->free(ctx->impl); ++ OPENSSL_free(ctx); ++} ++ ++void EVP_KDF_reset(EVP_KDF_CTX *ctx) ++{ ++ if (ctx == NULL) ++ return; ++ ++ if (ctx->kmeth->reset != NULL) ++ ctx->kmeth->reset(ctx->impl); ++} ++ ++int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...) ++{ ++ int ret; ++ va_list args; ++ ++ va_start(args, cmd); ++ ret = EVP_KDF_vctrl(ctx, cmd, args); ++ va_end(args); ++ ++ if (ret == -2) ++ EVPerr(EVP_F_EVP_KDF_CTRL, EVP_R_COMMAND_NOT_SUPPORTED); ++ ++ return ret; ++} ++ ++int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args) ++{ ++ if (ctx == NULL) ++ return 0; ++ ++ return ctx->kmeth->ctrl(ctx->impl, cmd, args); ++} ++ ++int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value) ++{ ++ int ret; ++ ++ if (ctx == NULL) ++ return 0; ++ ++ if (ctx->kmeth->ctrl_str == NULL) { ++ EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED); ++ return -2; ++ } ++ ++ ret = ctx->kmeth->ctrl_str(ctx->impl, type, value); ++ if (ret == -2) ++ EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED); ++ ++ return ret; ++} ++ ++size_t EVP_KDF_size(EVP_KDF_CTX *ctx) ++{ ++ if (ctx == NULL) ++ return 0; ++ ++ if (ctx->kmeth->size == NULL) ++ return SIZE_MAX; ++ ++ return ctx->kmeth->size(ctx->impl); ++} ++ ++int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen) ++{ ++ if (ctx == NULL) ++ return 0; ++ ++ return ctx->kmeth->derive(ctx->impl, key, keylen); ++} ++ +diff -up openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1e/crypto/evp/p5_crpt2.c +--- openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/p5_crpt2.c 2020-03-19 16:17:48.822886126 +0100 +@@ -1,5 +1,5 @@ + /* +- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy +@@ -10,105 +10,51 @@ + #include + #include + #include "internal/cryptlib.h" +-# include +-# include +-# include +-# include "evp_local.h" ++#include ++#include ++#include ++#include ++#include "crypto/evp.h" ++#include "evp_local.h" + + /* set this to print out info about the keygen algorithm */ + /* #define OPENSSL_DEBUG_PKCS5V2 */ + +-# ifdef OPENSSL_DEBUG_PKCS5V2 ++#ifdef OPENSSL_DEBUG_PKCS5V2 + static void h__dump(const unsigned char *p, int len); +-# endif +- +-/* +- * This is an implementation of PKCS#5 v2.0 password based encryption key +- * derivation function PBKDF2. SHA1 version verified against test vectors +- * posted by Peter Gutmann to the PKCS-TNG mailing list. +- */ ++#endif + + int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, + const unsigned char *salt, int saltlen, int iter, + const EVP_MD *digest, int keylen, unsigned char *out) + { + const char *empty = ""; +- unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; +- int cplen, j, k, tkeylen, mdlen; +- unsigned long i = 1; +- HMAC_CTX *hctx_tpl = NULL, *hctx = NULL; +- +- mdlen = EVP_MD_size(digest); +- if (mdlen < 0) +- return 0; ++ int rv = 1; ++ EVP_KDF_CTX *kctx; + +- hctx_tpl = HMAC_CTX_new(); +- if (hctx_tpl == NULL) +- return 0; +- p = out; +- tkeylen = keylen; ++ /* Keep documented behaviour. */ + if (pass == NULL) { + pass = empty; + passlen = 0; + } else if (passlen == -1) { + passlen = strlen(pass); + } +- if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) { +- HMAC_CTX_free(hctx_tpl); +- return 0; +- } +- hctx = HMAC_CTX_new(); +- if (hctx == NULL) { +- HMAC_CTX_free(hctx_tpl); ++ if (salt == NULL && saltlen == 0) ++ salt = (unsigned char *)empty; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2); ++ if (kctx == NULL) + return 0; +- } +- while (tkeylen) { +- if (tkeylen > mdlen) +- cplen = mdlen; +- else +- cplen = tkeylen; +- /* +- * We are unlikely to ever use more than 256 blocks (5120 bits!) but +- * just in case... +- */ +- itmp[0] = (unsigned char)((i >> 24) & 0xff); +- itmp[1] = (unsigned char)((i >> 16) & 0xff); +- itmp[2] = (unsigned char)((i >> 8) & 0xff); +- itmp[3] = (unsigned char)(i & 0xff); +- if (!HMAC_CTX_copy(hctx, hctx_tpl)) { +- HMAC_CTX_free(hctx); +- HMAC_CTX_free(hctx_tpl); +- return 0; +- } +- if (!HMAC_Update(hctx, salt, saltlen) +- || !HMAC_Update(hctx, itmp, 4) +- || !HMAC_Final(hctx, digtmp, NULL)) { +- HMAC_CTX_free(hctx); +- HMAC_CTX_free(hctx_tpl); +- return 0; +- } +- memcpy(p, digtmp, cplen); +- for (j = 1; j < iter; j++) { +- if (!HMAC_CTX_copy(hctx, hctx_tpl)) { +- HMAC_CTX_free(hctx); +- HMAC_CTX_free(hctx_tpl); +- return 0; +- } +- if (!HMAC_Update(hctx, digtmp, mdlen) +- || !HMAC_Final(hctx, digtmp, NULL)) { +- HMAC_CTX_free(hctx); +- HMAC_CTX_free(hctx_tpl); +- return 0; +- } +- for (k = 0; k < cplen; k++) +- p[k] ^= digtmp[k]; +- } +- tkeylen -= cplen; +- i++; +- p += cplen; +- } +- HMAC_CTX_free(hctx); +- HMAC_CTX_free(hctx_tpl); ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, ++ salt, (size_t)saltlen) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, iter) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, digest) != 1 ++ || EVP_KDF_derive(kctx, out, keylen) != 1) ++ rv = 0; ++ ++ EVP_KDF_CTX_free(kctx); ++ + # ifdef OPENSSL_DEBUG_PKCS5V2 + fprintf(stderr, "Password:\n"); + h__dump(pass, passlen); +@@ -118,7 +64,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, + fprintf(stderr, "Key:\n"); + h__dump(out, keylen); + # endif +- return 1; ++ return rv; + } + + int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, +diff -up openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1e/crypto/evp/pbe_scrypt.c +--- openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/pbe_scrypt.c 2020-03-19 16:04:20.725900352 +0100 +@@ -7,135 +7,12 @@ + * https://www.openssl.org/source/license.html + */ + +-#include +-#include +-#include + #include + #include +-#include "internal/numbers.h" ++#include + + #ifndef OPENSSL_NO_SCRYPT + +-#define R(a,b) (((a) << (b)) | ((a) >> (32 - (b)))) +-static void salsa208_word_specification(uint32_t inout[16]) +-{ +- int i; +- uint32_t x[16]; +- memcpy(x, inout, sizeof(x)); +- for (i = 8; i > 0; i -= 2) { +- x[4] ^= R(x[0] + x[12], 7); +- x[8] ^= R(x[4] + x[0], 9); +- x[12] ^= R(x[8] + x[4], 13); +- x[0] ^= R(x[12] + x[8], 18); +- x[9] ^= R(x[5] + x[1], 7); +- x[13] ^= R(x[9] + x[5], 9); +- x[1] ^= R(x[13] + x[9], 13); +- x[5] ^= R(x[1] + x[13], 18); +- x[14] ^= R(x[10] + x[6], 7); +- x[2] ^= R(x[14] + x[10], 9); +- x[6] ^= R(x[2] + x[14], 13); +- x[10] ^= R(x[6] + x[2], 18); +- x[3] ^= R(x[15] + x[11], 7); +- x[7] ^= R(x[3] + x[15], 9); +- x[11] ^= R(x[7] + x[3], 13); +- x[15] ^= R(x[11] + x[7], 18); +- x[1] ^= R(x[0] + x[3], 7); +- x[2] ^= R(x[1] + x[0], 9); +- x[3] ^= R(x[2] + x[1], 13); +- x[0] ^= R(x[3] + x[2], 18); +- x[6] ^= R(x[5] + x[4], 7); +- x[7] ^= R(x[6] + x[5], 9); +- x[4] ^= R(x[7] + x[6], 13); +- x[5] ^= R(x[4] + x[7], 18); +- x[11] ^= R(x[10] + x[9], 7); +- x[8] ^= R(x[11] + x[10], 9); +- x[9] ^= R(x[8] + x[11], 13); +- x[10] ^= R(x[9] + x[8], 18); +- x[12] ^= R(x[15] + x[14], 7); +- x[13] ^= R(x[12] + x[15], 9); +- x[14] ^= R(x[13] + x[12], 13); +- x[15] ^= R(x[14] + x[13], 18); +- } +- for (i = 0; i < 16; ++i) +- inout[i] += x[i]; +- OPENSSL_cleanse(x, sizeof(x)); +-} +- +-static void scryptBlockMix(uint32_t *B_, uint32_t *B, uint64_t r) +-{ +- uint64_t i, j; +- uint32_t X[16], *pB; +- +- memcpy(X, B + (r * 2 - 1) * 16, sizeof(X)); +- pB = B; +- for (i = 0; i < r * 2; i++) { +- for (j = 0; j < 16; j++) +- X[j] ^= *pB++; +- salsa208_word_specification(X); +- memcpy(B_ + (i / 2 + (i & 1) * r) * 16, X, sizeof(X)); +- } +- OPENSSL_cleanse(X, sizeof(X)); +-} +- +-static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, +- uint32_t *X, uint32_t *T, uint32_t *V) +-{ +- unsigned char *pB; +- uint32_t *pV; +- uint64_t i, k; +- +- /* Convert from little endian input */ +- for (pV = V, i = 0, pB = B; i < 32 * r; i++, pV++) { +- *pV = *pB++; +- *pV |= *pB++ << 8; +- *pV |= *pB++ << 16; +- *pV |= (uint32_t)*pB++ << 24; +- } +- +- for (i = 1; i < N; i++, pV += 32 * r) +- scryptBlockMix(pV, pV - 32 * r, r); +- +- scryptBlockMix(X, V + (N - 1) * 32 * r, r); +- +- for (i = 0; i < N; i++) { +- uint32_t j; +- j = X[16 * (2 * r - 1)] % N; +- pV = V + 32 * r * j; +- for (k = 0; k < 32 * r; k++) +- T[k] = X[k] ^ *pV++; +- scryptBlockMix(X, T, r); +- } +- /* Convert output to little endian */ +- for (i = 0, pB = B; i < 32 * r; i++) { +- uint32_t xtmp = X[i]; +- *pB++ = xtmp & 0xff; +- *pB++ = (xtmp >> 8) & 0xff; +- *pB++ = (xtmp >> 16) & 0xff; +- *pB++ = (xtmp >> 24) & 0xff; +- } +-} +- +-#ifndef SIZE_MAX +-# define SIZE_MAX ((size_t)-1) +-#endif +- +-/* +- * Maximum power of two that will fit in uint64_t: this should work on +- * most (all?) platforms. +- */ +- +-#define LOG2_UINT64_MAX (sizeof(uint64_t) * 8 - 1) +- +-/* +- * Maximum value of p * r: +- * p <= ((2^32-1) * hLen) / MFLen => +- * p <= ((2^32-1) * 32) / (128 * r) => +- * p * r <= (2^30-1) +- * +- */ +- +-#define SCRYPT_PR_MAX ((1 << 30) - 1) +- + /* + * Maximum permitted memory allow this to be overridden with Configuration + * option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible. +@@ -160,107 +37,43 @@ int EVP_PBE_scrypt(const char *pass, siz + uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, + unsigned char *key, size_t keylen) + { +- int rv = 0; +- unsigned char *B; +- uint32_t *X, *V, *T; +- uint64_t i, Blen, Vlen; +- +- /* Sanity check parameters */ +- /* initial check, r,p must be non zero, N >= 2 and a power of 2 */ +- if (r == 0 || p == 0 || N < 2 || (N & (N - 1))) +- return 0; +- /* Check p * r < SCRYPT_PR_MAX avoiding overflow */ +- if (p > SCRYPT_PR_MAX / r) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); +- return 0; +- } +- +- /* +- * Need to check N: if 2^(128 * r / 8) overflows limit this is +- * automatically satisfied since N <= UINT64_MAX. +- */ +- +- if (16 * r <= LOG2_UINT64_MAX) { +- if (N >= (((uint64_t)1) << (16 * r))) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); +- return 0; +- } +- } ++ const char *empty = ""; ++ int rv = 1; ++ EVP_KDF_CTX *kctx; + +- /* Memory checks: check total allocated buffer size fits in uint64_t */ +- +- /* +- * B size in section 5 step 1.S +- * Note: we know p * 128 * r < UINT64_MAX because we already checked +- * p * r < SCRYPT_PR_MAX +- */ +- Blen = p * 128 * r; +- /* +- * Yet we pass it as integer to PKCS5_PBKDF2_HMAC... [This would +- * have to be revised when/if PKCS5_PBKDF2_HMAC accepts size_t.] +- */ +- if (Blen > INT_MAX) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ if (r > UINT32_MAX || p > UINT32_MAX) { ++ EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE); + return 0; + } + +- /* +- * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in uint64_t +- * This is combined size V, X and T (section 4) +- */ +- i = UINT64_MAX / (32 * sizeof(uint32_t)); +- if (N + 2 > i / r) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); +- return 0; ++ /* Maintain existing behaviour. */ ++ if (pass == NULL) { ++ pass = empty; ++ passlen = 0; + } +- Vlen = 32 * r * (N + 2) * sizeof(uint32_t); +- +- /* check total allocated size fits in uint64_t */ +- if (Blen > UINT64_MAX - Vlen) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); +- return 0; ++ if (salt == NULL) { ++ salt = (const unsigned char *)empty; ++ saltlen = 0; + } +- + if (maxmem == 0) + maxmem = SCRYPT_MAX_MEM; + +- /* Check that the maximum memory doesn't exceed a size_t limits */ +- if (maxmem > SIZE_MAX) +- maxmem = SIZE_MAX; +- +- if (Blen + Vlen > maxmem) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT); ++ if (kctx == NULL) + return 0; +- } + +- /* If no key return to indicate parameters are OK */ +- if (key == NULL) +- return 1; +- +- B = OPENSSL_malloc((size_t)(Blen + Vlen)); +- if (B == NULL) { +- EVPerr(EVP_F_EVP_PBE_SCRYPT, ERR_R_MALLOC_FAILURE); +- return 0; +- } +- X = (uint32_t *)(B + Blen); +- T = X + 32 * r; +- V = T + 32 * r; +- if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, EVP_sha256(), +- (int)Blen, B) == 0) +- goto err; +- +- for (i = 0; i < p; i++) +- scryptROMix(B + 128 * r * i, r, N, X, T, V); +- +- if (PKCS5_PBKDF2_HMAC(pass, passlen, B, (int)Blen, 1, EVP_sha256(), +- keylen, key) == 0) +- goto err; +- rv = 1; +- err: +- if (rv == 0) +- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PBKDF2_ERROR); ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, ++ salt, (size_t)saltlen) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, N) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)r) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)p) != 1 ++ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, maxmem) != 1 ++ || EVP_KDF_derive(kctx, key, keylen) != 1) ++ rv = 0; + +- OPENSSL_clear_free(B, (size_t)(Blen + Vlen)); ++ EVP_KDF_CTX_free(kctx); + return rv; + } ++ + #endif +diff -up openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1e/crypto/evp/pkey_kdf.c +--- openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf 2020-03-19 16:04:20.726900334 +0100 ++++ openssl-1.1.1e/crypto/evp/pkey_kdf.c 2020-03-19 16:04:20.725900352 +0100 +@@ -0,0 +1,255 @@ ++/* ++ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include ++#include "crypto/evp.h" ++ ++static int pkey_kdf_init(EVP_PKEY_CTX *ctx) ++{ ++ EVP_KDF_CTX *kctx; ++ ++ kctx = EVP_KDF_CTX_new_id(ctx->pmeth->pkey_id); ++ if (kctx == NULL) ++ return 0; ++ ++ ctx->data = kctx; ++ return 1; ++} ++ ++static void pkey_kdf_cleanup(EVP_PKEY_CTX *ctx) ++{ ++ EVP_KDF_CTX *kctx = ctx->data; ++ ++ EVP_KDF_CTX_free(kctx); ++} ++ ++static int pkey_kdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ++{ ++ EVP_KDF_CTX *kctx = ctx->data; ++ uint64_t u64_value; ++ int cmd; ++ int ret; ++ ++ switch (type) { ++ case EVP_PKEY_CTRL_PASS: ++ cmd = EVP_KDF_CTRL_SET_PASS; ++ break; ++ case EVP_PKEY_CTRL_HKDF_SALT: ++ case EVP_PKEY_CTRL_SCRYPT_SALT: ++ cmd = EVP_KDF_CTRL_SET_SALT; ++ break; ++ case EVP_PKEY_CTRL_TLS_MD: ++ case EVP_PKEY_CTRL_HKDF_MD: ++ cmd = EVP_KDF_CTRL_SET_MD; ++ break; ++ case EVP_PKEY_CTRL_TLS_SECRET: ++ cmd = EVP_KDF_CTRL_SET_TLS_SECRET; ++ ret = EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_RESET_TLS_SEED); ++ if (ret < 1) ++ return ret; ++ break; ++ case EVP_PKEY_CTRL_TLS_SEED: ++ cmd = EVP_KDF_CTRL_ADD_TLS_SEED; ++ break; ++ case EVP_PKEY_CTRL_HKDF_KEY: ++ cmd = EVP_KDF_CTRL_SET_KEY; ++ break; ++ case EVP_PKEY_CTRL_HKDF_INFO: ++ cmd = EVP_KDF_CTRL_ADD_HKDF_INFO; ++ break; ++ case EVP_PKEY_CTRL_HKDF_MODE: ++ cmd = EVP_KDF_CTRL_SET_HKDF_MODE; ++ break; ++ case EVP_PKEY_CTRL_SCRYPT_N: ++ cmd = EVP_KDF_CTRL_SET_SCRYPT_N; ++ break; ++ case EVP_PKEY_CTRL_SCRYPT_R: ++ cmd = EVP_KDF_CTRL_SET_SCRYPT_R; ++ break; ++ case EVP_PKEY_CTRL_SCRYPT_P: ++ cmd = EVP_KDF_CTRL_SET_SCRYPT_P; ++ break; ++ case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES: ++ cmd = EVP_KDF_CTRL_SET_MAXMEM_BYTES; ++ break; ++ default: ++ return -2; ++ } ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_PASS: ++ case EVP_KDF_CTRL_SET_SALT: ++ case EVP_KDF_CTRL_SET_KEY: ++ case EVP_KDF_CTRL_SET_TLS_SECRET: ++ case EVP_KDF_CTRL_ADD_TLS_SEED: ++ case EVP_KDF_CTRL_ADD_HKDF_INFO: ++ return EVP_KDF_ctrl(kctx, cmd, (const unsigned char *)p2, (size_t)p1); ++ ++ case EVP_KDF_CTRL_SET_MD: ++ return EVP_KDF_ctrl(kctx, cmd, (const EVP_MD *)p2); ++ ++ case EVP_KDF_CTRL_SET_HKDF_MODE: ++ return EVP_KDF_ctrl(kctx, cmd, (int)p1); ++ ++ case EVP_KDF_CTRL_SET_SCRYPT_R: ++ case EVP_KDF_CTRL_SET_SCRYPT_P: ++ u64_value = *(uint64_t *)p2; ++ if (u64_value > UINT32_MAX) { ++ EVPerr(EVP_F_PKEY_KDF_CTRL, EVP_R_PARAMETER_TOO_LARGE); ++ return 0; ++ } ++ ++ return EVP_KDF_ctrl(kctx, cmd, (uint32_t)u64_value); ++ ++ case EVP_KDF_CTRL_SET_SCRYPT_N: ++ case EVP_KDF_CTRL_SET_MAXMEM_BYTES: ++ return EVP_KDF_ctrl(kctx, cmd, *(uint64_t *)p2); ++ ++ default: ++ return 0; ++ } ++} ++ ++static int pkey_kdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, ++ const char *value) ++{ ++ EVP_KDF_CTX *kctx = ctx->data; ++ ++ if (strcmp(type, "md") == 0) ++ return EVP_KDF_ctrl_str(kctx, "digest", value); ++ return EVP_KDF_ctrl_str(kctx, type, value); ++} ++ ++static int pkey_kdf_derive_init(EVP_PKEY_CTX *ctx) ++{ ++ EVP_KDF_CTX *kctx = ctx->data; ++ ++ EVP_KDF_reset(kctx); ++ return 1; ++} ++ ++/* ++ * For fixed-output algorithms the keylen parameter is an "out" parameter ++ * otherwise it is an "in" parameter. ++ */ ++static int pkey_kdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, ++ size_t *keylen) ++{ ++ EVP_KDF_CTX *kctx = ctx->data; ++ size_t outlen = EVP_KDF_size(kctx); ++ ++ if (outlen == 0 || outlen == SIZE_MAX) { ++ /* Variable-output algorithm */ ++ if (key == NULL) ++ return 0; ++ } else { ++ /* Fixed-output algorithm */ ++ *keylen = outlen; ++ if (key == NULL) ++ return 1; ++ } ++ return EVP_KDF_derive(kctx, key, *keylen); ++} ++ ++#ifndef OPENSSL_NO_SCRYPT ++const EVP_PKEY_METHOD scrypt_pkey_meth = { ++ EVP_PKEY_SCRYPT, ++ 0, ++ pkey_kdf_init, ++ 0, ++ pkey_kdf_cleanup, ++ ++ 0, 0, ++ 0, 0, ++ ++ 0, ++ 0, ++ ++ 0, ++ 0, ++ ++ 0, 0, ++ ++ 0, 0, 0, 0, ++ ++ 0, 0, ++ ++ 0, 0, ++ ++ pkey_kdf_derive_init, ++ pkey_kdf_derive, ++ pkey_kdf_ctrl, ++ pkey_kdf_ctrl_str ++}; ++#endif ++ ++const EVP_PKEY_METHOD tls1_prf_pkey_meth = { ++ EVP_PKEY_TLS1_PRF, ++ EVP_PKEY_FLAG_FIPS, ++ pkey_kdf_init, ++ 0, ++ pkey_kdf_cleanup, ++ ++ 0, 0, ++ 0, 0, ++ ++ 0, ++ 0, ++ ++ 0, ++ 0, ++ ++ 0, 0, ++ ++ 0, 0, 0, 0, ++ ++ 0, 0, ++ ++ 0, 0, ++ ++ pkey_kdf_derive_init, ++ pkey_kdf_derive, ++ pkey_kdf_ctrl, ++ pkey_kdf_ctrl_str ++}; ++ ++const EVP_PKEY_METHOD hkdf_pkey_meth = { ++ EVP_PKEY_HKDF, ++ EVP_PKEY_FLAG_FIPS, ++ pkey_kdf_init, ++ 0, ++ pkey_kdf_cleanup, ++ ++ 0, 0, ++ 0, 0, ++ ++ 0, ++ 0, ++ ++ 0, ++ 0, ++ ++ 0, 0, ++ ++ 0, 0, 0, 0, ++ ++ 0, 0, ++ ++ 0, 0, ++ ++ pkey_kdf_derive_init, ++ pkey_kdf_derive, ++ pkey_kdf_ctrl, ++ pkey_kdf_ctrl_str ++}; ++ +diff -up openssl-1.1.1e/crypto/kdf/build.info.evp-kdf openssl-1.1.1e/crypto/kdf/build.info +--- openssl-1.1.1e/crypto/kdf/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/build.info 2020-03-19 16:04:32.347699194 +0100 +@@ -1,3 +1,3 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ +- tls1_prf.c kdf_err.c hkdf.c scrypt.c ++ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c +diff -up openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1e/crypto/kdf/hkdf.c +--- openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/hkdf.c 2020-03-19 16:06:59.757147720 +0100 +@@ -8,32 +8,33 @@ + */ + + #include ++#include + #include + #include + #include + #include + #include "internal/cryptlib.h" + #include "crypto/evp.h" ++#include "kdf_local.h" + + #define HKDF_MAXBUF 1024 + +-static unsigned char *HKDF(const EVP_MD *evp_md, +- const unsigned char *salt, size_t salt_len, +- const unsigned char *key, size_t key_len, +- const unsigned char *info, size_t info_len, +- unsigned char *okm, size_t okm_len); +- +-static unsigned char *HKDF_Extract(const EVP_MD *evp_md, +- const unsigned char *salt, size_t salt_len, +- const unsigned char *key, size_t key_len, +- unsigned char *prk, size_t *prk_len); +- +-static unsigned char *HKDF_Expand(const EVP_MD *evp_md, +- const unsigned char *prk, size_t prk_len, +- const unsigned char *info, size_t info_len, +- unsigned char *okm, size_t okm_len); ++static void kdf_hkdf_reset(EVP_KDF_IMPL *impl); ++static int HKDF(const EVP_MD *evp_md, ++ const unsigned char *salt, size_t salt_len, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *info, size_t info_len, ++ unsigned char *okm, size_t okm_len); ++static int HKDF_Extract(const EVP_MD *evp_md, ++ const unsigned char *salt, size_t salt_len, ++ const unsigned char *key, size_t key_len, ++ unsigned char *prk, size_t prk_len); ++static int HKDF_Expand(const EVP_MD *evp_md, ++ const unsigned char *prk, size_t prk_len, ++ const unsigned char *info, size_t info_len, ++ unsigned char *okm, size_t okm_len); + +-typedef struct { ++struct evp_kdf_impl_st { + int mode; + const EVP_MD *md; + unsigned char *salt; +@@ -42,230 +43,208 @@ typedef struct { + size_t key_len; + unsigned char info[HKDF_MAXBUF]; + size_t info_len; +-} HKDF_PKEY_CTX; ++}; + +-static int pkey_hkdf_init(EVP_PKEY_CTX *ctx) ++static EVP_KDF_IMPL *kdf_hkdf_new(void) + { +- HKDF_PKEY_CTX *kctx; +- +- if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL) { +- KDFerr(KDF_F_PKEY_HKDF_INIT, ERR_R_MALLOC_FAILURE); +- return 0; +- } ++ EVP_KDF_IMPL *impl; + +- ctx->data = kctx; ++ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) ++ KDFerr(KDF_F_KDF_HKDF_NEW, ERR_R_MALLOC_FAILURE); ++ return impl; ++} + +- return 1; ++static void kdf_hkdf_free(EVP_KDF_IMPL *impl) ++{ ++ kdf_hkdf_reset(impl); ++ OPENSSL_free(impl); + } + +-static void pkey_hkdf_cleanup(EVP_PKEY_CTX *ctx) ++static void kdf_hkdf_reset(EVP_KDF_IMPL *impl) + { +- HKDF_PKEY_CTX *kctx = ctx->data; +- OPENSSL_clear_free(kctx->salt, kctx->salt_len); +- OPENSSL_clear_free(kctx->key, kctx->key_len); +- OPENSSL_cleanse(kctx->info, kctx->info_len); +- OPENSSL_free(kctx); ++ OPENSSL_free(impl->salt); ++ OPENSSL_clear_free(impl->key, impl->key_len); ++ OPENSSL_cleanse(impl->info, impl->info_len); ++ memset(impl, 0, sizeof(*impl)); + } + +-static int pkey_hkdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ++static int kdf_hkdf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) + { +- HKDF_PKEY_CTX *kctx = ctx->data; ++ const unsigned char *p; ++ size_t len; ++ const EVP_MD *md; + +- switch (type) { +- case EVP_PKEY_CTRL_HKDF_MD: +- if (p2 == NULL) ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_MD: ++ md = va_arg(args, const EVP_MD *); ++ if (md == NULL) + return 0; + +- kctx->md = p2; ++ impl->md = md; + return 1; + +- case EVP_PKEY_CTRL_HKDF_MODE: +- kctx->mode = p1; ++ case EVP_KDF_CTRL_SET_HKDF_MODE: ++ impl->mode = va_arg(args, int); + return 1; + +- case EVP_PKEY_CTRL_HKDF_SALT: +- if (p1 == 0 || p2 == NULL) ++ case EVP_KDF_CTRL_SET_SALT: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ if (len == 0 || p == NULL) + return 1; + +- if (p1 < 0) ++ OPENSSL_free(impl->salt); ++ impl->salt = OPENSSL_memdup(p, len); ++ if (impl->salt == NULL) + return 0; + +- if (kctx->salt != NULL) +- OPENSSL_clear_free(kctx->salt, kctx->salt_len); +- +- kctx->salt = OPENSSL_memdup(p2, p1); +- if (kctx->salt == NULL) +- return 0; +- +- kctx->salt_len = p1; ++ impl->salt_len = len; + return 1; + +- case EVP_PKEY_CTRL_HKDF_KEY: +- if (p1 < 0) ++ case EVP_KDF_CTRL_SET_KEY: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(impl->key, impl->key_len); ++ impl->key = OPENSSL_memdup(p, len); ++ if (impl->key == NULL) + return 0; + +- if (kctx->key != NULL) +- OPENSSL_clear_free(kctx->key, kctx->key_len); +- +- kctx->key = OPENSSL_memdup(p2, p1); +- if (kctx->key == NULL) +- return 0; ++ impl->key_len = len; ++ return 1; + +- kctx->key_len = p1; ++ case EVP_KDF_CTRL_RESET_HKDF_INFO: ++ OPENSSL_cleanse(impl->info, impl->info_len); ++ impl->info_len = 0; + return 1; + +- case EVP_PKEY_CTRL_HKDF_INFO: +- if (p1 == 0 || p2 == NULL) ++ case EVP_KDF_CTRL_ADD_HKDF_INFO: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ if (len == 0 || p == NULL) + return 1; + +- if (p1 < 0 || p1 > (int)(HKDF_MAXBUF - kctx->info_len)) ++ if (len > (HKDF_MAXBUF - impl->info_len)) + return 0; + +- memcpy(kctx->info + kctx->info_len, p2, p1); +- kctx->info_len += p1; ++ memcpy(impl->info + impl->info_len, p, len); ++ impl->info_len += len; + return 1; + + default: + return -2; +- + } + } + +-static int pkey_hkdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, +- const char *value) ++static int kdf_hkdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, ++ const char *value) + { + if (strcmp(type, "mode") == 0) { + int mode; + + if (strcmp(value, "EXTRACT_AND_EXPAND") == 0) +- mode = EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND; ++ mode = EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND; + else if (strcmp(value, "EXTRACT_ONLY") == 0) +- mode = EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY; ++ mode = EVP_KDF_HKDF_MODE_EXTRACT_ONLY; + else if (strcmp(value, "EXPAND_ONLY") == 0) +- mode = EVP_PKEY_HKDEF_MODE_EXPAND_ONLY; ++ mode = EVP_KDF_HKDF_MODE_EXPAND_ONLY; + else + return 0; + +- return EVP_PKEY_CTX_hkdf_mode(ctx, mode); ++ return call_ctrl(kdf_hkdf_ctrl, impl, EVP_KDF_CTRL_SET_HKDF_MODE, mode); + } + +- if (strcmp(type, "md") == 0) +- return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_DERIVE, +- EVP_PKEY_CTRL_HKDF_MD, value); ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); + + if (strcmp(type, "salt") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, value); ++ return kdf_str2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_SALT, value); + + if (strcmp(type, "hexsalt") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, value); ++ return kdf_hex2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_SALT, value); + + if (strcmp(type, "key") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value); ++ return kdf_str2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_KEY, value); + + if (strcmp(type, "hexkey") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value); ++ return kdf_hex2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_KEY, value); + + if (strcmp(type, "info") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO, value); ++ return kdf_str2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_ADD_HKDF_INFO, ++ value); + + if (strcmp(type, "hexinfo") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO, value); ++ return kdf_hex2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_ADD_HKDF_INFO, ++ value); + +- KDFerr(KDF_F_PKEY_HKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); + return -2; + } + +-static int pkey_hkdf_derive_init(EVP_PKEY_CTX *ctx) ++static size_t kdf_hkdf_size(EVP_KDF_IMPL *impl) + { +- HKDF_PKEY_CTX *kctx = ctx->data; ++ if (impl->mode != EVP_KDF_HKDF_MODE_EXTRACT_ONLY) ++ return SIZE_MAX; + +- OPENSSL_clear_free(kctx->key, kctx->key_len); +- OPENSSL_clear_free(kctx->salt, kctx->salt_len); +- OPENSSL_cleanse(kctx->info, kctx->info_len); +- memset(kctx, 0, sizeof(*kctx)); +- +- return 1; ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_KDF_HKDF_SIZE, KDF_R_MISSING_MESSAGE_DIGEST); ++ return 0; ++ } ++ return EVP_MD_size(impl->md); + } + +-static int pkey_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, +- size_t *keylen) ++static int kdf_hkdf_derive(EVP_KDF_IMPL *impl, unsigned char *key, ++ size_t keylen) + { +- HKDF_PKEY_CTX *kctx = ctx->data; +- +- if (kctx->md == NULL) { +- KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_KDF_HKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); + return 0; + } +- if (kctx->key == NULL) { +- KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_KEY); ++ if (impl->key == NULL) { ++ KDFerr(KDF_F_KDF_HKDF_DERIVE, KDF_R_MISSING_KEY); + return 0; + } + +- switch (kctx->mode) { +- case EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: +- return HKDF(kctx->md, kctx->salt, kctx->salt_len, kctx->key, +- kctx->key_len, kctx->info, kctx->info_len, key, +- *keylen) != NULL; +- +- case EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: +- if (key == NULL) { +- *keylen = EVP_MD_size(kctx->md); +- return 1; +- } +- return HKDF_Extract(kctx->md, kctx->salt, kctx->salt_len, kctx->key, +- kctx->key_len, key, keylen) != NULL; +- +- case EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: +- return HKDF_Expand(kctx->md, kctx->key, kctx->key_len, kctx->info, +- kctx->info_len, key, *keylen) != NULL; ++ switch (impl->mode) { ++ case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND: ++ return HKDF(impl->md, impl->salt, impl->salt_len, impl->key, ++ impl->key_len, impl->info, impl->info_len, key, ++ keylen); ++ ++ case EVP_KDF_HKDF_MODE_EXTRACT_ONLY: ++ return HKDF_Extract(impl->md, impl->salt, impl->salt_len, impl->key, ++ impl->key_len, key, keylen); ++ ++ case EVP_KDF_HKDF_MODE_EXPAND_ONLY: ++ return HKDF_Expand(impl->md, impl->key, impl->key_len, impl->info, ++ impl->info_len, key, keylen); + + default: + return 0; + } + } + +-const EVP_PKEY_METHOD hkdf_pkey_meth = { +- EVP_PKEY_HKDF, +- 0, +- pkey_hkdf_init, +- 0, +- pkey_hkdf_cleanup, +- +- 0, 0, +- 0, 0, +- +- 0, +- 0, +- +- 0, +- 0, +- +- 0, 0, +- +- 0, 0, 0, 0, +- +- 0, 0, +- +- 0, 0, +- +- pkey_hkdf_derive_init, +- pkey_hkdf_derive, +- pkey_hkdf_ctrl, +- pkey_hkdf_ctrl_str ++const EVP_KDF_METHOD hkdf_kdf_meth = { ++ EVP_KDF_HKDF, ++ kdf_hkdf_new, ++ kdf_hkdf_free, ++ kdf_hkdf_reset, ++ kdf_hkdf_ctrl, ++ kdf_hkdf_ctrl_str, ++ kdf_hkdf_size, ++ kdf_hkdf_derive + }; + +-static unsigned char *HKDF(const EVP_MD *evp_md, +- const unsigned char *salt, size_t salt_len, +- const unsigned char *key, size_t key_len, +- const unsigned char *info, size_t info_len, +- unsigned char *okm, size_t okm_len) ++static int HKDF(const EVP_MD *evp_md, ++ const unsigned char *salt, size_t salt_len, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *info, size_t info_len, ++ unsigned char *okm, size_t okm_len) + { + unsigned char prk[EVP_MAX_MD_SIZE]; +- unsigned char *ret; +- size_t prk_len; ++ int ret; ++ size_t prk_len = EVP_MD_size(evp_md); + +- if (!HKDF_Extract(evp_md, salt, salt_len, key, key_len, prk, &prk_len)) +- return NULL; ++ if (!HKDF_Extract(evp_md, salt, salt_len, key, key_len, prk, prk_len)) ++ return 0; + + ret = HKDF_Expand(evp_md, prk, prk_len, info, info_len, okm, okm_len); + OPENSSL_cleanse(prk, sizeof(prk)); +@@ -273,43 +252,38 @@ static unsigned char *HKDF(const EVP_MD + return ret; + } + +-static unsigned char *HKDF_Extract(const EVP_MD *evp_md, +- const unsigned char *salt, size_t salt_len, +- const unsigned char *key, size_t key_len, +- unsigned char *prk, size_t *prk_len) ++static int HKDF_Extract(const EVP_MD *evp_md, ++ const unsigned char *salt, size_t salt_len, ++ const unsigned char *key, size_t key_len, ++ unsigned char *prk, size_t prk_len) + { +- unsigned int tmp_len; +- +- if (!HMAC(evp_md, salt, salt_len, key, key_len, prk, &tmp_len)) +- return NULL; +- +- *prk_len = tmp_len; +- return prk; ++ if (prk_len != (size_t)EVP_MD_size(evp_md)) { ++ KDFerr(KDF_F_HKDF_EXTRACT, KDF_R_WRONG_OUTPUT_BUFFER_SIZE); ++ return 0; ++ } ++ return HMAC(evp_md, salt, salt_len, key, key_len, prk, NULL) != NULL; + } + +-static unsigned char *HKDF_Expand(const EVP_MD *evp_md, +- const unsigned char *prk, size_t prk_len, +- const unsigned char *info, size_t info_len, +- unsigned char *okm, size_t okm_len) ++static int HKDF_Expand(const EVP_MD *evp_md, ++ const unsigned char *prk, size_t prk_len, ++ const unsigned char *info, size_t info_len, ++ unsigned char *okm, size_t okm_len) + { + HMAC_CTX *hmac; +- unsigned char *ret = NULL; +- ++ int ret = 0; + unsigned int i; +- + unsigned char prev[EVP_MAX_MD_SIZE]; +- + size_t done_len = 0, dig_len = EVP_MD_size(evp_md); +- + size_t n = okm_len / dig_len; ++ + if (okm_len % dig_len) + n++; + + if (n > 255 || okm == NULL) +- return NULL; ++ return 0; + + if ((hmac = HMAC_CTX_new()) == NULL) +- return NULL; ++ return 0; + + if (!HMAC_Init_ex(hmac, prk, prk_len, evp_md, NULL)) + goto err; +@@ -343,7 +317,7 @@ static unsigned char *HKDF_Expand(const + + done_len += copy_len; + } +- ret = okm; ++ ret = 1; + + err: + OPENSSL_cleanse(prev, sizeof(prev)); +diff -up openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_err.c +--- openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/kdf_err.c 2020-03-19 16:04:32.349699159 +0100 +@@ -1,6 +1,6 @@ + /* + * Generated by util/mkerr.pl DO NOT EDIT +- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy +@@ -14,6 +14,29 @@ + #ifndef OPENSSL_NO_ERR + + static const ERR_STRING_DATA KDF_str_functs[] = { ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_HKDF_EXTRACT, 0), "HKDF_Extract"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_DERIVE, 0), "kdf_hkdf_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_NEW, 0), "kdf_hkdf_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_SIZE, 0), "kdf_hkdf_size"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_MD2CTRL, 0), "kdf_md2ctrl"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_PBKDF2_CTRL_STR, 0), ++ "kdf_pbkdf2_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_PBKDF2_DERIVE, 0), "kdf_pbkdf2_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_PBKDF2_NEW, 0), "kdf_pbkdf2_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_CTRL_STR, 0), ++ "kdf_scrypt_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_CTRL_UINT32, 0), ++ "kdf_scrypt_ctrl_uint32"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_CTRL_UINT64, 0), ++ "kdf_scrypt_ctrl_uint64"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_DERIVE, 0), "kdf_scrypt_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_NEW, 0), "kdf_scrypt_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_CTRL_STR, 0), ++ "kdf_tls1_prf_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_DERIVE, 0), ++ "kdf_tls1_prf_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_NEW, 0), "kdf_tls1_prf_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_PBKDF2_SET_MEMBUF, 0), "pbkdf2_set_membuf"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"}, +@@ -30,6 +53,7 @@ static const ERR_STRING_DATA KDF_str_fun + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0), + "pkey_tls1_prf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_SCRYPT_SET_MEMBUF, 0), "scrypt_set_membuf"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "tls1_prf_alg"}, + {0, NULL} + }; +@@ -50,6 +74,8 @@ static const ERR_STRING_DATA KDF_str_rea + "unknown parameter type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_OUTPUT_BUFFER_SIZE), ++ "wrong output buffer size"}, + {0, NULL} + }; + +diff -up openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_local.h +--- openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf 2020-03-19 16:04:32.349699159 +0100 ++++ openssl-1.1.1e/crypto/kdf/kdf_local.h 2020-03-19 16:04:32.349699159 +0100 +@@ -0,0 +1,22 @@ ++/* ++ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++int call_ctrl(int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ EVP_KDF_IMPL *impl, int cmd, ...); ++int kdf_str2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *str); ++int kdf_hex2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *hex); ++int kdf_md2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *md_name); ++ +diff -up openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_util.c +--- openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf 2020-03-19 16:04:32.350699142 +0100 ++++ openssl-1.1.1e/crypto/kdf/kdf_util.c 2020-03-19 16:04:32.350699142 +0100 +@@ -0,0 +1,73 @@ ++/* ++ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "internal/numbers.h" ++#include "kdf_local.h" ++ ++int call_ctrl(int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ EVP_KDF_IMPL *impl, int cmd, ...) ++{ ++ int ret; ++ va_list args; ++ ++ va_start(args, cmd); ++ ret = ctrl(impl, cmd, args); ++ va_end(args); ++ ++ return ret; ++} ++ ++/* Utility functions to send a string or hex string to a ctrl */ ++ ++int kdf_str2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *str) ++{ ++ return call_ctrl(ctrl, impl, cmd, (const unsigned char *)str, strlen(str)); ++} ++ ++int kdf_hex2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *hex) ++{ ++ unsigned char *bin; ++ long binlen; ++ int ret = -1; ++ ++ bin = OPENSSL_hexstr2buf(hex, &binlen); ++ if (bin == NULL) ++ return 0; ++ ++ if (binlen <= INT_MAX) ++ ret = call_ctrl(ctrl, impl, cmd, bin, (size_t)binlen); ++ OPENSSL_free(bin); ++ return ret; ++} ++ ++/* Pass a message digest to a ctrl */ ++int kdf_md2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *md_name) ++{ ++ const EVP_MD *md; ++ ++ if (md_name == NULL || (md = EVP_get_digestbyname(md_name)) == NULL) { ++ KDFerr(KDF_F_KDF_MD2CTRL, KDF_R_INVALID_DIGEST); ++ return 0; ++ } ++ return call_ctrl(ctrl, impl, cmd, md); ++} ++ +diff -up openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1e/crypto/kdf/pbkdf2.c +--- openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf 2020-03-19 16:04:32.374698727 +0100 ++++ openssl-1.1.1e/crypto/kdf/pbkdf2.c 2020-03-19 16:04:32.374698727 +0100 +@@ -0,0 +1,264 @@ ++/* ++ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "kdf_local.h" ++ ++static void kdf_pbkdf2_reset(EVP_KDF_IMPL *impl); ++static void kdf_pbkdf2_init(EVP_KDF_IMPL *impl); ++static int pkcs5_pbkdf2_alg(const char *pass, size_t passlen, ++ const unsigned char *salt, int saltlen, int iter, ++ const EVP_MD *digest, unsigned char *key, ++ size_t keylen); ++ ++struct evp_kdf_impl_st { ++ unsigned char *pass; ++ size_t pass_len; ++ unsigned char *salt; ++ size_t salt_len; ++ int iter; ++ const EVP_MD *md; ++}; ++ ++static EVP_KDF_IMPL *kdf_pbkdf2_new(void) ++{ ++ EVP_KDF_IMPL *impl; ++ ++ impl = OPENSSL_zalloc(sizeof(*impl)); ++ if (impl == NULL) { ++ KDFerr(KDF_F_KDF_PBKDF2_NEW, ERR_R_MALLOC_FAILURE); ++ return NULL; ++ } ++ kdf_pbkdf2_init(impl); ++ return impl; ++} ++ ++static void kdf_pbkdf2_free(EVP_KDF_IMPL *impl) ++{ ++ kdf_pbkdf2_reset(impl); ++ OPENSSL_free(impl); ++} ++ ++static void kdf_pbkdf2_reset(EVP_KDF_IMPL *impl) ++{ ++ OPENSSL_free(impl->salt); ++ OPENSSL_clear_free(impl->pass, impl->pass_len); ++ memset(impl, 0, sizeof(*impl)); ++ kdf_pbkdf2_init(impl); ++} ++ ++static void kdf_pbkdf2_init(EVP_KDF_IMPL *impl) ++{ ++ impl->iter = PKCS5_DEFAULT_ITER; ++ impl->md = EVP_sha1(); ++} ++ ++static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen, ++ const unsigned char *new_buffer, ++ size_t new_buflen) ++{ ++ if (new_buffer == NULL) ++ return 1; ++ ++ OPENSSL_clear_free(*buffer, *buflen); ++ ++ if (new_buflen > 0) { ++ *buffer = OPENSSL_memdup(new_buffer, new_buflen); ++ } else { ++ *buffer = OPENSSL_malloc(1); ++ } ++ if (*buffer == NULL) { ++ KDFerr(KDF_F_PBKDF2_SET_MEMBUF, ERR_R_MALLOC_FAILURE); ++ return 0; ++ } ++ ++ *buflen = new_buflen; ++ return 1; ++} ++ ++static int kdf_pbkdf2_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) ++{ ++ int iter; ++ const unsigned char *p; ++ size_t len; ++ const EVP_MD *md; ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_PASS: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ return pbkdf2_set_membuf(&impl->pass, &impl->pass_len, p, len); ++ ++ case EVP_KDF_CTRL_SET_SALT: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ return pbkdf2_set_membuf(&impl->salt, &impl->salt_len, p, len); ++ ++ case EVP_KDF_CTRL_SET_ITER: ++ iter = va_arg(args, int); ++ if (iter < 1) ++ return 0; ++ ++ impl->iter = iter; ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_MD: ++ md = va_arg(args, const EVP_MD *); ++ if (md == NULL) ++ return 0; ++ ++ impl->md = md; ++ return 1; ++ ++ default: ++ return -2; ++ } ++} ++ ++static int kdf_pbkdf2_ctrl_str(EVP_KDF_IMPL *impl, const char *type, ++ const char *value) ++{ ++ if (value == NULL) { ++ KDFerr(KDF_F_KDF_PBKDF2_CTRL_STR, KDF_R_VALUE_MISSING); ++ return 0; ++ } ++ ++ if (strcmp(type, "pass") == 0) ++ return kdf_str2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_PASS, ++ value); ++ ++ if (strcmp(type, "hexpass") == 0) ++ return kdf_hex2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_PASS, ++ value); ++ ++ if (strcmp(type, "salt") == 0) ++ return kdf_str2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_SALT, ++ value); ++ ++ if (strcmp(type, "hexsalt") == 0) ++ return kdf_hex2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_SALT, ++ value); ++ ++ if (strcmp(type, "iter") == 0) ++ return call_ctrl(kdf_pbkdf2_ctrl, impl, EVP_KDF_CTRL_SET_ITER, ++ atoi(value)); ++ ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ ++ return -2; ++} ++ ++static int kdf_pbkdf2_derive(EVP_KDF_IMPL *impl, unsigned char *key, ++ size_t keylen) ++{ ++ if (impl->pass == NULL) { ++ KDFerr(KDF_F_KDF_PBKDF2_DERIVE, KDF_R_MISSING_PASS); ++ return 0; ++ } ++ ++ if (impl->salt == NULL) { ++ KDFerr(KDF_F_KDF_PBKDF2_DERIVE, KDF_R_MISSING_SALT); ++ return 0; ++ } ++ ++ return pkcs5_pbkdf2_alg((char *)impl->pass, impl->pass_len, ++ impl->salt, impl->salt_len, impl->iter, ++ impl->md, key, keylen); ++} ++ ++const EVP_KDF_METHOD pbkdf2_kdf_meth = { ++ EVP_KDF_PBKDF2, ++ kdf_pbkdf2_new, ++ kdf_pbkdf2_free, ++ kdf_pbkdf2_reset, ++ kdf_pbkdf2_ctrl, ++ kdf_pbkdf2_ctrl_str, ++ NULL, ++ kdf_pbkdf2_derive ++}; ++ ++/* ++ * This is an implementation of PKCS#5 v2.0 password based encryption key ++ * derivation function PBKDF2. SHA1 version verified against test vectors ++ * posted by Peter Gutmann to the PKCS-TNG mailing list. ++ */ ++ ++static int pkcs5_pbkdf2_alg(const char *pass, size_t passlen, ++ const unsigned char *salt, int saltlen, int iter, ++ const EVP_MD *digest, unsigned char *key, ++ size_t keylen) ++{ ++ int ret = 0; ++ unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; ++ int cplen, j, k, tkeylen, mdlen; ++ unsigned long i = 1; ++ HMAC_CTX *hctx_tpl = NULL, *hctx = NULL; ++ ++ mdlen = EVP_MD_size(digest); ++ if (mdlen < 0) ++ return 0; ++ ++ hctx_tpl = HMAC_CTX_new(); ++ if (hctx_tpl == NULL) ++ return 0; ++ p = key; ++ tkeylen = keylen; ++ if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) ++ goto err; ++ hctx = HMAC_CTX_new(); ++ if (hctx == NULL) ++ goto err; ++ while (tkeylen) { ++ if (tkeylen > mdlen) ++ cplen = mdlen; ++ else ++ cplen = tkeylen; ++ /* ++ * We are unlikely to ever use more than 256 blocks (5120 bits!) but ++ * just in case... ++ */ ++ itmp[0] = (unsigned char)((i >> 24) & 0xff); ++ itmp[1] = (unsigned char)((i >> 16) & 0xff); ++ itmp[2] = (unsigned char)((i >> 8) & 0xff); ++ itmp[3] = (unsigned char)(i & 0xff); ++ if (!HMAC_CTX_copy(hctx, hctx_tpl)) ++ goto err; ++ if (!HMAC_Update(hctx, salt, saltlen) ++ || !HMAC_Update(hctx, itmp, 4) ++ || !HMAC_Final(hctx, digtmp, NULL)) ++ goto err; ++ memcpy(p, digtmp, cplen); ++ for (j = 1; j < iter; j++) { ++ if (!HMAC_CTX_copy(hctx, hctx_tpl)) ++ goto err; ++ if (!HMAC_Update(hctx, digtmp, mdlen) ++ || !HMAC_Final(hctx, digtmp, NULL)) ++ goto err; ++ for (k = 0; k < cplen; k++) ++ p[k] ^= digtmp[k]; ++ } ++ tkeylen -= cplen; ++ i++; ++ p += cplen; ++ } ++ ret = 1; ++ ++err: ++ HMAC_CTX_free(hctx); ++ HMAC_CTX_free(hctx_tpl); ++ return ret; ++} +diff -up openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1e/crypto/kdf/scrypt.c +--- openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/scrypt.c 2020-03-19 16:11:06.215872475 +0100 +@@ -8,25 +8,35 @@ + */ + + #include ++#include + #include + #include + #include + #include +-#include "internal/cryptlib.h" ++#include + #include "crypto/evp.h" ++#include "internal/numbers.h" ++#include "kdf_local.h" + + #ifndef OPENSSL_NO_SCRYPT + ++static void kdf_scrypt_reset(EVP_KDF_IMPL *impl); ++static void kdf_scrypt_init(EVP_KDF_IMPL *impl); + static int atou64(const char *nptr, uint64_t *result); ++static int scrypt_alg(const char *pass, size_t passlen, ++ const unsigned char *salt, size_t saltlen, ++ uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, ++ unsigned char *key, size_t keylen); + +-typedef struct { ++struct evp_kdf_impl_st { + unsigned char *pass; + size_t pass_len; + unsigned char *salt; + size_t salt_len; +- uint64_t N, r, p; ++ uint64_t N; ++ uint32_t r, p; + uint64_t maxmem_bytes; +-} SCRYPT_PKEY_CTX; ++}; + + /* Custom uint64_t parser since we do not have strtoull */ + static int atou64(const char *nptr, uint64_t *result) +@@ -53,51 +63,53 @@ static int atou64(const char *nptr, uint + return 1; + } + +-static int pkey_scrypt_init(EVP_PKEY_CTX *ctx) ++static EVP_KDF_IMPL *kdf_scrypt_new(void) + { +- SCRYPT_PKEY_CTX *kctx; ++ EVP_KDF_IMPL *impl; + +- kctx = OPENSSL_zalloc(sizeof(*kctx)); +- if (kctx == NULL) { +- KDFerr(KDF_F_PKEY_SCRYPT_INIT, ERR_R_MALLOC_FAILURE); +- return 0; ++ impl = OPENSSL_zalloc(sizeof(*impl)); ++ if (impl == NULL) { ++ KDFerr(KDF_F_KDF_SCRYPT_NEW, ERR_R_MALLOC_FAILURE); ++ return NULL; + } ++ kdf_scrypt_init(impl); ++ return impl; ++} + +- /* Default values are the most conservative recommendation given in the +- * original paper of C. Percival. Derivation uses roughly 1 GiB of memory +- * for this parameter choice (approx. 128 * r * (N + p) bytes). +- */ +- kctx->N = 1 << 20; +- kctx->r = 8; +- kctx->p = 1; +- kctx->maxmem_bytes = 1025 * 1024 * 1024; +- +- ctx->data = kctx; +- +- return 1; ++static void kdf_scrypt_free(EVP_KDF_IMPL *impl) ++{ ++ kdf_scrypt_reset(impl); ++ OPENSSL_free(impl); + } + +-static void pkey_scrypt_cleanup(EVP_PKEY_CTX *ctx) ++static void kdf_scrypt_reset(EVP_KDF_IMPL *impl) + { +- SCRYPT_PKEY_CTX *kctx = ctx->data; ++ OPENSSL_free(impl->salt); ++ OPENSSL_clear_free(impl->pass, impl->pass_len); ++ memset(impl, 0, sizeof(*impl)); ++ kdf_scrypt_init(impl); ++} + +- OPENSSL_clear_free(kctx->salt, kctx->salt_len); +- OPENSSL_clear_free(kctx->pass, kctx->pass_len); +- OPENSSL_free(kctx); ++static void kdf_scrypt_init(EVP_KDF_IMPL *impl) ++{ ++ /* Default values are the most conservative recommendation given in the ++ * original paper of C. Percival. Derivation uses roughly 1 GiB of memory ++ * for this parameter choice (approx. 128 * r * N * p bytes). ++ */ ++ impl->N = 1 << 20; ++ impl->r = 8; ++ impl->p = 1; ++ impl->maxmem_bytes = 1025 * 1024 * 1024; + } + +-static int pkey_scrypt_set_membuf(unsigned char **buffer, size_t *buflen, +- const unsigned char *new_buffer, +- const int new_buflen) ++static int scrypt_set_membuf(unsigned char **buffer, size_t *buflen, ++ const unsigned char *new_buffer, ++ size_t new_buflen) + { + if (new_buffer == NULL) + return 1; + +- if (new_buflen < 0) +- return 0; +- +- if (*buffer != NULL) +- OPENSSL_clear_free(*buffer, *buflen); ++ OPENSSL_clear_free(*buffer, *buflen); + + if (new_buflen > 0) { + *buffer = OPENSSL_memdup(new_buffer, new_buflen); +@@ -105,7 +117,7 @@ static int pkey_scrypt_set_membuf(unsign + *buffer = OPENSSL_malloc(1); + } + if (*buffer == NULL) { +- KDFerr(KDF_F_PKEY_SCRYPT_SET_MEMBUF, ERR_R_MALLOC_FAILURE); ++ KDFerr(KDF_F_SCRYPT_SET_MEMBUF, ERR_R_MALLOC_FAILURE); + return 0; + } + +@@ -118,149 +130,378 @@ static int is_power_of_two(uint64_t valu + return (value != 0) && ((value & (value - 1)) == 0); + } + +-static int pkey_scrypt_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ++static int kdf_scrypt_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) + { +- SCRYPT_PKEY_CTX *kctx = ctx->data; + uint64_t u64_value; ++ uint32_t value; ++ const unsigned char *p; ++ size_t len; ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_PASS: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ return scrypt_set_membuf(&impl->pass, &impl->pass_len, p, len); ++ ++ case EVP_KDF_CTRL_SET_SALT: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ return scrypt_set_membuf(&impl->salt, &impl->salt_len, p, len); + +- switch (type) { +- case EVP_PKEY_CTRL_PASS: +- return pkey_scrypt_set_membuf(&kctx->pass, &kctx->pass_len, p2, p1); +- +- case EVP_PKEY_CTRL_SCRYPT_SALT: +- return pkey_scrypt_set_membuf(&kctx->salt, &kctx->salt_len, p2, p1); +- +- case EVP_PKEY_CTRL_SCRYPT_N: +- u64_value = *((uint64_t *)p2); ++ case EVP_KDF_CTRL_SET_SCRYPT_N: ++ u64_value = va_arg(args, uint64_t); + if ((u64_value <= 1) || !is_power_of_two(u64_value)) + return 0; +- kctx->N = u64_value; ++ ++ impl->N = u64_value; + return 1; + +- case EVP_PKEY_CTRL_SCRYPT_R: +- u64_value = *((uint64_t *)p2); +- if (u64_value < 1) ++ case EVP_KDF_CTRL_SET_SCRYPT_R: ++ value = va_arg(args, uint32_t); ++ if (value < 1) + return 0; +- kctx->r = u64_value; ++ ++ impl->r = value; + return 1; + +- case EVP_PKEY_CTRL_SCRYPT_P: +- u64_value = *((uint64_t *)p2); +- if (u64_value < 1) ++ case EVP_KDF_CTRL_SET_SCRYPT_P: ++ value = va_arg(args, uint32_t); ++ if (value < 1) + return 0; +- kctx->p = u64_value; ++ ++ impl->p = value; + return 1; + +- case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES: +- u64_value = *((uint64_t *)p2); ++ case EVP_KDF_CTRL_SET_MAXMEM_BYTES: ++ u64_value = va_arg(args, uint64_t); + if (u64_value < 1) + return 0; +- kctx->maxmem_bytes = u64_value; ++ ++ impl->maxmem_bytes = u64_value; + return 1; + + default: + return -2; ++ } ++} + ++static int kdf_scrypt_ctrl_uint32(EVP_KDF_IMPL *impl, int cmd, ++ const char *value) ++{ ++ int int_value = atoi(value); ++ ++ if (int_value < 0 || (uint64_t)int_value > UINT32_MAX) { ++ KDFerr(KDF_F_KDF_SCRYPT_CTRL_UINT32, KDF_R_VALUE_ERROR); ++ return 0; + } ++ return call_ctrl(kdf_scrypt_ctrl, impl, cmd, (uint32_t)int_value); + } + +-static int pkey_scrypt_ctrl_uint64(EVP_PKEY_CTX *ctx, int type, +- const char *value) ++static int kdf_scrypt_ctrl_uint64(EVP_KDF_IMPL *impl, int cmd, ++ const char *value) + { +- uint64_t int_value; ++ uint64_t u64_value; + +- if (!atou64(value, &int_value)) { +- KDFerr(KDF_F_PKEY_SCRYPT_CTRL_UINT64, KDF_R_VALUE_ERROR); ++ if (!atou64(value, &u64_value)) { ++ KDFerr(KDF_F_KDF_SCRYPT_CTRL_UINT64, KDF_R_VALUE_ERROR); + return 0; + } +- return pkey_scrypt_ctrl(ctx, type, 0, &int_value); ++ return call_ctrl(kdf_scrypt_ctrl, impl, cmd, u64_value); + } + +-static int pkey_scrypt_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, +- const char *value) ++static int kdf_scrypt_ctrl_str(EVP_KDF_IMPL *impl, const char *type, ++ const char *value) + { + if (value == NULL) { +- KDFerr(KDF_F_PKEY_SCRYPT_CTRL_STR, KDF_R_VALUE_MISSING); ++ KDFerr(KDF_F_KDF_SCRYPT_CTRL_STR, KDF_R_VALUE_MISSING); + return 0; + } + + if (strcmp(type, "pass") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_PASS, value); ++ return kdf_str2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_PASS, ++ value); + + if (strcmp(type, "hexpass") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_PASS, value); ++ return kdf_hex2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_PASS, ++ value); + + if (strcmp(type, "salt") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_SCRYPT_SALT, value); ++ return kdf_str2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_SALT, ++ value); + + if (strcmp(type, "hexsalt") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_SCRYPT_SALT, value); ++ return kdf_hex2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_SALT, ++ value); + + if (strcmp(type, "N") == 0) +- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_N, value); ++ return kdf_scrypt_ctrl_uint64(impl, EVP_KDF_CTRL_SET_SCRYPT_N, value); + + if (strcmp(type, "r") == 0) +- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_R, value); ++ return kdf_scrypt_ctrl_uint32(impl, EVP_KDF_CTRL_SET_SCRYPT_R, value); + + if (strcmp(type, "p") == 0) +- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_P, value); ++ return kdf_scrypt_ctrl_uint32(impl, EVP_KDF_CTRL_SET_SCRYPT_P, value); + + if (strcmp(type, "maxmem_bytes") == 0) +- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, +- value); ++ return kdf_scrypt_ctrl_uint64(impl, EVP_KDF_CTRL_SET_MAXMEM_BYTES, ++ value); + +- KDFerr(KDF_F_PKEY_SCRYPT_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); + return -2; + } + +-static int pkey_scrypt_derive(EVP_PKEY_CTX *ctx, unsigned char *key, +- size_t *keylen) ++static int kdf_scrypt_derive(EVP_KDF_IMPL *impl, unsigned char *key, ++ size_t keylen) + { +- SCRYPT_PKEY_CTX *kctx = ctx->data; +- +- if (kctx->pass == NULL) { +- KDFerr(KDF_F_PKEY_SCRYPT_DERIVE, KDF_R_MISSING_PASS); ++ if (impl->pass == NULL) { ++ KDFerr(KDF_F_KDF_SCRYPT_DERIVE, KDF_R_MISSING_PASS); + return 0; + } + +- if (kctx->salt == NULL) { +- KDFerr(KDF_F_PKEY_SCRYPT_DERIVE, KDF_R_MISSING_SALT); ++ if (impl->salt == NULL) { ++ KDFerr(KDF_F_KDF_SCRYPT_DERIVE, KDF_R_MISSING_SALT); + return 0; + } + +- return EVP_PBE_scrypt((char *)kctx->pass, kctx->pass_len, kctx->salt, +- kctx->salt_len, kctx->N, kctx->r, kctx->p, +- kctx->maxmem_bytes, key, *keylen); ++ return scrypt_alg((char *)impl->pass, impl->pass_len, impl->salt, ++ impl->salt_len, impl->N, impl->r, impl->p, ++ impl->maxmem_bytes, key, keylen); + } + +-const EVP_PKEY_METHOD scrypt_pkey_meth = { +- EVP_PKEY_SCRYPT, +- 0, +- pkey_scrypt_init, +- 0, +- pkey_scrypt_cleanup, ++const EVP_KDF_METHOD scrypt_kdf_meth = { ++ EVP_KDF_SCRYPT, ++ kdf_scrypt_new, ++ kdf_scrypt_free, ++ kdf_scrypt_reset, ++ kdf_scrypt_ctrl, ++ kdf_scrypt_ctrl_str, ++ NULL, ++ kdf_scrypt_derive ++}; + +- 0, 0, +- 0, 0, ++#define R(a,b) (((a) << (b)) | ((a) >> (32 - (b)))) ++static void salsa208_word_specification(uint32_t inout[16]) ++{ ++ int i; ++ uint32_t x[16]; + +- 0, +- 0, ++ memcpy(x, inout, sizeof(x)); ++ for (i = 8; i > 0; i -= 2) { ++ x[4] ^= R(x[0] + x[12], 7); ++ x[8] ^= R(x[4] + x[0], 9); ++ x[12] ^= R(x[8] + x[4], 13); ++ x[0] ^= R(x[12] + x[8], 18); ++ x[9] ^= R(x[5] + x[1], 7); ++ x[13] ^= R(x[9] + x[5], 9); ++ x[1] ^= R(x[13] + x[9], 13); ++ x[5] ^= R(x[1] + x[13], 18); ++ x[14] ^= R(x[10] + x[6], 7); ++ x[2] ^= R(x[14] + x[10], 9); ++ x[6] ^= R(x[2] + x[14], 13); ++ x[10] ^= R(x[6] + x[2], 18); ++ x[3] ^= R(x[15] + x[11], 7); ++ x[7] ^= R(x[3] + x[15], 9); ++ x[11] ^= R(x[7] + x[3], 13); ++ x[15] ^= R(x[11] + x[7], 18); ++ x[1] ^= R(x[0] + x[3], 7); ++ x[2] ^= R(x[1] + x[0], 9); ++ x[3] ^= R(x[2] + x[1], 13); ++ x[0] ^= R(x[3] + x[2], 18); ++ x[6] ^= R(x[5] + x[4], 7); ++ x[7] ^= R(x[6] + x[5], 9); ++ x[4] ^= R(x[7] + x[6], 13); ++ x[5] ^= R(x[4] + x[7], 18); ++ x[11] ^= R(x[10] + x[9], 7); ++ x[8] ^= R(x[11] + x[10], 9); ++ x[9] ^= R(x[8] + x[11], 13); ++ x[10] ^= R(x[9] + x[8], 18); ++ x[12] ^= R(x[15] + x[14], 7); ++ x[13] ^= R(x[12] + x[15], 9); ++ x[14] ^= R(x[13] + x[12], 13); ++ x[15] ^= R(x[14] + x[13], 18); ++ } ++ for (i = 0; i < 16; ++i) ++ inout[i] += x[i]; ++ OPENSSL_cleanse(x, sizeof(x)); ++} + +- 0, +- 0, ++static void scryptBlockMix(uint32_t *B_, uint32_t *B, uint64_t r) ++{ ++ uint64_t i, j; ++ uint32_t X[16], *pB; + +- 0, 0, ++ memcpy(X, B + (r * 2 - 1) * 16, sizeof(X)); ++ pB = B; ++ for (i = 0; i < r * 2; i++) { ++ for (j = 0; j < 16; j++) ++ X[j] ^= *pB++; ++ salsa208_word_specification(X); ++ memcpy(B_ + (i / 2 + (i & 1) * r) * 16, X, sizeof(X)); ++ } ++ OPENSSL_cleanse(X, sizeof(X)); ++} + +- 0, 0, 0, 0, ++static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, ++ uint32_t *X, uint32_t *T, uint32_t *V) ++{ ++ unsigned char *pB; ++ uint32_t *pV; ++ uint64_t i, k; ++ ++ /* Convert from little endian input */ ++ for (pV = V, i = 0, pB = B; i < 32 * r; i++, pV++) { ++ *pV = *pB++; ++ *pV |= *pB++ << 8; ++ *pV |= *pB++ << 16; ++ *pV |= (uint32_t)*pB++ << 24; ++ } + +- 0, 0, ++ for (i = 1; i < N; i++, pV += 32 * r) ++ scryptBlockMix(pV, pV - 32 * r, r); + +- 0, 0, ++ scryptBlockMix(X, V + (N - 1) * 32 * r, r); + +- 0, +- pkey_scrypt_derive, +- pkey_scrypt_ctrl, +- pkey_scrypt_ctrl_str +-}; ++ for (i = 0; i < N; i++) { ++ uint32_t j; ++ j = X[16 * (2 * r - 1)] % N; ++ pV = V + 32 * r * j; ++ for (k = 0; k < 32 * r; k++) ++ T[k] = X[k] ^ *pV++; ++ scryptBlockMix(X, T, r); ++ } ++ /* Convert output to little endian */ ++ for (i = 0, pB = B; i < 32 * r; i++) { ++ uint32_t xtmp = X[i]; ++ *pB++ = xtmp & 0xff; ++ *pB++ = (xtmp >> 8) & 0xff; ++ *pB++ = (xtmp >> 16) & 0xff; ++ *pB++ = (xtmp >> 24) & 0xff; ++ } ++} ++ ++#ifndef SIZE_MAX ++# define SIZE_MAX ((size_t)-1) ++#endif ++ ++/* ++ * Maximum power of two that will fit in uint64_t: this should work on ++ * most (all?) platforms. ++ */ ++ ++#define LOG2_UINT64_MAX (sizeof(uint64_t) * 8 - 1) ++ ++/* ++ * Maximum value of p * r: ++ * p <= ((2^32-1) * hLen) / MFLen => ++ * p <= ((2^32-1) * 32) / (128 * r) => ++ * p * r <= (2^30-1) ++ */ ++ ++#define SCRYPT_PR_MAX ((1 << 30) - 1) ++ ++static int scrypt_alg(const char *pass, size_t passlen, ++ const unsigned char *salt, size_t saltlen, ++ uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, ++ unsigned char *key, size_t keylen) ++{ ++ int rv = 0; ++ unsigned char *B; ++ uint32_t *X, *V, *T; ++ uint64_t i, Blen, Vlen; ++ ++ /* Sanity check parameters */ ++ /* initial check, r,p must be non zero, N >= 2 and a power of 2 */ ++ if (r == 0 || p == 0 || N < 2 || (N & (N - 1))) ++ return 0; ++ /* Check p * r < SCRYPT_PR_MAX avoiding overflow */ ++ if (p > SCRYPT_PR_MAX / r) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ ++ /* ++ * Need to check N: if 2^(128 * r / 8) overflows limit this is ++ * automatically satisfied since N <= UINT64_MAX. ++ */ ++ ++ if (16 * r <= LOG2_UINT64_MAX) { ++ if (N >= (((uint64_t)1) << (16 * r))) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ } ++ ++ /* Memory checks: check total allocated buffer size fits in uint64_t */ ++ ++ /* ++ * B size in section 5 step 1.S ++ * Note: we know p * 128 * r < UINT64_MAX because we already checked ++ * p * r < SCRYPT_PR_MAX ++ */ ++ Blen = p * 128 * r; ++ /* ++ * Yet we pass it as integer to PKCS5_PBKDF2_HMAC... [This would ++ * have to be revised when/if PKCS5_PBKDF2_HMAC accepts size_t.] ++ */ ++ if (Blen > INT_MAX) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ ++ /* ++ * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in uint64_t ++ * This is combined size V, X and T (section 4) ++ */ ++ i = UINT64_MAX / (32 * sizeof(uint32_t)); ++ if (N + 2 > i / r) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ Vlen = 32 * r * (N + 2) * sizeof(uint32_t); ++ ++ /* check total allocated size fits in uint64_t */ ++ if (Blen > UINT64_MAX - Vlen) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ ++ /* Check that the maximum memory doesn't exceed a size_t limits */ ++ if (maxmem > SIZE_MAX) ++ maxmem = SIZE_MAX; ++ ++ if (Blen + Vlen > maxmem) { ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); ++ return 0; ++ } ++ ++ /* If no key return to indicate parameters are OK */ ++ if (key == NULL) ++ return 1; ++ ++ B = OPENSSL_malloc((size_t)(Blen + Vlen)); ++ if (B == NULL) { ++ EVPerr(EVP_F_SCRYPT_ALG, ERR_R_MALLOC_FAILURE); ++ return 0; ++ } ++ X = (uint32_t *)(B + Blen); ++ T = X + 32 * r; ++ V = T + 32 * r; ++ if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, EVP_sha256(), ++ (int)Blen, B) == 0) ++ goto err; ++ ++ for (i = 0; i < p; i++) ++ scryptROMix(B + 128 * r * i, r, N, X, T, V); ++ ++ if (PKCS5_PBKDF2_HMAC(pass, passlen, B, (int)Blen, 1, EVP_sha256(), ++ keylen, key) == 0) ++ goto err; ++ rv = 1; ++ err: ++ if (rv == 0) ++ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_PBKDF2_ERROR); ++ ++ OPENSSL_clear_free(B, (size_t)(Blen + Vlen)); ++ return rv; ++} + + #endif +diff -up openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1e/crypto/kdf/tls1_prf.c +--- openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/tls1_prf.c 2020-03-19 16:10:32.317460707 +0100 +@@ -8,11 +8,15 @@ + */ + + #include ++#include ++#include + #include "internal/cryptlib.h" + #include + #include + #include "crypto/evp.h" ++#include "kdf_local.h" + ++static void kdf_tls1_prf_reset(EVP_KDF_IMPL *impl); + static int tls1_prf_alg(const EVP_MD *md, + const unsigned char *sec, size_t slen, + const unsigned char *seed, size_t seed_len, +@@ -20,9 +24,9 @@ static int tls1_prf_alg(const EVP_MD *md + + #define TLS1_PRF_MAXBUF 1024 + +-/* TLS KDF pkey context structure */ ++/* TLS KDF kdf context structure */ + +-typedef struct { ++struct evp_kdf_impl_st { + /* Digest to use for PRF */ + const EVP_MD *md; + /* Secret value to use for PRF */ +@@ -31,145 +35,137 @@ typedef struct { + /* Buffer of concatenated seed data */ + unsigned char seed[TLS1_PRF_MAXBUF]; + size_t seedlen; +-} TLS1_PRF_PKEY_CTX; ++}; + +-static int pkey_tls1_prf_init(EVP_PKEY_CTX *ctx) ++static EVP_KDF_IMPL *kdf_tls1_prf_new(void) + { +- TLS1_PRF_PKEY_CTX *kctx; ++ EVP_KDF_IMPL *impl; + +- if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_INIT, ERR_R_MALLOC_FAILURE); +- return 0; +- } +- ctx->data = kctx; ++ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) ++ KDFerr(KDF_F_KDF_TLS1_PRF_NEW, ERR_R_MALLOC_FAILURE); ++ return impl; ++} + +- return 1; ++static void kdf_tls1_prf_free(EVP_KDF_IMPL *impl) ++{ ++ kdf_tls1_prf_reset(impl); ++ OPENSSL_free(impl); + } + +-static void pkey_tls1_prf_cleanup(EVP_PKEY_CTX *ctx) ++static void kdf_tls1_prf_reset(EVP_KDF_IMPL *impl) + { +- TLS1_PRF_PKEY_CTX *kctx = ctx->data; +- OPENSSL_clear_free(kctx->sec, kctx->seclen); +- OPENSSL_cleanse(kctx->seed, kctx->seedlen); +- OPENSSL_free(kctx); ++ OPENSSL_clear_free(impl->sec, impl->seclen); ++ OPENSSL_cleanse(impl->seed, impl->seedlen); ++ memset(impl, 0, sizeof(*impl)); + } + +-static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ++static int kdf_tls1_prf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) + { +- TLS1_PRF_PKEY_CTX *kctx = ctx->data; +- switch (type) { +- case EVP_PKEY_CTRL_TLS_MD: +- kctx->md = p2; +- return 1; ++ const unsigned char *p; ++ size_t len; ++ const EVP_MD *md; + +- case EVP_PKEY_CTRL_TLS_SECRET: +- if (p1 < 0) ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_MD: ++ md = va_arg(args, const EVP_MD *); ++ if (md == NULL) + return 0; +- if (kctx->sec != NULL) +- OPENSSL_clear_free(kctx->sec, kctx->seclen); +- OPENSSL_cleanse(kctx->seed, kctx->seedlen); +- kctx->seedlen = 0; +- kctx->sec = OPENSSL_memdup(p2, p1); +- if (kctx->sec == NULL) ++ ++ impl->md = md; ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_TLS_SECRET: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(impl->sec, impl->seclen); ++ impl->sec = OPENSSL_memdup(p, len); ++ if (impl->sec == NULL) + return 0; +- kctx->seclen = p1; ++ ++ impl->seclen = len; ++ return 1; ++ ++ case EVP_KDF_CTRL_RESET_TLS_SEED: ++ OPENSSL_cleanse(impl->seed, impl->seedlen); ++ impl->seedlen = 0; + return 1; + +- case EVP_PKEY_CTRL_TLS_SEED: +- if (p1 == 0 || p2 == NULL) ++ case EVP_KDF_CTRL_ADD_TLS_SEED: ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ if (len == 0 || p == NULL) + return 1; +- if (p1 < 0 || p1 > (int)(TLS1_PRF_MAXBUF - kctx->seedlen)) ++ ++ if (len > (TLS1_PRF_MAXBUF - impl->seedlen)) + return 0; +- memcpy(kctx->seed + kctx->seedlen, p2, p1); +- kctx->seedlen += p1; ++ ++ memcpy(impl->seed + impl->seedlen, p, len); ++ impl->seedlen += len; + return 1; + + default: + return -2; +- + } + } + +-static int pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx, +- const char *type, const char *value) ++static int kdf_tls1_prf_ctrl_str(EVP_KDF_IMPL *impl, ++ const char *type, const char *value) + { + if (value == NULL) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_CTRL_STR, KDF_R_VALUE_MISSING); ++ KDFerr(KDF_F_KDF_TLS1_PRF_CTRL_STR, KDF_R_VALUE_MISSING); + return 0; + } +- if (strcmp(type, "md") == 0) { +- TLS1_PRF_PKEY_CTX *kctx = ctx->data; ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(impl, kdf_tls1_prf_ctrl, EVP_KDF_CTRL_SET_MD, value); + +- const EVP_MD *md = EVP_get_digestbyname(value); +- if (md == NULL) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_CTRL_STR, KDF_R_INVALID_DIGEST); +- return 0; +- } +- kctx->md = md; +- return 1; +- } + if (strcmp(type, "secret") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); ++ return kdf_str2ctrl(impl, kdf_tls1_prf_ctrl, ++ EVP_KDF_CTRL_SET_TLS_SECRET, value); ++ + if (strcmp(type, "hexsecret") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); ++ return kdf_hex2ctrl(impl, kdf_tls1_prf_ctrl, ++ EVP_KDF_CTRL_SET_TLS_SECRET, value); ++ + if (strcmp(type, "seed") == 0) +- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); ++ return kdf_str2ctrl(impl, kdf_tls1_prf_ctrl, EVP_KDF_CTRL_ADD_TLS_SEED, ++ value); ++ + if (strcmp(type, "hexseed") == 0) +- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); ++ return kdf_hex2ctrl(impl, kdf_tls1_prf_ctrl, EVP_KDF_CTRL_ADD_TLS_SEED, ++ value); + +- KDFerr(KDF_F_PKEY_TLS1_PRF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); + return -2; + } + +-static int pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, +- size_t *keylen) ++static int kdf_tls1_prf_derive(EVP_KDF_IMPL *impl, unsigned char *key, ++ size_t keylen) + { +- TLS1_PRF_PKEY_CTX *kctx = ctx->data; +- if (kctx->md == NULL) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_KDF_TLS1_PRF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); + return 0; + } +- if (kctx->sec == NULL) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_SECRET); ++ if (impl->sec == NULL) { ++ KDFerr(KDF_F_KDF_TLS1_PRF_DERIVE, KDF_R_MISSING_SECRET); + return 0; + } +- if (kctx->seedlen == 0) { +- KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_SEED); ++ if (impl->seedlen == 0) { ++ KDFerr(KDF_F_KDF_TLS1_PRF_DERIVE, KDF_R_MISSING_SEED); + return 0; + } +- return tls1_prf_alg(kctx->md, kctx->sec, kctx->seclen, +- kctx->seed, kctx->seedlen, +- key, *keylen); ++ return tls1_prf_alg(impl->md, impl->sec, impl->seclen, ++ impl->seed, impl->seedlen, ++ key, keylen); + } + +-const EVP_PKEY_METHOD tls1_prf_pkey_meth = { +- EVP_PKEY_TLS1_PRF, +- 0, +- pkey_tls1_prf_init, +- 0, +- pkey_tls1_prf_cleanup, +- +- 0, 0, +- 0, 0, +- +- 0, +- 0, +- +- 0, +- 0, +- +- 0, 0, +- +- 0, 0, 0, 0, +- +- 0, 0, +- +- 0, 0, +- +- 0, +- pkey_tls1_prf_derive, +- pkey_tls1_prf_ctrl, +- pkey_tls1_prf_ctrl_str ++const EVP_KDF_METHOD tls1_prf_kdf_meth = { ++ EVP_KDF_TLS1_PRF, ++ kdf_tls1_prf_new, ++ kdf_tls1_prf_free, ++ kdf_tls1_prf_reset, ++ kdf_tls1_prf_ctrl, ++ kdf_tls1_prf_ctrl_str, ++ NULL, ++ kdf_tls1_prf_derive + }; + + static int tls1_prf_P_hash(const EVP_MD *md, +@@ -249,12 +245,11 @@ static int tls1_prf_alg(const EVP_MD *md + const unsigned char *seed, size_t seed_len, + unsigned char *out, size_t olen) + { +- + if (EVP_MD_type(md) == NID_md5_sha1) { + size_t i; + unsigned char *tmp; + if (!tls1_prf_P_hash(EVP_md5(), sec, slen/2 + (slen & 1), +- seed, seed_len, out, olen)) ++ seed, seed_len, out, olen)) + return 0; + + if ((tmp = OPENSSL_malloc(olen)) == NULL) { +@@ -262,7 +257,7 @@ static int tls1_prf_alg(const EVP_MD *md + return 0; + } + if (!tls1_prf_P_hash(EVP_sha1(), sec + slen/2, slen/2 + (slen & 1), +- seed, seed_len, tmp, olen)) { ++ seed, seed_len, tmp, olen)) { + OPENSSL_clear_free(tmp, olen); + return 0; + } +diff -up openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod +--- openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf 2020-03-19 16:04:32.377698675 +0100 ++++ openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod 2020-03-19 16:04:32.377698675 +0100 +@@ -0,0 +1,217 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_CTX, EVP_KDF_CTX_new_id, EVP_KDF_CTX_free, EVP_KDF_reset, ++EVP_KDF_ctrl, EVP_KDF_vctrl, EVP_KDF_ctrl_str, EVP_KDF_size, ++EVP_KDF_derive - EVP KDF routines ++ ++=head1 SYNOPSIS ++ ++ #include ++ ++ typedef struct evp_kdf_ctx_st EVP_KDF_CTX; ++ ++ EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); ++ void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); ++ void EVP_KDF_reset(EVP_KDF_CTX *ctx); ++ int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...); ++ int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args); ++ int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value); ++ size_t EVP_KDF_size(EVP_KDF_CTX *ctx); ++ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); ++ ++=head1 DESCRIPTION ++ ++The EVP KDF routines are a high level interface to Key Derivation Function ++algorithms and should be used instead of algorithm-specific functions. ++ ++After creating a C for the required algorithm using ++EVP_KDF_CTX_new_id(), inputs to the algorithm are supplied using calls to ++EVP_KDF_ctrl(), EVP_KDF_vctrl() or EVP_KDF_ctrl_str() before calling ++EVP_KDF_derive() to derive the key. ++ ++=head2 Types ++ ++B is a context type that holds the algorithm inputs. ++ ++=head2 Context manipulation functions ++ ++EVP_KDF_CTX_new_id() creates a KDF context for the algorithm identified by the ++specified NID. ++ ++EVP_KDF_CTX_free() frees up the context C. If C is C, nothing ++is done. ++ ++=head2 Computing functions ++ ++EVP_KDF_reset() resets the context to the default state as if the context ++had just been created. ++ ++EVP_KDF_ctrl() is used to provide inputs to the KDF algorithm prior to ++EVP_KDF_derive() being called. The inputs that may be provided will vary ++depending on the KDF algorithm or its implementation. This functions takes ++variable arguments, the exact expected arguments depend on C. ++See L below for a description of standard controls. ++ ++EVP_KDF_vctrl() is the variant of EVP_KDF_ctrl() that takes a C ++argument instead of variadic arguments. ++ ++EVP_KDF_ctrl_str() allows an application to send an algorithm specific control ++operation to a context C in string form. This is intended to be used for ++options specified on the command line or in text files. ++ ++EVP_KDF_size() returns the output size if the algorithm produces a fixed amount ++of output and C otherwise. If an error occurs then 0 is returned. ++For some algorithms an error may result if input parameters necessary to ++calculate a fixed output size have not yet been supplied. ++ ++EVP_KDF_derive() derives C bytes of key material and places it in the ++C buffer. If the algorithm produces a fixed amount of output then an ++error will occur unless the C parameter is equal to that output size, ++as returned by EVP_KDF_size(). ++ ++=head1 CONTROLS ++ ++The standard controls are: ++ ++=over 4 ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Some KDF implementations require a password. For those KDF implementations ++that support it, this control sets the password. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "pass" ++ ++The value string is used as is. ++ ++=item "hexpass" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Some KDF implementations can take a salt. For those KDF implementations that ++support it, this control sets the salt. ++ ++The default value, if any, is implementation dependent. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "salt" ++ ++The value string is used as is. ++ ++=item "hexsalt" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects one argument: C ++ ++Some KDF implementations require an iteration count. For those KDF implementations that support it, this control sets the iteration count. ++ ++The default value, if any, is implementation dependent. ++ ++EVP_KDF_ctrl_str() type string: "iter" ++ ++The value string is expected to be a decimal number. ++ ++=item B ++ ++This control expects one argument: C ++ ++For MAC implementations that use a message digest as an underlying computation ++algorithm, this control set what the digest algorithm should be. ++ ++EVP_KDF_ctrl_str() type string: "md" ++ ++The value string is expected to be the name of a digest. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Some KDF implementations require a key. For those KDF implementations that ++support it, this control sets the key. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "key" ++ ++The value string is used as is. ++ ++=item "hexkey" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects one argument: C ++ ++Memory-hard password-based KDF algorithms, such as scrypt, use an amount of ++memory that depends on the load factors provided as input. For those KDF ++implementations that support it, this control sets an upper limit on the amount ++of memory that may be consumed while performing a key derivation. If this ++memory usage limit is exceeded because the load factors are chosen too high, ++the key derivation will fail. ++ ++The default value is implementation dependent. ++ ++EVP_KDF_ctrl_str() type string: "maxmem_bytes" ++ ++The value string is expected to be a decimal number. ++ ++=back ++ ++=head1 RETURN VALUES ++ ++EVP_KDF_CTX_new_id() returns either the newly allocated C ++structure or C if an error occurred. ++ ++EVP_KDF_CTX_free() and EVP_KDF_reset() do not return a value. ++ ++EVP_KDF_size() returns the output size. C is returned to indicate ++that the algorithm produces a variable amount of output; 0 to indicate failure. ++ ++The remaining functions return 1 for success and 0 or a negative value for ++failure. In particular, a return value of -2 indicates the operation is not ++supported by the KDF algorithm. ++ ++=head1 SEE ALSO ++ ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf 2020-03-19 16:04:32.377698675 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod 2020-03-19 16:04:32.377698675 +0100 +@@ -0,0 +1,180 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_HKDF - The HKDF EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B KDF through the B API. ++ ++The EVP_KDF_HKDF algorithm implements the HKDF key derivation function. ++HKDF follows the "extract-then-expand" paradigm, where the KDF logically ++consists of two modules. The first stage takes the input keying material ++and "extracts" from it a fixed-length pseudorandom key K. The second stage ++"expands" the key K into several additional pseudorandom keys (the output ++of the KDF). ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++=item B ++ ++This control does not expect any arguments. ++ ++Resets the context info buffer to zero length. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Sets the info value to the first B bytes of the buffer B. If a ++value is already set, the contents of the buffer are appended to the existing ++value. ++ ++The total length of the context info buffer cannot exceed 1024 bytes; ++this should be more than enough for any normal use of HKDF. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "info" ++ ++The value string is used as is. ++ ++=item "hexinfo" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects one argument: C ++ ++Sets the mode for the HKDF operation. There are three modes that are currently ++defined: ++ ++=over 4 ++ ++=item EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND ++ ++This is the default mode. Calling L on an EVP_KDF_CTX set ++up for HKDF will perform an extract followed by an expand operation in one go. ++The derived key returned will be the result after the expand operation. The ++intermediate fixed-length pseudorandom key K is not returned. ++ ++In this mode the digest, key, salt and info values must be set before a key is ++derived otherwise an error will occur. ++ ++=item EVP_KDF_HKDF_MODE_EXTRACT_ONLY ++ ++In this mode calling L will just perform the extract ++operation. The value returned will be the intermediate fixed-length pseudorandom ++key K. The C parameter must match the size of K, which can be looked ++up by calling EVP_KDF_size() after setting the mode and digest. ++ ++The digest, key and salt values must be set before a key is derived otherwise ++an error will occur. ++ ++=item EVP_KDF_HKDF_MODE_EXPAND_ONLY ++ ++In this mode calling L will just perform the expand ++operation. The input key should be set to the intermediate fixed-length ++pseudorandom key K returned from a previous extract operation. ++ ++The digest, key and info values must be set before a key is derived otherwise ++an error will occur. ++ ++=back ++ ++EVP_KDF_ctrl_str() type string: "mode" ++ ++The value string is expected to be one of: "EXTRACT_AND_EXPAND", "EXTRACT_ONLY" ++or "EXPAND_ONLY". ++ ++=back ++ ++=head1 NOTES ++ ++A context for HKDF can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF); ++ ++The output length of an HKDF expand operation is specified via the C ++parameter to the L function. When using ++EVP_KDF_HKDF_MODE_EXTRACT_ONLY the C parameter must equal the size of ++the intermediate fixed-length pseudorandom key otherwise an error will occur. ++For that mode, the fixed output size can be looked up by calling EVP_KDF_size() ++after setting the mode and digest on the C. ++ ++=head1 EXAMPLE ++ ++This example derives 10 bytes using SHA-256 with the secret key "secret", ++salt value "salt" and info value "label": ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF); ++ ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ error("EVP_KDF_CTRL_SET_MD"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { ++ error("EVP_KDF_CTRL_SET_SALT"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) { ++ error("EVP_KDF_CTRL_SET_KEY"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, "label", (size_t)5) <= 0) { ++ error("EVP_KDF_CTRL_ADD_HKDF_INFO"); ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ error("EVP_KDF_derive"); ++ } ++ ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 CONFORMING TO ++ ++RFC 5869 ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod 2020-03-19 16:04:32.378698658 +0100 +@@ -0,0 +1,78 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_PBKDF2 - The PBKDF2 EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B password-based KDF through the B ++API. ++ ++The EVP_KDF_PBKDF2 algorithm implements the PBKDF2 password-based key ++derivation function, as described in RFC 2898; it derives a key from a password ++using a salt and iteration count. ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++=item B ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++B is the iteration count and its value should be greater than or equal to ++1. RFC 2898 suggests an iteration count of at least 1000. The default value is ++2048. Any B less than 1 is treated as a single iteration. ++ ++=back ++ ++=head1 NOTES ++ ++A typical application of this algorithm is to derive keying material for an ++encryption algorithm from a password in the B, a salt in B, ++and an iteration count. ++ ++Increasing the B parameter slows down the algorithm which makes it ++harder for an attacker to perform a brute force attack using a large number ++of candidate passwords. ++ ++No assumption is made regarding the given password; it is simply treated as a ++byte sequence. ++ ++=head1 CONFORMING TO ++ ++RFC 2898 ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod 2020-03-19 16:04:32.378698658 +0100 +@@ -0,0 +1,149 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_SCRYPT - The scrypt EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B password-based KDF through the B ++API. ++ ++The EVP_KDF_SCRYPT algorithm implements the scrypt password-based key ++derivation function, as described in RFC 7914. It is memory-hard in the sense ++that it deliberately requires a significant amount of RAM for efficient ++computation. The intention of this is to render brute forcing of passwords on ++systems that lack large amounts of main memory (such as GPUs or ASICs) ++computationally infeasible. ++ ++scrypt provides three work factors that can be customized: N, r and p. N, which ++has to be a positive power of two, is the general work factor and scales CPU ++time in an approximately linear fashion. r is the block size of the internally ++used hash function and p is the parallelization factor. Both r and p need to be ++greater than zero. The amount of RAM that scrypt requires for its computation ++is roughly (128 * N * r * p) bytes. ++ ++In the original paper of Colin Percival ("Stronger Key Derivation via ++Sequential Memory-Hard Functions", 2009), the suggested values that give a ++computation time of less than 5 seconds on a 2.5 GHz Intel Core 2 Duo are N = ++2^20 = 1048576, r = 8, p = 1. Consequently, the required amount of memory for ++this computation is roughly 1 GiB. On a more recent CPU (Intel i7-5930K at 3.5 ++GHz), this computation takes about 3 seconds. When N, r or p are not specified, ++they default to 1048576, 8, and 1, respectively. The maximum amount of RAM that ++may be used by scrypt defaults to 1025 MiB. ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++=item B ++ ++=item B ++ ++=item B ++ ++B expects one argument: C ++ ++B expects one argument: C ++ ++B expects one argument: C ++ ++These controls configure the scrypt work factors N, r and p. ++ ++EVP_KDF_ctrl_str() type strings: "N", "r" and "p", respectively. ++ ++The corresponding value strings are expected to be decimal numbers. ++ ++=back ++ ++=head1 NOTES ++ ++A context for scrypt can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT); ++ ++The output length of an scrypt key derivation is specified via the ++B parameter to the L function. ++ ++=head1 EXAMPLE ++ ++This example derives a 64-byte long test vector using scrypt with the password ++"password", salt "NaCl" and N = 1024, r = 8, p = 16. ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[64]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT); ++ ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { ++ error("EVP_KDF_CTRL_SET_PASS"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl", (size_t)4) <= 0) { ++ error("EVP_KDF_CTRL_SET_SALT"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, (uint64_t)1024) <= 0) { ++ error("EVP_KDF_CTRL_SET_SCRYPT_N"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)8) <= 0) { ++ error("EVP_KDF_CTRL_SET_SCRYPT_R"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)16) <= 0) { ++ error("EVP_KDF_CTRL_SET_SCRYPT_P"); ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ error("EVP_KDF_derive"); ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, ++ 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, ++ 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, ++ 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, ++ 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, ++ 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, ++ 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, ++ 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 ++ }; ++ ++ assert(!memcmp(out, expected, sizeof(out))); ++ } ++ ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 CONFORMING TO ++ ++RFC 7914 ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the OpenSSL license (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod 2020-03-19 16:04:32.378698658 +0100 +@@ -0,0 +1,142 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_TLS1_PRF - The TLS1 PRF EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B PRF through the B API. ++ ++The EVP_KDF_TLS1_PRF algorithm implements the PRF used by TLS versions up to ++and including TLS 1.2. ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++This control works as described in L. ++ ++The C control is used to set the message digest associated ++with the TLS PRF. EVP_md5_sha1() is treated as a special case which uses the ++PRF algorithm using both B and B as used in TLS 1.0 and 1.1. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Sets the secret value of the TLS PRF to B bytes of the buffer B. ++Any existing secret value is replaced. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "secret" ++ ++The value string is used as is. ++ ++=item "hexsecret" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control does not expect any arguments. ++ ++Resets the context seed buffer to zero length. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++Sets the seed to B bytes of B. If a seed is already set it is ++appended to the existing value. ++ ++The total length of the context seed buffer cannot exceed 1024 bytes; ++this should be more than enough for any normal use of the TLS PRF. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "seed" ++ ++The value string is used as is. ++ ++=item "hexseed" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=back ++ ++=head1 NOTES ++ ++A context for the TLS PRF can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF, NULL); ++ ++The digest, secret value and seed must be set before a key is derived otherwise ++an error will occur. ++ ++The output length of the PRF is specified by the C parameter to the ++EVP_KDF_derive() function. ++ ++=head1 EXAMPLE ++ ++This example derives 10 bytes using SHA-256 with the secret key "secret" ++and seed value "seed": ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF); ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ error("EVP_KDF_CTRL_SET_MD"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET, ++ "secret", (size_t)6) <= 0) { ++ error("EVP_KDF_CTRL_SET_TLS_SECRET"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed", (size_t)4) <= 0) { ++ error("EVP_KDF_CTRL_ADD_TLS_SEED"); ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ error("EVP_KDF_derive"); ++ } ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1e/include/crypto/evp.h.evp-kdf openssl-1.1.1e/include/crypto/evp.h +--- openssl-1.1.1e/include/crypto/evp.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/crypto/evp.h 2020-03-19 16:04:32.347699194 +0100 +@@ -112,6 +112,24 @@ extern const EVP_PKEY_METHOD hkdf_pkey_m + extern const EVP_PKEY_METHOD poly1305_pkey_meth; + extern const EVP_PKEY_METHOD siphash_pkey_meth; + ++/* struct evp_kdf_impl_st is defined by the implementation */ ++typedef struct evp_kdf_impl_st EVP_KDF_IMPL; ++typedef struct { ++ int type; ++ EVP_KDF_IMPL *(*new) (void); ++ void (*free) (EVP_KDF_IMPL *impl); ++ void (*reset) (EVP_KDF_IMPL *impl); ++ int (*ctrl) (EVP_KDF_IMPL *impl, int cmd, va_list args); ++ int (*ctrl_str) (EVP_KDF_IMPL *impl, const char *type, const char *value); ++ size_t (*size) (EVP_KDF_IMPL *impl); ++ int (*derive) (EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen); ++} EVP_KDF_METHOD; ++ ++extern const EVP_KDF_METHOD pbkdf2_kdf_meth; ++extern const EVP_KDF_METHOD scrypt_kdf_meth; ++extern const EVP_KDF_METHOD tls1_prf_kdf_meth; ++extern const EVP_KDF_METHOD hkdf_kdf_meth; ++ + struct evp_md_st { + int type; + int pkey_type; +diff -up openssl-1.1.1e/include/openssl/evperr.h.evp-kdf openssl-1.1.1e/include/openssl/evperr.h +--- openssl-1.1.1e/include/openssl/evperr.h.evp-kdf 2020-03-19 16:04:11.250064365 +0100 ++++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-19 16:04:32.379698640 +0100 +@@ -58,6 +58,9 @@ int ERR_load_EVP_strings(void); + # define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 219 + # define EVP_F_EVP_ENCRYPTFINAL_EX 127 + # define EVP_F_EVP_ENCRYPTUPDATE 167 ++# define EVP_F_EVP_KDF_CTRL 224 ++# define EVP_F_EVP_KDF_CTRL_STR 225 ++# define EVP_F_EVP_KDF_CTX_NEW_ID 226 + # define EVP_F_EVP_MD_CTX_COPY_EX 110 + # define EVP_F_EVP_MD_SIZE 162 + # define EVP_F_EVP_OPENINIT 102 +@@ -120,11 +123,13 @@ int ERR_load_EVP_strings(void); + # define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 + # define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164 + # define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 180 ++# define EVP_F_PKEY_KDF_CTRL 227 + # define EVP_F_PKEY_SET_TYPE 158 + # define EVP_F_RC2_MAGIC_TO_METH 109 + # define EVP_F_RC5_CTRL 125 + # define EVP_F_R_32_12_16_INIT_KEY 242 + # define EVP_F_S390X_AES_GCM_CTRL 201 ++# define EVP_F_SCRYPT_ALG 228 + # define EVP_F_UPDATE 173 + + /* +@@ -181,6 +186,7 @@ int ERR_load_EVP_strings(void); + # define EVP_R_ONLY_ONESHOT_SUPPORTED 177 + # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 + # define EVP_R_OPERATON_NOT_INITIALIZED 151 ++# define EVP_R_PARAMETER_TOO_LARGE 187 + # define EVP_R_PARTIALLY_OVERLAPPING 162 + # define EVP_R_PBKDF2_ERROR 181 + # define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179 +diff -up openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf openssl-1.1.1e/include/openssl/kdferr.h +--- openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/kdferr.h 2020-03-19 16:04:32.379698640 +0100 +@@ -23,6 +23,23 @@ int ERR_load_KDF_strings(void); + /* + * KDF function codes. + */ ++# define KDF_F_HKDF_EXTRACT 112 ++# define KDF_F_KDF_HKDF_DERIVE 113 ++# define KDF_F_KDF_HKDF_NEW 114 ++# define KDF_F_KDF_HKDF_SIZE 115 ++# define KDF_F_KDF_MD2CTRL 116 ++# define KDF_F_KDF_PBKDF2_CTRL_STR 117 ++# define KDF_F_KDF_PBKDF2_DERIVE 118 ++# define KDF_F_KDF_PBKDF2_NEW 119 ++# define KDF_F_KDF_SCRYPT_CTRL_STR 120 ++# define KDF_F_KDF_SCRYPT_CTRL_UINT32 121 ++# define KDF_F_KDF_SCRYPT_CTRL_UINT64 122 ++# define KDF_F_KDF_SCRYPT_DERIVE 123 ++# define KDF_F_KDF_SCRYPT_NEW 124 ++# define KDF_F_KDF_TLS1_PRF_CTRL_STR 125 ++# define KDF_F_KDF_TLS1_PRF_DERIVE 126 ++# define KDF_F_KDF_TLS1_PRF_NEW 127 ++# define KDF_F_PBKDF2_SET_MEMBUF 128 + # define KDF_F_PKEY_HKDF_CTRL_STR 103 + # define KDF_F_PKEY_HKDF_DERIVE 102 + # define KDF_F_PKEY_HKDF_INIT 108 +@@ -34,6 +51,7 @@ int ERR_load_KDF_strings(void); + # define KDF_F_PKEY_TLS1_PRF_CTRL_STR 100 + # define KDF_F_PKEY_TLS1_PRF_DERIVE 101 + # define KDF_F_PKEY_TLS1_PRF_INIT 110 ++# define KDF_F_SCRYPT_SET_MEMBUF 129 + # define KDF_F_TLS1_PRF_ALG 111 + + /* +@@ -51,5 +69,6 @@ int ERR_load_KDF_strings(void); + # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 + # define KDF_R_VALUE_ERROR 108 + # define KDF_R_VALUE_MISSING 102 ++# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112 + + #endif +diff -up openssl-1.1.1e/include/openssl/kdf.h.evp-kdf openssl-1.1.1e/include/openssl/kdf.h +--- openssl-1.1.1e/include/openssl/kdf.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/kdf.h 2020-03-19 16:04:32.380698623 +0100 +@@ -10,10 +10,50 @@ + #ifndef HEADER_KDF_H + # define HEADER_KDF_H + ++# include + # include +-#ifdef __cplusplus ++# ifdef __cplusplus + extern "C" { +-#endif ++# endif ++ ++# define EVP_KDF_PBKDF2 NID_id_pbkdf2 ++# define EVP_KDF_SCRYPT NID_id_scrypt ++# define EVP_KDF_TLS1_PRF NID_tls1_prf ++# define EVP_KDF_HKDF NID_hkdf ++ ++EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); ++void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); ++ ++void EVP_KDF_reset(EVP_KDF_CTX *ctx); ++int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...); ++int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args); ++int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value); ++size_t EVP_KDF_size(EVP_KDF_CTX *ctx); ++int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); ++ ++ ++# define EVP_KDF_CTRL_SET_PASS 0x01 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_SALT 0x02 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_ITER 0x03 /* int */ ++# define EVP_KDF_CTRL_SET_MD 0x04 /* EVP_MD * */ ++# define EVP_KDF_CTRL_SET_KEY 0x05 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_MAXMEM_BYTES 0x06 /* uint64_t */ ++# define EVP_KDF_CTRL_SET_TLS_SECRET 0x07 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_RESET_TLS_SEED 0x08 ++# define EVP_KDF_CTRL_ADD_TLS_SEED 0x09 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_RESET_HKDF_INFO 0x0a ++# define EVP_KDF_CTRL_ADD_HKDF_INFO 0x0b /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_HKDF_MODE 0x0c /* int */ ++# define EVP_KDF_CTRL_SET_SCRYPT_N 0x0d /* uint64_t */ ++# define EVP_KDF_CTRL_SET_SCRYPT_R 0x0e /* uint32_t */ ++# define EVP_KDF_CTRL_SET_SCRYPT_P 0x0f /* uint32_t */ ++ ++# define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 ++# define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 ++# define EVP_KDF_HKDF_MODE_EXPAND_ONLY 2 ++ ++ ++/**** The legacy PKEY-based KDF API follows. ****/ + + # define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL) + # define EVP_PKEY_CTRL_TLS_SECRET (EVP_PKEY_ALG_CTRL + 1) +@@ -30,9 +70,12 @@ extern "C" { + # define EVP_PKEY_CTRL_SCRYPT_P (EVP_PKEY_ALG_CTRL + 12) + # define EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES (EVP_PKEY_ALG_CTRL + 13) + +-# define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND 0 +-# define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1 +-# define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2 ++# define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND \ ++ EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND ++# define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY \ ++ EVP_KDF_HKDF_MODE_EXTRACT_ONLY ++# define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY \ ++ EVP_KDF_HKDF_MODE_EXPAND_ONLY + + # define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \ + EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ +@@ -91,7 +134,7 @@ extern "C" { + EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, maxmem_bytes) + + +-# ifdef __cplusplus ++# ifdef __cplusplus + } + # endif + #endif +diff -up openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1e/include/openssl/ossl_typ.h +--- openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/ossl_typ.h 2020-03-19 16:04:32.381698606 +0100 +@@ -97,6 +97,8 @@ typedef struct evp_pkey_asn1_method_st E + typedef struct evp_pkey_method_st EVP_PKEY_METHOD; + typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; + ++typedef struct evp_kdf_ctx_st EVP_KDF_CTX; ++ + typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX; + + typedef struct hmac_ctx_st HMAC_CTX; +diff -up openssl-1.1.1e/test/build.info.evp-kdf openssl-1.1.1e/test/build.info +--- openssl-1.1.1e/test/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/build.info 2020-03-19 16:04:32.381698606 +0100 +@@ -44,7 +44,8 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I + ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \ + bio_callback_test bio_memleak_test \ + bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \ +- pkey_meth_test pkey_meth_kdf_test uitest cipherbytes_test \ ++ pkey_meth_test pkey_meth_kdf_test evp_kdf_test uitest \ ++ cipherbytes_test \ + asn1_encode_test asn1_decode_test asn1_string_table_test \ + x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \ + recordlentest drbgtest sslbuffertest \ +@@ -336,6 +337,10 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I + INCLUDE[pkey_meth_kdf_test]=../include + DEPEND[pkey_meth_kdf_test]=../libcrypto libtestutil.a + ++ SOURCE[evp_kdf_test]=evp_kdf_test.c ++ INCLUDE[evp_kdf_test]=../include ++ DEPEND[evp_kdf_test]=../libcrypto libtestutil.a ++ + SOURCE[x509_time_test]=x509_time_test.c + INCLUDE[x509_time_test]=../include + DEPEND[x509_time_test]=../libcrypto libtestutil.a +diff -up openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf openssl-1.1.1e/test/evp_kdf_test.c +--- openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf 2020-03-19 16:04:32.382698588 +0100 ++++ openssl-1.1.1e/test/evp_kdf_test.c 2020-03-19 16:04:32.382698588 +0100 +@@ -0,0 +1,237 @@ ++/* ++ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++/* Tests of the EVP_KDF_CTX APIs */ ++ ++#include ++#include ++ ++#include ++#include ++#include "testutil.h" ++ ++static int test_kdf_tls1_prf(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[16]; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF)) == NULL) { ++ TEST_error("EVP_KDF_TLS1_PRF"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET, ++ "secret", (size_t)6) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_TLS_SECRET"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed", (size_t)4) <= 0) { ++ TEST_error("EVP_KDF_CTRL_ADD_TLS_SEED"); ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ TEST_error("EVP_KDF_derive"); ++ goto err; ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0, ++ 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc ++ }; ++ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { ++ goto err; ++ } ++ } ++ ret = 1; ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static int test_kdf_hkdf(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF)) == NULL) { ++ TEST_error("EVP_KDF_HKDF"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, ++ "label", (size_t)5) <= 0) { ++ TEST_error("EVP_KDF_CTRL_ADD_HKDF_INFO"); ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ TEST_error("EVP_KDF_derive"); ++ goto err; ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13 ++ }; ++ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { ++ goto err; ++ } ++ } ++ ret = 1; ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static int test_kdf_pbkdf2(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[32]; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) { ++ TEST_error("EVP_KDF_PBKDF2"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_PASS"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_ITER"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ TEST_error("EVP_KDF_derive"); ++ goto err; ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3, ++ 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0, ++ 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf, ++ 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43 ++ }; ++ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { ++ goto err; ++ } ++ } ++ ret = 1; ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++#ifndef OPENSSL_NO_SCRYPT ++static int test_kdf_scrypt(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[64]; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT)) == NULL) { ++ TEST_error("EVP_KDF_SCRYPT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_PASS"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl", (size_t)4) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, (uint64_t)1024) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SCRYPT_N"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)8) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SCRYPT_R"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)16) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SCRYPT_P"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, (uint64_t)16) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MAXMEM_BYTES"); ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) > 0) { ++ TEST_error("EVP_KDF_derive should have failed"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, ++ (uint64_t)(10 * 1024 * 1024)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MAXMEM_BYTES"); ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ TEST_error("EVP_KDF_derive"); ++ goto err; ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, ++ 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, ++ 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, ++ 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, ++ 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, ++ 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, ++ 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, ++ 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 ++ }; ++ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { ++ goto err; ++ } ++ } ++ ret = 1; ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++#endif ++ ++int setup_tests(void) ++{ ++ ADD_TEST(test_kdf_tls1_prf); ++ ADD_TEST(test_kdf_hkdf); ++ ADD_TEST(test_kdf_pbkdf2); ++#ifndef OPENSSL_NO_SCRYPT ++ ADD_TEST(test_kdf_scrypt); ++#endif ++ return 1; ++} +diff -up openssl-1.1.1e/test/evp_test.c.evp-kdf openssl-1.1.1e/test/evp_test.c +--- openssl-1.1.1e/test/evp_test.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/evp_test.c 2020-03-19 16:04:32.383698571 +0100 +@@ -1705,13 +1705,14 @@ static const EVP_TEST_METHOD encode_test + encode_test_run, + }; + ++ + /** + *** KDF TESTS + **/ + + typedef struct kdf_data_st { + /* Context for this operation */ +- EVP_PKEY_CTX *ctx; ++ EVP_KDF_CTX *ctx; + /* Expected output */ + unsigned char *output; + size_t output_len; +@@ -1738,16 +1739,11 @@ static int kdf_test_init(EVP_TEST *t, co + + if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) + return 0; +- kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL); ++ kdata->ctx = EVP_KDF_CTX_new_id(kdf_nid); + if (kdata->ctx == NULL) { + OPENSSL_free(kdata); + return 0; + } +- if (EVP_PKEY_derive_init(kdata->ctx) <= 0) { +- EVP_PKEY_CTX_free(kdata->ctx); +- OPENSSL_free(kdata); +- return 0; +- } + t->data = kdata; + return 1; + } +@@ -1756,7 +1752,42 @@ static void kdf_test_cleanup(EVP_TEST *t + { + KDF_DATA *kdata = t->data; + OPENSSL_free(kdata->output); +- EVP_PKEY_CTX_free(kdata->ctx); ++ EVP_KDF_CTX_free(kdata->ctx); ++} ++ ++static int kdf_test_ctrl(EVP_TEST *t, EVP_KDF_CTX *kctx, ++ const char *value) ++{ ++ int rv; ++ char *p, *tmpval; ++ ++ if (!TEST_ptr(tmpval = OPENSSL_strdup(value))) ++ return 0; ++ p = strchr(tmpval, ':'); ++ if (p != NULL) ++ *p++ = '\0'; ++ rv = EVP_KDF_ctrl_str(kctx, tmpval, p); ++ if (rv == -2) { ++ t->err = "KDF_CTRL_INVALID"; ++ rv = 1; ++ } else if (p != NULL && rv <= 0) { ++ /* If p has an OID and lookup fails assume disabled algorithm */ ++ int nid = OBJ_sn2nid(p); ++ ++ if (nid == NID_undef) ++ nid = OBJ_ln2nid(p); ++ if (nid != NID_undef ++ && EVP_get_digestbynid(nid) == NULL ++ && EVP_get_cipherbynid(nid) == NULL) { ++ t->skip = 1; ++ rv = 1; ++ } else { ++ t->err = "KDF_CTRL_ERROR"; ++ rv = 1; ++ } ++ } ++ OPENSSL_free(tmpval); ++ return rv > 0; + } + + static int kdf_test_parse(EVP_TEST *t, +@@ -1767,7 +1798,7 @@ static int kdf_test_parse(EVP_TEST *t, + if (strcmp(keyword, "Output") == 0) + return parse_bin(value, &kdata->output, &kdata->output_len); + if (strncmp(keyword, "Ctrl", 4) == 0) +- return pkey_test_ctrl(t, kdata->ctx, value); ++ return kdf_test_ctrl(t, kdata->ctx, value); + return 0; + } + +@@ -1781,7 +1812,7 @@ static int kdf_test_run(EVP_TEST *t) + t->err = "INTERNAL_ERROR"; + goto err; + } +- if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) { ++ if (EVP_KDF_derive(expected->ctx, got, got_len) <= 0) { + t->err = "KDF_DERIVE_ERROR"; + goto err; + } +@@ -1807,6 +1838,106 @@ static const EVP_TEST_METHOD kdf_test_me + + + /** ++*** PKEY KDF TESTS ++**/ ++ ++typedef struct pkey_kdf_data_st { ++ /* Context for this operation */ ++ EVP_PKEY_CTX *ctx; ++ /* Expected output */ ++ unsigned char *output; ++ size_t output_len; ++} PKEY_KDF_DATA; ++ ++/* ++ * Perform public key operation setup: lookup key, allocated ctx and call ++ * the appropriate initialisation function ++ */ ++static int pkey_kdf_test_init(EVP_TEST *t, const char *name) ++{ ++ PKEY_KDF_DATA *kdata; ++ int kdf_nid = OBJ_sn2nid(name); ++ ++#ifdef OPENSSL_NO_SCRYPT ++ if (strcmp(name, "scrypt") == 0) { ++ t->skip = 1; ++ return 1; ++ } ++#endif ++ ++ if (kdf_nid == NID_undef) ++ kdf_nid = OBJ_ln2nid(name); ++ ++ if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) ++ return 0; ++ kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL); ++ if (kdata->ctx == NULL) { ++ OPENSSL_free(kdata); ++ return 0; ++ } ++ if (EVP_PKEY_derive_init(kdata->ctx) <= 0) { ++ EVP_PKEY_CTX_free(kdata->ctx); ++ OPENSSL_free(kdata); ++ return 0; ++ } ++ t->data = kdata; ++ return 1; ++} ++ ++static void pkey_kdf_test_cleanup(EVP_TEST *t) ++{ ++ PKEY_KDF_DATA *kdata = t->data; ++ OPENSSL_free(kdata->output); ++ EVP_PKEY_CTX_free(kdata->ctx); ++} ++ ++static int pkey_kdf_test_parse(EVP_TEST *t, ++ const char *keyword, const char *value) ++{ ++ PKEY_KDF_DATA *kdata = t->data; ++ ++ if (strcmp(keyword, "Output") == 0) ++ return parse_bin(value, &kdata->output, &kdata->output_len); ++ if (strncmp(keyword, "Ctrl", 4) == 0) ++ return pkey_test_ctrl(t, kdata->ctx, value); ++ return 0; ++} ++ ++static int pkey_kdf_test_run(EVP_TEST *t) ++{ ++ PKEY_KDF_DATA *expected = t->data; ++ unsigned char *got = NULL; ++ size_t got_len = expected->output_len; ++ ++ if (!TEST_ptr(got = OPENSSL_malloc(got_len))) { ++ t->err = "INTERNAL_ERROR"; ++ goto err; ++ } ++ if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) { ++ t->err = "KDF_DERIVE_ERROR"; ++ goto err; ++ } ++ if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) { ++ t->err = "KDF_MISMATCH"; ++ goto err; ++ } ++ t->err = NULL; ++ ++ err: ++ OPENSSL_free(got); ++ return 1; ++} ++ ++static const EVP_TEST_METHOD pkey_kdf_test_method = { ++ "PKEYKDF", ++ pkey_kdf_test_init, ++ pkey_kdf_test_cleanup, ++ pkey_kdf_test_parse, ++ pkey_kdf_test_run ++}; ++ ++ ++/** + *** KEYPAIR TESTS + **/ + +@@ -2310,6 +2441,7 @@ static const EVP_TEST_METHOD *evp_test_l + &digestverify_test_method, + &encode_test_method, + &kdf_test_method, ++ &pkey_kdf_test_method, + &keypair_test_method, + &keygen_test_method, + &mac_test_method, +diff -up openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1e/test/pkey_meth_kdf_test.c +--- openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/pkey_meth_kdf_test.c 2020-03-19 16:04:32.386698519 +0100 +@@ -1,5 +1,5 @@ + /* +- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy +@@ -18,30 +18,34 @@ + + static int test_kdf_tls1_prf(void) + { ++ int ret = 0; + EVP_PKEY_CTX *pctx; + unsigned char out[16]; + size_t outlen = sizeof(out); +- pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL); + ++ if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL)) == NULL) { ++ TEST_error("EVP_PKEY_TLS1_PRF"); ++ goto err; ++ } + if (EVP_PKEY_derive_init(pctx) <= 0) { + TEST_error("EVP_PKEY_derive_init"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0) { + TEST_error("EVP_PKEY_CTX_set_tls1_prf_md"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_tls1_prf_secret"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0) { + TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed"); +- return 0; ++ goto err; + } + if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { + TEST_error("EVP_PKEY_derive"); +- return 0; ++ goto err; + } + + { +@@ -50,43 +54,49 @@ static int test_kdf_tls1_prf(void) + 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc + }; + if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { +- return 0; ++ goto err; + } + } ++ ret = 1; ++err: + EVP_PKEY_CTX_free(pctx); +- return 1; ++ return ret; + } + + static int test_kdf_hkdf(void) + { ++ int ret = 0; + EVP_PKEY_CTX *pctx; + unsigned char out[10]; + size_t outlen = sizeof(out); +- pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); + ++ if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) { ++ TEST_error("EVP_PKEY_HKDF"); ++ goto err; ++ } + if (EVP_PKEY_derive_init(pctx) <= 0) { + TEST_error("EVP_PKEY_derive_init"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) { + TEST_error("EVP_PKEY_CTX_set_hkdf_md"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, "salt", 4) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_hkdf_salt"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set1_hkdf_key(pctx, "secret", 6) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_hkdf_key"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_add1_hkdf_info(pctx, "label", 5) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_hkdf_info"); +- return 0; ++ goto err; + } + if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { + TEST_error("EVP_PKEY_derive"); +- return 0; ++ goto err; + } + + { +@@ -94,60 +104,66 @@ static int test_kdf_hkdf(void) + 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13 + }; + if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { +- return 0; ++ goto err; + } + } ++ ret = 1; ++err: + EVP_PKEY_CTX_free(pctx); +- return 1; ++ return ret; + } + + #ifndef OPENSSL_NO_SCRYPT + static int test_kdf_scrypt(void) + { ++ int ret = 0; + EVP_PKEY_CTX *pctx; + unsigned char out[64]; + size_t outlen = sizeof(out); +- pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL); + ++ if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL)) == NULL) { ++ TEST_error("EVP_PKEY_SCRYPT"); ++ goto err; ++ } + if (EVP_PKEY_derive_init(pctx) <= 0) { + TEST_error("EVP_PKEY_derive_init"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set1_pbe_pass(pctx, "password", 8) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_pbe_pass"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, "NaCl", 4) <= 0) { + TEST_error("EVP_PKEY_CTX_set1_scrypt_salt"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) <= 0) { + TEST_error("EVP_PKEY_CTX_set_scrypt_N"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) <= 0) { + TEST_error("EVP_PKEY_CTX_set_scrypt_r"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) <= 0) { + TEST_error("EVP_PKEY_CTX_set_scrypt_p"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 16) <= 0) { + TEST_error("EVP_PKEY_CTX_set_maxmem_bytes"); +- return 0; ++ goto err; + } + if (EVP_PKEY_derive(pctx, out, &outlen) > 0) { + TEST_error("EVP_PKEY_derive should have failed"); +- return 0; ++ goto err; + } + if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 10 * 1024 * 1024) <= 0) { + TEST_error("EVP_PKEY_CTX_set_maxmem_bytes"); +- return 0; ++ goto err; + } + if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { + TEST_error("EVP_PKEY_derive"); +- return 0; ++ goto err; + } + + { +@@ -162,11 +178,13 @@ static int test_kdf_scrypt(void) + 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 + }; + if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { +- return 0; ++ goto err; + } + } ++ ret = 1; ++err: + EVP_PKEY_CTX_free(pctx); +- return 1; ++ return ret; + } + #endif + +diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt +--- openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt 2020-03-19 16:04:32.388698484 +0100 +@@ -1,5 +1,5 @@ + # +-# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. ++# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. + # + # Licensed under the OpenSSL license (the "License"). You may not use + # this file except in compliance with the License. You can obtain a copy +@@ -15,7 +15,7 @@ + Title = TLS1 PRF tests (from NIST test vectors) + + KDF=TLS1-PRF +-Ctrl.md = md:MD5-SHA1 ++Ctrl.digest = digest:MD5-SHA1 + Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0 + Ctrl.label = seed:master secret + Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693 +@@ -23,7 +23,7 @@ Ctrl.server_random = hexseed:135e4d557fd + Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 + + KDF=TLS1-PRF +-Ctrl.md = md:MD5-SHA1 ++Ctrl.digest = digest:MD5-SHA1 + Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 + Ctrl.label = seed:key expansion + Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be +@@ -31,7 +31,7 @@ Ctrl.client_random = hexseed:d58a7b1cd4f + Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d + + KDF=TLS1-PRF +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc + Ctrl.label = seed:master secret + Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c +@@ -39,7 +39,7 @@ Ctrl.server_random = hexseed:f6c9575ed7d + Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf + + KDF=TLS1-PRF +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf + Ctrl.label = seed:key expansion + Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 +@@ -48,7 +48,7 @@ Output = d06139889fffac1e3a71865f504aa5d + + # As above but use long name for KDF + KDF=tls1-prf +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf + Ctrl.label = seed:key expansion + Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 +@@ -64,7 +64,7 @@ Result = KDF_DERIVE_ERROR + + # Missing secret. + KDF=TLS1-PRF +-Ctrl.md = md:MD5-SHA1 ++Ctrl.digest = digest:MD5-SHA1 + Ctrl.Seed = hexseed:02 + Output = 03 + Result = KDF_DERIVE_ERROR +@@ -72,7 +72,7 @@ Result = KDF_DERIVE_ERROR + Title = HKDF tests (from RFC5869 test vectors) + + KDF = HKDF +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = hexsalt:000102030405060708090a0b0c + Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 +@@ -80,20 +80,20 @@ Output = 3cb25f25faacd57a90434f64d0362f2 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = hexsalt:000102030405060708090a0b0c + Output = 077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 + Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 + Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 + + KDF = HKDF +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f + Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf + Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff +@@ -101,20 +101,20 @@ Output = b11e398dc80327a1c8e7f78c596a493 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f + Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf + Output = 06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 + Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff + Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 + + KDF = HKDF +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = salt: + Ctrl.info = info: +@@ -122,7 +122,7 @@ Output = 8da4e775a563c18f715f802a063c5a3 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = salt: + Ctrl.info = info: +@@ -130,13 +130,13 @@ Output = 19ef24a32c717b167f33a91d6f648bd + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA256 ++Ctrl.digest = digest:SHA256 + Ctrl.IKM = hexkey:19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 + Ctrl.info = info: + Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = hexsalt:000102030405060708090a0b0c + Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 +@@ -144,20 +144,20 @@ Output = 085a01ea1b10f36933068b56efa5ad8 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = hexsalt:000102030405060708090a0b0c + Output = 9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 + Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 + Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f + Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf + Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff +@@ -165,20 +165,20 @@ Output = 0bd770a74d1160f7c9f12cd5912a06e + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f + Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf + Output = 8adae09a2a307059478d309b26c4115a224cfaf6 + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:8adae09a2a307059478d309b26c4115a224cfaf6 + Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff + Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = salt: + Ctrl.info = info: +@@ -186,20 +186,20 @@ Output = 0ac1af7002b3d761d1e55298da9d050 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b + Ctrl.salt = salt: + Output = da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 + Ctrl.info = info: + Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c + Ctrl.salt = salt: + Ctrl.info = info: +@@ -207,14 +207,14 @@ Output = 2c91117204d745f3500d636a62f64f0 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c + Ctrl.salt = salt: + Output = 2adccada18779e7c2077ad2eb19d3f3e731385dd + + KDF = HKDF + Ctrl.mode = mode:EXPAND_ONLY +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:2adccada18779e7c2077ad2eb19d3f3e731385dd + Ctrl.info = info: + Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 +@@ -227,27 +227,27 @@ Output = 00 + Result = KDF_DERIVE_ERROR + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.salt = salt: + Ctrl.info = info: + Output = 00 + Result = KDF_DERIVE_ERROR + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c + Ctrl.info = info: + Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 + + KDF = HKDF +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c + Ctrl.salt = salt: + Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 + + KDF = HKDF + Ctrl.mode = mode:EXTRACT_AND_EXPAND +-Ctrl.md = md:SHA1 ++Ctrl.digest = digest:SHA1 + Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c + Ctrl.salt = salt: + Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 +@@ -303,3 +303,133 @@ Ctrl.r = r:8 + Ctrl.p = p:1 + Result = INTERNAL_ERROR + ++Title = PBKDF2 tests ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha1 ++Output = 0c60c80f961f0e71f3a9b524af6012062fe037a6 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha256 ++Output = 120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha512 ++Output = 867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d470a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:2 ++Ctrl.digest = digest:sha1 ++Output = ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:2 ++Ctrl.digest = digest:sha256 ++Output = ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:2 ++Ctrl.digest = digest:sha512 ++Output = e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha1 ++Output = 4b007901b765489abead49d926f721d065a429c1 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha256 ++Output = c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:password ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha512 ++Output = d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:passwordPASSWORDpassword ++Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha1 ++Output = 3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:passwordPASSWORDpassword ++Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha256 ++Output = 348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass:passwordPASSWORDpassword ++Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha512 ++Output = 8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8 ++ ++KDF = PBKDF2 ++Ctrl.hexpass = hexpass:7061737300776f7264 ++Ctrl.hexsalt = hexsalt:7361006c74 ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha1 ++Output = 56fa6aa75548099dcc37d7f03425e0c3 ++ ++KDF = PBKDF2 ++Ctrl.hexpass = hexpass:7061737300776f7264 ++Ctrl.hexsalt = hexsalt:7361006c74 ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha256 ++Output = 89b69d0516f829893c696226650a8687 ++ ++KDF = PBKDF2 ++Ctrl.hexpass = hexpass:7061737300776f7264 ++Ctrl.hexsalt = hexsalt:7361006c74 ++Ctrl.iter = iter:4096 ++Ctrl.digest = digest:sha512 ++Output = 9d9e9c4cd21fe4be24d5b8244c759665 ++ ++Title = PBKDF2 tests for empty inputs ++ ++KDF = PBKDF2 ++Ctrl.pass = pass: ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha1 ++Output = a33dddc30478185515311f8752895d36ea4363a2 ++ ++KDF = PBKDF2 ++Ctrl.pass = pass: ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha256 ++Output = f135c27993baf98773c5cdb40a5706ce6a345cde ++ ++KDF = PBKDF2 ++Ctrl.pass = pass: ++Ctrl.salt = salt:salt ++Ctrl.iter = iter:1 ++Ctrl.digest = digest:sha512 ++Output = 00ef42cdbfc98d29db20976608e455567fdddf14 ++ +diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt +--- openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf 2020-03-19 16:04:32.389698467 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt 2020-03-19 16:04:32.389698467 +0100 +@@ -0,0 +1,305 @@ ++# ++# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++# Tests start with one of these keywords ++# Cipher Decrypt Derive Digest Encoding KDF PKEYKDF MAC PBE ++# PrivPubKeyPair Sign Verify VerifyRecover ++# and continue until a blank line. Lines starting with a pound sign, ++# like this prolog, are ignored. ++ ++Title = TLS1 PRF tests (from NIST test vectors) ++ ++PKEYKDF=TLS1-PRF ++Ctrl.md = md:MD5-SHA1 ++Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0 ++Ctrl.label = seed:master secret ++Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693 ++Ctrl.server_random = hexseed:135e4d557fdf3aa6406d82975d5c606a9734c9334b42136e96990fbd5358cdb2 ++Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 ++ ++PKEYKDF=TLS1-PRF ++Ctrl.md = md:MD5-SHA1 ++Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 ++Ctrl.label = seed:key expansion ++Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be ++Ctrl.client_random = hexseed:d58a7b1cd4fedaa232159df652ce188f9d997e061b9bf48e83b62990440931f6 ++Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d ++ ++PKEYKDF=TLS1-PRF ++Ctrl.md = md:SHA256 ++Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc ++Ctrl.label = seed:master secret ++Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c ++Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce ++Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf ++ ++PKEYKDF=TLS1-PRF ++Ctrl.md = md:SHA256 ++Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf ++Ctrl.label = seed:key expansion ++Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 ++Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616 ++Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928 ++ ++# As above but use long name for KDF ++PKEYKDF=tls1-prf ++Ctrl.md = md:SHA256 ++Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf ++Ctrl.label = seed:key expansion ++Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 ++Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616 ++Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928 ++ ++# Missing digest. ++PKEYKDF=TLS1-PRF ++Ctrl.Secret = hexsecret:01 ++Ctrl.Seed = hexseed:02 ++Output = 03 ++Result = KDF_DERIVE_ERROR ++ ++# Missing secret. ++PKEYKDF=TLS1-PRF ++Ctrl.md = md:MD5-SHA1 ++Ctrl.Seed = hexseed:02 ++Output = 03 ++Result = KDF_DERIVE_ERROR ++ ++Title = HKDF tests (from RFC5869 test vectors) ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = hexsalt:000102030405060708090a0b0c ++Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 ++Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = hexsalt:000102030405060708090a0b0c ++Output = 077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 ++Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 ++Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f ++Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf ++Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff ++Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f ++Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf ++Output = 06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 ++Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff ++Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA256 ++Ctrl.IKM = hexkey:19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 ++Ctrl.info = info: ++Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = hexsalt:000102030405060708090a0b0c ++Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 ++Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = hexsalt:000102030405060708090a0b0c ++Output = 9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 ++Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 ++Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f ++Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf ++Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff ++Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f ++Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf ++Output = 8adae09a2a307059478d309b26c4115a224cfaf6 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:8adae09a2a307059478d309b26c4115a224cfaf6 ++Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff ++Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ++Ctrl.salt = salt: ++Output = da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 ++Ctrl.info = info: ++Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.salt = salt: ++Output = 2adccada18779e7c2077ad2eb19d3f3e731385dd ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXPAND_ONLY ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:2adccada18779e7c2077ad2eb19d3f3e731385dd ++Ctrl.info = info: ++Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 ++ ++PKEYKDF = HKDF ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 00 ++Result = KDF_DERIVE_ERROR ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.salt = salt: ++Ctrl.info = info: ++Output = 00 ++Result = KDF_DERIVE_ERROR ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.info = info: ++Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 ++ ++PKEYKDF = HKDF ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.salt = salt: ++Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 ++ ++PKEYKDF = HKDF ++Ctrl.mode = mode:EXTRACT_AND_EXPAND ++Ctrl.md = md:SHA1 ++Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c ++Ctrl.salt = salt: ++Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 ++ ++Title = id-scrypt tests (from draft-josefsson-id-scrypt-kdf-03 and others) ++ ++PKEYKDF = scrypt ++Ctrl.pass = pass: ++Ctrl.salt = salt: ++Ctrl.N = N:16 ++Ctrl.r = r:1 ++Ctrl.p = p:1 ++Output = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906 ++ ++PKEYKDF = scrypt ++Ctrl.pass = pass:password ++Ctrl.salt = salt:NaCl ++Ctrl.N = N:1024 ++Ctrl.r = r:8 ++Ctrl.p = p:16 ++Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 ++ ++PKEYKDF = scrypt ++Ctrl.hexpass = hexpass:70617373776f7264 ++Ctrl.salt = salt:NaCl ++Ctrl.N = N:1024 ++Ctrl.r = r:8 ++Ctrl.p = p:16 ++Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 ++ ++PKEYKDF = scrypt ++Ctrl.pass = pass:password ++Ctrl.hexsalt = hexsalt:4e61436c ++Ctrl.N = N:1024 ++Ctrl.r = r:8 ++Ctrl.p = p:16 ++Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 ++ ++PKEYKDF = scrypt ++Ctrl.pass = pass:pleaseletmein ++Ctrl.salt = salt:SodiumChloride ++Ctrl.N = N:16384 ++Ctrl.r = r:8 ++Ctrl.p = p:1 ++Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887 ++ ++# Out of memory ++PKEYKDF = scrypt ++Ctrl.pass = pass:pleaseletmein ++Ctrl.salt = salt:SodiumChloride ++Ctrl.N = N:1048576 ++Ctrl.r = r:8 ++Ctrl.p = p:1 ++Result = INTERNAL_ERROR ++ +diff -up openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_kdf.t +--- openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf 2020-03-19 16:04:32.390698450 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_kdf.t 2020-03-19 16:04:32.390698450 +0100 +@@ -0,0 +1,13 @@ ++#! /usr/bin/env perl ++# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++# Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++ ++use OpenSSL::Test::Simple; ++ ++simple_test("test_evp_kdf", "evp_kdf_test"); +diff -up openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp.t +--- openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp.t 2020-03-19 16:04:32.390698450 +0100 +@@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT data_file/ + setup("test_evp"); + + my @files = ( "evpciph.txt", "evpdigest.txt", "evpencod.txt", "evpkdf.txt", +- "evpmac.txt", "evppbe.txt", "evppkey.txt", "evppkey_ecc.txt", ++ "evppkey_kdf.txt", "evpmac.txt", "evppbe.txt", "evppkey.txt", "evppkey_ecc.txt", + "evpcase.txt", "evpccmcavs.txt" ); + + plan tests => scalar(@files); +diff -up openssl-1.1.1e/util/libcrypto.num.evp-kdf openssl-1.1.1e/util/libcrypto.num +--- openssl-1.1.1e/util/libcrypto.num.evp-kdf 2020-03-19 16:04:11.263064140 +0100 ++++ openssl-1.1.1e/util/libcrypto.num 2020-03-19 16:04:32.392698415 +0100 +@@ -4622,3 +4622,11 @@ FIPS_drbg_get_strength + FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION: + FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION: + FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION: ++EVP_KDF_CTX_new_id 6590 1_1_1b EXIST::FUNCTION: ++EVP_KDF_CTX_free 6591 1_1_1b EXIST::FUNCTION: ++EVP_KDF_reset 6592 1_1_1b EXIST::FUNCTION: ++EVP_KDF_ctrl 6593 1_1_1b EXIST::FUNCTION: ++EVP_KDF_vctrl 6594 1_1_1b EXIST::FUNCTION: ++EVP_KDF_ctrl_str 6595 1_1_1b EXIST::FUNCTION: ++EVP_KDF_size 6596 1_1_1b EXIST::FUNCTION: ++EVP_KDF_derive 6597 1_1_1b EXIST::FUNCTION: +diff -up openssl-1.1.1e/util/private.num.evp-kdf openssl-1.1.1e/util/private.num +--- openssl-1.1.1e/util/private.num.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/util/private.num 2020-03-19 16:04:32.393698398 +0100 +@@ -21,6 +21,7 @@ CRYPTO_EX_dup + CRYPTO_EX_free datatype + CRYPTO_EX_new datatype + DTLS_timer_cb datatype ++EVP_KDF_CTX datatype + EVP_PKEY_gen_cb datatype + EVP_PKEY_METHOD datatype + EVP_PKEY_ASN1_METHOD datatype diff --git a/openssl-1.1.1-fips-crng-test.patch b/openssl-1.1.1-fips-crng-test.patch new file mode 100644 index 0000000..267a3ea --- /dev/null +++ b/openssl-1.1.1-fips-crng-test.patch @@ -0,0 +1,408 @@ +diff -up openssl-1.1.1g/crypto/rand/build.info.crng-test openssl-1.1.1g/crypto/rand/build.info +--- openssl-1.1.1g/crypto/rand/build.info.crng-test 2020-04-23 13:30:45.863389837 +0200 ++++ openssl-1.1.1g/crypto/rand/build.info 2020-04-23 13:31:55.847069892 +0200 +@@ -1,6 +1,6 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ +- randfile.c rand_lib.c rand_err.c rand_egd.c \ ++ randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \ + rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c + + INCLUDE[drbg_ctr.o]=../modes +diff -up openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1g/crypto/rand/drbg_lib.c +--- openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test 2020-04-23 13:30:45.818390686 +0200 ++++ openssl-1.1.1g/crypto/rand/drbg_lib.c 2020-04-23 13:30:45.864389819 +0200 +@@ -67,7 +67,7 @@ static CRYPTO_THREAD_LOCAL private_drbg; + + + /* NIST SP 800-90A DRBG recommends the use of a personalization string. */ +-static const char ossl_pers_string[] = "OpenSSL NIST SP 800-90A DRBG"; ++static const char ossl_pers_string[] = DRBG_DEFAULT_PERS_STRING; + + static CRYPTO_ONCE rand_drbg_init = CRYPTO_ONCE_STATIC_INIT; + +@@ -201,8 +201,13 @@ static RAND_DRBG *rand_drbg_new(int secu + drbg->parent = parent; + + if (parent == NULL) { ++#ifdef OPENSSL_FIPS ++ drbg->get_entropy = rand_crngt_get_entropy; ++ drbg->cleanup_entropy = rand_crngt_cleanup_entropy; ++#else + drbg->get_entropy = rand_drbg_get_entropy; + drbg->cleanup_entropy = rand_drbg_cleanup_entropy; ++#endif + #ifndef RAND_DRBG_GET_RANDOM_NONCE + drbg->get_nonce = rand_drbg_get_nonce; + drbg->cleanup_nonce = rand_drbg_cleanup_nonce; +diff -up openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1g/crypto/rand/rand_crng_test.c +--- openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test 2020-04-23 13:30:45.864389819 +0200 ++++ openssl-1.1.1g/crypto/rand/rand_crng_test.c 2020-04-23 13:30:45.864389819 +0200 +@@ -0,0 +1,118 @@ ++/* ++ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++/* ++ * Implementation of the FIPS 140-2 section 4.9.2 Conditional Tests. ++ */ ++ ++#include ++#include ++#include "crypto/rand.h" ++#include "internal/thread_once.h" ++#include "rand_local.h" ++ ++static RAND_POOL *crngt_pool; ++static unsigned char crngt_prev[EVP_MAX_MD_SIZE]; ++ ++int (*crngt_get_entropy)(unsigned char *, unsigned char *, unsigned int *) ++ = &rand_crngt_get_entropy_cb; ++ ++int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md, ++ unsigned int *md_size) ++{ ++ int r; ++ size_t n; ++ unsigned char *p; ++ ++ n = rand_pool_acquire_entropy(crngt_pool); ++ if (n >= CRNGT_BUFSIZ) { ++ p = rand_pool_detach(crngt_pool); ++ r = EVP_Digest(p, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL); ++ if (r != 0) ++ memcpy(buf, p, CRNGT_BUFSIZ); ++ rand_pool_reattach(crngt_pool, p); ++ return r; ++ } ++ return 0; ++} ++ ++void rand_crngt_cleanup(void) ++{ ++ rand_pool_free(crngt_pool); ++ crngt_pool = NULL; ++} ++ ++int rand_crngt_init(void) ++{ ++ unsigned char buf[CRNGT_BUFSIZ]; ++ ++ if ((crngt_pool = rand_pool_new(0, 1, CRNGT_BUFSIZ, CRNGT_BUFSIZ)) == NULL) ++ return 0; ++ if (crngt_get_entropy(buf, crngt_prev, NULL)) { ++ OPENSSL_cleanse(buf, sizeof(buf)); ++ return 1; ++ } ++ rand_crngt_cleanup(); ++ return 0; ++} ++ ++static CRYPTO_ONCE rand_crngt_init_flag = CRYPTO_ONCE_STATIC_INIT; ++DEFINE_RUN_ONCE_STATIC(do_rand_crngt_init) ++{ ++ return OPENSSL_init_crypto(0, NULL) ++ && rand_crngt_init() ++ && OPENSSL_atexit(&rand_crngt_cleanup); ++} ++ ++int rand_crngt_single_init(void) ++{ ++ return RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init); ++} ++ ++size_t rand_crngt_get_entropy(RAND_DRBG *drbg, ++ unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len, ++ int prediction_resistance) ++{ ++ unsigned char buf[CRNGT_BUFSIZ], md[EVP_MAX_MD_SIZE]; ++ unsigned int sz; ++ RAND_POOL *pool; ++ size_t q, r = 0, s, t = 0; ++ int attempts = 3; ++ ++ if (!RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init)) ++ return 0; ++ ++ if ((pool = rand_pool_new(entropy, 1, min_len, max_len)) == NULL) ++ return 0; ++ ++ while ((q = rand_pool_bytes_needed(pool, 1)) > 0 && attempts-- > 0) { ++ s = q > sizeof(buf) ? sizeof(buf) : q; ++ if (!crngt_get_entropy(buf, md, &sz) ++ || memcmp(crngt_prev, md, sz) == 0 ++ || !rand_pool_add(pool, buf, s, s * 8)) ++ goto err; ++ memcpy(crngt_prev, md, sz); ++ t += s; ++ attempts++; ++ } ++ r = t; ++ *pout = rand_pool_detach(pool); ++err: ++ OPENSSL_cleanse(buf, sizeof(buf)); ++ rand_pool_free(pool); ++ return r; ++} ++ ++void rand_crngt_cleanup_entropy(RAND_DRBG *drbg, ++ unsigned char *out, size_t outlen) ++{ ++ OPENSSL_secure_clear_free(out, outlen); ++} +diff -up openssl-1.1.1g/crypto/rand/rand_local.h.crng-test openssl-1.1.1g/crypto/rand/rand_local.h +--- openssl-1.1.1g/crypto/rand/rand_local.h.crng-test 2020-04-23 13:30:45.470397250 +0200 ++++ openssl-1.1.1g/crypto/rand/rand_local.h 2020-04-23 13:30:45.864389819 +0200 +@@ -33,7 +33,15 @@ + # define MASTER_RESEED_TIME_INTERVAL (60*60) /* 1 hour */ + # define SLAVE_RESEED_TIME_INTERVAL (7*60) /* 7 minutes */ + +- ++/* ++ * The number of bytes that constitutes an atomic lump of entropy with respect ++ * to the FIPS 140-2 section 4.9.2 Conditional Tests. The size is somewhat ++ * arbitrary, the smaller the value, the less entropy is consumed on first ++ * read but the higher the probability of the test failing by accident. ++ * ++ * The value is in bytes. ++ */ ++#define CRNGT_BUFSIZ 16 + + /* + * Maximum input size for the DRBG (entropy, nonce, personalization string) +@@ -44,6 +52,8 @@ + */ + # define DRBG_MAX_LENGTH INT32_MAX + ++/* The default nonce */ ++# define DRBG_DEFAULT_PERS_STRING "OpenSSL NIST SP 800-90A DRBG" + + /* + * Maximum allocation size for RANDOM_POOL buffers +@@ -296,4 +306,22 @@ int rand_drbg_enable_locking(RAND_DRBG * + /* initializes the AES-CTR DRBG implementation */ + int drbg_ctr_init(RAND_DRBG *drbg); + ++/* ++ * Entropy call back for the FIPS 140-2 section 4.9.2 Conditional Tests. ++ * These need to be exposed for the unit tests. ++ */ ++int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md, ++ unsigned int *md_size); ++extern int (*crngt_get_entropy)(unsigned char *buf, unsigned char *md, ++ unsigned int *md_size); ++int rand_crngt_init(void); ++void rand_crngt_cleanup(void); ++ ++/* ++ * Expose the run once initialisation function for the unit tests because. ++ * they need to restart from scratch to validate the first block is skipped ++ * properly. ++ */ ++int rand_crngt_single_init(void); ++ + #endif +diff -up openssl-1.1.1g/include/crypto/rand.h.crng-test openssl-1.1.1g/include/crypto/rand.h +--- openssl-1.1.1g/include/crypto/rand.h.crng-test 2020-04-23 13:30:45.824390573 +0200 ++++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:30:45.864389819 +0200 +@@ -49,6 +49,14 @@ size_t rand_drbg_get_additional_data(RAN + + void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out); + ++/* CRNG test entropy filter callbacks. */ ++size_t rand_crngt_get_entropy(RAND_DRBG *drbg, ++ unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len, ++ int prediction_resistance); ++void rand_crngt_cleanup_entropy(RAND_DRBG *drbg, ++ unsigned char *out, size_t outlen); ++ + /* + * RAND_POOL functions + */ +diff -up openssl-1.1.1g/test/drbgtest.c.crng-test openssl-1.1.1g/test/drbgtest.c +--- openssl-1.1.1g/test/drbgtest.c.crng-test 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/test/drbgtest.c 2020-04-23 13:30:45.865389800 +0200 +@@ -150,6 +150,31 @@ static size_t kat_nonce(RAND_DRBG *drbg, + return t->noncelen; + } + ++ /* ++ * Disable CRNG testing if it is enabled. ++ * If the DRBG is ready or in an error state, this means an instantiate cycle ++ * for which the default personalisation string is used. ++ */ ++static int disable_crngt(RAND_DRBG *drbg) ++{ ++ static const char pers[] = DRBG_DEFAULT_PERS_STRING; ++ const int instantiate = drbg->state != DRBG_UNINITIALISED; ++ ++ if (drbg->get_entropy != rand_crngt_get_entropy) ++ return 1; ++ ++ if ((instantiate && !RAND_DRBG_uninstantiate(drbg)) ++ || !TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_drbg_get_entropy, ++ &rand_drbg_cleanup_entropy, ++ &rand_drbg_get_nonce, ++ &rand_drbg_cleanup_nonce)) ++ || (instantiate ++ && !RAND_DRBG_instantiate(drbg, (const unsigned char *)pers, ++ sizeof(pers) - 1))) ++ return 0; ++ return 1; ++} ++ + static int uninstantiate(RAND_DRBG *drbg) + { + int ret = drbg == NULL ? 1 : RAND_DRBG_uninstantiate(drbg); +@@ -175,7 +200,8 @@ static int single_kat(DRBG_SELFTEST_DATA + if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL))) + return 0; + if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, +- kat_nonce, NULL))) { ++ kat_nonce, NULL)) ++ || !TEST_true(disable_crngt(drbg))) { + failures++; + goto err; + } +@@ -293,7 +319,8 @@ static int error_check(DRBG_SELFTEST_DAT + unsigned int reseed_counter_tmp; + int ret = 0; + +- if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL))) ++ if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL)) ++ || !TEST_true(disable_crngt(drbg))) + goto err; + + /* +@@ -740,6 +767,10 @@ static int test_rand_drbg_reseed(void) + || !TEST_ptr_eq(private->parent, master)) + return 0; + ++ /* Disable CRNG testing for the master DRBG */ ++ if (!TEST_true(disable_crngt(master))) ++ return 0; ++ + /* uninstantiate the three global DRBGs */ + RAND_DRBG_uninstantiate(private); + RAND_DRBG_uninstantiate(public); +@@ -964,7 +995,8 @@ static int test_rand_seed(void) + size_t rand_buflen; + size_t required_seed_buflen = 0; + +- if (!TEST_ptr(master = RAND_DRBG_get0_master())) ++ if (!TEST_ptr(master = RAND_DRBG_get0_master()) ++ || !TEST_true(disable_crngt(master))) + return 0; + + #ifdef OPENSSL_RAND_SEED_NONE +@@ -1013,6 +1045,95 @@ static int test_rand_add(void) + return 1; + } + ++/* ++ * A list of the FIPS DRGB types. ++ */ ++static const struct s_drgb_types { ++ int nid; ++ int flags; ++} drgb_types[] = { ++ { NID_aes_128_ctr, 0 }, ++ { NID_aes_192_ctr, 0 }, ++ { NID_aes_256_ctr, 0 }, ++}; ++ ++/* Six cases for each covers seed sizes up to 32 bytes */ ++static const size_t crngt_num_cases = 6; ++ ++static size_t crngt_case, crngt_idx; ++ ++static int crngt_entropy_cb(unsigned char *buf, unsigned char *md, ++ unsigned int *md_size) ++{ ++ size_t i, z; ++ ++ if (!TEST_int_lt(crngt_idx, crngt_num_cases)) ++ return 0; ++ /* Generate a block of unique data unless this is the duplication point */ ++ z = crngt_idx++; ++ if (z > 0 && crngt_case == z) ++ z--; ++ for (i = 0; i < CRNGT_BUFSIZ; i++) ++ buf[i] = (unsigned char)(i + 'A' + z); ++ return EVP_Digest(buf, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL); ++} ++ ++static int test_crngt(int n) ++{ ++ const struct s_drgb_types *dt = drgb_types + n / crngt_num_cases; ++ RAND_DRBG *drbg = NULL; ++ unsigned char buff[100]; ++ size_t ent; ++ int res = 0; ++ int expect; ++ ++ if (!TEST_true(rand_crngt_single_init())) ++ return 0; ++ rand_crngt_cleanup(); ++ ++ if (!TEST_ptr(drbg = RAND_DRBG_new(dt->nid, dt->flags, NULL))) ++ return 0; ++ ent = (drbg->min_entropylen + CRNGT_BUFSIZ - 1) / CRNGT_BUFSIZ; ++ crngt_case = n % crngt_num_cases; ++ crngt_idx = 0; ++ crngt_get_entropy = &crngt_entropy_cb; ++ if (!TEST_true(rand_crngt_init())) ++ goto err; ++#ifndef OPENSSL_FIPS ++ if (!TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_crngt_get_entropy, ++ &rand_crngt_cleanup_entropy, ++ &rand_drbg_get_nonce, ++ &rand_drbg_cleanup_nonce))) ++ goto err; ++#endif ++ expect = crngt_case == 0 || crngt_case > ent; ++ if (!TEST_int_eq(RAND_DRBG_instantiate(drbg, NULL, 0), expect)) ++ goto err; ++ if (!expect) ++ goto fin; ++ if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0))) ++ goto err; ++ ++ expect = crngt_case == 0 || crngt_case > 2 * ent; ++ if (!TEST_int_eq(RAND_DRBG_reseed(drbg, NULL, 0, 0), expect)) ++ goto err; ++ if (!expect) ++ goto fin; ++ if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0))) ++ goto err; ++ ++fin: ++ res = 1; ++err: ++ if (!res) ++ TEST_note("DRBG %zd case %zd block %zd", n / crngt_num_cases, ++ crngt_case, crngt_idx); ++ uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ crngt_get_entropy = &rand_crngt_get_entropy_cb; ++ return res; ++} ++ + int setup_tests(void) + { + app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL); +@@ -1025,5 +1146,6 @@ int setup_tests(void) + #if defined(OPENSSL_THREADS) + ADD_TEST(test_multi_thread); + #endif ++ ADD_ALL_TESTS(test_crngt, crngt_num_cases * OSSL_NELEM(drgb_types)); + return 1; + } diff --git a/openssl-1.1.1-fips-curves.patch b/openssl-1.1.1-fips-curves.patch new file mode 100644 index 0000000..33e9fc5 --- /dev/null +++ b/openssl-1.1.1-fips-curves.patch @@ -0,0 +1,200 @@ +diff -up openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves openssl-1.1.1g/crypto/ec/ec_curve.c +--- openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves 2020-05-18 12:59:54.839643980 +0200 ++++ openssl-1.1.1g/crypto/ec/ec_curve.c 2020-05-18 12:59:54.852644093 +0200 +@@ -13,6 +13,7 @@ + #include + #include + #include ++#include + #include "internal/nelem.h" + + typedef struct { +@@ -237,6 +238,7 @@ static const struct { + + typedef struct _ec_list_element_st { + int nid; ++ int fips_allowed; + const EC_CURVE_DATA *data; + const EC_METHOD *(*meth) (void); + const char *comment; +@@ -246,23 +248,23 @@ static const ec_list_element curve_list[ + /* prime field curves */ + /* secg curves */ + #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +- {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, ++ {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, + "NIST/SECG curve over a 224 bit prime field"}, + #else +- {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, ++ {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, 0, + "NIST/SECG curve over a 224 bit prime field"}, + #endif +- {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, ++ {NID_secp256k1, 0, &_EC_SECG_PRIME_256K1.h, 0, + "SECG curve over a 256 bit prime field"}, + /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ +- {NID_secp384r1, &_EC_NIST_PRIME_384.h, ++ {NID_secp384r1, 1, &_EC_NIST_PRIME_384.h, + # if defined(S390X_EC_ASM) + EC_GFp_s390x_nistp384_method, + # else + 0, + # endif + "NIST/SECG curve over a 384 bit prime field"}, +- {NID_secp521r1, &_EC_NIST_PRIME_521.h, ++ {NID_secp521r1, 1, &_EC_NIST_PRIME_521.h, + # if defined(S390X_EC_ASM) + EC_GFp_s390x_nistp521_method, + # elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) +@@ -272,7 +274,7 @@ static const ec_list_element curve_list[ + # endif + "NIST/SECG curve over a 521 bit prime field"}, + /* X9.62 curves */ +- {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, ++ {NID_X9_62_prime256v1, 1, &_EC_X9_62_PRIME_256V1.h, + #if defined(ECP_NISTZ256_ASM) + EC_GFp_nistz256_method, + # elif defined(S390X_EC_ASM) +@@ -404,6 +406,10 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int + + for (i = 0; i < curve_list_length; i++) + if (curve_list[i].nid == nid) { ++ if (!curve_list[i].fips_allowed && FIPS_mode()) { ++ ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_NOT_A_NIST_PRIME); ++ return NULL; ++ } + ret = ec_group_new_from_data(curve_list[i]); + break; + } +@@ -418,19 +424,31 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int + + size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems) + { +- size_t i, min; ++ size_t i, j, num; ++ int fips_mode = FIPS_mode(); + +- if (r == NULL || nitems == 0) +- return curve_list_length; ++ num = curve_list_length; ++ if (fips_mode) ++ for (i = 0; i < curve_list_length; i++) { ++ if (!curve_list[i].fips_allowed) ++ --num; ++ } + +- min = nitems < curve_list_length ? nitems : curve_list_length; ++ if (r == NULL || nitems == 0) { ++ return num; ++ } + +- for (i = 0; i < min; i++) { +- r[i].nid = curve_list[i].nid; +- r[i].comment = curve_list[i].comment; ++ for (i = 0, j = 0; i < curve_list_length; i++) { ++ if (j >= nitems) ++ break; ++ if (!fips_mode || curve_list[i].fips_allowed) { ++ r[j].nid = curve_list[i].nid; ++ r[j].comment = curve_list[i].comment; ++ ++j; ++ } + } + +- return curve_list_length; ++ return num; + } + + /* Functions to translate between common NIST curve names and NIDs */ +diff -up openssl-1.1.1g/ssl/t1_lib.c.fips-curves openssl-1.1.1g/ssl/t1_lib.c +--- openssl-1.1.1g/ssl/t1_lib.c.fips-curves 2020-05-18 12:59:54.797643616 +0200 ++++ openssl-1.1.1g/ssl/t1_lib.c 2020-05-18 13:03:54.748725463 +0200 +@@ -678,6 +678,36 @@ static const uint16_t tls12_sigalgs[] = + #endif + }; + ++static const uint16_t tls12_fips_sigalgs[] = { ++#ifndef OPENSSL_NO_EC ++ TLSEXT_SIGALG_ecdsa_secp256r1_sha256, ++ TLSEXT_SIGALG_ecdsa_secp384r1_sha384, ++ TLSEXT_SIGALG_ecdsa_secp521r1_sha512, ++#endif ++ ++ TLSEXT_SIGALG_rsa_pss_pss_sha256, ++ TLSEXT_SIGALG_rsa_pss_pss_sha384, ++ TLSEXT_SIGALG_rsa_pss_pss_sha512, ++ TLSEXT_SIGALG_rsa_pss_rsae_sha256, ++ TLSEXT_SIGALG_rsa_pss_rsae_sha384, ++ TLSEXT_SIGALG_rsa_pss_rsae_sha512, ++ ++ TLSEXT_SIGALG_rsa_pkcs1_sha256, ++ TLSEXT_SIGALG_rsa_pkcs1_sha384, ++ TLSEXT_SIGALG_rsa_pkcs1_sha512, ++ ++#ifndef OPENSSL_NO_EC ++ TLSEXT_SIGALG_ecdsa_sha224, ++#endif ++ TLSEXT_SIGALG_rsa_pkcs1_sha224, ++#ifndef OPENSSL_NO_DSA ++ TLSEXT_SIGALG_dsa_sha224, ++ TLSEXT_SIGALG_dsa_sha256, ++ TLSEXT_SIGALG_dsa_sha384, ++ TLSEXT_SIGALG_dsa_sha512, ++#endif ++}; ++ + #ifndef OPENSSL_NO_EC + static const uint16_t suiteb_sigalgs[] = { + TLSEXT_SIGALG_ecdsa_secp256r1_sha256, +@@ -894,6 +924,8 @@ static const SIGALG_LOOKUP *tls1_get_leg + } + if (idx < 0 || idx >= (int)OSSL_NELEM(tls_default_sigalg)) + return NULL; ++ if (FIPS_mode()) /* We do not allow legacy SHA1 signatures in FIPS mode */ ++ return NULL; + if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) { + const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(tls_default_sigalg[idx]); + +@@ -954,6 +986,9 @@ size_t tls12_get_psigalgs(SSL *s, int se + } else if (s->cert->conf_sigalgs) { + *psigs = s->cert->conf_sigalgs; + return s->cert->conf_sigalgslen; ++ } else if (FIPS_mode()) { ++ *psigs = tls12_fips_sigalgs; ++ return OSSL_NELEM(tls12_fips_sigalgs); + } else { + *psigs = tls12_sigalgs; + return OSSL_NELEM(tls12_sigalgs); +@@ -973,6 +1008,9 @@ int tls_check_sigalg_curve(const SSL *s, + if (s->cert->conf_sigalgs) { + sigs = s->cert->conf_sigalgs; + siglen = s->cert->conf_sigalgslen; ++ } else if (FIPS_mode()) { ++ sigs = tls12_fips_sigalgs; ++ siglen = OSSL_NELEM(tls12_fips_sigalgs); + } else { + sigs = tls12_sigalgs; + siglen = OSSL_NELEM(tls12_sigalgs); +@@ -1617,6 +1655,8 @@ static int tls12_sigalg_allowed(const SS + if (lu->sig == NID_id_GostR3410_2012_256 + || lu->sig == NID_id_GostR3410_2012_512 + || lu->sig == NID_id_GostR3410_2001) { ++ if (FIPS_mode()) ++ return 0; + /* We never allow GOST sig algs on the server with TLSv1.3 */ + if (s->server && SSL_IS_TLS13(s)) + return 0; +@@ -2842,6 +2882,13 @@ int tls_choose_sigalg(SSL *s, int fatale + const uint16_t *sent_sigs; + size_t sent_sigslen; + ++ if (fatalerrs && FIPS_mode()) { ++ /* There are no suitable legacy algorithms in FIPS mode */ ++ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, ++ SSL_F_TLS_CHOOSE_SIGALG, ++ SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); ++ return 0; ++ } + if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) { + if (!fatalerrs) + return 1; diff --git a/openssl-1.1.1-fips-dh.patch b/openssl-1.1.1-fips-dh.patch new file mode 100644 index 0000000..d98372e --- /dev/null +++ b/openssl-1.1.1-fips-dh.patch @@ -0,0 +1,2806 @@ +diff -up openssl-1.1.1g/crypto/bn/bn_const.c.fips-dh openssl-1.1.1g/crypto/bn/bn_const.c +--- openssl-1.1.1g/crypto/bn/bn_const.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/bn/bn_const.c 2020-07-17 10:36:29.245788441 +0200 +@@ -1,13 +1,17 @@ + /* +- * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved. + * +- * Licensed under the OpenSSL license (the "License"). You may not use ++ * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + + #include ++#include "crypto/bn_dh.h" ++ ++#define COPY_BN(dst, src) (dst != NULL) ? BN_copy(dst, &src) : BN_dup(&src) ++ + + /*- + * "First Oakley Default Group" from RFC2409, section 6.1. +@@ -80,33 +84,7 @@ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_1536[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x23, 0x73, 0x27, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn); ++ return COPY_BN(bn, _bignum_modp_1536_p); + } + + /*- +@@ -119,41 +97,7 @@ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_2048[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, +- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, +- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, +- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, +- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, +- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, +- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, +- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, +- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn); ++ return COPY_BN(bn, _bignum_modp_2048_p); + } + + /*- +@@ -166,57 +110,7 @@ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_3072[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, +- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, +- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, +- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, +- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, +- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, +- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, +- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, +- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, +- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, +- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, +- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, +- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, +- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, +- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, +- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, +- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, +- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, +- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, +- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, +- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, +- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, +- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, +- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, +- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn); ++ return COPY_BN(bn, _bignum_modp_3072_p); + } + + /*- +@@ -229,73 +123,7 @@ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_4096[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, +- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, +- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, +- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, +- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, +- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, +- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, +- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, +- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, +- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, +- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, +- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, +- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, +- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, +- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, +- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, +- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, +- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, +- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, +- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, +- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, +- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, +- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, +- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, +- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, +- 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, +- 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, +- 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, +- 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, +- 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, +- 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, +- 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, +- 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, +- 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, +- 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, +- 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, +- 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, +- 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, +- 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, +- 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, +- 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn); ++ return COPY_BN(bn, _bignum_modp_4096_p); + } + + /*- +@@ -308,105 +136,7 @@ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_6144[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, +- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, +- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, +- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, +- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, +- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, +- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, +- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, +- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, +- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, +- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, +- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, +- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, +- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, +- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, +- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, +- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, +- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, +- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, +- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, +- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, +- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, +- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, +- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, +- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, +- 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, +- 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, +- 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, +- 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, +- 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, +- 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, +- 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, +- 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, +- 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, +- 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, +- 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, +- 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, +- 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, +- 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, +- 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, +- 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, +- 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, +- 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE, +- 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD, +- 0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, +- 0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE, +- 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, +- 0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, +- 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED, +- 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B, +- 0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, +- 0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42, +- 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF, +- 0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, +- 0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03, +- 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6, +- 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, +- 0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E, +- 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3, +- 0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, +- 0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, +- 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, +- 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, +- 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0, +- 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28, +- 0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, +- 0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, +- 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, +- 0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, +- 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68, +- 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE, +- 0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, +- 0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xCC, 0x40, 0x24, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn); ++ return COPY_BN(bn, _bignum_modp_6144_p); + } + + /*- +@@ -419,135 +149,5 @@ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM + + BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn) + { +- static const unsigned char RFC3526_PRIME_8192[] = { +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, +- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, +- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, +- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, +- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, +- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, +- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, +- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, +- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, +- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, +- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, +- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, +- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, +- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, +- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, +- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, +- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, +- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, +- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, +- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, +- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, +- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, +- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, +- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, +- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, +- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, +- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, +- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, +- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, +- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, +- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, +- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, +- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, +- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, +- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, +- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, +- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, +- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, +- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, +- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, +- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, +- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, +- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, +- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, +- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, +- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, +- 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, +- 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, +- 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, +- 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, +- 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, +- 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, +- 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, +- 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, +- 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, +- 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, +- 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, +- 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, +- 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, +- 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, +- 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, +- 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, +- 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, +- 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE, +- 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD, +- 0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, +- 0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE, +- 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, +- 0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, +- 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED, +- 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B, +- 0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, +- 0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42, +- 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF, +- 0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, +- 0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03, +- 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6, +- 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, +- 0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E, +- 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3, +- 0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, +- 0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, +- 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, +- 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, +- 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0, +- 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28, +- 0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, +- 0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, +- 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, +- 0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, +- 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68, +- 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE, +- 0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, +- 0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xBE, 0x11, 0x59, +- 0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4, +- 0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, +- 0xD8, 0xBE, 0xC4, 0xD0, 0x73, 0xB9, 0x31, 0xBA, +- 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00, +- 0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED, +- 0x25, 0x76, 0xF6, 0x93, 0x6B, 0xA4, 0x24, 0x66, +- 0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68, +- 0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78, +- 0x23, 0x8F, 0x16, 0xCB, 0xE3, 0x9D, 0x65, 0x2D, +- 0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9, +- 0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07, +- 0x13, 0xEB, 0x57, 0xA8, 0x1A, 0x23, 0xF0, 0xC7, +- 0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B, +- 0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD, +- 0xFA, 0x9D, 0x4B, 0x7F, 0xA2, 0xC0, 0x87, 0xE8, +- 0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A, +- 0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6, +- 0x6D, 0x2A, 0x13, 0xF8, 0x3F, 0x44, 0xF8, 0x2D, +- 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36, +- 0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1, +- 0x64, 0xF3, 0x1C, 0xC5, 0x08, 0x46, 0x85, 0x1D, +- 0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1, +- 0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, +- 0xFA, 0xF3, 0x6B, 0xC3, 0x1E, 0xCF, 0xA2, 0x68, +- 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92, +- 0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7, +- 0x88, 0x9A, 0x00, 0x2E, 0xD5, 0xEE, 0x38, 0x2B, +- 0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47, +- 0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA, +- 0x9E, 0x30, 0x50, 0xE2, 0x76, 0x56, 0x94, 0xDF, +- 0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71, +- 0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- }; +- return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn); ++ return COPY_BN(bn, _bignum_modp_8192_p); + } +diff -up openssl-1.1.1g/crypto/bn/bn_dh.c.fips-dh openssl-1.1.1g/crypto/bn/bn_dh.c +--- openssl-1.1.1g/crypto/bn/bn_dh.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/bn/bn_dh.c 2020-07-17 10:36:29.246788449 +0200 +@@ -1,7 +1,7 @@ + /* +- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved. + * +- * Licensed under the OpenSSL license (the "License"). You may not use ++ * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html +@@ -11,474 +11,995 @@ + #include "internal/nelem.h" + + #ifndef OPENSSL_NO_DH +-#include +-#include "crypto/bn_dh.h" +-/* DH parameters from RFC5114 */ ++# include ++# include "crypto/bn_dh.h" + + # if BN_BITS2 == 64 +-static const BN_ULONG dh1024_160_p[] = { +- 0xDF1FB2BC2E4A4371ULL, 0xE68CFDA76D4DA708ULL, 0x45BF37DF365C1A65ULL, +- 0xA151AF5F0DC8B4BDULL, 0xFAA31A4FF55BCCC0ULL, 0x4EFFD6FAE5644738ULL, +- 0x98488E9C219A7372ULL, 0xACCBDD7D90C4BD70ULL, 0x24975C3CD49B83BFULL, +- 0x13ECB4AEA9061123ULL, 0x9838EF1E2EE652C0ULL, 0x6073E28675A23D18ULL, +- 0x9A6A9DCA52D23B61ULL, 0x52C99FBCFB06A3C6ULL, 0xDE92DE5EAE5D54ECULL, +- 0xB10B8F96A080E01DULL +-}; +- +-static const BN_ULONG dh1024_160_g[] = { +- 0x855E6EEB22B3B2E5ULL, 0x858F4DCEF97C2A24ULL, 0x2D779D5918D08BC8ULL, +- 0xD662A4D18E73AFA3ULL, 0x1DBF0A0169B6A28AULL, 0xA6A24C087A091F53ULL, +- 0x909D0D2263F80A76ULL, 0xD7FBD7D3B9A92EE1ULL, 0x5E91547F9E2749F4ULL, +- 0x160217B4B01B886AULL, 0x777E690F5504F213ULL, 0x266FEA1E5C41564BULL, +- 0xD6406CFF14266D31ULL, 0xF8104DD258AC507FULL, 0x6765A442EFB99905ULL, +- 0xA4D1CBD5C3FD3412ULL +-}; +- +-static const BN_ULONG dh1024_160_q[] = { +- 0x64B7CB9D49462353ULL, 0x81A8DF278ABA4E7DULL, 0x00000000F518AA87ULL +-}; +- +-static const BN_ULONG dh2048_224_p[] = { +- 0x0AC4DFFE0C10E64FULL, 0xCF9DE5384E71B81CULL, 0x7EF363E2FFA31F71ULL, +- 0xE3FB73C16B8E75B9ULL, 0xC9B53DCF4BA80A29ULL, 0x23F10B0E16E79763ULL, +- 0xC52172E413042E9BULL, 0xBE60E69CC928B2B9ULL, 0x80CD86A1B9E587E8ULL, +- 0x315D75E198C641A4ULL, 0xCDF93ACC44328387ULL, 0x15987D9ADC0A486DULL, +- 0x7310F7121FD5A074ULL, 0x278273C7DE31EFDCULL, 0x1602E714415D9330ULL, +- 0x81286130BC8985DBULL, 0xB3BF8A3170918836ULL, 0x6A00E0A0B9C49708ULL, +- 0xC6BA0B2C8BBC27BEULL, 0xC9F98D11ED34DBF6ULL, 0x7AD5B7D0B6C12207ULL, +- 0xD91E8FEF55B7394BULL, 0x9037C9EDEFDA4DF8ULL, 0x6D3F8152AD6AC212ULL, +- 0x1DE6B85A1274A0A6ULL, 0xEB3D688A309C180EULL, 0xAF9A3C407BA1DF15ULL, +- 0xE6FA141DF95A56DBULL, 0xB54B1597B61D0A75ULL, 0xA20D64E5683B9FD1ULL, +- 0xD660FAA79559C51FULL, 0xAD107E1E9123A9D0ULL +-}; +- +-static const BN_ULONG dh2048_224_g[] = { +- 0x84B890D3191F2BFAULL, 0x81BC087F2A7065B3ULL, 0x19C418E1F6EC0179ULL, +- 0x7B5A0F1C71CFFF4CULL, 0xEDFE72FE9B6AA4BDULL, 0x81E1BCFE94B30269ULL, +- 0x566AFBB48D6C0191ULL, 0xB539CCE3409D13CDULL, 0x6AA21E7F5F2FF381ULL, +- 0xD9E263E4770589EFULL, 0x10E183EDD19963DDULL, 0xB70A8137150B8EEBULL, +- 0x051AE3D428C8F8ACULL, 0xBB77A86F0C1AB15BULL, 0x6E3025E316A330EFULL, +- 0x19529A45D6F83456ULL, 0xF180EB34118E98D1ULL, 0xB5F6C6B250717CBEULL, +- 0x09939D54DA7460CDULL, 0xE247150422EA1ED4ULL, 0xB8A762D0521BC98AULL, +- 0xF4D027275AC1348BULL, 0xC17669101999024AULL, 0xBE5E9001A8D66AD7ULL, +- 0xC57DB17C620A8652ULL, 0xAB739D7700C29F52ULL, 0xDD921F01A70C4AFAULL, +- 0xA6824A4E10B9A6F0ULL, 0x74866A08CFE4FFE3ULL, 0x6CDEBE7B89998CAFULL, +- 0x9DF30B5C8FFDAC50ULL, 0xAC4032EF4F2D9AE3ULL +-}; +- +-static const BN_ULONG dh2048_224_q[] = { +- 0xBF389A99B36371EBULL, 0x1F80535A4738CEBCULL, 0xC58D93FE99717710ULL, +- 0x00000000801C0D34ULL +-}; +- +-static const BN_ULONG dh2048_256_p[] = { +- 0xDB094AE91E1A1597ULL, 0x693877FAD7EF09CAULL, 0x6116D2276E11715FULL, +- 0xA4B54330C198AF12ULL, 0x75F26375D7014103ULL, 0xC3A3960A54E710C3ULL, +- 0xDED4010ABD0BE621ULL, 0xC0B857F689962856ULL, 0xB3CA3F7971506026ULL, +- 0x1CCACB83E6B486F6ULL, 0x67E144E514056425ULL, 0xF6A167B5A41825D9ULL, +- 0x3AD8347796524D8EULL, 0xF13C6D9A51BFA4ABULL, 0x2D52526735488A0EULL, +- 0xB63ACAE1CAA6B790ULL, 0x4FDB70C581B23F76ULL, 0xBC39A0BF12307F5CULL, +- 0xB941F54EB1E59BB8ULL, 0x6C5BFC11D45F9088ULL, 0x22E0B1EF4275BF7BULL, +- 0x91F9E6725B4758C0ULL, 0x5A8A9D306BCF67EDULL, 0x209E0C6497517ABDULL, +- 0x3BF4296D830E9A7CULL, 0x16C3D91134096FAAULL, 0xFAF7DF4561B2AA30ULL, +- 0xE00DF8F1D61957D4ULL, 0x5D2CEED4435E3B00ULL, 0x8CEEF608660DD0F2ULL, +- 0xFFBBD19C65195999ULL, 0x87A8E61DB4B6663CULL +-}; ++# define BN_DEF(lo, hi) (BN_ULONG)hi << 32 | lo ++# else ++# define BN_DEF(lo, hi) lo, hi ++# endif + +-static const BN_ULONG dh2048_256_g[] = { +- 0x664B4C0F6CC41659ULL, 0x5E2327CFEF98C582ULL, 0xD647D148D4795451ULL, +- 0x2F63078490F00EF8ULL, 0x184B523D1DB246C3ULL, 0xC7891428CDC67EB6ULL, +- 0x7FD028370DF92B52ULL, 0xB3353BBB64E0EC37ULL, 0xECD06E1557CD0915ULL, +- 0xB7D2BBD2DF016199ULL, 0xC8484B1E052588B9ULL, 0xDB2A3B7313D3FE14ULL, +- 0xD052B985D182EA0AULL, 0xA4BD1BFFE83B9C80ULL, 0xDFC967C1FB3F2E55ULL, +- 0xB5045AF2767164E1ULL, 0x1D14348F6F2F9193ULL, 0x64E67982428EBC83ULL, +- 0x8AC376D282D6ED38ULL, 0x777DE62AAAB8A862ULL, 0xDDF463E5E9EC144BULL, +- 0x0196F931C77A57F2ULL, 0xA55AE31341000A65ULL, 0x901228F8C28CBB18ULL, +- 0xBC3773BF7E8C6F62ULL, 0xBE3A6C1B0C6B47B1ULL, 0xFF4FED4AAC0BB555ULL, +- 0x10DBC15077BE463FULL, 0x07F4793A1A0BA125ULL, 0x4CA7B18F21EF2054ULL, +- 0x2E77506660EDBD48ULL, 0x3FB32C9B73134D0BULL +-}; ++/* DH parameters from RFC3526 */ + +-static const BN_ULONG dh2048_256_q[] = { +- 0xA308B0FE64F5FBD3ULL, 0x99B1A47D1EB3750BULL, 0xB447997640129DA2ULL, +- 0x8CF83642A709A097ULL ++/* ++ * "1536-bit MODP Group" from RFC3526, Section 2. ++ * ++ * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 } ++ * ++ * RFC3526 specifies a generator of 2. ++ * RFC2312 specifies a generator of 22. ++ */ ++static const BN_ULONG modp_1536_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xCA237327, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_1536_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x6511B993, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF) + }; + +-/* Primes from RFC 7919 */ +-static const BN_ULONG ffdhe2048_p[] = { +- 0xFFFFFFFFFFFFFFFFULL, 0x886B423861285C97ULL, 0xC6F34A26C1B2EFFAULL, +- 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, 0xC3FE3B1B4C6FAD73ULL, +- 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, 0xC03404CD28342F61ULL, +- 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, 0xAE56EDE76372BB19ULL, +- 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, 0xD108A94BB2C8E3FBULL, +- 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, 0x1DF158A136ADE735ULL, +- 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, 0xB557135E7F57C935ULL, +- 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, 0xD3DF1ED5D5FD6561ULL, +- 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, 0xCC939DCE249B3EF9ULL, +- 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, 0xAFDC5620273D3CF1ULL, +- 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL ++/*- ++ * "2048-bit MODP Group" from RFC3526, Section 3. ++ * ++ * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } ++ * ++ * RFC3526 specifies a generator of 2. ++ */ ++static const BN_ULONG modp_2048_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x8AACAA68, 0x15728E5A), ++ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), ++ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), ++ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), ++ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_2048_q[] = { ++ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x45565534, 0x0AB9472D), ++ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), ++ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), ++ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), ++ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-static const BN_ULONG ffdhe3072_p[] = { +- 0xFFFFFFFFFFFFFFFFULL, 0x25E41D2B66C62E37ULL, 0x3C1B20EE3FD59D7CULL, +- 0x0ABCD06BFA53DDEFULL, 0x1DBF9A42D5C4484EULL, 0xABC521979B0DEADAULL, +- 0xE86D2BC522363A0DULL, 0x5CAE82AB9C9DF69EULL, 0x64F2E21E71F54BFFULL, +- 0xF4FD4452E2D74DD3ULL, 0xB4130C93BC437944ULL, 0xAEFE130985139270ULL, +- 0x598CB0FAC186D91CULL, 0x7AD91D2691F7F7EEULL, 0x61B46FC9D6E6C907ULL, +- 0xBC34F4DEF99C0238ULL, 0xDE355B3B6519035BULL, 0x886B4238611FCFDCULL, +- 0xC6F34A26C1B2EFFAULL, 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, +- 0xC3FE3B1B4C6FAD73ULL, 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, +- 0xC03404CD28342F61ULL, 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, +- 0xAE56EDE76372BB19ULL, 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, +- 0xD108A94BB2C8E3FBULL, 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, +- 0x1DF158A136ADE735ULL, 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, +- 0xB557135E7F57C935ULL, 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, +- 0xD3DF1ED5D5FD6561ULL, 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, +- 0xCC939DCE249B3EF9ULL, 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, +- 0xAFDC5620273D3CF1ULL, 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL ++/*- ++ * "3072-bit MODP Group" from RFC3526, Section 4. ++ * ++ * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 } ++ * ++ * RFC3526 specifies a generator of 2. ++ */ ++static const BN_ULONG modp_3072_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xA93AD2CA, 0x4B82D120), ++ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), ++ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), ++ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), ++ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), ++ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), ++ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), ++ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), ++ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), ++ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), ++ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), ++ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), ++ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_3072_q[] = { ++ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x549D6965, 0x25C16890), ++ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), ++ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), ++ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), ++ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), ++ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), ++ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), ++ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), ++ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), ++ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), ++ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), ++ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), ++ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-static const BN_ULONG ffdhe4096_p[] = { +- 0xFFFFFFFFFFFFFFFFULL, 0xC68A007E5E655F6AULL, 0x4DB5A851F44182E1ULL, +- 0x8EC9B55A7F88A46BULL, 0x0A8291CDCEC97DCFULL, 0x2A4ECEA9F98D0ACCULL, +- 0x1A1DB93D7140003CULL, 0x092999A333CB8B7AULL, 0x6DC778F971AD0038ULL, +- 0xA907600A918130C4ULL, 0xED6A1E012D9E6832ULL, 0x7135C886EFB4318AULL, +- 0x87F55BA57E31CC7AULL, 0x7763CF1D55034004ULL, 0xAC7D5F42D69F6D18ULL, +- 0x7930E9E4E58857B6ULL, 0x6E6F52C3164DF4FBULL, 0x25E41D2B669E1EF1ULL, +- 0x3C1B20EE3FD59D7CULL, 0x0ABCD06BFA53DDEFULL, 0x1DBF9A42D5C4484EULL, +- 0xABC521979B0DEADAULL, 0xE86D2BC522363A0DULL, 0x5CAE82AB9C9DF69EULL, +- 0x64F2E21E71F54BFFULL, 0xF4FD4452E2D74DD3ULL, 0xB4130C93BC437944ULL, +- 0xAEFE130985139270ULL, 0x598CB0FAC186D91CULL, 0x7AD91D2691F7F7EEULL, +- 0x61B46FC9D6E6C907ULL, 0xBC34F4DEF99C0238ULL, 0xDE355B3B6519035BULL, +- 0x886B4238611FCFDCULL, 0xC6F34A26C1B2EFFAULL, 0xC58EF1837D1683B2ULL, +- 0x3BB5FCBC2EC22005ULL, 0xC3FE3B1B4C6FAD73ULL, 0x8E4F1232EEF28183ULL, +- 0x9172FE9CE98583FFULL, 0xC03404CD28342F61ULL, 0x9E02FCE1CDF7E2ECULL, +- 0x0B07A7C8EE0A6D70ULL, 0xAE56EDE76372BB19ULL, 0x1D4F42A3DE394DF4ULL, +- 0xB96ADAB760D7F468ULL, 0xD108A94BB2C8E3FBULL, 0xBC0AB182B324FB61ULL, +- 0x30ACCA4F483A797AULL, 0x1DF158A136ADE735ULL, 0xE2A689DAF3EFE872ULL, +- 0x984F0C70E0E68B77ULL, 0xB557135E7F57C935ULL, 0x856365553DED1AF3ULL, +- 0x2433F51F5F066ED0ULL, 0xD3DF1ED5D5FD6561ULL, 0xF681B202AEC4617AULL, +- 0x7D2FE363630C75D8ULL, 0xCC939DCE249B3EF9ULL, 0xA9E13641146433FBULL, +- 0xD8B9C583CE2D3695ULL, 0xAFDC5620273D3CF1ULL, 0xADF85458A2BB4A9AULL, +- 0xFFFFFFFFFFFFFFFFULL ++/*- ++ * "4096-bit MODP Group" from RFC3526, Section 5. ++ * ++ * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 } ++ * ++ * RFC3526 specifies a generator of 2. ++ */ ++static const BN_ULONG modp_4096_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x34063199, 0x4DF435C9), ++ BN_DEF(0x90A6C08F, 0x86FFB7DC), BN_DEF(0x8D8FDDC1, 0x93B4EA98), ++ BN_DEF(0xD5B05AA9, 0xD0069127), BN_DEF(0x2170481C, 0xB81BDD76), ++ BN_DEF(0xCEE2D7AF, 0x1F612970), BN_DEF(0x515BE7ED, 0x233BA186), ++ BN_DEF(0xA090C3A2, 0x99B2964F), BN_DEF(0x4E6BC05D, 0x287C5947), ++ BN_DEF(0x1FBECAA6, 0x2E8EFC14), BN_DEF(0x04DE8EF9, 0xDBBBC2DB), ++ BN_DEF(0x2AD44CE8, 0x2583E9CA), BN_DEF(0xB6150BDA, 0x1A946834), ++ BN_DEF(0x6AF4E23C, 0x99C32718), BN_DEF(0xBDBA5B26, 0x88719A10), ++ BN_DEF(0xA787E6D7, 0x1A723C12), BN_DEF(0xA9210801, 0x4B82D120), ++ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), ++ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), ++ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), ++ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), ++ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), ++ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), ++ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), ++ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), ++ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), ++ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), ++ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), ++ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_4096_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x9A0318CC, 0xA6FA1AE4), ++ BN_DEF(0x48536047, 0xC37FDBEE), BN_DEF(0x46C7EEE0, 0xC9DA754C), ++ BN_DEF(0xEAD82D54, 0x68034893), BN_DEF(0x10B8240E, 0xDC0DEEBB), ++ BN_DEF(0x67716BD7, 0x8FB094B8), BN_DEF(0x28ADF3F6, 0x119DD0C3), ++ BN_DEF(0xD04861D1, 0xCCD94B27), BN_DEF(0xA735E02E, 0x143E2CA3), ++ BN_DEF(0x0FDF6553, 0x97477E0A), BN_DEF(0x826F477C, 0x6DDDE16D), ++ BN_DEF(0x156A2674, 0x12C1F4E5), BN_DEF(0x5B0A85ED, 0x0D4A341A), ++ BN_DEF(0x357A711E, 0x4CE1938C), BN_DEF(0x5EDD2D93, 0xC438CD08), ++ BN_DEF(0x53C3F36B, 0x8D391E09), BN_DEF(0x54908400, 0x25C16890), ++ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), ++ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), ++ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), ++ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), ++ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), ++ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), ++ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), ++ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), ++ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), ++ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), ++ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), ++ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-static const BN_ULONG ffdhe6144_p[] = { +- 0xFFFFFFFFFFFFFFFFULL, 0xA40E329CD0E40E65ULL, 0xA41D570D7938DAD4ULL, +- 0x62A69526D43161C1ULL, 0x3FDD4A8E9ADB1E69ULL, 0x5B3B71F9DC6B80D6ULL, +- 0xEC9D1810C6272B04ULL, 0x8CCF2DD5CACEF403ULL, 0xE49F5235C95B9117ULL, +- 0x505DC82DB854338AULL, 0x62292C311562A846ULL, 0xD72B03746AE77F5EULL, +- 0xF9C9091B462D538CULL, 0x0AE8DB5847A67CBEULL, 0xB3A739C122611682ULL, +- 0xEEAAC0232A281BF6ULL, 0x94C6651E77CAF992ULL, 0x763E4E4B94B2BBC1ULL, +- 0x587E38DA0077D9B4ULL, 0x7FB29F8C183023C3ULL, 0x0ABEC1FFF9E3A26EULL, +- 0xA00EF092350511E3ULL, 0xB855322EDB6340D8ULL, 0xA52471F7A9A96910ULL, +- 0x388147FB4CFDB477ULL, 0x9B1F5C3E4E46041FULL, 0xCDAD0657FCCFEC71ULL, +- 0xB38E8C334C701C3AULL, 0x917BDD64B1C0FD4CULL, 0x3BB454329B7624C8ULL, +- 0x23BA4442CAF53EA6ULL, 0x4E677D2C38532A3AULL, 0x0BFD64B645036C7AULL, +- 0xC68A007E5E0DD902ULL, 0x4DB5A851F44182E1ULL, 0x8EC9B55A7F88A46BULL, +- 0x0A8291CDCEC97DCFULL, 0x2A4ECEA9F98D0ACCULL, 0x1A1DB93D7140003CULL, +- 0x092999A333CB8B7AULL, 0x6DC778F971AD0038ULL, 0xA907600A918130C4ULL, +- 0xED6A1E012D9E6832ULL, 0x7135C886EFB4318AULL, 0x87F55BA57E31CC7AULL, +- 0x7763CF1D55034004ULL, 0xAC7D5F42D69F6D18ULL, 0x7930E9E4E58857B6ULL, +- 0x6E6F52C3164DF4FBULL, 0x25E41D2B669E1EF1ULL, 0x3C1B20EE3FD59D7CULL, +- 0x0ABCD06BFA53DDEFULL, 0x1DBF9A42D5C4484EULL, 0xABC521979B0DEADAULL, +- 0xE86D2BC522363A0DULL, 0x5CAE82AB9C9DF69EULL, 0x64F2E21E71F54BFFULL, +- 0xF4FD4452E2D74DD3ULL, 0xB4130C93BC437944ULL, 0xAEFE130985139270ULL, +- 0x598CB0FAC186D91CULL, 0x7AD91D2691F7F7EEULL, 0x61B46FC9D6E6C907ULL, +- 0xBC34F4DEF99C0238ULL, 0xDE355B3B6519035BULL, 0x886B4238611FCFDCULL, +- 0xC6F34A26C1B2EFFAULL, 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, +- 0xC3FE3B1B4C6FAD73ULL, 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, +- 0xC03404CD28342F61ULL, 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, +- 0xAE56EDE76372BB19ULL, 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, +- 0xD108A94BB2C8E3FBULL, 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, +- 0x1DF158A136ADE735ULL, 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, +- 0xB557135E7F57C935ULL, 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, +- 0xD3DF1ED5D5FD6561ULL, 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, +- 0xCC939DCE249B3EF9ULL, 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, +- 0xAFDC5620273D3CF1ULL, 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL ++/*- ++ * "6144-bit MODP Group" from RFC3526, Section 6. ++ * ++ * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 } ++ * ++ * RFC3526 specifies a generator of 2. ++ */ ++static const BN_ULONG modp_6144_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x6DCC4024, 0xE694F91E), ++ BN_DEF(0x0B7474D6, 0x12BF2D5B), BN_DEF(0x3F4860EE, 0x043E8F66), ++ BN_DEF(0x6E3C0468, 0x387FE8D7), BN_DEF(0x2EF29632, 0xDA56C9EC), ++ BN_DEF(0xA313D55C, 0xEB19CCB1), BN_DEF(0x8A1FBFF0, 0xF550AA3D), ++ BN_DEF(0xB7C5DA76, 0x06A1D58B), BN_DEF(0xF29BE328, 0xA79715EE), ++ BN_DEF(0x0F8037E0, 0x14CC5ED2), BN_DEF(0xBF48E1D8, 0xCC8F6D7E), ++ BN_DEF(0x2B4154AA, 0x4BD407B2), BN_DEF(0xFF585AC5, 0x0F1D45B7), ++ BN_DEF(0x36CC88BE, 0x23A97A7E), BN_DEF(0xBEC7E8F3, 0x59E7C97F), ++ BN_DEF(0x900B1C9E, 0xB5A84031), BN_DEF(0x46980C82, 0xD55E702F), ++ BN_DEF(0x6E74FEF6, 0xF482D7CE), BN_DEF(0xD1721D03, 0xF032EA15), ++ BN_DEF(0xC64B92EC, 0x5983CA01), BN_DEF(0x378CD2BF, 0x6FB8F401), ++ BN_DEF(0x2BD7AF42, 0x33205151), BN_DEF(0xE6CC254B, 0xDB7F1447), ++ BN_DEF(0xCED4BB1B, 0x44CE6CBA), BN_DEF(0xCF9B14ED, 0xDA3EDBEB), ++ BN_DEF(0x865A8918, 0x179727B0), BN_DEF(0x9027D831, 0xB06A53ED), ++ BN_DEF(0x413001AE, 0xE5DB382F), BN_DEF(0xAD9E530E, 0xF8FF9406), ++ BN_DEF(0x3DBA37BD, 0xC9751E76), BN_DEF(0x602646DE, 0xC1D4DCB2), ++ BN_DEF(0xD27C7026, 0x36C3FAB4), BN_DEF(0x34028492, 0x4DF435C9), ++ BN_DEF(0x90A6C08F, 0x86FFB7DC), BN_DEF(0x8D8FDDC1, 0x93B4EA98), ++ BN_DEF(0xD5B05AA9, 0xD0069127), BN_DEF(0x2170481C, 0xB81BDD76), ++ BN_DEF(0xCEE2D7AF, 0x1F612970), BN_DEF(0x515BE7ED, 0x233BA186), ++ BN_DEF(0xA090C3A2, 0x99B2964F), BN_DEF(0x4E6BC05D, 0x287C5947), ++ BN_DEF(0x1FBECAA6, 0x2E8EFC14), BN_DEF(0x04DE8EF9, 0xDBBBC2DB), ++ BN_DEF(0x2AD44CE8, 0x2583E9CA), BN_DEF(0xB6150BDA, 0x1A946834), ++ BN_DEF(0x6AF4E23C, 0x99C32718), BN_DEF(0xBDBA5B26, 0x88719A10), ++ BN_DEF(0xA787E6D7, 0x1A723C12), BN_DEF(0xA9210801, 0x4B82D120), ++ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), ++ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), ++ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), ++ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), ++ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), ++ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), ++ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), ++ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), ++ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), ++ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), ++ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), ++ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_6144_q[] = { ++ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x36E62012, 0x734A7C8F), ++ BN_DEF(0x85BA3A6B, 0x095F96AD), BN_DEF(0x1FA43077, 0x021F47B3), ++ BN_DEF(0xB71E0234, 0x1C3FF46B), BN_DEF(0x17794B19, 0x6D2B64F6), ++ BN_DEF(0xD189EAAE, 0x758CE658), BN_DEF(0xC50FDFF8, 0x7AA8551E), ++ BN_DEF(0xDBE2ED3B, 0x0350EAC5), BN_DEF(0x794DF194, 0x53CB8AF7), ++ BN_DEF(0x07C01BF0, 0x0A662F69), BN_DEF(0x5FA470EC, 0x6647B6BF), ++ BN_DEF(0x15A0AA55, 0xA5EA03D9), BN_DEF(0xFFAC2D62, 0x078EA2DB), ++ BN_DEF(0x1B66445F, 0x91D4BD3F), BN_DEF(0xDF63F479, 0x2CF3E4BF), ++ BN_DEF(0xC8058E4F, 0x5AD42018), BN_DEF(0xA34C0641, 0x6AAF3817), ++ BN_DEF(0x373A7F7B, 0xFA416BE7), BN_DEF(0xE8B90E81, 0x7819750A), ++ BN_DEF(0xE325C976, 0xACC1E500), BN_DEF(0x9BC6695F, 0x37DC7A00), ++ BN_DEF(0x95EBD7A1, 0x999028A8), BN_DEF(0xF36612A5, 0xEDBF8A23), ++ BN_DEF(0x676A5D8D, 0xA267365D), BN_DEF(0xE7CD8A76, 0x6D1F6DF5), ++ BN_DEF(0x432D448C, 0x8BCB93D8), BN_DEF(0xC813EC18, 0x583529F6), ++ BN_DEF(0xA09800D7, 0x72ED9C17), BN_DEF(0x56CF2987, 0xFC7FCA03), ++ BN_DEF(0x1EDD1BDE, 0x64BA8F3B), BN_DEF(0x3013236F, 0x60EA6E59), ++ BN_DEF(0x693E3813, 0x1B61FD5A), BN_DEF(0x9A014249, 0xA6FA1AE4), ++ BN_DEF(0x48536047, 0xC37FDBEE), BN_DEF(0x46C7EEE0, 0xC9DA754C), ++ BN_DEF(0xEAD82D54, 0x68034893), BN_DEF(0x10B8240E, 0xDC0DEEBB), ++ BN_DEF(0x67716BD7, 0x8FB094B8), BN_DEF(0x28ADF3F6, 0x119DD0C3), ++ BN_DEF(0xD04861D1, 0xCCD94B27), BN_DEF(0xA735E02E, 0x143E2CA3), ++ BN_DEF(0x0FDF6553, 0x97477E0A), BN_DEF(0x826F477C, 0x6DDDE16D), ++ BN_DEF(0x156A2674, 0x12C1F4E5), BN_DEF(0x5B0A85ED, 0x0D4A341A), ++ BN_DEF(0x357A711E, 0x4CE1938C), BN_DEF(0x5EDD2D93, 0xC438CD08), ++ BN_DEF(0x53C3F36B, 0x8D391E09), BN_DEF(0x54908400, 0x25C16890), ++ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), ++ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), ++ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), ++ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), ++ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), ++ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), ++ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), ++ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), ++ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), ++ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), ++ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), ++ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-static const BN_ULONG ffdhe8192_p[] = { +- 0xFFFFFFFFFFFFFFFFULL, 0xD68C8BB7C5C6424CULL, 0x011E2A94838FF88CULL, +- 0x0822E506A9F4614EULL, 0x97D11D49F7A8443DULL, 0xA6BBFDE530677F0DULL, +- 0x2F741EF8C1FE86FEULL, 0xFAFABE1C5D71A87EULL, 0xDED2FBABFBE58A30ULL, +- 0xB6855DFE72B0A66EULL, 0x1EFC8CE0BA8A4FE8ULL, 0x83F81D4A3F2FA457ULL, +- 0xA1FE3075A577E231ULL, 0xD5B8019488D9C0A0ULL, 0x624816CDAD9A95F9ULL, +- 0x99E9E31650C1217BULL, 0x51AA691E0E423CFCULL, 0x1C217E6C3826E52CULL, +- 0x51A8A93109703FEEULL, 0xBB7099876A460E74ULL, 0x541FC68C9C86B022ULL, +- 0x59160CC046FD8251ULL, 0x2846C0BA35C35F5CULL, 0x54504AC78B758282ULL, +- 0x29388839D2AF05E4ULL, 0xCB2C0F1CC01BD702ULL, 0x555B2F747C932665ULL, +- 0x86B63142A3AB8829ULL, 0x0B8CC3BDF64B10EFULL, 0x687FEB69EDD1CC5EULL, +- 0xFDB23FCEC9509D43ULL, 0x1E425A31D951AE64ULL, 0x36AD004CF600C838ULL, +- 0xA40E329CCFF46AAAULL, 0xA41D570D7938DAD4ULL, 0x62A69526D43161C1ULL, +- 0x3FDD4A8E9ADB1E69ULL, 0x5B3B71F9DC6B80D6ULL, 0xEC9D1810C6272B04ULL, +- 0x8CCF2DD5CACEF403ULL, 0xE49F5235C95B9117ULL, 0x505DC82DB854338AULL, +- 0x62292C311562A846ULL, 0xD72B03746AE77F5EULL, 0xF9C9091B462D538CULL, +- 0x0AE8DB5847A67CBEULL, 0xB3A739C122611682ULL, 0xEEAAC0232A281BF6ULL, +- 0x94C6651E77CAF992ULL, 0x763E4E4B94B2BBC1ULL, 0x587E38DA0077D9B4ULL, +- 0x7FB29F8C183023C3ULL, 0x0ABEC1FFF9E3A26EULL, 0xA00EF092350511E3ULL, +- 0xB855322EDB6340D8ULL, 0xA52471F7A9A96910ULL, 0x388147FB4CFDB477ULL, +- 0x9B1F5C3E4E46041FULL, 0xCDAD0657FCCFEC71ULL, 0xB38E8C334C701C3AULL, +- 0x917BDD64B1C0FD4CULL, 0x3BB454329B7624C8ULL, 0x23BA4442CAF53EA6ULL, +- 0x4E677D2C38532A3AULL, 0x0BFD64B645036C7AULL, 0xC68A007E5E0DD902ULL, +- 0x4DB5A851F44182E1ULL, 0x8EC9B55A7F88A46BULL, 0x0A8291CDCEC97DCFULL, +- 0x2A4ECEA9F98D0ACCULL, 0x1A1DB93D7140003CULL, 0x092999A333CB8B7AULL, +- 0x6DC778F971AD0038ULL, 0xA907600A918130C4ULL, 0xED6A1E012D9E6832ULL, +- 0x7135C886EFB4318AULL, 0x87F55BA57E31CC7AULL, 0x7763CF1D55034004ULL, +- 0xAC7D5F42D69F6D18ULL, 0x7930E9E4E58857B6ULL, 0x6E6F52C3164DF4FBULL, +- 0x25E41D2B669E1EF1ULL, 0x3C1B20EE3FD59D7CULL, 0x0ABCD06BFA53DDEFULL, +- 0x1DBF9A42D5C4484EULL, 0xABC521979B0DEADAULL, 0xE86D2BC522363A0DULL, +- 0x5CAE82AB9C9DF69EULL, 0x64F2E21E71F54BFFULL, 0xF4FD4452E2D74DD3ULL, +- 0xB4130C93BC437944ULL, 0xAEFE130985139270ULL, 0x598CB0FAC186D91CULL, +- 0x7AD91D2691F7F7EEULL, 0x61B46FC9D6E6C907ULL, 0xBC34F4DEF99C0238ULL, +- 0xDE355B3B6519035BULL, 0x886B4238611FCFDCULL, 0xC6F34A26C1B2EFFAULL, +- 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, 0xC3FE3B1B4C6FAD73ULL, +- 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, 0xC03404CD28342F61ULL, +- 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, 0xAE56EDE76372BB19ULL, +- 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, 0xD108A94BB2C8E3FBULL, +- 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, 0x1DF158A136ADE735ULL, +- 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, 0xB557135E7F57C935ULL, +- 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, 0xD3DF1ED5D5FD6561ULL, +- 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, 0xCC939DCE249B3EF9ULL, +- 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, 0xAFDC5620273D3CF1ULL, +- 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL ++/* ++ * "8192-bit MODP Group" from RFC3526, Section 7. ++ * ++ * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 } ++ * ++ * RFC3526 specifies a generator of 2. ++ */ ++static const BN_ULONG modp_8192_p[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x98EDD3DF, 0x60C980DD), ++ BN_DEF(0x80B96E71, 0xC81F56E8), BN_DEF(0x765694DF, 0x9E3050E2), ++ BN_DEF(0x5677E9AA, 0x9558E447), BN_DEF(0xFC026E47, 0xC9190DA6), ++ BN_DEF(0xD5EE382B, 0x889A002E), BN_DEF(0x481C6CD7, 0x4009438B), ++ BN_DEF(0xEB879F92, 0x359046F4), BN_DEF(0x1ECFA268, 0xFAF36BC3), ++ BN_DEF(0x7EE74D73, 0xB1D510BD), BN_DEF(0x5DED7EA1, 0xF9AB4819), ++ BN_DEF(0x0846851D, 0x64F31CC5), BN_DEF(0xA0255DC1, 0x4597E899), ++ BN_DEF(0x74AB6A36, 0xDF310EE0), BN_DEF(0x3F44F82D, 0x6D2A13F8), ++ BN_DEF(0xB3A278A6, 0x062B3CF5), BN_DEF(0xED5BDD3A, 0x79683303), ++ BN_DEF(0xA2C087E8, 0xFA9D4B7F), BN_DEF(0x2F8385DD, 0x4BCBC886), ++ BN_DEF(0x6CEA306B, 0x3473FC64), BN_DEF(0x1A23F0C7, 0x13EB57A8), ++ BN_DEF(0xA4037C07, 0x22222E04), BN_DEF(0xFC848AD9, 0xE3FDB8BE), ++ BN_DEF(0xE39D652D, 0x238F16CB), BN_DEF(0x2BF1C978, 0x3423B474), ++ BN_DEF(0x5AE4F568, 0x3AAB639C), BN_DEF(0x6BA42466, 0x2576F693), ++ BN_DEF(0x8AFC47ED, 0x741FA7BF), BN_DEF(0x8D9DD300, 0x3BC832B6), ++ BN_DEF(0x73B931BA, 0xD8BEC4D0), BN_DEF(0xA932DF8C, 0x38777CB6), ++ BN_DEF(0x12FEE5E4, 0x74A3926F), BN_DEF(0x6DBE1159, 0xE694F91E), ++ BN_DEF(0x0B7474D6, 0x12BF2D5B), BN_DEF(0x3F4860EE, 0x043E8F66), ++ BN_DEF(0x6E3C0468, 0x387FE8D7), BN_DEF(0x2EF29632, 0xDA56C9EC), ++ BN_DEF(0xA313D55C, 0xEB19CCB1), BN_DEF(0x8A1FBFF0, 0xF550AA3D), ++ BN_DEF(0xB7C5DA76, 0x06A1D58B), BN_DEF(0xF29BE328, 0xA79715EE), ++ BN_DEF(0x0F8037E0, 0x14CC5ED2), BN_DEF(0xBF48E1D8, 0xCC8F6D7E), ++ BN_DEF(0x2B4154AA, 0x4BD407B2), BN_DEF(0xFF585AC5, 0x0F1D45B7), ++ BN_DEF(0x36CC88BE, 0x23A97A7E), BN_DEF(0xBEC7E8F3, 0x59E7C97F), ++ BN_DEF(0x900B1C9E, 0xB5A84031), BN_DEF(0x46980C82, 0xD55E702F), ++ BN_DEF(0x6E74FEF6, 0xF482D7CE), BN_DEF(0xD1721D03, 0xF032EA15), ++ BN_DEF(0xC64B92EC, 0x5983CA01), BN_DEF(0x378CD2BF, 0x6FB8F401), ++ BN_DEF(0x2BD7AF42, 0x33205151), BN_DEF(0xE6CC254B, 0xDB7F1447), ++ BN_DEF(0xCED4BB1B, 0x44CE6CBA), BN_DEF(0xCF9B14ED, 0xDA3EDBEB), ++ BN_DEF(0x865A8918, 0x179727B0), BN_DEF(0x9027D831, 0xB06A53ED), ++ BN_DEF(0x413001AE, 0xE5DB382F), BN_DEF(0xAD9E530E, 0xF8FF9406), ++ BN_DEF(0x3DBA37BD, 0xC9751E76), BN_DEF(0x602646DE, 0xC1D4DCB2), ++ BN_DEF(0xD27C7026, 0x36C3FAB4), BN_DEF(0x34028492, 0x4DF435C9), ++ BN_DEF(0x90A6C08F, 0x86FFB7DC), BN_DEF(0x8D8FDDC1, 0x93B4EA98), ++ BN_DEF(0xD5B05AA9, 0xD0069127), BN_DEF(0x2170481C, 0xB81BDD76), ++ BN_DEF(0xCEE2D7AF, 0x1F612970), BN_DEF(0x515BE7ED, 0x233BA186), ++ BN_DEF(0xA090C3A2, 0x99B2964F), BN_DEF(0x4E6BC05D, 0x287C5947), ++ BN_DEF(0x1FBECAA6, 0x2E8EFC14), BN_DEF(0x04DE8EF9, 0xDBBBC2DB), ++ BN_DEF(0x2AD44CE8, 0x2583E9CA), BN_DEF(0xB6150BDA, 0x1A946834), ++ BN_DEF(0x6AF4E23C, 0x99C32718), BN_DEF(0xBDBA5B26, 0x88719A10), ++ BN_DEF(0xA787E6D7, 0x1A723C12), BN_DEF(0xA9210801, 0x4B82D120), ++ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), ++ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), ++ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), ++ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), ++ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), ++ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), ++ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), ++ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), ++ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), ++ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), ++ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), ++ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), ++ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), ++ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), ++ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), ++ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), ++ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), ++ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), ++ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), ++ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), ++ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), ++ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), ++ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG modp_8192_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xCC76E9EF, 0xB064C06E), ++ BN_DEF(0x405CB738, 0xE40FAB74), BN_DEF(0x3B2B4A6F, 0x4F182871), ++ BN_DEF(0xAB3BF4D5, 0xCAAC7223), BN_DEF(0x7E013723, 0xE48C86D3), ++ BN_DEF(0x6AF71C15, 0xC44D0017), BN_DEF(0xA40E366B, 0x2004A1C5), ++ BN_DEF(0x75C3CFC9, 0x1AC8237A), BN_DEF(0x8F67D134, 0xFD79B5E1), ++ BN_DEF(0xBF73A6B9, 0xD8EA885E), BN_DEF(0xAEF6BF50, 0xFCD5A40C), ++ BN_DEF(0x8423428E, 0xB2798E62), BN_DEF(0xD012AEE0, 0x22CBF44C), ++ BN_DEF(0x3A55B51B, 0xEF988770), BN_DEF(0x1FA27C16, 0x369509FC), ++ BN_DEF(0xD9D13C53, 0x03159E7A), BN_DEF(0xF6ADEE9D, 0x3CB41981), ++ BN_DEF(0xD16043F4, 0xFD4EA5BF), BN_DEF(0x17C1C2EE, 0xA5E5E443), ++ BN_DEF(0x36751835, 0x9A39FE32), BN_DEF(0x0D11F863, 0x89F5ABD4), ++ BN_DEF(0x5201BE03, 0x91111702), BN_DEF(0x7E42456C, 0xF1FEDC5F), ++ BN_DEF(0xF1CEB296, 0x11C78B65), BN_DEF(0x15F8E4BC, 0x1A11DA3A), ++ BN_DEF(0x2D727AB4, 0x1D55B1CE), BN_DEF(0xB5D21233, 0x92BB7B49), ++ BN_DEF(0xC57E23F6, 0x3A0FD3DF), BN_DEF(0x46CEE980, 0x1DE4195B), ++ BN_DEF(0x39DC98DD, 0x6C5F6268), BN_DEF(0x54996FC6, 0x1C3BBE5B), ++ BN_DEF(0x897F72F2, 0xBA51C937), BN_DEF(0x36DF08AC, 0x734A7C8F), ++ BN_DEF(0x85BA3A6B, 0x095F96AD), BN_DEF(0x1FA43077, 0x021F47B3), ++ BN_DEF(0xB71E0234, 0x1C3FF46B), BN_DEF(0x17794B19, 0x6D2B64F6), ++ BN_DEF(0xD189EAAE, 0x758CE658), BN_DEF(0xC50FDFF8, 0x7AA8551E), ++ BN_DEF(0xDBE2ED3B, 0x0350EAC5), BN_DEF(0x794DF194, 0x53CB8AF7), ++ BN_DEF(0x07C01BF0, 0x0A662F69), BN_DEF(0x5FA470EC, 0x6647B6BF), ++ BN_DEF(0x15A0AA55, 0xA5EA03D9), BN_DEF(0xFFAC2D62, 0x078EA2DB), ++ BN_DEF(0x1B66445F, 0x91D4BD3F), BN_DEF(0xDF63F479, 0x2CF3E4BF), ++ BN_DEF(0xC8058E4F, 0x5AD42018), BN_DEF(0xA34C0641, 0x6AAF3817), ++ BN_DEF(0x373A7F7B, 0xFA416BE7), BN_DEF(0xE8B90E81, 0x7819750A), ++ BN_DEF(0xE325C976, 0xACC1E500), BN_DEF(0x9BC6695F, 0x37DC7A00), ++ BN_DEF(0x95EBD7A1, 0x999028A8), BN_DEF(0xF36612A5, 0xEDBF8A23), ++ BN_DEF(0x676A5D8D, 0xA267365D), BN_DEF(0xE7CD8A76, 0x6D1F6DF5), ++ BN_DEF(0x432D448C, 0x8BCB93D8), BN_DEF(0xC813EC18, 0x583529F6), ++ BN_DEF(0xA09800D7, 0x72ED9C17), BN_DEF(0x56CF2987, 0xFC7FCA03), ++ BN_DEF(0x1EDD1BDE, 0x64BA8F3B), BN_DEF(0x3013236F, 0x60EA6E59), ++ BN_DEF(0x693E3813, 0x1B61FD5A), BN_DEF(0x9A014249, 0xA6FA1AE4), ++ BN_DEF(0x48536047, 0xC37FDBEE), BN_DEF(0x46C7EEE0, 0xC9DA754C), ++ BN_DEF(0xEAD82D54, 0x68034893), BN_DEF(0x10B8240E, 0xDC0DEEBB), ++ BN_DEF(0x67716BD7, 0x8FB094B8), BN_DEF(0x28ADF3F6, 0x119DD0C3), ++ BN_DEF(0xD04861D1, 0xCCD94B27), BN_DEF(0xA735E02E, 0x143E2CA3), ++ BN_DEF(0x0FDF6553, 0x97477E0A), BN_DEF(0x826F477C, 0x6DDDE16D), ++ BN_DEF(0x156A2674, 0x12C1F4E5), BN_DEF(0x5B0A85ED, 0x0D4A341A), ++ BN_DEF(0x357A711E, 0x4CE1938C), BN_DEF(0x5EDD2D93, 0xC438CD08), ++ BN_DEF(0x53C3F36B, 0x8D391E09), BN_DEF(0x54908400, 0x25C16890), ++ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), ++ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), ++ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), ++ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), ++ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), ++ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), ++ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), ++ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), ++ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), ++ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), ++ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), ++ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), ++ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), ++ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), ++ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), ++ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), ++ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), ++ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), ++ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), ++ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), ++ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), ++ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), ++ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-# elif BN_BITS2 == 32 +- ++/* DH parameters from RFC5114 */ + static const BN_ULONG dh1024_160_p[] = { +- 0x2E4A4371, 0xDF1FB2BC, 0x6D4DA708, 0xE68CFDA7, 0x365C1A65, 0x45BF37DF, +- 0x0DC8B4BD, 0xA151AF5F, 0xF55BCCC0, 0xFAA31A4F, 0xE5644738, 0x4EFFD6FA, +- 0x219A7372, 0x98488E9C, 0x90C4BD70, 0xACCBDD7D, 0xD49B83BF, 0x24975C3C, +- 0xA9061123, 0x13ECB4AE, 0x2EE652C0, 0x9838EF1E, 0x75A23D18, 0x6073E286, +- 0x52D23B61, 0x9A6A9DCA, 0xFB06A3C6, 0x52C99FBC, 0xAE5D54EC, 0xDE92DE5E, +- 0xA080E01D, 0xB10B8F96 ++ BN_DEF(0x2E4A4371, 0xDF1FB2BC), BN_DEF(0x6D4DA708, 0xE68CFDA7), ++ BN_DEF(0x365C1A65, 0x45BF37DF), BN_DEF(0x0DC8B4BD, 0xA151AF5F), ++ BN_DEF(0xF55BCCC0, 0xFAA31A4F), BN_DEF(0xE5644738, 0x4EFFD6FA), ++ BN_DEF(0x219A7372, 0x98488E9C), BN_DEF(0x90C4BD70, 0xACCBDD7D), ++ BN_DEF(0xD49B83BF, 0x24975C3C), BN_DEF(0xA9061123, 0x13ECB4AE), ++ BN_DEF(0x2EE652C0, 0x9838EF1E), BN_DEF(0x75A23D18, 0x6073E286), ++ BN_DEF(0x52D23B61, 0x9A6A9DCA), BN_DEF(0xFB06A3C6, 0x52C99FBC), ++ BN_DEF(0xAE5D54EC, 0xDE92DE5E), BN_DEF(0xA080E01D, 0xB10B8F96) + }; +- +-static const BN_ULONG dh1024_160_g[] = { +- 0x22B3B2E5, 0x855E6EEB, 0xF97C2A24, 0x858F4DCE, 0x18D08BC8, 0x2D779D59, +- 0x8E73AFA3, 0xD662A4D1, 0x69B6A28A, 0x1DBF0A01, 0x7A091F53, 0xA6A24C08, +- 0x63F80A76, 0x909D0D22, 0xB9A92EE1, 0xD7FBD7D3, 0x9E2749F4, 0x5E91547F, +- 0xB01B886A, 0x160217B4, 0x5504F213, 0x777E690F, 0x5C41564B, 0x266FEA1E, +- 0x14266D31, 0xD6406CFF, 0x58AC507F, 0xF8104DD2, 0xEFB99905, 0x6765A442, +- 0xC3FD3412, 0xA4D1CBD5 +-}; +- + static const BN_ULONG dh1024_160_q[] = { +- 0x49462353, 0x64B7CB9D, 0x8ABA4E7D, 0x81A8DF27, 0xF518AA87 ++ BN_DEF(0x49462353, 0x64B7CB9D), BN_DEF(0x8ABA4E7D, 0x81A8DF27), ++ (BN_ULONG)0xF518AA87 + }; +- +-static const BN_ULONG dh2048_224_p[] = { +- 0x0C10E64F, 0x0AC4DFFE, 0x4E71B81C, 0xCF9DE538, 0xFFA31F71, 0x7EF363E2, +- 0x6B8E75B9, 0xE3FB73C1, 0x4BA80A29, 0xC9B53DCF, 0x16E79763, 0x23F10B0E, +- 0x13042E9B, 0xC52172E4, 0xC928B2B9, 0xBE60E69C, 0xB9E587E8, 0x80CD86A1, +- 0x98C641A4, 0x315D75E1, 0x44328387, 0xCDF93ACC, 0xDC0A486D, 0x15987D9A, +- 0x1FD5A074, 0x7310F712, 0xDE31EFDC, 0x278273C7, 0x415D9330, 0x1602E714, +- 0xBC8985DB, 0x81286130, 0x70918836, 0xB3BF8A31, 0xB9C49708, 0x6A00E0A0, +- 0x8BBC27BE, 0xC6BA0B2C, 0xED34DBF6, 0xC9F98D11, 0xB6C12207, 0x7AD5B7D0, +- 0x55B7394B, 0xD91E8FEF, 0xEFDA4DF8, 0x9037C9ED, 0xAD6AC212, 0x6D3F8152, +- 0x1274A0A6, 0x1DE6B85A, 0x309C180E, 0xEB3D688A, 0x7BA1DF15, 0xAF9A3C40, +- 0xF95A56DB, 0xE6FA141D, 0xB61D0A75, 0xB54B1597, 0x683B9FD1, 0xA20D64E5, +- 0x9559C51F, 0xD660FAA7, 0x9123A9D0, 0xAD107E1E ++static const BN_ULONG dh1024_160_g[] = { ++ BN_DEF(0x22B3B2E5, 0x855E6EEB), BN_DEF(0xF97C2A24, 0x858F4DCE), ++ BN_DEF(0x18D08BC8, 0x2D779D59), BN_DEF(0x8E73AFA3, 0xD662A4D1), ++ BN_DEF(0x69B6A28A, 0x1DBF0A01), BN_DEF(0x7A091F53, 0xA6A24C08), ++ BN_DEF(0x63F80A76, 0x909D0D22), BN_DEF(0xB9A92EE1, 0xD7FBD7D3), ++ BN_DEF(0x9E2749F4, 0x5E91547F), BN_DEF(0xB01B886A, 0x160217B4), ++ BN_DEF(0x5504F213, 0x777E690F), BN_DEF(0x5C41564B, 0x266FEA1E), ++ BN_DEF(0x14266D31, 0xD6406CFF), BN_DEF(0x58AC507F, 0xF8104DD2), ++ BN_DEF(0xEFB99905, 0x6765A442), BN_DEF(0xC3FD3412, 0xA4D1CBD5) + }; + +-static const BN_ULONG dh2048_224_g[] = { +- 0x191F2BFA, 0x84B890D3, 0x2A7065B3, 0x81BC087F, 0xF6EC0179, 0x19C418E1, +- 0x71CFFF4C, 0x7B5A0F1C, 0x9B6AA4BD, 0xEDFE72FE, 0x94B30269, 0x81E1BCFE, +- 0x8D6C0191, 0x566AFBB4, 0x409D13CD, 0xB539CCE3, 0x5F2FF381, 0x6AA21E7F, +- 0x770589EF, 0xD9E263E4, 0xD19963DD, 0x10E183ED, 0x150B8EEB, 0xB70A8137, +- 0x28C8F8AC, 0x051AE3D4, 0x0C1AB15B, 0xBB77A86F, 0x16A330EF, 0x6E3025E3, +- 0xD6F83456, 0x19529A45, 0x118E98D1, 0xF180EB34, 0x50717CBE, 0xB5F6C6B2, +- 0xDA7460CD, 0x09939D54, 0x22EA1ED4, 0xE2471504, 0x521BC98A, 0xB8A762D0, +- 0x5AC1348B, 0xF4D02727, 0x1999024A, 0xC1766910, 0xA8D66AD7, 0xBE5E9001, +- 0x620A8652, 0xC57DB17C, 0x00C29F52, 0xAB739D77, 0xA70C4AFA, 0xDD921F01, +- 0x10B9A6F0, 0xA6824A4E, 0xCFE4FFE3, 0x74866A08, 0x89998CAF, 0x6CDEBE7B, +- 0x8FFDAC50, 0x9DF30B5C, 0x4F2D9AE3, 0xAC4032EF ++static const BN_ULONG dh2048_224_p[] = { ++ BN_DEF(0x0C10E64F, 0x0AC4DFFE), BN_DEF(0x4E71B81C, 0xCF9DE538), ++ BN_DEF(0xFFA31F71, 0x7EF363E2), BN_DEF(0x6B8E75B9, 0xE3FB73C1), ++ BN_DEF(0x4BA80A29, 0xC9B53DCF), BN_DEF(0x16E79763, 0x23F10B0E), ++ BN_DEF(0x13042E9B, 0xC52172E4), BN_DEF(0xC928B2B9, 0xBE60E69C), ++ BN_DEF(0xB9E587E8, 0x80CD86A1), BN_DEF(0x98C641A4, 0x315D75E1), ++ BN_DEF(0x44328387, 0xCDF93ACC), BN_DEF(0xDC0A486D, 0x15987D9A), ++ BN_DEF(0x1FD5A074, 0x7310F712), BN_DEF(0xDE31EFDC, 0x278273C7), ++ BN_DEF(0x415D9330, 0x1602E714), BN_DEF(0xBC8985DB, 0x81286130), ++ BN_DEF(0x70918836, 0xB3BF8A31), BN_DEF(0xB9C49708, 0x6A00E0A0), ++ BN_DEF(0x8BBC27BE, 0xC6BA0B2C), BN_DEF(0xED34DBF6, 0xC9F98D11), ++ BN_DEF(0xB6C12207, 0x7AD5B7D0), BN_DEF(0x55B7394B, 0xD91E8FEF), ++ BN_DEF(0xEFDA4DF8, 0x9037C9ED), BN_DEF(0xAD6AC212, 0x6D3F8152), ++ BN_DEF(0x1274A0A6, 0x1DE6B85A), BN_DEF(0x309C180E, 0xEB3D688A), ++ BN_DEF(0x7BA1DF15, 0xAF9A3C40), BN_DEF(0xF95A56DB, 0xE6FA141D), ++ BN_DEF(0xB61D0A75, 0xB54B1597), BN_DEF(0x683B9FD1, 0xA20D64E5), ++ BN_DEF(0x9559C51F, 0xD660FAA7), BN_DEF(0x9123A9D0, 0xAD107E1E) + }; +- + static const BN_ULONG dh2048_224_q[] = { +- 0xB36371EB, 0xBF389A99, 0x4738CEBC, 0x1F80535A, 0x99717710, 0xC58D93FE, +- 0x801C0D34 ++ BN_DEF(0xB36371EB, 0xBF389A99), BN_DEF(0x4738CEBC, 0x1F80535A), ++ BN_DEF(0x99717710, 0xC58D93FE), (BN_ULONG)0x801C0D34 + }; +- +-static const BN_ULONG dh2048_256_p[] = { +- 0x1E1A1597, 0xDB094AE9, 0xD7EF09CA, 0x693877FA, 0x6E11715F, 0x6116D227, +- 0xC198AF12, 0xA4B54330, 0xD7014103, 0x75F26375, 0x54E710C3, 0xC3A3960A, +- 0xBD0BE621, 0xDED4010A, 0x89962856, 0xC0B857F6, 0x71506026, 0xB3CA3F79, +- 0xE6B486F6, 0x1CCACB83, 0x14056425, 0x67E144E5, 0xA41825D9, 0xF6A167B5, +- 0x96524D8E, 0x3AD83477, 0x51BFA4AB, 0xF13C6D9A, 0x35488A0E, 0x2D525267, +- 0xCAA6B790, 0xB63ACAE1, 0x81B23F76, 0x4FDB70C5, 0x12307F5C, 0xBC39A0BF, +- 0xB1E59BB8, 0xB941F54E, 0xD45F9088, 0x6C5BFC11, 0x4275BF7B, 0x22E0B1EF, +- 0x5B4758C0, 0x91F9E672, 0x6BCF67ED, 0x5A8A9D30, 0x97517ABD, 0x209E0C64, +- 0x830E9A7C, 0x3BF4296D, 0x34096FAA, 0x16C3D911, 0x61B2AA30, 0xFAF7DF45, +- 0xD61957D4, 0xE00DF8F1, 0x435E3B00, 0x5D2CEED4, 0x660DD0F2, 0x8CEEF608, +- 0x65195999, 0xFFBBD19C, 0xB4B6663C, 0x87A8E61D ++static const BN_ULONG dh2048_224_g[] = { ++ BN_DEF(0x191F2BFA, 0x84B890D3), BN_DEF(0x2A7065B3, 0x81BC087F), ++ BN_DEF(0xF6EC0179, 0x19C418E1), BN_DEF(0x71CFFF4C, 0x7B5A0F1C), ++ BN_DEF(0x9B6AA4BD, 0xEDFE72FE), BN_DEF(0x94B30269, 0x81E1BCFE), ++ BN_DEF(0x8D6C0191, 0x566AFBB4), BN_DEF(0x409D13CD, 0xB539CCE3), ++ BN_DEF(0x5F2FF381, 0x6AA21E7F), BN_DEF(0x770589EF, 0xD9E263E4), ++ BN_DEF(0xD19963DD, 0x10E183ED), BN_DEF(0x150B8EEB, 0xB70A8137), ++ BN_DEF(0x28C8F8AC, 0x051AE3D4), BN_DEF(0x0C1AB15B, 0xBB77A86F), ++ BN_DEF(0x16A330EF, 0x6E3025E3), BN_DEF(0xD6F83456, 0x19529A45), ++ BN_DEF(0x118E98D1, 0xF180EB34), BN_DEF(0x50717CBE, 0xB5F6C6B2), ++ BN_DEF(0xDA7460CD, 0x09939D54), BN_DEF(0x22EA1ED4, 0xE2471504), ++ BN_DEF(0x521BC98A, 0xB8A762D0), BN_DEF(0x5AC1348B, 0xF4D02727), ++ BN_DEF(0x1999024A, 0xC1766910), BN_DEF(0xA8D66AD7, 0xBE5E9001), ++ BN_DEF(0x620A8652, 0xC57DB17C), BN_DEF(0x00C29F52, 0xAB739D77), ++ BN_DEF(0xA70C4AFA, 0xDD921F01), BN_DEF(0x10B9A6F0, 0xA6824A4E), ++ BN_DEF(0xCFE4FFE3, 0x74866A08), BN_DEF(0x89998CAF, 0x6CDEBE7B), ++ BN_DEF(0x8FFDAC50, 0x9DF30B5C), BN_DEF(0x4F2D9AE3, 0xAC4032EF) + }; + +-static const BN_ULONG dh2048_256_g[] = { +- 0x6CC41659, 0x664B4C0F, 0xEF98C582, 0x5E2327CF, 0xD4795451, 0xD647D148, +- 0x90F00EF8, 0x2F630784, 0x1DB246C3, 0x184B523D, 0xCDC67EB6, 0xC7891428, +- 0x0DF92B52, 0x7FD02837, 0x64E0EC37, 0xB3353BBB, 0x57CD0915, 0xECD06E15, +- 0xDF016199, 0xB7D2BBD2, 0x052588B9, 0xC8484B1E, 0x13D3FE14, 0xDB2A3B73, +- 0xD182EA0A, 0xD052B985, 0xE83B9C80, 0xA4BD1BFF, 0xFB3F2E55, 0xDFC967C1, +- 0x767164E1, 0xB5045AF2, 0x6F2F9193, 0x1D14348F, 0x428EBC83, 0x64E67982, +- 0x82D6ED38, 0x8AC376D2, 0xAAB8A862, 0x777DE62A, 0xE9EC144B, 0xDDF463E5, +- 0xC77A57F2, 0x0196F931, 0x41000A65, 0xA55AE313, 0xC28CBB18, 0x901228F8, +- 0x7E8C6F62, 0xBC3773BF, 0x0C6B47B1, 0xBE3A6C1B, 0xAC0BB555, 0xFF4FED4A, +- 0x77BE463F, 0x10DBC150, 0x1A0BA125, 0x07F4793A, 0x21EF2054, 0x4CA7B18F, +- 0x60EDBD48, 0x2E775066, 0x73134D0B, 0x3FB32C9B ++static const BN_ULONG dh2048_256_p[] = { ++ BN_DEF(0x1E1A1597, 0xDB094AE9), BN_DEF(0xD7EF09CA, 0x693877FA), ++ BN_DEF(0x6E11715F, 0x6116D227), BN_DEF(0xC198AF12, 0xA4B54330), ++ BN_DEF(0xD7014103, 0x75F26375), BN_DEF(0x54E710C3, 0xC3A3960A), ++ BN_DEF(0xBD0BE621, 0xDED4010A), BN_DEF(0x89962856, 0xC0B857F6), ++ BN_DEF(0x71506026, 0xB3CA3F79), BN_DEF(0xE6B486F6, 0x1CCACB83), ++ BN_DEF(0x14056425, 0x67E144E5), BN_DEF(0xA41825D9, 0xF6A167B5), ++ BN_DEF(0x96524D8E, 0x3AD83477), BN_DEF(0x51BFA4AB, 0xF13C6D9A), ++ BN_DEF(0x35488A0E, 0x2D525267), BN_DEF(0xCAA6B790, 0xB63ACAE1), ++ BN_DEF(0x81B23F76, 0x4FDB70C5), BN_DEF(0x12307F5C, 0xBC39A0BF), ++ BN_DEF(0xB1E59BB8, 0xB941F54E), BN_DEF(0xD45F9088, 0x6C5BFC11), ++ BN_DEF(0x4275BF7B, 0x22E0B1EF), BN_DEF(0x5B4758C0, 0x91F9E672), ++ BN_DEF(0x6BCF67ED, 0x5A8A9D30), BN_DEF(0x97517ABD, 0x209E0C64), ++ BN_DEF(0x830E9A7C, 0x3BF4296D), BN_DEF(0x34096FAA, 0x16C3D911), ++ BN_DEF(0x61B2AA30, 0xFAF7DF45), BN_DEF(0xD61957D4, 0xE00DF8F1), ++ BN_DEF(0x435E3B00, 0x5D2CEED4), BN_DEF(0x660DD0F2, 0x8CEEF608), ++ BN_DEF(0x65195999, 0xFFBBD19C), BN_DEF(0xB4B6663C, 0x87A8E61D) + }; +- + static const BN_ULONG dh2048_256_q[] = { +- 0x64F5FBD3, 0xA308B0FE, 0x1EB3750B, 0x99B1A47D, 0x40129DA2, 0xB4479976, +- 0xA709A097, 0x8CF83642 ++ BN_DEF(0x64F5FBD3, 0xA308B0FE), BN_DEF(0x1EB3750B, 0x99B1A47D), ++ BN_DEF(0x40129DA2, 0xB4479976), BN_DEF(0xA709A097, 0x8CF83642) ++}; ++static const BN_ULONG dh2048_256_g[] = { ++ BN_DEF(0x6CC41659, 0x664B4C0F), BN_DEF(0xEF98C582, 0x5E2327CF), ++ BN_DEF(0xD4795451, 0xD647D148), BN_DEF(0x90F00EF8, 0x2F630784), ++ BN_DEF(0x1DB246C3, 0x184B523D), BN_DEF(0xCDC67EB6, 0xC7891428), ++ BN_DEF(0x0DF92B52, 0x7FD02837), BN_DEF(0x64E0EC37, 0xB3353BBB), ++ BN_DEF(0x57CD0915, 0xECD06E15), BN_DEF(0xDF016199, 0xB7D2BBD2), ++ BN_DEF(0x052588B9, 0xC8484B1E), BN_DEF(0x13D3FE14, 0xDB2A3B73), ++ BN_DEF(0xD182EA0A, 0xD052B985), BN_DEF(0xE83B9C80, 0xA4BD1BFF), ++ BN_DEF(0xFB3F2E55, 0xDFC967C1), BN_DEF(0x767164E1, 0xB5045AF2), ++ BN_DEF(0x6F2F9193, 0x1D14348F), BN_DEF(0x428EBC83, 0x64E67982), ++ BN_DEF(0x82D6ED38, 0x8AC376D2), BN_DEF(0xAAB8A862, 0x777DE62A), ++ BN_DEF(0xE9EC144B, 0xDDF463E5), BN_DEF(0xC77A57F2, 0x0196F931), ++ BN_DEF(0x41000A65, 0xA55AE313), BN_DEF(0xC28CBB18, 0x901228F8), ++ BN_DEF(0x7E8C6F62, 0xBC3773BF), BN_DEF(0x0C6B47B1, 0xBE3A6C1B), ++ BN_DEF(0xAC0BB555, 0xFF4FED4A), BN_DEF(0x77BE463F, 0x10DBC150), ++ BN_DEF(0x1A0BA125, 0x07F4793A), BN_DEF(0x21EF2054, 0x4CA7B18F), ++ BN_DEF(0x60EDBD48, 0x2E775066), BN_DEF(0x73134D0B, 0x3FB32C9B) + }; + + /* Primes from RFC 7919 */ +- + static const BN_ULONG ffdhe2048_p[] = { +- 0xFFFFFFFF, 0xFFFFFFFF, 0x61285C97, 0x886B4238, 0xC1B2EFFA, 0xC6F34A26, +- 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, 0x4C6FAD73, 0xC3FE3B1B, +- 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, 0x28342F61, 0xC03404CD, +- 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, 0x6372BB19, 0xAE56EDE7, +- 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, 0xB2C8E3FB, 0xD108A94B, +- 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, 0x36ADE735, 0x1DF158A1, +- 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, 0x7F57C935, 0xB557135E, +- 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, 0xD5FD6561, 0xD3DF1ED5, +- 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, 0x249B3EF9, 0xCC939DCE, +- 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, 0x273D3CF1, 0xAFDC5620, +- 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x61285C97, 0x886B4238), ++ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), ++ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), ++ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), ++ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), ++ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), ++ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), ++ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), ++ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), ++ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), ++ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), ++ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), ++ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), ++ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), ++ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), ++ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG ffdhe2048_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x30942E4B, 0x4435A11C), ++ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), ++ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), ++ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), ++ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), ++ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), ++ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), ++ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), ++ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), ++ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), ++ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), ++ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), ++ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), ++ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), ++ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), ++ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + + static const BN_ULONG ffdhe3072_p[] = { +- 0xFFFFFFFF, 0xFFFFFFFF, 0x66C62E37, 0x25E41D2B, 0x3FD59D7C, 0x3C1B20EE, +- 0xFA53DDEF, 0x0ABCD06B, 0xD5C4484E, 0x1DBF9A42, 0x9B0DEADA, 0xABC52197, +- 0x22363A0D, 0xE86D2BC5, 0x9C9DF69E, 0x5CAE82AB, 0x71F54BFF, 0x64F2E21E, +- 0xE2D74DD3, 0xF4FD4452, 0xBC437944, 0xB4130C93, 0x85139270, 0xAEFE1309, +- 0xC186D91C, 0x598CB0FA, 0x91F7F7EE, 0x7AD91D26, 0xD6E6C907, 0x61B46FC9, +- 0xF99C0238, 0xBC34F4DE, 0x6519035B, 0xDE355B3B, 0x611FCFDC, 0x886B4238, +- 0xC1B2EFFA, 0xC6F34A26, 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, +- 0x4C6FAD73, 0xC3FE3B1B, 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, +- 0x28342F61, 0xC03404CD, 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, +- 0x6372BB19, 0xAE56EDE7, 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, +- 0xB2C8E3FB, 0xD108A94B, 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, +- 0x36ADE735, 0x1DF158A1, 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, +- 0x7F57C935, 0xB557135E, 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, +- 0xD5FD6561, 0xD3DF1ED5, 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, +- 0x249B3EF9, 0xCC939DCE, 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, +- 0x273D3CF1, 0xAFDC5620, 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x66C62E37, 0x25E41D2B), ++ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), ++ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), ++ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), ++ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), ++ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), ++ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), ++ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), ++ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), ++ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), ++ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), ++ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), ++ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), ++ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), ++ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), ++ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), ++ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), ++ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), ++ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), ++ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), ++ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), ++ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), ++ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), ++ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG ffdhe3072_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xB363171B, 0x12F20E95), ++ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), ++ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), ++ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), ++ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), ++ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), ++ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), ++ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), ++ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), ++ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), ++ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), ++ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), ++ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), ++ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), ++ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), ++ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), ++ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), ++ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), ++ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), ++ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), ++ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), ++ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), ++ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), ++ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + + static const BN_ULONG ffdhe4096_p[] = { +- 0xFFFFFFFF, 0xFFFFFFFF, 0x5E655F6A, 0xC68A007E, 0xF44182E1, 0x4DB5A851, +- 0x7F88A46B, 0x8EC9B55A, 0xCEC97DCF, 0x0A8291CD, 0xF98D0ACC, 0x2A4ECEA9, +- 0x7140003C, 0x1A1DB93D, 0x33CB8B7A, 0x092999A3, 0x71AD0038, 0x6DC778F9, +- 0x918130C4, 0xA907600A, 0x2D9E6832, 0xED6A1E01, 0xEFB4318A, 0x7135C886, +- 0x7E31CC7A, 0x87F55BA5, 0x55034004, 0x7763CF1D, 0xD69F6D18, 0xAC7D5F42, +- 0xE58857B6, 0x7930E9E4, 0x164DF4FB, 0x6E6F52C3, 0x669E1EF1, 0x25E41D2B, +- 0x3FD59D7C, 0x3C1B20EE, 0xFA53DDEF, 0x0ABCD06B, 0xD5C4484E, 0x1DBF9A42, +- 0x9B0DEADA, 0xABC52197, 0x22363A0D, 0xE86D2BC5, 0x9C9DF69E, 0x5CAE82AB, +- 0x71F54BFF, 0x64F2E21E, 0xE2D74DD3, 0xF4FD4452, 0xBC437944, 0xB4130C93, +- 0x85139270, 0xAEFE1309, 0xC186D91C, 0x598CB0FA, 0x91F7F7EE, 0x7AD91D26, +- 0xD6E6C907, 0x61B46FC9, 0xF99C0238, 0xBC34F4DE, 0x6519035B, 0xDE355B3B, +- 0x611FCFDC, 0x886B4238, 0xC1B2EFFA, 0xC6F34A26, 0x7D1683B2, 0xC58EF183, +- 0x2EC22005, 0x3BB5FCBC, 0x4C6FAD73, 0xC3FE3B1B, 0xEEF28183, 0x8E4F1232, +- 0xE98583FF, 0x9172FE9C, 0x28342F61, 0xC03404CD, 0xCDF7E2EC, 0x9E02FCE1, +- 0xEE0A6D70, 0x0B07A7C8, 0x6372BB19, 0xAE56EDE7, 0xDE394DF4, 0x1D4F42A3, +- 0x60D7F468, 0xB96ADAB7, 0xB2C8E3FB, 0xD108A94B, 0xB324FB61, 0xBC0AB182, +- 0x483A797A, 0x30ACCA4F, 0x36ADE735, 0x1DF158A1, 0xF3EFE872, 0xE2A689DA, +- 0xE0E68B77, 0x984F0C70, 0x7F57C935, 0xB557135E, 0x3DED1AF3, 0x85636555, +- 0x5F066ED0, 0x2433F51F, 0xD5FD6561, 0xD3DF1ED5, 0xAEC4617A, 0xF681B202, +- 0x630C75D8, 0x7D2FE363, 0x249B3EF9, 0xCC939DCE, 0x146433FB, 0xA9E13641, +- 0xCE2D3695, 0xD8B9C583, 0x273D3CF1, 0xAFDC5620, 0xA2BB4A9A, 0xADF85458, +- 0xFFFFFFFF, 0xFFFFFFFF ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x5E655F6A, 0xC68A007E), ++ BN_DEF(0xF44182E1, 0x4DB5A851), BN_DEF(0x7F88A46B, 0x8EC9B55A), ++ BN_DEF(0xCEC97DCF, 0x0A8291CD), BN_DEF(0xF98D0ACC, 0x2A4ECEA9), ++ BN_DEF(0x7140003C, 0x1A1DB93D), BN_DEF(0x33CB8B7A, 0x092999A3), ++ BN_DEF(0x71AD0038, 0x6DC778F9), BN_DEF(0x918130C4, 0xA907600A), ++ BN_DEF(0x2D9E6832, 0xED6A1E01), BN_DEF(0xEFB4318A, 0x7135C886), ++ BN_DEF(0x7E31CC7A, 0x87F55BA5), BN_DEF(0x55034004, 0x7763CF1D), ++ BN_DEF(0xD69F6D18, 0xAC7D5F42), BN_DEF(0xE58857B6, 0x7930E9E4), ++ BN_DEF(0x164DF4FB, 0x6E6F52C3), BN_DEF(0x669E1EF1, 0x25E41D2B), ++ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), ++ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), ++ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), ++ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), ++ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), ++ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), ++ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), ++ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), ++ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), ++ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), ++ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), ++ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), ++ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), ++ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), ++ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), ++ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), ++ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), ++ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), ++ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), ++ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), ++ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), ++ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), ++ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG ffdhe4096_q[] = { ++ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x2F32AFB5, 0xE345003F), ++ BN_DEF(0xFA20C170, 0xA6DAD428), BN_DEF(0x3FC45235, 0xC764DAAD), ++ BN_DEF(0xE764BEE7, 0x054148E6), BN_DEF(0xFCC68566, 0x15276754), ++ BN_DEF(0xB8A0001E, 0x0D0EDC9E), BN_DEF(0x99E5C5BD, 0x0494CCD1), ++ BN_DEF(0xB8D6801C, 0x36E3BC7C), BN_DEF(0x48C09862, 0x5483B005), ++ BN_DEF(0x96CF3419, 0x76B50F00), BN_DEF(0x77DA18C5, 0x389AE443), ++ BN_DEF(0xBF18E63D, 0x43FAADD2), BN_DEF(0xAA81A002, 0x3BB1E78E), ++ BN_DEF(0x6B4FB68C, 0x563EAFA1), BN_DEF(0x72C42BDB, 0xBC9874F2), ++ BN_DEF(0x8B26FA7D, 0xB737A961), BN_DEF(0xB34F0F78, 0x12F20E95), ++ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), ++ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), ++ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), ++ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), ++ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), ++ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), ++ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), ++ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), ++ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), ++ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), ++ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), ++ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), ++ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), ++ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), ++ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), ++ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), ++ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), ++ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), ++ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), ++ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), ++ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), ++ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), ++ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + + static const BN_ULONG ffdhe6144_p[] = { +- 0xFFFFFFFF, 0xFFFFFFFF, 0xD0E40E65, 0xA40E329C, 0x7938DAD4, 0xA41D570D, +- 0xD43161C1, 0x62A69526, 0x9ADB1E69, 0x3FDD4A8E, 0xDC6B80D6, 0x5B3B71F9, +- 0xC6272B04, 0xEC9D1810, 0xCACEF403, 0x8CCF2DD5, 0xC95B9117, 0xE49F5235, +- 0xB854338A, 0x505DC82D, 0x1562A846, 0x62292C31, 0x6AE77F5E, 0xD72B0374, +- 0x462D538C, 0xF9C9091B, 0x47A67CBE, 0x0AE8DB58, 0x22611682, 0xB3A739C1, +- 0x2A281BF6, 0xEEAAC023, 0x77CAF992, 0x94C6651E, 0x94B2BBC1, 0x763E4E4B, +- 0x0077D9B4, 0x587E38DA, 0x183023C3, 0x7FB29F8C, 0xF9E3A26E, 0x0ABEC1FF, +- 0x350511E3, 0xA00EF092, 0xDB6340D8, 0xB855322E, 0xA9A96910, 0xA52471F7, +- 0x4CFDB477, 0x388147FB, 0x4E46041F, 0x9B1F5C3E, 0xFCCFEC71, 0xCDAD0657, +- 0x4C701C3A, 0xB38E8C33, 0xB1C0FD4C, 0x917BDD64, 0x9B7624C8, 0x3BB45432, +- 0xCAF53EA6, 0x23BA4442, 0x38532A3A, 0x4E677D2C, 0x45036C7A, 0x0BFD64B6, +- 0x5E0DD902, 0xC68A007E, 0xF44182E1, 0x4DB5A851, 0x7F88A46B, 0x8EC9B55A, +- 0xCEC97DCF, 0x0A8291CD, 0xF98D0ACC, 0x2A4ECEA9, 0x7140003C, 0x1A1DB93D, +- 0x33CB8B7A, 0x092999A3, 0x71AD0038, 0x6DC778F9, 0x918130C4, 0xA907600A, +- 0x2D9E6832, 0xED6A1E01, 0xEFB4318A, 0x7135C886, 0x7E31CC7A, 0x87F55BA5, +- 0x55034004, 0x7763CF1D, 0xD69F6D18, 0xAC7D5F42, 0xE58857B6, 0x7930E9E4, +- 0x164DF4FB, 0x6E6F52C3, 0x669E1EF1, 0x25E41D2B, 0x3FD59D7C, 0x3C1B20EE, +- 0xFA53DDEF, 0x0ABCD06B, 0xD5C4484E, 0x1DBF9A42, 0x9B0DEADA, 0xABC52197, +- 0x22363A0D, 0xE86D2BC5, 0x9C9DF69E, 0x5CAE82AB, 0x71F54BFF, 0x64F2E21E, +- 0xE2D74DD3, 0xF4FD4452, 0xBC437944, 0xB4130C93, 0x85139270, 0xAEFE1309, +- 0xC186D91C, 0x598CB0FA, 0x91F7F7EE, 0x7AD91D26, 0xD6E6C907, 0x61B46FC9, +- 0xF99C0238, 0xBC34F4DE, 0x6519035B, 0xDE355B3B, 0x611FCFDC, 0x886B4238, +- 0xC1B2EFFA, 0xC6F34A26, 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, +- 0x4C6FAD73, 0xC3FE3B1B, 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, +- 0x28342F61, 0xC03404CD, 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, +- 0x6372BB19, 0xAE56EDE7, 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, +- 0xB2C8E3FB, 0xD108A94B, 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, +- 0x36ADE735, 0x1DF158A1, 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, +- 0x7F57C935, 0xB557135E, 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, +- 0xD5FD6561, 0xD3DF1ED5, 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, +- 0x249B3EF9, 0xCC939DCE, 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, +- 0x273D3CF1, 0xAFDC5620, 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xD0E40E65, 0xA40E329C), ++ BN_DEF(0x7938DAD4, 0xA41D570D), BN_DEF(0xD43161C1, 0x62A69526), ++ BN_DEF(0x9ADB1E69, 0x3FDD4A8E), BN_DEF(0xDC6B80D6, 0x5B3B71F9), ++ BN_DEF(0xC6272B04, 0xEC9D1810), BN_DEF(0xCACEF403, 0x8CCF2DD5), ++ BN_DEF(0xC95B9117, 0xE49F5235), BN_DEF(0xB854338A, 0x505DC82D), ++ BN_DEF(0x1562A846, 0x62292C31), BN_DEF(0x6AE77F5E, 0xD72B0374), ++ BN_DEF(0x462D538C, 0xF9C9091B), BN_DEF(0x47A67CBE, 0x0AE8DB58), ++ BN_DEF(0x22611682, 0xB3A739C1), BN_DEF(0x2A281BF6, 0xEEAAC023), ++ BN_DEF(0x77CAF992, 0x94C6651E), BN_DEF(0x94B2BBC1, 0x763E4E4B), ++ BN_DEF(0x0077D9B4, 0x587E38DA), BN_DEF(0x183023C3, 0x7FB29F8C), ++ BN_DEF(0xF9E3A26E, 0x0ABEC1FF), BN_DEF(0x350511E3, 0xA00EF092), ++ BN_DEF(0xDB6340D8, 0xB855322E), BN_DEF(0xA9A96910, 0xA52471F7), ++ BN_DEF(0x4CFDB477, 0x388147FB), BN_DEF(0x4E46041F, 0x9B1F5C3E), ++ BN_DEF(0xFCCFEC71, 0xCDAD0657), BN_DEF(0x4C701C3A, 0xB38E8C33), ++ BN_DEF(0xB1C0FD4C, 0x917BDD64), BN_DEF(0x9B7624C8, 0x3BB45432), ++ BN_DEF(0xCAF53EA6, 0x23BA4442), BN_DEF(0x38532A3A, 0x4E677D2C), ++ BN_DEF(0x45036C7A, 0x0BFD64B6), BN_DEF(0x5E0DD902, 0xC68A007E), ++ BN_DEF(0xF44182E1, 0x4DB5A851), BN_DEF(0x7F88A46B, 0x8EC9B55A), ++ BN_DEF(0xCEC97DCF, 0x0A8291CD), BN_DEF(0xF98D0ACC, 0x2A4ECEA9), ++ BN_DEF(0x7140003C, 0x1A1DB93D), BN_DEF(0x33CB8B7A, 0x092999A3), ++ BN_DEF(0x71AD0038, 0x6DC778F9), BN_DEF(0x918130C4, 0xA907600A), ++ BN_DEF(0x2D9E6832, 0xED6A1E01), BN_DEF(0xEFB4318A, 0x7135C886), ++ BN_DEF(0x7E31CC7A, 0x87F55BA5), BN_DEF(0x55034004, 0x7763CF1D), ++ BN_DEF(0xD69F6D18, 0xAC7D5F42), BN_DEF(0xE58857B6, 0x7930E9E4), ++ BN_DEF(0x164DF4FB, 0x6E6F52C3), BN_DEF(0x669E1EF1, 0x25E41D2B), ++ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), ++ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), ++ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), ++ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), ++ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), ++ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), ++ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), ++ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), ++ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), ++ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), ++ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), ++ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), ++ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), ++ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), ++ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), ++ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), ++ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), ++ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), ++ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), ++ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), ++ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), ++ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), ++ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG ffdhe6144_q[] = { ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x68720732, 0x5207194E), ++ BN_DEF(0xBC9C6D6A, 0xD20EAB86), BN_DEF(0x6A18B0E0, 0xB1534A93), ++ BN_DEF(0x4D6D8F34, 0x1FEEA547), BN_DEF(0xEE35C06B, 0x2D9DB8FC), ++ BN_DEF(0x63139582, 0xF64E8C08), BN_DEF(0xE5677A01, 0xC66796EA), ++ BN_DEF(0xE4ADC88B, 0x724FA91A), BN_DEF(0xDC2A19C5, 0x282EE416), ++ BN_DEF(0x8AB15423, 0x31149618), BN_DEF(0x3573BFAF, 0x6B9581BA), ++ BN_DEF(0xA316A9C6, 0x7CE4848D), BN_DEF(0x23D33E5F, 0x05746DAC), ++ BN_DEF(0x91308B41, 0x59D39CE0), BN_DEF(0x95140DFB, 0x77556011), ++ BN_DEF(0x3BE57CC9, 0xCA63328F), BN_DEF(0xCA595DE0, 0x3B1F2725), ++ BN_DEF(0x003BECDA, 0xAC3F1C6D), BN_DEF(0x0C1811E1, 0x3FD94FC6), ++ BN_DEF(0xFCF1D137, 0x855F60FF), BN_DEF(0x1A8288F1, 0x50077849), ++ BN_DEF(0x6DB1A06C, 0x5C2A9917), BN_DEF(0xD4D4B488, 0xD29238FB), ++ BN_DEF(0xA67EDA3B, 0x9C40A3FD), BN_DEF(0x2723020F, 0xCD8FAE1F), ++ BN_DEF(0xFE67F638, 0x66D6832B), BN_DEF(0xA6380E1D, 0x59C74619), ++ BN_DEF(0x58E07EA6, 0x48BDEEB2), BN_DEF(0x4DBB1264, 0x1DDA2A19), ++ BN_DEF(0x657A9F53, 0x11DD2221), BN_DEF(0x1C29951D, 0x2733BE96), ++ BN_DEF(0x2281B63D, 0x05FEB25B), BN_DEF(0x2F06EC81, 0xE345003F), ++ BN_DEF(0xFA20C170, 0xA6DAD428), BN_DEF(0x3FC45235, 0xC764DAAD), ++ BN_DEF(0xE764BEE7, 0x054148E6), BN_DEF(0xFCC68566, 0x15276754), ++ BN_DEF(0xB8A0001E, 0x0D0EDC9E), BN_DEF(0x99E5C5BD, 0x0494CCD1), ++ BN_DEF(0xB8D6801C, 0x36E3BC7C), BN_DEF(0x48C09862, 0x5483B005), ++ BN_DEF(0x96CF3419, 0x76B50F00), BN_DEF(0x77DA18C5, 0x389AE443), ++ BN_DEF(0xBF18E63D, 0x43FAADD2), BN_DEF(0xAA81A002, 0x3BB1E78E), ++ BN_DEF(0x6B4FB68C, 0x563EAFA1), BN_DEF(0x72C42BDB, 0xBC9874F2), ++ BN_DEF(0x8B26FA7D, 0xB737A961), BN_DEF(0xB34F0F78, 0x12F20E95), ++ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), ++ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), ++ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), ++ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), ++ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), ++ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), ++ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), ++ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), ++ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), ++ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), ++ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), ++ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), ++ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), ++ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), ++ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), ++ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), ++ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), ++ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), ++ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), ++ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), ++ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), ++ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), ++ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + + static const BN_ULONG ffdhe8192_p[] = { +- 0xFFFFFFFF, 0xFFFFFFFF, 0xC5C6424C, 0xD68C8BB7, 0x838FF88C, 0x011E2A94, +- 0xA9F4614E, 0x0822E506, 0xF7A8443D, 0x97D11D49, 0x30677F0D, 0xA6BBFDE5, +- 0xC1FE86FE, 0x2F741EF8, 0x5D71A87E, 0xFAFABE1C, 0xFBE58A30, 0xDED2FBAB, +- 0x72B0A66E, 0xB6855DFE, 0xBA8A4FE8, 0x1EFC8CE0, 0x3F2FA457, 0x83F81D4A, +- 0xA577E231, 0xA1FE3075, 0x88D9C0A0, 0xD5B80194, 0xAD9A95F9, 0x624816CD, +- 0x50C1217B, 0x99E9E316, 0x0E423CFC, 0x51AA691E, 0x3826E52C, 0x1C217E6C, +- 0x09703FEE, 0x51A8A931, 0x6A460E74, 0xBB709987, 0x9C86B022, 0x541FC68C, +- 0x46FD8251, 0x59160CC0, 0x35C35F5C, 0x2846C0BA, 0x8B758282, 0x54504AC7, +- 0xD2AF05E4, 0x29388839, 0xC01BD702, 0xCB2C0F1C, 0x7C932665, 0x555B2F74, +- 0xA3AB8829, 0x86B63142, 0xF64B10EF, 0x0B8CC3BD, 0xEDD1CC5E, 0x687FEB69, +- 0xC9509D43, 0xFDB23FCE, 0xD951AE64, 0x1E425A31, 0xF600C838, 0x36AD004C, +- 0xCFF46AAA, 0xA40E329C, 0x7938DAD4, 0xA41D570D, 0xD43161C1, 0x62A69526, +- 0x9ADB1E69, 0x3FDD4A8E, 0xDC6B80D6, 0x5B3B71F9, 0xC6272B04, 0xEC9D1810, +- 0xCACEF403, 0x8CCF2DD5, 0xC95B9117, 0xE49F5235, 0xB854338A, 0x505DC82D, +- 0x1562A846, 0x62292C31, 0x6AE77F5E, 0xD72B0374, 0x462D538C, 0xF9C9091B, +- 0x47A67CBE, 0x0AE8DB58, 0x22611682, 0xB3A739C1, 0x2A281BF6, 0xEEAAC023, +- 0x77CAF992, 0x94C6651E, 0x94B2BBC1, 0x763E4E4B, 0x0077D9B4, 0x587E38DA, +- 0x183023C3, 0x7FB29F8C, 0xF9E3A26E, 0x0ABEC1FF, 0x350511E3, 0xA00EF092, +- 0xDB6340D8, 0xB855322E, 0xA9A96910, 0xA52471F7, 0x4CFDB477, 0x388147FB, +- 0x4E46041F, 0x9B1F5C3E, 0xFCCFEC71, 0xCDAD0657, 0x4C701C3A, 0xB38E8C33, +- 0xB1C0FD4C, 0x917BDD64, 0x9B7624C8, 0x3BB45432, 0xCAF53EA6, 0x23BA4442, +- 0x38532A3A, 0x4E677D2C, 0x45036C7A, 0x0BFD64B6, 0x5E0DD902, 0xC68A007E, +- 0xF44182E1, 0x4DB5A851, 0x7F88A46B, 0x8EC9B55A, 0xCEC97DCF, 0x0A8291CD, +- 0xF98D0ACC, 0x2A4ECEA9, 0x7140003C, 0x1A1DB93D, 0x33CB8B7A, 0x092999A3, +- 0x71AD0038, 0x6DC778F9, 0x918130C4, 0xA907600A, 0x2D9E6832, 0xED6A1E01, +- 0xEFB4318A, 0x7135C886, 0x7E31CC7A, 0x87F55BA5, 0x55034004, 0x7763CF1D, +- 0xD69F6D18, 0xAC7D5F42, 0xE58857B6, 0x7930E9E4, 0x164DF4FB, 0x6E6F52C3, +- 0x669E1EF1, 0x25E41D2B, 0x3FD59D7C, 0x3C1B20EE, 0xFA53DDEF, 0x0ABCD06B, +- 0xD5C4484E, 0x1DBF9A42, 0x9B0DEADA, 0xABC52197, 0x22363A0D, 0xE86D2BC5, +- 0x9C9DF69E, 0x5CAE82AB, 0x71F54BFF, 0x64F2E21E, 0xE2D74DD3, 0xF4FD4452, +- 0xBC437944, 0xB4130C93, 0x85139270, 0xAEFE1309, 0xC186D91C, 0x598CB0FA, +- 0x91F7F7EE, 0x7AD91D26, 0xD6E6C907, 0x61B46FC9, 0xF99C0238, 0xBC34F4DE, +- 0x6519035B, 0xDE355B3B, 0x611FCFDC, 0x886B4238, 0xC1B2EFFA, 0xC6F34A26, +- 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, 0x4C6FAD73, 0xC3FE3B1B, +- 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, 0x28342F61, 0xC03404CD, +- 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, 0x6372BB19, 0xAE56EDE7, +- 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, 0xB2C8E3FB, 0xD108A94B, +- 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, 0x36ADE735, 0x1DF158A1, +- 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, 0x7F57C935, 0xB557135E, +- 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, 0xD5FD6561, 0xD3DF1ED5, +- 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, 0x249B3EF9, 0xCC939DCE, +- 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, 0x273D3CF1, 0xAFDC5620, +- 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF ++ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xC5C6424C, 0xD68C8BB7), ++ BN_DEF(0x838FF88C, 0x011E2A94), BN_DEF(0xA9F4614E, 0x0822E506), ++ BN_DEF(0xF7A8443D, 0x97D11D49), BN_DEF(0x30677F0D, 0xA6BBFDE5), ++ BN_DEF(0xC1FE86FE, 0x2F741EF8), BN_DEF(0x5D71A87E, 0xFAFABE1C), ++ BN_DEF(0xFBE58A30, 0xDED2FBAB), BN_DEF(0x72B0A66E, 0xB6855DFE), ++ BN_DEF(0xBA8A4FE8, 0x1EFC8CE0), BN_DEF(0x3F2FA457, 0x83F81D4A), ++ BN_DEF(0xA577E231, 0xA1FE3075), BN_DEF(0x88D9C0A0, 0xD5B80194), ++ BN_DEF(0xAD9A95F9, 0x624816CD), BN_DEF(0x50C1217B, 0x99E9E316), ++ BN_DEF(0x0E423CFC, 0x51AA691E), BN_DEF(0x3826E52C, 0x1C217E6C), ++ BN_DEF(0x09703FEE, 0x51A8A931), BN_DEF(0x6A460E74, 0xBB709987), ++ BN_DEF(0x9C86B022, 0x541FC68C), BN_DEF(0x46FD8251, 0x59160CC0), ++ BN_DEF(0x35C35F5C, 0x2846C0BA), BN_DEF(0x8B758282, 0x54504AC7), ++ BN_DEF(0xD2AF05E4, 0x29388839), BN_DEF(0xC01BD702, 0xCB2C0F1C), ++ BN_DEF(0x7C932665, 0x555B2F74), BN_DEF(0xA3AB8829, 0x86B63142), ++ BN_DEF(0xF64B10EF, 0x0B8CC3BD), BN_DEF(0xEDD1CC5E, 0x687FEB69), ++ BN_DEF(0xC9509D43, 0xFDB23FCE), BN_DEF(0xD951AE64, 0x1E425A31), ++ BN_DEF(0xF600C838, 0x36AD004C), BN_DEF(0xCFF46AAA, 0xA40E329C), ++ BN_DEF(0x7938DAD4, 0xA41D570D), BN_DEF(0xD43161C1, 0x62A69526), ++ BN_DEF(0x9ADB1E69, 0x3FDD4A8E), BN_DEF(0xDC6B80D6, 0x5B3B71F9), ++ BN_DEF(0xC6272B04, 0xEC9D1810), BN_DEF(0xCACEF403, 0x8CCF2DD5), ++ BN_DEF(0xC95B9117, 0xE49F5235), BN_DEF(0xB854338A, 0x505DC82D), ++ BN_DEF(0x1562A846, 0x62292C31), BN_DEF(0x6AE77F5E, 0xD72B0374), ++ BN_DEF(0x462D538C, 0xF9C9091B), BN_DEF(0x47A67CBE, 0x0AE8DB58), ++ BN_DEF(0x22611682, 0xB3A739C1), BN_DEF(0x2A281BF6, 0xEEAAC023), ++ BN_DEF(0x77CAF992, 0x94C6651E), BN_DEF(0x94B2BBC1, 0x763E4E4B), ++ BN_DEF(0x0077D9B4, 0x587E38DA), BN_DEF(0x183023C3, 0x7FB29F8C), ++ BN_DEF(0xF9E3A26E, 0x0ABEC1FF), BN_DEF(0x350511E3, 0xA00EF092), ++ BN_DEF(0xDB6340D8, 0xB855322E), BN_DEF(0xA9A96910, 0xA52471F7), ++ BN_DEF(0x4CFDB477, 0x388147FB), BN_DEF(0x4E46041F, 0x9B1F5C3E), ++ BN_DEF(0xFCCFEC71, 0xCDAD0657), BN_DEF(0x4C701C3A, 0xB38E8C33), ++ BN_DEF(0xB1C0FD4C, 0x917BDD64), BN_DEF(0x9B7624C8, 0x3BB45432), ++ BN_DEF(0xCAF53EA6, 0x23BA4442), BN_DEF(0x38532A3A, 0x4E677D2C), ++ BN_DEF(0x45036C7A, 0x0BFD64B6), BN_DEF(0x5E0DD902, 0xC68A007E), ++ BN_DEF(0xF44182E1, 0x4DB5A851), BN_DEF(0x7F88A46B, 0x8EC9B55A), ++ BN_DEF(0xCEC97DCF, 0x0A8291CD), BN_DEF(0xF98D0ACC, 0x2A4ECEA9), ++ BN_DEF(0x7140003C, 0x1A1DB93D), BN_DEF(0x33CB8B7A, 0x092999A3), ++ BN_DEF(0x71AD0038, 0x6DC778F9), BN_DEF(0x918130C4, 0xA907600A), ++ BN_DEF(0x2D9E6832, 0xED6A1E01), BN_DEF(0xEFB4318A, 0x7135C886), ++ BN_DEF(0x7E31CC7A, 0x87F55BA5), BN_DEF(0x55034004, 0x7763CF1D), ++ BN_DEF(0xD69F6D18, 0xAC7D5F42), BN_DEF(0xE58857B6, 0x7930E9E4), ++ BN_DEF(0x164DF4FB, 0x6E6F52C3), BN_DEF(0x669E1EF1, 0x25E41D2B), ++ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), ++ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), ++ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), ++ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), ++ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), ++ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), ++ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), ++ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), ++ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), ++ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), ++ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), ++ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), ++ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), ++ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), ++ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), ++ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), ++ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), ++ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), ++ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), ++ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), ++ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), ++ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), ++ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) ++}; ++/* q = (p - 1) / 2 */ ++static const BN_ULONG ffdhe8192_q[] = { ++ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0xE2E32126, 0x6B4645DB), ++ BN_DEF(0x41C7FC46, 0x008F154A), BN_DEF(0x54FA30A7, 0x84117283), ++ BN_DEF(0xFBD4221E, 0xCBE88EA4), BN_DEF(0x9833BF86, 0x535DFEF2), ++ BN_DEF(0x60FF437F, 0x17BA0F7C), BN_DEF(0x2EB8D43F, 0x7D7D5F0E), ++ BN_DEF(0xFDF2C518, 0x6F697DD5), BN_DEF(0x39585337, 0x5B42AEFF), ++ BN_DEF(0x5D4527F4, 0x8F7E4670), BN_DEF(0x1F97D22B, 0xC1FC0EA5), ++ BN_DEF(0xD2BBF118, 0x50FF183A), BN_DEF(0x446CE050, 0xEADC00CA), ++ BN_DEF(0xD6CD4AFC, 0xB1240B66), BN_DEF(0x286090BD, 0x4CF4F18B), ++ BN_DEF(0x07211E7E, 0x28D5348F), BN_DEF(0x1C137296, 0x0E10BF36), ++ BN_DEF(0x84B81FF7, 0x28D45498), BN_DEF(0xB523073A, 0x5DB84CC3), ++ BN_DEF(0x4E435811, 0xAA0FE346), BN_DEF(0x237EC128, 0x2C8B0660), ++ BN_DEF(0x1AE1AFAE, 0x1423605D), BN_DEF(0xC5BAC141, 0x2A282563), ++ BN_DEF(0xE95782F2, 0x149C441C), BN_DEF(0x600DEB81, 0xE596078E), ++ BN_DEF(0x3E499332, 0xAAAD97BA), BN_DEF(0x51D5C414, 0xC35B18A1), ++ BN_DEF(0xFB258877, 0x05C661DE), BN_DEF(0xF6E8E62F, 0xB43FF5B4), ++ BN_DEF(0x64A84EA1, 0x7ED91FE7), BN_DEF(0xECA8D732, 0x0F212D18), ++ BN_DEF(0x7B00641C, 0x1B568026), BN_DEF(0x67FA3555, 0x5207194E), ++ BN_DEF(0xBC9C6D6A, 0xD20EAB86), BN_DEF(0x6A18B0E0, 0xB1534A93), ++ BN_DEF(0x4D6D8F34, 0x1FEEA547), BN_DEF(0xEE35C06B, 0x2D9DB8FC), ++ BN_DEF(0x63139582, 0xF64E8C08), BN_DEF(0xE5677A01, 0xC66796EA), ++ BN_DEF(0xE4ADC88B, 0x724FA91A), BN_DEF(0xDC2A19C5, 0x282EE416), ++ BN_DEF(0x8AB15423, 0x31149618), BN_DEF(0x3573BFAF, 0x6B9581BA), ++ BN_DEF(0xA316A9C6, 0x7CE4848D), BN_DEF(0x23D33E5F, 0x05746DAC), ++ BN_DEF(0x91308B41, 0x59D39CE0), BN_DEF(0x95140DFB, 0x77556011), ++ BN_DEF(0x3BE57CC9, 0xCA63328F), BN_DEF(0xCA595DE0, 0x3B1F2725), ++ BN_DEF(0x003BECDA, 0xAC3F1C6D), BN_DEF(0x0C1811E1, 0x3FD94FC6), ++ BN_DEF(0xFCF1D137, 0x855F60FF), BN_DEF(0x1A8288F1, 0x50077849), ++ BN_DEF(0x6DB1A06C, 0x5C2A9917), BN_DEF(0xD4D4B488, 0xD29238FB), ++ BN_DEF(0xA67EDA3B, 0x9C40A3FD), BN_DEF(0x2723020F, 0xCD8FAE1F), ++ BN_DEF(0xFE67F638, 0x66D6832B), BN_DEF(0xA6380E1D, 0x59C74619), ++ BN_DEF(0x58E07EA6, 0x48BDEEB2), BN_DEF(0x4DBB1264, 0x1DDA2A19), ++ BN_DEF(0x657A9F53, 0x11DD2221), BN_DEF(0x1C29951D, 0x2733BE96), ++ BN_DEF(0x2281B63D, 0x05FEB25B), BN_DEF(0x2F06EC81, 0xE345003F), ++ BN_DEF(0xFA20C170, 0xA6DAD428), BN_DEF(0x3FC45235, 0xC764DAAD), ++ BN_DEF(0xE764BEE7, 0x054148E6), BN_DEF(0xFCC68566, 0x15276754), ++ BN_DEF(0xB8A0001E, 0x0D0EDC9E), BN_DEF(0x99E5C5BD, 0x0494CCD1), ++ BN_DEF(0xB8D6801C, 0x36E3BC7C), BN_DEF(0x48C09862, 0x5483B005), ++ BN_DEF(0x96CF3419, 0x76B50F00), BN_DEF(0x77DA18C5, 0x389AE443), ++ BN_DEF(0xBF18E63D, 0x43FAADD2), BN_DEF(0xAA81A002, 0x3BB1E78E), ++ BN_DEF(0x6B4FB68C, 0x563EAFA1), BN_DEF(0x72C42BDB, 0xBC9874F2), ++ BN_DEF(0x8B26FA7D, 0xB737A961), BN_DEF(0xB34F0F78, 0x12F20E95), ++ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), ++ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), ++ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), ++ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), ++ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), ++ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), ++ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), ++ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), ++ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), ++ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), ++ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), ++ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), ++ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), ++ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), ++ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), ++ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), ++ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), ++ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), ++ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), ++ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), ++ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), ++ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), ++ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), + }; + +-# else +-# error "unsupported BN_BITS2" +-# endif +- + /* Macro to make a BIGNUM from static data */ + + # define make_dh_bn(x) extern const BIGNUM _bignum_##x; \ +@@ -489,24 +1010,42 @@ static const BN_ULONG ffdhe8192_p[] = { + + static const BN_ULONG value_2 = 2; + +-const BIGNUM _bignum_const_2 = +- { (BN_ULONG *)&value_2, 1, 1, 0, BN_FLG_STATIC_DATA }; ++const BIGNUM _bignum_const_2 = { ++ (BN_ULONG *)&value_2, 1, 1, 0, BN_FLG_STATIC_DATA ++}; + + make_dh_bn(dh1024_160_p) +-make_dh_bn(dh1024_160_g) + make_dh_bn(dh1024_160_q) ++make_dh_bn(dh1024_160_g) + make_dh_bn(dh2048_224_p) +-make_dh_bn(dh2048_224_g) + make_dh_bn(dh2048_224_q) ++make_dh_bn(dh2048_224_g) + make_dh_bn(dh2048_256_p) +-make_dh_bn(dh2048_256_g) + make_dh_bn(dh2048_256_q) ++make_dh_bn(dh2048_256_g) + + make_dh_bn(ffdhe2048_p) ++make_dh_bn(ffdhe2048_q) + make_dh_bn(ffdhe3072_p) ++make_dh_bn(ffdhe3072_q) + make_dh_bn(ffdhe4096_p) ++make_dh_bn(ffdhe4096_q) + make_dh_bn(ffdhe6144_p) ++make_dh_bn(ffdhe6144_q) + make_dh_bn(ffdhe8192_p) ++make_dh_bn(ffdhe8192_q) + ++make_dh_bn(modp_1536_p) ++make_dh_bn(modp_1536_q) ++make_dh_bn(modp_2048_p) ++make_dh_bn(modp_2048_q) ++make_dh_bn(modp_3072_p) ++make_dh_bn(modp_3072_q) ++make_dh_bn(modp_4096_p) ++make_dh_bn(modp_4096_q) ++make_dh_bn(modp_6144_p) ++make_dh_bn(modp_6144_q) ++make_dh_bn(modp_8192_p) ++make_dh_bn(modp_8192_q) + +-#endif ++#endif /* OPENSSL_NO_DH */ +diff -up openssl-1.1.1g/crypto/dh/dh_check.c.fips-dh openssl-1.1.1g/crypto/dh/dh_check.c +--- openssl-1.1.1g/crypto/dh/dh_check.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_check.c 2020-07-17 10:36:29.246788449 +0200 +@@ -10,6 +10,7 @@ + #include + #include "internal/cryptlib.h" + #include ++#include + #include "dh_local.h" + + # define DH_NUMBER_ITERATIONS_FOR_PRIME 64 +@@ -41,6 +42,12 @@ int DH_check_params(const DH *dh, int *r + BIGNUM *tmp = NULL; + BN_CTX *ctx = NULL; + ++ if (FIPS_mode()) { ++ int nid = dh->nid == NID_undef ? DH_get_nid(dh) : dh->nid; ++ ++ return nid != NID_undef; ++ } ++ + *ret = 0; + ctx = BN_CTX_new(); + if (ctx == NULL) +@@ -95,6 +102,7 @@ int DH_check_ex(const DH *dh) + return errflags == 0; + } + ++/* Note: according to documentation - this only checks the params */ + int DH_check(const DH *dh, int *ret) + { + int ok = 0, r; +@@ -104,6 +112,9 @@ int DH_check(const DH *dh, int *ret) + if (!DH_check_params(dh, ret)) + return 0; + ++ if (FIPS_mode()) /* we allow only well-known params */ ++ return 1; ++ + ctx = BN_CTX_new(); + if (ctx == NULL) + goto err; +@@ -177,7 +188,7 @@ int DH_check_pub_key_ex(const DH *dh, co + return errflags == 0; + } + +-int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) ++static int dh_check_pub_key_int(const DH *dh, const BIGNUM *q, const BIGNUM *pub_key, int *ret) + { + int ok = 0; + BIGNUM *tmp = NULL; +@@ -198,9 +209,9 @@ int DH_check_pub_key(const DH *dh, const + if (BN_cmp(pub_key, tmp) >= 0) + *ret |= DH_CHECK_PUBKEY_TOO_LARGE; + +- if (dh->q != NULL) { ++ if (q != NULL) { + /* Check pub_key^q == 1 mod p */ +- if (!BN_mod_exp(tmp, pub_key, dh->q, dh->p, ctx)) ++ if (!BN_mod_exp(tmp, pub_key, q, dh->p, ctx)) + goto err; + if (!BN_is_one(tmp)) + *ret |= DH_CHECK_PUBKEY_INVALID; +@@ -212,3 +223,23 @@ int DH_check_pub_key(const DH *dh, const + BN_CTX_free(ctx); + return ok; + } ++ ++int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) ++{ ++ return dh_check_pub_key_int(dh, dh->q, pub_key, ret); ++} ++ ++int dh_check_pub_key_full(const DH *dh, const BIGNUM *pub_key, int *ret) ++{ ++ BIGNUM *q = dh->q; ++ ++ if (q == NULL) { ++ if (dh_get_known_q(dh, &q) == 0) { ++ *ret |= DH_CHECK_INVALID_Q_VALUE; ++ return 0; ++ } ++ } ++ ++ return dh_check_pub_key_int(dh, q, pub_key, ret); ++} ++ +diff -up openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh openssl-1.1.1g/crypto/dh/dh_gen.c +--- openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh 2020-07-17 10:36:29.182787923 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_gen.c 2020-07-17 10:36:29.246788449 +0200 +@@ -27,8 +27,7 @@ int DH_generate_parameters_ex(DH *ret, i + BN_GENCB *cb) + { + #ifdef OPENSSL_FIPS +- if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD) +- && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) { ++ if (FIPS_mode()) { + DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD); + return 0; + } +@@ -75,18 +74,6 @@ static int dh_builtin_genparams(DH *ret, + int g, ok = -1; + BN_CTX *ctx = NULL; + +-#ifdef OPENSSL_FIPS +- if (FIPS_selftest_failed()) { +- FIPSerr(FIPS_F_DH_BUILTIN_GENPARAMS, FIPS_R_FIPS_SELFTEST_FAILED); +- return 0; +- } +- +- if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN)) { +- DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL); +- goto err; +- } +-#endif +- + ctx = BN_CTX_new(); + if (ctx == NULL) + goto err; +diff -up openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh openssl-1.1.1g/crypto/dh/dh_key.c +--- openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh 2020-07-17 10:36:29.182787923 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_key.c 2020-07-17 11:00:07.783777846 +0200 +@@ -100,10 +100,18 @@ static int generate_key(DH *dh) + BIGNUM *pub_key = NULL, *priv_key = NULL; + + #ifdef OPENSSL_FIPS +- if (FIPS_mode() +- && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) { +- DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL); +- return 0; ++ if (FIPS_mode()) { ++ if (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS) { ++ DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL); ++ return 0; ++ } ++ if (dh->nid == NID_undef) ++ dh_cache_nid(dh); ++ if (dh->nid == NID_undef || dh->length > BN_num_bits(dh->p) - 2 ++ || dh->length < 224) { ++ DHerr(DH_F_GENERATE_KEY, DH_R_NON_FIPS_METHOD); ++ return 0; ++ } + } + #endif + +@@ -139,7 +147,15 @@ static int generate_key(DH *dh) + } + + if (generate_new_key) { +- if (dh->q) { ++ if (FIPS_mode()) { ++ do { ++ if (!BN_priv_rand(priv_key, dh->length, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY)) ++ goto err; ++ if (!BN_add_word(priv_key, 1)) ++ goto err; ++ } ++ while (BN_num_bits(priv_key) > dh->length); ++ } else if (dh->q) { + do { + if (!BN_priv_rand_range(priv_key, dh->q)) + goto err; +@@ -175,6 +191,15 @@ static int generate_key(DH *dh) + } + /* We MUST free prk before any further use of priv_key */ + BN_clear_free(prk); ++ ++ if (FIPS_mode()) { ++ int check_result; ++ ++ if (!dh_check_pub_key_full(dh, pub_key, &check_result) || check_result) { ++ DHerr(DH_F_GENERATE_KEY, DH_R_INVALID_PUBKEY); ++ goto err; ++ } ++ } + } + + dh->pub_key = pub_key; +@@ -197,6 +222,7 @@ static int compute_key(unsigned char *ke + BN_CTX *ctx = NULL; + BN_MONT_CTX *mont = NULL; + BIGNUM *tmp; ++ BIGNUM *p1; + int ret = -1; + int check_result; + +@@ -243,6 +269,18 @@ static int compute_key(unsigned char *ke + DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB); + goto err; + } ++ ++ if (BN_is_zero(tmp) || BN_is_one(tmp) || BN_is_negative(tmp)) { ++ DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ if ((p1 = BN_CTX_get(ctx)) == NULL ++ || !BN_sub(p1, dh->p, BN_value_one()) ++ || BN_cmp(p1, tmp) <= 0) { ++ DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB); ++ goto err; ++ } + + ret = BN_bn2bin(tmp, key); + err: +diff -up openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh openssl-1.1.1g/crypto/dh/dh_lib.c +--- openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_lib.c 2020-07-17 10:36:29.246788449 +0200 +@@ -8,6 +8,7 @@ + */ + + #include ++#include + #include "internal/cryptlib.h" + #include "internal/refcount.h" + #include +@@ -86,6 +87,8 @@ DH *DH_new_method(ENGINE *engine) + goto err; + } + ++ ret->nid = NID_undef; ++ + return ret; + + err: +@@ -205,7 +208,10 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNU + dh->g = g; + } + +- if (q != NULL) { ++ dh->nid = NID_undef; ++ dh_cache_nid(dh); ++ ++ if (q != NULL && dh->nid == NID_undef) { + dh->length = BN_num_bits(q); + } + +diff -up openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh openssl-1.1.1g/crypto/dh/dh_local.h +--- openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh 2020-07-17 10:36:28.968786163 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_local.h 2020-07-17 10:36:29.246788449 +0200 +@@ -35,6 +35,7 @@ struct dh_st { + const DH_METHOD *meth; + ENGINE *engine; + CRYPTO_RWLOCK *lock; ++ int nid; + }; + + struct dh_method { +@@ -55,3 +56,10 @@ struct dh_method { + int (*generate_params) (DH *dh, int prime_len, int generator, + BN_GENCB *cb); + }; ++ ++void dh_cache_nid(DH *dh); ++/* Obtain known q value based on nid or p */ ++int dh_get_known_q(const DH *dh, BIGNUM **q); ++/* FIPS mode only check which requires nid set and looks up q based on it. */ ++int dh_check_pub_key_full(const DH *dh, const BIGNUM *pub_key, int *ret); ++ +diff -up openssl-1.1.1g/crypto/dh/dh_rfc7919.c.fips-dh openssl-1.1.1g/crypto/dh/dh_rfc7919.c +--- openssl-1.1.1g/crypto/dh/dh_rfc7919.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_rfc7919.c 2020-07-17 10:36:29.246788449 +0200 +@@ -7,6 +7,8 @@ + * https://www.openssl.org/source/license.html + */ + ++/* DH parameters from RFC7919 and RFC3526 */ ++ + #include + #include "internal/cryptlib.h" + #include "dh_local.h" +@@ -14,14 +16,19 @@ + #include + #include "crypto/bn_dh.h" + +-static DH *dh_param_init(const BIGNUM *p, int32_t nbits) ++static DH *dh_param_init(int nid, const BIGNUM *p, const BIGNUM *q, int32_t nbits) + { + DH *dh = DH_new(); + if (dh == NULL) + return NULL; + dh->p = (BIGNUM *)p; ++ /* ++ * We do not set q as it would enable the inefficient and ++ * unnecessary pubkey modular exponentiation check. ++ */ + dh->g = (BIGNUM *)&_bignum_const_2; + dh->length = nbits; ++ dh->nid = nid; + return dh; + } + +@@ -29,46 +36,121 @@ DH *DH_new_by_nid(int nid) + { + switch (nid) { + case NID_ffdhe2048: +- return dh_param_init(&_bignum_ffdhe2048_p, 225); ++ return dh_param_init(nid, &_bignum_ffdhe2048_p, &_bignum_ffdhe2048_q, 225); + case NID_ffdhe3072: +- return dh_param_init(&_bignum_ffdhe3072_p, 275); ++ return dh_param_init(nid, &_bignum_ffdhe3072_p, &_bignum_ffdhe3072_q, 275); + case NID_ffdhe4096: +- return dh_param_init(&_bignum_ffdhe4096_p, 325); ++ return dh_param_init(nid, &_bignum_ffdhe4096_p, &_bignum_ffdhe4096_q, 325); + case NID_ffdhe6144: +- return dh_param_init(&_bignum_ffdhe6144_p, 375); ++ return dh_param_init(nid, &_bignum_ffdhe6144_p, &_bignum_ffdhe6144_q, 375); + case NID_ffdhe8192: +- return dh_param_init(&_bignum_ffdhe8192_p, 400); ++ return dh_param_init(nid, &_bignum_ffdhe8192_p, &_bignum_ffdhe8192_q, 400); ++ case NID_modp_2048: ++ return dh_param_init(nid, &_bignum_modp_2048_p, &_bignum_modp_2048_q, 225); ++ case NID_modp_3072: ++ return dh_param_init(nid, &_bignum_modp_3072_p, &_bignum_modp_3072_q, 275); ++ case NID_modp_4096: ++ return dh_param_init(nid, &_bignum_modp_4096_p, &_bignum_modp_4096_q, 325); ++ case NID_modp_6144: ++ return dh_param_init(nid, &_bignum_modp_6144_p, &_bignum_modp_6144_q, 375); ++ case NID_modp_8192: ++ return dh_param_init(nid, &_bignum_modp_8192_p, &_bignum_modp_8192_q, 400); ++ case NID_modp_1536: ++ if (!FIPS_mode()) ++ return dh_param_init(nid, &_bignum_modp_1536_p, &_bignum_modp_1536_q, 175); ++ /* fallthrough */ + default: + DHerr(DH_F_DH_NEW_BY_NID, DH_R_INVALID_PARAMETER_NID); + return NULL; + } + } + +-int DH_get_nid(const DH *dh) ++static int dh_match_group(const DH *dh, BIGNUM **qout, int *lout) + { + int nid; ++ const BIGNUM *q; ++ int length; + + if (BN_get_word(dh->g) != 2) + return NID_undef; +- if (!BN_cmp(dh->p, &_bignum_ffdhe2048_p)) ++ ++ if (dh->nid == NID_ffdhe2048 || !BN_cmp(dh->p, &_bignum_ffdhe2048_p)) { + nid = NID_ffdhe2048; +- else if (!BN_cmp(dh->p, &_bignum_ffdhe3072_p)) ++ q = &_bignum_ffdhe2048_q; ++ length = 225; ++ } else if (dh->nid == NID_ffdhe3072 || !BN_cmp(dh->p, &_bignum_ffdhe3072_p)) { + nid = NID_ffdhe3072; +- else if (!BN_cmp(dh->p, &_bignum_ffdhe4096_p)) ++ q = &_bignum_ffdhe3072_q; ++ length = 275; ++ } else if (dh->nid == NID_ffdhe4096 || !BN_cmp(dh->p, &_bignum_ffdhe4096_p)) { + nid = NID_ffdhe4096; +- else if (!BN_cmp(dh->p, &_bignum_ffdhe6144_p)) ++ q = &_bignum_ffdhe4096_q; ++ length = 325; ++ } else if (dh->nid == NID_ffdhe6144 || !BN_cmp(dh->p, &_bignum_ffdhe6144_p)) { + nid = NID_ffdhe6144; +- else if (!BN_cmp(dh->p, &_bignum_ffdhe8192_p)) ++ q = &_bignum_ffdhe6144_q; ++ length = 375; ++ } else if (dh->nid == NID_ffdhe8192 || !BN_cmp(dh->p, &_bignum_ffdhe8192_p)) { + nid = NID_ffdhe8192; +- else ++ q = &_bignum_ffdhe8192_q; ++ length = 400; ++ } else if (dh->nid == NID_modp_2048 || !BN_cmp(dh->p, &_bignum_modp_2048_p)) { ++ nid = NID_modp_2048; ++ q = &_bignum_modp_2048_q; ++ length = 225; ++ } else if (dh->nid == NID_modp_3072 || !BN_cmp(dh->p, &_bignum_modp_3072_p)) { ++ nid = NID_modp_3072; ++ q = &_bignum_modp_3072_q; ++ length = 275; ++ } else if (dh->nid == NID_modp_4096 || !BN_cmp(dh->p, &_bignum_modp_4096_p)) { ++ nid = NID_modp_4096; ++ q = &_bignum_modp_4096_q; ++ length = 325; ++ } else if (dh->nid == NID_modp_6144 || !BN_cmp(dh->p, &_bignum_modp_6144_p)) { ++ nid = NID_modp_6144; ++ q = &_bignum_modp_6144_q; ++ length = 375; ++ } else if (dh->nid == NID_modp_8192 || !BN_cmp(dh->p, &_bignum_modp_8192_p)) { ++ nid = NID_modp_8192; ++ q = &_bignum_modp_8192_q; ++ length = 400; ++ } else if (!FIPS_mode() && (dh->nid == NID_modp_1536 || !BN_cmp(dh->p, &_bignum_modp_1536_p))) { ++ nid = NID_modp_1536; ++ q = &_bignum_modp_1536_q; ++ length = 175; ++ } else { + return NID_undef; ++ } ++ + if (dh->q != NULL) { +- BIGNUM *q = BN_dup(dh->p); ++ /* Check that q matches the known q. */ ++ if (BN_cmp(dh->q, q)) ++ return NID_undef; ++ } else if (qout != NULL) { ++ *qout = (BIGNUM *)q; ++ } + +- /* Check q = p * 2 + 1 we already know q is odd, so just shift right */ +- if (q == NULL || !BN_rshift1(q, q) || !BN_cmp(dh->q, q)) +- nid = NID_undef; +- BN_free(q); ++ if (lout != NULL) { ++ *lout = length; + } + return nid; + } ++ ++int DH_get_nid(const DH *dh) ++{ ++ if (dh->nid != NID_undef) { ++ return dh->nid; ++ } ++ return dh_match_group(dh, NULL, NULL); ++} ++ ++void dh_cache_nid(DH *dh) ++{ ++ dh->nid = dh_match_group(dh, NULL, &dh->length); ++} ++ ++int dh_get_known_q(const DH *dh, BIGNUM **q) ++{ ++ return dh_match_group(dh, q, NULL) != NID_undef; ++} ++ +diff -up openssl-1.1.1g/crypto/ec/ec_key.c.fips-dh openssl-1.1.1g/crypto/ec/ec_key.c +--- openssl-1.1.1g/crypto/ec/ec_key.c.fips-dh 2020-07-17 11:00:53.958175227 +0200 ++++ openssl-1.1.1g/crypto/ec/ec_key.c 2020-07-20 13:24:03.941107320 +0200 +@@ -280,9 +280,18 @@ int ec_key_simple_generate_key(EC_KEY *e + if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, ctx)) + goto err; + +- eckey->priv_key = priv_key; + eckey->pub_key = pub_key; + ++ if (FIPS_mode()) { ++ eckey->priv_key = NULL; ++ if (EC_KEY_check_key(eckey) <= 0) { ++ eckey->pub_key = NULL; ++ goto err; ++ } ++ } ++ ++ eckey->priv_key = priv_key; ++ + ok = 1; + + err: +@@ -296,8 +305,23 @@ int ec_key_simple_generate_key(EC_KEY *e + + int ec_key_simple_generate_public_key(EC_KEY *eckey) + { +- return EC_POINT_mul(eckey->group, eckey->pub_key, eckey->priv_key, NULL, ++ BIGNUM *priv_key; ++ int ret = EC_POINT_mul(eckey->group, eckey->pub_key, eckey->priv_key, NULL, + NULL, NULL); ++ ++ if (ret <= 0 || !FIPS_mode()) ++ return ret; ++ ++ /* no need to perform private key test, temporarily hide it */ ++ priv_key = eckey->priv_key; ++ eckey->priv_key = NULL; ++ ret = EC_KEY_check_key(eckey); ++ eckey->priv_key = priv_key; ++ ++ if (ret <= 0) ++ EC_POINT_set_to_infinity(eckey->group, eckey->pub_key); ++ ++ return ret; + } + + int EC_KEY_check_key(const EC_KEY *eckey) +diff -up openssl-1.1.1g/crypto/evp/p_lib.c.fips-dh openssl-1.1.1g/crypto/evp/p_lib.c +--- openssl-1.1.1g/crypto/evp/p_lib.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/evp/p_lib.c 2020-07-17 10:36:29.247788458 +0200 +@@ -540,7 +540,8 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *p + + int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) + { +- int type = DH_get0_q(key) == NULL ? EVP_PKEY_DH : EVP_PKEY_DHX; ++ int type = DH_get0_q(key) == NULL || DH_get_nid(key) != NID_undef ? ++ EVP_PKEY_DH : EVP_PKEY_DHX; + int ret = EVP_PKEY_assign(pkey, type, key); + + if (ret) +diff -up openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh openssl-1.1.1g/crypto/objects/obj_dat.h +--- openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh 2020-07-17 10:36:29.239788392 +0200 ++++ openssl-1.1.1g/crypto/objects/obj_dat.h 2020-07-17 10:36:29.247788458 +0200 +@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = { + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ + }; + +-#define NUM_NID 1199 ++#define NUM_NID 1205 + static const ASN1_OBJECT nid_objs[NUM_NID] = { + {"UNDEF", "undefined", NID_undef}, + {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, +@@ -2279,9 +2279,15 @@ static const ASN1_OBJECT nid_objs[NUM_NI + {"KBKDF", "kbkdf", NID_kbkdf}, + {"KRB5KDF", "krb5kdf", NID_krb5kdf}, + {"SSKDF", "sskdf", NID_sskdf}, ++ {"modp_1536", "modp_1536", NID_modp_1536}, ++ {"modp_2048", "modp_2048", NID_modp_2048}, ++ {"modp_3072", "modp_3072", NID_modp_3072}, ++ {"modp_4096", "modp_4096", NID_modp_4096}, ++ {"modp_6144", "modp_6144", NID_modp_6144}, ++ {"modp_8192", "modp_8192", NID_modp_8192}, + }; + +-#define NUM_SN 1190 ++#define NUM_SN 1196 + static const unsigned int sn_objs[NUM_SN] = { + 364, /* "AD_DVCS" */ + 419, /* "AES-128-CBC" */ +@@ -3127,6 +3133,12 @@ static const unsigned int sn_objs[NUM_SN + 506, /* "mime-mhs-bodies" */ + 505, /* "mime-mhs-headings" */ + 488, /* "mobileTelephoneNumber" */ ++ 1199, /* "modp_1536" */ ++ 1200, /* "modp_2048" */ ++ 1201, /* "modp_3072" */ ++ 1202, /* "modp_4096" */ ++ 1203, /* "modp_6144" */ ++ 1204, /* "modp_8192" */ + 136, /* "msCTLSign" */ + 135, /* "msCodeCom" */ + 134, /* "msCodeInd" */ +@@ -3475,7 +3487,7 @@ static const unsigned int sn_objs[NUM_SN + 1093, /* "x509ExtAdmission" */ + }; + +-#define NUM_LN 1190 ++#define NUM_LN 1196 + static const unsigned int ln_objs[NUM_LN] = { + 363, /* "AD Time Stamping" */ + 405, /* "ANSI X9.62" */ +@@ -4313,6 +4325,12 @@ static const unsigned int ln_objs[NUM_LN + 506, /* "mime-mhs-bodies" */ + 505, /* "mime-mhs-headings" */ + 488, /* "mobileTelephoneNumber" */ ++ 1199, /* "modp_1536" */ ++ 1200, /* "modp_2048" */ ++ 1201, /* "modp_3072" */ ++ 1202, /* "modp_4096" */ ++ 1203, /* "modp_6144" */ ++ 1204, /* "modp_8192" */ + 481, /* "nSRecord" */ + 173, /* "name" */ + 681, /* "onBasis" */ +diff -up openssl-1.1.1g/crypto/objects/objects.txt.fips-dh openssl-1.1.1g/crypto/objects/objects.txt +--- openssl-1.1.1g/crypto/objects/objects.txt.fips-dh 2020-07-17 10:36:29.239788392 +0200 ++++ openssl-1.1.1g/crypto/objects/objects.txt 2020-07-17 10:36:29.247788458 +0200 +@@ -1657,6 +1657,13 @@ id-pkinit 5 : pkInit + : ffdhe4096 + : ffdhe6144 + : ffdhe8192 ++# NIDs for RFC3526 DH parameters ++ : modp_1536 ++ : modp_2048 ++ : modp_3072 ++ : modp_4096 ++ : modp_6144 ++ : modp_8192 + + # OIDs for DSTU-4145/DSTU-7564 (http://zakon2.rada.gov.ua/laws/show/z0423-17) + +diff -up openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh openssl-1.1.1g/crypto/objects/obj_mac.num +--- openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh 2020-07-17 10:36:29.239788392 +0200 ++++ openssl-1.1.1g/crypto/objects/obj_mac.num 2020-07-17 10:36:29.248788466 +0200 +@@ -1196,3 +1196,9 @@ sshkdf 1195 + kbkdf 1196 + krb5kdf 1197 + sskdf 1198 ++modp_1536 1199 ++modp_2048 1200 ++modp_3072 1201 ++modp_4096 1202 ++modp_6144 1203 ++modp_8192 1204 +diff -up openssl-1.1.1g/doc/man3/DH_new_by_nid.pod.fips-dh openssl-1.1.1g/doc/man3/DH_new_by_nid.pod +--- openssl-1.1.1g/doc/man3/DH_new_by_nid.pod.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/doc/man3/DH_new_by_nid.pod 2020-07-17 10:36:29.248788466 +0200 +@@ -8,13 +8,15 @@ DH_new_by_nid, DH_get_nid - get or find + + #include + DH *DH_new_by_nid(int nid); +- int *DH_get_nid(const DH *dh); ++ int DH_get_nid(const DH *dh); + + =head1 DESCRIPTION + + DH_new_by_nid() creates and returns a DH structure containing named parameters + B. Currently B must be B, B, +-B, B or B. ++B, B, B, ++B, B, B, ++B, B or B. + + DH_get_nid() determines if the parameters contained in B match + any named set. It returns the NID corresponding to the matching parameters or +diff -up openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod +--- openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod 2020-07-17 10:36:29.248788466 +0200 +@@ -294,10 +294,11 @@ The EVP_PKEY_CTX_set_dh_pad() macro sets + If B is zero (the default) then no padding is performed. + + EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to +-B as defined in RFC7919. The B parameter must be B, +-B, B, B, B +-or B to clear the stored value. This macro can be called during +-parameter or key generation. ++I as defined in RFC7919 or RFC3526. The I parameter must be ++B, B, B, B, ++B, B, B, B, ++B, B, B or B to clear ++the stored value. This macro can be called during parameter or key generation. + The nid parameter and the rfc5114 parameter are mutually exclusive. + + The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are +diff -up openssl-1.1.1g/include/crypto/bn_dh.h.fips-dh openssl-1.1.1g/include/crypto/bn_dh.h +--- openssl-1.1.1g/include/crypto/bn_dh.h.fips-dh 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/include/crypto/bn_dh.h 2020-07-17 10:36:29.248788466 +0200 +@@ -1,7 +1,7 @@ + /* +- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. + * +- * Licensed under the OpenSSL license (the "License"). You may not use ++ * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html +@@ -9,16 +9,35 @@ + + #define declare_dh_bn(x) \ + extern const BIGNUM _bignum_dh##x##_p; \ ++ extern const BIGNUM _bignum_dh##x##_q; \ + extern const BIGNUM _bignum_dh##x##_g; \ +- extern const BIGNUM _bignum_dh##x##_q; + + declare_dh_bn(1024_160) + declare_dh_bn(2048_224) + declare_dh_bn(2048_256) + ++extern const BIGNUM _bignum_const_2; ++ + extern const BIGNUM _bignum_ffdhe2048_p; + extern const BIGNUM _bignum_ffdhe3072_p; + extern const BIGNUM _bignum_ffdhe4096_p; + extern const BIGNUM _bignum_ffdhe6144_p; + extern const BIGNUM _bignum_ffdhe8192_p; +-extern const BIGNUM _bignum_const_2; ++extern const BIGNUM _bignum_ffdhe2048_q; ++extern const BIGNUM _bignum_ffdhe3072_q; ++extern const BIGNUM _bignum_ffdhe4096_q; ++extern const BIGNUM _bignum_ffdhe6144_q; ++extern const BIGNUM _bignum_ffdhe8192_q; ++ ++extern const BIGNUM _bignum_modp_1536_p; ++extern const BIGNUM _bignum_modp_2048_p; ++extern const BIGNUM _bignum_modp_3072_p; ++extern const BIGNUM _bignum_modp_4096_p; ++extern const BIGNUM _bignum_modp_6144_p; ++extern const BIGNUM _bignum_modp_8192_p; ++extern const BIGNUM _bignum_modp_1536_q; ++extern const BIGNUM _bignum_modp_2048_q; ++extern const BIGNUM _bignum_modp_3072_q; ++extern const BIGNUM _bignum_modp_4096_q; ++extern const BIGNUM _bignum_modp_6144_q; ++extern const BIGNUM _bignum_modp_8192_q; +diff -up openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh openssl-1.1.1g/include/openssl/obj_mac.h +--- openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh 2020-07-17 10:36:29.240788400 +0200 ++++ openssl-1.1.1g/include/openssl/obj_mac.h 2020-07-17 10:36:29.248788466 +0200 +@@ -5115,6 +5115,24 @@ + #define SN_ffdhe8192 "ffdhe8192" + #define NID_ffdhe8192 1130 + ++#define SN_modp_1536 "modp_1536" ++#define NID_modp_1536 1199 ++ ++#define SN_modp_2048 "modp_2048" ++#define NID_modp_2048 1200 ++ ++#define SN_modp_3072 "modp_3072" ++#define NID_modp_3072 1201 ++ ++#define SN_modp_4096 "modp_4096" ++#define NID_modp_4096 1202 ++ ++#define SN_modp_6144 "modp_6144" ++#define NID_modp_6144 1203 ++ ++#define SN_modp_8192 "modp_8192" ++#define NID_modp_8192 1204 ++ + #define SN_ISO_UA "ISO-UA" + #define NID_ISO_UA 1150 + #define OBJ_ISO_UA OBJ_member_body,804L +diff -up openssl-1.1.1g/ssl/s3_lib.c.fips-dh openssl-1.1.1g/ssl/s3_lib.c +--- openssl-1.1.1g/ssl/s3_lib.c.fips-dh 2020-07-17 10:36:29.199788063 +0200 ++++ openssl-1.1.1g/ssl/s3_lib.c 2020-07-17 10:36:29.248788466 +0200 +@@ -4858,13 +4858,51 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey + EVP_PKEY *ssl_dh_to_pkey(DH *dh) + { + EVP_PKEY *ret; ++ DH *dhp = NULL; ++ + if (dh == NULL) + return NULL; ++ ++ if (FIPS_mode() && DH_get_nid(dh) == NID_undef) { ++ int bits = DH_bits(dh); ++ BIGNUM *p, *g; ++ ++ dhp = DH_new(); ++ if (dhp == NULL) ++ return NULL; ++ g = BN_new(); ++ if (g == NULL || !BN_set_word(g, 2)) { ++ DH_free(dhp); ++ BN_free(g); ++ return NULL; ++ } ++ ++ if (bits >= 7000) ++ p = BN_get_rfc3526_prime_8192(NULL); ++ else if (bits >= 5000) ++ p = BN_get_rfc3526_prime_6144(NULL); ++ else if (bits >= 3800) ++ p = BN_get_rfc3526_prime_4096(NULL); ++ else if (bits >= 2500) ++ p = BN_get_rfc3526_prime_3072(NULL); ++ else ++ p = BN_get_rfc3526_prime_2048(NULL); ++ if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) { ++ DH_free(dhp); ++ BN_free(p); ++ BN_free(g); ++ return NULL; ++ } ++ dh = dhp; ++ } ++ + ret = EVP_PKEY_new(); + if (EVP_PKEY_set1_DH(ret, dh) <= 0) { ++ DH_free(dhp); + EVP_PKEY_free(ret); + return NULL; + } ++ DH_free(dhp); + return ret; + } + #endif +diff -up openssl-1.1.1g/ssl/t1_lib.c.fips-dh openssl-1.1.1g/ssl/t1_lib.c +--- openssl-1.1.1g/ssl/t1_lib.c.fips-dh 2020-07-17 10:36:29.243788425 +0200 ++++ openssl-1.1.1g/ssl/t1_lib.c 2020-07-17 10:36:29.249788474 +0200 +@@ -2511,46 +2511,48 @@ int SSL_check_chain(SSL *s, X509 *x, EVP + #ifndef OPENSSL_NO_DH + DH *ssl_get_auto_dh(SSL *s) + { ++ DH *dhp = NULL; ++ BIGNUM *p = NULL, *g = NULL; + int dh_secbits = 80; +- if (s->cert->dh_tmp_auto == 2) +- return DH_get_1024_160(); +- if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aPSK)) { +- if (s->s3->tmp.new_cipher->strength_bits == 256) +- dh_secbits = 128; +- else +- dh_secbits = 80; +- } else { +- if (s->s3->tmp.cert == NULL) +- return NULL; +- dh_secbits = EVP_PKEY_security_bits(s->s3->tmp.cert->privatekey); ++ if (s->cert->dh_tmp_auto != 2) { ++ if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aPSK)) { ++ if (s->s3->tmp.new_cipher->strength_bits == 256) ++ dh_secbits = 128; ++ else ++ dh_secbits = 80; ++ } else { ++ if (s->s3->tmp.cert == NULL) ++ return NULL; ++ dh_secbits = EVP_PKEY_security_bits(s->s3->tmp.cert->privatekey); ++ } + } + +- if (dh_secbits >= 128) { +- DH *dhp = DH_new(); +- BIGNUM *p, *g; +- if (dhp == NULL) +- return NULL; +- g = BN_new(); +- if (g == NULL || !BN_set_word(g, 2)) { +- DH_free(dhp); +- BN_free(g); +- return NULL; +- } +- if (dh_secbits >= 192) +- p = BN_get_rfc3526_prime_8192(NULL); +- else +- p = BN_get_rfc3526_prime_3072(NULL); +- if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) { +- DH_free(dhp); +- BN_free(p); +- BN_free(g); +- return NULL; +- } +- return dhp; ++ dhp = DH_new(); ++ if (dhp == NULL) ++ return NULL; ++ g = BN_new(); ++ if (g == NULL || !BN_set_word(g, 2)) { ++ DH_free(dhp); ++ BN_free(g); ++ return NULL; ++ } ++ if (dh_secbits >= 192) ++ p = BN_get_rfc3526_prime_8192(NULL); ++ else if (dh_secbits >= 152) ++ p = BN_get_rfc3526_prime_4096(NULL); ++ else if (dh_secbits >= 128) ++ p = BN_get_rfc3526_prime_3072(NULL); ++ else if (dh_secbits >= 112 || FIPS_mode()) ++ p = BN_get_rfc3526_prime_2048(NULL); ++ else ++ p = BN_get_rfc2409_prime_1024(NULL); ++ if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) { ++ DH_free(dhp); ++ BN_free(p); ++ BN_free(g); ++ return NULL; + } +- if (dh_secbits >= 112) +- return DH_get_2048_224(); +- return DH_get_1024_160(); ++ return dhp; + } + #endif + diff --git a/openssl-1.1.1-fips-drbg-selftest.patch b/openssl-1.1.1-fips-drbg-selftest.patch new file mode 100644 index 0000000..b800c06 --- /dev/null +++ b/openssl-1.1.1-fips-drbg-selftest.patch @@ -0,0 +1,587 @@ +diff -up openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest openssl-1.1.1g/crypto/fips/fips_post.c +--- openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest 2020-04-23 13:33:12.500624151 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-04-23 13:33:12.618621925 +0200 +@@ -67,12 +67,18 @@ + + # include + # include "crypto/fips.h" ++# include "crypto/rand.h" + # include "fips_locl.h" + + /* Run all selftests */ + int FIPS_selftest(void) + { + int rv = 1; ++ if (!rand_drbg_selftest()) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_TEST_FAILURE); ++ ERR_add_error_data(2, "Type=", "rand_drbg_selftest"); ++ rv = 0; ++ } + if (!FIPS_selftest_drbg()) + rv = 0; + if (!FIPS_selftest_sha1()) +diff -up openssl-1.1.1g/crypto/rand/build.info.drbg-selftest openssl-1.1.1g/crypto/rand/build.info +--- openssl-1.1.1g/crypto/rand/build.info.drbg-selftest 2020-04-23 13:33:12.619621907 +0200 ++++ openssl-1.1.1g/crypto/rand/build.info 2020-04-23 13:34:10.857523497 +0200 +@@ -1,6 +1,6 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ + randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \ +- rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c ++ rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c drbg_selftest.c + + INCLUDE[drbg_ctr.o]=../modes +diff -up openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1g/crypto/rand/drbg_selftest.c +--- openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest 2020-04-23 13:33:12.619621907 +0200 ++++ openssl-1.1.1g/crypto/rand/drbg_selftest.c 2020-04-23 13:33:12.619621907 +0200 +@@ -0,0 +1,537 @@ ++/* ++ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the OpenSSL license (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include "internal/nelem.h" ++#include ++#include ++#include ++#include ++#include "internal/thread_once.h" ++#include "crypto/rand.h" ++ ++typedef struct test_ctx_st { ++ const unsigned char *entropy; ++ size_t entropylen; ++ int entropycnt; ++ const unsigned char *nonce; ++ size_t noncelen; ++ int noncecnt; ++} TEST_CTX; ++ ++static int app_data_index = -1; ++static CRYPTO_ONCE get_index_once = CRYPTO_ONCE_STATIC_INIT; ++DEFINE_RUN_ONCE_STATIC(drbg_app_data_index_init) ++{ ++ app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL); ++ ++ return 1; ++} ++ ++enum drbg_kat_type { ++ NO_RESEED, ++ PR_FALSE, ++ PR_TRUE ++}; ++ ++enum drbg_df { ++ USE_DF, ++ NO_DF, ++ NA ++}; ++ ++struct drbg_kat_no_reseed { ++ size_t count; ++ const unsigned char *entropyin; ++ const unsigned char *nonce; ++ const unsigned char *persstr; ++ const unsigned char *addin1; ++ const unsigned char *addin2; ++ const unsigned char *retbytes; ++}; ++ ++struct drbg_kat_pr_false { ++ size_t count; ++ const unsigned char *entropyin; ++ const unsigned char *nonce; ++ const unsigned char *persstr; ++ const unsigned char *entropyinreseed; ++ const unsigned char *addinreseed; ++ const unsigned char *addin1; ++ const unsigned char *addin2; ++ const unsigned char *retbytes; ++}; ++ ++struct drbg_kat_pr_true { ++ size_t count; ++ const unsigned char *entropyin; ++ const unsigned char *nonce; ++ const unsigned char *persstr; ++ const unsigned char *entropyinpr1; ++ const unsigned char *addin1; ++ const unsigned char *entropyinpr2; ++ const unsigned char *addin2; ++ const unsigned char *retbytes; ++}; ++ ++struct drbg_kat { ++ enum drbg_kat_type type; ++ enum drbg_df df; ++ int nid; ++ ++ size_t entropyinlen; ++ size_t noncelen; ++ size_t persstrlen; ++ size_t addinlen; ++ size_t retbyteslen; ++ ++ const void *t; ++}; ++ ++/* ++ * Excerpt from test/drbg_cavs_data.c ++ * DRBG test vectors from: ++ * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/ ++ */ ++ ++static const unsigned char kat1308_entropyin[] = { ++ 0x7c, 0x5d, 0x90, 0x70, 0x3b, 0x8a, 0xc7, 0x0f, 0x23, 0x73, 0x24, 0x9c, ++ 0xa7, 0x15, 0x41, 0x71, 0x7a, 0x31, 0xea, 0x32, 0xfc, 0x28, 0x0d, 0xd7, ++ 0x5b, 0x09, 0x01, 0x98, 0x1b, 0xe2, 0xa5, 0x53, 0xd9, 0x05, 0x32, 0x97, ++ 0xec, 0xbe, 0x86, 0xfd, 0x1c, 0x1c, 0x71, 0x4c, 0x52, 0x29, 0x9e, 0x52, ++}; ++static const unsigned char kat1308_nonce[] = {0}; ++static const unsigned char kat1308_persstr[] = { ++ 0xdc, 0x07, 0x2f, 0x68, 0xfa, 0x77, 0x03, 0x23, 0x42, 0xb0, 0xf5, 0xa2, ++ 0xd9, 0xad, 0xa1, 0xd0, 0xad, 0xa2, 0x14, 0xb4, 0xd0, 0x8e, 0xfb, 0x39, ++ 0xdd, 0xc2, 0xac, 0xfb, 0x98, 0xdf, 0x7f, 0xce, 0x4c, 0x75, 0x56, 0x45, ++ 0xcd, 0x86, 0x93, 0x74, 0x90, 0x6e, 0xf6, 0x9e, 0x85, 0x7e, 0xfb, 0xc3, ++}; ++static const unsigned char kat1308_addin0[] = { ++ 0x52, 0x25, 0xc4, 0x2f, 0x03, 0xce, 0x29, 0x71, 0xc5, 0x0b, 0xc3, 0x4e, ++ 0xad, 0x8d, 0x6f, 0x17, 0x82, 0xe1, 0xf3, 0xfd, 0xfd, 0x9b, 0x94, 0x9a, ++ 0x1d, 0xac, 0xd0, 0xd4, 0x3f, 0x2b, 0xe3, 0xab, 0x7c, 0x3d, 0x3e, 0x5a, ++ 0x68, 0xbb, 0xa4, 0x74, 0x68, 0x1a, 0xc6, 0x27, 0xff, 0xe0, 0xc0, 0x6c, ++}; ++static const unsigned char kat1308_addin1[] = { ++ 0xdc, 0x91, 0xd7, 0xb7, 0xb9, 0x94, 0x79, 0x0f, 0x06, 0xc4, 0x70, 0x19, ++ 0x33, 0x25, 0x7c, 0x96, 0x01, 0xa0, 0x62, 0xb0, 0x50, 0xe6, 0xc0, 0x3a, ++ 0x56, 0x8f, 0xc5, 0x50, 0x48, 0xc6, 0xf4, 0x49, 0xe5, 0x70, 0x16, 0x2e, ++ 0xae, 0xf2, 0x99, 0xb4, 0x2d, 0x70, 0x18, 0x16, 0xcd, 0xe0, 0x24, 0xe4, ++}; ++static const unsigned char kat1308_retbits[] = { ++ 0xde, 0xf8, 0x91, 0x1b, 0xf1, 0xe1, 0xa9, 0x97, 0xd8, 0x61, 0x84, 0xe2, ++ 0xdb, 0x83, 0x3e, 0x60, 0x45, 0xcd, 0xc8, 0x66, 0x93, 0x28, 0xc8, 0x92, ++ 0xbc, 0x25, 0xae, 0xe8, 0xb0, 0xed, 0xed, 0x16, 0x3d, 0xa5, 0xf9, 0x0f, ++ 0xb3, 0x72, 0x08, 0x84, 0xac, 0x3c, 0x3b, 0xaa, 0x5f, 0xf9, 0x7d, 0x63, ++ 0x3e, 0xde, 0x59, 0x37, 0x0e, 0x40, 0x12, 0x2b, 0xbc, 0x6c, 0x96, 0x53, ++ 0x26, 0x32, 0xd0, 0xb8, ++}; ++static const struct drbg_kat_no_reseed kat1308_t = { ++ 2, kat1308_entropyin, kat1308_nonce, kat1308_persstr, ++ kat1308_addin0, kat1308_addin1, kat1308_retbits ++}; ++static const struct drbg_kat kat1308 = { ++ NO_RESEED, NO_DF, NID_aes_256_ctr, 48, 0, 48, 48, 64, &kat1308_t ++}; ++ ++static const unsigned char kat1465_entropyin[] = { ++ 0xc9, 0x96, 0x3a, 0x15, 0x51, 0x76, 0x4f, 0xe0, 0x45, 0x82, 0x8a, 0x64, ++ 0x87, 0xbe, 0xaa, 0xc0, ++}; ++static const unsigned char kat1465_nonce[] = { ++ 0x08, 0xcd, 0x69, 0x39, 0xf8, 0x58, 0x9a, 0x85, ++}; ++static const unsigned char kat1465_persstr[] = {0}; ++static const unsigned char kat1465_entropyinreseed[] = { ++ 0x16, 0xcc, 0x35, 0x15, 0xb1, 0x17, 0xf5, 0x33, 0x80, 0x9a, 0x80, 0xc5, ++ 0x1f, 0x4b, 0x7b, 0x51, ++}; ++static const unsigned char kat1465_addinreseed[] = { ++ 0xf5, 0x3d, 0xf1, 0x2e, 0xdb, 0x28, 0x1c, 0x00, 0x7b, 0xcb, 0xb6, 0x12, ++ 0x61, 0x9f, 0x26, 0x5f, ++}; ++static const unsigned char kat1465_addin0[] = { ++ 0xe2, 0x67, 0x06, 0x62, 0x09, 0xa7, 0xcf, 0xd6, 0x84, 0x8c, 0x20, 0xf6, ++ 0x10, 0x5a, 0x73, 0x9c, ++}; ++static const unsigned char kat1465_addin1[] = { ++ 0x26, 0xfa, 0x50, 0xe1, 0xb3, 0xcb, 0x65, 0xed, 0xbc, 0x6d, 0xda, 0x18, ++ 0x47, 0x99, 0x1f, 0xeb, ++}; ++static const unsigned char kat1465_retbits[] = { ++ 0xf9, 0x47, 0xc6, 0xb0, 0x58, 0xa8, 0x66, 0x8a, 0xf5, 0x2b, 0x2a, 0x6d, ++ 0x4e, 0x24, 0x6f, 0x65, 0xbf, 0x51, 0x22, 0xbf, 0xe8, 0x8d, 0x6c, 0xeb, ++ 0xf9, 0x68, 0x7f, 0xed, 0x3b, 0xdd, 0x6b, 0xd5, 0x28, 0x47, 0x56, 0x52, ++ 0xda, 0x50, 0xf0, 0x90, 0x73, 0x95, 0x06, 0x58, 0xaf, 0x08, 0x98, 0x6e, ++ 0x24, 0x18, 0xfd, 0x2f, 0x48, 0x72, 0x57, 0xd6, 0x59, 0xab, 0xe9, 0x41, ++ 0x58, 0xdb, 0x27, 0xba, ++}; ++static const struct drbg_kat_pr_false kat1465_t = { ++ 9, kat1465_entropyin, kat1465_nonce, kat1465_persstr, ++ kat1465_entropyinreseed, kat1465_addinreseed, kat1465_addin0, ++ kat1465_addin1, kat1465_retbits ++}; ++static const struct drbg_kat kat1465 = { ++ PR_FALSE, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat1465_t ++}; ++ ++static const unsigned char kat3146_entropyin[] = { ++ 0xd7, 0x08, 0x42, 0x82, 0xc2, 0xd2, 0xd1, 0xde, 0x01, 0xb4, 0x36, 0xb3, ++ 0x7f, 0xbd, 0xd3, 0xdd, 0xb3, 0xc4, 0x31, 0x4f, 0x8f, 0xa7, 0x10, 0xf4, ++}; ++static const unsigned char kat3146_nonce[] = { ++ 0x7b, 0x9e, 0xcd, 0x49, 0x4f, 0x46, 0xa0, 0x08, 0x32, 0xff, 0x2e, 0xc3, ++ 0x50, 0x86, 0xca, 0xca, ++}; ++static const unsigned char kat3146_persstr[] = {0}; ++static const unsigned char kat3146_entropyinpr1[] = { ++ 0x68, 0xd0, 0x7b, 0xa4, 0xe7, 0x22, 0x19, 0xe6, 0xb6, 0x46, 0x6a, 0xda, ++ 0x8e, 0x67, 0xea, 0x63, 0x3f, 0xaf, 0x2f, 0x6c, 0x9d, 0x5e, 0x48, 0x15, ++}; ++static const unsigned char kat3146_addinpr1[] = { ++ 0x70, 0x0f, 0x54, 0xf4, 0x53, 0xde, 0xca, 0x61, 0x5c, 0x49, 0x51, 0xd1, ++ 0x41, 0xc4, 0xf1, 0x2f, 0x65, 0xfb, 0x7e, 0xbc, 0x9b, 0x14, 0xba, 0x90, ++ 0x05, 0x33, 0x7e, 0x64, 0xb7, 0x2b, 0xaf, 0x99, ++}; ++static const unsigned char kat3146_entropyinpr2[] = { ++ 0xeb, 0x77, 0xb0, 0xe9, 0x2d, 0x31, 0xc8, 0x66, 0xc5, 0xc4, 0xa7, 0xf7, ++ 0x6c, 0xb2, 0x74, 0x36, 0x4b, 0x25, 0x78, 0x04, 0xd8, 0xd7, 0xd2, 0x34, ++}; ++static const unsigned char kat3146_addinpr2[] = { ++ 0x05, 0xcd, 0x2a, 0x97, 0x5a, 0x5d, 0xfb, 0x98, 0xc1, 0xf1, 0x00, 0x0c, ++ 0xed, 0xe6, 0x2a, 0xba, 0xf0, 0x89, 0x1f, 0x5a, 0x4f, 0xd7, 0x48, 0xb3, ++ 0x24, 0xc0, 0x8a, 0x3d, 0x60, 0x59, 0x5d, 0xb6, ++}; ++static const unsigned char kat3146_retbits[] = { ++ 0x29, 0x94, 0xa4, 0xa8, 0x17, 0x3e, 0x62, 0x2f, 0x94, 0xdd, 0x40, 0x1f, ++ 0xe3, 0x7e, 0x77, 0xd4, 0x38, 0xbc, 0x0e, 0x49, 0x46, 0xf6, 0x0e, 0x28, ++ 0x91, 0xc6, 0x9c, 0xc4, 0xa6, 0xa1, 0xf8, 0x9a, 0x64, 0x5e, 0x99, 0x76, ++ 0xd0, 0x2d, 0xee, 0xde, 0xe1, 0x2c, 0x93, 0x29, 0x4b, 0x12, 0xcf, 0x87, ++ 0x03, 0x98, 0xb9, 0x74, 0x41, 0xdb, 0x3a, 0x49, 0x9f, 0x92, 0xd0, 0x45, ++ 0xd4, 0x30, 0x73, 0xbb, ++}; ++static const struct drbg_kat_pr_true kat3146_t = { ++ 10, kat3146_entropyin, kat3146_nonce, kat3146_persstr, ++ kat3146_entropyinpr1, kat3146_addinpr1, kat3146_entropyinpr2, ++ kat3146_addinpr2, kat3146_retbits ++}; ++static const struct drbg_kat kat3146 = { ++ PR_TRUE, USE_DF, NID_aes_192_ctr, 24, 16, 0, 32, 64, &kat3146_t ++}; ++ ++static const struct drbg_kat *drbg_test[] = { &kat1308, &kat1465, &kat3146 }; ++ ++static const size_t drbg_test_nelem = OSSL_NELEM(drbg_test); ++ ++static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len, ++ int prediction_resistance) ++{ ++ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index); ++ ++ t->entropycnt++; ++ *pout = (unsigned char *)t->entropy; ++ return t->entropylen; ++} ++ ++static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len) ++{ ++ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index); ++ ++ t->noncecnt++; ++ *pout = (unsigned char *)t->nonce; ++ return t->noncelen; ++} ++ ++/* ++ * Do a single NO_RESEED KAT: ++ * ++ * Instantiate ++ * Generate Random Bits (pr=false) ++ * Generate Random Bits (pr=false) ++ * Uninstantiate ++ * ++ * Return 0 on failure. ++ */ ++static int single_kat_no_reseed(const struct drbg_kat *td) ++{ ++ struct drbg_kat_no_reseed *data = (struct drbg_kat_no_reseed *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned char *buff = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.entropy = data->entropyin; ++ t.entropylen = td->entropyinlen; ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ buff = OPENSSL_malloc(td->retbyteslen); ++ if (buff == NULL) { ++ failures++; ++ goto err; ++ } ++ ++ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin1, td->addinlen) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin2, td->addinlen) ++ || memcmp(data->retbytes, buff, ++ td->retbyteslen) != 0) ++ failures++; ++ ++err: ++ OPENSSL_free(buff); ++ RAND_DRBG_uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++/*- ++ * Do a single PR_FALSE KAT: ++ * ++ * Instantiate ++ * Reseed ++ * Generate Random Bits (pr=false) ++ * Generate Random Bits (pr=false) ++ * Uninstantiate ++ * ++ * Return 0 on failure. ++ */ ++static int single_kat_pr_false(const struct drbg_kat *td) ++{ ++ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned char *buff = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.entropy = data->entropyin; ++ t.entropylen = td->entropyinlen; ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ buff = OPENSSL_malloc(td->retbyteslen); ++ if (buff == NULL) { ++ failures++; ++ goto err; ++ } ++ ++ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) ++ failures++; ++ ++ t.entropy = data->entropyinreseed; ++ t.entropylen = td->entropyinlen; ++ ++ if (!RAND_DRBG_reseed(drbg, data->addinreseed, td->addinlen, 0) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin1, td->addinlen) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin2, td->addinlen) ++ || memcmp(data->retbytes, buff, ++ td->retbyteslen) != 0) ++ failures++; ++ ++err: ++ OPENSSL_free(buff); ++ RAND_DRBG_uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++/*- ++ * Do a single PR_TRUE KAT: ++ * ++ * Instantiate ++ * Generate Random Bits (pr=true) ++ * Generate Random Bits (pr=true) ++ * Uninstantiate ++ * ++ * Return 0 on failure. ++ */ ++static int single_kat_pr_true(const struct drbg_kat *td) ++{ ++ struct drbg_kat_pr_true *data = (struct drbg_kat_pr_true *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned char *buff = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ t.entropy = data->entropyin; ++ t.entropylen = td->entropyinlen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ buff = OPENSSL_malloc(td->retbyteslen); ++ if (buff == NULL) { ++ failures++; ++ goto err; ++ } ++ ++ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) ++ failures++; ++ ++ t.entropy = data->entropyinpr1; ++ t.entropylen = td->entropyinlen; ++ ++ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1, ++ data->addin1, td->addinlen)) ++ failures++; ++ ++ t.entropy = data->entropyinpr2; ++ t.entropylen = td->entropyinlen; ++ ++ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1, ++ data->addin2, td->addinlen) ++ || memcmp(data->retbytes, buff, ++ td->retbyteslen) != 0) ++ failures++; ++ ++err: ++ OPENSSL_free(buff); ++ RAND_DRBG_uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++static int test_kats(int i) ++{ ++ const struct drbg_kat *td = drbg_test[i]; ++ int rv = 0; ++ ++ switch (td->type) { ++ case NO_RESEED: ++ if (!single_kat_no_reseed(td)) ++ goto err; ++ break; ++ case PR_FALSE: ++ if (!single_kat_pr_false(td)) ++ goto err; ++ break; ++ case PR_TRUE: ++ if (!single_kat_pr_true(td)) ++ goto err; ++ break; ++ default: /* cant happen */ ++ goto err; ++ } ++ rv = 1; ++err: ++ return rv; ++} ++ ++/*- ++ * Do one expected-error test: ++ * ++ * Instantiate with no entropy supplied ++ * ++ * Return 0 on failure. ++ */ ++static int test_drbg_sanity(const struct drbg_kat *td) ++{ ++ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.entropy = data->entropyin; ++ t.entropylen = 0; /* No entropy */ ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ ERR_set_mark(); ++ /* This must fail. */ ++ if (RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) ++ failures++; ++ RAND_DRBG_uninstantiate(drbg); ++ ERR_pop_to_mark(); ++ ++err: ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++ ++int rand_drbg_selftest(void) ++{ ++ int i; ++ ++ if (!RUN_ONCE(&get_index_once, drbg_app_data_index_init)) ++ return 0; ++ ++ for (i = 0; i < drbg_test_nelem; i++) { ++ if (test_kats(i) <= 0) ++ return 0; ++ } ++ ++ if (test_drbg_sanity(&kat1465) <= 0) ++ return 0; ++ ++ return 1; ++} +diff -up openssl-1.1.1g/include/crypto/rand.h.drbg-selftest openssl-1.1.1g/include/crypto/rand.h +--- openssl-1.1.1g/include/crypto/rand.h.drbg-selftest 2020-04-23 13:33:12.587622510 +0200 ++++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:33:12.619621907 +0200 +@@ -140,4 +140,9 @@ void rand_pool_cleanup(void); + */ + void rand_pool_keep_random_devices_open(int keep); + ++/* ++ * Perform the DRBG KAT selftests ++ */ ++int rand_drbg_selftest(void); ++ + #endif diff --git a/openssl-1.1.1-fips-post-rand.patch b/openssl-1.1.1-fips-post-rand.patch new file mode 100644 index 0000000..18a01fe --- /dev/null +++ b/openssl-1.1.1-fips-post-rand.patch @@ -0,0 +1,189 @@ +diff -up openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand openssl-1.1.1e/crypto/fips/fips.c +--- openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand 2020-03-17 18:06:16.822418854 +0100 ++++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 18:06:16.861418172 +0100 +@@ -68,6 +68,7 @@ + + # include + # include "internal/thread_once.h" ++# include "crypto/rand.h" + + # ifndef PATH_MAX + # define PATH_MAX 1024 +@@ -76,6 +77,7 @@ + static int fips_selftest_fail = 0; + static int fips_mode = 0; + static int fips_started = 0; ++static int fips_post = 0; + + static int fips_is_owning_thread(void); + static int fips_set_owning_thread(void); +@@ -158,6 +160,11 @@ void fips_set_selftest_fail(void) + fips_selftest_fail = 1; + } + ++int fips_in_post(void) ++{ ++ return fips_post; ++} ++ + /* we implement what libfipscheck does ourselves */ + + static int +@@ -445,6 +452,8 @@ int FIPS_module_mode_set(int onoff) + } + # endif + ++ fips_post = 1; ++ + if (!FIPS_selftest()) { + fips_selftest_fail = 1; + ret = 0; +@@ -459,7 +468,12 @@ int FIPS_module_mode_set(int onoff) + goto end; + } + ++ fips_post = 0; ++ + fips_set_mode(onoff); ++ /* force RNG reseed with entropy from getrandom() on next call */ ++ rand_force_reseed(); ++ + ret = 1; + goto end; + } +diff -up openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1e/crypto/rand/drbg_lib.c +--- openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/drbg_lib.c 2020-03-17 18:07:35.305045521 +0100 +@@ -1009,6 +1009,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg + return min_entropy > min_entropylen ? min_entropy : min_entropylen; + } + ++void rand_force_reseed(void) ++{ ++ RAND_DRBG *drbg; ++ ++ drbg = RAND_DRBG_get0_master(); ++ drbg->fork_id = 0; ++ ++ drbg = RAND_DRBG_get0_private(); ++ drbg->fork_id = 0; ++ ++ drbg = RAND_DRBG_get0_public(); ++ drbg->fork_id = 0; ++} ++ + /* Implements the default OpenSSL RAND_add() method */ + static int drbg_add(const void *buf, int num, double randomness) + { +diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/crypto/rand/rand_unix.c +--- openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/rand_unix.c 2020-03-17 18:09:01.503537189 +0100 +@@ -17,10 +17,12 @@ + #include + #include "rand_local.h" + #include "crypto/rand.h" ++#include "crypto/fips.h" + #include + #include "internal/dso.h" + #ifdef __linux + # include ++# include + # ifdef DEVRANDOM_WAIT + # include + # include +@@ -342,7 +344,7 @@ static ssize_t sysctl_random(char *buf, + * syscall_random(): Try to get random data using a system call + * returns the number of bytes returned in buf, or < 0 on error. + */ +-static ssize_t syscall_random(void *buf, size_t buflen) ++static ssize_t syscall_random(void *buf, size_t buflen, int nonblock) + { + /* + * Note: 'buflen' equals the size of the buffer which is used by the +@@ -364,6 +366,7 @@ static ssize_t syscall_random(void *buf, + * - Linux since 3.17 with glibc 2.25 + * - FreeBSD since 12.0 (1200061) + */ ++# if 0 + # if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux) + extern int getentropy(void *buffer, size_t length) __attribute__((weak)); + +@@ -385,10 +388,10 @@ static ssize_t syscall_random(void *buf, + if (p_getentropy.p != NULL) + return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1; + # endif +- ++# endif + /* Linux supports this since version 3.17 */ +-# if defined(__linux) && defined(__NR_getrandom) +- return syscall(__NR_getrandom, buf, buflen, 0); ++# if defined(__linux) && defined(SYS_getrandom) ++ return syscall(SYS_getrandom, buf, buflen, nonblock?GRND_NONBLOCK:0); + # elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) + return sysctl_random(buf, buflen); + # else +@@ -623,6 +626,9 @@ size_t rand_pool_acquire_entropy(RAND_PO + size_t entropy_available; + + # if defined(OPENSSL_RAND_SEED_GETRANDOM) ++ int in_post; ++ ++ for (in_post = fips_in_post(); in_post >= 0; --in_post) { + { + size_t bytes_needed; + unsigned char *buffer; +@@ -633,7 +639,7 @@ size_t rand_pool_acquire_entropy(RAND_PO + bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); + while (bytes_needed != 0 && attempts-- > 0) { + buffer = rand_pool_add_begin(pool, bytes_needed); +- bytes = syscall_random(buffer, bytes_needed); ++ bytes = syscall_random(buffer, bytes_needed, in_post); + if (bytes > 0) { + rand_pool_add_end(pool, bytes, 8 * bytes); + bytes_needed -= bytes; +@@ -668,8 +674,10 @@ size_t rand_pool_acquire_entropy(RAND_PO + int attempts = 3; + const int fd = get_random_device(i); + +- if (fd == -1) ++ if (fd == -1) { ++ OPENSSL_showfatal("Random device %s cannot be opened.\n", random_device_paths[i]); + continue; ++ } + + while (bytes_needed != 0 && attempts-- > 0) { + buffer = rand_pool_add_begin(pool, bytes_needed); +@@ -732,7 +740,9 @@ size_t rand_pool_acquire_entropy(RAND_PO + return entropy_available; + } + # endif +- ++# ifdef OPENSSL_RAND_SEED_GETRANDOM ++ } ++# endif + return rand_pool_entropy_available(pool); + # endif + } +diff -up openssl-1.1.1e/include/crypto/fips.h.fips-post-rand openssl-1.1.1e/include/crypto/fips.h +--- openssl-1.1.1e/include/crypto/fips.h.fips-post-rand 2020-03-17 18:06:16.831418696 +0100 ++++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 18:06:16.861418172 +0100 +@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void); + int FIPS_selftest_drbg(void); + int FIPS_selftest_cmac(void); + ++int fips_in_post(void); ++ + int fips_pkey_signature_test(EVP_PKEY *pkey, + const unsigned char *tbs, int tbslen, + const unsigned char *kat, +diff -up openssl-1.1.1e/include/crypto/rand.h.fips-post-rand openssl-1.1.1e/include/crypto/rand.h +--- openssl-1.1.1e/include/crypto/rand.h.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/crypto/rand.h 2020-03-17 18:07:35.303045555 +0100 +@@ -24,6 +24,7 @@ + typedef struct rand_pool_st RAND_POOL; + + void rand_cleanup_int(void); ++void rand_force_reseed(void); + void rand_drbg_cleanup_int(void); + void drbg_delete_thread_state(void); + diff --git a/openssl-1.1.1-fips.patch b/openssl-1.1.1-fips.patch new file mode 100644 index 0000000..ad295a4 --- /dev/null +++ b/openssl-1.1.1-fips.patch @@ -0,0 +1,11655 @@ +diff -up openssl-1.1.1g/apps/pkcs12.c.fips openssl-1.1.1g/apps/pkcs12.c +--- openssl-1.1.1g/apps/pkcs12.c.fips 2020-04-23 13:26:06.975649817 +0200 ++++ openssl-1.1.1g/apps/pkcs12.c 2020-04-23 13:28:27.689995889 +0200 +@@ -123,7 +123,7 @@ int pkcs12_main(int argc, char **argv) + int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0; + int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER; + #ifndef OPENSSL_NO_RC2 +- int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; ++ int cert_pbe = FIPS_mode() ? NID_pbe_WithSHA1And3_Key_TripleDES_CBC : NID_pbe_WithSHA1And40BitRC2_CBC; + #else + int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; + #endif +diff -up openssl-1.1.1e/apps/speed.c.fips openssl-1.1.1e/apps/speed.c +--- openssl-1.1.1e/apps/speed.c.fips 2020-03-17 17:30:51.997567897 +0100 ++++ openssl-1.1.1e/apps/speed.c 2020-03-17 17:30:52.021567479 +0100 +@@ -1593,7 +1593,8 @@ int speed_main(int argc, char **argv) + continue; + if (strcmp(*argv, "rsa") == 0) { + for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++) +- rsa_doit[loop] = 1; ++ if (!FIPS_mode() || loop != R_RSA_512) ++ rsa_doit[loop] = 1; + continue; + } + if (found(*argv, rsa_choices, &i)) { +@@ -1603,7 +1604,9 @@ int speed_main(int argc, char **argv) + #endif + #ifndef OPENSSL_NO_DSA + if (strcmp(*argv, "dsa") == 0) { +- dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] = ++ if (!FIPS_mode()) ++ dsa_doit[R_DSA_512] = 1; ++ dsa_doit[R_DSA_1024] = + dsa_doit[R_DSA_2048] = 1; + continue; + } +@@ -1634,19 +1637,21 @@ int speed_main(int argc, char **argv) + } + if (strcmp(*argv, "ecdh") == 0) { + for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++) +- ecdh_doit[loop] = 1; ++ if(!FIPS_mode() || (loop != R_EC_X25519 && loop != R_EC_X448)) ++ ecdh_doit[loop] = 1; + continue; + } + if (found(*argv, ecdh_choices, &i)) { +- ecdh_doit[i] = 2; ++ if(!FIPS_mode() || (i != R_EC_X25519 && i != R_EC_X448)) ++ ecdh_doit[i] = 2; + continue; + } +- if (strcmp(*argv, "eddsa") == 0) { ++ if (!FIPS_mode() && strcmp(*argv, "eddsa") == 0) { + for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++) + eddsa_doit[loop] = 1; + continue; + } +- if (found(*argv, eddsa_choices, &i)) { ++ if (!FIPS_mode() && found(*argv, eddsa_choices, &i)) { + eddsa_doit[i] = 2; + continue; + } +@@ -1735,23 +1740,31 @@ int speed_main(int argc, char **argv) + /* No parameters; turn on everything. */ + if ((argc == 0) && !doit[D_EVP]) { + for (i = 0; i < ALGOR_NUM; i++) +- if (i != D_EVP) ++ if (i != D_EVP && ++ (!FIPS_mode() || (i != D_WHIRLPOOL && ++ i != D_MD2 && i != D_MD4 && ++ i != D_MD5 && i != D_MDC2 && ++ i != D_RMD160))) + doit[i] = 1; + #ifndef OPENSSL_NO_RSA + for (i = 0; i < RSA_NUM; i++) +- rsa_doit[i] = 1; ++ if (!FIPS_mode() || i != R_RSA_512) ++ rsa_doit[i] = 1; + #endif + #ifndef OPENSSL_NO_DSA + for (i = 0; i < DSA_NUM; i++) +- dsa_doit[i] = 1; ++ if (!FIPS_mode() || i != R_DSA_512) ++ dsa_doit[i] = 1; + #endif + #ifndef OPENSSL_NO_EC + for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++) + ecdsa_doit[loop] = 1; + for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++) +- ecdh_doit[loop] = 1; +- for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++) +- eddsa_doit[loop] = 1; ++ if(!FIPS_mode() || (loop != R_EC_X25519 && loop != R_EC_X448)) ++ ecdh_doit[loop] = 1; ++ if (!FIPS_mode()) ++ for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++) ++ eddsa_doit[loop] = 1; + #endif + } + for (i = 0; i < ALGOR_NUM; i++) +@@ -1799,30 +1812,46 @@ int speed_main(int argc, char **argv) + AES_set_encrypt_key(key24, 192, &aes_ks2); + AES_set_encrypt_key(key32, 256, &aes_ks3); + #ifndef OPENSSL_NO_CAMELLIA +- Camellia_set_key(key16, 128, &camellia_ks1); +- Camellia_set_key(ckey24, 192, &camellia_ks2); +- Camellia_set_key(ckey32, 256, &camellia_ks3); ++ if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) { ++ Camellia_set_key(key16, 128, &camellia_ks1); ++ Camellia_set_key(ckey24, 192, &camellia_ks2); ++ Camellia_set_key(ckey32, 256, &camellia_ks3); ++ } + #endif + #ifndef OPENSSL_NO_IDEA +- IDEA_set_encrypt_key(key16, &idea_ks); ++ if (doit[D_CBC_IDEA]) { ++ IDEA_set_encrypt_key(key16, &idea_ks); ++ } + #endif + #ifndef OPENSSL_NO_SEED +- SEED_set_key(key16, &seed_ks); ++ if (doit[D_CBC_SEED]) { ++ SEED_set_key(key16, &seed_ks); ++ } + #endif + #ifndef OPENSSL_NO_RC4 +- RC4_set_key(&rc4_ks, 16, key16); ++ if (doit[D_RC4]) { ++ RC4_set_key(&rc4_ks, 16, key16); ++ } + #endif + #ifndef OPENSSL_NO_RC2 +- RC2_set_key(&rc2_ks, 16, key16, 128); ++ if (doit[D_CBC_RC2]) { ++ RC2_set_key(&rc2_ks, 16, key16, 128); ++ } + #endif + #ifndef OPENSSL_NO_RC5 +- RC5_32_set_key(&rc5_ks, 16, key16, 12); ++ if (doit[D_CBC_RC5]) { ++ RC5_32_set_key(&rc5_ks, 16, key16, 12); ++ } + #endif + #ifndef OPENSSL_NO_BF +- BF_set_key(&bf_ks, 16, key16); ++ if (doit[D_CBC_BF]) { ++ BF_set_key(&bf_ks, 16, key16); ++ } + #endif + #ifndef OPENSSL_NO_CAST +- CAST_set_key(&cast_ks, 16, key16); ++ if (doit[D_CBC_CAST]) { ++ CAST_set_key(&cast_ks, 16, key16); ++ } + #endif + #ifndef SIGALRM + # ifndef OPENSSL_NO_DES +@@ -2120,6 +2149,7 @@ int speed_main(int argc, char **argv) + + for (i = 0; i < loopargs_len; i++) { + loopargs[i].hctx = HMAC_CTX_new(); ++ HMAC_CTX_set_flags(loopargs[i].hctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + if (loopargs[i].hctx == NULL) { + BIO_printf(bio_err, "HMAC malloc failure, exiting..."); + exit(1); +diff -up openssl-1.1.1e/Configure.fips openssl-1.1.1e/Configure +--- openssl-1.1.1e/Configure.fips 2020-03-17 17:30:52.015567584 +0100 ++++ openssl-1.1.1e/Configure 2020-03-17 17:30:52.022567462 +0100 +@@ -319,7 +319,7 @@ $config{sdirs} = [ + "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2", "siphash", "sm3", + "des", "aes", "rc2", "rc4", "rc5", "idea", "aria", "bf", "cast", "camellia", "seed", "sm4", "chacha", "modes", + "bn", "ec", "rsa", "dsa", "dh", "sm2", "dso", "engine", +- "buffer", "bio", "stack", "lhash", "rand", "err", ++ "buffer", "bio", "stack", "lhash", "rand", "err", "fips", + "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", + "cms", "ts", "srp", "cmac", "ct", "async", "kdf", "store" + ]; +diff -up openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1e/crypto/cmac/cm_pmeth.c +--- openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/cmac/cm_pmeth.c 2020-03-17 17:30:52.022567462 +0100 +@@ -129,7 +129,7 @@ static int pkey_cmac_ctrl_str(EVP_PKEY_C + + const EVP_PKEY_METHOD cmac_pkey_meth = { + EVP_PKEY_CMAC, +- EVP_PKEY_FLAG_SIGCTX_CUSTOM, ++ EVP_PKEY_FLAG_SIGCTX_CUSTOM | EVP_PKEY_FLAG_FIPS, + pkey_cmac_init, + pkey_cmac_copy, + pkey_cmac_cleanup, +diff -up openssl-1.1.1e/crypto/dh/dh_err.c.fips openssl-1.1.1e/crypto/dh/dh_err.c +--- openssl-1.1.1e/crypto/dh/dh_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_err.c 2020-03-17 17:30:52.022567462 +0100 +@@ -25,6 +25,9 @@ static const ERR_STRING_DATA DH_str_func + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_PEERKEY, 0), "dh_cms_set_peerkey"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_SHARED_INFO, 0), + "dh_cms_set_shared_info"}, ++ {ERR_PACK(ERR_LIB_DH, DH_F_DH_COMPUTE_KEY, 0), "DH_compute_key"}, ++ {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_KEY, 0), "DH_generate_key"}, ++ {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_PARAMETERS_EX, 0), "DH_generate_parameters_ex"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_DUP, 0), "DH_meth_dup"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_NEW, 0), "DH_meth_new"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_SET1_NAME, 0), "DH_meth_set1_name"}, +@@ -72,12 +75,14 @@ static const ERR_STRING_DATA DH_str_reas + {ERR_PACK(ERR_LIB_DH, 0, DH_R_INVALID_PUBKEY), "invalid public key"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_KEYS_NOT_SET), "keys not set"}, ++ {ERR_PACK(ERR_LIB_DH, 0, DH_R_KEY_SIZE_TOO_SMALL), "key size too small"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_MISSING_PUBKEY), "missing pubkey"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_MODULUS_TOO_LARGE), "modulus too large"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_NOT_SUITABLE_GENERATOR), + "not suitable generator"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PARAMETERS_SET), "no parameters set"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PRIVATE_VALUE), "no private value"}, ++ {ERR_PACK(ERR_LIB_DH, 0, DH_R_NON_FIPS_METHOD), "non FIPS method"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR), + "parameter encoding error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"}, +diff -up openssl-1.1.1e/crypto/dh/dh_gen.c.fips openssl-1.1.1e/crypto/dh/dh_gen.c +--- openssl-1.1.1e/crypto/dh/dh_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_gen.c 2020-03-17 18:03:31.005320382 +0100 +@@ -16,6 +16,9 @@ + #include "internal/cryptlib.h" + #include + #include "dh_local.h" ++#ifdef OPENSSL_FIPS ++# include ++#endif + + static int dh_builtin_genparams(DH *ret, int prime_len, int generator, + BN_GENCB *cb); +@@ -23,6 +26,13 @@ static int dh_builtin_genparams(DH *ret, + int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, + BN_GENCB *cb) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD) ++ && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) { ++ DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD); ++ return 0; ++ } ++#endif + if (ret->meth->generate_params) + return ret->meth->generate_params(ret, prime_len, generator, cb); + return dh_builtin_genparams(ret, prime_len, generator, cb); +@@ -65,6 +75,18 @@ static int dh_builtin_genparams(DH *ret, + int g, ok = -1; + BN_CTX *ctx = NULL; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_DH_BUILTIN_GENPARAMS, FIPS_R_FIPS_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN)) { ++ DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL); ++ goto err; ++ } ++#endif ++ + ctx = BN_CTX_new(); + if (ctx == NULL) + goto err; +diff -up openssl-1.1.1e/crypto/dh/dh_key.c.fips openssl-1.1.1e/crypto/dh/dh_key.c +--- openssl-1.1.1e/crypto/dh/dh_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_key.c 2020-03-17 18:03:52.706940641 +0100 +@@ -11,6 +11,9 @@ + #include "internal/cryptlib.h" + #include "dh_local.h" + #include "crypto/bn.h" ++#ifdef OPENSSL_FIPS ++# include ++#endif + + static int generate_key(DH *dh); + static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); +@@ -22,18 +25,32 @@ static int dh_finish(DH *dh); + + int DH_generate_key(DH *dh) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) ++ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) { ++ DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD); ++ return 0; ++ } ++#endif + return dh->meth->generate_key(dh); + } + + int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) ++ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) { ++ DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD); ++ return 0; ++ } ++#endif + return dh->meth->compute_key(key, pub_key, dh); + } + + int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh) + { + int rv, pad; +- rv = dh->meth->compute_key(key, pub_key, dh); ++ rv = DH_compute_key(key, pub_key, dh); + if (rv <= 0) + return rv; + pad = BN_num_bytes(dh->p) - rv; +@@ -82,6 +99,14 @@ static int generate_key(DH *dh) + BN_MONT_CTX *mont = NULL; + BIGNUM *pub_key = NULL, *priv_key = NULL; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() ++ && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) { ++ DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL); ++ return 0; ++ } ++#endif ++ + if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { + DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE); + return 0; +@@ -179,6 +204,13 @@ static int compute_key(unsigned char *ke + DHerr(DH_F_COMPUTE_KEY, DH_R_MODULUS_TOO_LARGE); + goto err; + } ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() ++ && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) { ++ DHerr(DH_F_COMPUTE_KEY, DH_R_KEY_SIZE_TOO_SMALL); ++ goto err; ++ } ++#endif + + ctx = BN_CTX_new(); + if (ctx == NULL) +@@ -228,6 +260,9 @@ static int dh_bn_mod_exp(const DH *dh, B + + static int dh_init(DH *dh) + { ++#ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++#endif + dh->flags |= DH_FLAG_CACHE_MONT_P; + return 1; + } +diff -up openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips openssl-1.1.1e/crypto/dh/dh_pmeth.c +--- openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_pmeth.c 2020-03-17 17:30:52.023567444 +0100 +@@ -480,7 +480,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX * + + const EVP_PKEY_METHOD dh_pkey_meth = { + EVP_PKEY_DH, +- 0, ++ EVP_PKEY_FLAG_FIPS, + pkey_dh_init, + pkey_dh_copy, + pkey_dh_cleanup, +@@ -514,7 +514,7 @@ const EVP_PKEY_METHOD dh_pkey_meth = { + + const EVP_PKEY_METHOD dhx_pkey_meth = { + EVP_PKEY_DHX, +- 0, ++ EVP_PKEY_FLAG_FIPS, + pkey_dh_init, + pkey_dh_copy, + pkey_dh_cleanup, +diff -up openssl-1.1.1e/crypto/dsa/dsa_err.c.fips openssl-1.1.1e/crypto/dsa/dsa_err.c +--- openssl-1.1.1e/crypto/dsa/dsa_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_err.c 2020-03-17 17:30:52.023567444 +0100 +@@ -16,12 +16,15 @@ + static const ERR_STRING_DATA DSA_str_functs[] = { + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT, 0), "DSAparams_print"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT_FP, 0), "DSAparams_print_fp"}, ++ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_KEYGEN, 0), "dsa_builtin_keygen"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_PARAMGEN, 0), + "dsa_builtin_paramgen"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_PARAMGEN2, 0), + "dsa_builtin_paramgen2"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_SIGN, 0), "DSA_do_sign"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_VERIFY, 0), "DSA_do_verify"}, ++ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_KEY, 0), "DSA_generate_key"}, ++ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_PARAMETERS_EX, 0), "DSA_generate_parameters_ex"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_DUP, 0), "DSA_meth_dup"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_NEW, 0), "DSA_meth_new"}, + {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_SET1_NAME, 0), "DSA_meth_set1_name"}, +@@ -51,11 +54,14 @@ static const ERR_STRING_DATA DSA_str_rea + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_INVALID_DIGEST_TYPE), + "invalid digest type"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_INVALID_PARAMETERS), "invalid parameters"}, ++ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_KEY_SIZE_INVALID), "key size invalid"}, ++ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_KEY_SIZE_TOO_SMALL), "key size too small"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PARAMETERS), "missing parameters"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PRIVATE_KEY), + "missing private key"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MODULUS_TOO_LARGE), "modulus too large"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NO_PARAMETERS_SET), "no parameters set"}, ++ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NON_FIPS_DSA_METHOD), "non FIPS DSA method"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_PARAMETER_ENCODING_ERROR), + "parameter encoding error"}, + {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_Q_NOT_PRIME), "q not prime"}, +diff -up openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips openssl-1.1.1e/crypto/dsa/dsa_gen.c +--- openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_gen.c 2020-03-17 18:02:14.626656877 +0100 +@@ -22,12 +22,22 @@ + #include + #include + #include "dsa_local.h" ++#ifdef OPENSSL_FIPS ++# include ++#endif + + int DSA_generate_parameters_ex(DSA *ret, int bits, + const unsigned char *seed_in, int seed_len, + int *counter_ret, unsigned long *h_ret, + BN_GENCB *cb) + { ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD) ++ && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW)) { ++ DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD); ++ return 0; ++ } ++# endif + if (ret->meth->dsa_paramgen) + return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, + counter_ret, h_ret, cb); +@@ -35,9 +45,15 @@ int DSA_generate_parameters_ex(DSA *ret, + const EVP_MD *evpmd = bits >= 2048 ? EVP_sha256() : EVP_sha1(); + size_t qbits = EVP_MD_size(evpmd) * 8; + ++# ifdef OPENSSL_FIPS ++ return dsa_builtin_paramgen2(ret, bits, qbits, evpmd, ++ seed_in, seed_len, -1, NULL, counter_ret, ++ h_ret, cb); ++# else + return dsa_builtin_paramgen(ret, bits, qbits, evpmd, + seed_in, seed_len, NULL, counter_ret, + h_ret, cb); ++# endif + } + } + +@@ -309,7 +325,7 @@ int dsa_builtin_paramgen2(DSA *ret, size + int *counter_ret, unsigned long *h_ret, + BN_GENCB *cb) + { +- int ok = -1; ++ int ok = 0; + unsigned char *seed = NULL, *seed_tmp = NULL; + unsigned char md[EVP_MAX_MD_SIZE]; + int mdsize; +@@ -332,6 +348,20 @@ int dsa_builtin_paramgen2(DSA *ret, size + goto err; + } + ++# ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_DSA_BUILTIN_PARAMGEN2, FIPS_R_FIPS_SELFTEST_FAILED); ++ goto err; ++ } ++ ++ if (FIPS_mode() && ++ (L != 2048 || N != 224) && (L != 2048 || N != 256) && ++ (L != 3072 || N != 256)) { ++ DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_KEY_SIZE_INVALID); ++ goto err; ++ } ++# endif ++ + if (evpmd == NULL) { + if (N == 160) + evpmd = EVP_sha1(); +@@ -432,9 +462,10 @@ int dsa_builtin_paramgen2(DSA *ret, size + goto err; + /* Provided seed didn't produce a prime: error */ + if (seed_in) { +- ok = 0; +- DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_Q_NOT_PRIME); +- goto err; ++ /* Different seed_out will indicate that seed_in ++ * did not generate primes. ++ */ ++ seed_in = NULL; + } + + /* do a callback call */ +@@ -520,11 +551,14 @@ int dsa_builtin_paramgen2(DSA *ret, size + if (counter >= (int)(4 * L)) + break; + } ++#if 0 ++ /* Cannot happen */ + if (seed_in) { + ok = 0; + DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS); + goto err; + } ++#endif + } + end: + if (!BN_GENCB_call(cb, 2, 1)) +@@ -595,7 +629,7 @@ int dsa_builtin_paramgen2(DSA *ret, size + BN_free(ret->g); + ret->g = BN_dup(g); + if (ret->p == NULL || ret->q == NULL || ret->g == NULL) { +- ok = -1; ++ ok = 0; + goto err; + } + if (counter_ret != NULL) +@@ -612,3 +646,53 @@ int dsa_builtin_paramgen2(DSA *ret, size + EVP_MD_CTX_free(mctx); + return ok; + } ++ ++#ifdef OPENSSL_FIPS ++ ++int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, ++ const EVP_MD *evpmd, const unsigned char *seed_in, ++ size_t seed_len, int idx, unsigned char *seed_out, ++ int *counter_ret, unsigned long *h_ret, ++ BN_GENCB *cb) ++{ ++ return dsa_builtin_paramgen2(ret, L, N, evpmd, seed_in, seed_len, ++ idx, seed_out, counter_ret, h_ret, cb); ++} ++ ++int FIPS_dsa_paramgen_check_g(DSA *dsa) ++{ ++ BN_CTX *ctx; ++ BIGNUM *tmp; ++ BN_MONT_CTX *mont = NULL; ++ int rv = -1; ++ ++ ctx = BN_CTX_new(); ++ if (ctx == NULL) ++ return -1; ++ if (BN_cmp(dsa->g, BN_value_one()) <= 0) ++ return 0; ++ if (BN_cmp(dsa->g, dsa->p) >= 0) ++ return 0; ++ BN_CTX_start(ctx); ++ tmp = BN_CTX_get(ctx); ++ if (tmp == NULL) ++ goto err; ++ if ((mont=BN_MONT_CTX_new()) == NULL) ++ goto err; ++ if (!BN_MONT_CTX_set(mont,dsa->p,ctx)) ++ goto err; ++ /* Work out g^q mod p */ ++ if (!BN_mod_exp_mont(tmp,dsa->g,dsa->q, dsa->p, ctx, mont)) ++ goto err; ++ if (!BN_cmp(tmp, BN_value_one())) ++ rv = 1; ++ else ++ rv = 0; ++ err: ++ BN_CTX_end(ctx); ++ BN_MONT_CTX_free(mont); ++ BN_CTX_free(ctx); ++ return rv; ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/dsa/dsa_key.c.fips openssl-1.1.1e/crypto/dsa/dsa_key.c +--- openssl-1.1.1e/crypto/dsa/dsa_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_key.c 2020-03-17 18:02:51.103018604 +0100 +@@ -13,10 +13,49 @@ + #include + #include "dsa_local.h" + ++#ifdef OPENSSL_FIPS ++# include ++# include "crypto/fips.h" ++ ++static int fips_check_dsa(DSA *dsa) ++{ ++ EVP_PKEY *pk; ++ unsigned char tbs[] = "DSA Pairwise Check Data"; ++ int ret = 0; ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_set1_DSA(pk, dsa); ++ ++ if (fips_pkey_signature_test(pk, tbs, -1, NULL, 0, NULL, 0, NULL)) ++ ret = 1; ++ ++ err: ++ if (ret == 0) { ++ FIPSerr(FIPS_F_FIPS_CHECK_DSA, FIPS_R_PAIRWISE_TEST_FAILED); ++ fips_set_selftest_fail(); ++ } ++ ++ if (pk) ++ EVP_PKEY_free(pk); ++ ++ return ret; ++} ++ ++#endif ++ + static int dsa_builtin_keygen(DSA *dsa); + + int DSA_generate_key(DSA *dsa) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD) ++ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) { ++ DSAerr(DSA_F_DSA_GENERATE_KEY, DSA_R_NON_FIPS_DSA_METHOD); ++ return 0; ++ } ++#endif + if (dsa->meth->dsa_keygen) + return dsa->meth->dsa_keygen(dsa); + return dsa_builtin_keygen(dsa); +@@ -28,6 +67,14 @@ static int dsa_builtin_keygen(DSA *dsa) + BN_CTX *ctx = NULL; + BIGNUM *pub_key = NULL, *priv_key = NULL; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS_GEN)) { ++ DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL); ++ goto err; ++ } ++#endif ++ + if ((ctx = BN_CTX_new()) == NULL) + goto err; + +@@ -65,6 +112,13 @@ static int dsa_builtin_keygen(DSA *dsa) + + dsa->priv_key = priv_key; + dsa->pub_key = pub_key; ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !fips_check_dsa(dsa)) { ++ dsa->pub_key = NULL; ++ dsa->priv_key = NULL; ++ goto err; ++ } ++#endif + ok = 1; + + err: +diff -up openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1e/crypto/dsa/dsa_ossl.c +--- openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_ossl.c 2020-03-19 17:11:22.037994064 +0100 +@@ -14,6 +14,9 @@ + #include + #include "dsa_local.h" + #include ++#ifdef OPENSSL_FIPS ++# include ++#endif + + static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); + static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, +@@ -77,6 +80,19 @@ static DSA_SIG *dsa_do_sign(const unsign + goto err; + } + ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_DSA_DO_SIGN, FIPS_R_FIPS_SELFTEST_FAILED); ++ return NULL; ++ } ++ ++ if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_KEY_SIZE_TOO_SMALL); ++ return NULL; ++ } ++#endif ++ + ret = DSA_SIG_new(); + if (ret == NULL) + goto err; +@@ -315,6 +331,18 @@ static int dsa_do_verify(const unsigned + DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_BAD_Q_VALUE); + return -1; + } ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_DSA_DO_VERIFY, FIPS_R_FIPS_SELFTEST_FAILED); ++ return -1; ++ } ++ ++ if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL); ++ return -1; ++ } ++#endif + + if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) { + DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MODULUS_TOO_LARGE); +@@ -403,6 +431,9 @@ static int dsa_do_verify(const unsigned + + static int dsa_init(DSA *dsa) + { ++#ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++#endif + dsa->flags |= DSA_FLAG_CACHE_MONT_P; + return 1; + } +diff -up openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1e/crypto/dsa/dsa_pmeth.c +--- openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_pmeth.c 2020-03-17 17:30:52.025567409 +0100 +@@ -211,8 +211,8 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT + BN_GENCB_free(pcb); + return 0; + } +- ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd, +- NULL, 0, NULL, NULL, NULL, pcb); ++ ret = dsa_builtin_paramgen2(dsa, dctx->nbits, dctx->qbits, dctx->pmd, ++ NULL, 0, -1, NULL, NULL, NULL, pcb); + BN_GENCB_free(pcb); + if (ret) + EVP_PKEY_assign_DSA(pkey, dsa); +@@ -241,7 +241,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX + + const EVP_PKEY_METHOD dsa_pkey_meth = { + EVP_PKEY_DSA, +- EVP_PKEY_FLAG_AUTOARGLEN, ++ EVP_PKEY_FLAG_AUTOARGLEN | EVP_PKEY_FLAG_FIPS, + pkey_dsa_init, + pkey_dsa_copy, + pkey_dsa_cleanup, +diff -up openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdh_ossl.c +--- openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips 2020-03-17 17:30:52.025567409 +0100 ++++ openssl-1.1.1e/crypto/ec/ecdh_ossl.c 2020-03-17 18:01:24.704530440 +0100 +@@ -19,9 +19,20 @@ + #include + #include "ec_local.h" + ++#ifdef OPENSSL_FIPS ++# include ++#endif ++ + int ossl_ecdh_compute_key(unsigned char **psec, size_t *pseclen, + const EC_POINT *pub_key, const EC_KEY *ecdh) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_ECDH_COMPUTE_KEY, FIPS_R_FIPS_SELFTEST_FAILED); ++ return -1; ++ } ++#endif ++ + if (ecdh->group->meth->ecdh_compute_key == NULL) { + ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH); + return 0; +diff -up openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdsa_ossl.c +--- openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ecdsa_ossl.c 2020-03-17 18:01:41.642234061 +0100 +@@ -14,6 +14,10 @@ + #include "crypto/bn.h" + #include "ec_local.h" + ++#ifdef OPENSSL_FIPS ++# include ++#endif ++ + int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, + unsigned char *sig, unsigned int *siglen, + const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) +@@ -163,6 +167,13 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns + ECDSA_SIG *ret; + const BIGNUM *priv_key; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_OSSL_ECDSA_SIGN_SIG, FIPS_R_FIPS_SELFTEST_FAILED); ++ return NULL; ++ } ++#endif ++ + group = EC_KEY_get0_group(eckey); + priv_key = EC_KEY_get0_private_key(eckey); + +@@ -325,6 +336,13 @@ int ossl_ecdsa_verify_sig(const unsigned + const EC_GROUP *group; + const EC_POINT *pub_key; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_OSSL_ECDSA_VERIFY_SIG, FIPS_R_FIPS_SELFTEST_FAILED); ++ return -1; ++ } ++#endif ++ + /* check input values */ + if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || + (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { +diff -up openssl-1.1.1e/crypto/ec/ec_key.c.fips openssl-1.1.1e/crypto/ec/ec_key.c +--- openssl-1.1.1e/crypto/ec/ec_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ec_key.c 2020-03-17 17:30:52.026567392 +0100 +@@ -178,14 +178,62 @@ ENGINE *EC_KEY_get0_engine(const EC_KEY + return eckey->engine; + } + ++#ifdef OPENSSL_FIPS ++ ++# include ++# include "crypto/fips.h" ++ ++static int fips_check_ec(EC_KEY *key) ++{ ++ EVP_PKEY *pk; ++ unsigned char tbs[] = "ECDSA Pairwise Check Data"; ++ int ret = 0; ++ ++ if (!EC_KEY_can_sign(key)) /* no test for non-signing keys */ ++ return 1; ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_set1_EC_KEY(pk, key); ++ ++ if (fips_pkey_signature_test(pk, tbs, -1, NULL, 0, NULL, 0, NULL)) ++ ret = 1; ++ ++ err: ++ if (ret == 0) { ++ FIPSerr(FIPS_F_FIPS_CHECK_EC, FIPS_R_PAIRWISE_TEST_FAILED); ++ fips_set_selftest_fail(); ++ } ++ if (pk) ++ EVP_PKEY_free(pk); ++ return ret; ++} ++ ++#endif ++ + int EC_KEY_generate_key(EC_KEY *eckey) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_NOT_INITIALIZED); ++ return 0; ++ } ++#endif + if (eckey == NULL || eckey->group == NULL) { + ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } +- if (eckey->meth->keygen != NULL) +- return eckey->meth->keygen(eckey); ++ if (eckey->meth->keygen != NULL) { ++ int rv = eckey->meth->keygen(eckey); ++ ++#ifdef OPENSSL_FIPS ++ if (rv > 0 && FIPS_mode()) { ++ rv = fips_check_ec(eckey); ++ } ++#endif ++ return rv; ++ } + ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_OPERATION_NOT_SUPPORTED); + return 0; + } +diff -up openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips openssl-1.1.1e/crypto/ec/ec_pmeth.c +--- openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ec_pmeth.c 2020-03-17 17:30:52.026567392 +0100 +@@ -438,7 +438,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX * + + const EVP_PKEY_METHOD ec_pkey_meth = { + EVP_PKEY_EC, +- 0, ++ EVP_PKEY_FLAG_FIPS, + pkey_ec_init, + pkey_ec_copy, + pkey_ec_cleanup, +diff -up openssl-1.1.1e/crypto/evp/digest.c.fips openssl-1.1.1e/crypto/evp/digest.c +--- openssl-1.1.1e/crypto/evp/digest.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/digest.c 2020-03-17 17:38:57.528093469 +0100 +@@ -14,6 +14,9 @@ + #include + #include "crypto/evp.h" + #include "evp_local.h" ++#ifdef OPENSSL_FIPS ++# include ++#endif + + /* This call frees resources associated with the context */ + int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) +@@ -66,6 +69,12 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, cons + int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) + { + EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_EVP_DIGESTINIT_EX, FIPS_R_FIPS_SELFTEST_FAILED); ++ return 0; ++ } ++#endif + #ifndef OPENSSL_NO_ENGINE + /* + * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so +@@ -119,6 +128,15 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c + } + #endif + if (ctx->digest != type) { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (!(type->flags & EVP_MD_FLAG_FIPS) ++ && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) { ++ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_FOR_FIPS); ++ return 0; ++ } ++ } ++#endif + if (ctx->digest && ctx->digest->ctx_size) { + OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); + ctx->md_data = NULL; +@@ -150,6 +168,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c + + int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) + { ++#ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++#endif ++ + if (count == 0) + return 1; + +@@ -170,6 +192,9 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, + { + int ret; + ++#ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++#endif + OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); + ret = ctx->digest->final(ctx, md); + if (size != NULL) +diff -up openssl-1.1.1e/crypto/evp/e_aes.c.fips openssl-1.1.1e/crypto/evp/e_aes.c +--- openssl-1.1.1e/crypto/evp/e_aes.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_aes.c 2020-03-17 17:30:52.028567357 +0100 +@@ -397,7 +397,7 @@ static int aesni_xts_init_key(EVP_CIPHER + * This addresses Rogaway's vulnerability. + * See comment in aes_xts_init_key() below. + */ +- if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { ++ if (CRYPTO_memcmp(key, key + bytes, bytes) == 0) { + EVPerr(EVP_F_AESNI_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS); + return 0; + } +@@ -817,7 +817,7 @@ static int aes_t4_xts_init_key(EVP_CIPHE + * This addresses Rogaway's vulnerability. + * See comment in aes_xts_init_key() below. + */ +- if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { ++ if (CRYPTO_memcmp(key, key + bytes, bytes) == 0) { + EVPerr(EVP_F_AES_T4_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS); + return 0; + } +@@ -2833,9 +2833,9 @@ static int aes_ctr_cipher(EVP_CIPHER_CTX + return 1; + } + +-BLOCK_CIPHER_generic_pack(NID_aes, 128, 0) +- BLOCK_CIPHER_generic_pack(NID_aes, 192, 0) +- BLOCK_CIPHER_generic_pack(NID_aes, 256, 0) ++BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS) ++ BLOCK_CIPHER_generic_pack(NID_aes, 192, EVP_CIPH_FLAG_FIPS) ++ BLOCK_CIPHER_generic_pack(NID_aes, 256, EVP_CIPH_FLAG_FIPS) + + static int aes_gcm_cleanup(EVP_CIPHER_CTX *c) + { +@@ -2869,6 +2869,11 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX * + case EVP_CTRL_AEAD_SET_IVLEN: + if (arg <= 0) + return 0; ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(c->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) ++ && arg < 12) ++ return 0; ++# endif + /* Allocate memory for IV if needed */ + if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) { + if (gctx->iv != c->iv) +@@ -3318,11 +3323,14 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX + | EVP_CIPH_CUSTOM_COPY | EVP_CIPH_CUSTOM_IV_LENGTH) + + BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | ++ CUSTOM_FLAGS) + BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | ++ CUSTOM_FLAGS) + BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | ++ CUSTOM_FLAGS) + + static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) + { +@@ -3380,7 +3388,7 @@ static int aes_xts_init_key(EVP_CIPHER_C + * BEFORE using the keys in the XTS-AES algorithm to process + * data with them." + */ +- if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { ++ if (CRYPTO_memcmp(key, key + bytes, bytes) == 0) { + EVPerr(EVP_F_AES_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS); + return 0; + } +@@ -3484,6 +3492,14 @@ static int aes_xts_cipher(EVP_CIPHER_CTX + return 0; + if (!out || !in || len < AES_BLOCK_SIZE) + return 0; ++# ifdef OPENSSL_FIPS ++ /* Requirement of SP800-38E */ ++ if (FIPS_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) && ++ (len > (1UL << 20) * 16)) { ++ EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE); ++ return 0; ++ } ++# endif + if (xctx->stream) + (*xctx->stream) (in, out, len, + xctx->xts.key1, xctx->xts.key2, +@@ -3501,8 +3517,10 @@ static int aes_xts_cipher(EVP_CIPHER_CTX + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ + | EVP_CIPH_CUSTOM_COPY) + +-BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, XTS_FLAGS) +- BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, XTS_FLAGS) ++BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, ++ EVP_CIPH_FLAG_FIPS | XTS_FLAGS) ++ BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, ++ EVP_CIPH_FLAG_FIPS | XTS_FLAGS) + + static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) + { +@@ -3772,11 +3790,11 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX + #define aes_ccm_cleanup NULL + + BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM, +- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) ++ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) + + typedef struct { + union { +@@ -3869,7 +3887,7 @@ static int aes_wrap_cipher(EVP_CIPHER_CT + return rv ? (int)rv : -1; + } + +-#define WRAP_FLAGS (EVP_CIPH_WRAP_MODE \ ++#define WRAP_FLAGS (EVP_CIPH_WRAP_MODE | EVP_CIPH_FLAG_FIPS \ + | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) + +diff -up openssl-1.1.1e/crypto/evp/e_des3.c.fips openssl-1.1.1e/crypto/evp/e_des3.c +--- openssl-1.1.1e/crypto/evp/e_des3.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_des3.c 2020-03-17 17:30:52.029567340 +0100 +@@ -211,16 +211,19 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, + # define des_ede3_cbc_cipher des_ede_cbc_cipher + # define des_ede3_ecb_cipher des_ede_ecb_cipher + BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, +- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, +- des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) ++ EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | ++ EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, NULL, ++ des3_ctrl) + + BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1, +- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, +- des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) ++ EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | ++ EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, ++ NULL, des3_ctrl) + + BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8, +- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, +- des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) ++ EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | ++ EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, ++ NULL, des3_ctrl) + + static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +diff -up openssl-1.1.1e/crypto/evp/e_null.c.fips openssl-1.1.1e/crypto/evp/e_null.c +--- openssl-1.1.1e/crypto/evp/e_null.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_null.c 2020-03-17 17:30:52.029567340 +0100 +@@ -19,7 +19,8 @@ static int null_cipher(EVP_CIPHER_CTX *c + const unsigned char *in, size_t inl); + static const EVP_CIPHER n_cipher = { + NID_undef, +- 1, 0, 0, 0, ++ 1, 0, 0, ++ EVP_CIPH_FLAG_FIPS, + null_init_key, + null_cipher, + NULL, +diff -up openssl-1.1.1e/crypto/evp/evp_enc.c.fips openssl-1.1.1e/crypto/evp/evp_enc.c +--- openssl-1.1.1e/crypto/evp/evp_enc.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_enc.c 2020-03-17 17:39:52.663129373 +0100 +@@ -17,9 +17,18 @@ + #include + #include "crypto/evp.h" + #include "evp_local.h" ++#ifdef OPENSSL_FIPS ++# include ++#endif + + int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_EVP_CIPHER_CTX_RESET, FIPS_R_FIPS_SELFTEST_FAILED); ++ return 0; ++ } ++#endif + if (c == NULL) + return 1; + if (c->cipher != NULL) { +@@ -39,6 +48,12 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX + + EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_EVP_CIPHER_CTX_NEW, FIPS_R_FIPS_SELFTEST_FAILED); ++ return NULL; ++ } ++#endif + return OPENSSL_zalloc(sizeof(EVP_CIPHER_CTX)); + } + +@@ -67,6 +82,12 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct + enc = 1; + ctx->encrypt = enc; + } ++#ifdef OPENSSL_FIPS ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_EVP_CIPHERINIT_EX, FIPS_R_FIPS_SELFTEST_FAILED); ++ return 0; ++ } ++#endif + #ifndef OPENSSL_NO_ENGINE + /* + * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so +@@ -136,7 +157,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct + } + ctx->key_len = cipher->key_len; + /* Preserve wrap enable flag, zero everything else */ +- ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW; ++ ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW | EVP_CIPH_FLAG_NON_FIPS_ALLOW; + if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { + if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { + ctx->cipher = NULL; +@@ -195,6 +216,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct + return 0; + } + } ++#ifdef OPENSSL_FIPS ++ /* After 'key' is set no further parameters changes are permissible. ++ * So only check for non FIPS enabling at this point. ++ */ ++ if (key && FIPS_mode()) { ++ if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS) ++ & !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) { ++ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_DISABLED_FOR_FIPS); ++ return 0; ++ } ++ } ++#endif + + if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { + if (!ctx->cipher->init(ctx, key, iv, enc)) +diff -up openssl-1.1.1e/crypto/evp/evp_err.c.fips openssl-1.1.1e/crypto/evp/evp_err.c +--- openssl-1.1.1e/crypto/evp/evp_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-17 17:30:52.030567322 +0100 +@@ -23,6 +23,7 @@ static const ERR_STRING_DATA EVP_str_fun + {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_T4_XTS_INIT_KEY, 0), + "aes_t4_xts_init_key"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_WRAP_CIPHER, 0), "aes_wrap_cipher"}, ++ {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_XTS_CIPHER, 0), "aes_xts_cipher"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_XTS_INIT_KEY, 0), "aes_xts_init_key"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_ALG_MODULE_INIT, 0), "alg_module_init"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_ARIA_CCM_INIT_KEY, 0), "aria_ccm_init_key"}, +@@ -186,6 +187,7 @@ static const ERR_STRING_DATA EVP_str_rea + "different key types"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIFFERENT_PARAMETERS), + "different parameters"}, ++ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DISABLED_FOR_FIPS), "disabled for FIPS"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_LOADING_SECTION), + "error loading section"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_SETTING_FIPS_MODE), +@@ -249,6 +251,7 @@ static const ERR_STRING_DATA EVP_str_rea + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_ENCODE_ERROR), + "private key encode error"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"}, ++ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_TOO_LARGE), "too large"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_CIPHER), "unknown cipher"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_DIGEST), "unknown digest"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_OPTION), "unknown option"}, +@@ -274,6 +277,8 @@ static const ERR_STRING_DATA EVP_str_rea + "wrap mode not allowed"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH), + "wrong final block length"}, ++ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE), ++ "xts data unit is too large"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DUPLICATED_KEYS), + "xts duplicated keys"}, + {0, NULL} +diff -up openssl-1.1.1e/crypto/evp/evp_lib.c.fips openssl-1.1.1e/crypto/evp/evp_lib.c +--- openssl-1.1.1e/crypto/evp/evp_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_lib.c 2020-03-17 17:30:52.030567322 +0100 +@@ -192,6 +192,9 @@ int EVP_CIPHER_impl_ctx_size(const EVP_C + int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) + { ++#ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++#endif + return ctx->cipher->do_cipher(ctx, out, in, inl); + } + +diff -up openssl-1.1.1e/crypto/evp/m_sha1.c.fips openssl-1.1.1e/crypto/evp/m_sha1.c +--- openssl-1.1.1e/crypto/evp/m_sha1.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/m_sha1.c 2020-03-17 17:30:52.030567322 +0100 +@@ -95,7 +95,7 @@ static const EVP_MD sha1_md = { + NID_sha1, + NID_sha1WithRSAEncryption, + SHA_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init, + update, + final, +@@ -145,7 +145,7 @@ static const EVP_MD sha224_md = { + NID_sha224, + NID_sha224WithRSAEncryption, + SHA224_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init224, + update224, + final224, +@@ -164,7 +164,7 @@ static const EVP_MD sha256_md = { + NID_sha256, + NID_sha256WithRSAEncryption, + SHA256_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init256, + update256, + final256, +@@ -224,7 +224,7 @@ static const EVP_MD sha512_224_md = { + NID_sha512_224, + NID_sha512_224WithRSAEncryption, + SHA224_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init512_224, + update512, + final512, +@@ -243,7 +243,7 @@ static const EVP_MD sha512_256_md = { + NID_sha512_256, + NID_sha512_256WithRSAEncryption, + SHA256_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init512_256, + update512, + final512, +@@ -262,7 +262,7 @@ static const EVP_MD sha384_md = { + NID_sha384, + NID_sha384WithRSAEncryption, + SHA384_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init384, + update384, + final384, +@@ -281,7 +281,7 @@ static const EVP_MD sha512_md = { + NID_sha512, + NID_sha512WithRSAEncryption, + SHA512_DIGEST_LENGTH, +- EVP_MD_FLAG_DIGALGID_ABSENT, ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, + init512, + update512, + final512, +diff -up openssl-1.1.1e/crypto/evp/m_sha3.c.fips openssl-1.1.1e/crypto/evp/m_sha3.c +--- openssl-1.1.1e/crypto/evp/m_sha3.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/m_sha3.c 2020-03-17 17:30:52.031567305 +0100 +@@ -295,7 +295,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) + NID_sha3_##bitlen, \ + NID_RSA_SHA3_##bitlen, \ + bitlen / 8, \ +- EVP_MD_FLAG_DIGALGID_ABSENT, \ ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, \ + s390x_sha3_init, \ + s390x_sha3_update, \ + s390x_sha3_final, \ +@@ -308,7 +308,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) + NID_sha3_##bitlen, \ + NID_RSA_SHA3_##bitlen, \ + bitlen / 8, \ +- EVP_MD_FLAG_DIGALGID_ABSENT, \ ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, \ + sha3_init, \ + sha3_update, \ + sha3_final, \ +@@ -329,7 +329,7 @@ const EVP_MD *EVP_shake##bitlen(void) + NID_shake##bitlen, \ + 0, \ + bitlen / 8, \ +- EVP_MD_FLAG_XOF, \ ++ EVP_MD_FLAG_XOF | EVP_MD_FLAG_FIPS, \ + s390x_shake_init, \ + s390x_sha3_update, \ + s390x_shake_final, \ +@@ -343,7 +343,7 @@ const EVP_MD *EVP_shake##bitlen(void) + NID_shake##bitlen, \ + 0, \ + bitlen / 8, \ +- EVP_MD_FLAG_XOF, \ ++ EVP_MD_FLAG_XOF | EVP_MD_FLAG_FIPS, \ + shake_init, \ + sha3_update, \ + sha3_final, \ +@@ -367,7 +367,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) + NID_sha3_##bitlen, \ + NID_RSA_SHA3_##bitlen, \ + bitlen / 8, \ +- EVP_MD_FLAG_DIGALGID_ABSENT, \ ++ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, \ + sha3_init, \ + sha3_update, \ + sha3_final, \ +@@ -386,7 +386,7 @@ const EVP_MD *EVP_shake##bitlen(void) + NID_shake##bitlen, \ + 0, \ + bitlen / 8, \ +- EVP_MD_FLAG_XOF, \ ++ EVP_MD_FLAG_XOF | EVP_MD_FLAG_FIPS, \ + shake_init, \ + sha3_update, \ + sha3_final, \ +diff -up openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips openssl-1.1.1e/crypto/evp/pmeth_lib.c +--- openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/pmeth_lib.c 2020-03-17 17:30:52.031567305 +0100 +@@ -131,7 +131,15 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKE + pmeth = ENGINE_get_pkey_meth(e, id); + else + #endif ++ { + pmeth = EVP_PKEY_meth_find(id); ++#ifdef OPENSSL_FIPS ++ if (pmeth && !(pmeth->flags & EVP_PKEY_FLAG_FIPS) && FIPS_mode()) { ++ EVPerr(EVP_F_INT_CTX_NEW, EVP_R_DISABLED_FOR_FIPS); ++ return NULL; ++ } ++#endif ++ } + + if (pmeth == NULL) { + #ifndef OPENSSL_NO_ENGINE +diff -up openssl-1.1.1e/crypto/fips/build.info.fips openssl-1.1.1e/crypto/fips/build.info +--- openssl-1.1.1e/crypto/fips/build.info.fips 2020-03-17 17:30:52.032567287 +0100 ++++ openssl-1.1.1e/crypto/fips/build.info 2020-03-17 17:30:52.032567287 +0100 +@@ -0,0 +1,15 @@ ++LIBS=../../libcrypto ++SOURCE[../../libcrypto]=\ ++ fips_aes_selftest.c fips_des_selftest.c fips_hmac_selftest.c \ ++ fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c \ ++ fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \ ++ fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \ ++ fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \ ++ fips_dh_selftest.c fips_ers.c ++ ++PROGRAMS_NO_INST=\ ++ fips_standalone_hmac ++ ++SOURCE[fips_standalone_hmac]=fips_standalone_hmac.c ++INCLUDE[fips_standalone_hmac]=../../include ++DEPEND[fips_standalone_hmac]=../../libcrypto +diff -up openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_aes_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips 2020-03-17 17:30:52.033567270 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_aes_selftest.c 2020-03-17 17:30:52.033567270 +0100 +@@ -0,0 +1,372 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#ifdef OPENSSL_FIPS ++# include ++# include "crypto/fips.h" ++#endif ++ ++#ifdef OPENSSL_FIPS ++static const struct { ++ const unsigned char key[16]; ++ const unsigned char plaintext[16]; ++ const unsigned char ciphertext[16]; ++} tests[] = { ++ { ++ { ++ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, ++ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}, { ++ 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, ++ 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF}, { ++0x69, 0xC4, 0xE0, 0xD8, 0x6A, 0x7B, 0x04, 0x30, ++ 0xD8, 0xCD, 0xB7, 0x80, 0x70, 0xB4, 0xC5, 0x5A},},}; ++ ++int FIPS_selftest_aes() ++{ ++ int n; ++ int ret = 0; ++ EVP_CIPHER_CTX *ctx; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ ++ for (n = 0; n < 1; ++n) { ++ unsigned char key[16]; ++ ++ memcpy(key, tests[n].key, sizeof(key)); ++ if (fips_cipher_test(ctx, EVP_aes_128_ecb(), ++ key, NULL, ++ tests[n].plaintext, ++ tests[n].ciphertext, 16) <= 0) ++ goto err; ++ } ++ ret = 1; ++ err: ++ EVP_CIPHER_CTX_free(ctx); ++ if (ret == 0) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_AES, FIPS_R_SELFTEST_FAILED); ++ return ret; ++} ++ ++/* AES-CCM test data from NIST public test vectors */ ++ ++static const unsigned char ccm_key[] = { ++ 0xce, 0xb0, 0x09, 0xae, 0xa4, 0x45, 0x44, 0x51, 0xfe, 0xad, 0xf0, 0xe6, ++ 0xb3, 0x6f, 0x45, 0x55, 0x5d, 0xd0, 0x47, 0x23, 0xba, 0xa4, 0x48, 0xe8 ++}; ++ ++static const unsigned char ccm_nonce[] = { ++ 0x76, 0x40, 0x43, 0xc4, 0x94, 0x60, 0xb7 ++}; ++ ++static const unsigned char ccm_adata[] = { ++ 0x6e, 0x80, 0xdd, 0x7f, 0x1b, 0xad, 0xf3, 0xa1, 0xc9, 0xab, 0x25, 0xc7, ++ 0x5f, 0x10, 0xbd, 0xe7, 0x8c, 0x23, 0xfa, 0x0e, 0xb8, 0xf9, 0xaa, 0xa5, ++ 0x3a, 0xde, 0xfb, 0xf4, 0xcb, 0xf7, 0x8f, 0xe4 ++}; ++ ++static const unsigned char ccm_pt[] = { ++ 0xc8, 0xd2, 0x75, 0xf9, 0x19, 0xe1, 0x7d, 0x7f, 0xe6, 0x9c, 0x2a, 0x1f, ++ 0x58, 0x93, 0x9d, 0xfe, 0x4d, 0x40, 0x37, 0x91, 0xb5, 0xdf, 0x13, 0x10 ++}; ++ ++static const unsigned char ccm_ct[] = { ++ 0x8a, 0x0f, 0x3d, 0x82, 0x29, 0xe4, 0x8e, 0x74, 0x87, 0xfd, 0x95, 0xa2, ++ 0x8a, 0xd3, 0x92, 0xc8, 0x0b, 0x36, 0x81, 0xd4, 0xfb, 0xc7, 0xbb, 0xfd ++}; ++ ++static const unsigned char ccm_tag[] = { ++ 0x2d, 0xd6, 0xef, 0x1c, 0x45, 0xd4, 0xcc, 0xb7, 0x23, 0xdc, 0x07, 0x44, ++ 0x14, 0xdb, 0x50, 0x6d ++}; ++ ++int FIPS_selftest_aes_ccm(void) ++{ ++ int ret = 0; ++ unsigned char out[128], tag[16]; ++ EVP_CIPHER_CTX *ctx; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ ++ memset(out, 0, sizeof(out)); ++ if (!EVP_CipherInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL, 1)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, ++ sizeof(ccm_nonce), NULL)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, ++ sizeof(ccm_tag), NULL)) ++ goto err; ++ if (!EVP_CipherInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce, 1)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, NULL, sizeof(ccm_pt)) != sizeof(ccm_pt)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, ccm_adata, sizeof(ccm_adata)) < 0) ++ goto err; ++ if (EVP_Cipher(ctx, out, ccm_pt, sizeof(ccm_pt)) != sizeof(ccm_ct)) ++ goto err; ++ ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, 16, tag)) ++ goto err; ++ if (memcmp(tag, ccm_tag, sizeof(ccm_tag)) ++ || memcmp(out, ccm_ct, sizeof(ccm_ct))) ++ goto err; ++ ++ memset(out, 0, sizeof(out)); ++ ++ if (!EVP_CipherInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL, 0)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, ++ sizeof(ccm_nonce), NULL)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, 16, tag)) ++ goto err; ++ if (!EVP_CipherInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce, 0)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, NULL, sizeof(ccm_ct)) != sizeof(ccm_ct)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, ccm_adata, sizeof(ccm_adata)) < 0) ++ goto err; ++ if (EVP_Cipher(ctx, out, ccm_ct, sizeof(ccm_ct)) != sizeof(ccm_pt)) ++ goto err; ++ ++ if (memcmp(out, ccm_pt, sizeof(ccm_pt))) ++ goto err; ++ ++ ret = 1; ++ ++ err: ++ EVP_CIPHER_CTX_free(ctx); ++ ++ if (ret == 0) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_AES_CCM, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } else ++ return ret; ++ ++} ++ ++/* AES-GCM test data from NIST public test vectors */ ++ ++static const unsigned char gcm_key[] = { ++ 0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66, ++ 0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69, ++ 0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f ++}; ++ ++static const unsigned char gcm_iv[] = { ++ 0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84 ++}; ++ ++static const unsigned char gcm_pt[] = { ++ 0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e, 0xeb, 0x31, 0xb2, 0xea, ++ 0xcc, 0x2b, 0xf2, 0xa5 ++}; ++ ++static const unsigned char gcm_aad[] = { ++ 0x4d, 0x23, 0xc3, 0xce, 0xc3, 0x34, 0xb4, 0x9b, 0xdb, 0x37, 0x0c, 0x43, ++ 0x7f, 0xec, 0x78, 0xde ++}; ++ ++static const unsigned char gcm_ct[] = { ++ 0xf7, 0x26, 0x44, 0x13, 0xa8, 0x4c, 0x0e, 0x7c, 0xd5, 0x36, 0x86, 0x7e, ++ 0xb9, 0xf2, 0x17, 0x36 ++}; ++ ++static const unsigned char gcm_tag[] = { ++ 0x67, 0xba, 0x05, 0x10, 0x26, 0x2a, 0xe4, 0x87, 0xd7, 0x37, 0xee, 0x62, ++ 0x98, 0xf7, 0x7e, 0x0c ++}; ++ ++int FIPS_selftest_aes_gcm(void) ++{ ++ int ret = 0; ++ unsigned char out[128], tag[16]; ++ EVP_CIPHER_CTX *ctx; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ ++ memset(out, 0, sizeof(out)); ++ memset(tag, 0, sizeof(tag)); ++ if (!EVP_CipherInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL, 1)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, ++ sizeof(gcm_iv), NULL)) ++ goto err; ++ if (!EVP_CipherInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv, 1)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, gcm_aad, sizeof(gcm_aad)) < 0) ++ goto err; ++ if (EVP_Cipher(ctx, out, gcm_pt, sizeof(gcm_pt)) != sizeof(gcm_ct)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, NULL, 0) < 0) ++ goto err; ++ ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag)) ++ goto err; ++ ++ if (memcmp(tag, gcm_tag, 16) || memcmp(out, gcm_ct, 16)) ++ goto err; ++ ++ memset(out, 0, sizeof(out)); ++ ++ if (!EVP_CipherInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL, 0)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, ++ sizeof(gcm_iv), NULL)) ++ goto err; ++ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag)) ++ goto err; ++ if (!EVP_CipherInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv, 0)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, gcm_aad, sizeof(gcm_aad)) < 0) ++ goto err; ++ if (EVP_Cipher(ctx, out, gcm_ct, sizeof(gcm_ct)) != sizeof(gcm_pt)) ++ goto err; ++ if (EVP_Cipher(ctx, NULL, NULL, 0) < 0) ++ goto err; ++ ++ if (memcmp(out, gcm_pt, 16)) ++ goto err; ++ ++ ret = 1; ++ ++ err: ++ EVP_CIPHER_CTX_free(ctx); ++ ++ if (ret == 0) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_AES_GCM, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } else ++ return ret; ++ ++} ++ ++static const unsigned char XTS_128_key[] = { ++ 0xa1, 0xb9, 0x0c, 0xba, 0x3f, 0x06, 0xac, 0x35, 0x3b, 0x2c, 0x34, 0x38, ++ 0x76, 0x08, 0x17, 0x62, 0x09, 0x09, 0x23, 0x02, 0x6e, 0x91, 0x77, 0x18, ++ 0x15, 0xf2, 0x9d, 0xab, 0x01, 0x93, 0x2f, 0x2f ++}; ++ ++static const unsigned char XTS_128_i[] = { ++ 0x4f, 0xae, 0xf7, 0x11, 0x7c, 0xda, 0x59, 0xc6, 0x6e, 0x4b, 0x92, 0x01, ++ 0x3e, 0x76, 0x8a, 0xd5 ++}; ++ ++static const unsigned char XTS_128_pt[] = { ++ 0xeb, 0xab, 0xce, 0x95, 0xb1, 0x4d, 0x3c, 0x8d, 0x6f, 0xb3, 0x50, 0x39, ++ 0x07, 0x90, 0x31, 0x1c ++}; ++ ++static const unsigned char XTS_128_ct[] = { ++ 0x77, 0x8a, 0xe8, 0xb4, 0x3c, 0xb9, 0x8d, 0x5a, 0x82, 0x50, 0x81, 0xd5, ++ 0xbe, 0x47, 0x1c, 0x63 ++}; ++ ++static const unsigned char XTS_256_key[] = { ++ 0x1e, 0xa6, 0x61, 0xc5, 0x8d, 0x94, 0x3a, 0x0e, 0x48, 0x01, 0xe4, 0x2f, ++ 0x4b, 0x09, 0x47, 0x14, 0x9e, 0x7f, 0x9f, 0x8e, 0x3e, 0x68, 0xd0, 0xc7, ++ 0x50, 0x52, 0x10, 0xbd, 0x31, 0x1a, 0x0e, 0x7c, 0xd6, 0xe1, 0x3f, 0xfd, ++ 0xf2, 0x41, 0x8d, 0x8d, 0x19, 0x11, 0xc0, 0x04, 0xcd, 0xa5, 0x8d, 0xa3, ++ 0xd6, 0x19, 0xb7, 0xe2, 0xb9, 0x14, 0x1e, 0x58, 0x31, 0x8e, 0xea, 0x39, ++ 0x2c, 0xf4, 0x1b, 0x08 ++}; ++ ++static const unsigned char XTS_256_i[] = { ++ 0xad, 0xf8, 0xd9, 0x26, 0x27, 0x46, 0x4a, 0xd2, 0xf0, 0x42, 0x8e, 0x84, ++ 0xa9, 0xf8, 0x75, 0x64 ++}; ++ ++static const unsigned char XTS_256_pt[] = { ++ 0x2e, 0xed, 0xea, 0x52, 0xcd, 0x82, 0x15, 0xe1, 0xac, 0xc6, 0x47, 0xe8, ++ 0x10, 0xbb, 0xc3, 0x64, 0x2e, 0x87, 0x28, 0x7f, 0x8d, 0x2e, 0x57, 0xe3, ++ 0x6c, 0x0a, 0x24, 0xfb, 0xc1, 0x2a, 0x20, 0x2e ++}; ++ ++static const unsigned char XTS_256_ct[] = { ++ 0xcb, 0xaa, 0xd0, 0xe2, 0xf6, 0xce, 0xa3, 0xf5, 0x0b, 0x37, 0xf9, 0x34, ++ 0xd4, 0x6a, 0x9b, 0x13, 0x0b, 0x9d, 0x54, 0xf0, 0x7e, 0x34, 0xf3, 0x6a, ++ 0xf7, 0x93, 0xe8, 0x6f, 0x73, 0xc6, 0xd7, 0xdb ++}; ++ ++int FIPS_selftest_aes_xts() ++{ ++ int ret = 1; ++ EVP_CIPHER_CTX *ctx; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ ++ if (fips_cipher_test(ctx, EVP_aes_128_xts(), ++ XTS_128_key, XTS_128_i, XTS_128_pt, XTS_128_ct, ++ sizeof(XTS_128_pt)) <= 0) ++ ret = 0; ++ ++ if (fips_cipher_test(ctx, EVP_aes_256_xts(), ++ XTS_256_key, XTS_256_i, XTS_256_pt, XTS_256_ct, ++ sizeof(XTS_256_pt)) <= 0) ++ ret = 0; ++ ++ EVP_CIPHER_CTX_free(ctx); ++ ++ err: ++ if (ret == 0) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_AES_XTS, FIPS_R_SELFTEST_FAILED); ++ return ret; ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips.c.fips openssl-1.1.1e/crypto/fips/fips.c +--- openssl-1.1.1e/crypto/fips/fips.c.fips 2020-03-17 17:30:52.033567270 +0100 ++++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 17:30:52.033567270 +0100 +@@ -0,0 +1,526 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#define _GNU_SOURCE ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "fips_locl.h" ++ ++#ifdef OPENSSL_FIPS ++ ++# include ++# include "internal/thread_once.h" ++ ++# ifndef PATH_MAX ++# define PATH_MAX 1024 ++# endif ++ ++static int fips_selftest_fail = 0; ++static int fips_mode = 0; ++static int fips_started = 0; ++ ++static int fips_is_owning_thread(void); ++static int fips_set_owning_thread(void); ++static int fips_clear_owning_thread(void); ++ ++static CRYPTO_RWLOCK *fips_lock = NULL; ++static CRYPTO_RWLOCK *fips_owning_lock = NULL; ++static CRYPTO_ONCE fips_lock_init = CRYPTO_ONCE_STATIC_INIT; ++ ++DEFINE_RUN_ONCE_STATIC(do_fips_lock_init) ++{ ++ fips_lock = CRYPTO_THREAD_lock_new(); ++ fips_owning_lock = CRYPTO_THREAD_lock_new(); ++ return fips_lock != NULL && fips_owning_lock != NULL; ++} ++ ++# define fips_w_lock() CRYPTO_THREAD_write_lock(fips_lock) ++# define fips_w_unlock() CRYPTO_THREAD_unlock(fips_lock) ++# define fips_r_lock() CRYPTO_THREAD_read_lock(fips_lock) ++# define fips_r_unlock() CRYPTO_THREAD_unlock(fips_lock) ++ ++static void fips_set_mode(int onoff) ++{ ++ int owning_thread = fips_is_owning_thread(); ++ ++ if (fips_started) { ++ if (!owning_thread) ++ fips_w_lock(); ++ fips_mode = onoff; ++ if (!owning_thread) ++ fips_w_unlock(); ++ } ++} ++ ++int FIPS_module_mode(void) ++{ ++ int ret = 0; ++ int owning_thread = fips_is_owning_thread(); ++ ++ if (fips_started) { ++ if (!owning_thread) ++ fips_r_lock(); ++ ret = fips_mode; ++ if (!owning_thread) ++ fips_r_unlock(); ++ } ++ return ret; ++} ++ ++/* just a compat symbol - return NULL */ ++int FIPS_selftest_failed(void) ++{ ++ int ret = 0; ++ if (fips_started) { ++ int owning_thread = fips_is_owning_thread(); ++ ++ if (!owning_thread) ++ fips_r_lock(); ++ ret = fips_selftest_fail; ++ if (!owning_thread) ++ fips_r_unlock(); ++ } ++ return ret; ++} ++ ++/* Selftest failure fatal exit routine. This will be called ++ * during *any* cryptographic operation. It has the minimum ++ * overhead possible to avoid too big a performance hit. ++ */ ++ ++void FIPS_selftest_check(void) ++{ ++ if (fips_selftest_fail) { ++ OpenSSLDie(__FILE__, __LINE__, "FATAL FIPS SELFTEST FAILURE"); ++ } ++} ++ ++void fips_set_selftest_fail(void) ++{ ++ fips_selftest_fail = 1; ++} ++ ++/* we implement what libfipscheck does ourselves */ ++ ++static int ++get_library_path(const char *libname, const char *symbolname, char *path, ++ size_t pathlen) ++{ ++ Dl_info info; ++ void *dl, *sym; ++ int rv = -1; ++ ++ dl = dlopen(libname, RTLD_LAZY); ++ if (dl == NULL) { ++ return -1; ++ } ++ ++ sym = dlsym(dl, symbolname); ++ ++ if (sym != NULL && dladdr(sym, &info)) { ++ strncpy(path, info.dli_fname, pathlen - 1); ++ path[pathlen - 1] = '\0'; ++ rv = 0; ++ } ++ ++ dlclose(dl); ++ ++ return rv; ++} ++ ++static const char conv[] = "0123456789abcdef"; ++ ++static char *bin2hex(void *buf, size_t len) ++{ ++ char *hex, *p; ++ unsigned char *src = buf; ++ ++ hex = malloc(len * 2 + 1); ++ if (hex == NULL) ++ return NULL; ++ ++ p = hex; ++ ++ while (len > 0) { ++ unsigned c; ++ ++ c = *src; ++ src++; ++ ++ *p = conv[c >> 4]; ++ ++p; ++ *p = conv[c & 0x0f]; ++ ++p; ++ --len; ++ } ++ *p = '\0'; ++ return hex; ++} ++ ++# define HMAC_PREFIX "." ++# ifndef HMAC_SUFFIX ++# define HMAC_SUFFIX ".hmac" ++# endif ++# define READ_BUFFER_LENGTH 16384 ++ ++static char *make_hmac_path(const char *origpath) ++{ ++ char *path, *p; ++ const char *fn; ++ ++ path = ++ malloc(sizeof(HMAC_PREFIX) + sizeof(HMAC_SUFFIX) + strlen(origpath)); ++ if (path == NULL) { ++ return NULL; ++ } ++ ++ fn = strrchr(origpath, '/'); ++ if (fn == NULL) { ++ fn = origpath; ++ } else { ++ ++fn; ++ } ++ ++ strncpy(path, origpath, fn - origpath); ++ p = path + (fn - origpath); ++ p = stpcpy(p, HMAC_PREFIX); ++ p = stpcpy(p, fn); ++ p = stpcpy(p, HMAC_SUFFIX); ++ ++ return path; ++} ++ ++static const char hmackey[] = "orboDeJITITejsirpADONivirpUkvarP"; ++ ++static int compute_file_hmac(const char *path, void **buf, size_t *hmaclen) ++{ ++ FILE *f = NULL; ++ int rv = -1; ++ unsigned char rbuf[READ_BUFFER_LENGTH]; ++ size_t len; ++ unsigned int hlen; ++ HMAC_CTX *c; ++ ++ c = HMAC_CTX_new(); ++ if (c == NULL) ++ return rv; ++ ++ f = fopen(path, "r"); ++ ++ if (f == NULL) { ++ goto end; ++ } ++ ++ if (HMAC_Init_ex(c, hmackey, sizeof(hmackey) - 1, EVP_sha256(), NULL) <= 0) { ++ goto end; ++ } ++ ++ while ((len = fread(rbuf, 1, sizeof(rbuf), f)) != 0) { ++ if (HMAC_Update(c, rbuf, len) <= 0) { ++ goto end; ++ } ++ } ++ ++ len = sizeof(rbuf); ++ /* reuse rbuf for hmac */ ++ if (HMAC_Final(c, rbuf, &hlen) <= 0) { ++ goto end; ++ } ++ ++ *buf = malloc(hlen); ++ if (*buf == NULL) { ++ goto end; ++ } ++ ++ *hmaclen = hlen; ++ ++ memcpy(*buf, rbuf, hlen); ++ ++ rv = 0; ++ end: ++ HMAC_CTX_free(c); ++ ++ if (f) ++ fclose(f); ++ ++ return rv; ++} ++ ++static int FIPSCHECK_verify(const char *path) ++{ ++ int rv = 0; ++ FILE *hf; ++ char *hmacpath, *p; ++ char *hmac = NULL; ++ size_t n; ++ ++ hmacpath = make_hmac_path(path); ++ if (hmacpath == NULL) ++ return 0; ++ ++ hf = fopen(hmacpath, "r"); ++ if (hf == NULL) { ++ free(hmacpath); ++ return 0; ++ } ++ ++ if (getline(&hmac, &n, hf) > 0) { ++ void *buf; ++ size_t hmaclen; ++ char *hex; ++ ++ if ((p = strchr(hmac, '\n')) != NULL) ++ *p = '\0'; ++ ++ if (compute_file_hmac(path, &buf, &hmaclen) < 0) { ++ rv = -4; ++ goto end; ++ } ++ ++ if ((hex = bin2hex(buf, hmaclen)) == NULL) { ++ free(buf); ++ rv = -5; ++ goto end; ++ } ++ ++ if (strcmp(hex, hmac) != 0) { ++ rv = -1; ++ } ++ free(buf); ++ free(hex); ++ } else { ++ rv = -1; ++ } ++ ++ end: ++ free(hmac); ++ free(hmacpath); ++ fclose(hf); ++ ++ if (rv < 0) ++ return 0; ++ ++ /* check successful */ ++ return 1; ++} ++ ++static int verify_checksums(void) ++{ ++ int rv; ++ char path[PATH_MAX + 1]; ++ char *p; ++ ++ /* we need to avoid dlopening libssl, assume both libcrypto and libssl ++ are in the same directory */ ++ ++ rv = get_library_path("libcrypto.so." SHLIB_VERSION_NUMBER, ++ "FIPS_mode_set", path, sizeof(path)); ++ if (rv < 0) ++ return 0; ++ ++ rv = FIPSCHECK_verify(path); ++ if (!rv) ++ return 0; ++ ++ /* replace libcrypto with libssl */ ++ while ((p = strstr(path, "libcrypto.so")) != NULL) { ++ p = stpcpy(p, "libssl"); ++ memmove(p, p + 3, strlen(p + 2)); ++ } ++ ++ rv = FIPSCHECK_verify(path); ++ if (!rv) ++ return 0; ++ return 1; ++} ++ ++# ifndef FIPS_MODULE_PATH ++# define FIPS_MODULE_PATH "/etc/system-fips" ++# endif ++ ++int FIPS_module_installed(void) ++{ ++ int rv; ++ rv = access(FIPS_MODULE_PATH, F_OK); ++ if (rv < 0 && errno != ENOENT) ++ rv = 0; ++ ++ /* Installed == true */ ++ return !rv || FIPS_module_mode(); ++} ++ ++int FIPS_module_mode_set(int onoff) ++{ ++ int ret = 0; ++ ++ if (!RUN_ONCE(&fips_lock_init, do_fips_lock_init)) ++ return 0; ++ ++ fips_w_lock(); ++ fips_started = 1; ++ fips_set_owning_thread(); ++ ++ if (onoff) { ++ ++ fips_selftest_fail = 0; ++ ++ /* Don't go into FIPS mode twice, just so we can do automagic ++ seeding */ ++ if (FIPS_module_mode()) { ++ FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET, ++ FIPS_R_FIPS_MODE_ALREADY_SET); ++ fips_selftest_fail = 1; ++ ret = 0; ++ goto end; ++ } ++# ifdef OPENSSL_IA32_SSE2 ++ { ++ extern unsigned int OPENSSL_ia32cap_P[2]; ++ if ((OPENSSL_ia32cap_P[0] & (1 << 25 | 1 << 26)) != ++ (1 << 25 | 1 << 26)) { ++ FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET, ++ FIPS_R_UNSUPPORTED_PLATFORM); ++ fips_selftest_fail = 1; ++ ret = 0; ++ goto end; ++ } ++ } ++# endif ++ ++ if (!FIPS_selftest()) { ++ fips_selftest_fail = 1; ++ ret = 0; ++ goto end; ++ } ++ ++ if (!verify_checksums()) { ++ FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET, ++ FIPS_R_FINGERPRINT_DOES_NOT_MATCH); ++ fips_selftest_fail = 1; ++ ret = 0; ++ goto end; ++ } ++ ++ fips_set_mode(onoff); ++ ret = 1; ++ goto end; ++ } ++ fips_set_mode(0); ++ fips_selftest_fail = 0; ++ ret = 1; ++ end: ++ fips_clear_owning_thread(); ++ fips_w_unlock(); ++ return ret; ++} ++ ++static CRYPTO_THREAD_ID fips_threadid; ++static int fips_thread_set = 0; ++ ++static int fips_is_owning_thread(void) ++{ ++ int ret = 0; ++ ++ if (fips_started) { ++ CRYPTO_THREAD_read_lock(fips_owning_lock); ++ if (fips_thread_set) { ++ CRYPTO_THREAD_ID cur = CRYPTO_THREAD_get_current_id(); ++ if (CRYPTO_THREAD_compare_id(fips_threadid, cur)) ++ ret = 1; ++ } ++ CRYPTO_THREAD_unlock(fips_owning_lock); ++ } ++ return ret; ++} ++ ++int fips_set_owning_thread(void) ++{ ++ int ret = 0; ++ ++ if (fips_started) { ++ CRYPTO_THREAD_write_lock(fips_owning_lock); ++ if (!fips_thread_set) { ++ fips_threadid = CRYPTO_THREAD_get_current_id(); ++ ret = 1; ++ fips_thread_set = 1; ++ } ++ CRYPTO_THREAD_unlock(fips_owning_lock); ++ } ++ return ret; ++} ++ ++int fips_clear_owning_thread(void) ++{ ++ int ret = 0; ++ ++ if (fips_started) { ++ CRYPTO_THREAD_write_lock(fips_owning_lock); ++ if (fips_thread_set) { ++ CRYPTO_THREAD_ID cur = CRYPTO_THREAD_get_current_id(); ++ if (CRYPTO_THREAD_compare_id(fips_threadid, cur)) ++ fips_thread_set = 0; ++ } ++ CRYPTO_THREAD_unlock(fips_owning_lock); ++ } ++ return ret; ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips 2020-03-17 17:30:52.034567253 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c 2020-03-17 17:30:52.033567270 +0100 +@@ -0,0 +1,156 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include "fips_locl.h" ++ ++#ifdef OPENSSL_FIPS ++typedef struct { ++ int nid; ++ const unsigned char key[EVP_MAX_KEY_LENGTH]; ++ size_t keysize; ++ const unsigned char msg[64]; ++ size_t msgsize; ++ const unsigned char mac[32]; ++ size_t macsize; ++} CMAC_KAT; ++ ++/* from http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf */ ++static const CMAC_KAT vector[] = { ++ {NID_aes_128_cbc, /* Count = 32 from CMACGenAES128.txt */ ++ {0x77, 0xa7, 0x7f, 0xaf, 0x29, 0x0c, 0x1f, 0xa3, ++ 0x0c, 0x68, 0x3d, 0xf1, 0x6b, 0xa7, 0xa7, 0x7b,}, 128, ++ {0x02, 0x06, 0x83, 0xe1, 0xf0, 0x39, 0x2f, 0x4c, ++ 0xac, 0x54, 0x31, 0x8b, 0x60, 0x29, 0x25, 0x9e, ++ 0x9c, 0x55, 0x3d, 0xbc, 0x4b, 0x6a, 0xd9, 0x98, ++ 0xe6, 0x4d, 0x58, 0xe4, 0xe7, 0xdc, 0x2e, 0x13,}, 256, ++ {0xfb, 0xfe, 0xa4, 0x1b,}, 32}, ++ {NID_aes_192_cbc, /* Count = 23 from CMACGenAES192.txt */ ++ {0x7b, 0x32, 0x39, 0x13, 0x69, 0xaa, 0x4c, 0xa9, ++ 0x75, 0x58, 0x09, 0x5b, 0xe3, 0xc3, 0xec, 0x86, ++ 0x2b, 0xd0, 0x57, 0xce, 0xf1, 0xe3, 0x2d, 0x62,}, 192, ++ {0x0}, 0, ++ {0xe4, 0xd9, 0x34, 0x0b, 0x03, 0xe6, 0x7d, 0xef, ++ 0xd4, 0x96, 0x9c, 0xc1, 0xed, 0x37, 0x35, 0xe6,}, 128, ++ }, ++ {NID_aes_256_cbc, /* Count = 33 from CMACGenAES256.txt */ ++ {0x0b, 0x12, 0x2a, 0xc8, 0xf3, 0x4e, 0xd1, 0xfe, ++ 0x08, 0x2a, 0x36, 0x25, 0xd1, 0x57, 0x56, 0x14, ++ 0x54, 0x16, 0x7a, 0xc1, 0x45, 0xa1, 0x0b, 0xbf, ++ 0x77, 0xc6, 0xa7, 0x05, 0x96, 0xd5, 0x74, 0xf1,}, 256, ++ {0x49, 0x8b, 0x53, 0xfd, 0xec, 0x87, 0xed, 0xcb, ++ 0xf0, 0x70, 0x97, 0xdc, 0xcd, 0xe9, 0x3a, 0x08, ++ 0x4b, 0xad, 0x75, 0x01, 0xa2, 0x24, 0xe3, 0x88, ++ 0xdf, 0x34, 0x9c, 0xe1, 0x89, 0x59, 0xfe, 0x84, ++ 0x85, 0xf8, 0xad, 0x15, 0x37, 0xf0, 0xd8, 0x96, ++ 0xea, 0x73, 0xbe, 0xdc, 0x72, 0x14, 0x71, 0x3f,}, 384, ++ {0xf6, 0x2c, 0x46, 0x32, 0x9b,}, 40, ++ }, ++ {NID_des_ede3_cbc, /* Count = 41 from CMACGenTDES3.req */ ++ {0x89, 0xbc, 0xd9, 0x52, 0xa8, 0xc8, 0xab, 0x37, ++ 0x1a, 0xf4, 0x8a, 0xc7, 0xd0, 0x70, 0x85, 0xd5, ++ 0xef, 0xf7, 0x02, 0xe6, 0xd6, 0x2c, 0xdc, 0x23,}, 192, ++ {0xfa, 0x62, 0x0c, 0x1b, 0xbe, 0x97, 0x31, 0x9e, ++ 0x9a, 0x0c, 0xf0, 0x49, 0x21, 0x21, 0xf7, 0xa2, ++ 0x0e, 0xb0, 0x8a, 0x6a, 0x70, 0x9d, 0xcb, 0xd0, ++ 0x0a, 0xaf, 0x38, 0xe4, 0xf9, 0x9e, 0x75, 0x4e,}, 256, ++ {0x8f, 0x49, 0xa1, 0xb7, 0xd6, 0xaa, 0x22, 0x58,}, 64, ++ }, ++}; ++ ++int FIPS_selftest_cmac() ++{ ++ size_t n, outlen; ++ unsigned char out[32]; ++ const EVP_CIPHER *cipher; ++ CMAC_CTX *ctx = CMAC_CTX_new(); ++ const CMAC_KAT *t; ++ int rv = 1; ++ ++ for (n = 0, t = vector; n < sizeof(vector) / sizeof(vector[0]); n++, t++) { ++ cipher = EVP_get_cipherbynid(t->nid); ++ if (!cipher) { ++ rv = -1; ++ goto err; ++ } ++ if (!CMAC_Init(ctx, t->key, t->keysize / 8, cipher, 0)) { ++ rv = -1; ++ goto err; ++ } ++ if (!CMAC_Update(ctx, t->msg, t->msgsize / 8)) { ++ rv = -1; ++ goto err; ++ } ++ ++ if (!CMAC_Final(ctx, out, &outlen)) { ++ rv = -1; ++ goto err; ++ } ++ ++ if (outlen < t->macsize / 8 || memcmp(out, t->mac, t->macsize / 8)) { ++ rv = 0; ++ } ++ } ++ ++ err: ++ CMAC_CTX_free(ctx); ++ ++ if (rv == -1) { ++ rv = 0; ++ } ++ if (!rv) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC, FIPS_R_SELFTEST_FAILED); ++ ++ return rv; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_des_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips 2020-03-17 17:30:52.034567253 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_des_selftest.c 2020-03-17 17:30:52.034567253 +0100 +@@ -0,0 +1,133 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#ifdef OPENSSL_FIPS ++# include ++# include "crypto/fips.h" ++#endif ++#include ++ ++#ifdef OPENSSL_FIPS ++ ++static const struct { ++ const unsigned char key[16]; ++ const unsigned char plaintext[8]; ++ const unsigned char ciphertext[8]; ++} tests2[] = { ++ { ++ { ++ 0x7c, 0x4f, 0x6e, 0xf7, 0xa2, 0x04, 0x16, 0xec, ++ 0x0b, 0x6b, 0x7c, 0x9e, 0x5e, 0x19, 0xa7, 0xc4}, { ++ 0x06, 0xa7, 0xd8, 0x79, 0xaa, 0xce, 0x69, 0xef}, { ++ 0x4c, 0x11, 0x17, 0x55, 0xbf, 0xc4, 0x4e, 0xfd} ++ }, { ++ { ++ 0x5d, 0x9e, 0x01, 0xd3, 0x25, 0xc7, 0x3e, 0x34, ++ 0x01, 0x16, 0x7c, 0x85, 0x23, 0xdf, 0xe0, 0x68}, { ++ 0x9c, 0x50, 0x09, 0x0f, 0x5e, 0x7d, 0x69, 0x7e}, { ++ 0xd2, 0x0b, 0x18, 0xdf, 0xd9, 0x0d, 0x9e, 0xff},} ++}; ++ ++static const struct { ++ const unsigned char key[24]; ++ const unsigned char plaintext[8]; ++ const unsigned char ciphertext[8]; ++} tests3[] = { ++ { ++ { ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, ++ 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0}, { ++ 0x8f, 0x8f, 0xbf, 0x9b, 0x5d, 0x48, 0xb4, 0x1c}, { ++ 0x59, 0x8c, 0xe5, 0xd3, 0x6c, 0xa2, 0xea, 0x1b},}, { ++ { ++ 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, 0xFE, ++ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, ++ 0xED, 0x39, 0xD9, 0x50, 0xFA, 0x74, 0xBC, 0xC4}, { ++ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, { ++0x11, 0x25, 0xb0, 0x35, 0xbe, 0xa0, 0x82, 0x86},},}; ++ ++int FIPS_selftest_des() ++{ ++ int n, ret = 0; ++ EVP_CIPHER_CTX *ctx; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ ++ /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ ++ for (n = 0; n < 2; ++n) { ++ unsigned char plaintext[8]; ++ ++ memcpy(plaintext, tests2[n].plaintext, sizeof(plaintext)); ++ if (!fips_cipher_test(ctx, EVP_des_ede_ecb(), ++ tests2[n].key, NULL, ++ plaintext, tests2[n].ciphertext, 8)) ++ goto err; ++ } ++ ++ /* Encrypt/decrypt with 3DES and compare to known answers */ ++ for (n = 0; n < 2; ++n) { ++ if (!fips_cipher_test(ctx, EVP_des_ede3_ecb(), ++ tests3[n].key, NULL, ++ tests3[n].plaintext, tests3[n].ciphertext, 8)) ++ goto err; ++ } ++ ret = 1; ++ err: ++ EVP_CIPHER_CTX_free(ctx); ++ if (ret == 0) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_DES, FIPS_R_SELFTEST_FAILED); ++ ++ return ret; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_dh_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips 2020-03-17 17:30:52.038567183 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_dh_selftest.c 2020-03-17 17:30:52.038567183 +0100 +@@ -0,0 +1,180 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * Copyright (c) 2013 Red Hat, Inc. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "fips_locl.h" ++ ++#ifdef OPENSSL_FIPS ++ ++static const unsigned char dh_test_2048_p[] = { ++ 0xAE, 0xEC, 0xEE, 0x22, 0xFA, 0x3A, 0xA5, 0x22, 0xC0, 0xDE, 0x0F, 0x09, ++ 0x7E, 0x17, 0xC0, 0x05, 0xF9, 0xF1, 0xE7, 0xC6, 0x87, 0x14, 0x6D, 0x11, ++ 0xE7, 0xAE, 0xED, 0x2F, 0x72, 0x59, 0xC5, 0xA9, 0x9B, 0xB8, 0x02, 0xA5, ++ 0xF3, 0x69, 0x70, 0xD6, 0xDD, 0x90, 0xF9, 0x19, 0x79, 0xBE, 0x60, 0x8F, ++ 0x25, 0x92, 0x30, 0x1C, 0x51, 0x51, 0x38, 0x26, 0x82, 0x25, 0xE6, 0xFC, ++ 0xED, 0x65, 0x96, 0x8F, 0x57, 0xE5, 0x53, 0x8B, 0x38, 0x63, 0xC7, 0xCE, ++ 0xBC, 0x1B, 0x4D, 0x18, 0x2A, 0x5B, 0x04, 0x3F, 0x6A, 0x3C, 0x94, 0x39, ++ 0xAE, 0x36, 0xD6, 0x5E, 0x0F, 0xA2, 0xCC, 0xD0, 0xD4, 0xD5, 0xC6, 0x1E, ++ 0xF6, 0xA0, 0xF5, 0x89, 0x4E, 0xB4, 0x0B, 0xA4, 0xB3, 0x2B, 0x3D, 0xE2, ++ 0x4E, 0xE1, 0x49, 0x25, 0x99, 0x5F, 0x32, 0x16, 0x33, 0x32, 0x1B, 0x7A, ++ 0xA5, 0x5C, 0x6B, 0x34, 0x0D, 0x39, 0x99, 0xDC, 0xF0, 0x76, 0xE5, 0x5A, ++ 0xD4, 0x71, 0x00, 0xED, 0x5A, 0x73, 0xFB, 0xC8, 0x01, 0xAD, 0x99, 0xCF, ++ 0x99, 0x52, 0x7C, 0x9C, 0x64, 0xC6, 0x76, 0x40, 0x57, 0xAF, 0x59, 0xD7, ++ 0x38, 0x0B, 0x40, 0xDE, 0x33, 0x0D, 0xB8, 0x76, 0xEC, 0xA9, 0xD8, 0x73, ++ 0xF8, 0xEF, 0x26, 0x66, 0x06, 0x27, 0xDD, 0x7C, 0xA4, 0x10, 0x9C, 0xA6, ++ 0xAA, 0xF9, 0x53, 0x62, 0x73, 0x1D, 0xBA, 0x1C, 0xF1, 0x67, 0xF4, 0x35, ++ 0xED, 0x6F, 0x37, 0x92, 0xE8, 0x4F, 0x6C, 0xBA, 0x52, 0x6E, 0xA1, 0xED, ++ 0xDA, 0x9F, 0x85, 0x11, 0x82, 0x52, 0x62, 0x08, 0x44, 0xF1, 0x30, 0x03, ++ 0xC3, 0x38, 0x2C, 0x79, 0xBD, 0xD4, 0x43, 0x45, 0xEE, 0x8E, 0x50, 0xFC, ++ 0x29, 0x46, 0x9A, 0xFE, 0x54, 0x1A, 0x19, 0x8F, 0x4B, 0x84, 0x08, 0xDE, ++ 0x20, 0x62, 0x73, 0xCC, 0xDD, 0x7E, 0xF0, 0xEF, 0xA2, 0xFD, 0x86, 0x58, ++ 0x4B, 0xD8, 0x37, 0xEB ++}; ++ ++static const unsigned char dh_test_2048_g[] = { ++ 0x02 ++}; ++ ++static const unsigned char dh_test_2048_pub_key[] = { ++ 0xA0, 0x39, 0x11, 0x77, 0x9A, 0xC1, 0x30, 0x1F, 0xBE, 0x48, 0xA7, 0xAA, ++ 0xA0, 0x84, 0x54, 0x64, 0xAD, 0x1B, 0x70, 0xFA, 0x13, 0x55, 0x63, 0xD2, ++ 0x1F, 0x62, 0x32, 0x93, 0x8E, 0xC9, 0x3E, 0x09, 0xA7, 0x64, 0xE4, 0x12, ++ 0x6E, 0x1B, 0xF2, 0x92, 0x3B, 0xB9, 0xCB, 0x56, 0xEA, 0x07, 0x88, 0xB5, ++ 0xA6, 0xBC, 0x16, 0x1F, 0x27, 0xFE, 0xD8, 0xAA, 0x40, 0xB2, 0xB0, 0x2D, ++ 0x37, 0x76, 0xA6, 0xA4, 0x82, 0x2C, 0x0E, 0x22, 0x64, 0x9D, 0xCB, 0xD1, ++ 0x00, 0xB7, 0x89, 0x14, 0x72, 0x4E, 0xBE, 0x48, 0x41, 0xF8, 0xB2, 0x51, ++ 0x11, 0x09, 0x4B, 0x22, 0x01, 0x23, 0x39, 0x96, 0xE0, 0x15, 0xD7, 0x9F, ++ 0x60, 0xD1, 0xB7, 0xAE, 0xFE, 0x5F, 0xDB, 0xE7, 0x03, 0x17, 0x97, 0xA6, ++ 0x16, 0x74, 0xBD, 0x53, 0x81, 0x19, 0xC5, 0x47, 0x5E, 0xCE, 0x8D, 0xED, ++ 0x45, 0x5D, 0x3C, 0x00, 0xA0, 0x0A, 0x68, 0x6A, 0xE0, 0x8E, 0x06, 0x46, ++ 0x6F, 0xD7, 0xF9, 0xDF, 0x31, 0x7E, 0x77, 0x44, 0x0D, 0x98, 0xE0, 0xCA, ++ 0x98, 0x09, 0x52, 0x04, 0x90, 0xEA, 0x6D, 0xF4, 0x30, 0x69, 0x8F, 0xB1, ++ 0x9B, 0xC1, 0x43, 0xDB, 0xD5, 0x8D, 0xC8, 0x8E, 0xB6, 0x0B, 0x05, 0xBE, ++ 0x0E, 0xC5, 0x99, 0xC8, 0x6E, 0x4E, 0xF3, 0xCB, 0xC3, 0x5E, 0x9B, 0x53, ++ 0xF7, 0x06, 0x1C, 0x4F, 0xC7, 0xB8, 0x6E, 0x30, 0x18, 0xCA, 0x9B, 0xB9, ++ 0xBC, 0x5F, 0x17, 0x72, 0x29, 0x5A, 0xE5, 0xD9, 0x96, 0xB7, 0x0B, 0xF3, ++ 0x2D, 0x8C, 0xF1, 0xE1, 0x0E, 0x0D, 0x74, 0xD5, 0x9D, 0xF0, 0x06, 0xA9, ++ 0xB4, 0x95, 0x63, 0x76, 0x46, 0x55, 0x48, 0x82, 0x39, 0x90, 0xEF, 0x56, ++ 0x75, 0x34, 0xB8, 0x34, 0xC3, 0x18, 0x6E, 0x1E, 0xAD, 0xE3, 0x48, 0x7E, ++ 0x93, 0x2C, 0x23, 0xE7, 0xF8, 0x90, 0x73, 0xB1, 0x77, 0x80, 0x67, 0xA9, ++ 0x36, 0x9E, 0xDA, 0xD2 ++}; ++ ++static const unsigned char dh_test_2048_priv_key[] = { ++ 0x0C, 0x4B, 0x30, 0x89, 0xD1, 0xB8, 0x62, 0xCB, 0x3C, 0x43, 0x64, 0x91, ++ 0xF0, 0x91, 0x54, 0x70, 0xC5, 0x27, 0x96, 0xE3, 0xAC, 0xBE, 0xE8, 0x00, ++ 0xEC, 0x55, 0xF6, 0xCC ++}; ++ ++int FIPS_selftest_dh() ++{ ++ DH *dh = NULL; ++ int ret = 0; ++ void *pub_key_bin = NULL; ++ int len; ++ BIGNUM *p = NULL, *g = NULL, *priv_key = NULL, *tmp_pub_key = NULL; ++ const BIGNUM *pub_key; ++ ++ fips_load_key_component(p, dh_test_2048); ++ fips_load_key_component(g, dh_test_2048); ++ /* note that the private key is much shorter than normally used ++ * but still g ** priv_key > p ++ */ ++ fips_load_key_component(priv_key, dh_test_2048); ++ if ((tmp_pub_key = BN_new()) == NULL) ++ goto err; ++ ++ dh = DH_new(); ++ ++ if (dh == NULL) ++ goto err; ++ ++ DH_set0_pqg(dh, p, NULL, g); ++ DH_set0_key(dh, tmp_pub_key, priv_key); ++ ++ if (DH_generate_key(dh) <= 0) ++ goto err; ++ ++ DH_get0_key(dh, &pub_key, NULL); ++ ++ if (pub_key == NULL) ++ goto err; ++ ++ len = BN_num_bytes(pub_key); ++ if ((pub_key_bin = OPENSSL_malloc(len)) == NULL) ++ goto err; ++ BN_bn2bin(pub_key, pub_key_bin); ++ ++ if (len != sizeof(dh_test_2048_pub_key) || ++ memcmp(pub_key_bin, dh_test_2048_pub_key, len) != 0) ++ goto err; ++ ++ ret = 1; ++ ++ err: ++ if (dh) ++ DH_free(dh); ++ else { ++ BN_free(p); ++ BN_free(g); ++ BN_free(priv_key); ++ BN_free(tmp_pub_key); ++ } ++ ++ OPENSSL_free(pub_key_bin); ++ return ret; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips 2020-03-17 17:30:52.040567148 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c 2020-03-17 17:30:52.039567165 +0100 +@@ -0,0 +1,406 @@ ++/* fips/rand/fips_drbg_ctr.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include "fips_rand_lcl.h" ++ ++static void inc_128(DRBG_CTR_CTX * cctx) ++{ ++ int i; ++ unsigned char c; ++ unsigned char *p = cctx->V + 15; ++ for (i = 0; i < 16; i++) { ++ c = *p; ++ c++; ++ *p = c; ++ if (c) ++ return; ++ p--; ++ } ++} ++ ++static void ctr_XOR(DRBG_CTR_CTX * cctx, const unsigned char *in, ++ size_t inlen) ++{ ++ size_t i, n; ++ /* Any zero padding will have no effect on the result as we ++ * are XORing. So just process however much input we have. ++ */ ++ ++ if (!in || !inlen) ++ return; ++ ++ if (inlen < cctx->keylen) ++ n = inlen; ++ else ++ n = cctx->keylen; ++ ++ for (i = 0; i < n; i++) ++ cctx->K[i] ^= in[i]; ++ if (inlen <= cctx->keylen) ++ return; ++ ++ n = inlen - cctx->keylen; ++ /* Should never happen */ ++ if (n > 16) ++ n = 16; ++ for (i = 0; i < 16; i++) ++ cctx->V[i] ^= in[i + cctx->keylen]; ++} ++ ++/* Process a complete block using BCC algorithm of SPP 800-90 10.4.3 */ ++ ++static void ctr_BCC_block(DRBG_CTR_CTX * cctx, unsigned char *out, ++ const unsigned char *in) ++{ ++ int i; ++ for (i = 0; i < 16; i++) ++ out[i] ^= in[i]; ++ AES_encrypt(out, out, &cctx->df_ks); ++#if 0 ++ fprintf(stderr, "BCC in+out\n"); ++ BIO_dump_fp(stderr, in, 16); ++ BIO_dump_fp(stderr, out, 16); ++#endif ++} ++ ++/* Handle several BCC operations for as much data as we need for K and X */ ++static void ctr_BCC_blocks(DRBG_CTR_CTX * cctx, const unsigned char *in) ++{ ++ ctr_BCC_block(cctx, cctx->KX, in); ++ ctr_BCC_block(cctx, cctx->KX + 16, in); ++ if (cctx->keylen != 16) ++ ctr_BCC_block(cctx, cctx->KX + 32, in); ++} ++ ++/* Initialise BCC blocks: these have the value 0,1,2 in leftmost positions: ++ * see 10.4.2 stage 7. ++ */ ++static void ctr_BCC_init(DRBG_CTR_CTX * cctx) ++{ ++ memset(cctx->KX, 0, 48); ++ memset(cctx->bltmp, 0, 16); ++ ctr_BCC_block(cctx, cctx->KX, cctx->bltmp); ++ cctx->bltmp[3] = 1; ++ ctr_BCC_block(cctx, cctx->KX + 16, cctx->bltmp); ++ if (cctx->keylen != 16) { ++ cctx->bltmp[3] = 2; ++ ctr_BCC_block(cctx, cctx->KX + 32, cctx->bltmp); ++ } ++} ++ ++/* Process several blocks into BCC algorithm, some possibly partial */ ++static void ctr_BCC_update(DRBG_CTR_CTX * cctx, ++ const unsigned char *in, size_t inlen) ++{ ++ if (!in || !inlen) ++ return; ++ /* If we have partial block handle it first */ ++ if (cctx->bltmp_pos) { ++ size_t left = 16 - cctx->bltmp_pos; ++ /* If we now have a complete block process it */ ++ if (inlen >= left) { ++ memcpy(cctx->bltmp + cctx->bltmp_pos, in, left); ++ ctr_BCC_blocks(cctx, cctx->bltmp); ++ cctx->bltmp_pos = 0; ++ inlen -= left; ++ in += left; ++ } ++ } ++ /* Process zero or more complete blocks */ ++ while (inlen >= 16) { ++ ctr_BCC_blocks(cctx, in); ++ in += 16; ++ inlen -= 16; ++ } ++ /* Copy any remaining partial block to the temporary buffer */ ++ if (inlen > 0) { ++ memcpy(cctx->bltmp + cctx->bltmp_pos, in, inlen); ++ cctx->bltmp_pos += inlen; ++ } ++} ++ ++static void ctr_BCC_final(DRBG_CTR_CTX * cctx) ++{ ++ if (cctx->bltmp_pos) { ++ memset(cctx->bltmp + cctx->bltmp_pos, 0, 16 - cctx->bltmp_pos); ++ ctr_BCC_blocks(cctx, cctx->bltmp); ++ } ++} ++ ++static void ctr_df(DRBG_CTR_CTX * cctx, ++ const unsigned char *in1, size_t in1len, ++ const unsigned char *in2, size_t in2len, ++ const unsigned char *in3, size_t in3len) ++{ ++ size_t inlen; ++ unsigned char *p = cctx->bltmp; ++ static unsigned char c80 = 0x80; ++ ++ ctr_BCC_init(cctx); ++ if (!in1) ++ in1len = 0; ++ if (!in2) ++ in2len = 0; ++ if (!in3) ++ in3len = 0; ++ inlen = in1len + in2len + in3len; ++ /* Initialise L||N in temporary block */ ++ *p++ = (inlen >> 24) & 0xff; ++ *p++ = (inlen >> 16) & 0xff; ++ *p++ = (inlen >> 8) & 0xff; ++ *p++ = inlen & 0xff; ++ /* NB keylen is at most 32 bytes */ ++ *p++ = 0; ++ *p++ = 0; ++ *p++ = 0; ++ *p = (unsigned char)((cctx->keylen + 16) & 0xff); ++ cctx->bltmp_pos = 8; ++ ctr_BCC_update(cctx, in1, in1len); ++ ctr_BCC_update(cctx, in2, in2len); ++ ctr_BCC_update(cctx, in3, in3len); ++ ctr_BCC_update(cctx, &c80, 1); ++ ctr_BCC_final(cctx); ++ /* Set up key K */ ++ AES_set_encrypt_key(cctx->KX, cctx->keylen * 8, &cctx->df_kxks); ++ /* X follows key K */ ++ AES_encrypt(cctx->KX + cctx->keylen, cctx->KX, &cctx->df_kxks); ++ AES_encrypt(cctx->KX, cctx->KX + 16, &cctx->df_kxks); ++ if (cctx->keylen != 16) ++ AES_encrypt(cctx->KX + 16, cctx->KX + 32, &cctx->df_kxks); ++#if 0 ++ fprintf(stderr, "Output of ctr_df:\n"); ++ BIO_dump_fp(stderr, cctx->KX, cctx->keylen + 16); ++#endif ++} ++ ++/* NB the no-df Update in SP800-90 specifies a constant input length ++ * of seedlen, however other uses of this algorithm pad the input with ++ * zeroes if necessary and have up to two parameters XORed together, ++ * handle both cases in this function instead. ++ */ ++ ++static void ctr_Update(DRBG_CTX *dctx, ++ const unsigned char *in1, size_t in1len, ++ const unsigned char *in2, size_t in2len, ++ const unsigned char *nonce, size_t noncelen) ++{ ++ DRBG_CTR_CTX *cctx = &dctx->d.ctr; ++ /* ks is already setup for correct key */ ++ inc_128(cctx); ++ AES_encrypt(cctx->V, cctx->K, &cctx->ks); ++ /* If keylen longer than 128 bits need extra encrypt */ ++ if (cctx->keylen != 16) { ++ inc_128(cctx); ++ AES_encrypt(cctx->V, cctx->K + 16, &cctx->ks); ++ } ++ inc_128(cctx); ++ AES_encrypt(cctx->V, cctx->V, &cctx->ks); ++ /* If 192 bit key part of V is on end of K */ ++ if (cctx->keylen == 24) { ++ memcpy(cctx->V + 8, cctx->V, 8); ++ memcpy(cctx->V, cctx->K + 24, 8); ++ } ++ ++ if (dctx->xflags & DRBG_FLAG_CTR_USE_DF) { ++ /* If no input reuse existing derived value */ ++ if (in1 || nonce || in2) ++ ctr_df(cctx, in1, in1len, nonce, noncelen, in2, in2len); ++ /* If this a reuse input in1len != 0 */ ++ if (in1len) ++ ctr_XOR(cctx, cctx->KX, dctx->seedlen); ++ } else { ++ ctr_XOR(cctx, in1, in1len); ++ ctr_XOR(cctx, in2, in2len); ++ } ++ ++ AES_set_encrypt_key(cctx->K, dctx->strength, &cctx->ks); ++#if 0 ++ fprintf(stderr, "K+V after update is:\n"); ++ BIO_dump_fp(stderr, cctx->K, cctx->keylen); ++ BIO_dump_fp(stderr, cctx->V, 16); ++#endif ++} ++ ++static int drbg_ctr_instantiate(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t entlen, ++ const unsigned char *nonce, size_t noncelen, ++ const unsigned char *pers, size_t perslen) ++{ ++ DRBG_CTR_CTX *cctx = &dctx->d.ctr; ++ memset(cctx->K, 0, sizeof(cctx->K)); ++ memset(cctx->V, 0, sizeof(cctx->V)); ++ AES_set_encrypt_key(cctx->K, dctx->strength, &cctx->ks); ++ ctr_Update(dctx, ent, entlen, pers, perslen, nonce, noncelen); ++ return 1; ++} ++ ++static int drbg_ctr_reseed(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t entlen, ++ const unsigned char *adin, size_t adinlen) ++{ ++ ctr_Update(dctx, ent, entlen, adin, adinlen, NULL, 0); ++ return 1; ++} ++ ++static int drbg_ctr_generate(DRBG_CTX *dctx, ++ unsigned char *out, size_t outlen, ++ const unsigned char *adin, size_t adinlen) ++{ ++ DRBG_CTR_CTX *cctx = &dctx->d.ctr; ++ if (adin && adinlen) { ++ ctr_Update(dctx, adin, adinlen, NULL, 0, NULL, 0); ++ /* This means we reuse derived value */ ++ if (dctx->xflags & DRBG_FLAG_CTR_USE_DF) { ++ adin = NULL; ++ adinlen = 1; ++ } ++ } else ++ adinlen = 0; ++ ++ for (;;) { ++ inc_128(cctx); ++ if (outlen < 16) { ++ /* Use K as temp space as it will be updated */ ++ AES_encrypt(cctx->V, cctx->K, &cctx->ks); ++ memcpy(out, cctx->K, outlen); ++ break; ++ } ++ AES_encrypt(cctx->V, out, &cctx->ks); ++ out += 16; ++ outlen -= 16; ++ if (outlen == 0) ++ break; ++ } ++ ++ ctr_Update(dctx, adin, adinlen, NULL, 0, NULL, 0); ++ ++ return 1; ++ ++} ++ ++static int drbg_ctr_uninstantiate(DRBG_CTX *dctx) ++{ ++ memset(&dctx->d.ctr, 0, sizeof(DRBG_CTR_CTX)); ++ return 1; ++} ++ ++int fips_drbg_ctr_init(DRBG_CTX *dctx) ++{ ++ DRBG_CTR_CTX *cctx = &dctx->d.ctr; ++ ++ size_t keylen; ++ ++ switch (dctx->type) { ++ case NID_aes_128_ctr: ++ keylen = 16; ++ break; ++ ++ case NID_aes_192_ctr: ++ keylen = 24; ++ break; ++ ++ case NID_aes_256_ctr: ++ keylen = 32; ++ break; ++ ++ default: ++ return -2; ++ } ++ ++ dctx->instantiate = drbg_ctr_instantiate; ++ dctx->reseed = drbg_ctr_reseed; ++ dctx->generate = drbg_ctr_generate; ++ dctx->uninstantiate = drbg_ctr_uninstantiate; ++ ++ cctx->keylen = keylen; ++ dctx->strength = keylen * 8; ++ dctx->blocklength = 16; ++ dctx->seedlen = keylen + 16; ++ ++ if (dctx->xflags & DRBG_FLAG_CTR_USE_DF) { ++ /* df initialisation */ ++ static unsigned char df_key[32] = { ++ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, ++ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, ++ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, ++ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f ++ }; ++ /* Set key schedule for df_key */ ++ AES_set_encrypt_key(df_key, dctx->strength, &cctx->df_ks); ++ ++ dctx->min_entropy = cctx->keylen; ++ dctx->max_entropy = DRBG_MAX_LENGTH; ++ dctx->min_nonce = dctx->min_entropy / 2; ++ dctx->max_nonce = DRBG_MAX_LENGTH; ++ dctx->max_pers = DRBG_MAX_LENGTH; ++ dctx->max_adin = DRBG_MAX_LENGTH; ++ } else { ++ dctx->min_entropy = dctx->seedlen; ++ dctx->max_entropy = dctx->seedlen; ++ /* Nonce not used */ ++ dctx->min_nonce = 0; ++ dctx->max_nonce = 0; ++ dctx->max_pers = dctx->seedlen; ++ dctx->max_adin = dctx->seedlen; ++ } ++ ++ dctx->max_request = 1 << 16; ++ dctx->reseed_interval = 1 << 24; ++ ++ return 1; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_hash.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips 2020-03-17 17:30:52.041567130 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_hash.c 2020-03-17 17:30:52.040567148 +0100 +@@ -0,0 +1,354 @@ ++/* fips/rand/fips_drbg_hash.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#define OPENSSL_FIPSAPI ++ ++#include ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include "fips_rand_lcl.h" ++ ++/* This is Hash_df from SP 800-90 10.4.1 */ ++ ++static int hash_df(DRBG_CTX *dctx, unsigned char *out, ++ const unsigned char *in1, size_t in1len, ++ const unsigned char *in2, size_t in2len, ++ const unsigned char *in3, size_t in3len, ++ const unsigned char *in4, size_t in4len) ++{ ++ EVP_MD_CTX *mctx = dctx->d.hash.mctx; ++ unsigned char *vtmp = dctx->d.hash.vtmp; ++ unsigned char tmp[6]; ++ /* Standard only ever needs seedlen bytes which is always less than ++ * maximum permitted so no need to check length. ++ */ ++ size_t outlen = dctx->seedlen; ++ tmp[0] = 1; ++ tmp[1] = ((outlen * 8) >> 24) & 0xff; ++ tmp[2] = ((outlen * 8) >> 16) & 0xff; ++ tmp[3] = ((outlen * 8) >> 8) & 0xff; ++ tmp[4] = (outlen * 8) & 0xff; ++ if (!in1) { ++ tmp[5] = (unsigned char)in1len; ++ in1 = tmp + 5; ++ in1len = 1; ++ } ++ for (;;) { ++ if (!FIPS_digestinit(mctx, dctx->d.hash.md)) ++ return 0; ++ if (!FIPS_digestupdate(mctx, tmp, 5)) ++ return 0; ++ if (in1 && !FIPS_digestupdate(mctx, in1, in1len)) ++ return 0; ++ if (in2 && !FIPS_digestupdate(mctx, in2, in2len)) ++ return 0; ++ if (in3 && !FIPS_digestupdate(mctx, in3, in3len)) ++ return 0; ++ if (in4 && !FIPS_digestupdate(mctx, in4, in4len)) ++ return 0; ++ if (outlen < dctx->blocklength) { ++ if (!FIPS_digestfinal(mctx, vtmp, NULL)) ++ return 0; ++ memcpy(out, vtmp, outlen); ++ OPENSSL_cleanse(vtmp, dctx->blocklength); ++ return 1; ++ } else if (!FIPS_digestfinal(mctx, out, NULL)) ++ return 0; ++ ++ outlen -= dctx->blocklength; ++ if (outlen == 0) ++ return 1; ++ tmp[0]++; ++ out += dctx->blocklength; ++ } ++} ++ ++/* Add an unsigned buffer to the buf value, storing the result in buf. For ++ * this algorithm the length of input never exceeds the seed length. ++ */ ++ ++static void ctx_add_buf(DRBG_CTX *dctx, unsigned char *buf, ++ unsigned char *in, size_t inlen) ++{ ++ size_t i = inlen; ++ const unsigned char *q; ++ unsigned char c, *p; ++ p = buf + dctx->seedlen; ++ q = in + inlen; ++ ++ OPENSSL_assert(i <= dctx->seedlen); ++ ++ /* Special case: zero length, just increment buffer */ ++ if (i) ++ c = 0; ++ else ++ c = 1; ++ ++ while (i) { ++ int r; ++ p--; ++ q--; ++ r = *p + *q + c; ++ /* Carry */ ++ if (r > 0xff) ++ c = 1; ++ else ++ c = 0; ++ *p = r & 0xff; ++ i--; ++ } ++ ++ i = dctx->seedlen - inlen; ++ ++ /* If not adding whole buffer handle final carries */ ++ if (c && i) { ++ do { ++ p--; ++ c = *p; ++ c++; ++ *p = c; ++ if (c) ++ return; ++ } while (i--); ++ } ++} ++ ++/* Finalise and add hash to V */ ++ ++static int ctx_add_md(DRBG_CTX *dctx) ++{ ++ if (!FIPS_digestfinal(dctx->d.hash.mctx, dctx->d.hash.vtmp, NULL)) ++ return 0; ++ ctx_add_buf(dctx, dctx->d.hash.V, dctx->d.hash.vtmp, dctx->blocklength); ++ return 1; ++} ++ ++static int hash_gen(DRBG_CTX *dctx, unsigned char *out, size_t outlen) ++{ ++ DRBG_HASH_CTX *hctx = &dctx->d.hash; ++ if (outlen == 0) ++ return 1; ++ memcpy(hctx->vtmp, hctx->V, dctx->seedlen); ++ for (;;) { ++ FIPS_digestinit(hctx->mctx, hctx->md); ++ FIPS_digestupdate(hctx->mctx, hctx->vtmp, dctx->seedlen); ++ if (outlen < dctx->blocklength) { ++ FIPS_digestfinal(hctx->mctx, hctx->vtmp, NULL); ++ memcpy(out, hctx->vtmp, outlen); ++ return 1; ++ } else { ++ FIPS_digestfinal(hctx->mctx, out, NULL); ++ outlen -= dctx->blocklength; ++ if (outlen == 0) ++ return 1; ++ out += dctx->blocklength; ++ } ++ ctx_add_buf(dctx, hctx->vtmp, NULL, 0); ++ } ++} ++ ++static int drbg_hash_instantiate(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t ent_len, ++ const unsigned char *nonce, size_t nonce_len, ++ const unsigned char *pstr, size_t pstr_len) ++{ ++ DRBG_HASH_CTX *hctx = &dctx->d.hash; ++ if (!hash_df(dctx, hctx->V, ++ ent, ent_len, nonce, nonce_len, pstr, pstr_len, NULL, 0)) ++ return 0; ++ if (!hash_df(dctx, hctx->C, ++ NULL, 0, hctx->V, dctx->seedlen, NULL, 0, NULL, 0)) ++ return 0; ++ ++#ifdef HASH_DRBG_TRACE ++ fprintf(stderr, "V+C after instantiate:\n"); ++ hexprint(stderr, hctx->V, dctx->seedlen); ++ hexprint(stderr, hctx->C, dctx->seedlen); ++#endif ++ return 1; ++} ++ ++static int drbg_hash_reseed(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t ent_len, ++ const unsigned char *adin, size_t adin_len) ++{ ++ DRBG_HASH_CTX *hctx = &dctx->d.hash; ++ /* V about to be updated so use C as output instead */ ++ if (!hash_df(dctx, hctx->C, ++ NULL, 1, hctx->V, dctx->seedlen, ++ ent, ent_len, adin, adin_len)) ++ return 0; ++ memcpy(hctx->V, hctx->C, dctx->seedlen); ++ if (!hash_df(dctx, hctx->C, NULL, 0, ++ hctx->V, dctx->seedlen, NULL, 0, NULL, 0)) ++ return 0; ++#ifdef HASH_DRBG_TRACE ++ fprintf(stderr, "V+C after reseed:\n"); ++ hexprint(stderr, hctx->V, dctx->seedlen); ++ hexprint(stderr, hctx->C, dctx->seedlen); ++#endif ++ return 1; ++} ++ ++static int drbg_hash_generate(DRBG_CTX *dctx, ++ unsigned char *out, size_t outlen, ++ const unsigned char *adin, size_t adin_len) ++{ ++ DRBG_HASH_CTX *hctx = &dctx->d.hash; ++ EVP_MD_CTX *mctx = hctx->mctx; ++ unsigned char tmp[4]; ++ if (adin && adin_len) { ++ tmp[0] = 2; ++ if (!FIPS_digestinit(mctx, hctx->md)) ++ return 0; ++ if (!EVP_DigestUpdate(mctx, tmp, 1)) ++ return 0; ++ if (!EVP_DigestUpdate(mctx, hctx->V, dctx->seedlen)) ++ return 0; ++ if (!EVP_DigestUpdate(mctx, adin, adin_len)) ++ return 0; ++ if (!ctx_add_md(dctx)) ++ return 0; ++ } ++ if (!hash_gen(dctx, out, outlen)) ++ return 0; ++ ++ tmp[0] = 3; ++ if (!FIPS_digestinit(mctx, hctx->md)) ++ return 0; ++ if (!EVP_DigestUpdate(mctx, tmp, 1)) ++ return 0; ++ if (!EVP_DigestUpdate(mctx, hctx->V, dctx->seedlen)) ++ return 0; ++ ++ if (!ctx_add_md(dctx)) ++ return 0; ++ ++ ctx_add_buf(dctx, hctx->V, hctx->C, dctx->seedlen); ++ ++ tmp[0] = (dctx->reseed_counter >> 24) & 0xff; ++ tmp[1] = (dctx->reseed_counter >> 16) & 0xff; ++ tmp[2] = (dctx->reseed_counter >> 8) & 0xff; ++ tmp[3] = dctx->reseed_counter & 0xff; ++ ctx_add_buf(dctx, hctx->V, tmp, 4); ++#ifdef HASH_DRBG_TRACE ++ fprintf(stderr, "V+C after generate:\n"); ++ hexprint(stderr, hctx->V, dctx->seedlen); ++ hexprint(stderr, hctx->C, dctx->seedlen); ++#endif ++ return 1; ++} ++ ++static int drbg_hash_uninstantiate(DRBG_CTX *dctx) ++{ ++ EVP_MD_CTX_free(dctx->d.hash.mctx); ++ OPENSSL_cleanse(&dctx->d.hash, sizeof(DRBG_HASH_CTX)); ++ return 1; ++} ++ ++int fips_drbg_hash_init(DRBG_CTX *dctx) ++{ ++ const EVP_MD *md; ++ DRBG_HASH_CTX *hctx = &dctx->d.hash; ++ md = EVP_get_digestbynid(dctx->type); ++ if (!md) ++ return -2; ++ switch (dctx->type) { ++ case NID_sha1: ++ dctx->strength = 128; ++ break; ++ ++ case NID_sha224: ++ dctx->strength = 192; ++ break; ++ ++ default: ++ dctx->strength = 256; ++ break; ++ } ++ ++ dctx->instantiate = drbg_hash_instantiate; ++ dctx->reseed = drbg_hash_reseed; ++ dctx->generate = drbg_hash_generate; ++ dctx->uninstantiate = drbg_hash_uninstantiate; ++ ++ dctx->d.hash.md = md; ++ hctx->mctx = EVP_MD_CTX_new(); ++ if (hctx->mctx == NULL) ++ return -1; ++ ++ /* These are taken from SP 800-90 10.1 table 2 */ ++ ++ dctx->blocklength = EVP_MD_size(md); ++ if (dctx->blocklength > 32) ++ dctx->seedlen = 111; ++ else ++ dctx->seedlen = 55; ++ ++ dctx->min_entropy = dctx->strength / 8; ++ dctx->max_entropy = DRBG_MAX_LENGTH; ++ ++ dctx->min_nonce = dctx->min_entropy / 2; ++ dctx->max_nonce = DRBG_MAX_LENGTH; ++ ++ dctx->max_pers = DRBG_MAX_LENGTH; ++ dctx->max_adin = DRBG_MAX_LENGTH; ++ ++ dctx->max_request = 1 << 16; ++ dctx->reseed_interval = 1 << 24; ++ ++ return 1; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips 2020-03-17 17:30:52.042567113 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c 2020-03-17 17:30:52.042567113 +0100 +@@ -0,0 +1,262 @@ ++/* fips/rand/fips_drbg_hmac.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "fips_rand_lcl.h" ++ ++static int drbg_hmac_update(DRBG_CTX *dctx, ++ const unsigned char *in1, size_t in1len, ++ const unsigned char *in2, size_t in2len, ++ const unsigned char *in3, size_t in3len) ++{ ++ static unsigned char c0 = 0, c1 = 1; ++ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; ++ HMAC_CTX *hctx = hmac->hctx; ++ ++ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) ++ return 0; ++ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) ++ return 0; ++ if (!HMAC_Update(hctx, &c0, 1)) ++ return 0; ++ if (in1len && !HMAC_Update(hctx, in1, in1len)) ++ return 0; ++ if (in2len && !HMAC_Update(hctx, in2, in2len)) ++ return 0; ++ if (in3len && !HMAC_Update(hctx, in3, in3len)) ++ return 0; ++ ++ if (!HMAC_Final(hctx, hmac->K, NULL)) ++ return 0; ++ ++ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) ++ return 0; ++ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) ++ return 0; ++ ++ if (!HMAC_Final(hctx, hmac->V, NULL)) ++ return 0; ++ ++ if (!in1len && !in2len && !in3len) ++ return 1; ++ ++ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) ++ return 0; ++ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) ++ return 0; ++ if (!HMAC_Update(hctx, &c1, 1)) ++ return 0; ++ if (in1len && !HMAC_Update(hctx, in1, in1len)) ++ return 0; ++ if (in2len && !HMAC_Update(hctx, in2, in2len)) ++ return 0; ++ if (in3len && !HMAC_Update(hctx, in3, in3len)) ++ return 0; ++ ++ if (!HMAC_Final(hctx, hmac->K, NULL)) ++ return 0; ++ ++ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) ++ return 0; ++ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) ++ return 0; ++ ++ if (!HMAC_Final(hctx, hmac->V, NULL)) ++ return 0; ++ ++ return 1; ++ ++} ++ ++static int drbg_hmac_instantiate(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t ent_len, ++ const unsigned char *nonce, size_t nonce_len, ++ const unsigned char *pstr, size_t pstr_len) ++{ ++ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; ++ memset(hmac->K, 0, dctx->blocklength); ++ memset(hmac->V, 1, dctx->blocklength); ++ if (!drbg_hmac_update(dctx, ++ ent, ent_len, nonce, nonce_len, pstr, pstr_len)) ++ return 0; ++ ++#ifdef HMAC_DRBG_TRACE ++ fprintf(stderr, "K+V after instantiate:\n"); ++ hexprint(stderr, hmac->K, hmac->blocklength); ++ hexprint(stderr, hmac->V, hmac->blocklength); ++#endif ++ return 1; ++} ++ ++static int drbg_hmac_reseed(DRBG_CTX *dctx, ++ const unsigned char *ent, size_t ent_len, ++ const unsigned char *adin, size_t adin_len) ++{ ++ if (!drbg_hmac_update(dctx, ent, ent_len, adin, adin_len, NULL, 0)) ++ return 0; ++ ++#ifdef HMAC_DRBG_TRACE ++ { ++ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; ++ fprintf(stderr, "K+V after reseed:\n"); ++ hexprint(stderr, hmac->K, hmac->blocklength); ++ hexprint(stderr, hmac->V, hmac->blocklength); ++ } ++#endif ++ return 1; ++} ++ ++static int drbg_hmac_generate(DRBG_CTX *dctx, ++ unsigned char *out, size_t outlen, ++ const unsigned char *adin, size_t adin_len) ++{ ++ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; ++ HMAC_CTX *hctx = hmac->hctx; ++ const unsigned char *Vtmp = hmac->V; ++ if (adin_len && !drbg_hmac_update(dctx, adin, adin_len, NULL, 0, NULL, 0)) ++ return 0; ++ for (;;) { ++ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) ++ return 0; ++ if (!HMAC_Update(hctx, Vtmp, dctx->blocklength)) ++ return 0; ++ if (outlen > dctx->blocklength) { ++ if (!HMAC_Final(hctx, out, NULL)) ++ return 0; ++ Vtmp = out; ++ } else { ++ if (!HMAC_Final(hctx, hmac->V, NULL)) ++ return 0; ++ memcpy(out, hmac->V, outlen); ++ break; ++ } ++ out += dctx->blocklength; ++ outlen -= dctx->blocklength; ++ } ++ if (!drbg_hmac_update(dctx, adin, adin_len, NULL, 0, NULL, 0)) ++ return 0; ++ ++ return 1; ++} ++ ++static int drbg_hmac_uninstantiate(DRBG_CTX *dctx) ++{ ++ HMAC_CTX_free(dctx->d.hmac.hctx); ++ OPENSSL_cleanse(&dctx->d.hmac, sizeof(DRBG_HMAC_CTX)); ++ return 1; ++} ++ ++int fips_drbg_hmac_init(DRBG_CTX *dctx) ++{ ++ const EVP_MD *md = NULL; ++ DRBG_HMAC_CTX *hctx = &dctx->d.hmac; ++ dctx->strength = 256; ++ switch (dctx->type) { ++ case NID_hmacWithSHA1: ++ md = EVP_sha1(); ++ dctx->strength = 128; ++ break; ++ ++ case NID_hmacWithSHA224: ++ md = EVP_sha224(); ++ dctx->strength = 192; ++ break; ++ ++ case NID_hmacWithSHA256: ++ md = EVP_sha256(); ++ break; ++ ++ case NID_hmacWithSHA384: ++ md = EVP_sha384(); ++ break; ++ ++ case NID_hmacWithSHA512: ++ md = EVP_sha512(); ++ break; ++ ++ default: ++ dctx->strength = 0; ++ return -2; ++ } ++ dctx->instantiate = drbg_hmac_instantiate; ++ dctx->reseed = drbg_hmac_reseed; ++ dctx->generate = drbg_hmac_generate; ++ dctx->uninstantiate = drbg_hmac_uninstantiate; ++ hctx->hctx = HMAC_CTX_new(); ++ if (hctx->hctx == NULL) ++ return -1; ++ hctx->md = md; ++ dctx->blocklength = M_EVP_MD_size(md); ++ dctx->seedlen = M_EVP_MD_size(md); ++ ++ dctx->min_entropy = dctx->strength / 8; ++ dctx->max_entropy = DRBG_MAX_LENGTH; ++ ++ dctx->min_nonce = dctx->min_entropy / 2; ++ dctx->max_nonce = DRBG_MAX_LENGTH; ++ ++ dctx->max_pers = DRBG_MAX_LENGTH; ++ dctx->max_adin = DRBG_MAX_LENGTH; ++ ++ dctx->max_request = 1 << 16; ++ dctx->reseed_interval = 1 << 24; ++ ++ return 1; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_lib.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips 2020-03-17 17:30:52.043567095 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_lib.c 2020-03-17 17:30:52.043567095 +0100 +@@ -0,0 +1,528 @@ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#include ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include "fips_locl.h" ++#include "fips_rand_lcl.h" ++ ++/* Support framework for SP800-90 DRBGs */ ++ ++int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags) ++{ ++ int rv; ++ memset(dctx, 0, sizeof(DRBG_CTX)); ++ dctx->status = DRBG_STATUS_UNINITIALISED; ++ dctx->xflags = flags; ++ dctx->type = type; ++ ++ dctx->iflags = 0; ++ dctx->entropy_blocklen = 0; ++ dctx->health_check_cnt = 0; ++ dctx->health_check_interval = DRBG_HEALTH_INTERVAL; ++ ++ rv = fips_drbg_hash_init(dctx); ++ ++ if (rv == -2) ++ rv = fips_drbg_ctr_init(dctx); ++ if (rv == -2) ++ rv = fips_drbg_hmac_init(dctx); ++ ++ if (rv <= 0) { ++ if (rv == -2) ++ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_UNSUPPORTED_DRBG_TYPE); ++ else ++ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_ERROR_INITIALISING_DRBG); ++ } ++ ++ /* If not in test mode run selftests on DRBG of the same type */ ++ ++ if (!(dctx->xflags & DRBG_FLAG_TEST)) { ++ if (!FIPS_drbg_health_check(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_SELFTEST_FAILURE); ++ return 0; ++ } ++ } ++ ++ return rv; ++} ++ ++DRBG_CTX *FIPS_drbg_new(int type, unsigned int flags) ++{ ++ DRBG_CTX *dctx; ++ dctx = OPENSSL_malloc(sizeof(DRBG_CTX)); ++ if (!dctx) { ++ FIPSerr(FIPS_F_FIPS_DRBG_NEW, ERR_R_MALLOC_FAILURE); ++ return NULL; ++ } ++ ++ if (type == 0) { ++ memset(dctx, 0, sizeof(DRBG_CTX)); ++ dctx->type = 0; ++ dctx->status = DRBG_STATUS_UNINITIALISED; ++ return dctx; ++ } ++ ++ if (FIPS_drbg_init(dctx, type, flags) <= 0) { ++ OPENSSL_free(dctx); ++ return NULL; ++ } ++ ++ return dctx; ++} ++ ++void FIPS_drbg_free(DRBG_CTX *dctx) ++{ ++ if (dctx->uninstantiate) ++ dctx->uninstantiate(dctx); ++ /* Don't free up default DRBG */ ++ if (dctx == FIPS_get_default_drbg()) { ++ memset(dctx, 0, sizeof(DRBG_CTX)); ++ dctx->type = 0; ++ dctx->status = DRBG_STATUS_UNINITIALISED; ++ } else { ++ OPENSSL_cleanse(&dctx->d, sizeof(dctx->d)); ++ OPENSSL_free(dctx); ++ } ++} ++ ++static size_t fips_get_entropy(DRBG_CTX *dctx, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len) ++{ ++ unsigned char *tout, *p; ++ size_t bl = dctx->entropy_blocklen, rv; ++ if (!dctx->get_entropy) ++ return 0; ++ if (dctx->xflags & DRBG_FLAG_TEST || !bl) ++ return dctx->get_entropy(dctx, pout, entropy, min_len, max_len); ++ rv = dctx->get_entropy(dctx, &tout, entropy + bl, ++ min_len + bl, max_len + bl); ++ if (tout == NULL) ++ return 0; ++ *pout = tout + bl; ++ if (rv < (min_len + bl) || (rv % bl)) ++ return 0; ++ /* Compare consecutive blocks for continuous PRNG test */ ++ for (p = tout; p < tout + rv - bl; p += bl) { ++ if (!memcmp(p, p + bl, bl)) { ++ FIPSerr(FIPS_F_FIPS_GET_ENTROPY, FIPS_R_ENTROPY_SOURCE_STUCK); ++ return 0; ++ } ++ } ++ rv -= bl; ++ if (rv > max_len) ++ return max_len; ++ return rv; ++} ++ ++static void fips_cleanup_entropy(DRBG_CTX *dctx, ++ unsigned char *out, size_t olen) ++{ ++ size_t bl; ++ if (dctx->xflags & DRBG_FLAG_TEST) ++ bl = 0; ++ else ++ bl = dctx->entropy_blocklen; ++ /* Call cleanup with original arguments */ ++ dctx->cleanup_entropy(dctx, out - bl, olen + bl); ++} ++ ++int FIPS_drbg_instantiate(DRBG_CTX *dctx, ++ const unsigned char *pers, size_t perslen) ++{ ++ size_t entlen = 0, noncelen = 0; ++ unsigned char *nonce = NULL, *entropy = NULL; ++ ++#if 0 ++ /* Put here so error script picks them up */ ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, ++ FIPS_R_PERSONALISATION_STRING_TOO_LONG); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_IN_ERROR_STATE); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_ALREADY_INSTANTIATED); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_ERROR_RETRIEVING_ENTROPY); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_ERROR_RETRIEVING_NONCE); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_INSTANTIATE_ERROR); ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_DRBG_NOT_INITIALISED); ++#endif ++ ++ int r = 0; ++ ++ if (perslen > dctx->max_pers) { ++ r = FIPS_R_PERSONALISATION_STRING_TOO_LONG; ++ goto end; ++ } ++ ++ if (!dctx->instantiate) { ++ r = FIPS_R_DRBG_NOT_INITIALISED; ++ goto end; ++ } ++ ++ if (dctx->status != DRBG_STATUS_UNINITIALISED) { ++ if (dctx->status == DRBG_STATUS_ERROR) ++ r = FIPS_R_IN_ERROR_STATE; ++ else ++ r = FIPS_R_ALREADY_INSTANTIATED; ++ goto end; ++ } ++ ++ dctx->status = DRBG_STATUS_ERROR; ++ ++ entlen = fips_get_entropy(dctx, &entropy, dctx->strength, ++ dctx->min_entropy, dctx->max_entropy); ++ ++ if (entlen < dctx->min_entropy || entlen > dctx->max_entropy) { ++ r = FIPS_R_ERROR_RETRIEVING_ENTROPY; ++ goto end; ++ } ++ ++ if (dctx->max_nonce > 0 && dctx->get_nonce) { ++ noncelen = dctx->get_nonce(dctx, &nonce, ++ dctx->strength / 2, ++ dctx->min_nonce, dctx->max_nonce); ++ ++ if (noncelen < dctx->min_nonce || noncelen > dctx->max_nonce) { ++ r = FIPS_R_ERROR_RETRIEVING_NONCE; ++ goto end; ++ } ++ ++ } ++ ++ if (!dctx->instantiate(dctx, ++ entropy, entlen, nonce, noncelen, pers, perslen)) { ++ r = FIPS_R_ERROR_INSTANTIATING_DRBG; ++ goto end; ++ } ++ ++ dctx->status = DRBG_STATUS_READY; ++ if (!(dctx->iflags & DRBG_CUSTOM_RESEED)) ++ dctx->reseed_counter = 1; ++ ++ end: ++ ++ if (entropy && dctx->cleanup_entropy) ++ fips_cleanup_entropy(dctx, entropy, entlen); ++ ++ if (nonce && dctx->cleanup_nonce) ++ dctx->cleanup_nonce(dctx, nonce, noncelen); ++ ++ if (dctx->status == DRBG_STATUS_READY) ++ return 1; ++ ++ if (r && !(dctx->iflags & DRBG_FLAG_NOERR)) ++ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, r); ++ ++ return 0; ++ ++} ++ ++static int drbg_reseed(DRBG_CTX *dctx, ++ const unsigned char *adin, size_t adinlen, int hcheck) ++{ ++ unsigned char *entropy = NULL; ++ size_t entlen = 0; ++ int r = 0; ++ ++#if 0 ++ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_NOT_INSTANTIATED); ++ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG); ++#endif ++ if (dctx->status != DRBG_STATUS_READY ++ && dctx->status != DRBG_STATUS_RESEED) { ++ if (dctx->status == DRBG_STATUS_ERROR) ++ r = FIPS_R_IN_ERROR_STATE; ++ else if (dctx->status == DRBG_STATUS_UNINITIALISED) ++ r = FIPS_R_NOT_INSTANTIATED; ++ goto end; ++ } ++ ++ if (!adin) ++ adinlen = 0; ++ else if (adinlen > dctx->max_adin) { ++ r = FIPS_R_ADDITIONAL_INPUT_TOO_LONG; ++ goto end; ++ } ++ ++ dctx->status = DRBG_STATUS_ERROR; ++ /* Peform health check on all reseed operations if not a prediction ++ * resistance request and not in test mode. ++ */ ++ if (hcheck && !(dctx->xflags & DRBG_FLAG_TEST)) { ++ if (!FIPS_drbg_health_check(dctx)) { ++ r = FIPS_R_SELFTEST_FAILURE; ++ goto end; ++ } ++ } ++ ++ entlen = fips_get_entropy(dctx, &entropy, dctx->strength, ++ dctx->min_entropy, dctx->max_entropy); ++ ++ if (entlen < dctx->min_entropy || entlen > dctx->max_entropy) { ++ r = FIPS_R_ERROR_RETRIEVING_ENTROPY; ++ goto end; ++ } ++ ++ if (!dctx->reseed(dctx, entropy, entlen, adin, adinlen)) ++ goto end; ++ ++ dctx->status = DRBG_STATUS_READY; ++ if (!(dctx->iflags & DRBG_CUSTOM_RESEED)) ++ dctx->reseed_counter = 1; ++ end: ++ ++ if (entropy && dctx->cleanup_entropy) ++ fips_cleanup_entropy(dctx, entropy, entlen); ++ ++ if (dctx->status == DRBG_STATUS_READY) ++ return 1; ++ ++ if (r && !(dctx->iflags & DRBG_FLAG_NOERR)) ++ FIPSerr(FIPS_F_DRBG_RESEED, r); ++ ++ return 0; ++} ++ ++int FIPS_drbg_reseed(DRBG_CTX *dctx, ++ const unsigned char *adin, size_t adinlen) ++{ ++ return drbg_reseed(dctx, adin, adinlen, 1); ++} ++ ++static int fips_drbg_check(DRBG_CTX *dctx) ++{ ++ if (dctx->xflags & DRBG_FLAG_TEST) ++ return 1; ++ dctx->health_check_cnt++; ++ if (dctx->health_check_cnt >= dctx->health_check_interval) { ++ if (!FIPS_drbg_health_check(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_CHECK, FIPS_R_SELFTEST_FAILURE); ++ return 0; ++ } ++ } ++ return 1; ++} ++ ++int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, ++ int prediction_resistance, ++ const unsigned char *adin, size_t adinlen) ++{ ++ int r = 0; ++ ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ if (!fips_drbg_check(dctx)) ++ return 0; ++ ++ if (dctx->status != DRBG_STATUS_READY ++ && dctx->status != DRBG_STATUS_RESEED) { ++ if (dctx->status == DRBG_STATUS_ERROR) ++ r = FIPS_R_IN_ERROR_STATE; ++ else if (dctx->status == DRBG_STATUS_UNINITIALISED) ++ r = FIPS_R_NOT_INSTANTIATED; ++ goto end; ++ } ++ ++ if (outlen > dctx->max_request) { ++ r = FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG; ++ return 0; ++ } ++ ++ if (adinlen > dctx->max_adin) { ++ r = FIPS_R_ADDITIONAL_INPUT_TOO_LONG; ++ goto end; ++ } ++ ++ if (dctx->iflags & DRBG_CUSTOM_RESEED) ++ dctx->generate(dctx, NULL, outlen, NULL, 0); ++ else if (dctx->reseed_counter >= dctx->reseed_interval) ++ dctx->status = DRBG_STATUS_RESEED; ++ ++ if (dctx->status == DRBG_STATUS_RESEED || prediction_resistance) { ++ /* If prediction resistance request don't do health check */ ++ int hcheck = prediction_resistance ? 0 : 1; ++ ++ if (!drbg_reseed(dctx, adin, adinlen, hcheck)) { ++ r = FIPS_R_RESEED_ERROR; ++ goto end; ++ } ++ adin = NULL; ++ adinlen = 0; ++ } ++ ++ if (!dctx->generate(dctx, out, outlen, adin, adinlen)) { ++ r = FIPS_R_GENERATE_ERROR; ++ dctx->status = DRBG_STATUS_ERROR; ++ goto end; ++ } ++ if (!(dctx->iflags & DRBG_CUSTOM_RESEED)) { ++ if (dctx->reseed_counter >= dctx->reseed_interval) ++ dctx->status = DRBG_STATUS_RESEED; ++ else ++ dctx->reseed_counter++; ++ } ++ ++ end: ++ if (r) { ++ if (!(dctx->iflags & DRBG_FLAG_NOERR)) ++ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, r); ++ return 0; ++ } ++ ++ return 1; ++} ++ ++int FIPS_drbg_uninstantiate(DRBG_CTX *dctx) ++{ ++ int rv; ++ if (!dctx->uninstantiate) ++ rv = 1; ++ else ++ rv = dctx->uninstantiate(dctx); ++ /* Although we'd like to cleanse here we can't because we have to ++ * test the uninstantiate really zeroes the data. ++ */ ++ memset(&dctx->d, 0, sizeof(dctx->d)); ++ dctx->status = DRBG_STATUS_UNINITIALISED; ++ /* If method has problems uninstantiating, return error */ ++ return rv; ++} ++ ++int FIPS_drbg_set_callbacks(DRBG_CTX *dctx, ++ size_t (*get_entropy) (DRBG_CTX *ctx, ++ unsigned char **pout, ++ int entropy, ++ size_t min_len, ++ size_t max_len), ++ void (*cleanup_entropy) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen), ++ size_t entropy_blocklen, ++ size_t (*get_nonce) (DRBG_CTX *ctx, ++ unsigned char **pout, ++ int entropy, size_t min_len, ++ size_t max_len), ++ void (*cleanup_nonce) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen)) ++{ ++ if (dctx->status != DRBG_STATUS_UNINITIALISED) ++ return 0; ++ dctx->entropy_blocklen = entropy_blocklen; ++ dctx->get_entropy = get_entropy; ++ dctx->cleanup_entropy = cleanup_entropy; ++ dctx->get_nonce = get_nonce; ++ dctx->cleanup_nonce = cleanup_nonce; ++ return 1; ++} ++ ++int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx, ++ size_t (*get_adin) (DRBG_CTX *ctx, ++ unsigned char **pout), ++ void (*cleanup_adin) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen), ++ int (*rand_seed_cb) (DRBG_CTX *ctx, ++ const void *buf, ++ int num), ++ int (*rand_add_cb) (DRBG_CTX *ctx, ++ const void *buf, int num, ++ double entropy)) ++{ ++ if (dctx->status != DRBG_STATUS_UNINITIALISED) ++ return 0; ++ dctx->get_adin = get_adin; ++ dctx->cleanup_adin = cleanup_adin; ++ dctx->rand_seed_cb = rand_seed_cb; ++ dctx->rand_add_cb = rand_add_cb; ++ return 1; ++} ++ ++void *FIPS_drbg_get_app_data(DRBG_CTX *dctx) ++{ ++ return dctx->app_data; ++} ++ ++void FIPS_drbg_set_app_data(DRBG_CTX *dctx, void *app_data) ++{ ++ dctx->app_data = app_data; ++} ++ ++size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx) ++{ ++ return dctx->blocklength; ++} ++ ++int FIPS_drbg_get_strength(DRBG_CTX *dctx) ++{ ++ return dctx->strength; ++} ++ ++void FIPS_drbg_set_check_interval(DRBG_CTX *dctx, int interval) ++{ ++ dctx->health_check_interval = interval; ++} ++ ++void FIPS_drbg_set_reseed_interval(DRBG_CTX *dctx, int interval) ++{ ++ dctx->reseed_interval = interval; ++} ++ ++void FIPS_drbg_stick(int onoff) ++{ ++ /* Just backwards compatibility API call with no effect. */ ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_rand.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips 2020-03-17 17:30:52.044567078 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_rand.c 2020-03-17 17:30:52.044567078 +0100 +@@ -0,0 +1,185 @@ ++/* fips/rand/fips_drbg_rand.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#include ++#include ++#include "internal/thread_once.h" ++#include ++#include ++#include ++#include ++#include "fips_rand_lcl.h" ++ ++/* Mapping of SP800-90 DRBGs to OpenSSL RAND_METHOD */ ++ ++/* Since we only have one global PRNG used at any time in OpenSSL use a global ++ * variable to store context. ++ */ ++ ++static DRBG_CTX ossl_dctx; ++ ++static CRYPTO_RWLOCK *fips_rand_lock = NULL; ++static CRYPTO_ONCE fips_rand_lock_init = CRYPTO_ONCE_STATIC_INIT; ++ ++DEFINE_RUN_ONCE_STATIC(do_fips_rand_lock_init) ++{ ++ fips_rand_lock = CRYPTO_THREAD_lock_new(); ++ return fips_rand_lock != NULL; ++} ++ ++DRBG_CTX *FIPS_get_default_drbg(void) ++{ ++ if (!RUN_ONCE(&fips_rand_lock_init, do_fips_rand_lock_init)) ++ return NULL; ++ return &ossl_dctx; ++} ++ ++static int fips_drbg_bytes(unsigned char *out, int count) ++{ ++ DRBG_CTX *dctx = &ossl_dctx; ++ int rv = 0; ++ unsigned char *adin = NULL; ++ size_t adinlen = 0; ++ CRYPTO_THREAD_write_lock(fips_rand_lock); ++ do { ++ size_t rcnt; ++ if (count > (int)dctx->max_request) ++ rcnt = dctx->max_request; ++ else ++ rcnt = count; ++ if (dctx->get_adin) { ++ adinlen = dctx->get_adin(dctx, &adin); ++ if (adinlen && !adin) { ++ FIPSerr(FIPS_F_FIPS_DRBG_BYTES, ++ FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT); ++ goto err; ++ } ++ } ++ rv = FIPS_drbg_generate(dctx, out, rcnt, 0, adin, adinlen); ++ if (adin) { ++ if (dctx->cleanup_adin) ++ dctx->cleanup_adin(dctx, adin, adinlen); ++ adin = NULL; ++ } ++ if (!rv) ++ goto err; ++ out += rcnt; ++ count -= rcnt; ++ } ++ while (count); ++ rv = 1; ++ err: ++ CRYPTO_THREAD_unlock(fips_rand_lock); ++ return rv; ++} ++ ++static int fips_drbg_pseudo(unsigned char *out, int count) ++{ ++ if (fips_drbg_bytes(out, count) <= 0) ++ return -1; ++ return 1; ++} ++ ++static int fips_drbg_status(void) ++{ ++ DRBG_CTX *dctx = &ossl_dctx; ++ int rv; ++ CRYPTO_THREAD_read_lock(fips_rand_lock); ++ rv = dctx->status == DRBG_STATUS_READY ? 1 : 0; ++ CRYPTO_THREAD_unlock(fips_rand_lock); ++ return rv; ++} ++ ++static void fips_drbg_cleanup(void) ++{ ++ DRBG_CTX *dctx = &ossl_dctx; ++ CRYPTO_THREAD_write_lock(fips_rand_lock); ++ FIPS_drbg_uninstantiate(dctx); ++ CRYPTO_THREAD_unlock(fips_rand_lock); ++} ++ ++static int fips_drbg_seed(const void *seed, int seedlen) ++{ ++ DRBG_CTX *dctx = &ossl_dctx; ++ int ret = 1; ++ CRYPTO_THREAD_write_lock(fips_rand_lock); ++ if (dctx->rand_seed_cb) ++ ret = dctx->rand_seed_cb(dctx, seed, seedlen); ++ CRYPTO_THREAD_unlock(fips_rand_lock); ++ return ret; ++} ++ ++static int fips_drbg_add(const void *seed, int seedlen, double add_entropy) ++{ ++ DRBG_CTX *dctx = &ossl_dctx; ++ int ret = 1; ++ CRYPTO_THREAD_write_lock(fips_rand_lock); ++ if (dctx->rand_add_cb) ++ ret = dctx->rand_add_cb(dctx, seed, seedlen, add_entropy); ++ CRYPTO_THREAD_unlock(fips_rand_lock); ++ return ret; ++} ++ ++static const RAND_METHOD rand_drbg_meth = { ++ fips_drbg_seed, ++ fips_drbg_bytes, ++ fips_drbg_cleanup, ++ fips_drbg_add, ++ fips_drbg_pseudo, ++ fips_drbg_status ++}; ++ ++const RAND_METHOD *FIPS_drbg_method(void) ++{ ++ return &rand_drbg_meth; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips 2020-03-17 17:30:52.044567078 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c 2020-03-17 17:30:52.044567078 +0100 +@@ -0,0 +1,828 @@ ++/* fips/rand/fips_drbg_selftest.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include "fips_rand_lcl.h" ++#include "fips_locl.h" ++ ++#include "fips_drbg_selftest.h" ++ ++typedef struct { ++ int post; ++ int nid; ++ unsigned int flags; ++ ++ /* KAT data for no PR */ ++ const unsigned char *ent; ++ size_t entlen; ++ const unsigned char *nonce; ++ size_t noncelen; ++ const unsigned char *pers; ++ size_t perslen; ++ const unsigned char *adin; ++ size_t adinlen; ++ const unsigned char *entreseed; ++ size_t entreseedlen; ++ const unsigned char *adinreseed; ++ size_t adinreseedlen; ++ const unsigned char *adin2; ++ size_t adin2len; ++ const unsigned char *kat; ++ size_t katlen; ++ const unsigned char *kat2; ++ size_t kat2len; ++ ++ /* KAT data for PR */ ++ const unsigned char *ent_pr; ++ size_t entlen_pr; ++ const unsigned char *nonce_pr; ++ size_t noncelen_pr; ++ const unsigned char *pers_pr; ++ size_t perslen_pr; ++ const unsigned char *adin_pr; ++ size_t adinlen_pr; ++ const unsigned char *entpr_pr; ++ size_t entprlen_pr; ++ const unsigned char *ading_pr; ++ size_t adinglen_pr; ++ const unsigned char *entg_pr; ++ size_t entglen_pr; ++ const unsigned char *kat_pr; ++ size_t katlen_pr; ++ const unsigned char *kat2_pr; ++ size_t kat2len_pr; ++ ++} DRBG_SELFTEST_DATA; ++ ++#define make_drbg_test_data(nid, flag, pr, p) {p, nid, flag | DRBG_FLAG_TEST, \ ++ pr##_entropyinput, sizeof(pr##_entropyinput), \ ++ pr##_nonce, sizeof(pr##_nonce), \ ++ pr##_personalizationstring, sizeof(pr##_personalizationstring), \ ++ pr##_additionalinput, sizeof(pr##_additionalinput), \ ++ pr##_entropyinputreseed, sizeof(pr##_entropyinputreseed), \ ++ pr##_additionalinputreseed, sizeof(pr##_additionalinputreseed), \ ++ pr##_additionalinput2, sizeof(pr##_additionalinput2), \ ++ pr##_int_returnedbits, sizeof(pr##_int_returnedbits), \ ++ pr##_returnedbits, sizeof(pr##_returnedbits), \ ++ pr##_pr_entropyinput, sizeof(pr##_pr_entropyinput), \ ++ pr##_pr_nonce, sizeof(pr##_pr_nonce), \ ++ pr##_pr_personalizationstring, sizeof(pr##_pr_personalizationstring), \ ++ pr##_pr_additionalinput, sizeof(pr##_pr_additionalinput), \ ++ pr##_pr_entropyinputpr, sizeof(pr##_pr_entropyinputpr), \ ++ pr##_pr_additionalinput2, sizeof(pr##_pr_additionalinput2), \ ++ pr##_pr_entropyinputpr2, sizeof(pr##_pr_entropyinputpr2), \ ++ pr##_pr_int_returnedbits, sizeof(pr##_pr_int_returnedbits), \ ++ pr##_pr_returnedbits, sizeof(pr##_pr_returnedbits), \ ++ } ++ ++#define make_drbg_test_data_df(nid, pr, p) \ ++ make_drbg_test_data(nid, DRBG_FLAG_CTR_USE_DF, pr, p) ++ ++#define make_drbg_test_data_ec(curve, md, pr, p) \ ++ make_drbg_test_data((curve << 16) | md , 0, pr, p) ++ ++static DRBG_SELFTEST_DATA drbg_test[] = { ++ make_drbg_test_data_df(NID_aes_128_ctr, aes_128_use_df, 0), ++ make_drbg_test_data_df(NID_aes_192_ctr, aes_192_use_df, 0), ++ make_drbg_test_data_df(NID_aes_256_ctr, aes_256_use_df, 1), ++ make_drbg_test_data(NID_aes_128_ctr, 0, aes_128_no_df, 0), ++ make_drbg_test_data(NID_aes_192_ctr, 0, aes_192_no_df, 0), ++ make_drbg_test_data(NID_aes_256_ctr, 0, aes_256_no_df, 1), ++ make_drbg_test_data(NID_sha1, 0, sha1, 0), ++ make_drbg_test_data(NID_sha224, 0, sha224, 0), ++ make_drbg_test_data(NID_sha256, 0, sha256, 1), ++ make_drbg_test_data(NID_sha384, 0, sha384, 0), ++ make_drbg_test_data(NID_sha512, 0, sha512, 0), ++ make_drbg_test_data(NID_hmacWithSHA1, 0, hmac_sha1, 0), ++ make_drbg_test_data(NID_hmacWithSHA224, 0, hmac_sha224, 0), ++ make_drbg_test_data(NID_hmacWithSHA256, 0, hmac_sha256, 1), ++ make_drbg_test_data(NID_hmacWithSHA384, 0, hmac_sha384, 0), ++ make_drbg_test_data(NID_hmacWithSHA512, 0, hmac_sha512, 0), ++ {0, 0, 0} ++}; ++ ++typedef struct { ++ const unsigned char *ent; ++ size_t entlen; ++ int entcnt; ++ const unsigned char *nonce; ++ size_t noncelen; ++ int noncecnt; ++} TEST_ENT; ++ ++static size_t test_entropy(DRBG_CTX *dctx, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len) ++{ ++ TEST_ENT *t = FIPS_drbg_get_app_data(dctx); ++ *pout = (unsigned char *)t->ent; ++ t->entcnt++; ++ return t->entlen; ++} ++ ++static size_t test_nonce(DRBG_CTX *dctx, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len) ++{ ++ TEST_ENT *t = FIPS_drbg_get_app_data(dctx); ++ *pout = (unsigned char *)t->nonce; ++ t->noncecnt++; ++ return t->noncelen; ++} ++ ++static int fips_drbg_single_kat(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td, ++ int quick) ++{ ++ TEST_ENT t; ++ int rv = 0; ++ size_t adinlen; ++ unsigned char randout[1024]; ++ ++ /* Initial test without PR */ ++ ++ /* Instantiate DRBG with test entropy, nonce and personalisation ++ * string. ++ */ ++ ++ if (!FIPS_drbg_init(dctx, td->nid, td->flags)) ++ return 0; ++ if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0, test_nonce, 0)) ++ return 0; ++ ++ FIPS_drbg_set_app_data(dctx, &t); ++ ++ t.ent = td->ent; ++ t.entlen = td->entlen; ++ t.nonce = td->nonce; ++ t.noncelen = td->noncelen; ++ t.entcnt = 0; ++ t.noncecnt = 0; ++ ++ if (!FIPS_drbg_instantiate(dctx, td->pers, td->perslen)) ++ goto err; ++ ++ /* Note for CTR without DF some additional input values ++ * ignore bytes after the keylength: so reduce adinlen ++ * to half to ensure invalid data is fed in. ++ */ ++ if (!fips_post_corrupt(FIPS_TEST_DRBG, dctx->type, &dctx->iflags)) ++ adinlen = td->adinlen / 2; ++ else ++ adinlen = td->adinlen; ++ ++ /* Generate with no PR and verify output matches expected data */ ++ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, td->adin, adinlen)) ++ goto err; ++ ++ if (memcmp(randout, td->kat, td->katlen)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_NOPR_TEST1_FAILURE); ++ goto err2; ++ } ++ /* If abbreviated POST end of test */ ++ if (quick) { ++ rv = 1; ++ goto err; ++ } ++ /* Reseed DRBG with test entropy and additional input */ ++ t.ent = td->entreseed; ++ t.entlen = td->entreseedlen; ++ ++ if (!FIPS_drbg_reseed(dctx, td->adinreseed, td->adinreseedlen)) ++ goto err; ++ ++ /* Generate with no PR and verify output matches expected data */ ++ if (!FIPS_drbg_generate(dctx, randout, td->kat2len, 0, ++ td->adin2, td->adin2len)) ++ goto err; ++ ++ if (memcmp(randout, td->kat2, td->kat2len)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_NOPR_TEST2_FAILURE); ++ goto err2; ++ } ++ ++ FIPS_drbg_uninstantiate(dctx); ++ ++ /* Now test with PR */ ++ ++ /* Instantiate DRBG with test entropy, nonce and personalisation ++ * string. ++ */ ++ if (!FIPS_drbg_init(dctx, td->nid, td->flags)) ++ return 0; ++ if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0, test_nonce, 0)) ++ return 0; ++ ++ FIPS_drbg_set_app_data(dctx, &t); ++ ++ t.ent = td->ent_pr; ++ t.entlen = td->entlen_pr; ++ t.nonce = td->nonce_pr; ++ t.noncelen = td->noncelen_pr; ++ t.entcnt = 0; ++ t.noncecnt = 0; ++ ++ if (!FIPS_drbg_instantiate(dctx, td->pers_pr, td->perslen_pr)) ++ goto err; ++ ++ /* Now generate with PR: we need to supply entropy as this will ++ * perform a reseed operation. Check output matches expected value. ++ */ ++ ++ t.ent = td->entpr_pr; ++ t.entlen = td->entprlen_pr; ++ ++ /* Note for CTR without DF some additional input values ++ * ignore bytes after the keylength: so reduce adinlen ++ * to half to ensure invalid data is fed in. ++ */ ++ if (!fips_post_corrupt(FIPS_TEST_DRBG, dctx->type, &dctx->iflags)) ++ adinlen = td->adinlen_pr / 2; ++ else ++ adinlen = td->adinlen_pr; ++ if (!FIPS_drbg_generate(dctx, randout, td->katlen_pr, 1, ++ td->adin_pr, adinlen)) ++ goto err; ++ ++ if (memcmp(randout, td->kat_pr, td->katlen_pr)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_PR_TEST1_FAILURE); ++ goto err2; ++ } ++ ++ /* Now generate again with PR: supply new entropy again. ++ * Check output matches expected value. ++ */ ++ ++ t.ent = td->entg_pr; ++ t.entlen = td->entglen_pr; ++ ++ if (!FIPS_drbg_generate(dctx, randout, td->kat2len_pr, 1, ++ td->ading_pr, td->adinglen_pr)) ++ goto err; ++ ++ if (memcmp(randout, td->kat2_pr, td->kat2len_pr)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_PR_TEST2_FAILURE); ++ goto err2; ++ } ++ /* All OK, test complete */ ++ rv = 1; ++ ++ err: ++ if (rv == 0) ++ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_SELFTEST_FAILED); ++ err2: ++ FIPS_drbg_uninstantiate(dctx); ++ ++ return rv; ++ ++} ++ ++/* Initialise a DRBG based on selftest data */ ++ ++static int do_drbg_init(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td, TEST_ENT * t) ++{ ++ ++ if (!FIPS_drbg_init(dctx, td->nid, td->flags)) ++ return 0; ++ ++ if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0, test_nonce, 0)) ++ return 0; ++ ++ FIPS_drbg_set_app_data(dctx, t); ++ ++ t->ent = td->ent; ++ t->entlen = td->entlen; ++ t->nonce = td->nonce; ++ t->noncelen = td->noncelen; ++ t->entcnt = 0; ++ t->noncecnt = 0; ++ return 1; ++} ++ ++/* Initialise and instantiate DRBG based on selftest data */ ++static int do_drbg_instantiate(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td, ++ TEST_ENT * t) ++{ ++ if (!do_drbg_init(dctx, td, t)) ++ return 0; ++ if (!FIPS_drbg_instantiate(dctx, td->pers, td->perslen)) ++ return 0; ++ ++ return 1; ++} ++ ++/* This function performs extensive error checking as required by SP800-90. ++ * Induce several failure modes and check an error condition is set. ++ * This function along with fips_drbg_single_kat peforms the health checking ++ * operation. ++ */ ++ ++static int fips_drbg_error_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td) ++{ ++ unsigned char randout[1024]; ++ TEST_ENT t; ++ size_t i; ++ unsigned int reseed_counter_tmp; ++ unsigned char *p = (unsigned char *)dctx; ++ ++ /* Initialise DRBG */ ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ /* Don't report induced errors */ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ /* Personalisation string tests */ ++ ++ /* Test detection of too large personlisation string */ ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, dctx->max_pers + 1) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_PERSONALISATION_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ /* Entropy source tests */ ++ ++ /* Test entropy source failure detecion: i.e. returns no data */ ++ ++ t.entlen = 0; ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ /* Try to generate output from uninstantiated DRBG */ ++ if (FIPS_drbg_generate(dctx, randout, td->katlen, 0, ++ td->adin, td->adinlen)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_GENERATE_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ /* Test insufficient entropy */ ++ ++ t.entlen = dctx->min_entropy - 1; ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Test too much entropy */ ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ t.entlen = dctx->max_entropy + 1; ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Nonce tests */ ++ ++ /* Test too small nonce */ ++ ++ if (dctx->min_nonce) { ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ t.noncelen = dctx->min_nonce - 1; ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_NONCE_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ } ++ ++ /* Test too large nonce */ ++ ++ if (dctx->max_nonce) { ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ t.noncelen = dctx->max_nonce + 1; ++ ++ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_NONCE_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ } ++ ++ /* Instantiate with valid data. */ ++ if (!do_drbg_instantiate(dctx, td, &t)) ++ goto err; ++ ++ /* Check generation is now OK */ ++ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, ++ td->adin, td->adinlen)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ /* Request too much data for one request */ ++ if (FIPS_drbg_generate(dctx, randout, dctx->max_request + 1, 0, ++ td->adin, td->adinlen)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ /* Try too large additional input */ ++ if (FIPS_drbg_generate(dctx, randout, td->katlen, 0, ++ td->adin, dctx->max_adin + 1)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ /* Check prediction resistance request fails if entropy source ++ * failure. ++ */ ++ ++ t.entlen = 0; ++ ++ if (FIPS_drbg_generate(dctx, randout, td->katlen, 1, ++ td->adin, td->adinlen)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Instantiate again with valid data */ ++ ++ if (!do_drbg_instantiate(dctx, td, &t)) ++ goto err; ++ /* Test reseed counter works */ ++ /* Save initial reseed counter */ ++ reseed_counter_tmp = dctx->reseed_counter; ++ /* Set reseed counter to beyond interval */ ++ dctx->reseed_counter = dctx->reseed_interval; ++ ++ /* Generate output and check entropy has been requested for reseed */ ++ t.entcnt = 0; ++ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, ++ td->adin, td->adinlen)) ++ goto err; ++ if (t.entcnt != 1) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED); ++ goto err; ++ } ++ /* Check reseed counter has been reset */ ++ if (dctx->reseed_counter != reseed_counter_tmp + 1) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_RESEED_COUNTER_ERROR); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Check prediction resistance request fails if entropy source ++ * failure. ++ */ ++ ++ t.entlen = 0; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ if (FIPS_drbg_generate(dctx, randout, td->katlen, 1, ++ td->adin, td->adinlen)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ if (!do_drbg_instantiate(dctx, td, &t)) ++ goto err; ++ /* Test reseed counter works */ ++ /* Save initial reseed counter */ ++ reseed_counter_tmp = dctx->reseed_counter; ++ /* Set reseed counter to beyond interval */ ++ dctx->reseed_counter = dctx->reseed_interval; ++ ++ /* Generate output and check entropy has been requested for reseed */ ++ t.entcnt = 0; ++ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, ++ td->adin, td->adinlen)) ++ goto err; ++ if (t.entcnt != 1) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED); ++ goto err; ++ } ++ /* Check reseed counter has been reset */ ++ if (dctx->reseed_counter != reseed_counter_tmp + 1) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_RESEED_COUNTER_ERROR); ++ goto err; ++ } ++ ++ dctx->iflags &= ~DRBG_FLAG_NOERR; ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Explicit reseed tests */ ++ ++ /* Test explicit reseed with too large additional input */ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ if (FIPS_drbg_reseed(dctx, td->adin, dctx->max_adin + 1) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ /* Test explicit reseed with entropy source failure */ ++ ++ t.entlen = 0; ++ ++ if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Test explicit reseed with too much entropy */ ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ t.entlen = dctx->max_entropy + 1; ++ ++ if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ /* Test explicit reseed with too little entropy */ ++ ++ if (!do_drbg_init(dctx, td, &t)) ++ goto err; ++ ++ dctx->iflags |= DRBG_FLAG_NOERR; ++ ++ t.entlen = dctx->min_entropy - 1; ++ ++ if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_ENTROPY_ERROR_UNDETECTED); ++ goto err; ++ } ++ ++ if (!FIPS_drbg_uninstantiate(dctx)) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); ++ goto err; ++ } ++ ++ p = (unsigned char *)&dctx->d; ++ /* Standard says we have to check uninstantiate really zeroes ++ * the data... ++ */ ++ for (i = 0; i < sizeof(dctx->d); i++) { ++ if (*p != 0) { ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, ++ FIPS_R_UNINSTANTIATE_ZEROISE_ERROR); ++ goto err; ++ } ++ p++; ++ } ++ ++ return 1; ++ ++ err: ++ /* A real error as opposed to an induced one: underlying function will ++ * indicate the error. ++ */ ++ if (!(dctx->iflags & DRBG_FLAG_NOERR)) ++ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_FUNCTION_ERROR); ++ FIPS_drbg_uninstantiate(dctx); ++ return 0; ++ ++} ++ ++int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags) ++{ ++ DRBG_SELFTEST_DATA *td; ++ flags |= DRBG_FLAG_TEST; ++ for (td = drbg_test; td->nid != 0; td++) { ++ if (td->nid == nid && td->flags == flags) { ++ if (!fips_drbg_single_kat(dctx, td, 0)) ++ return 0; ++ return fips_drbg_error_check(dctx, td); ++ } ++ } ++ return 0; ++} ++ ++int FIPS_drbg_health_check(DRBG_CTX *dctx) ++{ ++ int rv; ++ DRBG_CTX *tctx = NULL; ++ tctx = FIPS_drbg_new(0, 0); ++ fips_post_started(FIPS_TEST_DRBG, dctx->type, &dctx->xflags); ++ if (!tctx) ++ return 0; ++ rv = fips_drbg_kat(tctx, dctx->type, dctx->xflags); ++ if (tctx) ++ FIPS_drbg_free(tctx); ++ if (rv) ++ fips_post_success(FIPS_TEST_DRBG, dctx->type, &dctx->xflags); ++ else ++ fips_post_failed(FIPS_TEST_DRBG, dctx->type, &dctx->xflags); ++ if (!rv) ++ dctx->status = DRBG_STATUS_ERROR; ++ else ++ dctx->health_check_cnt = 0; ++ return rv; ++} ++ ++int FIPS_selftest_drbg(void) ++{ ++ DRBG_CTX *dctx; ++ DRBG_SELFTEST_DATA *td; ++ int rv = 1; ++ dctx = FIPS_drbg_new(0, 0); ++ if (!dctx) ++ return 0; ++ for (td = drbg_test; td->nid != 0; td++) { ++ if (td->post != 1) ++ continue; ++ if (!fips_post_started(FIPS_TEST_DRBG, td->nid, &td->flags)) ++ return 1; ++ if (!fips_drbg_single_kat(dctx, td, 1)) { ++ fips_post_failed(FIPS_TEST_DRBG, td->nid, &td->flags); ++ rv = 0; ++ continue; ++ } ++ if (!fips_post_success(FIPS_TEST_DRBG, td->nid, &td->flags)) ++ return 0; ++ } ++ FIPS_drbg_free(dctx); ++ return rv; ++} ++ ++int FIPS_selftest_drbg_all(void) ++{ ++ DRBG_CTX *dctx; ++ DRBG_SELFTEST_DATA *td; ++ int rv = 1; ++ dctx = FIPS_drbg_new(0, 0); ++ if (!dctx) ++ return 0; ++ for (td = drbg_test; td->nid != 0; td++) { ++ if (!fips_post_started(FIPS_TEST_DRBG, td->nid, &td->flags)) ++ return 1; ++ if (!fips_drbg_single_kat(dctx, td, 0)) { ++ fips_post_failed(FIPS_TEST_DRBG, td->nid, &td->flags); ++ rv = 0; ++ continue; ++ } ++ if (!fips_drbg_error_check(dctx, td)) { ++ fips_post_failed(FIPS_TEST_DRBG, td->nid, &td->flags); ++ rv = 0; ++ continue; ++ } ++ if (!fips_post_success(FIPS_TEST_DRBG, td->nid, &td->flags)) ++ return 0; ++ } ++ FIPS_drbg_free(dctx); ++ return rv; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h +--- openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips 2020-03-17 17:30:52.045567061 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h 2020-03-17 17:30:52.045567061 +0100 +@@ -0,0 +1,1791 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++/* Selftest and health check data for the SP800-90 DRBG */ ++ ++#define __fips_constseg ++ ++/* AES-128 use df PR */ ++__fips_constseg static const unsigned char aes_128_use_df_pr_entropyinput[] = { ++ 0x61, 0x52, 0x7c, 0xe3, 0x23, 0x7d, 0x0a, 0x07, 0x10, 0x0c, 0x50, 0x33, ++ 0xc8, 0xdb, 0xff, 0x12 ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_pr_nonce[] = { ++ 0x51, 0x0d, 0x85, 0x77, 0xed, 0x22, 0x97, 0x28 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_personalizationstring[] = { ++ 0x59, 0x9f, 0xbb, 0xcd, 0xd5, 0x25, 0x69, 0xb5, 0xcb, 0xb5, 0x03, 0xfe, ++ 0xd7, 0xd7, 0x01, 0x67 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_additionalinput[] = { ++ 0xef, 0x88, 0x76, 0x01, 0xaf, 0x3c, 0xfe, 0x8b, 0xaf, 0x26, 0x06, 0x9e, ++ 0x9a, 0x47, 0x08, 0x76 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_entropyinputpr[] = { ++ 0xe2, 0x76, 0xf9, 0xf6, 0x3a, 0xba, 0x10, 0x9f, 0xbf, 0x47, 0x0e, 0x51, ++ 0x09, 0xfb, 0xa3, 0xb6 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_int_returnedbits[] = { ++ 0xd4, 0x98, 0x8a, 0x46, 0x80, 0x4c, 0xdb, 0xa3, 0x59, 0x02, 0x57, 0x52, ++ 0x66, 0x1c, 0xea, 0x5b ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_additionalinput2[] = { ++ 0x88, 0x8c, 0x91, 0xd6, 0xbe, 0x56, 0x6e, 0x08, 0x9a, 0x62, 0x2b, 0x11, ++ 0x3f, 0x5e, 0x31, 0x06 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_pr_entropyinputpr2[] = { ++ 0xc0, 0x5c, 0x6b, 0x98, 0x01, 0x0d, 0x58, 0x18, 0x51, 0x18, 0x96, 0xae, ++ 0xa7, 0xe3, 0xa8, 0x67 ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_pr_returnedbits[] = { ++ 0xcf, 0x01, 0xac, 0x22, 0x31, 0x06, 0x8e, 0xfc, 0xce, 0x56, 0xea, 0x24, ++ 0x0f, 0x38, 0x43, 0xc6 ++}; ++ ++/* AES-128 use df No PR */ ++__fips_constseg static const unsigned char aes_128_use_df_entropyinput[] = { ++ 0x1f, 0x8e, 0x34, 0x82, 0x0c, 0xb7, 0xbe, 0xc5, 0x01, 0x3e, 0xd0, 0xa3, ++ 0x9d, 0x7d, 0x1c, 0x9b ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_nonce[] = { ++ 0xd5, 0x4d, 0xbd, 0x4a, 0x93, 0x7f, 0xb8, 0x96 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_personalizationstring[] = { ++ 0xab, 0xd6, 0x3f, 0x04, 0xfe, 0x27, 0x6b, 0x2d, 0xd7, 0xc3, 0x1c, 0xf3, ++ 0x38, 0x66, 0xba, 0x1b ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_additionalinput[] = { ++ 0xfe, 0xf4, 0x09, 0xa8, 0xb7, 0x73, 0x27, 0x9c, 0x5f, 0xa7, 0xea, 0x46, ++ 0xb5, 0xe2, 0xb2, 0x41 ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_int_returnedbits[] = { ++ 0x42, 0xe4, 0x4e, 0x7b, 0x27, 0xdd, 0xcb, 0xbc, 0x0a, 0xcf, 0xa6, 0x67, ++ 0xe7, 0x57, 0x11, 0xb4 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_entropyinputreseed[] = { ++ 0x14, 0x26, 0x69, 0xd9, 0xf3, 0x65, 0x03, 0xd6, 0x6b, 0xb9, 0x44, 0x0b, ++ 0xc7, 0xc4, 0x9e, 0x39 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_use_df_additionalinputreseed[] = { ++ 0x55, 0x2e, 0x60, 0x9a, 0x05, 0x72, 0x8a, 0xa8, 0xef, 0x22, 0x81, 0x5a, ++ 0xc8, 0x93, 0xfa, 0x84 ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_additionalinput2[] = { ++ 0x3c, 0x40, 0xc8, 0xc4, 0x16, 0x0c, 0x21, 0xa4, 0x37, 0x2c, 0x8f, 0xa5, ++ 0x06, 0x0c, 0x15, 0x2c ++}; ++ ++__fips_constseg static const unsigned char aes_128_use_df_returnedbits[] = { ++ 0xe1, 0x3e, 0x99, 0x98, 0x86, 0x67, 0x0b, 0x63, 0x7b, 0xbe, 0x3f, 0x88, ++ 0x46, 0x81, 0xc7, 0x19 ++}; ++ ++/* AES-192 use df PR */ ++__fips_constseg static const unsigned char aes_192_use_df_pr_entropyinput[] = { ++ 0x2b, 0x4e, 0x8b, 0xe1, 0xf1, 0x34, 0x80, 0x56, 0x81, 0xf9, 0x74, 0xec, ++ 0x17, 0x44, 0x2a, 0xf1, 0x14, 0xb0, 0xbf, 0x97, 0x39, 0xb7, 0x04, 0x7d ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_pr_nonce[] = { ++ 0xd6, 0x9d, 0xeb, 0x14, 0x4e, 0x6c, 0x30, 0x1e, 0x39, 0x55, 0x73, 0xd0, ++ 0xd1, 0x80, 0x78, 0xfa ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_personalizationstring[] = { ++ 0xfc, 0x43, 0x4a, 0xf8, 0x9a, 0x55, 0xb3, 0x53, 0x83, 0xe2, 0x18, 0x16, ++ 0x0c, 0xdc, 0xcd, 0x5e, 0x4f, 0xa0, 0x03, 0x01, 0x2b, 0x9f, 0xe4, 0xd5, ++ 0x7d, 0x49, 0xf0, 0x41, 0x9e, 0x3d, 0x99, 0x04 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_additionalinput[] = { ++ 0x5e, 0x9f, 0x49, 0x6f, 0x21, 0x8b, 0x1d, 0x32, 0xd5, 0x84, 0x5c, 0xac, ++ 0xaf, 0xdf, 0xe4, 0x79, 0x9e, 0xaf, 0xa9, 0x82, 0xd0, 0xf8, 0x4f, 0xcb, ++ 0x69, 0x10, 0x0a, 0x7e, 0x81, 0x57, 0xb5, 0x36 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_entropyinputpr[] = { ++ 0xd4, 0x81, 0x0c, 0xd7, 0x66, 0x39, 0xec, 0x42, 0x53, 0x87, 0x41, 0xa5, ++ 0x1e, 0x7d, 0x80, 0x91, 0x8e, 0xbb, 0xed, 0xac, 0x14, 0x02, 0x1a, 0xd5 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_int_returnedbits[] = { ++ 0xdf, 0x1d, 0x39, 0x45, 0x7c, 0x9b, 0xc6, 0x2b, 0x7d, 0x8c, 0x93, 0xe9, ++ 0x19, 0x30, 0x6b, 0x67 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_additionalinput2[] = { ++ 0x00, 0x71, 0x27, 0x4e, 0xd3, 0x14, 0xf1, 0x20, 0x7f, 0x4a, 0x41, 0x32, ++ 0x2a, 0x97, 0x11, 0x43, 0x8f, 0x4a, 0x15, 0x7b, 0x9b, 0x51, 0x79, 0xda, ++ 0x49, 0x3d, 0xde, 0xe8, 0xbc, 0x93, 0x91, 0x99 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_pr_entropyinputpr2[] = { ++ 0x90, 0xee, 0x76, 0xa1, 0x45, 0x8d, 0xb7, 0x40, 0xb0, 0x11, 0xbf, 0xd0, ++ 0x65, 0xd7, 0x3c, 0x7c, 0x4f, 0x20, 0x3f, 0x4e, 0x11, 0x9d, 0xb3, 0x5e ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_pr_returnedbits[] = { ++ 0x24, 0x3b, 0x20, 0xa4, 0x37, 0x66, 0xba, 0x72, 0x39, 0x3f, 0xcf, 0x3c, ++ 0x7e, 0x1a, 0x2b, 0x83 ++}; ++ ++/* AES-192 use df No PR */ ++__fips_constseg static const unsigned char aes_192_use_df_entropyinput[] = { ++ 0x8d, 0x74, 0xa4, 0x50, 0x1a, 0x02, 0x68, 0x0c, 0x2a, 0x69, 0xc4, 0x82, ++ 0x3b, 0xbb, 0xda, 0x0e, 0x7f, 0x77, 0xa3, 0x17, 0x78, 0x57, 0xb2, 0x7b ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_nonce[] = { ++ 0x75, 0xd5, 0x1f, 0xac, 0xa4, 0x8d, 0x42, 0x78, 0xd7, 0x69, 0x86, 0x9d, ++ 0x77, 0xd7, 0x41, 0x0e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_personalizationstring[] = { ++ 0x4e, 0x33, 0x41, 0x3c, 0x9c, 0xc2, 0xd2, 0x53, 0xaf, 0x90, 0xea, 0xcf, ++ 0x19, 0x50, 0x1e, 0xe6, 0x6f, 0x63, 0xc8, 0x32, 0x22, 0xdc, 0x07, 0x65, ++ 0x9c, 0xd3, 0xf8, 0x30, 0x9e, 0xed, 0x35, 0x70 ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_additionalinput[] = { ++ 0x5d, 0x8b, 0x8c, 0xc1, 0xdf, 0x0e, 0x02, 0x78, 0xfb, 0x19, 0xb8, 0x69, ++ 0x78, 0x4e, 0x9c, 0x52, 0xbc, 0xc7, 0x20, 0xc9, 0xe6, 0x5e, 0x77, 0x22, ++ 0x28, 0x3d, 0x0c, 0x9e, 0x68, 0xa8, 0x45, 0xd7 ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_int_returnedbits[] = { ++ 0xd5, 0xe7, 0x08, 0xc5, 0x19, 0x99, 0xd5, 0x31, 0x03, 0x0a, 0x74, 0xb6, ++ 0xb7, 0xed, 0xe9, 0xea ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_entropyinputreseed[] = { ++ 0x9c, 0x26, 0xda, 0xf1, 0xac, 0xd9, 0x5a, 0xd6, 0xa8, 0x65, 0xf5, 0x02, ++ 0x8f, 0xdc, 0xa2, 0x09, 0x54, 0xa6, 0xe2, 0xa4, 0xde, 0x32, 0xe0, 0x01 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_use_df_additionalinputreseed[] = { ++ 0x9b, 0x90, 0xb0, 0x3a, 0x0e, 0x3a, 0x80, 0x07, 0x4a, 0xf4, 0xda, 0x76, ++ 0x28, 0x30, 0x3c, 0xee, 0x54, 0x1b, 0x94, 0x59, 0x51, 0x43, 0x56, 0x77, ++ 0xaf, 0x88, 0xdd, 0x63, 0x89, 0x47, 0x06, 0x65 ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_additionalinput2[] = { ++ 0x3c, 0x11, 0x64, 0x7a, 0x96, 0xf5, 0xd8, 0xb8, 0xae, 0xd6, 0x70, 0x4e, ++ 0x16, 0x96, 0xde, 0xe9, 0x62, 0xbc, 0xee, 0x28, 0x2f, 0x26, 0xa6, 0xf0, ++ 0x56, 0xef, 0xa3, 0xf1, 0x6b, 0xa1, 0xb1, 0x77 ++}; ++ ++__fips_constseg static const unsigned char aes_192_use_df_returnedbits[] = { ++ 0x0b, 0xe2, 0x56, 0x03, 0x1e, 0xdb, 0x2c, 0x6d, 0x7f, 0x1b, 0x15, 0x58, ++ 0x1a, 0xf9, 0x13, 0x28 ++}; ++ ++/* AES-256 use df PR */ ++__fips_constseg static const unsigned char aes_256_use_df_pr_entropyinput[] = { ++ 0x61, 0x68, 0xfc, 0x1a, 0xf0, 0xb5, 0x95, 0x6b, 0x85, 0x09, 0x9b, 0x74, ++ 0x3f, 0x13, 0x78, 0x49, 0x3b, 0x85, 0xec, 0x93, 0x13, 0x3b, 0xa9, 0x4f, ++ 0x96, 0xab, 0x2c, 0xe4, 0xc8, 0x8f, 0xdd, 0x6a ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_pr_nonce[] = { ++ 0xad, 0xd2, 0xbb, 0xba, 0xb7, 0x65, 0x89, 0xc3, 0x21, 0x6c, 0x55, 0x33, ++ 0x2b, 0x36, 0xff, 0xa4 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_personalizationstring[] = { ++ 0x6e, 0xca, 0xe7, 0x20, 0x72, 0xd3, 0x84, 0x5a, 0x32, 0xd3, 0x4b, 0x24, ++ 0x72, 0xc4, 0x63, 0x2b, 0x9d, 0x12, 0x24, 0x0c, 0x23, 0x26, 0x8e, 0x83, ++ 0x16, 0x37, 0x0b, 0xd1, 0x06, 0x4f, 0x68, 0x6d ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_additionalinput[] = { ++ 0x7e, 0x08, 0x4a, 0xbb, 0xe3, 0x21, 0x7c, 0xc9, 0x23, 0xd2, 0xf8, 0xb0, ++ 0x73, 0x98, 0xba, 0x84, 0x74, 0x23, 0xab, 0x06, 0x8a, 0xe2, 0x22, 0xd3, ++ 0x7b, 0xce, 0x9b, 0xd2, 0x4a, 0x76, 0xb8, 0xde ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_entropyinputpr[] = { ++ 0x0b, 0x23, 0xaf, 0xdf, 0xf1, 0x62, 0xd7, 0xd3, 0x43, 0x97, 0xf8, 0x77, ++ 0x04, 0xa8, 0x42, 0x20, 0xbd, 0xf6, 0x0f, 0xc1, 0x17, 0x2f, 0x9f, 0x54, ++ 0xbb, 0x56, 0x17, 0x86, 0x68, 0x0e, 0xba, 0xa9 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_int_returnedbits[] = { ++ 0x31, 0x8e, 0xad, 0xaf, 0x40, 0xeb, 0x6b, 0x74, 0x31, 0x46, 0x80, 0xc7, ++ 0x17, 0xab, 0x3c, 0x7a ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_additionalinput2[] = { ++ 0x94, 0x6b, 0xc9, 0x9f, 0xab, 0x8d, 0xc5, 0xec, 0x71, 0x88, 0x1d, 0x00, ++ 0x8c, 0x89, 0x68, 0xe4, 0xc8, 0x07, 0x77, 0x36, 0x17, 0x6d, 0x79, 0x78, ++ 0xc7, 0x06, 0x4e, 0x99, 0x04, 0x28, 0x29, 0xc3 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_pr_entropyinputpr2[] = { ++ 0xbf, 0x6c, 0x59, 0x2a, 0x0d, 0x44, 0x0f, 0xae, 0x9a, 0x5e, 0x03, 0x73, ++ 0xd8, 0xa6, 0xe1, 0xcf, 0x25, 0x61, 0x38, 0x24, 0x86, 0x9e, 0x53, 0xe8, ++ 0xa4, 0xdf, 0x56, 0xf4, 0x06, 0x07, 0x9c, 0x0f ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_pr_returnedbits[] = { ++ 0x22, 0x4a, 0xb4, 0xb8, 0xb6, 0xee, 0x7d, 0xb1, 0x9e, 0xc9, 0xf9, 0xa0, ++ 0xd9, 0xe2, 0x97, 0x00 ++}; ++ ++/* AES-256 use df No PR */ ++__fips_constseg static const unsigned char aes_256_use_df_entropyinput[] = { ++ 0xa5, 0x3e, 0x37, 0x10, 0x17, 0x43, 0x91, 0x93, 0x59, 0x1e, 0x47, 0x50, ++ 0x87, 0xaa, 0xdd, 0xd5, 0xc1, 0xc3, 0x86, 0xcd, 0xca, 0x0d, 0xdb, 0x68, ++ 0xe0, 0x02, 0xd8, 0x0f, 0xdc, 0x40, 0x1a, 0x47 ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_nonce[] = { ++ 0xa9, 0x4d, 0xa5, 0x5a, 0xfd, 0xc5, 0x0c, 0xe5, 0x1c, 0x9a, 0x3b, 0x8a, ++ 0x4c, 0x44, 0x84, 0x40 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_personalizationstring[] = { ++ 0x8b, 0x52, 0xa2, 0x4a, 0x93, 0xc3, 0x4e, 0xa7, 0x1e, 0x1c, 0xa7, 0x05, ++ 0xeb, 0x82, 0x9b, 0xa6, 0x5d, 0xe4, 0xd4, 0xe0, 0x7f, 0xa3, 0xd8, 0x6b, ++ 0x37, 0x84, 0x5f, 0xf1, 0xc7, 0xd5, 0xf6, 0xd2 ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_additionalinput[] = { ++ 0x20, 0xf4, 0x22, 0xed, 0xf8, 0x5c, 0xa1, 0x6a, 0x01, 0xcf, 0xbe, 0x5f, ++ 0x8d, 0x6c, 0x94, 0x7f, 0xae, 0x12, 0xa8, 0x57, 0xdb, 0x2a, 0xa9, 0xbf, ++ 0xc7, 0xb3, 0x65, 0x81, 0x80, 0x8d, 0x0d, 0x46 ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_int_returnedbits[] = { ++ 0x4e, 0x44, 0xfd, 0xf3, 0x9e, 0x29, 0xa2, 0xb8, 0x0f, 0x5d, 0x6c, 0xe1, ++ 0x28, 0x0c, 0x3b, 0xc1 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_entropyinputreseed[] = { ++ 0xdd, 0x40, 0xe5, 0x98, 0x7b, 0x27, 0x16, 0x73, 0x15, 0x68, 0xd2, 0x76, ++ 0xbf, 0x0c, 0x67, 0x15, 0x75, 0x79, 0x03, 0xd3, 0xde, 0xde, 0x91, 0x46, ++ 0x42, 0xdd, 0xd4, 0x67, 0xc8, 0x79, 0xc8, 0x1e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_use_df_additionalinputreseed[] = { ++ 0x7f, 0xd8, 0x1f, 0xbd, 0x2a, 0xb5, 0x1c, 0x11, 0x5d, 0x83, 0x4e, 0x99, ++ 0xf6, 0x5c, 0xa5, 0x40, 0x20, 0xed, 0x38, 0x8e, 0xd5, 0x9e, 0xe0, 0x75, ++ 0x93, 0xfe, 0x12, 0x5e, 0x5d, 0x73, 0xfb, 0x75 ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_additionalinput2[] = { ++ 0xcd, 0x2c, 0xff, 0x14, 0x69, 0x3e, 0x4c, 0x9e, 0xfd, 0xfe, 0x26, 0x0d, ++ 0xe9, 0x86, 0x00, 0x49, 0x30, 0xba, 0xb1, 0xc6, 0x50, 0x57, 0x77, 0x2a, ++ 0x62, 0x39, 0x2c, 0x3b, 0x74, 0xeb, 0xc9, 0x0d ++}; ++ ++__fips_constseg static const unsigned char aes_256_use_df_returnedbits[] = { ++ 0x4f, 0x78, 0xbe, 0xb9, 0x4d, 0x97, 0x8c, 0xe9, 0xd0, 0x97, 0xfe, 0xad, ++ 0xfa, 0xfd, 0x35, 0x5e ++}; ++ ++/* AES-128 no df PR */ ++__fips_constseg static const unsigned char aes_128_no_df_pr_entropyinput[] = { ++ 0x9a, 0x25, 0x65, 0x10, 0x67, 0xd5, 0xb6, 0x6b, 0x70, 0xa1, 0xb3, 0xa4, ++ 0x43, 0x95, 0x80, 0xc0, 0x84, 0x0a, 0x79, 0xb0, 0x88, 0x74, 0xf2, 0xbf, ++ 0x31, 0x6c, 0x33, 0x38, 0x0b, 0x00, 0xb2, 0x5a ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_pr_nonce[] = { ++ 0x78, 0x47, 0x6b, 0xf7, 0x90, 0x8e, 0x87, 0xf1 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_pr_personalizationstring[] = { ++ 0xf7, 0x22, 0x1d, 0x3a, 0xbe, 0x1d, 0xca, 0x32, 0x1b, 0xbd, 0x87, 0x0c, ++ 0x51, 0x24, 0x19, 0xee, 0xa3, 0x23, 0x09, 0x63, 0x33, 0x3d, 0xa8, 0x0c, ++ 0x1c, 0xfa, 0x42, 0x89, 0xcc, 0x6f, 0xa0, 0xa8 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_pr_additionalinput[] = { ++ 0xc9, 0xe0, 0x80, 0xbf, 0x8c, 0x45, 0x58, 0x39, 0xff, 0x00, 0xab, 0x02, ++ 0x4c, 0x3e, 0x3a, 0x95, 0x9b, 0x80, 0xa8, 0x21, 0x2a, 0xee, 0xba, 0x73, ++ 0xb1, 0xd9, 0xcf, 0x28, 0xf6, 0x8f, 0x9b, 0x12 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_pr_entropyinputpr[] = { ++ 0x4c, 0xa8, 0xc5, 0xf0, 0x59, 0x9e, 0xa6, 0x8d, 0x26, 0x53, 0xd7, 0x8a, ++ 0xa9, 0xd8, 0xf7, 0xed, 0xb2, 0xf9, 0x12, 0x42, 0xe1, 0xe5, 0xbd, 0xe7, ++ 0xe7, 0x1d, 0x74, 0x99, 0x00, 0x9d, 0x31, 0x3e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_pr_int_returnedbits[] = { ++ 0xe2, 0xac, 0x20, 0xf0, 0x80, 0xe7, 0xbc, 0x7e, 0x9c, 0x7b, 0x65, 0x71, ++ 0xaf, 0x19, 0x32, 0x16 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_pr_additionalinput2[] = { ++ 0x32, 0x7f, 0x38, 0x8b, 0x73, 0x0a, 0x78, 0x83, 0xdc, 0x30, 0xbe, 0x9f, ++ 0x10, 0x1f, 0xf5, 0x1f, 0xca, 0x00, 0xb5, 0x0d, 0xd6, 0x9d, 0x60, 0x83, ++ 0x51, 0x54, 0x7d, 0x38, 0x23, 0x3a, 0x52, 0x50 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_pr_entropyinputpr2[] = { ++ 0x18, 0x61, 0x53, 0x56, 0xed, 0xed, 0xd7, 0x20, 0xfb, 0x71, 0x04, 0x7a, ++ 0xb2, 0xac, 0xc1, 0x28, 0xcd, 0xf2, 0xc2, 0xfc, 0xaa, 0xb1, 0x06, 0x07, ++ 0xe9, 0x46, 0x95, 0x02, 0x48, 0x01, 0x78, 0xf9 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_pr_returnedbits[] = { ++ 0x29, 0xc8, 0x1b, 0x15, 0xb1, 0xd1, 0xc2, 0xf6, 0x71, 0x86, 0x68, 0x33, ++ 0x57, 0x82, 0x33, 0xaf ++}; ++ ++/* AES-128 no df No PR */ ++__fips_constseg static const unsigned char aes_128_no_df_entropyinput[] = { ++ 0xc9, 0xc5, 0x79, 0xbc, 0xe8, 0xc5, 0x19, 0xd8, 0xbc, 0x66, 0x73, 0x67, ++ 0xf6, 0xd3, 0x72, 0xaa, 0xa6, 0x16, 0xb8, 0x50, 0xb7, 0x47, 0x3a, 0x42, ++ 0xab, 0xf4, 0x16, 0xb2, 0x96, 0xd2, 0xb6, 0x60 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_nonce[] = { ++ 0x5f, 0xbf, 0x97, 0x0c, 0x4b, 0xa4, 0x87, 0x13 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_personalizationstring[] = { ++ 0xce, 0xfb, 0x7b, 0x3f, 0xd4, 0x6b, 0x29, 0x0d, 0x69, 0x06, 0xff, 0xbb, ++ 0xf2, 0xe5, 0xc6, 0x6c, 0x0a, 0x10, 0xa0, 0xcf, 0x1a, 0x48, 0xc7, 0x8b, ++ 0x3c, 0x16, 0x88, 0xed, 0x50, 0x13, 0x81, 0xce ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_additionalinput[] = { ++ 0x4b, 0x22, 0x46, 0x18, 0x02, 0x7b, 0xd2, 0x1b, 0x22, 0x42, 0x7c, 0x37, ++ 0xd9, 0xf6, 0xe8, 0x9b, 0x12, 0x30, 0x5f, 0xe9, 0x90, 0xe8, 0x08, 0x24, ++ 0x4f, 0x06, 0x66, 0xdb, 0x19, 0x2b, 0x13, 0x95 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_int_returnedbits[] = { ++ 0x2e, 0x96, 0x70, 0x64, 0xfa, 0xdf, 0xdf, 0x57, 0xb5, 0x82, 0xee, 0xd6, ++ 0xed, 0x3e, 0x65, 0xc2 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_entropyinputreseed[] = { ++ 0x26, 0xc0, 0x72, 0x16, 0x3a, 0x4b, 0xb7, 0x99, 0xd4, 0x07, 0xaf, 0x66, ++ 0x62, 0x36, 0x96, 0xa4, 0x51, 0x17, 0xfa, 0x07, 0x8b, 0x17, 0x5e, 0xa1, ++ 0x2f, 0x3c, 0x10, 0xe7, 0x90, 0xd0, 0x46, 0x00 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_128_no_df_additionalinputreseed[] = { ++ 0x83, 0x39, 0x37, 0x7b, 0x02, 0x06, 0xd2, 0x12, 0x13, 0x8d, 0x8b, 0xf2, ++ 0xf0, 0xf6, 0x26, 0xeb, 0xa4, 0x22, 0x7b, 0xc2, 0xe7, 0xba, 0x79, 0xe4, ++ 0x3b, 0x77, 0x5d, 0x4d, 0x47, 0xb2, 0x2d, 0xb4 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_additionalinput2[] = { ++ 0x0b, 0xb9, 0x67, 0x37, 0xdb, 0x83, 0xdf, 0xca, 0x81, 0x8b, 0xf9, 0x3f, ++ 0xf1, 0x11, 0x1b, 0x2f, 0xf0, 0x61, 0xa6, 0xdf, 0xba, 0xa3, 0xb1, 0xac, ++ 0xd3, 0xe6, 0x09, 0xb8, 0x2c, 0x6a, 0x67, 0xd6 ++}; ++ ++__fips_constseg static const unsigned char aes_128_no_df_returnedbits[] = { ++ 0x1e, 0xa7, 0xa4, 0xe4, 0xe1, 0xa6, 0x7c, 0x69, 0x9a, 0x44, 0x6c, 0x36, ++ 0x81, 0x37, 0x19, 0xd4 ++}; ++ ++/* AES-192 no df PR */ ++__fips_constseg static const unsigned char aes_192_no_df_pr_entropyinput[] = { ++ 0x9d, 0x2c, 0xd2, 0x55, 0x66, 0xea, 0xe0, 0xbe, 0x18, 0xb7, 0x76, 0xe7, ++ 0x73, 0x35, 0xd8, 0x1f, 0xad, 0x3a, 0xe3, 0x81, 0x0e, 0x92, 0xd0, 0x61, ++ 0xc9, 0x12, 0x26, 0xf6, 0x1c, 0xdf, 0xfe, 0x47, 0xaa, 0xfe, 0x7d, 0x5a, ++ 0x17, 0x1f, 0x8d, 0x9a ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_pr_nonce[] = { ++ 0x44, 0x82, 0xed, 0xe8, 0x4c, 0x28, 0x5a, 0x14, 0xff, 0x88, 0x8d, 0x19, ++ 0x61, 0x5c, 0xee, 0x0f ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_pr_personalizationstring[] = { ++ 0x47, 0xd7, 0x9b, 0x99, 0xaa, 0xcb, 0xe7, 0xd2, 0x57, 0x66, 0x2c, 0xe1, ++ 0x78, 0xd6, 0x2c, 0xea, 0xa3, 0x23, 0x5f, 0x2a, 0xc1, 0x3a, 0xf0, 0xa4, ++ 0x20, 0x3b, 0xfa, 0x07, 0xd5, 0x05, 0x02, 0xe4, 0x57, 0x01, 0xb6, 0x10, ++ 0x57, 0x2e, 0xe7, 0x55 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_pr_additionalinput[] = { ++ 0x4b, 0x74, 0x0b, 0x40, 0xce, 0x6b, 0xc2, 0x6a, 0x24, 0xb4, 0xf3, 0xad, ++ 0x7a, 0xa5, 0x7a, 0xa2, 0x15, 0xe2, 0xc8, 0x61, 0x15, 0xc6, 0xb7, 0x85, ++ 0x69, 0x11, 0xad, 0x7b, 0x14, 0xd2, 0xf6, 0x12, 0xa1, 0x95, 0x5d, 0x3f, ++ 0xe2, 0xd0, 0x0c, 0x2f ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_pr_entropyinputpr[] = { ++ 0x0c, 0x9c, 0xad, 0x05, 0xee, 0xae, 0x48, 0x23, 0x89, 0x59, 0xa1, 0x94, ++ 0xd7, 0xd8, 0x75, 0xd5, 0x54, 0x93, 0xc7, 0x4a, 0xd9, 0x26, 0xde, 0xeb, ++ 0xba, 0xb0, 0x7e, 0x30, 0x1d, 0x5f, 0x69, 0x40, 0x9c, 0x3b, 0x17, 0x58, ++ 0x1d, 0x30, 0xb3, 0x78 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_pr_int_returnedbits[] = { ++ 0xf7, 0x93, 0xb0, 0x6d, 0x77, 0x83, 0xd5, 0x38, 0x01, 0xe1, 0x52, 0x40, ++ 0x7e, 0x3e, 0x0c, 0x26 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_pr_additionalinput2[] = { ++ 0xbc, 0x4b, 0x37, 0x44, 0x1c, 0xc5, 0x45, 0x5f, 0x8f, 0x51, 0x62, 0x8a, ++ 0x85, 0x30, 0x1d, 0x7c, 0xe4, 0xcf, 0xf7, 0x44, 0xce, 0x32, 0x3e, 0x57, ++ 0x95, 0xa4, 0x2a, 0xdf, 0xfd, 0x9e, 0x38, 0x41, 0xb3, 0xf6, 0xc5, 0xee, ++ 0x0c, 0x4b, 0xee, 0x6e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_pr_entropyinputpr2[] = { ++ 0xec, 0xaf, 0xf6, 0x4f, 0xb1, 0xa0, 0x54, 0xb5, 0x5b, 0xe3, 0x46, 0xb0, ++ 0x76, 0x5a, 0x7c, 0x3f, 0x7b, 0x94, 0x69, 0x21, 0x51, 0x02, 0xe5, 0x9f, ++ 0x04, 0x59, 0x02, 0x98, 0xc6, 0x43, 0x2c, 0xcc, 0x26, 0x4c, 0x87, 0x6b, ++ 0x8e, 0x0a, 0x83, 0xdf ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_pr_returnedbits[] = { ++ 0x74, 0x45, 0xfb, 0x53, 0x84, 0x96, 0xbe, 0xff, 0x15, 0xcc, 0x41, 0x91, ++ 0xb9, 0xa1, 0x21, 0x68 ++}; ++ ++/* AES-192 no df No PR */ ++__fips_constseg static const unsigned char aes_192_no_df_entropyinput[] = { ++ 0x3c, 0x7d, 0xb5, 0xe0, 0x54, 0xd9, 0x6e, 0x8c, 0xa9, 0x86, 0xce, 0x4e, ++ 0x6b, 0xaf, 0xeb, 0x2f, 0xe7, 0x75, 0xe0, 0x8b, 0xa4, 0x3b, 0x07, 0xfe, ++ 0xbe, 0x33, 0x75, 0x93, 0x80, 0x27, 0xb5, 0x29, 0x47, 0x8b, 0xc7, 0x28, ++ 0x94, 0xc3, 0x59, 0x63 ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_nonce[] = { ++ 0x43, 0xf1, 0x7d, 0xb8, 0xc3, 0xfe, 0xd0, 0x23, 0x6b, 0xb4, 0x92, 0xdb, ++ 0x29, 0xfd, 0x45, 0x71 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_personalizationstring[] = { ++ 0x9f, 0x24, 0x29, 0x99, 0x9e, 0x01, 0xab, 0xe9, 0x19, 0xd8, 0x23, 0x08, ++ 0xb7, 0xd6, 0x7e, 0x8c, 0xc0, 0x9e, 0x7f, 0x6e, 0x5b, 0x33, 0x20, 0x96, ++ 0x0b, 0x23, 0x2c, 0xa5, 0x6a, 0xf8, 0x1b, 0x04, 0x26, 0xdb, 0x2e, 0x2b, ++ 0x3b, 0x88, 0xce, 0x35 ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_additionalinput[] = { ++ 0x94, 0xe9, 0x7c, 0x3d, 0xa7, 0xdb, 0x60, 0x83, 0x1f, 0x98, 0x3f, 0x0b, ++ 0x88, 0x59, 0x57, 0x51, 0x88, 0x9f, 0x76, 0x49, 0x9f, 0xa6, 0xda, 0x71, ++ 0x1d, 0x0d, 0x47, 0x16, 0x63, 0xc5, 0x68, 0xe4, 0x5d, 0x39, 0x69, 0xb3, ++ 0x3e, 0xbe, 0xd4, 0x8e ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_int_returnedbits[] = { ++ 0xf9, 0xd7, 0xad, 0x69, 0xab, 0x8f, 0x23, 0x56, 0x70, 0x17, 0x4f, 0x2a, ++ 0x45, 0xe7, 0x4a, 0xc5 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_entropyinputreseed[] = { ++ 0xa6, 0x71, 0x6a, 0x3d, 0xba, 0xd1, 0xe8, 0x66, 0xa6, 0xef, 0xb2, 0x0e, ++ 0xa8, 0x9c, 0xaa, 0x4e, 0xaf, 0x17, 0x89, 0x50, 0x00, 0xda, 0xa1, 0xb1, ++ 0x0b, 0xa4, 0xd9, 0x35, 0x89, 0xc8, 0xe5, 0xb0, 0xd9, 0xb7, 0xc4, 0x33, ++ 0x9b, 0xcb, 0x7e, 0x75 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_192_no_df_additionalinputreseed[] = { ++ 0x27, 0x21, 0xfc, 0xc2, 0xbd, 0xf3, 0x3c, 0xce, 0xc3, 0xca, 0xc1, 0x01, ++ 0xe0, 0xff, 0x93, 0x12, 0x7d, 0x54, 0x42, 0xe3, 0x9f, 0x03, 0xdf, 0x27, ++ 0x04, 0x07, 0x3c, 0x53, 0x7f, 0xa8, 0x66, 0xc8, 0x97, 0x4b, 0x61, 0x40, ++ 0x5d, 0x7a, 0x25, 0x79 ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_additionalinput2[] = { ++ 0x2d, 0x8e, 0x16, 0x5d, 0x0b, 0x9f, 0xeb, 0xaa, 0xd6, 0xec, 0x28, 0x71, ++ 0x7c, 0x0b, 0xc1, 0x1d, 0xd4, 0x44, 0x19, 0x47, 0xfd, 0x1d, 0x7c, 0xe5, ++ 0xf3, 0x27, 0xe1, 0xb6, 0x72, 0x0a, 0xe0, 0xec, 0x0e, 0xcd, 0xef, 0x1a, ++ 0x91, 0x6a, 0xe3, 0x5f ++}; ++ ++__fips_constseg static const unsigned char aes_192_no_df_returnedbits[] = { ++ 0xe5, 0xda, 0xb8, 0xe0, 0x63, 0x59, 0x5a, 0xcc, 0x3d, 0xdc, 0x9f, 0xe8, ++ 0x66, 0x67, 0x2c, 0x92 ++}; ++ ++/* AES-256 no df PR */ ++__fips_constseg static const unsigned char aes_256_no_df_pr_entropyinput[] = { ++ 0x15, 0xc7, 0x5d, 0xcb, 0x41, 0x4b, 0x16, 0x01, 0x3a, 0xd1, 0x44, 0xe8, ++ 0x22, 0x32, 0xc6, 0x9c, 0x3f, 0xe7, 0x43, 0xf5, 0x9a, 0xd3, 0xea, 0xf2, ++ 0xd7, 0x4e, 0x6e, 0x6a, 0x55, 0x73, 0x40, 0xef, 0x89, 0xad, 0x0d, 0x03, ++ 0x96, 0x7e, 0x78, 0x81, 0x2f, 0x91, 0x1b, 0x44, 0xb0, 0x02, 0xba, 0x1c ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_pr_nonce[] = { ++ 0xdc, 0xe4, 0xd4, 0x27, 0x7a, 0x90, 0xd7, 0x99, 0x43, 0xa1, 0x3c, 0x30, ++ 0xcc, 0x4b, 0xee, 0x2e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_pr_personalizationstring[] = { ++ 0xe3, 0xe6, 0xb9, 0x11, 0xe4, 0x7a, 0xa4, 0x40, 0x6b, 0xf8, 0x73, 0xf7, ++ 0x7e, 0xec, 0xc7, 0xb9, 0x97, 0xbf, 0xf8, 0x25, 0x7b, 0xbe, 0x11, 0x9b, ++ 0x5b, 0x6a, 0x0c, 0x2e, 0x2b, 0x01, 0x51, 0xcd, 0x41, 0x4b, 0x6b, 0xac, ++ 0x31, 0xa8, 0x0b, 0xf7, 0xe6, 0x59, 0x42, 0xb8, 0x03, 0x0c, 0xf8, 0x06 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_pr_additionalinput[] = { ++ 0x6a, 0x9f, 0x00, 0x91, 0xae, 0xfe, 0xcf, 0x84, 0x99, 0xce, 0xb1, 0x40, ++ 0x6d, 0x5d, 0x33, 0x28, 0x84, 0xf4, 0x8c, 0x63, 0x4c, 0x7e, 0xbd, 0x2c, ++ 0x80, 0x76, 0xee, 0x5a, 0xaa, 0x15, 0x07, 0x31, 0xd8, 0xbb, 0x8c, 0x69, ++ 0x9d, 0x9d, 0xbc, 0x7e, 0x49, 0xae, 0xec, 0x39, 0x6b, 0xd1, 0x1f, 0x7e ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_pr_entropyinputpr[] = { ++ 0xf3, 0xb9, 0x75, 0x9c, 0xbd, 0x88, 0xea, 0xa2, 0x50, 0xad, 0xd6, 0x16, ++ 0x1a, 0x12, 0x3c, 0x86, 0x68, 0xaf, 0x6f, 0xbe, 0x19, 0xf2, 0xee, 0xcc, ++ 0xa5, 0x70, 0x84, 0x53, 0x50, 0xcb, 0x9f, 0x14, 0xa9, 0xe5, 0xee, 0xb9, ++ 0x48, 0x45, 0x40, 0xe2, 0xc7, 0xc9, 0x9a, 0x74, 0xff, 0x8c, 0x99, 0x1f ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_pr_int_returnedbits[] = { ++ 0x2e, 0xf2, 0x45, 0x4c, 0x62, 0x2e, 0x0a, 0xb9, 0x6b, 0xa2, 0xfd, 0x56, ++ 0x79, 0x60, 0x93, 0xcf ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_pr_additionalinput2[] = { ++ 0xaf, 0x69, 0x20, 0xe9, 0x3b, 0x37, 0x9d, 0x3f, 0xb4, 0x80, 0x02, 0x7a, ++ 0x25, 0x7d, 0xb8, 0xde, 0x71, 0xc5, 0x06, 0x0c, 0xb4, 0xe2, 0x8f, 0x35, ++ 0xd8, 0x14, 0x0d, 0x7f, 0x76, 0x63, 0x4e, 0xb5, 0xee, 0xe9, 0x6f, 0x34, ++ 0xc7, 0x5f, 0x56, 0x14, 0x4a, 0xe8, 0x73, 0x95, 0x5b, 0x1c, 0xb9, 0xcb ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_pr_entropyinputpr2[] = { ++ 0xe5, 0xb0, 0x2e, 0x7e, 0x52, 0x30, 0xe3, 0x63, 0x82, 0xb6, 0x44, 0xd3, ++ 0x25, 0x19, 0x05, 0x24, 0x9a, 0x9f, 0x5f, 0x27, 0x6a, 0x29, 0xab, 0xfa, ++ 0x07, 0xa2, 0x42, 0x0f, 0xc5, 0xa8, 0x94, 0x7c, 0x17, 0x7b, 0x85, 0x83, ++ 0x0c, 0x25, 0x0e, 0x63, 0x0b, 0xe9, 0x12, 0x60, 0xcd, 0xef, 0x80, 0x0f ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_pr_returnedbits[] = { ++ 0x5e, 0xf2, 0x26, 0xef, 0x9f, 0x58, 0x5d, 0xd5, 0x4a, 0x10, 0xfe, 0xa7, ++ 0x2d, 0x5f, 0x4a, 0x46 ++}; ++ ++/* AES-256 no df No PR */ ++__fips_constseg static const unsigned char aes_256_no_df_entropyinput[] = { ++ 0xfb, 0xcf, 0x1b, 0x61, 0x16, 0x89, 0x78, 0x23, 0xf5, 0xd8, 0x96, 0xe3, ++ 0x4e, 0x64, 0x0b, 0x29, 0x9a, 0x3f, 0xf8, 0xa5, 0xed, 0xf2, 0xfe, 0xdb, ++ 0x16, 0xca, 0x7f, 0x10, 0xfa, 0x5e, 0x18, 0x76, 0x2c, 0x63, 0x5e, 0x96, ++ 0xcf, 0xb3, 0xd6, 0xfc, 0xaf, 0x99, 0x39, 0x28, 0x9c, 0x61, 0xe8, 0xb3 ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_nonce[] = { ++ 0x12, 0x96, 0xf0, 0x52, 0xf3, 0x8d, 0x81, 0xcf, 0xde, 0x86, 0xf2, 0x99, ++ 0x43, 0x96, 0xb9, 0xf0 ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_personalizationstring[] = { ++ 0x63, 0x0d, 0x78, 0xf5, 0x90, 0x8e, 0x32, 0x47, 0xb0, 0x4d, 0x37, 0x60, ++ 0x09, 0x96, 0xbc, 0xbf, 0x97, 0x7a, 0x62, 0x14, 0x45, 0xbd, 0x8d, 0xcc, ++ 0x69, 0xfb, 0x03, 0xe1, 0x80, 0x1c, 0xc7, 0xe2, 0x2a, 0xf9, 0x37, 0x3f, ++ 0x66, 0x4d, 0x62, 0xd9, 0x10, 0xe0, 0xad, 0xc8, 0x9a, 0xf0, 0xa8, 0x6d ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_additionalinput[] = { ++ 0x36, 0xc6, 0x13, 0x60, 0xbb, 0x14, 0xad, 0x22, 0xb0, 0x38, 0xac, 0xa6, ++ 0x18, 0x16, 0x93, 0x25, 0x86, 0xb7, 0xdc, 0xdc, 0x36, 0x98, 0x2b, 0xf9, ++ 0x68, 0x33, 0xd3, 0xc6, 0xff, 0xce, 0x8d, 0x15, 0x59, 0x82, 0x76, 0xed, ++ 0x6f, 0x8d, 0x49, 0x74, 0x2f, 0xda, 0xdc, 0x1f, 0x17, 0xd0, 0xde, 0x17 ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_int_returnedbits[] = { ++ 0x16, 0x2f, 0x8e, 0x3f, 0x21, 0x7a, 0x1c, 0x20, 0x56, 0xd1, 0x92, 0xf6, ++ 0xd2, 0x25, 0x75, 0x0e ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_entropyinputreseed[] = { ++ 0x91, 0x79, 0x76, 0xee, 0xe0, 0xcf, 0x9e, 0xc2, 0xd5, 0xd4, 0x23, 0x9b, ++ 0x12, 0x8c, 0x7e, 0x0a, 0xb7, 0xd2, 0x8b, 0xd6, 0x7c, 0xa3, 0xc6, 0xe5, ++ 0x0e, 0xaa, 0xc7, 0x6b, 0xae, 0x0d, 0xfa, 0x53, 0x06, 0x79, 0xa1, 0xed, ++ 0x4d, 0x6a, 0x0e, 0xd8, 0x9d, 0xbe, 0x1b, 0x31, 0x93, 0x7b, 0xec, 0xfb ++}; ++ ++__fips_constseg ++ static const unsigned char aes_256_no_df_additionalinputreseed[] = { ++ 0xd2, 0x46, 0x50, 0x22, 0x10, 0x14, 0x63, 0xf7, 0xea, 0x0f, 0xb9, 0x7e, ++ 0x0d, 0xe1, 0x94, 0x07, 0xaf, 0x09, 0x44, 0x31, 0xea, 0x64, 0xa4, 0x18, ++ 0x5b, 0xf9, 0xd8, 0xc2, 0xfa, 0x03, 0x47, 0xc5, 0x39, 0x43, 0xd5, 0x3b, ++ 0x62, 0x86, 0x64, 0xea, 0x2c, 0x73, 0x8c, 0xae, 0x9d, 0x98, 0x98, 0x29 ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_additionalinput2[] = { ++ 0x8c, 0xab, 0x18, 0xf8, 0xc3, 0xec, 0x18, 0x5c, 0xb3, 0x1e, 0x9d, 0xbe, ++ 0x3f, 0x03, 0xb4, 0x00, 0x98, 0x9d, 0xae, 0xeb, 0xf4, 0x94, 0xf8, 0x42, ++ 0x8f, 0xe3, 0x39, 0x07, 0xe1, 0xc9, 0xad, 0x0b, 0x1f, 0xed, 0xc0, 0xba, ++ 0xf6, 0xd1, 0xec, 0x27, 0x86, 0x7b, 0xd6, 0x55, 0x9b, 0x60, 0xa5, 0xc6 ++}; ++ ++__fips_constseg static const unsigned char aes_256_no_df_returnedbits[] = { ++ 0xef, 0xd2, 0xd8, 0x5c, 0xdc, 0x62, 0x25, 0x9f, 0xaa, 0x1e, 0x2c, 0x67, ++ 0xf6, 0x02, 0x32, 0xe2 ++}; ++ ++/* SHA-1 PR */ ++__fips_constseg static const unsigned char sha1_pr_entropyinput[] = { ++ 0xd2, 0x36, 0xa5, 0x27, 0x31, 0x73, 0xdd, 0x11, 0x4f, 0x93, 0xbd, 0xe2, ++ 0x31, 0xa5, 0x91, 0x13 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_nonce[] = { ++ 0xb5, 0xb3, 0x60, 0xef, 0xf7, 0x63, 0x31, 0xf3 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_personalizationstring[] = { ++ 0xd4, 0xbb, 0x02, 0x10, 0xb2, 0x71, 0xdb, 0x81, 0xd6, 0xf0, 0x42, 0x60, ++ 0xda, 0xea, 0x77, 0x52 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_additionalinput[] = { ++ 0x4d, 0xd2, 0x6c, 0x87, 0xfb, 0x2c, 0x4f, 0xa6, 0x8d, 0x16, 0x63, 0x22, ++ 0x6a, 0x51, 0xe3, 0xf8 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_entropyinputpr[] = { ++ 0xc9, 0x83, 0x9e, 0x16, 0xf6, 0x1c, 0x0f, 0xb2, 0xec, 0x60, 0x31, 0xa9, ++ 0xcb, 0xa9, 0x36, 0x7a ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_int_returnedbits[] = { ++ 0xa8, 0x13, 0x4f, 0xf4, 0x31, 0x02, 0x44, 0xe3, 0xd3, 0x3d, 0x61, 0x9e, ++ 0xe5, 0xc6, 0x3e, 0x89, 0xb5, 0x9b, 0x0f, 0x35 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_additionalinput2[] = { ++ 0xf9, 0xe8, 0xd2, 0x72, 0x13, 0x34, 0x95, 0x6f, 0x15, 0x49, 0x47, 0x99, ++ 0x16, 0x03, 0x19, 0x47 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_entropyinputpr2[] = { ++ 0x4e, 0x8c, 0x49, 0x9b, 0x4a, 0x5c, 0x9b, 0x9c, 0x3a, 0xee, 0xfb, 0xd2, ++ 0xae, 0xcd, 0x8c, 0xc4 ++}; ++ ++__fips_constseg static const unsigned char sha1_pr_returnedbits[] = { ++ 0x50, 0xb4, 0xb4, 0xcd, 0x68, 0x57, 0xfc, 0x2e, 0xc1, 0x52, 0xcc, 0xf6, ++ 0x68, 0xa4, 0x81, 0xed, 0x7e, 0xe4, 0x1d, 0x87 ++}; ++ ++/* SHA-1 No PR */ ++__fips_constseg static const unsigned char sha1_entropyinput[] = { ++ 0xa9, 0x47, 0x1b, 0x29, 0x2d, 0x1c, 0x05, 0xdf, 0x76, 0xd0, 0x62, 0xf9, ++ 0xe2, 0x7f, 0x4c, 0x7b ++}; ++ ++__fips_constseg static const unsigned char sha1_nonce[] = { ++ 0x53, 0x23, 0x24, 0xe3, 0xec, 0x0c, 0x54, 0x14 ++}; ++ ++__fips_constseg static const unsigned char sha1_personalizationstring[] = { ++ 0x7a, 0x87, 0xa1, 0xac, 0x1c, 0xfd, 0xab, 0xae, 0xf7, 0xd6, 0xfb, 0x76, ++ 0x28, 0xec, 0x6d, 0xca ++}; ++ ++__fips_constseg static const unsigned char sha1_additionalinput[] = { ++ 0xfc, 0x92, 0x35, 0xd6, 0x7e, 0xb7, 0x24, 0x65, 0xfd, 0x12, 0x27, 0x35, ++ 0xc0, 0x72, 0xca, 0x28 ++}; ++ ++__fips_constseg static const unsigned char sha1_int_returnedbits[] = { ++ 0x57, 0x88, 0x82, 0xe5, 0x25, 0xa5, 0x2c, 0x4a, 0x06, 0x20, 0x6c, 0x72, ++ 0x55, 0x61, 0xdd, 0x90, 0x71, 0x9f, 0x95, 0xea ++}; ++ ++__fips_constseg static const unsigned char sha1_entropyinputreseed[] = { ++ 0x69, 0xa5, 0x40, 0x62, 0x98, 0x47, 0x56, 0x73, 0x4a, 0x8f, 0x60, 0x96, ++ 0xd6, 0x99, 0x27, 0xed ++}; ++ ++__fips_constseg static const unsigned char sha1_additionalinputreseed[] = { ++ 0xe5, 0x40, 0x4e, 0xbd, 0x50, 0x00, 0xf5, 0x15, 0xa6, 0xee, 0x45, 0xda, ++ 0x84, 0x3d, 0xd4, 0xc0 ++}; ++ ++__fips_constseg static const unsigned char sha1_additionalinput2[] = { ++ 0x11, 0x51, 0x14, 0xf0, 0x09, 0x1b, 0x4e, 0x56, 0x0d, 0xe9, 0xf6, 0x1e, ++ 0x52, 0x65, 0xcd, 0x96 ++}; ++ ++__fips_constseg static const unsigned char sha1_returnedbits[] = { ++ 0xa1, 0x9c, 0x94, 0x6e, 0x29, 0xe1, 0x33, 0x0d, 0x32, 0xd6, 0xaa, 0xce, ++ 0x71, 0x3f, 0x52, 0x72, 0x8b, 0x42, 0xa8, 0xd7 ++}; ++ ++/* SHA-224 PR */ ++__fips_constseg static const unsigned char sha224_pr_entropyinput[] = { ++ 0x12, 0x69, 0x32, 0x4f, 0x83, 0xa6, 0xf5, 0x14, 0xe3, 0x49, 0x3e, 0x75, ++ 0x3e, 0xde, 0xad, 0xa1, 0x29, 0xc3, 0xf3, 0x19, 0x20, 0xb5, 0x4c, 0xd9 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_nonce[] = { ++ 0x6a, 0x78, 0xd0, 0xeb, 0xbb, 0x5a, 0xf0, 0xee, 0xe8, 0xc3, 0xba, 0x71 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_personalizationstring[] = { ++ 0xd5, 0xb8, 0xb6, 0xbc, 0xc1, 0x5b, 0x60, 0x31, 0x3c, 0xf5, 0xe5, 0xc0, ++ 0x8e, 0x52, 0x7a, 0xbd, 0xea, 0x47, 0xa9, 0x5f, 0x8f, 0xf9, 0x8b, 0xae ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_additionalinput[] = { ++ 0x1f, 0x55, 0xec, 0xae, 0x16, 0x12, 0x84, 0xba, 0x84, 0x16, 0x19, 0x88, ++ 0x8e, 0xb8, 0x33, 0x25, 0x54, 0xff, 0xca, 0x79, 0xaf, 0x07, 0x25, 0x50 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_entropyinputpr[] = { ++ 0x92, 0xa3, 0x32, 0xa8, 0x9a, 0x0a, 0x58, 0x7c, 0x1d, 0x5a, 0x7e, 0xe1, ++ 0xb2, 0x73, 0xab, 0x0e, 0x16, 0x79, 0x23, 0xd3, 0x29, 0x89, 0x81, 0xe1 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_int_returnedbits[] = { ++ 0xf3, 0x38, 0x91, 0x40, 0x37, 0x7a, 0x51, 0x72, 0x42, 0x74, 0x78, 0x0a, ++ 0x69, 0xfd, 0xa6, 0x44, 0x43, 0x45, 0x6c, 0x0c, 0x5a, 0x19, 0xff, 0xf1, ++ 0x54, 0x60, 0xee, 0x6a ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_additionalinput2[] = { ++ 0x75, 0xf3, 0x04, 0x25, 0xdd, 0x36, 0xa8, 0x37, 0x46, 0xae, 0x0c, 0x52, ++ 0x05, 0x79, 0x4c, 0x26, 0xdb, 0xe9, 0x71, 0x16, 0x4c, 0x0a, 0xf2, 0x60 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_entropyinputpr2[] = { ++ 0xea, 0xc5, 0x03, 0x0a, 0x4f, 0xb0, 0x38, 0x8d, 0x23, 0xd4, 0xc8, 0x77, ++ 0xe2, 0x6d, 0x9c, 0x0b, 0x44, 0xf7, 0x2d, 0x5b, 0xbf, 0x5d, 0x2a, 0x11 ++}; ++ ++__fips_constseg static const unsigned char sha224_pr_returnedbits[] = { ++ 0x60, 0x50, 0x2b, 0xe7, 0x86, 0xd8, 0x26, 0x73, 0xe3, 0x1d, 0x95, 0x20, ++ 0xb3, 0x2c, 0x32, 0x1c, 0xf5, 0xce, 0x57, 0xa6, 0x67, 0x2b, 0xdc, 0x4e, ++ 0xdd, 0x11, 0x4c, 0xc4 ++}; ++ ++/* SHA-224 No PR */ ++__fips_constseg static const unsigned char sha224_entropyinput[] = { ++ 0xb2, 0x1c, 0x77, 0x4d, 0xf6, 0xd3, 0xb6, 0x40, 0xb7, 0x30, 0x3e, 0x29, ++ 0xb0, 0x85, 0x1c, 0xbe, 0x4a, 0xea, 0x6b, 0x5a, 0xb5, 0x8a, 0x97, 0xeb ++}; ++ ++__fips_constseg static const unsigned char sha224_nonce[] = { ++ 0x42, 0x02, 0x0a, 0x1c, 0x98, 0x9a, 0x77, 0x9e, 0x9f, 0x80, 0xba, 0xe0 ++}; ++ ++__fips_constseg static const unsigned char sha224_personalizationstring[] = { ++ 0x98, 0xb8, 0x04, 0x41, 0xfc, 0xc1, 0x5d, 0xc5, 0xe9, 0xb9, 0x08, 0xda, ++ 0xf9, 0xfa, 0x0d, 0x90, 0xce, 0xdf, 0x1d, 0x10, 0xa9, 0x8d, 0x50, 0x0c ++}; ++ ++__fips_constseg static const unsigned char sha224_additionalinput[] = { ++ 0x9a, 0x8d, 0x39, 0x49, 0x42, 0xd5, 0x0b, 0xae, 0xe1, 0xaf, 0xb7, 0x00, ++ 0x02, 0xfa, 0x96, 0xb1, 0xa5, 0x1d, 0x2d, 0x25, 0x78, 0xee, 0x83, 0x3f ++}; ++ ++__fips_constseg static const unsigned char sha224_int_returnedbits[] = { ++ 0xe4, 0xf5, 0x53, 0x79, 0x5a, 0x97, 0x58, 0x06, 0x08, 0xba, 0x7b, 0xfa, ++ 0xf0, 0x83, 0x05, 0x8c, 0x22, 0xc0, 0xc9, 0xdb, 0x15, 0xe7, 0xde, 0x20, ++ 0x55, 0x22, 0x9a, 0xad ++}; ++ ++__fips_constseg static const unsigned char sha224_entropyinputreseed[] = { ++ 0x67, 0x09, 0x48, 0xaa, 0x07, 0x16, 0x99, 0x89, 0x7f, 0x6d, 0xa0, 0xe5, ++ 0x8f, 0xdf, 0xbc, 0xdb, 0xfe, 0xe5, 0x6c, 0x7a, 0x95, 0x4a, 0x66, 0x17 ++}; ++ ++__fips_constseg static const unsigned char sha224_additionalinputreseed[] = { ++ 0x0f, 0x4b, 0x1c, 0x6f, 0xb7, 0xe3, 0x47, 0xe5, 0x5d, 0x7d, 0x38, 0xd6, ++ 0x28, 0x9b, 0xeb, 0x55, 0x63, 0x09, 0x3e, 0x7c, 0x56, 0xea, 0xf8, 0x19 ++}; ++ ++__fips_constseg static const unsigned char sha224_additionalinput2[] = { ++ 0x2d, 0x26, 0x7c, 0x37, 0xe4, 0x7a, 0x28, 0x5e, 0x5a, 0x3c, 0xaf, 0x3d, ++ 0x5a, 0x8e, 0x55, 0xa2, 0x1a, 0x6e, 0xc0, 0xe5, 0xf6, 0x21, 0xd3, 0xf6 ++}; ++ ++__fips_constseg static const unsigned char sha224_returnedbits[] = { ++ 0x4d, 0x83, 0x35, 0xdf, 0x67, 0xa9, 0xfc, 0x17, 0xda, 0x70, 0xcc, 0x8b, ++ 0x7f, 0x77, 0xae, 0xa2, 0x5f, 0xb9, 0x7e, 0x74, 0x4c, 0x26, 0xc1, 0x7a, ++ 0x3b, 0xa7, 0x5c, 0x93 ++}; ++ ++/* SHA-256 PR */ ++__fips_constseg static const unsigned char sha256_pr_entropyinput[] = { ++ 0xce, 0x49, 0x00, 0x7a, 0x56, 0xe3, 0x67, 0x8f, 0xe1, 0xb6, 0xa7, 0xd4, ++ 0x4f, 0x08, 0x7a, 0x1b, 0x01, 0xf4, 0xfa, 0x6b, 0xef, 0xb7, 0xe5, 0xeb, ++ 0x07, 0x3d, 0x11, 0x0d, 0xc8, 0xea, 0x2b, 0xfe ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_nonce[] = { ++ 0x73, 0x41, 0xc8, 0x92, 0x94, 0xe2, 0xc5, 0x5f, 0x93, 0xfd, 0x39, 0x5d, ++ 0x2b, 0x91, 0x4d, 0x38 ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_personalizationstring[] = { ++ 0x50, 0x6d, 0x01, 0x01, 0x07, 0x5a, 0x80, 0x35, 0x7a, 0x56, 0x1a, 0x56, ++ 0x2f, 0x9a, 0x0b, 0x35, 0xb2, 0xb1, 0xc9, 0xe5, 0xca, 0x69, 0x61, 0x48, ++ 0xff, 0xfb, 0x0f, 0xd9, 0x4b, 0x79, 0x1d, 0xba ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_additionalinput[] = { ++ 0x20, 0xb8, 0xdf, 0x44, 0x77, 0x5a, 0xb8, 0xd3, 0xbf, 0xf6, 0xcf, 0xac, ++ 0x5e, 0xa6, 0x96, 0x62, 0x73, 0x44, 0x40, 0x4a, 0x30, 0xfb, 0x38, 0xa5, ++ 0x7b, 0x0d, 0xe4, 0x0d, 0xc6, 0xe4, 0x9a, 0x1f ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_entropyinputpr[] = { ++ 0x04, 0xc4, 0x65, 0xf4, 0xd3, 0xbf, 0x83, 0x4b, 0xab, 0xc8, 0x41, 0xa8, ++ 0xc2, 0xe0, 0x44, 0x63, 0x77, 0x4c, 0x6f, 0x6c, 0x49, 0x46, 0xff, 0x94, ++ 0x17, 0xea, 0xe6, 0x1a, 0x9d, 0x5e, 0x66, 0x78 ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_int_returnedbits[] = { ++ 0x07, 0x4d, 0xac, 0x9b, 0x86, 0xca, 0x4a, 0xaa, 0x6e, 0x7a, 0x03, 0xa2, ++ 0x5d, 0x10, 0xea, 0x0b, 0xf9, 0x83, 0xcc, 0xd1, 0xfc, 0xe2, 0x07, 0xc7, ++ 0x06, 0x34, 0x60, 0x6f, 0x83, 0x94, 0x99, 0x76 ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_additionalinput2[] = { ++ 0x89, 0x4e, 0x45, 0x8c, 0x11, 0xf9, 0xbc, 0x5b, 0xac, 0x74, 0x8b, 0x4b, ++ 0x5f, 0xf7, 0x19, 0xf3, 0xf5, 0x24, 0x54, 0x14, 0xd1, 0x15, 0xb1, 0x43, ++ 0x12, 0xa4, 0x5f, 0xd4, 0xec, 0xfc, 0xcd, 0x09 ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_entropyinputpr2[] = { ++ 0x0e, 0xeb, 0x1f, 0xd7, 0xfc, 0xd1, 0x9d, 0xd4, 0x05, 0x36, 0x8b, 0xb2, ++ 0xfb, 0xe4, 0xf4, 0x51, 0x0c, 0x87, 0x9b, 0x02, 0x44, 0xd5, 0x92, 0x4d, ++ 0x44, 0xfe, 0x1a, 0x03, 0x43, 0x56, 0xbd, 0x86 ++}; ++ ++__fips_constseg static const unsigned char sha256_pr_returnedbits[] = { ++ 0x02, 0xaa, 0xb6, 0x1d, 0x7e, 0x2a, 0x40, 0x03, 0x69, 0x2d, 0x49, 0xa3, ++ 0x41, 0xe7, 0x44, 0x0b, 0xaf, 0x7b, 0x85, 0xe4, 0x5f, 0x53, 0x3b, 0x64, ++ 0xbc, 0x89, 0xc8, 0x82, 0xd4, 0x78, 0x37, 0xa2 ++}; ++ ++/* SHA-256 No PR */ ++__fips_constseg static const unsigned char sha256_entropyinput[] = { ++ 0x5b, 0x1b, 0xec, 0x4d, 0xa9, 0x38, 0x74, 0x5a, 0x34, 0x0b, 0x7b, 0xc5, ++ 0xe5, 0xd7, 0x66, 0x7c, 0xbc, 0x82, 0xb9, 0x0e, 0x2d, 0x1f, 0x92, 0xd7, ++ 0xc1, 0xbc, 0x67, 0x69, 0xec, 0x6b, 0x03, 0x3c ++}; ++ ++__fips_constseg static const unsigned char sha256_nonce[] = { ++ 0xa4, 0x0c, 0xd8, 0x9c, 0x61, 0xd8, 0xc3, 0x54, 0xfe, 0x53, 0xc9, 0xe5, ++ 0x5d, 0x6f, 0x6d, 0x35 ++}; ++ ++__fips_constseg static const unsigned char sha256_personalizationstring[] = { ++ 0x22, 0x5e, 0x62, 0x93, 0x42, 0x83, 0x78, 0x24, 0xd8, 0x40, 0x8c, 0xde, ++ 0x6f, 0xf9, 0xa4, 0x7a, 0xc5, 0xa7, 0x3b, 0x88, 0xa3, 0xee, 0x42, 0x20, ++ 0xfd, 0x61, 0x56, 0xc6, 0x4c, 0x13, 0x41, 0x9c ++}; ++ ++__fips_constseg static const unsigned char sha256_additionalinput[] = { ++ 0xbf, 0x74, 0x5b, 0xf6, 0xc5, 0x64, 0x5e, 0x99, 0x34, 0x8f, 0xbc, 0xa4, ++ 0xe2, 0xbd, 0xd8, 0x85, 0x26, 0x37, 0xea, 0xba, 0x4f, 0xf2, 0x9a, 0x9a, ++ 0x66, 0xfc, 0xdf, 0x63, 0x26, 0x26, 0x19, 0x87 ++}; ++ ++__fips_constseg static const unsigned char sha256_int_returnedbits[] = { ++ 0xb3, 0xc6, 0x07, 0x07, 0xd6, 0x75, 0xf6, 0x2b, 0xd6, 0x21, 0x96, 0xf1, ++ 0xae, 0xdb, 0x2b, 0xac, 0x25, 0x2a, 0xae, 0xae, 0x41, 0x72, 0x03, 0x5e, ++ 0xbf, 0xd3, 0x64, 0xbc, 0x59, 0xf9, 0xc0, 0x76 ++}; ++ ++__fips_constseg static const unsigned char sha256_entropyinputreseed[] = { ++ 0xbf, 0x20, 0x33, 0x56, 0x29, 0xa8, 0x37, 0x04, 0x1f, 0x78, 0x34, 0x3d, ++ 0x81, 0x2a, 0xc9, 0x86, 0xc6, 0x7a, 0x2f, 0x88, 0x5e, 0xd5, 0xbe, 0x34, ++ 0x46, 0x20, 0xa4, 0x35, 0xeb, 0xc7, 0xe2, 0x9d ++}; ++ ++__fips_constseg static const unsigned char sha256_additionalinputreseed[] = { ++ 0x9b, 0xae, 0x2d, 0x2d, 0x61, 0xa4, 0x89, 0xeb, 0x43, 0x46, 0xa7, 0xda, ++ 0xef, 0x40, 0xca, 0x4a, 0x99, 0x11, 0x41, 0xdc, 0x5c, 0x94, 0xe9, 0xac, ++ 0xd4, 0xd0, 0xe6, 0xbd, 0xfb, 0x03, 0x9c, 0xa8 ++}; ++ ++__fips_constseg static const unsigned char sha256_additionalinput2[] = { ++ 0x23, 0xaa, 0x0c, 0xbd, 0x28, 0x33, 0xe2, 0x51, 0xfc, 0x71, 0xd2, 0x15, ++ 0x1f, 0x76, 0xfd, 0x0d, 0xe0, 0xb7, 0xb5, 0x84, 0x75, 0x5b, 0xbe, 0xf3, ++ 0x5c, 0xca, 0xc5, 0x30, 0xf2, 0x75, 0x1f, 0xda ++}; ++ ++__fips_constseg static const unsigned char sha256_returnedbits[] = { ++ 0x90, 0x3c, 0xc1, 0x10, 0x8c, 0x12, 0x01, 0xc6, 0xa6, 0x3a, 0x0f, 0x4d, ++ 0xb6, 0x3a, 0x4f, 0x41, 0x9c, 0x61, 0x75, 0x84, 0xe9, 0x74, 0x75, 0xfd, ++ 0xfe, 0xf2, 0x1f, 0x43, 0xd8, 0x5e, 0x24, 0xa3 ++}; ++ ++/* SHA-384 PR */ ++__fips_constseg static const unsigned char sha384_pr_entropyinput[] = { ++ 0x71, 0x9d, 0xb2, 0x5a, 0x71, 0x6d, 0x04, 0xe9, 0x1e, 0xc7, 0x92, 0x24, ++ 0x6e, 0x12, 0x33, 0xa9, 0x52, 0x64, 0x31, 0xef, 0x71, 0xeb, 0x22, 0x55, ++ 0x28, 0x97, 0x06, 0x6a, 0xc0, 0x0c, 0xa0, 0x7e ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_nonce[] = { ++ 0xf5, 0x0d, 0xfa, 0xb0, 0xec, 0x6a, 0x7c, 0xd6, 0xbd, 0x9b, 0x05, 0xfd, ++ 0x38, 0x3e, 0x2e, 0x56 ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_personalizationstring[] = { ++ 0x74, 0xac, 0x7e, 0x6d, 0xb1, 0xa4, 0xe7, 0x21, 0xd1, 0x1e, 0x6e, 0x96, ++ 0x6d, 0x4d, 0x53, 0x46, 0x82, 0x96, 0x6e, 0xcf, 0xaa, 0x81, 0x8d, 0x7d, ++ 0x9e, 0xe1, 0x0f, 0x15, 0xea, 0x41, 0xbf, 0xe3 ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_additionalinput[] = { ++ 0xda, 0x95, 0xd4, 0xd0, 0xb8, 0x11, 0xd3, 0x49, 0x27, 0x5d, 0xa9, 0x39, ++ 0x68, 0xf3, 0xa8, 0xe9, 0x5d, 0x19, 0x8a, 0x2b, 0x66, 0xe8, 0x69, 0x06, ++ 0x7c, 0x9e, 0x03, 0xa1, 0x8b, 0x26, 0x2d, 0x6e ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_entropyinputpr[] = { ++ 0x49, 0xdf, 0x44, 0x00, 0xe4, 0x1c, 0x75, 0x0b, 0x26, 0x5a, 0x59, 0x64, ++ 0x1f, 0x4e, 0xb1, 0xb2, 0x13, 0xf1, 0x22, 0x4e, 0xb4, 0x6d, 0x9a, 0xcc, ++ 0xa0, 0x48, 0xe6, 0xcf, 0x1d, 0xd1, 0x92, 0x0d ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_int_returnedbits[] = { ++ 0xc8, 0x52, 0xae, 0xbf, 0x04, 0x3c, 0x27, 0xb7, 0x78, 0x18, 0xaa, 0x8f, ++ 0xff, 0xcf, 0xa4, 0xf1, 0xcc, 0xe7, 0x68, 0xfa, 0x22, 0xa2, 0x13, 0x45, ++ 0xe8, 0xdd, 0x87, 0xe6, 0xf2, 0x6e, 0xdd, 0xc7, 0x52, 0x90, 0x9f, 0x7b, ++ 0xfa, 0x61, 0x2d, 0x9d, 0x9e, 0xcf, 0x98, 0xac, 0x52, 0x40, 0xce, 0xaf ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_additionalinput2[] = { ++ 0x61, 0x7c, 0x03, 0x9a, 0x3e, 0x50, 0x57, 0x60, 0xc5, 0x83, 0xc9, 0xb2, ++ 0xd1, 0x87, 0x85, 0x66, 0x92, 0x5d, 0x84, 0x0e, 0x53, 0xfb, 0x70, 0x03, ++ 0x72, 0xfd, 0xba, 0xae, 0x9c, 0x8f, 0xf8, 0x18 ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_entropyinputpr2[] = { ++ 0xf8, 0xeb, 0x89, 0xb1, 0x8d, 0x78, 0xbe, 0x21, 0xe0, 0xbb, 0x9d, 0xb7, ++ 0x95, 0x0e, 0xd9, 0x46, 0x0c, 0x8c, 0xe2, 0x63, 0xb7, 0x9d, 0x67, 0x90, ++ 0xbd, 0xc7, 0x0b, 0xa5, 0xce, 0xb2, 0x65, 0x81 ++}; ++ ++__fips_constseg static const unsigned char sha384_pr_returnedbits[] = { ++ 0xe6, 0x9f, 0xfe, 0x68, 0xd6, 0xb5, 0x79, 0xf1, 0x06, 0x5f, 0xa3, 0xbb, ++ 0x23, 0x85, 0xd8, 0xf0, 0x29, 0x5a, 0x68, 0x9e, 0xf5, 0xf4, 0xa6, 0x12, ++ 0xe0, 0x9a, 0xe2, 0xac, 0x00, 0x1d, 0x98, 0x26, 0xfc, 0x53, 0x95, 0x53, ++ 0xe4, 0x3e, 0x17, 0xd5, 0x08, 0x0b, 0x70, 0x3d, 0x67, 0x99, 0xac, 0x66 ++}; ++ ++/* SHA-384 No PR */ ++__fips_constseg static const unsigned char sha384_entropyinput[] = { ++ 0x07, 0x15, 0x27, 0x2a, 0xaf, 0x74, 0x24, 0x37, 0xbc, 0xd5, 0x14, 0x69, ++ 0xce, 0x11, 0xff, 0xa2, 0x6b, 0xb8, 0x05, 0x67, 0x34, 0xf8, 0xbd, 0x6d, ++ 0x6a, 0xcc, 0xcd, 0x60, 0xa3, 0x68, 0xca, 0xf4 ++}; ++ ++__fips_constseg static const unsigned char sha384_nonce[] = { ++ 0x70, 0x17, 0xc2, 0x5b, 0x5d, 0x22, 0x0b, 0x06, 0x15, 0x54, 0x78, 0x77, ++ 0x44, 0xaf, 0x2f, 0x09 ++}; ++ ++__fips_constseg static const unsigned char sha384_personalizationstring[] = { ++ 0x89, 0x39, 0x28, 0xb0, 0x60, 0xeb, 0x3d, 0xdc, 0x55, 0x75, 0x86, 0xeb, ++ 0xae, 0xa2, 0x8f, 0xbc, 0x1b, 0x75, 0xd4, 0xe1, 0x0f, 0xaa, 0x38, 0xca, ++ 0x62, 0x8b, 0xcb, 0x2c, 0x26, 0xf6, 0xbc, 0xb1 ++}; ++ ++__fips_constseg static const unsigned char sha384_additionalinput[] = { ++ 0x30, 0x2b, 0x42, 0x35, 0xef, 0xda, 0x40, 0x55, 0x28, 0xc6, 0x95, 0xfb, ++ 0x54, 0x01, 0x62, 0xd7, 0x87, 0x14, 0x48, 0x6d, 0x90, 0x4c, 0xa9, 0x02, ++ 0x54, 0x40, 0x22, 0xc8, 0x66, 0xa5, 0x48, 0x48 ++}; ++ ++__fips_constseg static const unsigned char sha384_int_returnedbits[] = { ++ 0x82, 0xc4, 0xa1, 0x9c, 0x21, 0xd2, 0xe7, 0xa5, 0xa6, 0xf6, 0x5f, 0x04, ++ 0x5c, 0xc7, 0x31, 0x9d, 0x8d, 0x59, 0x74, 0x50, 0x19, 0x89, 0x2f, 0x63, ++ 0xd5, 0xb7, 0x7e, 0xeb, 0x15, 0xe3, 0x70, 0x83, 0xa1, 0x24, 0x59, 0xfa, ++ 0x2c, 0x56, 0xf6, 0x88, 0x3a, 0x92, 0x93, 0xa1, 0xfb, 0x79, 0xc1, 0x7a ++}; ++ ++__fips_constseg static const unsigned char sha384_entropyinputreseed[] = { ++ 0x39, 0xa6, 0xe8, 0x5c, 0x82, 0x17, 0x71, 0x26, 0x57, 0x4f, 0x9f, 0xc2, ++ 0x55, 0xff, 0x5c, 0x9b, 0x53, 0x1a, 0xd1, 0x5f, 0xbc, 0x62, 0xe4, 0x27, ++ 0x2d, 0x32, 0xf0, 0xe4, 0x52, 0x8c, 0xc5, 0x0c ++}; ++ ++__fips_constseg static const unsigned char sha384_additionalinputreseed[] = { ++ 0x8d, 0xcb, 0x8d, 0xce, 0x08, 0xea, 0x80, 0xe8, 0x9b, 0x61, 0xa8, 0x0f, ++ 0xaf, 0x49, 0x20, 0x9e, 0x74, 0xcb, 0x57, 0x80, 0x42, 0xb0, 0x84, 0x5e, ++ 0x30, 0x2a, 0x67, 0x08, 0xf4, 0xe3, 0x40, 0x22 ++}; ++ ++__fips_constseg static const unsigned char sha384_additionalinput2[] = { ++ 0x7c, 0x8f, 0xc2, 0xae, 0x22, 0x4a, 0xd6, 0xf6, 0x05, 0xa4, 0x7a, 0xea, ++ 0xbb, 0x25, 0xd0, 0xb7, 0x5a, 0xd6, 0xcf, 0x9d, 0xf3, 0x6c, 0xe2, 0xb2, ++ 0x4e, 0xb4, 0xbd, 0xf4, 0xe5, 0x40, 0x80, 0x94 ++}; ++ ++__fips_constseg static const unsigned char sha384_returnedbits[] = { ++ 0x9e, 0x7e, 0xfb, 0x59, 0xbb, 0xaa, 0x3c, 0xf7, 0xe1, 0xf8, 0x76, 0xdd, ++ 0x63, 0x5f, 0xaf, 0x23, 0xd6, 0x64, 0x61, 0xc0, 0x9a, 0x09, 0x47, 0xc9, ++ 0x33, 0xdf, 0x6d, 0x55, 0x91, 0x34, 0x79, 0x70, 0xc4, 0x99, 0x6e, 0x54, ++ 0x09, 0x64, 0x21, 0x1a, 0xbd, 0x1e, 0x80, 0x40, 0x34, 0xad, 0xfa, 0xd7 ++}; ++ ++/* SHA-512 PR */ ++__fips_constseg static const unsigned char sha512_pr_entropyinput[] = { ++ 0x13, 0xf7, 0x61, 0x75, 0x65, 0x28, 0xa2, 0x59, 0x13, 0x5a, 0x4a, 0x4f, ++ 0x56, 0x60, 0x8c, 0x53, 0x7d, 0xb0, 0xbd, 0x06, 0x4f, 0xed, 0xcc, 0xd2, ++ 0xa2, 0xb5, 0xfd, 0x5b, 0x3a, 0xab, 0xec, 0x28 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_nonce[] = { ++ 0xbe, 0xa3, 0x91, 0x93, 0x1d, 0xc3, 0x31, 0x3a, 0x23, 0x33, 0x50, 0x67, ++ 0x88, 0xc7, 0xa2, 0xc4 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_personalizationstring[] = { ++ 0x1f, 0x59, 0x4d, 0x7b, 0xe6, 0x46, 0x91, 0x48, 0xc1, 0x25, 0xfa, 0xff, ++ 0x89, 0x12, 0x77, 0x35, 0xdf, 0x3e, 0xf4, 0x80, 0x5f, 0xd9, 0xb0, 0x07, ++ 0x22, 0x41, 0xdd, 0x48, 0x78, 0x6b, 0x77, 0x2b ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_additionalinput[] = { ++ 0x30, 0xff, 0x63, 0x6f, 0xac, 0xd9, 0x84, 0x39, 0x6f, 0xe4, 0x99, 0xce, ++ 0x91, 0x7d, 0x7e, 0xc8, 0x58, 0xf2, 0x12, 0xc3, 0xb6, 0xad, 0xda, 0x22, ++ 0x04, 0xa0, 0xd2, 0x21, 0xfe, 0xf2, 0x95, 0x1d ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_entropyinputpr[] = { ++ 0x64, 0x54, 0x13, 0xec, 0x4f, 0x77, 0xda, 0xb2, 0x92, 0x2e, 0x52, 0x80, ++ 0x11, 0x10, 0xc2, 0xf8, 0xe6, 0xa7, 0xcd, 0x4b, 0xfc, 0x32, 0x2e, 0x9e, ++ 0xeb, 0xbb, 0xb1, 0xbf, 0x15, 0x5c, 0x73, 0x08 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_int_returnedbits[] = { ++ 0xef, 0x1e, 0xdc, 0x0a, 0xa4, 0x36, 0x91, 0x9c, 0x3d, 0x27, 0x97, 0x50, ++ 0x8d, 0x36, 0x29, 0x8d, 0xce, 0x6a, 0x0c, 0xf7, 0x21, 0xc0, 0x91, 0xae, ++ 0x0c, 0x96, 0x72, 0xbd, 0x52, 0x81, 0x58, 0xfc, 0x6d, 0xe5, 0xf7, 0xa5, ++ 0xfd, 0x5d, 0xa7, 0x58, 0x68, 0xc8, 0x99, 0x58, 0x8e, 0xc8, 0xce, 0x95, ++ 0x01, 0x7d, 0xff, 0xa4, 0xc8, 0xf7, 0x63, 0xfe, 0x5f, 0x69, 0x83, 0x53, ++ 0xe2, 0xc6, 0x8b, 0xc3 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_additionalinput2[] = { ++ 0xe6, 0x9b, 0xc4, 0x88, 0x34, 0xca, 0xea, 0x29, 0x2f, 0x98, 0x05, 0xa4, ++ 0xd3, 0xc0, 0x7b, 0x11, 0xe8, 0xbb, 0x75, 0xf2, 0xbd, 0x29, 0xb7, 0x40, ++ 0x25, 0x7f, 0xc1, 0xb7, 0xb1, 0xf1, 0x25, 0x61 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_entropyinputpr2[] = { ++ 0x23, 0x6d, 0xff, 0xde, 0xfb, 0xd1, 0xba, 0x33, 0x18, 0xe6, 0xbe, 0xb5, ++ 0x48, 0x77, 0x6d, 0x7f, 0xa7, 0xe1, 0x4d, 0x48, 0x1e, 0x3c, 0xa7, 0x34, ++ 0x1a, 0xc8, 0x60, 0xdb, 0x8f, 0x99, 0x15, 0x99 ++}; ++ ++__fips_constseg static const unsigned char sha512_pr_returnedbits[] = { ++ 0x70, 0x27, 0x31, 0xdb, 0x92, 0x70, 0x21, 0xfe, 0x16, 0xb6, 0xc8, 0x51, ++ 0x34, 0x87, 0x65, 0xd0, 0x4e, 0xfd, 0xfe, 0x68, 0xec, 0xac, 0xdc, 0x93, ++ 0x41, 0x38, 0x92, 0x90, 0xb4, 0x94, 0xf9, 0x0d, 0xa4, 0xf7, 0x4e, 0x80, ++ 0x92, 0x67, 0x48, 0x40, 0xa7, 0x08, 0xc7, 0xbc, 0x66, 0x00, 0xfd, 0xf7, ++ 0x4c, 0x8b, 0x17, 0x6e, 0xd1, 0x8f, 0x9b, 0xf3, 0x6f, 0xf6, 0x34, 0xdd, ++ 0x67, 0xf7, 0x68, 0xdd ++}; ++ ++/* SHA-512 No PR */ ++__fips_constseg static const unsigned char sha512_entropyinput[] = { ++ 0xb6, 0x0b, 0xb7, 0xbc, 0x84, 0x56, 0xf6, 0x12, 0xaf, 0x45, 0x67, 0x17, ++ 0x7c, 0xd1, 0xb2, 0x78, 0x2b, 0xa0, 0xf2, 0xbe, 0xb6, 0x6d, 0x8b, 0x56, ++ 0xc6, 0xbc, 0x4d, 0xe1, 0xf7, 0xbe, 0xce, 0xbd ++}; ++ ++__fips_constseg static const unsigned char sha512_nonce[] = { ++ 0x9d, 0xed, 0xc0, 0xe5, 0x5a, 0x98, 0x6a, 0xcb, 0x51, 0x7d, 0x76, 0x31, ++ 0x5a, 0x64, 0xf0, 0xf7 ++}; ++ ++__fips_constseg static const unsigned char sha512_personalizationstring[] = { ++ 0xc2, 0x6d, 0xa3, 0xc3, 0x06, 0x74, 0xe5, 0x01, 0x5c, 0x10, 0x17, 0xc7, ++ 0xaf, 0x83, 0x9d, 0x59, 0x8d, 0x2d, 0x29, 0x38, 0xc5, 0x59, 0x70, 0x8b, ++ 0x46, 0x48, 0x2d, 0xcf, 0x36, 0x7d, 0x59, 0xc0 ++}; ++ ++__fips_constseg static const unsigned char sha512_additionalinput[] = { ++ 0xec, 0x8c, 0xd4, 0xf7, 0x61, 0x6e, 0x0d, 0x95, 0x79, 0xb7, 0x28, 0xad, ++ 0x5f, 0x69, 0x74, 0x5f, 0x2d, 0x36, 0x06, 0x8a, 0x6b, 0xac, 0x54, 0x97, ++ 0xc4, 0xa1, 0x12, 0x85, 0x0a, 0xdf, 0x4b, 0x34 ++}; ++ ++__fips_constseg static const unsigned char sha512_int_returnedbits[] = { ++ 0x84, 0x2f, 0x1f, 0x68, 0x6a, 0xa3, 0xad, 0x1e, 0xfb, 0xf4, 0x15, 0xbd, ++ 0xde, 0x38, 0xd4, 0x30, 0x80, 0x51, 0xe9, 0xd3, 0xc7, 0x20, 0x88, 0xe9, ++ 0xf5, 0xcc, 0xdf, 0x57, 0x5c, 0x47, 0x2f, 0x57, 0x3c, 0x5f, 0x13, 0x56, ++ 0xcc, 0xc5, 0x4f, 0x84, 0xf8, 0x10, 0x41, 0xd5, 0x7e, 0x58, 0x6e, 0x19, ++ 0x19, 0x9e, 0xaf, 0xc2, 0x22, 0x58, 0x41, 0x50, 0x79, 0xc2, 0xd8, 0x04, ++ 0x28, 0xd4, 0x39, 0x9a ++}; ++ ++__fips_constseg static const unsigned char sha512_entropyinputreseed[] = { ++ 0xfa, 0x7f, 0x46, 0x51, 0x83, 0x62, 0x98, 0x16, 0x9a, 0x19, 0xa2, 0x49, ++ 0xa9, 0xe6, 0x4a, 0xd8, 0x85, 0xe7, 0xd4, 0x3b, 0x2c, 0x82, 0xc5, 0x82, ++ 0xbf, 0x11, 0xf9, 0x9e, 0xbc, 0xd0, 0x01, 0xee ++}; ++ ++__fips_constseg static const unsigned char sha512_additionalinputreseed[] = { ++ 0xb9, 0x12, 0xe0, 0x4f, 0xf7, 0xa7, 0xc4, 0xd8, 0xd0, 0x8e, 0x99, 0x29, ++ 0x7c, 0x9a, 0xe9, 0xcf, 0xc4, 0x6c, 0xf8, 0xc3, 0xa7, 0x41, 0x83, 0xd6, ++ 0x2e, 0xfa, 0xb8, 0x5e, 0x8e, 0x6b, 0x78, 0x20 ++}; ++ ++__fips_constseg static const unsigned char sha512_additionalinput2[] = { ++ 0xd7, 0x07, 0x52, 0xb9, 0x83, 0x2c, 0x03, 0x71, 0xee, 0xc9, 0xc0, 0x85, ++ 0xe1, 0x57, 0xb2, 0xcd, 0x3a, 0xf0, 0xc9, 0x34, 0x24, 0x41, 0x1c, 0x42, ++ 0x99, 0xb2, 0x84, 0xe9, 0x17, 0xd2, 0x76, 0x92 ++}; ++ ++__fips_constseg static const unsigned char sha512_returnedbits[] = { ++ 0x36, 0x17, 0x5d, 0x98, 0x2b, 0x65, 0x25, 0x8e, 0xc8, 0x29, 0xdf, 0x27, ++ 0x05, 0x36, 0x26, 0x12, 0x8a, 0x68, 0x74, 0x27, 0x37, 0xd4, 0x7f, 0x32, ++ 0xb1, 0x12, 0xd6, 0x85, 0x83, 0xeb, 0x2e, 0xa0, 0xed, 0x4b, 0xb5, 0x7b, ++ 0x6f, 0x39, 0x3c, 0x71, 0x77, 0x02, 0x12, 0xcc, 0x2c, 0x3a, 0x8e, 0x63, ++ 0xdf, 0x4a, 0xbd, 0x6f, 0x6e, 0x2e, 0xed, 0x0a, 0x85, 0xa5, 0x2f, 0xa2, ++ 0x68, 0xde, 0x42, 0xb5 ++}; ++ ++/* HMAC SHA-1 PR */ ++__fips_constseg static const unsigned char hmac_sha1_pr_entropyinput[] = { ++ 0x26, 0x5f, 0x36, 0x14, 0xff, 0x3d, 0x83, 0xfa, 0x73, 0x5e, 0x75, 0xdc, ++ 0x2c, 0x18, 0x17, 0x1b ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_nonce[] = { ++ 0xc8, 0xe3, 0x57, 0xa5, 0x7b, 0x74, 0x86, 0x6e ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha1_pr_personalizationstring[] = { ++ 0x6e, 0xdb, 0x0d, 0xfe, 0x7d, 0xac, 0x79, 0xd0, 0xa5, 0x3a, 0x48, 0x85, ++ 0x80, 0xe2, 0x7f, 0x2a ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_additionalinput[] = { ++ 0x31, 0xcd, 0x5e, 0x43, 0xdc, 0xfb, 0x7a, 0x79, 0xca, 0x88, 0xde, 0x1f, ++ 0xd7, 0xbb, 0x42, 0x09 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_entropyinputpr[] = { ++ 0x7c, 0x23, 0x95, 0x38, 0x00, 0x95, 0xc1, 0x78, 0x1f, 0x8f, 0xd7, 0x63, ++ 0x23, 0x87, 0x2a, 0xed ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_int_returnedbits[] = { ++ 0xbb, 0x34, 0xe7, 0x93, 0xa3, 0x02, 0x2c, 0x4a, 0xd0, 0x89, 0xda, 0x7f, ++ 0xed, 0xf4, 0x4c, 0xde, 0x17, 0xec, 0xe5, 0x6c ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_additionalinput2[] = { ++ 0x49, 0xbc, 0x2d, 0x2c, 0xb7, 0x32, 0xcb, 0x20, 0xdf, 0xf5, 0x77, 0x58, ++ 0xa0, 0x4b, 0x93, 0x6e ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_entropyinputpr2[] = { ++ 0x3c, 0xaa, 0xb0, 0x21, 0x42, 0xb0, 0xdd, 0x34, 0xf0, 0x16, 0x7f, 0x0c, ++ 0x0f, 0xff, 0x2e, 0xaf ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_pr_returnedbits[] = { ++ 0x8e, 0xcb, 0xa3, 0x64, 0xb2, 0xb8, 0x33, 0x6c, 0x64, 0x3b, 0x78, 0x16, ++ 0x99, 0x35, 0xc8, 0x30, 0xcb, 0x3e, 0xa0, 0xd8 ++}; ++ ++/* HMAC SHA-1 No PR */ ++__fips_constseg static const unsigned char hmac_sha1_entropyinput[] = { ++ 0x32, 0x9a, 0x2a, 0x87, 0x7b, 0x89, 0x7c, 0xf6, 0xcb, 0x95, 0xd5, 0x40, ++ 0x17, 0xfe, 0x47, 0x70 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_nonce[] = { ++ 0x16, 0xd8, 0xe0, 0xc7, 0x52, 0xcf, 0x4a, 0x25 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_personalizationstring[] = { ++ 0x35, 0x35, 0xa9, 0xa5, 0x40, 0xbe, 0x9b, 0xd1, 0x56, 0xdd, 0x44, 0x00, ++ 0x72, 0xf7, 0xd3, 0x5e ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_additionalinput[] = { ++ 0x1b, 0x2c, 0x84, 0x2d, 0x4a, 0x89, 0x8f, 0x69, 0x19, 0xf1, 0xf3, 0xdb, ++ 0xbb, 0xe3, 0xaa, 0xea ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_int_returnedbits[] = { ++ 0xcf, 0xfa, 0x7d, 0x72, 0x0f, 0xe6, 0xc7, 0x96, 0xa0, 0x69, 0x31, 0x11, ++ 0x9b, 0x0b, 0x1a, 0x20, 0x1f, 0x3f, 0xaa, 0xd1 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_entropyinputreseed[] = { ++ 0x90, 0x75, 0x15, 0x04, 0x95, 0xf1, 0xba, 0x81, 0x0c, 0x37, 0x94, 0x6f, ++ 0x86, 0x52, 0x6d, 0x9c ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_additionalinputreseed[] = { ++ 0x5b, 0x40, 0xba, 0x5f, 0x17, 0x70, 0xf0, 0x4b, 0xdf, 0xc9, 0x97, 0x92, ++ 0x79, 0xc5, 0x82, 0x28 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_additionalinput2[] = { ++ 0x97, 0xc8, 0x80, 0x90, 0xb3, 0xaa, 0x6e, 0x60, 0xea, 0x83, 0x7a, 0xe3, ++ 0x8a, 0xca, 0xa4, 0x7f ++}; ++ ++__fips_constseg static const unsigned char hmac_sha1_returnedbits[] = { ++ 0x90, 0xbd, 0x05, 0x56, 0x6d, 0xb5, 0x22, 0xd5, 0xb9, 0x5a, 0x29, 0x2d, ++ 0xe9, 0x0b, 0xe1, 0xac, 0xde, 0x27, 0x0b, 0xb0 ++}; ++ ++/* HMAC SHA-224 PR */ ++__fips_constseg static const unsigned char hmac_sha224_pr_entropyinput[] = { ++ 0x17, 0x32, 0x2b, 0x2e, 0x6f, 0x1b, 0x9c, 0x6d, 0x31, 0xe0, 0x34, 0x07, ++ 0xcf, 0xed, 0xf6, 0xb6, 0x5a, 0x76, 0x4c, 0xbc, 0x62, 0x85, 0x01, 0x90 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_nonce[] = { ++ 0x38, 0xbf, 0x5f, 0x20, 0xb3, 0x68, 0x2f, 0x43, 0x61, 0x05, 0x8f, 0x23 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha224_pr_personalizationstring[] = { ++ 0xc0, 0xc9, 0x45, 0xac, 0x8d, 0x27, 0x77, 0x08, 0x0b, 0x17, 0x6d, 0xed, ++ 0xc1, 0x7d, 0xd5, 0x07, 0x9d, 0x6e, 0xf8, 0x23, 0x2a, 0x22, 0x13, 0xbd ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_additionalinput[] = { ++ 0xa4, 0x3c, 0xe7, 0x3b, 0xea, 0x19, 0x45, 0x32, 0xc2, 0x83, 0x6d, 0x21, ++ 0x8a, 0xc0, 0xee, 0x67, 0x45, 0xde, 0x13, 0x7d, 0x9d, 0x61, 0x00, 0x3b ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_entropyinputpr[] = { ++ 0x15, 0x05, 0x74, 0x4a, 0x7f, 0x8d, 0x5c, 0x60, 0x16, 0xe5, 0x7b, 0xad, ++ 0xf5, 0x41, 0x8f, 0x55, 0x60, 0xc4, 0x09, 0xee, 0x1e, 0x11, 0x81, 0xab ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_int_returnedbits[] = { ++ 0x6f, 0xf5, 0x9a, 0xe2, 0x54, 0x53, 0x30, 0x3d, 0x5a, 0x27, 0x29, 0x38, ++ 0x27, 0xf2, 0x0d, 0x05, 0xe9, 0x26, 0xcb, 0x16, 0xc3, 0x51, 0x5f, 0x13, ++ 0x41, 0xfe, 0x99, 0xf2 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_additionalinput2[] = { ++ 0x73, 0x81, 0x88, 0x84, 0x8f, 0xed, 0x6f, 0x10, 0x9f, 0x93, 0xbf, 0x17, ++ 0x35, 0x7c, 0xef, 0xd5, 0x8d, 0x26, 0xa6, 0x7a, 0xe8, 0x09, 0x36, 0x4f ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_entropyinputpr2[] = { ++ 0xe6, 0xcf, 0xcf, 0x7e, 0x12, 0xe5, 0x43, 0xd2, 0x38, 0xd8, 0x24, 0x6f, ++ 0x5a, 0x37, 0x68, 0xbf, 0x4f, 0xa0, 0xff, 0xd5, 0x61, 0x8a, 0x93, 0xe0 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_pr_returnedbits[] = { ++ 0xaf, 0xf9, 0xd8, 0x19, 0x91, 0x30, 0x82, 0x6f, 0xa9, 0x1e, 0x9d, 0xd7, ++ 0xf3, 0x50, 0xe0, 0xc7, 0xd5, 0x64, 0x96, 0x7d, 0x4c, 0x4d, 0x78, 0x03, ++ 0x6d, 0xd8, 0x9e, 0x72 ++}; ++ ++/* HMAC SHA-224 No PR */ ++__fips_constseg static const unsigned char hmac_sha224_entropyinput[] = { ++ 0x11, 0x82, 0xfd, 0xd9, 0x42, 0xf4, 0xfa, 0xc8, 0xf2, 0x41, 0xe6, 0x54, ++ 0x01, 0xae, 0x22, 0x6e, 0xc6, 0xaf, 0xaf, 0xd0, 0xa6, 0xb2, 0xe2, 0x6d ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_nonce[] = { ++ 0xa9, 0x48, 0xd7, 0x92, 0x39, 0x7e, 0x2a, 0xdc, 0x30, 0x1f, 0x0e, 0x2b ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha224_personalizationstring[] = { ++ 0x11, 0xd5, 0xf4, 0xbd, 0x67, 0x8c, 0x31, 0xcf, 0xa3, 0x3f, 0x1e, 0x6b, ++ 0xa8, 0x07, 0x02, 0x0b, 0xc8, 0x2e, 0x6c, 0x64, 0x41, 0x5b, 0xc8, 0x37 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_additionalinput[] = { ++ 0x68, 0x18, 0xc2, 0x06, 0xeb, 0x3e, 0x04, 0x95, 0x44, 0x5e, 0xfb, 0xe6, ++ 0x41, 0xc1, 0x5c, 0xcc, 0x40, 0x2f, 0xb7, 0xd2, 0x0f, 0xf3, 0x6b, 0xe7 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_int_returnedbits[] = { ++ 0x7f, 0x45, 0xc7, 0x5d, 0x32, 0xe6, 0x17, 0x60, 0xba, 0xdc, 0xb8, 0x42, ++ 0x1b, 0x9c, 0xf1, 0xfa, 0x3b, 0x4d, 0x29, 0x54, 0xc6, 0x90, 0xff, 0x5c, ++ 0xcd, 0xd6, 0xa9, 0xcc ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_entropyinputreseed[] = { ++ 0xc4, 0x8e, 0x37, 0x95, 0x69, 0x53, 0x28, 0xd7, 0x37, 0xbb, 0x70, 0x95, ++ 0x1c, 0x07, 0x1d, 0xd9, 0xb7, 0xe6, 0x1b, 0xbb, 0xfe, 0x41, 0xeb, 0xc9 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha224_additionalinputreseed[] = { ++ 0x53, 0x17, 0xa1, 0x6a, 0xfa, 0x77, 0x47, 0xb0, 0x95, 0x56, 0x9a, 0x20, ++ 0x57, 0xde, 0x5c, 0x89, 0x9f, 0x7f, 0xe2, 0xde, 0x17, 0x3a, 0x50, 0x23 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_additionalinput2[] = { ++ 0x3a, 0x32, 0xf9, 0x85, 0x0c, 0xc1, 0xed, 0x76, 0x2d, 0xdf, 0x40, 0xc3, ++ 0x06, 0x22, 0x66, 0xd4, 0x9a, 0x9a, 0xff, 0x5a, 0x7e, 0x7a, 0xf3, 0x96 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha224_returnedbits[] = { ++ 0x43, 0xb4, 0x57, 0x5c, 0x38, 0x25, 0x9d, 0xae, 0xec, 0x96, 0xd1, 0x85, ++ 0x3a, 0x84, 0x8d, 0xfe, 0x68, 0xd5, 0x0e, 0x5c, 0x8f, 0x65, 0xa5, 0x4e, ++ 0x45, 0x84, 0xa8, 0x94 ++}; ++ ++/* HMAC SHA-256 PR */ ++__fips_constseg static const unsigned char hmac_sha256_pr_entropyinput[] = { ++ 0x4d, 0xb0, 0x43, 0xd8, 0x34, 0x4b, 0x10, 0x70, 0xb1, 0x8b, 0xed, 0xea, ++ 0x07, 0x92, 0x9f, 0x6c, 0x79, 0x31, 0xaf, 0x81, 0x29, 0xeb, 0x6e, 0xca, ++ 0x32, 0x48, 0x28, 0xe7, 0x02, 0x5d, 0xa6, 0xa6 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_nonce[] = { ++ 0x3a, 0xae, 0x15, 0xa9, 0x99, 0xdc, 0xe4, 0x67, 0x34, 0x3b, 0x70, 0x15, ++ 0xaa, 0xd3, 0x30, 0x9a ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha256_pr_personalizationstring[] = { ++ 0x13, 0x1d, 0x24, 0x04, 0xb0, 0x18, 0x81, 0x15, 0x21, 0x51, 0x2a, 0x24, ++ 0x52, 0x61, 0xbe, 0x64, 0x82, 0x6b, 0x55, 0x2f, 0xe2, 0xf1, 0x40, 0x7d, ++ 0x71, 0xd8, 0x01, 0x86, 0x15, 0xb7, 0x8b, 0xb5 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_additionalinput[] = { ++ 0x8f, 0xa6, 0x54, 0x5f, 0xb1, 0xd0, 0xd8, 0xc3, 0xe7, 0x0c, 0x15, 0xa9, ++ 0x23, 0x6e, 0xfe, 0xfb, 0x93, 0xf7, 0x3a, 0xbd, 0x59, 0x01, 0xfa, 0x18, ++ 0x8e, 0xe9, 0x1a, 0xa9, 0x78, 0xfc, 0x79, 0x0b ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_entropyinputpr[] = { ++ 0xcf, 0x24, 0xb9, 0xeb, 0xb3, 0xd4, 0xcd, 0x17, 0x37, 0x38, 0x75, 0x79, ++ 0x15, 0xcb, 0x2d, 0x75, 0x51, 0xf1, 0xcc, 0xaa, 0x32, 0xa4, 0xa7, 0x36, ++ 0x7c, 0x5c, 0xe4, 0x47, 0xf1, 0x3e, 0x1d, 0xe5 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_int_returnedbits[] = { ++ 0x52, 0x42, 0xfa, 0xeb, 0x85, 0xe0, 0x30, 0x22, 0x79, 0x00, 0x16, 0xb2, ++ 0x88, 0x2f, 0x14, 0x6a, 0xb7, 0xfc, 0xb7, 0x53, 0xdc, 0x4a, 0x12, 0xef, ++ 0x54, 0xd6, 0x33, 0xe9, 0x20, 0xd6, 0xfd, 0x56 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_additionalinput2[] = { ++ 0xf4, 0xf6, 0x49, 0xa1, 0x2d, 0x64, 0x2b, 0x30, 0x58, 0xf8, 0xbd, 0xb8, ++ 0x75, 0xeb, 0xbb, 0x5e, 0x1c, 0x9b, 0x81, 0x6a, 0xda, 0x14, 0x86, 0x6e, ++ 0xd0, 0xda, 0x18, 0xb7, 0x88, 0xfb, 0x59, 0xf3 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_entropyinputpr2[] = { ++ 0x21, 0xcd, 0x6e, 0x46, 0xad, 0x99, 0x07, 0x17, 0xb4, 0x3d, 0x76, 0x0a, ++ 0xff, 0x5b, 0x52, 0x50, 0x78, 0xdf, 0x1f, 0x24, 0x06, 0x0d, 0x3f, 0x74, ++ 0xa9, 0xc9, 0x37, 0xcf, 0xd8, 0x26, 0x25, 0x91 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_pr_returnedbits[] = { ++ 0xa7, 0xaf, 0x2f, 0x29, 0xe0, 0x3a, 0x72, 0x95, 0x96, 0x1c, 0xa9, 0xf0, ++ 0x4a, 0x17, 0x4d, 0x66, 0x06, 0x10, 0xbf, 0x39, 0x89, 0x88, 0xb8, 0x91, ++ 0x37, 0x18, 0x99, 0xcf, 0x8c, 0x53, 0x3b, 0x7e ++}; ++ ++/* HMAC SHA-256 No PR */ ++__fips_constseg static const unsigned char hmac_sha256_entropyinput[] = { ++ 0x96, 0xb7, 0x53, 0x22, 0x1e, 0x52, 0x2a, 0x96, 0xb1, 0x15, 0x3c, 0x35, ++ 0x5a, 0x8b, 0xd3, 0x4a, 0xa6, 0x6c, 0x83, 0x0a, 0x7d, 0xa3, 0x23, 0x3d, ++ 0x43, 0xa1, 0x07, 0x2c, 0x2d, 0xe3, 0x81, 0xcc ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_nonce[] = { ++ 0xf1, 0xac, 0x97, 0xcb, 0x5e, 0x06, 0x48, 0xd2, 0x94, 0xbe, 0x15, 0x2e, ++ 0xc7, 0xfc, 0xc2, 0x01 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha256_personalizationstring[] = { ++ 0x98, 0xc5, 0x1e, 0x35, 0x5e, 0x89, 0x0d, 0xce, 0x64, 0x6d, 0x18, 0xa7, ++ 0x5a, 0xc6, 0xf3, 0xe7, 0xd6, 0x9e, 0xc0, 0xea, 0xb7, 0x3a, 0x8d, 0x65, ++ 0xb8, 0xeb, 0x10, 0xd7, 0x57, 0x18, 0xa0, 0x32 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_additionalinput[] = { ++ 0x1b, 0x10, 0xaf, 0xac, 0xd0, 0x65, 0x95, 0xad, 0x04, 0xad, 0x03, 0x1c, ++ 0xe0, 0x40, 0xd6, 0x3e, 0x1c, 0x46, 0x53, 0x39, 0x7c, 0xe2, 0xbc, 0xda, ++ 0x8c, 0xa2, 0x33, 0xa7, 0x9a, 0x26, 0xd3, 0x27 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_int_returnedbits[] = { ++ 0xba, 0x61, 0x0e, 0x55, 0xfe, 0x11, 0x8a, 0x9e, 0x0f, 0x80, 0xdf, 0x1d, ++ 0x03, 0x0a, 0xfe, 0x15, 0x94, 0x28, 0x4b, 0xba, 0xf4, 0x9f, 0x51, 0x25, ++ 0x88, 0xe5, 0x4e, 0xfb, 0xaf, 0xce, 0x69, 0x90 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_entropyinputreseed[] = { ++ 0x62, 0x7f, 0x1e, 0x6b, 0xe8, 0x8e, 0xe1, 0x35, 0x7d, 0x9b, 0x4f, 0xc7, ++ 0xec, 0xc8, 0xac, 0xef, 0x6b, 0x13, 0x9e, 0x05, 0x56, 0xc1, 0x08, 0xf9, ++ 0x2f, 0x0f, 0x27, 0x9c, 0xd4, 0x15, 0xed, 0x2d ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha256_additionalinputreseed[] = { ++ 0xc7, 0x76, 0x6e, 0xa9, 0xd2, 0xb2, 0x76, 0x40, 0x82, 0x25, 0x2c, 0xb3, ++ 0x6f, 0xac, 0xe9, 0x74, 0xef, 0x8f, 0x3c, 0x8e, 0xcd, 0xf1, 0xbf, 0xb3, ++ 0x49, 0x77, 0x34, 0x88, 0x52, 0x36, 0xe6, 0x2e ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_additionalinput2[] = { ++ 0x8d, 0xb8, 0x0c, 0xd1, 0xbf, 0x70, 0xf6, 0x19, 0xc3, 0x41, 0x80, 0x9f, ++ 0xe1, 0xa5, 0xa4, 0x1f, 0x2c, 0x26, 0xb1, 0xe5, 0xd8, 0xeb, 0xbe, 0xf8, ++ 0xdf, 0x88, 0x6a, 0x89, 0xd6, 0x05, 0xd8, 0x9d ++}; ++ ++__fips_constseg static const unsigned char hmac_sha256_returnedbits[] = { ++ 0x43, 0x12, 0x2a, 0x2c, 0x40, 0x53, 0x2e, 0x7c, 0x66, 0x34, 0xac, 0xc3, ++ 0x43, 0xe3, 0xe0, 0x6a, 0xfc, 0xfa, 0xea, 0x87, 0x21, 0x1f, 0xe2, 0x26, ++ 0xc4, 0xf9, 0x09, 0x9a, 0x0d, 0x6e, 0x7f, 0xe0 ++}; ++ ++/* HMAC SHA-384 PR */ ++__fips_constseg static const unsigned char hmac_sha384_pr_entropyinput[] = { ++ 0x69, 0x81, 0x98, 0x88, 0x44, 0xf5, 0xd6, 0x2e, 0x00, 0x08, 0x3b, 0xc5, ++ 0xfb, 0xd7, 0x8e, 0x6f, 0x23, 0xf8, 0x6d, 0x09, 0xd6, 0x85, 0x49, 0xd1, ++ 0xf8, 0x6d, 0xa4, 0x58, 0x54, 0xfd, 0x88, 0xa9 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_nonce[] = { ++ 0x6e, 0x38, 0x81, 0xca, 0xb7, 0xe8, 0x6e, 0x66, 0x49, 0x8a, 0xb2, 0x59, ++ 0xee, 0x16, 0xc9, 0xde ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha384_pr_personalizationstring[] = { ++ 0xfe, 0x4c, 0xd9, 0xf4, 0x78, 0x3b, 0x08, 0x41, 0x8d, 0x8f, 0x55, 0xc4, ++ 0x43, 0x56, 0xb6, 0x12, 0x36, 0x6b, 0x30, 0xb7, 0x5e, 0xe1, 0xb9, 0x47, ++ 0x04, 0xb1, 0x4e, 0xa9, 0x00, 0xa1, 0x52, 0xa1 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_additionalinput[] = { ++ 0x89, 0xe9, 0xcc, 0x8f, 0x27, 0x3c, 0x26, 0xd1, 0x95, 0xc8, 0x7d, 0x0f, ++ 0x5b, 0x1a, 0xf0, 0x78, 0x39, 0x56, 0x6f, 0xa4, 0x23, 0xe7, 0xd1, 0xda, ++ 0x7c, 0x66, 0x33, 0xa0, 0x90, 0xc9, 0x92, 0x88 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_entropyinputpr[] = { ++ 0xbe, 0x3d, 0x7c, 0x0d, 0xca, 0xda, 0x7c, 0x49, 0xb8, 0x12, 0x36, 0xc0, ++ 0xdb, 0xad, 0x35, 0xa8, 0xc7, 0x0b, 0x2a, 0x2c, 0x69, 0x6d, 0x25, 0x56, ++ 0x63, 0x82, 0x11, 0x3e, 0xa7, 0x33, 0x70, 0x72 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_int_returnedbits[] = { ++ 0x82, 0x3d, 0xe6, 0x54, 0x80, 0x42, 0xf8, 0xba, 0x90, 0x4f, 0x06, 0xa6, ++ 0xd2, 0x7f, 0xbf, 0x79, 0x7c, 0x12, 0x7d, 0xa6, 0xa2, 0x66, 0xe8, 0xa6, ++ 0xc0, 0xd6, 0x4a, 0x55, 0xbf, 0xd8, 0x0a, 0xc5, 0xf8, 0x03, 0x88, 0xdd, ++ 0x8e, 0x87, 0xd1, 0x5a, 0x48, 0x26, 0x72, 0x2a, 0x8e, 0xcf, 0xee, 0xba ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_additionalinput2[] = { ++ 0x8f, 0xff, 0xd9, 0x84, 0xbb, 0x85, 0x3a, 0x66, 0xa1, 0x21, 0xce, 0xb2, ++ 0x3a, 0x3a, 0x17, 0x22, 0x19, 0xae, 0xc7, 0xb6, 0x63, 0x81, 0xd5, 0xff, ++ 0x0d, 0xc8, 0xe1, 0xaf, 0x57, 0xd2, 0xcb, 0x60 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_entropyinputpr2[] = { ++ 0xd7, 0xfb, 0xc9, 0xe8, 0xe2, 0xf2, 0xaa, 0x4c, 0xb8, 0x51, 0x2f, 0xe1, ++ 0x22, 0xba, 0xf3, 0xda, 0x0a, 0x19, 0x76, 0x71, 0x57, 0xb2, 0x1d, 0x94, ++ 0x09, 0x69, 0x6c, 0xd3, 0x97, 0x51, 0x81, 0x87 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_pr_returnedbits[] = { ++ 0xe6, 0x19, 0x28, 0xa8, 0x21, 0xce, 0x5e, 0xdb, 0x24, 0x79, 0x8c, 0x76, ++ 0x5d, 0x73, 0xb2, 0xdf, 0xac, 0xef, 0x85, 0xa7, 0x3b, 0x19, 0x09, 0x8b, ++ 0x7f, 0x98, 0x28, 0xa9, 0x93, 0xd8, 0x7a, 0xad, 0x55, 0x8b, 0x24, 0x9d, ++ 0xe6, 0x98, 0xfe, 0x47, 0xd5, 0x48, 0xc1, 0x23, 0xd8, 0x1d, 0x62, 0x75 ++}; ++ ++/* HMAC SHA-384 No PR */ ++__fips_constseg static const unsigned char hmac_sha384_entropyinput[] = { ++ 0xc3, 0x56, 0x2b, 0x1d, 0xc2, 0xbb, 0xa8, 0xf0, 0xae, 0x1b, 0x0d, 0xd3, ++ 0x5a, 0x6c, 0xda, 0x57, 0x8e, 0xa5, 0x8a, 0x0d, 0x6c, 0x4b, 0x18, 0xb1, ++ 0x04, 0x3e, 0xb4, 0x99, 0x35, 0xc4, 0xc0, 0x5f ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_nonce[] = { ++ 0xc5, 0x49, 0x1e, 0x66, 0x27, 0x92, 0xbe, 0xec, 0xb5, 0x1e, 0x4b, 0xb1, ++ 0x38, 0xe3, 0xeb, 0x62 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha384_personalizationstring[] = { ++ 0xbe, 0xe7, 0x6b, 0x57, 0xde, 0x88, 0x11, 0x96, 0x9b, 0x6e, 0xea, 0xe5, ++ 0x63, 0x83, 0x4c, 0xb6, 0x8d, 0x66, 0xaa, 0x1f, 0x8b, 0x54, 0xe7, 0x62, ++ 0x6d, 0x5a, 0xfc, 0xbf, 0x97, 0xba, 0xcd, 0x77 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_additionalinput[] = { ++ 0xe5, 0x28, 0x5f, 0x43, 0xf5, 0x83, 0x6e, 0x0a, 0x83, 0x5c, 0xe3, 0x81, ++ 0x03, 0xf2, 0xf8, 0x78, 0x00, 0x7c, 0x95, 0x87, 0x16, 0xd6, 0x6c, 0x58, ++ 0x33, 0x6c, 0x53, 0x35, 0x0d, 0x66, 0xe3, 0xce ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_int_returnedbits[] = { ++ 0xe2, 0x1f, 0xf3, 0xda, 0x0d, 0x19, 0x99, 0x87, 0xc4, 0x90, 0xa2, 0x31, ++ 0xca, 0x2a, 0x89, 0x58, 0x43, 0x44, 0xb8, 0xde, 0xcf, 0xa4, 0xbe, 0x3b, ++ 0x53, 0x26, 0x22, 0x31, 0x76, 0x41, 0x22, 0xb5, 0xa8, 0x70, 0x2f, 0x4b, ++ 0x64, 0x95, 0x4d, 0x48, 0x96, 0x35, 0xe6, 0xbd, 0x3c, 0x34, 0xdb, 0x1b ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_entropyinputreseed[] = { ++ 0x77, 0x61, 0xba, 0xbc, 0xf2, 0xc1, 0xf3, 0x4b, 0x86, 0x65, 0xfd, 0x48, ++ 0x0e, 0x3c, 0x02, 0x5e, 0xa2, 0x7a, 0x6b, 0x7c, 0xed, 0x21, 0x5e, 0xf9, ++ 0xcd, 0xcd, 0x77, 0x07, 0x2b, 0xbe, 0xc5, 0x5c ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha384_additionalinputreseed[] = { ++ 0x18, 0x24, 0x5f, 0xc6, 0x84, 0xd1, 0x67, 0xc3, 0x9a, 0x11, 0xa5, 0x8c, ++ 0x07, 0x39, 0x21, 0x83, 0x4d, 0x04, 0xc4, 0x6a, 0x28, 0x19, 0xcf, 0x92, ++ 0x21, 0xd9, 0x9e, 0x41, 0x72, 0x6c, 0x9e, 0x63 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_additionalinput2[] = { ++ 0x96, 0x67, 0x41, 0x28, 0x9b, 0xb7, 0x92, 0x8d, 0x64, 0x3b, 0xe4, 0xcf, ++ 0x7e, 0xaa, 0x1e, 0xb1, 0x4b, 0x1d, 0x09, 0x56, 0x67, 0x9c, 0xc6, 0x6d, ++ 0x3b, 0xe8, 0x91, 0x9d, 0xe1, 0x8a, 0xb7, 0x32 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha384_returnedbits[] = { ++ 0xe3, 0x59, 0x61, 0x38, 0x92, 0xec, 0xe2, 0x3c, 0xff, 0xb7, 0xdb, 0x19, ++ 0x0f, 0x5b, 0x93, 0x68, 0x0d, 0xa4, 0x94, 0x40, 0x72, 0x0b, 0xe0, 0xed, ++ 0x4d, 0xcd, 0x68, 0xa0, 0x1e, 0xfe, 0x67, 0xb2, 0xfa, 0x21, 0x56, 0x74, ++ 0xa4, 0xad, 0xcf, 0xb7, 0x60, 0x66, 0x2e, 0x40, 0xde, 0x82, 0xca, 0xfb ++}; ++ ++/* HMAC SHA-512 PR */ ++__fips_constseg static const unsigned char hmac_sha512_pr_entropyinput[] = { ++ 0xaa, 0x9e, 0x45, 0x67, 0x0e, 0x00, 0x2a, 0x67, 0x98, 0xd6, 0xda, 0x0b, ++ 0x0f, 0x17, 0x7e, 0xac, 0xfd, 0x27, 0xc4, 0xca, 0x84, 0xdf, 0xde, 0xba, ++ 0x85, 0xd9, 0xbe, 0x8f, 0xf3, 0xff, 0x91, 0x4d ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_nonce[] = { ++ 0x8c, 0x49, 0x2f, 0x58, 0x1e, 0x7a, 0xda, 0x4b, 0x7e, 0x8a, 0x30, 0x7b, ++ 0x86, 0xea, 0xaf, 0xa2 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha512_pr_personalizationstring[] = { ++ 0x71, 0xe1, 0xbb, 0xad, 0xa7, 0x4b, 0x2e, 0x31, 0x3b, 0x0b, 0xec, 0x24, ++ 0x99, 0x38, 0xbc, 0xaa, 0x05, 0x4c, 0x46, 0x44, 0xfa, 0xad, 0x8e, 0x02, ++ 0xc1, 0x7e, 0xad, 0xec, 0x54, 0xa6, 0xd0, 0xad ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_additionalinput[] = { ++ 0x3d, 0x6e, 0xa6, 0xa8, 0x29, 0x2a, 0xb2, 0xf5, 0x98, 0x42, 0xe4, 0x92, ++ 0x78, 0x22, 0x67, 0xfd, 0x1b, 0x15, 0x1e, 0x29, 0xaa, 0x71, 0x3c, 0x3c, ++ 0xe7, 0x05, 0x20, 0xa9, 0x29, 0xc6, 0x75, 0x71 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_entropyinputpr[] = { ++ 0xab, 0xb9, 0x16, 0xd8, 0x55, 0x35, 0x54, 0xb7, 0x97, 0x3f, 0x94, 0xbc, ++ 0x2f, 0x7c, 0x70, 0xc7, 0xd0, 0xed, 0xb7, 0x4b, 0xf7, 0xf6, 0x6c, 0x03, ++ 0x0c, 0xb0, 0x03, 0xd8, 0xbb, 0x71, 0xd9, 0x10 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_int_returnedbits[] = { ++ 0x8e, 0xd3, 0xfd, 0x52, 0x9e, 0x83, 0x08, 0x49, 0x18, 0x6e, 0x23, 0x56, ++ 0x5c, 0x45, 0x93, 0x34, 0x05, 0xe2, 0x98, 0x8f, 0x0c, 0xd4, 0x32, 0x0c, ++ 0xfd, 0xda, 0x5f, 0x92, 0x3a, 0x8c, 0x81, 0xbd, 0xf6, 0x6c, 0x55, 0xfd, ++ 0xb8, 0x20, 0xce, 0x8d, 0x97, 0x27, 0xe8, 0xe8, 0xe0, 0xb3, 0x85, 0x50, ++ 0xa2, 0xc2, 0xb2, 0x95, 0x1d, 0x48, 0xd3, 0x7b, 0x4b, 0x78, 0x13, 0x35, ++ 0x05, 0x17, 0xbe, 0x0d ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_additionalinput2[] = { ++ 0xc3, 0xfc, 0x95, 0xaa, 0x69, 0x06, 0xae, 0x59, 0x41, 0xce, 0x26, 0x08, ++ 0x29, 0x6d, 0x45, 0xda, 0xe8, 0xb3, 0x6c, 0x95, 0x60, 0x0f, 0x70, 0x2c, ++ 0x10, 0xba, 0x38, 0x8c, 0xcf, 0x29, 0x99, 0xaa ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_entropyinputpr2[] = { ++ 0x3b, 0x9a, 0x25, 0xce, 0xd7, 0xf9, 0x5c, 0xd1, 0x3a, 0x3e, 0xaa, 0x71, ++ 0x14, 0x3e, 0x19, 0xe8, 0xce, 0xe6, 0xfe, 0x51, 0x84, 0xe9, 0x1b, 0xfe, ++ 0x3f, 0xa7, 0xf2, 0xfd, 0x76, 0x5f, 0x6a, 0xe7 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_pr_returnedbits[] = { ++ 0xb7, 0x82, 0xa9, 0x57, 0x81, 0x67, 0x53, 0xb5, 0xa1, 0xe9, 0x3d, 0x35, ++ 0xf9, 0xe4, 0x97, 0xbe, 0xa6, 0xca, 0xf1, 0x01, 0x13, 0x09, 0xe7, 0x21, ++ 0xc0, 0xed, 0x93, 0x5d, 0x4b, 0xf4, 0xeb, 0x8d, 0x53, 0x25, 0x8a, 0xc4, ++ 0xb1, 0x6f, 0x6e, 0x37, 0xcd, 0x2e, 0xac, 0x39, 0xb2, 0xb6, 0x99, 0xa3, ++ 0x82, 0x00, 0xb0, 0x21, 0xf0, 0xc7, 0x2f, 0x4c, 0x73, 0x92, 0xfd, 0x00, ++ 0xb6, 0xaf, 0xbc, 0xd3 ++}; ++ ++/* HMAC SHA-512 No PR */ ++__fips_constseg static const unsigned char hmac_sha512_entropyinput[] = { ++ 0x6e, 0x85, 0xe6, 0x25, 0x96, 0x29, 0xa7, 0x52, 0x5b, 0x60, 0xba, 0xaa, ++ 0xde, 0xdb, 0x36, 0x0a, 0x51, 0x9a, 0x15, 0xae, 0x6e, 0x18, 0xd3, 0xfe, ++ 0x39, 0xb9, 0x4a, 0x96, 0xf8, 0x77, 0xcb, 0x95 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_nonce[] = { ++ 0xe0, 0xa6, 0x5d, 0x08, 0xc3, 0x7c, 0xae, 0x25, 0x2e, 0x80, 0xd1, 0x3e, ++ 0xd9, 0xaf, 0x43, 0x3c ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha512_personalizationstring[] = { ++ 0x53, 0x99, 0x52, 0x5f, 0x11, 0xa9, 0x64, 0x66, 0x20, 0x5e, 0x1b, 0x5f, ++ 0x42, 0xb3, 0xf4, 0xda, 0xed, 0xbb, 0x63, 0xc1, 0x23, 0xaf, 0xd0, 0x01, ++ 0x90, 0x3b, 0xd0, 0x78, 0xe4, 0x0b, 0xa7, 0x20 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_additionalinput[] = { ++ 0x85, 0x90, 0x80, 0xd3, 0x98, 0xf1, 0x53, 0x6d, 0x68, 0x15, 0x8f, 0xe5, ++ 0x60, 0x3f, 0x17, 0x29, 0x55, 0x8d, 0x33, 0xb1, 0x45, 0x64, 0x64, 0x8d, ++ 0x50, 0x21, 0x89, 0xae, 0xf6, 0xfd, 0x32, 0x73 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_int_returnedbits[] = { ++ 0x28, 0x56, 0x30, 0x6f, 0xf4, 0xa1, 0x48, 0xe0, 0xc9, 0xf5, 0x75, 0x90, ++ 0xcc, 0xfb, 0xdf, 0xdf, 0x71, 0x3d, 0x0a, 0x9a, 0x03, 0x65, 0x3b, 0x18, ++ 0x61, 0xe3, 0xd1, 0xda, 0xcc, 0x4a, 0xfe, 0x55, 0x38, 0xf8, 0x21, 0x6b, ++ 0xfa, 0x18, 0x01, 0x42, 0x39, 0x2f, 0x99, 0x53, 0x38, 0x15, 0x82, 0x34, ++ 0xc5, 0x93, 0x92, 0xbc, 0x4d, 0x75, 0x1a, 0x5f, 0x21, 0x27, 0xcc, 0xa1, ++ 0xb1, 0x57, 0x69, 0xe8 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_entropyinputreseed[] = { ++ 0x8c, 0x52, 0x7e, 0x77, 0x72, 0x3f, 0xa3, 0x04, 0x97, 0x10, 0x9b, 0x41, ++ 0xbd, 0xe8, 0xff, 0x89, 0xed, 0x80, 0xe3, 0xbd, 0xaa, 0x12, 0x2d, 0xca, ++ 0x75, 0x82, 0x36, 0x77, 0x88, 0xcd, 0xa6, 0x73 ++}; ++ ++__fips_constseg ++ static const unsigned char hmac_sha512_additionalinputreseed[] = { ++ 0x7e, 0x32, 0xe3, 0x69, 0x69, 0x07, 0x34, 0xa2, 0x16, 0xa2, 0x5d, 0x1a, ++ 0x10, 0x91, 0xd3, 0xe2, 0x21, 0xa2, 0xa3, 0xdd, 0xcd, 0x0c, 0x09, 0x86, ++ 0x11, 0xe1, 0x50, 0xff, 0x5c, 0xb7, 0xeb, 0x5c ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_additionalinput2[] = { ++ 0x7f, 0x78, 0x66, 0xd8, 0xfb, 0x67, 0xcf, 0x8d, 0x8c, 0x08, 0x30, 0xa5, ++ 0xf8, 0x7d, 0xcf, 0x44, 0x59, 0xce, 0xf8, 0xdf, 0x58, 0xd3, 0x60, 0xcb, ++ 0xa8, 0x60, 0xb9, 0x07, 0xc4, 0xb1, 0x95, 0x48 ++}; ++ ++__fips_constseg static const unsigned char hmac_sha512_returnedbits[] = { ++ 0xdf, 0xa7, 0x36, 0xd4, 0xdc, 0x5d, 0x4d, 0x31, 0xad, 0x69, 0x46, 0x9f, ++ 0xf1, 0x7c, 0xd7, 0x3b, 0x4f, 0x55, 0xf2, 0xd7, 0xb9, 0x9d, 0xad, 0x7a, ++ 0x79, 0x08, 0x59, 0xa5, 0xdc, 0x74, 0xf5, 0x9b, 0x73, 0xd2, 0x13, 0x25, ++ 0x0b, 0x81, 0x08, 0x08, 0x25, 0xfb, 0x39, 0xf2, 0xf0, 0xa3, 0xa4, 0x8d, ++ 0xef, 0x05, 0x9e, 0xb8, 0xc7, 0x52, 0xe4, 0x0e, 0x42, 0xaa, 0x7c, 0x79, ++ 0xc2, 0xd6, 0xfd, 0xa5 ++}; +diff -up openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c 2020-03-17 17:30:52.046567043 +0100 +@@ -0,0 +1,195 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include ++#include ++#include "fips_locl.h" ++ ++#ifdef OPENSSL_FIPS ++ ++static const unsigned char dsa_test_2048_p[] = { ++ 0xa8, 0x53, 0x78, 0xd8, 0xfd, 0x3f, 0x8d, 0x72, 0xec, 0x74, 0x18, 0x08, ++ 0x0d, 0xa2, 0x13, 0x17, 0xe4, 0x3e, 0xc4, 0xb6, 0x2b, 0xa8, 0xc8, 0x62, ++ 0x3b, 0x7e, 0x4d, 0x04, 0x44, 0x1d, 0xd1, 0xa0, 0x65, 0x86, 0x62, 0x59, ++ 0x64, 0x93, 0xca, 0x8e, 0x9e, 0x8f, 0xbb, 0x7e, 0x34, 0xaa, 0xdd, 0xb6, ++ 0x2e, 0x5d, 0x67, 0xb6, 0xd0, 0x9a, 0x6e, 0x61, 0xb7, 0x69, 0xe7, 0xc3, ++ 0x52, 0xaa, 0x2b, 0x10, 0xe2, 0x0c, 0xa0, 0x63, 0x69, 0x63, 0xb5, 0x52, ++ 0x3e, 0x86, 0x47, 0x0d, 0xec, 0xbb, 0xed, 0xa0, 0x27, 0xe7, 0x97, 0xe7, ++ 0xb6, 0x76, 0x35, 0xd4, 0xd4, 0x9c, 0x30, 0x70, 0x0e, 0x74, 0xaf, 0x8a, ++ 0x0f, 0xf1, 0x56, 0xa8, 0x01, 0xaf, 0x57, 0xa2, 0x6e, 0x70, 0x78, 0xf1, ++ 0xd8, 0x2f, 0x74, 0x90, 0x8e, 0xcb, 0x6d, 0x07, 0xe7, 0x0b, 0x35, 0x03, ++ 0xee, 0xd9, 0x4f, 0xa3, 0x2c, 0xf1, 0x7a, 0x7f, 0xc3, 0xd6, 0xcf, 0x40, ++ 0xdc, 0x7b, 0x00, 0x83, 0x0e, 0x6a, 0x25, 0x66, 0xdc, 0x07, 0x3e, 0x34, ++ 0x33, 0x12, 0x51, 0x7c, 0x6a, 0xa5, 0x15, 0x2b, 0x4b, 0xfe, 0xcd, 0x2e, ++ 0x55, 0x1f, 0xee, 0x34, 0x63, 0x18, 0xa1, 0x53, 0x42, 0x3c, 0x99, 0x6b, ++ 0x0d, 0x5d, 0xcb, 0x91, 0x02, 0xae, 0xdd, 0x38, 0x79, 0x86, 0x16, 0xf1, ++ 0xf1, 0xe0, 0xd6, 0xc4, 0x03, 0x52, 0x5b, 0x1f, 0x9b, 0x3d, 0x4d, 0xc7, ++ 0x66, 0xde, 0x2d, 0xfc, 0x4a, 0x56, 0xd7, 0xb8, 0xba, 0x59, 0x63, 0xd6, ++ 0x0f, 0x3e, 0x16, 0x31, 0x88, 0x70, 0xad, 0x43, 0x69, 0x52, 0xe5, 0x57, ++ 0x65, 0x37, 0x4e, 0xab, 0x85, 0xe8, 0xec, 0x17, 0xd6, 0xb9, 0xa4, 0x54, ++ 0x7b, 0x9b, 0x5f, 0x27, 0x52, 0xf3, 0x10, 0x5b, 0xe8, 0x09, 0xb2, 0x3a, ++ 0x2c, 0x8d, 0x74, 0x69, 0xdb, 0x02, 0xe2, 0x4d, 0x59, 0x23, 0x94, 0xa7, ++ 0xdb, 0xa0, 0x69, 0xe9 ++}; ++ ++static const unsigned char dsa_test_2048_q[] = { ++ 0xd2, 0x77, 0x04, 0x4e, 0x50, 0xf5, 0xa4, 0xe3, 0xf5, 0x10, 0xa5, 0x0a, ++ 0x0b, 0x84, 0xfd, 0xff, 0xbc, 0xa0, 0x47, 0xed, 0x27, 0x60, 0x20, 0x56, ++ 0x74, 0x41, 0xa0, 0xa5 ++}; ++ ++static const unsigned char dsa_test_2048_g[] = { ++ 0x13, 0xd7, 0x54, 0xe2, 0x1f, 0xd2, 0x41, 0x65, 0x5d, 0xa8, 0x91, 0xc5, ++ 0x22, 0xa6, 0x5a, 0x72, 0xa8, 0x9b, 0xdc, 0x64, 0xec, 0x9b, 0x54, 0xa8, ++ 0x21, 0xed, 0x4a, 0x89, 0x8b, 0x49, 0x0e, 0x0c, 0x4f, 0xcb, 0x72, 0x19, ++ 0x2a, 0x4a, 0x20, 0xf5, 0x41, 0xf3, 0xf2, 0x92, 0x53, 0x99, 0xf0, 0xba, ++ 0xec, 0xf9, 0x29, 0xaa, 0xfb, 0xf7, 0x9d, 0xfe, 0x43, 0x32, 0x39, 0x3b, ++ 0x32, 0xcd, 0x2e, 0x2f, 0xcf, 0x27, 0x2f, 0x32, 0xa6, 0x27, 0x43, 0x4a, ++ 0x0d, 0xf2, 0x42, 0xb7, 0x5b, 0x41, 0x4d, 0xf3, 0x72, 0x12, 0x1e, 0x53, ++ 0xa5, 0x53, 0xf2, 0x22, 0xf8, 0x36, 0xb0, 0x00, 0xf0, 0x16, 0x48, 0x5b, ++ 0x6b, 0xd0, 0x89, 0x84, 0x51, 0x80, 0x1d, 0xcd, 0x8d, 0xe6, 0x4c, 0xd5, ++ 0x36, 0x56, 0x96, 0xff, 0xc5, 0x32, 0xd5, 0x28, 0xc5, 0x06, 0x62, 0x0a, ++ 0x94, 0x2a, 0x03, 0x05, 0x04, 0x6d, 0x8f, 0x18, 0x76, 0x34, 0x1f, 0x1e, ++ 0x57, 0x0b, 0xc3, 0x97, 0x4b, 0xa6, 0xb9, 0xa4, 0x38, 0xe9, 0x70, 0x23, ++ 0x02, 0xa2, 0xe6, 0xe6, 0x7b, 0xfd, 0x06, 0xd3, 0x2b, 0xc6, 0x79, 0x96, ++ 0x22, 0x71, 0xd7, 0xb4, 0x0c, 0xd7, 0x2f, 0x38, 0x6e, 0x64, 0xe0, 0xd7, ++ 0xef, 0x86, 0xca, 0x8c, 0xa5, 0xd1, 0x42, 0x28, 0xdc, 0x2a, 0x4f, 0x16, ++ 0xe3, 0x18, 0x98, 0x86, 0xb5, 0x99, 0x06, 0x74, 0xf4, 0x20, 0x0f, 0x3a, ++ 0x4c, 0xf6, 0x5a, 0x3f, 0x0d, 0xdb, 0xa1, 0xfa, 0x67, 0x2d, 0xff, 0x2f, ++ 0x5e, 0x14, 0x3d, 0x10, 0xe4, 0xe9, 0x7a, 0xe8, 0x4f, 0x6d, 0xa0, 0x95, ++ 0x35, 0xd5, 0xb9, 0xdf, 0x25, 0x91, 0x81, 0xa7, 0x9b, 0x63, 0xb0, 0x69, ++ 0xe9, 0x49, 0x97, 0x2b, 0x02, 0xba, 0x36, 0xb3, 0x58, 0x6a, 0xab, 0x7e, ++ 0x45, 0xf3, 0x22, 0xf8, 0x2e, 0x4e, 0x85, 0xca, 0x3a, 0xb8, 0x55, 0x91, ++ 0xb3, 0xc2, 0xa9, 0x66 ++}; ++ ++static const unsigned char dsa_test_2048_pub_key[] = { ++ 0x24, 0x52, 0xf3, 0xcc, 0xbe, 0x9e, 0xd5, 0xca, 0x7d, 0xc7, 0x4c, 0x60, ++ 0x2b, 0x99, 0x22, 0x6e, 0x8f, 0x2f, 0xab, 0x38, 0xe7, 0xd7, 0xdd, 0xfb, ++ 0x75, 0x53, 0x9b, 0x17, 0x15, 0x5e, 0x9f, 0xcf, 0xd1, 0xab, 0xa5, 0x64, ++ 0xeb, 0x85, 0x35, 0xd8, 0x12, 0xc9, 0xc2, 0xdc, 0xf9, 0x72, 0x84, 0x44, ++ 0x1b, 0xc4, 0x82, 0x24, 0x36, 0x24, 0xc7, 0xf4, 0x57, 0x58, 0x0c, 0x1c, ++ 0x38, 0xa5, 0x7c, 0x46, 0xc4, 0x57, 0x39, 0x24, 0x70, 0xed, 0xb5, 0x2c, ++ 0xb5, 0xa6, 0xe0, 0x3f, 0xe6, 0x28, 0x7b, 0xb6, 0xf4, 0x9a, 0x42, 0xa2, ++ 0x06, 0x5a, 0x05, 0x4f, 0x03, 0x08, 0x39, 0xdf, 0x1f, 0xd3, 0x14, 0x9c, ++ 0x4c, 0xa0, 0x53, 0x1d, 0xd8, 0xca, 0x8a, 0xaa, 0x9c, 0xc7, 0x33, 0x71, ++ 0x93, 0x38, 0x73, 0x48, 0x33, 0x61, 0x18, 0x22, 0x45, 0x45, 0xe8, 0x8c, ++ 0x80, 0xff, 0xd8, 0x76, 0x5d, 0x74, 0x36, 0x03, 0x33, 0xcc, 0xab, 0x99, ++ 0x72, 0x77, 0x9b, 0x65, 0x25, 0xa6, 0x5b, 0xdd, 0x0d, 0x10, 0xc6, 0x75, ++ 0xc1, 0x09, 0xbb, 0xd3, 0xe5, 0xbe, 0x4d, 0x72, 0xef, 0x6e, 0xba, 0x6e, ++ 0x43, 0x8d, 0x52, 0x26, 0x23, 0x7d, 0xb8, 0x88, 0x37, 0x9c, 0x5f, 0xcc, ++ 0x47, 0xa3, 0x84, 0x7f, 0xf6, 0x37, 0x11, 0xba, 0xed, 0x6d, 0x03, 0xaf, ++ 0xe8, 0x1e, 0x69, 0x4a, 0x41, 0x3b, 0x68, 0x0b, 0xd3, 0x8a, 0xb4, 0x90, ++ 0x3f, 0x83, 0x70, 0xa7, 0x07, 0xef, 0x55, 0x1d, 0x49, 0x41, 0x02, 0x6d, ++ 0x95, 0x79, 0xd6, 0x91, 0xde, 0x8e, 0xda, 0xa1, 0x61, 0x05, 0xeb, 0x9d, ++ 0xba, 0x3c, 0x2f, 0x4c, 0x1b, 0xec, 0x50, 0x82, 0x75, 0xaa, 0x02, 0x07, ++ 0xe2, 0x51, 0xb5, 0xec, 0xcb, 0x28, 0x6a, 0x4b, 0x01, 0xd4, 0x49, 0xd3, ++ 0x0a, 0xcb, 0x67, 0x37, 0x17, 0xa0, 0xd2, 0xfb, 0x3b, 0x50, 0xc8, 0x93, ++ 0xf7, 0xda, 0xb1, 0x4f ++}; ++ ++static const unsigned char dsa_test_2048_priv_key[] = { ++ 0x0c, 0x4b, 0x30, 0x89, 0xd1, 0xb8, 0x62, 0xcb, 0x3c, 0x43, 0x64, 0x91, ++ 0xf0, 0x91, 0x54, 0x70, 0xc5, 0x27, 0x96, 0xe3, 0xac, 0xbe, 0xe8, 0x00, ++ 0xec, 0x55, 0xf6, 0xcc ++}; ++ ++int FIPS_selftest_dsa() ++{ ++ DSA *dsa = NULL; ++ EVP_PKEY *pk = NULL; ++ int ret = 0; ++ BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL; ++ ++ fips_load_key_component(p, dsa_test_2048); ++ fips_load_key_component(q, dsa_test_2048); ++ fips_load_key_component(g, dsa_test_2048); ++ fips_load_key_component(pub_key, dsa_test_2048); ++ fips_load_key_component(priv_key, dsa_test_2048); ++ ++ dsa = DSA_new(); ++ ++ if (dsa == NULL) ++ goto err; ++ ++ DSA_set0_pqg(dsa, p, q, g); ++ ++ DSA_set0_key(dsa, pub_key, priv_key); ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_assign_DSA(pk, dsa); ++ ++ if (!fips_pkey_signature_test(pk, NULL, 0, ++ NULL, 0, EVP_sha256(), 0, "DSA SHA256")) ++ goto err; ++ ret = 1; ++ ++ err: ++ if (pk) ++ EVP_PKEY_free(pk); ++ else if (dsa) ++ DSA_free(dsa); ++ else { ++ BN_free(p); ++ BN_free(q); ++ BN_free(g); ++ BN_free(pub_key); ++ BN_free(priv_key); ++ } ++ return ret; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c 2020-03-17 17:30:52.046567043 +0100 +@@ -0,0 +1,242 @@ ++/* fips/ecdh/fips_ecdh_selftest.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project 2011. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ * ++ */ ++ ++#define OPENSSL_FIPSAPI ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef OPENSSL_FIPS ++ ++# include "fips_locl.h" ++ ++static const unsigned char p256_qcavsx[] = { ++ 0x52, 0xc6, 0xa5, 0x75, 0xf3, 0x04, 0x98, 0xb3, 0x29, 0x66, 0x0c, 0x62, ++ 0x18, 0x60, 0x55, 0x41, 0x59, 0xd4, 0x60, 0x85, 0x99, 0xc1, 0x51, 0x13, ++ 0x6f, 0x97, 0x85, 0x93, 0x33, 0x34, 0x07, 0x50 ++}; ++ ++static const unsigned char p256_qcavsy[] = { ++ 0x6f, 0x69, 0x24, 0xeb, 0xe9, 0x3b, 0xa7, 0xcc, 0x47, 0x17, 0xaa, 0x3f, ++ 0x70, 0xfc, 0x10, 0x73, 0x0a, 0xcd, 0x21, 0xee, 0x29, 0x19, 0x1f, 0xaf, ++ 0xb4, 0x1c, 0x1e, 0xc2, 0x8e, 0x97, 0x81, 0x6e ++}; ++ ++static const unsigned char p256_qiutx[] = { ++ 0x71, 0x46, 0x88, 0x08, 0x92, 0x21, 0x1b, 0x10, 0x21, 0x74, 0xff, 0x0c, ++ 0x94, 0xde, 0x34, 0x7c, 0x86, 0x74, 0xbe, 0x67, 0x41, 0x68, 0xd4, 0xc1, ++ 0xe5, 0x75, 0x63, 0x9c, 0xa7, 0x46, 0x93, 0x6f ++}; ++ ++static const unsigned char p256_qiuty[] = { ++ 0x33, 0x40, 0xa9, 0x6a, 0xf5, 0x20, 0xb5, 0x9e, 0xfc, 0x60, 0x1a, 0xae, ++ 0x3d, 0xf8, 0x21, 0xd2, 0xa7, 0xca, 0x52, 0x34, 0xb9, 0x5f, 0x27, 0x75, ++ 0x6c, 0x81, 0xbe, 0x32, 0x4d, 0xba, 0xbb, 0xf8 ++}; ++ ++static const unsigned char p256_qiutd[] = { ++ 0x1a, 0x48, 0x55, 0x6b, 0x11, 0xbe, 0x92, 0xd4, 0x1c, 0xd7, 0x45, 0xc3, ++ 0x82, 0x81, 0x51, 0xf1, 0x23, 0x40, 0xb7, 0x83, 0xfd, 0x01, 0x6d, 0xbc, ++ 0xa1, 0x66, 0xaf, 0x0a, 0x03, 0x23, 0xcd, 0xc8 ++}; ++ ++static const unsigned char p256_ziut[] = { ++ 0x77, 0x2a, 0x1e, 0x37, 0xee, 0xe6, 0x51, 0x02, 0x71, 0x40, 0xf8, 0x6a, ++ 0x36, 0xf8, 0x65, 0x61, 0x2b, 0x18, 0x71, 0x82, 0x23, 0xe6, 0xf2, 0x77, ++ 0xce, 0xec, 0xb8, 0x49, 0xc7, 0xbf, 0x36, 0x4f ++}; ++ ++typedef struct { ++ int curve; ++ const unsigned char *x1; ++ size_t x1len; ++ const unsigned char *y1; ++ size_t y1len; ++ const unsigned char *d1; ++ size_t d1len; ++ const unsigned char *x2; ++ size_t x2len; ++ const unsigned char *y2; ++ size_t y2len; ++ const unsigned char *z; ++ size_t zlen; ++} ECDH_SELFTEST_DATA; ++ ++# define make_ecdh_test(nid, pr) { nid, \ ++ pr##_qiutx, sizeof(pr##_qiutx), \ ++ pr##_qiuty, sizeof(pr##_qiuty), \ ++ pr##_qiutd, sizeof(pr##_qiutd), \ ++ pr##_qcavsx, sizeof(pr##_qcavsx), \ ++ pr##_qcavsy, sizeof(pr##_qcavsy), \ ++ pr##_ziut, sizeof(pr##_ziut) } ++ ++static ECDH_SELFTEST_DATA test_ecdh_data[] = { ++ make_ecdh_test(NID_X9_62_prime256v1, p256), ++}; ++ ++int FIPS_selftest_ecdh(void) ++{ ++ EC_KEY *ec1 = NULL, *ec2 = NULL; ++ const EC_POINT *ecp = NULL; ++ BIGNUM *x = NULL, *y = NULL, *d = NULL; ++ unsigned char *ztmp = NULL; ++ int rv = 1; ++ size_t i; ++ ++ for (i = 0; i < sizeof(test_ecdh_data) / sizeof(ECDH_SELFTEST_DATA); i++) { ++ ECDH_SELFTEST_DATA *ecd = test_ecdh_data + i; ++ if (!fips_post_started(FIPS_TEST_ECDH, ecd->curve, 0)) ++ continue; ++ ztmp = OPENSSL_malloc(ecd->zlen); ++ ++ x = BN_bin2bn(ecd->x1, ecd->x1len, x); ++ y = BN_bin2bn(ecd->y1, ecd->y1len, y); ++ d = BN_bin2bn(ecd->d1, ecd->d1len, d); ++ ++ if (!x || !y || !d || !ztmp) { ++ rv = 0; ++ goto err; ++ } ++ ++ ec1 = EC_KEY_new_by_curve_name(ecd->curve); ++ if (!ec1) { ++ rv = 0; ++ goto err; ++ } ++ EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH); ++ ++ if (!EC_KEY_set_public_key_affine_coordinates(ec1, x, y)) { ++ rv = 0; ++ goto err; ++ } ++ ++ if (!EC_KEY_set_private_key(ec1, d)) { ++ rv = 0; ++ goto err; ++ } ++ ++ x = BN_bin2bn(ecd->x2, ecd->x2len, x); ++ y = BN_bin2bn(ecd->y2, ecd->y2len, y); ++ ++ if (!x || !y) { ++ rv = 0; ++ goto err; ++ } ++ ++ ec2 = EC_KEY_new_by_curve_name(ecd->curve); ++ if (!ec2) { ++ rv = 0; ++ goto err; ++ } ++ EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH); ++ ++ if (!EC_KEY_set_public_key_affine_coordinates(ec2, x, y)) { ++ rv = 0; ++ goto err; ++ } ++ ++ ecp = EC_KEY_get0_public_key(ec2); ++ if (!ecp) { ++ rv = 0; ++ goto err; ++ } ++ ++ if (!ECDH_compute_key(ztmp, ecd->zlen, ecp, ec1, 0)) { ++ rv = 0; ++ goto err; ++ } ++ ++ if (!fips_post_corrupt(FIPS_TEST_ECDH, ecd->curve, NULL)) ++ ztmp[0] ^= 0x1; ++ ++ if (memcmp(ztmp, ecd->z, ecd->zlen)) { ++ fips_post_failed(FIPS_TEST_ECDH, ecd->curve, 0); ++ rv = 0; ++ } else if (!fips_post_success(FIPS_TEST_ECDH, ecd->curve, 0)) ++ goto err; ++ ++ EC_KEY_free(ec1); ++ ec1 = NULL; ++ EC_KEY_free(ec2); ++ ec2 = NULL; ++ OPENSSL_free(ztmp); ++ ztmp = NULL; ++ } ++ ++ err: ++ ++ if (x) ++ BN_clear_free(x); ++ if (y) ++ BN_clear_free(y); ++ if (d) ++ BN_clear_free(d); ++ if (ec1) ++ EC_KEY_free(ec1); ++ if (ec2) ++ EC_KEY_free(ec2); ++ if (ztmp) ++ OPENSSL_free(ztmp); ++ ++ return rv; ++ ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c 2020-03-17 17:30:52.046567043 +0100 +@@ -0,0 +1,166 @@ ++/* fips/ecdsa/fips_ecdsa_selftest.c */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project 2011. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ * ++ */ ++ ++#define OPENSSL_FIPSAPI ++ ++#include ++#include ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include ++#include ++ ++#ifdef OPENSSL_FIPS ++ ++static const char P_256_name[] = "ECDSA P-256"; ++ ++static const unsigned char P_256_d[] = { ++ 0x51, 0xbd, 0x06, 0xa1, 0x1c, 0xda, 0xe2, 0x12, 0x99, 0xc9, 0x52, 0x3f, ++ 0xea, 0xa4, 0xd2, 0xd1, 0xf4, 0x7f, 0xd4, 0x3e, 0xbd, 0xf8, 0xfc, 0x87, ++ 0xdc, 0x82, 0x53, 0x21, 0xee, 0xa0, 0xdc, 0x64 ++}; ++ ++static const unsigned char P_256_qx[] = { ++ 0x23, 0x89, 0xe0, 0xf4, 0x69, 0xe0, 0x49, 0xe5, 0xc7, 0xe5, 0x40, 0x6e, ++ 0x8f, 0x25, 0xdd, 0xad, 0x11, 0x16, 0x14, 0x9b, 0xab, 0x44, 0x06, 0x31, ++ 0xbf, 0x5e, 0xa6, 0x44, 0xac, 0x86, 0x00, 0x07 ++}; ++ ++static const unsigned char P_256_qy[] = { ++ 0xb3, 0x05, 0x0d, 0xd0, 0xdc, 0xf7, 0x40, 0xe6, 0xf9, 0xd8, 0x6d, 0x7b, ++ 0x63, 0xca, 0x97, 0xe6, 0x12, 0xf9, 0xd4, 0x18, 0x59, 0xbe, 0xb2, 0x5e, ++ 0x4a, 0x6a, 0x77, 0x23, 0xf4, 0x11, 0x9d, 0xeb ++}; ++ ++typedef struct { ++ int curve; ++ const char *name; ++ const unsigned char *x; ++ size_t xlen; ++ const unsigned char *y; ++ size_t ylen; ++ const unsigned char *d; ++ size_t dlen; ++} EC_SELFTEST_DATA; ++ ++# define make_ecdsa_test(nid, pr) { nid, pr##_name, \ ++ pr##_qx, sizeof(pr##_qx), \ ++ pr##_qy, sizeof(pr##_qy), \ ++ pr##_d, sizeof(pr##_d)} ++ ++static EC_SELFTEST_DATA test_ec_data[] = { ++ make_ecdsa_test(NID_X9_62_prime256v1, P_256), ++}; ++ ++int FIPS_selftest_ecdsa() ++{ ++ EC_KEY *ec = NULL; ++ BIGNUM *x = NULL, *y = NULL, *d = NULL; ++ EVP_PKEY *pk = NULL; ++ int rv = 0; ++ size_t i; ++ ++ for (i = 0; i < sizeof(test_ec_data) / sizeof(EC_SELFTEST_DATA); i++) { ++ EC_SELFTEST_DATA *ecd = test_ec_data + i; ++ ++ x = BN_bin2bn(ecd->x, ecd->xlen, x); ++ y = BN_bin2bn(ecd->y, ecd->ylen, y); ++ d = BN_bin2bn(ecd->d, ecd->dlen, d); ++ ++ if (!x || !y || !d) ++ goto err; ++ ++ ec = EC_KEY_new_by_curve_name(ecd->curve); ++ if (!ec) ++ goto err; ++ ++ if (!EC_KEY_set_public_key_affine_coordinates(ec, x, y)) ++ goto err; ++ ++ if (!EC_KEY_set_private_key(ec, d)) ++ goto err; ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_assign_EC_KEY(pk, ec); ++ ++ if (!fips_pkey_signature_test(pk, NULL, 0, ++ NULL, 0, EVP_sha256(), 0, ecd->name)) ++ goto err; ++ } ++ ++ rv = 1; ++ ++ err: ++ ++ if (x) ++ BN_clear_free(x); ++ if (y) ++ BN_clear_free(y); ++ if (d) ++ BN_clear_free(d); ++ if (pk) ++ EVP_PKEY_free(pk); ++ else if (ec) ++ EC_KEY_free(ec); ++ ++ return rv; ++ ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_err.h.fips openssl-1.1.1e/crypto/fips/fips_err.h +--- openssl-1.1.1e/crypto/fips/fips_err.h.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_err.h 2020-03-17 17:30:52.047567026 +0100 +@@ -0,0 +1,197 @@ ++/* crypto/fips_err.h */ ++/* ==================================================================== ++ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ * ++ * This product includes cryptographic software written by Eric Young ++ * (eay@cryptsoft.com). This product includes software written by Tim ++ * Hudson (tjh@cryptsoft.com). ++ * ++ */ ++ ++/* ++ * NOTE: this file was auto generated by the mkerr.pl script: any changes ++ * made to it will be overwritten when the script next updates this file, ++ * only reason strings will be preserved. ++ */ ++ ++#include ++#include ++#include ++ ++/* BEGIN ERROR CODES */ ++#ifndef OPENSSL_NO_ERR ++ ++# define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0) ++# define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason) ++ ++static ERR_STRING_DATA FIPS_str_functs[] = { ++ {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "dh_builtin_genparams"}, ++ {ERR_FUNC(FIPS_F_DRBG_RESEED), "drbg_reseed"}, ++ {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "dsa_builtin_paramgen2"}, ++ {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"}, ++ {ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"}, ++ {ERR_FUNC(FIPS_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"}, ++ {ERR_FUNC(FIPS_F_EVP_CIPHER_CTX_NEW), "EVP_CIPHER_CTX_new"}, ++ {ERR_FUNC(FIPS_F_EVP_CIPHER_CTX_RESET), "EVP_CIPHER_CTX_reset"}, ++ {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "fips_check_dsa"}, ++ {ERR_FUNC(FIPS_F_FIPS_CHECK_EC), "fips_check_ec"}, ++ {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_BYTES), "fips_drbg_bytes"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_CHECK), "fips_drbg_check"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_CPRNG_TEST), "fips_drbg_cprng_test"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_ERROR_CHECK), "fips_drbg_error_check"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"}, ++ {ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"}, ++ {ERR_FUNC(FIPS_F_FIPS_GET_ENTROPY), "fips_get_entropy"}, ++ {ERR_FUNC(FIPS_F_FIPS_MODULE_MODE_SET), "FIPS_module_mode_set"}, ++ {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, ++ {ERR_FUNC(FIPS_F_FIPS_RAND_BYTES), "FIPS_rand_bytes"}, ++ {ERR_FUNC(FIPS_F_FIPS_RAND_SEED), "FIPS_rand_seed"}, ++ {ERR_FUNC(FIPS_F_FIPS_RAND_SET_METHOD), "FIPS_rand_set_method"}, ++ {ERR_FUNC(FIPS_F_FIPS_RAND_STATUS), "FIPS_rand_status"}, ++ {ERR_FUNC(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN), "fips_rsa_builtin_keygen"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST), "FIPS_selftest"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_CCM), "FIPS_selftest_aes_ccm"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_GCM), "FIPS_selftest_aes_gcm"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_XTS), "FIPS_selftest_aes_xts"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_CMAC), "FIPS_selftest_cmac"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"}, ++ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA2), "FIPS_selftest_sha2"}, ++ {ERR_FUNC(FIPS_F_OSSL_ECDSA_SIGN_SIG), "ossl_ecdsa_sign_sig"}, ++ {ERR_FUNC(FIPS_F_OSSL_ECDSA_VERIFY_SIG), "ossl_ecdsa_verify_sig"}, ++ {ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "rsa_builtin_keygen"}, ++ {ERR_FUNC(FIPS_F_RSA_OSSL_INIT), "rsa_ossl_init"}, ++ {ERR_FUNC(FIPS_F_RSA_OSSL_PRIVATE_DECRYPT), "rsa_ossl_private_decrypt"}, ++ {ERR_FUNC(FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT), "rsa_ossl_private_encrypt"}, ++ {ERR_FUNC(FIPS_F_RSA_OSSL_PUBLIC_DECRYPT), "rsa_ossl_public_decrypt"}, ++ {ERR_FUNC(FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT), "rsa_ossl_public_encrypt"}, ++ {0, NULL} ++}; ++ ++static ERR_STRING_DATA FIPS_str_reasons[] = { ++ {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED), ++ "additional input error undetected"}, ++ {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_TOO_LONG), ++ "additional input too long"}, ++ {ERR_REASON(FIPS_R_ALREADY_INSTANTIATED), "already instantiated"}, ++ {ERR_REASON(FIPS_R_DRBG_NOT_INITIALISED), "drbg not initialised"}, ++ {ERR_REASON(FIPS_R_DRBG_STUCK), "drbg stuck"}, ++ {ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED), "entropy error undetected"}, ++ {ERR_REASON(FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED), ++ "entropy not requested for reseed"}, ++ {ERR_REASON(FIPS_R_ENTROPY_SOURCE_STUCK), "entropy source stuck"}, ++ {ERR_REASON(FIPS_R_ERROR_INITIALISING_DRBG), "error initialising drbg"}, ++ {ERR_REASON(FIPS_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"}, ++ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT), ++ "error retrieving additional input"}, ++ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY), "error retrieving entropy"}, ++ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_NONCE), "error retrieving nonce"}, ++ {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH), ++ "fingerprint does not match"}, ++ {ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET), "fips mode already set"}, ++ {ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED), "fips selftest failed"}, ++ {ERR_REASON(FIPS_R_FUNCTION_ERROR), "function error"}, ++ {ERR_REASON(FIPS_R_GENERATE_ERROR), "generate error"}, ++ {ERR_REASON(FIPS_R_GENERATE_ERROR_UNDETECTED), ++ "generate error undetected"}, ++ {ERR_REASON(FIPS_R_INSTANTIATE_ERROR), "instantiate error"}, ++ {ERR_REASON(FIPS_R_INTERNAL_ERROR), "internal error"}, ++ {ERR_REASON(FIPS_R_INVALID_KEY_LENGTH), "invalid key length"}, ++ {ERR_REASON(FIPS_R_IN_ERROR_STATE), "in error state"}, ++ {ERR_REASON(FIPS_R_KEY_TOO_SHORT), "key too short"}, ++ {ERR_REASON(FIPS_R_NONCE_ERROR_UNDETECTED), "nonce error undetected"}, ++ {ERR_REASON(FIPS_R_NON_FIPS_METHOD), "non fips method"}, ++ {ERR_REASON(FIPS_R_NOPR_TEST1_FAILURE), "nopr test1 failure"}, ++ {ERR_REASON(FIPS_R_NOPR_TEST2_FAILURE), "nopr test2 failure"}, ++ {ERR_REASON(FIPS_R_NOT_INSTANTIATED), "not instantiated"}, ++ {ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED), "pairwise test failed"}, ++ {ERR_REASON(FIPS_R_PERSONALISATION_ERROR_UNDETECTED), ++ "personalisation error undetected"}, ++ {ERR_REASON(FIPS_R_PERSONALISATION_STRING_TOO_LONG), ++ "personalisation string too long"}, ++ {ERR_REASON(FIPS_R_PR_TEST1_FAILURE), "pr test1 failure"}, ++ {ERR_REASON(FIPS_R_PR_TEST2_FAILURE), "pr test2 failure"}, ++ {ERR_REASON(FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED), ++ "request length error undetected"}, ++ {ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG), ++ "request too large for drbg"}, ++ {ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR), "reseed counter error"}, ++ {ERR_REASON(FIPS_R_RESEED_ERROR), "reseed error"}, ++ {ERR_REASON(FIPS_R_SELFTEST_FAILED), "selftest failed"}, ++ {ERR_REASON(FIPS_R_SELFTEST_FAILURE), "selftest failure"}, ++ {ERR_REASON(FIPS_R_TEST_FAILURE), "test failure"}, ++ {ERR_REASON(FIPS_R_UNINSTANTIATE_ERROR), "uninstantiate error"}, ++ {ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR), ++ "uninstantiate zeroise error"}, ++ {ERR_REASON(FIPS_R_UNSUPPORTED_DRBG_TYPE), "unsupported drbg type"}, ++ {ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM), "unsupported platform"}, ++ {0, NULL} ++}; ++ ++#endif ++ ++int ERR_load_FIPS_strings(void) ++{ ++#ifndef OPENSSL_NO_ERR ++ ++ if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) { ++ ERR_load_strings(0, FIPS_str_functs); ++ ERR_load_strings(0, FIPS_str_reasons); ++ } ++#endif ++ return 1; ++} +diff -up openssl-1.1.1e/crypto/fips/fips_ers.c.fips openssl-1.1.1e/crypto/fips/fips_ers.c +--- openssl-1.1.1e/crypto/fips/fips_ers.c.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ers.c 2020-03-17 17:30:52.047567026 +0100 +@@ -0,0 +1,7 @@ ++#include ++ ++#ifdef OPENSSL_FIPS ++# include "fips_err.h" ++#else ++static void *dummy = &dummy; ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c 2020-03-17 17:30:52.047567026 +0100 +@@ -0,0 +1,134 @@ ++/* ==================================================================== ++ * Copyright (c) 2005 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#ifdef OPENSSL_FIPS ++# include ++#endif ++#include ++ ++#ifdef OPENSSL_FIPS ++typedef struct { ++ const EVP_MD *(*alg) (void); ++ const char *key, *iv; ++ unsigned char kaval[EVP_MAX_MD_SIZE]; ++} HMAC_KAT; ++ ++static const HMAC_KAT vector[] = { ++ {EVP_sha1, ++ /* from http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf */ ++ "0123456789:;<=>?@ABC", ++ "Sample #2", ++ {0x09, 0x22, 0xd3, 0x40, 0x5f, 0xaa, 0x3d, 0x19, ++ 0x4f, 0x82, 0xa4, 0x58, 0x30, 0x73, 0x7d, 0x5c, ++ 0xc6, 0xc7, 0x5d, 0x24} ++ }, ++ {EVP_sha224, ++ /* just keep extending the above... */ ++ "0123456789:;<=>?@ABC", ++ "Sample #2", ++ {0xdd, 0xef, 0x0a, 0x40, 0xcb, 0x7d, 0x50, 0xfb, ++ 0x6e, 0xe6, 0xce, 0xa1, 0x20, 0xba, 0x26, 0xaa, ++ 0x08, 0xf3, 0x07, 0x75, 0x87, 0xb8, 0xad, 0x1b, ++ 0x8c, 0x8d, 0x12, 0xc7} ++ }, ++ {EVP_sha256, ++ "0123456789:;<=>?@ABC", ++ "Sample #2", ++ {0xb8, 0xf2, 0x0d, 0xb5, 0x41, 0xea, 0x43, 0x09, ++ 0xca, 0x4e, 0xa9, 0x38, 0x0c, 0xd0, 0xe8, 0x34, ++ 0xf7, 0x1f, 0xbe, 0x91, 0x74, 0xa2, 0x61, 0x38, ++ 0x0d, 0xc1, 0x7e, 0xae, 0x6a, 0x34, 0x51, 0xd9} ++ }, ++ {EVP_sha384, ++ "0123456789:;<=>?@ABC", ++ "Sample #2", ++ {0x08, 0xbc, 0xb0, 0xda, 0x49, 0x1e, 0x87, 0xad, ++ 0x9a, 0x1d, 0x6a, 0xce, 0x23, 0xc5, 0x0b, 0xf6, ++ 0xb7, 0x18, 0x06, 0xa5, 0x77, 0xcd, 0x49, 0x04, ++ 0x89, 0xf1, 0xe6, 0x23, 0x44, 0x51, 0x51, 0x9f, ++ 0x85, 0x56, 0x80, 0x79, 0x0c, 0xbd, 0x4d, 0x50, ++ 0xa4, 0x5f, 0x29, 0xe3, 0x93, 0xf0, 0xe8, 0x7f} ++ }, ++ {EVP_sha512, ++ "0123456789:;<=>?@ABC", ++ "Sample #2", ++ {0x80, 0x9d, 0x44, 0x05, 0x7c, 0x5b, 0x95, 0x41, ++ 0x05, 0xbd, 0x04, 0x13, 0x16, 0xdb, 0x0f, 0xac, ++ 0x44, 0xd5, 0xa4, 0xd5, 0xd0, 0x89, 0x2b, 0xd0, ++ 0x4e, 0x86, 0x64, 0x12, 0xc0, 0x90, 0x77, 0x68, ++ 0xf1, 0x87, 0xb7, 0x7c, 0x4f, 0xae, 0x2c, 0x2f, ++ 0x21, 0xa5, 0xb5, 0x65, 0x9a, 0x4f, 0x4b, 0xa7, ++ 0x47, 0x02, 0xa3, 0xde, 0x9b, 0x51, 0xf1, 0x45, ++ 0xbd, 0x4f, 0x25, 0x27, 0x42, 0x98, 0x99, 0x05} ++ }, ++}; ++ ++int FIPS_selftest_hmac() ++{ ++ int n; ++ unsigned int outlen; ++ unsigned char out[EVP_MAX_MD_SIZE]; ++ const EVP_MD *md; ++ const HMAC_KAT *t; ++ ++ for (n = 0, t = vector; n < sizeof(vector) / sizeof(vector[0]); n++, t++) { ++ md = (*t->alg) (); ++ HMAC(md, t->key, strlen(t->key), ++ (const unsigned char *)t->iv, strlen(t->iv), out, &outlen); ++ ++ if (memcmp(out, t->kaval, outlen)) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ } ++ return 1; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_locl.h.fips openssl-1.1.1e/crypto/fips/fips_locl.h +--- openssl-1.1.1e/crypto/fips/fips_locl.h.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_locl.h 2020-03-17 17:30:52.048567008 +0100 +@@ -0,0 +1,71 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#ifdef OPENSSL_FIPS ++ ++# ifdef __cplusplus ++extern "C" { ++# endif ++ ++# define FIPS_MAX_CIPHER_TEST_SIZE 32 ++# define fips_load_key_component(comp, pre) \ ++ comp = BN_bin2bn(pre##_##comp, sizeof(pre##_##comp), NULL); \ ++ if (!comp) \ ++ goto err ++ ++# define fips_post_started(id, subid, ex) 1 ++# define fips_post_success(id, subid, ex) 1 ++# define fips_post_failed(id, subid, ex) 1 ++# define fips_post_corrupt(id, subid, ex) 1 ++# define fips_post_status() 1 ++ ++# ifdef __cplusplus ++} ++# endif ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_post.c.fips openssl-1.1.1e/crypto/fips/fips_post.c +--- openssl-1.1.1e/crypto/fips/fips_post.c.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_post.c 2020-03-17 17:30:52.048567008 +0100 +@@ -0,0 +1,224 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#define OPENSSL_FIPSAPI ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#ifdef OPENSSL_FIPS ++ ++/* Power on self test (POST) support functions */ ++ ++# include ++# include "crypto/fips.h" ++# include "fips_locl.h" ++ ++/* Run all selftests */ ++int FIPS_selftest(void) ++{ ++ int rv = 1; ++ if (!FIPS_selftest_drbg()) ++ rv = 0; ++ if (!FIPS_selftest_sha1()) ++ rv = 0; ++ if (!FIPS_selftest_sha2()) ++ rv = 0; ++ if (!FIPS_selftest_sha3()) ++ rv = 0; ++ if (!FIPS_selftest_hmac()) ++ rv = 0; ++ if (!FIPS_selftest_cmac()) ++ rv = 0; ++ if (!FIPS_selftest_aes()) ++ rv = 0; ++ if (!FIPS_selftest_aes_ccm()) ++ rv = 0; ++ if (!FIPS_selftest_aes_gcm()) ++ rv = 0; ++ if (!FIPS_selftest_aes_xts()) ++ rv = 0; ++ if (!FIPS_selftest_des()) ++ rv = 0; ++ if (!FIPS_selftest_rsa()) ++ rv = 0; ++ if (!FIPS_selftest_ecdsa()) ++ rv = 0; ++ if (!FIPS_selftest_dsa()) ++ rv = 0; ++ if (!FIPS_selftest_dh()) ++ rv = 0; ++ if (!FIPS_selftest_ecdh()) ++ rv = 0; ++ return rv; ++} ++ ++/* Generalized public key test routine. Signs and verifies the data ++ * supplied in tbs using mesage digest md and setting option digest ++ * flags md_flags. If the 'kat' parameter is not NULL it will ++ * additionally check the signature matches it: a known answer test ++ * The string "fail_str" is used for identification purposes in case ++ * of failure. If "pkey" is NULL just perform a message digest check. ++ */ ++ ++int fips_pkey_signature_test(EVP_PKEY *pkey, ++ const unsigned char *tbs, int tbslen, ++ const unsigned char *kat, unsigned int katlen, ++ const EVP_MD *digest, unsigned int flags, ++ const char *fail_str) ++{ ++ int ret = 0; ++ unsigned char sigtmp[256], *sig = sigtmp; ++ size_t siglen = sizeof(sigtmp); ++ EVP_MD_CTX *mctx; ++ EVP_PKEY_CTX *pctx; ++ ++ if (digest == NULL) ++ digest = EVP_sha256(); ++ ++ mctx = EVP_MD_CTX_new(); ++ ++ if ((EVP_PKEY_id(pkey) == EVP_PKEY_RSA) ++ && (RSA_size(EVP_PKEY_get0_RSA(pkey)) > sizeof(sigtmp))) { ++ sig = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pkey))); ++ siglen = RSA_size(EVP_PKEY_get0_RSA(pkey)); ++ } ++ if (!sig || ! mctx) { ++ EVP_MD_CTX_free(mctx); ++ FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST, ERR_R_MALLOC_FAILURE); ++ return 0; ++ } ++ ++ if (tbslen == -1) ++ tbslen = strlen((char *)tbs); ++ ++ if (EVP_DigestSignInit(mctx, &pctx, digest, NULL, pkey) <= 0) ++ goto error; ++ ++ if (flags == EVP_MD_CTX_FLAG_PAD_PSS) { ++ EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING); ++ EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, 0); ++ } ++ ++ if (EVP_DigestSignUpdate(mctx, tbs, tbslen) <= 0) ++ goto error; ++ ++ if (EVP_DigestSignFinal(mctx, sig, &siglen) <= 0) ++ goto error; ++ ++ if (kat && ((siglen != katlen) || memcmp(kat, sig, katlen))) ++ goto error; ++ ++ if (EVP_DigestVerifyInit(mctx, &pctx, digest, NULL, pkey) <= 0) ++ goto error; ++ ++ if (flags == EVP_MD_CTX_FLAG_PAD_PSS) { ++ EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING); ++ EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, 0); ++ } ++ ++ if (EVP_DigestVerifyUpdate(mctx, tbs, tbslen) <= 0) ++ goto error; ++ ++ ret = EVP_DigestVerifyFinal(mctx, sig, siglen); ++ ++ error: ++ if (sig != sigtmp) ++ OPENSSL_free(sig); ++ EVP_MD_CTX_free(mctx); ++ if (ret <= 0) { ++ FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST, FIPS_R_TEST_FAILURE); ++ if (fail_str) ++ ERR_add_error_data(2, "Type=", fail_str); ++ return 0; ++ } ++ return 1; ++} ++ ++/* Generalized symmetric cipher test routine. Encrypt data, verify result ++ * against known answer, decrypt and compare with original plaintext. ++ */ ++ ++int fips_cipher_test(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ++ const unsigned char *key, ++ const unsigned char *iv, ++ const unsigned char *plaintext, ++ const unsigned char *ciphertext, int len) ++{ ++ unsigned char pltmp[FIPS_MAX_CIPHER_TEST_SIZE]; ++ unsigned char citmp[FIPS_MAX_CIPHER_TEST_SIZE]; ++ ++ OPENSSL_assert(len <= FIPS_MAX_CIPHER_TEST_SIZE); ++ memset(pltmp, 0, FIPS_MAX_CIPHER_TEST_SIZE); ++ memset(citmp, 0, FIPS_MAX_CIPHER_TEST_SIZE); ++ ++ if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 1) <= 0) ++ return 0; ++ if (EVP_Cipher(ctx, citmp, plaintext, len) <= 0) ++ return 0; ++ if (memcmp(citmp, ciphertext, len)) ++ return 0; ++ if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0) <= 0) ++ return 0; ++ if (EVP_Cipher(ctx, pltmp, citmp, len) <= 0) ++ return 0; ++ if (memcmp(pltmp, plaintext, len)) ++ return 0; ++ return 1; ++} ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1e/crypto/fips/fips_rand_lcl.h +--- openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rand_lcl.h 2020-03-17 17:30:52.048567008 +0100 +@@ -0,0 +1,203 @@ ++/* fips/rand/fips_rand_lcl.h */ ++/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL ++ * project. ++ */ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * licensing@OpenSSL.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ */ ++ ++typedef struct drbg_hash_ctx_st DRBG_HASH_CTX; ++typedef struct drbg_hmac_ctx_st DRBG_HMAC_CTX; ++typedef struct drbg_ctr_ctx_st DRBG_CTR_CTX; ++ ++/* 888 bits from 10.1 table 2 */ ++#define HASH_PRNG_MAX_SEEDLEN 111 ++ ++struct drbg_hash_ctx_st { ++ const EVP_MD *md; ++ EVP_MD_CTX *mctx; ++ unsigned char V[HASH_PRNG_MAX_SEEDLEN]; ++ unsigned char C[HASH_PRNG_MAX_SEEDLEN]; ++ /* Temporary value storage: should always exceed max digest length */ ++ unsigned char vtmp[HASH_PRNG_MAX_SEEDLEN]; ++}; ++ ++struct drbg_hmac_ctx_st { ++ const EVP_MD *md; ++ HMAC_CTX *hctx; ++ unsigned char K[EVP_MAX_MD_SIZE]; ++ unsigned char V[EVP_MAX_MD_SIZE]; ++}; ++ ++struct drbg_ctr_ctx_st { ++ AES_KEY ks; ++ size_t keylen; ++ unsigned char K[32]; ++ unsigned char V[16]; ++ /* Temp variables used by derivation function */ ++ AES_KEY df_ks; ++ AES_KEY df_kxks; ++ /* Temporary block storage used by ctr_df */ ++ unsigned char bltmp[16]; ++ size_t bltmp_pos; ++ unsigned char KX[48]; ++}; ++ ++/* DRBG internal flags */ ++ ++/* Functions shouldn't call err library */ ++#define DRBG_FLAG_NOERR 0x1 ++/* Custom reseed checking */ ++#define DRBG_CUSTOM_RESEED 0x2 ++ ++/* DRBG status values */ ++/* not initialised */ ++#define DRBG_STATUS_UNINITIALISED 0 ++/* ok and ready to generate random bits */ ++#define DRBG_STATUS_READY 1 ++/* reseed required */ ++#define DRBG_STATUS_RESEED 2 ++/* fatal error condition */ ++#define DRBG_STATUS_ERROR 3 ++ ++/* A default maximum length: larger than any reasonable value used in pratice */ ++ ++#define DRBG_MAX_LENGTH 0x7ffffff0 ++/* Maximum DRBG block length: all md sizes are bigger than cipher blocks sizes ++ * so use max digest length. ++ */ ++#define DRBG_MAX_BLOCK EVP_MAX_MD_SIZE ++ ++#define DRBG_HEALTH_INTERVAL (1 << 24) ++ ++/* DRBG context structure */ ++ ++struct drbg_ctx_st { ++ /* First types common to all implementations */ ++ /* DRBG type: a NID for the underlying algorithm */ ++ int type; ++ /* Various external flags */ ++ unsigned int xflags; ++ /* Various internal use only flags */ ++ unsigned int iflags; ++ /* Used for periodic health checks */ ++ int health_check_cnt, health_check_interval; ++ ++ /* The following parameters are setup by mechanism drbg_init() call */ ++ int strength; ++ size_t blocklength; ++ size_t max_request; ++ ++ size_t min_entropy, max_entropy; ++ size_t min_nonce, max_nonce; ++ size_t max_pers, max_adin; ++ unsigned int reseed_counter; ++ unsigned int reseed_interval; ++ size_t seedlen; ++ int status; ++ /* Application data: typically used by test get_entropy */ ++ void *app_data; ++ /* Implementation specific structures */ ++ union { ++ DRBG_HASH_CTX hash; ++ DRBG_HMAC_CTX hmac; ++ DRBG_CTR_CTX ctr; ++ } d; ++ /* Initialiase PRNG and setup callbacks below */ ++ int (*init) (DRBG_CTX *ctx, int nid, int security, unsigned int flags); ++ /* Intantiate PRNG */ ++ int (*instantiate) (DRBG_CTX *ctx, ++ const unsigned char *ent, size_t entlen, ++ const unsigned char *nonce, size_t noncelen, ++ const unsigned char *pers, size_t perslen); ++ /* reseed */ ++ int (*reseed) (DRBG_CTX *ctx, ++ const unsigned char *ent, size_t entlen, ++ const unsigned char *adin, size_t adinlen); ++ /* generat output */ ++ int (*generate) (DRBG_CTX *ctx, ++ unsigned char *out, size_t outlen, ++ const unsigned char *adin, size_t adinlen); ++ /* uninstantiate */ ++ int (*uninstantiate) (DRBG_CTX *ctx); ++ ++ /* Entropy source block length */ ++ size_t entropy_blocklen; ++ ++ /* entropy gathering function */ ++ size_t (*get_entropy) (DRBG_CTX *ctx, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len); ++ /* Indicates we have finished with entropy buffer */ ++ void (*cleanup_entropy) (DRBG_CTX *ctx, unsigned char *out, size_t olen); ++ ++ /* nonce gathering function */ ++ size_t (*get_nonce) (DRBG_CTX *ctx, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len); ++ /* Indicates we have finished with nonce buffer */ ++ void (*cleanup_nonce) (DRBG_CTX *ctx, unsigned char *out, size_t olen); ++ ++ /* Callbacks used when called through RAND interface */ ++ /* Get any additional input for generate */ ++ size_t (*get_adin) (DRBG_CTX *ctx, unsigned char **pout); ++ void (*cleanup_adin) (DRBG_CTX *ctx, unsigned char *out, size_t olen); ++ /* Callback for RAND_seed(), RAND_add() */ ++ int (*rand_seed_cb) (DRBG_CTX *ctx, const void *buf, int num); ++ int (*rand_add_cb) (DRBG_CTX *ctx, ++ const void *buf, int num, double entropy); ++}; ++ ++int fips_drbg_ctr_init(DRBG_CTX *dctx); ++int fips_drbg_hash_init(DRBG_CTX *dctx); ++int fips_drbg_hmac_init(DRBG_CTX *dctx); ++int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags); ++int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out); ++ ++#define FIPS_digestinit EVP_DigestInit ++#define FIPS_digestupdate EVP_DigestUpdate ++#define FIPS_digestfinal EVP_DigestFinal ++#define M_EVP_MD_size EVP_MD_size +diff -up openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1e/crypto/fips/fips_rand_lib.c +--- openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips 2020-03-17 17:30:52.049566991 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rand_lib.c 2020-03-17 17:30:52.049566991 +0100 +@@ -0,0 +1,234 @@ ++/* ==================================================================== ++ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++/* If we don't define _XOPEN_SOURCE_EXTENDED, struct timeval won't ++ be defined and gettimeofday() won't be declared with strict compilers ++ like DEC C in ANSI C mode. */ ++#ifndef _XOPEN_SOURCE_EXTENDED ++# define _XOPEN_SOURCE_EXTENDED 1 ++#endif ++ ++#include ++#include ++#include ++#include ++#include "crypto/fips.h" ++#include ++#include "e_os.h" ++ ++#if !(defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS)) ++# include ++#endif ++#if defined(OPENSSL_SYS_VXWORKS) ++# include ++#endif ++#ifndef OPENSSL_SYS_WIN32 ++# ifdef OPENSSL_UNISTD ++# include OPENSSL_UNISTD ++# else ++# include ++# endif ++#endif ++ ++/* FIPS API for PRNG use. Similar to RAND functionality but without ++ * ENGINE and additional checking for non-FIPS rand methods. ++ */ ++ ++static const RAND_METHOD *fips_rand_meth = NULL; ++static int fips_approved_rand_meth = 0; ++static int fips_rand_bits = 0; ++ ++/* Allows application to override number of bits and uses non-FIPS methods */ ++void FIPS_rand_set_bits(int nbits) ++{ ++ fips_rand_bits = nbits; ++} ++ ++int FIPS_rand_set_method(const RAND_METHOD *meth) ++{ ++ if (!fips_rand_bits) { ++ if (meth == FIPS_drbg_method()) ++ fips_approved_rand_meth = 1; ++ else { ++ fips_approved_rand_meth = 0; ++ if (FIPS_module_mode()) { ++ FIPSerr(FIPS_F_FIPS_RAND_SET_METHOD, FIPS_R_NON_FIPS_METHOD); ++ return 0; ++ } ++ } ++ } ++ fips_rand_meth = meth; ++ return 1; ++} ++ ++const RAND_METHOD *FIPS_rand_get_method(void) ++{ ++ return fips_rand_meth; ++} ++ ++void FIPS_rand_reset(void) ++{ ++ if (fips_rand_meth && fips_rand_meth->cleanup) ++ fips_rand_meth->cleanup(); ++} ++ ++int FIPS_rand_seed(const void *buf, int num) ++{ ++ if (!fips_approved_rand_meth && FIPS_module_mode()) { ++ FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD); ++ return 0; ++ } ++ if (fips_rand_meth && fips_rand_meth->seed) ++ fips_rand_meth->seed(buf, num); ++ return 1; ++} ++ ++int FIPS_rand_bytes(unsigned char *buf, int num) ++{ ++ if (!fips_approved_rand_meth && FIPS_module_mode()) { ++ FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD); ++ return 0; ++ } ++ if (fips_rand_meth && fips_rand_meth->bytes) ++ return fips_rand_meth->bytes(buf, num); ++ return 0; ++} ++ ++int FIPS_rand_status(void) ++{ ++ if (!fips_approved_rand_meth && FIPS_module_mode()) { ++ FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD); ++ return 0; ++ } ++ if (fips_rand_meth && fips_rand_meth->status) ++ return fips_rand_meth->status(); ++ return 0; ++} ++ ++/* Return instantiated strength of PRNG. For DRBG this is an internal ++ * parameter. Any other type of PRNG is not approved and returns 0 in ++ * FIPS mode and maximum 256 outside FIPS mode. ++ */ ++ ++int FIPS_rand_strength(void) ++{ ++ if (fips_rand_bits) ++ return fips_rand_bits; ++ if (fips_approved_rand_meth == 1) ++ return FIPS_drbg_get_strength(FIPS_get_default_drbg()); ++ else if (fips_approved_rand_meth == 0) { ++ if (FIPS_module_mode()) ++ return 0; ++ else ++ return 256; ++ } ++ return 0; ++} ++ ++void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr) ++{ ++# ifdef OPENSSL_SYS_WIN32 ++ FILETIME ft; ++# elif defined(OPENSSL_SYS_VXWORKS) ++ struct timespec ts; ++# else ++ struct timeval tv; ++# endif ++ ++# ifndef GETPID_IS_MEANINGLESS ++ unsigned long pid; ++# endif ++ ++# ifdef OPENSSL_SYS_WIN32 ++ GetSystemTimeAsFileTime(&ft); ++ buf[0] = (unsigned char)(ft.dwHighDateTime & 0xff); ++ buf[1] = (unsigned char)((ft.dwHighDateTime >> 8) & 0xff); ++ buf[2] = (unsigned char)((ft.dwHighDateTime >> 16) & 0xff); ++ buf[3] = (unsigned char)((ft.dwHighDateTime >> 24) & 0xff); ++ buf[4] = (unsigned char)(ft.dwLowDateTime & 0xff); ++ buf[5] = (unsigned char)((ft.dwLowDateTime >> 8) & 0xff); ++ buf[6] = (unsigned char)((ft.dwLowDateTime >> 16) & 0xff); ++ buf[7] = (unsigned char)((ft.dwLowDateTime >> 24) & 0xff); ++# elif defined(OPENSSL_SYS_VXWORKS) ++ clock_gettime(CLOCK_REALTIME, &ts); ++ buf[0] = (unsigned char)(ts.tv_sec & 0xff); ++ buf[1] = (unsigned char)((ts.tv_sec >> 8) & 0xff); ++ buf[2] = (unsigned char)((ts.tv_sec >> 16) & 0xff); ++ buf[3] = (unsigned char)((ts.tv_sec >> 24) & 0xff); ++ buf[4] = (unsigned char)(ts.tv_nsec & 0xff); ++ buf[5] = (unsigned char)((ts.tv_nsec >> 8) & 0xff); ++ buf[6] = (unsigned char)((ts.tv_nsec >> 16) & 0xff); ++ buf[7] = (unsigned char)((ts.tv_nsec >> 24) & 0xff); ++# else ++ gettimeofday(&tv, NULL); ++ buf[0] = (unsigned char)(tv.tv_sec & 0xff); ++ buf[1] = (unsigned char)((tv.tv_sec >> 8) & 0xff); ++ buf[2] = (unsigned char)((tv.tv_sec >> 16) & 0xff); ++ buf[3] = (unsigned char)((tv.tv_sec >> 24) & 0xff); ++ buf[4] = (unsigned char)(tv.tv_usec & 0xff); ++ buf[5] = (unsigned char)((tv.tv_usec >> 8) & 0xff); ++ buf[6] = (unsigned char)((tv.tv_usec >> 16) & 0xff); ++ buf[7] = (unsigned char)((tv.tv_usec >> 24) & 0xff); ++# endif ++ buf[8] = (unsigned char)(*pctr & 0xff); ++ buf[9] = (unsigned char)((*pctr >> 8) & 0xff); ++ buf[10] = (unsigned char)((*pctr >> 16) & 0xff); ++ buf[11] = (unsigned char)((*pctr >> 24) & 0xff); ++ ++ (*pctr)++; ++ ++# ifndef GETPID_IS_MEANINGLESS ++ pid = (unsigned long)getpid(); ++ buf[12] = (unsigned char)(pid & 0xff); ++ buf[13] = (unsigned char)((pid >> 8) & 0xff); ++ buf[14] = (unsigned char)((pid >> 16) & 0xff); ++ buf[15] = (unsigned char)((pid >> 24) & 0xff); ++# endif ++} ++ +diff -up openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips 2020-03-17 17:30:52.049566991 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c 2020-03-17 17:30:52.049566991 +0100 +@@ -0,0 +1,338 @@ ++/* ==================================================================== ++ * Copyright (c) 2003-2007 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#ifdef OPENSSL_FIPS ++# include ++# include "crypto/fips.h" ++#endif ++#include ++#include ++#include ++#include ++#include "fips_locl.h" ++ ++#ifdef OPENSSL_FIPS ++ ++static int setrsakey(RSA *key) ++{ ++ static const unsigned char keydata_n[] = { ++ 0x00, 0xc9, 0xd5, 0x6d, 0x9d, 0x90, 0xdb, 0x43, 0xd6, 0x02, 0xed, 0x96, 0x88, 0x13, 0x8a, ++ 0xb2, 0xbf, 0x6e, 0xa1, 0x06, 0x10, 0xb2, 0x78, 0x37, 0xa7, 0x14, 0xa8, 0xff, 0xdd, 0x00, ++ 0xdd, 0xb4, 0x93, 0xa0, 0x45, 0xcc, 0x96, 0x90, 0xed, 0xad, 0xa9, 0xdd, 0xc4, 0xd6, 0xca, ++ 0x0c, 0xf0, 0xed, 0x4f, 0x72, 0x5e, 0x21, 0x49, 0x9a, 0x18, 0x12, 0x15, 0x8f, 0x90, 0x5a, ++ 0xdb, 0xb6, 0x33, 0x99, 0xa3, 0xe6, 0xb4, 0xf0, 0xc4, 0x97, 0x21, 0x26, 0xbb, 0xe3, 0xba, ++ 0xf2, 0xff, 0xa0, 0x72, 0xda, 0x89, 0x63, 0x8e, 0x8b, 0x3e, 0x08, 0x9d, 0x92, 0x2a, 0xbe, ++ 0x16, 0xe1, 0x43, 0x15, 0xfc, 0x57, 0xc7, 0x1f, 0x09, 0x11, 0x67, 0x1c, 0xa9, 0x96, 0xd1, ++ 0x8b, 0x3e, 0x80, 0x93, 0xc1, 0x59, 0xd0, 0x6d, 0x39, 0xf2, 0xac, 0x95, 0xcc, 0x10, 0x75, ++ 0xe9, 0x31, 0x24, 0xd1, 0x43, 0xaf, 0x68, 0x52, 0x4b, 0xe7, 0x16, 0xd7, 0x49, 0x65, 0x6f, ++ 0x26, 0xc0, 0x86, 0xad, 0xc0, 0x07, 0x0a, 0xc1, 0xe1, 0x2f, 0x87, 0x85, 0x86, 0x3b, 0xdc, ++ 0x5a, 0x99, 0xbe, 0xe9, 0xf9, 0xb9, 0xe9, 0x82, 0x27, 0x51, 0x04, 0x15, 0xab, 0x06, 0x0e, ++ 0x76, 0x5a, 0x28, 0x8d, 0x92, 0xbd, 0xc5, 0xb5, 0x7b, 0xa8, 0xdf, 0x4e, 0x47, 0xa2, 0xc1, ++ 0xe7, 0x52, 0xbf, 0x47, 0xf7, 0x62, 0xe0, 0x3a, 0x6f, 0x4d, 0x6a, 0x4d, 0x4e, 0xd4, 0xb9, ++ 0x59, 0x69, 0xfa, 0xb2, 0x14, 0xc1, 0xee, 0xe6, 0x2f, 0x95, 0xcd, 0x94, 0x72, 0xae, 0xe4, ++ 0xdb, 0x18, 0x9a, 0xc4, 0xcd, 0x70, 0xbd, 0xee, 0x31, 0x16, 0xb7, 0x49, 0x65, 0xac, 0x40, ++ 0x19, 0x0e, 0xb5, 0x6d, 0x83, 0xf1, 0x36, 0xbb, 0x08, 0x2f, 0x2e, 0x4e, 0x92, 0x62, 0xa4, ++ 0xff, 0x50, 0xdb, 0x20, 0x45, 0xa2, 0xeb, 0x16, 0x7a, 0xf2, 0xd5, 0x28, 0xc1, 0xfd, 0x4e, ++ 0x03, 0x71 ++ }; ++ ++ static const unsigned char keydata_e[] = { 0x01, 0x00, 0x01 }; ++ ++ static const unsigned char keydata_d[] = { ++ 0x36, 0x27, 0x3d, 0xb1, 0xf9, 0x1b, 0xdb, 0xa7, 0xa0, 0x41, 0x7f, 0x12, 0x23, 0xac, 0x23, ++ 0x29, 0x99, 0xd5, 0x3a, 0x7b, 0x60, 0x67, 0x41, 0x07, 0x63, 0x53, 0xb4, 0xd2, 0xe7, 0x58, ++ 0x95, 0x0a, 0xc7, 0x05, 0xf3, 0x4e, 0xb2, 0xb4, 0x12, 0xd4, 0x70, 0xdc, 0x4f, 0x85, 0x06, ++ 0xd3, 0xdd, 0xd8, 0x63, 0x27, 0x3e, 0x67, 0x31, 0x21, 0x24, 0x39, 0x04, 0xbc, 0x06, 0xa4, ++ 0xcc, 0xce, 0x2b, 0x7a, 0xfe, 0x7b, 0xad, 0xde, 0x11, 0x6e, 0xa3, 0xa5, 0xe6, 0x04, 0x53, ++ 0x0e, 0xa3, 0x4e, 0x2d, 0xb4, 0x8f, 0x31, 0xbf, 0xca, 0x75, 0x25, 0x52, 0x02, 0x85, 0xde, ++ 0x3d, 0xb2, 0x72, 0x43, 0xb2, 0x89, 0x8a, 0x9a, 0x34, 0x41, 0x26, 0x3f, 0x9a, 0x67, 0xbe, ++ 0xa4, 0x96, 0x7b, 0x0e, 0x75, 0xba, 0xa6, 0x93, 0xd5, 0xb8, 0xd8, 0xb8, 0x57, 0xf2, 0x4b, ++ 0x0f, 0x14, 0x81, 0xd1, 0x57, 0x4e, 0xf6, 0x45, 0x4c, 0xa6, 0x3b, 0xd0, 0x70, 0xca, 0xd3, ++ 0x9d, 0x55, 0xde, 0x22, 0x05, 0xe7, 0x8e, 0x28, 0x4d, 0xee, 0x11, 0xcf, 0xb6, 0x67, 0x76, ++ 0x09, 0xd3, 0xe3, 0x3c, 0x13, 0xf9, 0x99, 0x34, 0x10, 0x7b, 0xec, 0x81, 0x38, 0xf0, 0xb6, ++ 0x34, 0x9c, 0x9b, 0x50, 0x6f, 0x0b, 0x91, 0x81, 0x4d, 0x89, 0x94, 0x04, 0x7b, 0xf0, 0x3c, ++ 0xf4, 0xb1, 0xb2, 0x00, 0x48, 0x8d, 0x5a, 0x8f, 0x88, 0x9e, 0xc5, 0xab, 0x3a, 0x9e, 0x44, ++ 0x3f, 0x54, 0xe7, 0xd9, 0x6e, 0x47, 0xaa, 0xa1, 0xbd, 0x40, 0x46, 0x31, 0xf9, 0xf0, 0x34, ++ 0xb6, 0x04, 0xe1, 0x2b, 0x5b, 0x73, 0x86, 0xdd, 0x3a, 0x92, 0x1b, 0x71, 0xc7, 0x3f, 0x32, ++ 0xe5, 0xc3, 0xc2, 0xab, 0xa1, 0x7e, 0xbf, 0xa4, 0x52, 0xa0, 0xb0, 0x68, 0x90, 0xd1, 0x20, ++ 0x12, 0x79, 0xe9, 0xd7, 0xc9, 0x40, 0xba, 0xf2, 0x19, 0xc7, 0xa5, 0x00, 0x92, 0x86, 0x0d, ++ 0x01 ++ }; ++ ++ static const unsigned char keydata_p[] = { ++ 0x00, 0xfc, 0x5c, 0x6e, 0x16, 0xce, 0x1f, 0x03, 0x7b, 0xcd, 0xf7, 0xb3, 0x72, 0xb2, 0x8f, ++ 0x16, 0x72, 0xb8, 0x56, 0xae, 0xf7, 0xcd, 0x67, 0xd8, 0x4e, 0x7d, 0x07, 0xaf, 0xd5, 0x43, ++ 0x26, 0xc3, 0x35, 0xbe, 0x43, 0x8f, 0x4e, 0x2f, 0x1c, 0x43, 0x4e, 0x6b, 0xd2, 0xb2, 0xec, ++ 0x52, 0x6d, 0x97, 0x52, 0x2b, 0xcc, 0x5c, 0x3a, 0x6b, 0xf4, 0x14, 0xc6, 0x74, 0xda, 0x66, ++ 0x38, 0x1c, 0x7a, 0x3f, 0x84, 0x2f, 0xe3, 0xf9, 0x5a, 0xb8, 0x65, 0x69, 0x46, 0x06, 0xa3, ++ 0x37, 0x79, 0xb2, 0xa1, 0x5b, 0x58, 0xed, 0x5e, 0xa7, 0x5f, 0x8c, 0x65, 0x66, 0xbb, 0xd1, ++ 0x24, 0x36, 0xe6, 0x37, 0xa7, 0x3d, 0x49, 0x77, 0x8a, 0x8c, 0x34, 0xd8, 0x69, 0x29, 0xf3, ++ 0x4d, 0x58, 0x22, 0xb0, 0x51, 0x24, 0xb6, 0x40, 0xa8, 0x86, 0x59, 0x0a, 0xb7, 0xba, 0x5c, ++ 0x97, 0xda, 0x57, 0xe8, 0x36, 0xda, 0x7a, 0x9c, 0xad ++ }; ++ ++ static const unsigned char keydata_q[] = { ++ 0x00, 0xcc, 0xbe, 0x7b, 0x09, 0x69, 0x06, 0xee, 0x45, 0xbf, 0x88, 0x47, 0x38, 0xa8, 0xf8, ++ 0x17, 0xe5, 0xb6, 0xba, 0x67, 0x55, 0xe3, 0xe8, 0x05, 0x8b, 0xb8, 0xe2, 0x53, 0xd6, 0x8e, ++ 0xef, 0x2c, 0xe7, 0x4f, 0x4a, 0xf7, 0x4e, 0x26, 0x8d, 0x85, 0x0b, 0x3f, 0xec, 0xc3, 0x1c, ++ 0xd4, 0xeb, 0xec, 0x6a, 0xc8, 0x72, 0x2a, 0x25, 0x7d, 0xfd, 0xa6, 0x77, 0x96, 0xf0, 0x1e, ++ 0xcd, 0x28, 0x57, 0xf8, 0x37, 0x30, 0x75, 0x6b, 0xbd, 0xd4, 0x7b, 0x0c, 0x87, 0xc5, 0x6c, ++ 0x87, 0x40, 0xa5, 0xbb, 0x27, 0x2c, 0x78, 0xc9, 0x74, 0x5a, 0x54, 0x5b, 0x0b, 0x30, 0x6f, ++ 0x44, 0x4a, 0xfa, 0x71, 0xe4, 0x21, 0x61, 0x66, 0xf9, 0xee, 0x65, 0xde, 0x7c, 0x04, 0xd7, ++ 0xfd, 0xa9, 0x15, 0x5b, 0x7f, 0xe2, 0x7a, 0xba, 0x69, 0x86, 0x72, 0xa6, 0x06, 0x8d, 0x9b, ++ 0x90, 0x55, 0x60, 0x9e, 0x4c, 0x5d, 0xa9, 0xb6, 0x55 ++ }; ++ ++ static const unsigned char keydata_dmp1[] = { ++ 0x7a, 0xd6, 0x12, 0xd0, 0x0e, 0xec, 0x91, 0xa9, 0x85, 0x8b, 0xf8, 0x50, 0xf0, 0x11, 0x2e, ++ 0x00, 0x11, 0x32, 0x40, 0x60, 0x66, 0x1f, 0x11, 0xee, 0xc2, 0x75, 0x27, 0x65, 0x4b, 0x16, ++ 0x67, 0x16, 0x95, 0xd2, 0x14, 0xc3, 0x1d, 0xb3, 0x48, 0x1f, 0xb7, 0xe4, 0x0b, 0x2b, 0x74, ++ 0xc3, 0xdb, 0x50, 0x27, 0xf9, 0x85, 0x3a, 0xfa, 0xa9, 0x08, 0x23, 0xc1, 0x65, 0x3d, 0x34, ++ 0x3a, 0xc8, 0x56, 0x7a, 0x65, 0x45, 0x36, 0x6e, 0xae, 0x2a, 0xce, 0x9f, 0x43, 0x43, 0xd7, ++ 0x10, 0xe9, 0x9e, 0x18, 0xf4, 0xa4, 0x35, 0xda, 0x8a, 0x6b, 0xb0, 0x3f, 0xdd, 0x53, 0xe3, ++ 0xa8, 0xc5, 0x4e, 0x79, 0x9d, 0x1f, 0x51, 0x8c, 0xa2, 0xca, 0x66, 0x3c, 0x6a, 0x2a, 0xff, ++ 0x8e, 0xd2, 0xf3, 0xb7, 0xcb, 0x82, 0xda, 0xde, 0x2c, 0xe6, 0xd2, 0x8c, 0xb3, 0xad, 0xb6, ++ 0x4c, 0x95, 0x55, 0x76, 0xbd, 0xc9, 0xc8, 0xd1 ++ }; ++ ++ static const unsigned char keydata_dmq1[] = { ++ 0x00, 0x83, 0x23, 0x1d, 0xbb, 0x11, 0x42, 0x17, 0x2b, 0x25, 0x5a, 0x2c, 0x03, 0xe6, 0x75, ++ 0xc1, 0x18, 0xa8, 0xc9, 0x0b, 0x96, 0xbf, 0xba, 0xc4, 0x92, 0x91, 0x80, 0xa5, 0x22, 0x2f, ++ 0xba, 0x91, 0x90, 0x36, 0x01, 0x56, 0x15, 0x00, 0x2c, 0x74, 0xa2, 0x97, 0xf7, 0x15, 0xa1, ++ 0x49, 0xdf, 0x32, 0x35, 0xd2, 0xdd, 0x0c, 0x91, 0xa6, 0xf8, 0xe7, 0xbe, 0x81, 0x36, 0x9b, ++ 0x03, 0xdc, 0x6b, 0x3b, 0xd8, 0x5d, 0x79, 0x57, 0xe0, 0xe6, 0x4f, 0x49, 0xdf, 0x4c, 0x5c, ++ 0x0e, 0xe5, 0x21, 0x41, 0x95, 0xfd, 0xad, 0xff, 0x9a, 0x3e, 0xa0, 0xf9, 0x0f, 0x59, 0x9e, ++ 0x6a, 0xa7, 0x7b, 0x71, 0xa7, 0x24, 0x9a, 0x36, 0x52, 0xae, 0x97, 0x20, 0xc1, 0x5e, 0x78, ++ 0xd9, 0x47, 0x8b, 0x1e, 0x67, 0xf2, 0xaf, 0x98, 0xe6, 0x2d, 0xef, 0x10, 0xd7, 0xf1, 0xab, ++ 0x49, 0xee, 0xe5, 0x4b, 0x7e, 0xae, 0x1f, 0x1d, 0x61 ++ }; ++ ++ static const unsigned char keydata_iqmp[] = { ++ 0x23, 0x96, 0xc1, 0x91, 0x17, 0x5e, 0x0a, 0x83, 0xd2, 0xdc, 0x7b, 0x69, 0xb2, 0x59, 0x1d, ++ 0x33, 0x58, 0x52, 0x3f, 0x18, 0xc7, 0x09, 0x50, 0x1c, 0xb9, 0xa1, 0xbb, 0x4c, 0xa2, 0x38, ++ 0x40, 0x4c, 0x9a, 0x8e, 0xfe, 0x9c, 0x90, 0x92, 0xd0, 0x71, 0x9f, 0x89, 0x99, 0x50, 0x91, ++ 0x1f, 0x34, 0x8b, 0x74, 0x53, 0x11, 0x11, 0x4a, 0x70, 0xe2, 0xf7, 0x30, 0xd8, 0x8c, 0x80, ++ 0xe1, 0xcc, 0x9f, 0xf1, 0x63, 0x17, 0x1a, 0x7d, 0x67, 0x29, 0x4c, 0xcb, 0x4e, 0x74, 0x7b, ++ 0xe0, 0x3e, 0x9e, 0x2f, 0xf4, 0x67, 0x8f, 0xec, 0xb9, 0x5c, 0x00, 0x1e, 0x7e, 0xa2, 0x7b, ++ 0x92, 0xc9, 0x6f, 0x4c, 0xe4, 0x0e, 0xf9, 0x48, 0x63, 0xcd, 0x50, 0x22, 0x5d, 0xbf, 0xb6, ++ 0x9d, 0x01, 0x33, 0x6a, 0xf4, 0x50, 0xbe, 0x86, 0x98, 0x4f, 0xca, 0x3f, 0x3a, 0xfa, 0xcf, ++ 0x07, 0x40, 0xc4, 0xaa, 0xad, 0xae, 0xbe, 0xbf ++ }; ++ ++ int rv = 0; ++ BIGNUM *n = NULL, *e = NULL, *d = NULL, *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; ++ ++ fips_load_key_component(n, keydata); ++ fips_load_key_component(e, keydata); ++ fips_load_key_component(d, keydata); ++ fips_load_key_component(p, keydata); ++ fips_load_key_component(q, keydata); ++ fips_load_key_component(dmp1, keydata); ++ fips_load_key_component(dmq1, keydata); ++ fips_load_key_component(iqmp, keydata); ++ ++ RSA_set0_key(key, n, e, d); ++ RSA_set0_factors(key, p, q); ++ RSA_set0_crt_params(key, dmp1, dmq1, iqmp); ++ ++ rv = 1; ++err: ++ if (!rv) { ++ BN_free(n); ++ BN_free(e); ++ BN_free(d); ++ BN_free(p); ++ BN_free(q); ++ BN_free(dmp1); ++ BN_free(dmq1); ++ BN_free(iqmp); ++ } ++ return rv; ++} ++ ++/* Known Answer Test (KAT) data for the above RSA private key signing ++ * kat_tbs. ++ */ ++ ++static const unsigned char kat_tbs[] = ++ "OpenSSL FIPS 140-2 Public Key RSA KAT"; ++ ++static const unsigned char kat_RSA_PSS_SHA256[] = { ++ 0x38, 0xDA, 0x99, 0x51, 0x26, 0x38, 0xC6, 0x7F, 0xC4, 0x81, 0x57, 0x19, ++ 0x35, 0xC6, 0xF6, 0x1E, 0x90, 0x47, 0x20, 0x55, 0x47, 0x56, 0x26, 0xE9, ++ 0xF2, 0xA8, 0x39, 0x6C, 0xD5, 0xCD, 0xCB, 0x55, 0xFC, 0x0C, 0xC5, 0xCB, ++ 0xF7, 0x40, 0x17, 0x3B, 0xCF, 0xE4, 0x05, 0x03, 0x3B, 0xA0, 0xB2, 0xC9, ++ 0x0D, 0x5E, 0x48, 0x3A, 0xE9, 0xAD, 0x28, 0x71, 0x7D, 0x8F, 0x89, 0x16, ++ 0x59, 0x93, 0x35, 0xDC, 0x4D, 0x7B, 0xDF, 0x84, 0xE4, 0x68, 0xAA, 0x33, ++ 0xAA, 0xDC, 0x66, 0x50, 0xC8, 0xA9, 0x32, 0x12, 0xDC, 0xC6, 0x90, 0x49, ++ 0x0B, 0x75, 0xFF, 0x9B, 0x95, 0x00, 0x9A, 0x90, 0xE0, 0xD4, 0x0E, 0x67, ++ 0xAB, 0x3C, 0x47, 0x36, 0xC5, 0x2E, 0x1C, 0x46, 0xF0, 0x2D, 0xD3, 0x8B, ++ 0x42, 0x08, 0xDE, 0x0D, 0xB6, 0x2C, 0x86, 0xB0, 0x35, 0x71, 0x18, 0x6B, ++ 0x89, 0x67, 0xC0, 0x05, 0xAD, 0xF4, 0x1D, 0x62, 0x4E, 0x75, 0xEC, 0xD6, ++ 0xC2, 0xDB, 0x07, 0xB0, 0xB6, 0x8D, 0x15, 0xAD, 0xCD, 0xBF, 0xF5, 0x60, ++ 0x76, 0xAE, 0x48, 0xB8, 0x77, 0x7F, 0xC5, 0x01, 0xD9, 0x29, 0xBB, 0xD6, ++ 0x17, 0xA2, 0x20, 0x5A, 0xC0, 0x4A, 0x3B, 0x34, 0xC8, 0xB9, 0x39, 0xCF, ++ 0x06, 0x89, 0x95, 0x6F, 0xC7, 0xCA, 0xC4, 0xE4, 0x43, 0xDF, 0x5A, 0x23, ++ 0xE2, 0x89, 0xA3, 0x38, 0x78, 0x31, 0x38, 0xC6, 0xA4, 0x6F, 0x5F, 0x73, ++ 0x5A, 0xE5, 0x9E, 0x09, 0xE7, 0x6F, 0xD4, 0xF8, 0x3E, 0xB7, 0xB0, 0x56, ++ 0x9A, 0xF3, 0x65, 0xF0, 0xC2, 0xA6, 0x8A, 0x08, 0xBA, 0x44, 0xAC, 0x97, ++ 0xDE, 0xB4, 0x16, 0x83, 0xDF, 0xE3, 0xEE, 0x71, 0xFA, 0xF9, 0x51, 0x50, ++ 0x14, 0xDC, 0xFD, 0x6A, 0x82, 0x20, 0x68, 0x64, 0x7D, 0x4E, 0x82, 0x68, ++ 0xD7, 0x45, 0xFA, 0x6A, 0xE4, 0xE5, 0x29, 0x3A, 0x70, 0xFB, 0xE4, 0x62, ++ 0x2B, 0x31, 0xB9, 0x7D ++}; ++ ++static const unsigned char kat_RSA_SHA256[] = { ++ 0xC2, 0xB1, 0x97, 0x00, 0x9A, 0xE5, 0x80, 0x6A, 0xE2, 0x51, 0x68, 0xB9, ++ 0x7A, 0x0C, 0xF2, 0xB4, 0x77, 0xED, 0x15, 0x0C, 0x4E, 0xE1, 0xDC, 0xFF, ++ 0x8E, 0xBC, 0xDE, 0xC7, 0x9A, 0x96, 0xF1, 0x47, 0x45, 0x24, 0x9D, 0x6F, ++ 0xA6, 0xF3, 0x1D, 0x0D, 0x35, 0x4C, 0x1A, 0xF3, 0x58, 0x2C, 0x6C, 0x06, ++ 0xD6, 0x22, 0x37, 0x77, 0x8C, 0x33, 0xE5, 0x07, 0x53, 0x93, 0x28, 0xCF, ++ 0x67, 0xFA, 0xC4, 0x1F, 0x1B, 0x24, 0xDB, 0x4C, 0xC5, 0x2A, 0x51, 0xA2, ++ 0x60, 0x15, 0x8C, 0x54, 0xB4, 0x30, 0xE2, 0x24, 0x47, 0x86, 0xF2, 0xF8, ++ 0x6C, 0xD6, 0x12, 0x59, 0x2C, 0x74, 0x9A, 0x37, 0xF3, 0xC4, 0xA2, 0xD5, ++ 0x4E, 0x1F, 0x77, 0xF0, 0x27, 0xCE, 0x77, 0xF8, 0x4A, 0x79, 0x03, 0xBE, ++ 0xC8, 0x06, 0x2D, 0xA7, 0xA6, 0x46, 0xF5, 0x55, 0x79, 0xD7, 0x5C, 0xC6, ++ 0x5B, 0xB1, 0x00, 0x4E, 0x7C, 0xD9, 0x11, 0x85, 0xE0, 0xB1, 0x4D, 0x2D, ++ 0x13, 0xD7, 0xAC, 0xEA, 0x64, 0xD1, 0xAC, 0x8F, 0x8D, 0x8F, 0xEA, 0x42, ++ 0x7F, 0xF9, 0xB7, 0x7D, 0x2C, 0x68, 0x49, 0x07, 0x7A, 0x74, 0xEF, 0xB4, ++ 0xC9, 0x97, 0x16, 0x5C, 0x6C, 0x6E, 0x5C, 0x09, 0x2E, 0x8E, 0x13, 0x2E, ++ 0x1A, 0x8D, 0xA6, 0x0C, 0x6E, 0x0C, 0x1C, 0x0F, 0xCC, 0xB2, 0x78, 0x8A, ++ 0x07, 0xFC, 0x5C, 0xC2, 0xF5, 0x65, 0xEC, 0xAB, 0x8B, 0x3C, 0xCA, 0x91, ++ 0x6F, 0x84, 0x7C, 0x21, 0x0E, 0xB8, 0xDA, 0x7B, 0x6C, 0xF7, 0xDF, 0xAB, ++ 0x7E, 0x15, 0xFD, 0x85, 0x0B, 0x33, 0x9B, 0x6A, 0x3A, 0xC3, 0xEF, 0x65, ++ 0x04, 0x6E, 0xB2, 0xAC, 0x98, 0xFD, 0xEB, 0x02, 0xF5, 0xC0, 0x0B, 0x5E, ++ 0xCB, 0xD4, 0x83, 0x82, 0x18, 0x1B, 0xDA, 0xB4, 0xCD, 0xE8, 0x71, 0x6B, ++ 0x1D, 0xB5, 0x4F, 0xE9, 0xD6, 0x43, 0xA0, 0x0A, 0x14, 0xA0, 0xE7, 0x5D, ++ 0x47, 0x9D, 0x18, 0xD7 ++}; ++ ++static int fips_rsa_encrypt_test(RSA *rsa, const unsigned char *plaintext, ++ int ptlen) ++{ ++ unsigned char *ctbuf = NULL, *ptbuf = NULL; ++ int ret = 0; ++ int len; ++ ++ ctbuf = OPENSSL_malloc(RSA_size(rsa)); ++ if (!ctbuf) ++ goto err; ++ ++ len = RSA_public_encrypt(ptlen, plaintext, ctbuf, rsa, RSA_PKCS1_PADDING); ++ if (len <= 0) ++ goto err; ++ /* Check ciphertext doesn't match plaintext */ ++ if (len >= ptlen && !memcmp(plaintext, ctbuf, ptlen)) ++ goto err; ++ ++ ptbuf = OPENSSL_malloc(RSA_size(rsa)); ++ if (!ptbuf) ++ goto err; ++ ++ len = RSA_private_decrypt(len, ctbuf, ptbuf, rsa, RSA_PKCS1_PADDING); ++ if (len != ptlen) ++ goto err; ++ if (memcmp(ptbuf, plaintext, len)) ++ goto err; ++ ++ ret = 1; ++ ++ err: ++ if (ctbuf) ++ OPENSSL_free(ctbuf); ++ if (ptbuf) ++ OPENSSL_free(ptbuf); ++ return ret; ++} ++ ++int FIPS_selftest_rsa() ++{ ++ int ret = 0; ++ RSA *key; ++ EVP_PKEY *pk = NULL; ++ ++ if ((key = RSA_new()) == NULL) ++ goto err; ++ ++ if (!setrsakey(key)) ++ goto err; ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_set1_RSA(pk, key); ++ ++ if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1, ++ kat_RSA_SHA256, sizeof(kat_RSA_SHA256), ++ EVP_sha256(), EVP_MD_CTX_FLAG_PAD_PKCS1, ++ "RSA SHA256 PKCS#1")) ++ goto err; ++ ++ if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1, ++ kat_RSA_PSS_SHA256, ++ sizeof(kat_RSA_PSS_SHA256), EVP_sha256(), ++ EVP_MD_CTX_FLAG_PAD_PSS, "RSA SHA256 PSS")) ++ goto err; ++ ++ if (!fips_rsa_encrypt_test(key, kat_tbs, sizeof(kat_tbs) - 1)) ++ goto err; ++ ++ ret = 1; ++ ++ err: ++ if (pk) ++ EVP_PKEY_free(pk); ++ if (key) ++ RSA_free(key); ++ return ret; ++} ++ ++#endif /* def OPENSSL_FIPS */ +diff -up openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_sha_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_sha_selftest.c 2020-03-17 17:30:52.050566973 +0100 +@@ -0,0 +1,223 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#ifdef OPENSSL_FIPS ++# include ++#endif ++#include ++#include ++ ++#ifdef OPENSSL_FIPS ++static const char test[][60] = { ++ "", ++ "abc", ++ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" ++}; ++ ++static const unsigned char ret[][SHA_DIGEST_LENGTH] = { ++ {0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d, 0x32, 0x55, ++ 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09}, ++ {0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, 0xba, 0x3e, ++ 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, 0x9c, 0xd0, 0xd8, 0x9d}, ++ {0x84, 0x98, 0x3e, 0x44, 0x1c, 0x3b, 0xd2, 0x6e, 0xba, 0xae, ++ 0x4a, 0xa1, 0xf9, 0x51, 0x29, 0xe5, 0xe5, 0x46, 0x70, 0xf1}, ++}; ++ ++int FIPS_selftest_sha1() ++{ ++ int n; ++ ++ for (n = 0; n < sizeof(test) / sizeof(test[0]); ++n) { ++ unsigned char md[SHA_DIGEST_LENGTH]; ++ ++ EVP_Digest(test[n], strlen(test[n]), md, NULL, ++ EVP_sha1(), NULL); ++ if (memcmp(md, ret[n], sizeof md)) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ } ++ return 1; ++} ++ ++static const unsigned char msg_sha256[] = ++ { 0xfa, 0x48, 0x59, 0x2a, 0xe1, 0xae, 0x1f, 0x30, ++ 0xfc ++}; ++ ++static const unsigned char dig_sha256[] = ++ { 0xf7, 0x26, 0xd8, 0x98, 0x47, 0x91, 0x68, 0x5b, ++ 0x9e, 0x39, 0xb2, 0x58, 0xbb, 0x75, 0xbf, 0x01, ++ 0x17, 0x0c, 0x84, 0x00, 0x01, 0x7a, 0x94, 0x83, ++ 0xf3, 0x0b, 0x15, 0x84, 0x4b, 0x69, 0x88, 0x8a ++}; ++ ++static const unsigned char msg_sha512[] = ++ { 0x37, 0xd1, 0x35, 0x9d, 0x18, 0x41, 0xe9, 0xb7, ++ 0x6d, 0x9a, 0x13, 0xda, 0x5f, 0xf3, 0xbd ++}; ++ ++static const unsigned char dig_sha512[] = ++ { 0x11, 0x13, 0xc4, 0x19, 0xed, 0x2b, 0x1d, 0x16, ++ 0x11, 0xeb, 0x9b, 0xbe, 0xf0, 0x7f, 0xcf, 0x44, ++ 0x8b, 0xd7, 0x57, 0xbd, 0x8d, 0xa9, 0x25, 0xb0, ++ 0x47, 0x25, 0xd6, 0x6c, 0x9a, 0x54, 0x7f, 0x8f, ++ 0x0b, 0x53, 0x1a, 0x10, 0x68, 0x32, 0x03, 0x38, ++ 0x82, 0xc4, 0x87, 0xc4, 0xea, 0x0e, 0xd1, 0x04, ++ 0xa9, 0x98, 0xc1, 0x05, 0xa3, 0xf3, 0xf8, 0xb1, ++ 0xaf, 0xbc, 0xd9, 0x78, 0x7e, 0xee, 0x3d, 0x43 ++}; ++ ++int FIPS_selftest_sha2(void) ++{ ++ unsigned char md[SHA512_DIGEST_LENGTH]; ++ ++ EVP_Digest(msg_sha256, sizeof(msg_sha256), md, NULL, EVP_sha256(), NULL); ++ if (memcmp(dig_sha256, md, sizeof(dig_sha256))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_SHA2, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ EVP_Digest(msg_sha512, sizeof(msg_sha512), md, NULL, EVP_sha512(), NULL); ++ if (memcmp(dig_sha512, md, sizeof(dig_sha512))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST_SHA2, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ return 1; ++} ++ ++static const unsigned char msg_sha3_256[] = { ++ 0xa1, 0xd7, 0xce, 0x51, 0x04, 0xeb, 0x25, 0xd6, ++ 0x13, 0x1b, 0xb8, 0xf6, 0x6e, 0x1f, 0xb1, 0x3f, ++ 0x35, 0x23 ++}; ++ ++static const unsigned char dig_sha3_256[] = { ++ 0xee, 0x90, 0x62, 0xf3, 0x97, 0x20, 0xb8, 0x21, ++ 0xb8, 0x8b, 0xe5, 0xe6, 0x46, 0x21, 0xd7, 0xe0, ++ 0xca, 0x02, 0x6a, 0x9f, 0xe7, 0x24, 0x8d, 0x78, ++ 0x15, 0x0b, 0x14, 0xbd, 0xba, 0xa4, 0x0b, 0xed ++}; ++ ++static const unsigned char msg_sha3_512[] = { ++ 0x13, 0x3b, 0x49, 0x7b, 0x00, 0x93, 0x27, 0x73, ++ 0xa5, 0x3b, 0xa9, 0xbf, 0x8e, 0x61, 0xd5, 0x9f, ++ 0x05, 0xf4 ++}; ++ ++static const unsigned char dig_sha3_512[] = { ++ 0x78, 0x39, 0x64, 0xa1, 0xcf, 0x41, 0xd6, 0xd2, ++ 0x10, 0xa8, 0xd7, 0xc8, 0x1c, 0xe6, 0x97, 0x0a, ++ 0xa6, 0x2c, 0x90, 0x53, 0xcb, 0x89, 0xe1, 0x5f, ++ 0x88, 0x05, 0x39, 0x57, 0xec, 0xf6, 0x07, 0xf4, ++ 0x2a, 0xf0, 0x88, 0x04, 0xe7, 0x6f, 0x2f, 0xbd, ++ 0xbb, 0x31, 0x80, 0x9c, 0x9e, 0xef, 0xc6, 0x0e, ++ 0x23, 0x3d, 0x66, 0x24, 0x36, 0x7a, 0x3b, 0x9c, ++ 0x30, 0xf8, 0xee, 0x5f, 0x65, 0xbe, 0x56, 0xac ++}; ++ ++static const unsigned char msg_shake_128[] = { ++ 0x43, 0xbd, 0xb1, 0x1e, 0xac, 0x71, 0x03, 0x1f, ++ 0x02, 0xa1, 0x1c, 0x15, 0xa1, 0x88, 0x5f, 0xa4, ++ 0x28, 0x98 ++}; ++ ++static const unsigned char dig_shake_128[] = { ++ 0xde, 0x68, 0x02, 0x7d, 0xa1, 0x30, 0x66, 0x3a, ++ 0x73, 0x98, 0x0e, 0x35, 0x25, 0xb8, 0x8c, 0x75 ++}; ++ ++static const unsigned char msg_shake_256[] = { ++ 0x8f, 0x84, 0xa3, 0x7d, 0xbd, 0x44, 0xd0, 0xf6, ++ 0x95, 0x36, 0xc5, 0xf4, 0x44, 0x6b, 0xa3, 0x23, ++ 0x9b, 0xfc ++}; ++ ++static const unsigned char dig_shake_256[] = { ++ 0x05, 0xca, 0x83, 0x5e, 0x0c, 0xdb, 0xfa, 0xf5, ++ 0x95, 0xc6, 0x86, 0x7e, 0x2d, 0x9d, 0xb9, 0x3f, ++ 0xca, 0x9c, 0x8b, 0xc6, 0x65, 0x02, 0x2e, 0xdd, ++ 0x6f, 0xe7, 0xb3, 0xda, 0x5e, 0x07, 0xc4, 0xcf ++}; ++ ++int FIPS_selftest_sha3(void) ++{ ++ unsigned char md[SHA512_DIGEST_LENGTH]; ++ ++ EVP_Digest(msg_sha3_256, sizeof(msg_sha3_256), md, NULL, EVP_sha3_256(), NULL); ++ if (memcmp(dig_sha3_256, md, sizeof(dig_sha3_256))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ EVP_Digest(msg_sha3_512, sizeof(msg_sha3_512), md, NULL, EVP_sha3_512(), NULL); ++ if (memcmp(dig_sha3_512, md, sizeof(dig_sha3_512))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ EVP_Digest(msg_shake_128, sizeof(msg_shake_128), md, NULL, EVP_shake128(), NULL); ++ if (memcmp(dig_shake_128, md, sizeof(dig_shake_128))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ EVP_Digest(msg_shake_256, sizeof(msg_shake_256), md, NULL, EVP_shake256(), NULL); ++ if (memcmp(dig_shake_256, md, sizeof(dig_shake_256))) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ return 1; ++} ++ ++#endif +diff -up openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c +--- openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c 2020-03-17 17:30:52.050566973 +0100 +@@ -0,0 +1,127 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++int main(int argc, char **argv) ++{ ++#ifdef OPENSSL_FIPS ++ static char key[] = "orboDeJITITejsirpADONivirpUkvarP"; ++ int n, binary = 0; ++ ++ if (argc < 2) { ++ fprintf(stderr, "%s []+\n", argv[0]); ++ exit(1); ++ } ++ ++ n = 1; ++ if (!strcmp(argv[n], "-binary")) { ++ n++; ++ binary = 1; /* emit binary fingerprint... */ ++ } ++ ++ for (; n < argc; ++n) { ++ FILE *f = fopen(argv[n], "rb"); ++ HMAC_CTX *hmac_ctx; ++ unsigned char mac[EVP_MAX_MD_SIZE]; ++ unsigned int len; ++ unsigned int i; ++ ++ if (!f) { ++ perror(argv[n]); ++ exit(2); ++ } ++ hmac_ctx = HMAC_CTX_new(); ++ if (!hmac_ctx) ++ exit(3); ++ ++ if (HMAC_Init_ex(hmac_ctx, key, strlen(key), EVP_sha256(), NULL) <= 0) { ++ fprintf(stderr, "HMAC SHA256 initialization failed.\n"); ++ exit(4); ++ } ++ ++ for (;;) { ++ unsigned char buf[1024]; ++ size_t l = fread(buf, 1, sizeof buf, f); ++ ++ if (l == 0) { ++ if (ferror(f)) { ++ perror(argv[n]); ++ exit(3); ++ } else ++ break; ++ } ++ if (HMAC_Update(hmac_ctx, buf, l) <= 0) { ++ fprintf(stderr, "HMAC_Update() failed.\n"); ++ exit(4); ++ } ++ } ++ if (HMAC_Final(hmac_ctx, mac, &len) <= 0) { ++ fprintf(stderr, "HMAC_Final() failed.\n"); ++ exit(4); ++ } ++ ++ if (binary) { ++ fwrite(mac, len, 1, stdout); ++ break; /* ... for single(!) file */ ++ } ++ ++/* printf("HMAC-SHA1(%s)= ",argv[n]); */ ++ for (i = 0; i < len; ++i) ++ printf("%02x", mac[i]); ++ printf("\n"); ++ } ++#endif ++ return 0; ++} +diff -up openssl-1.1.1e/crypto/hmac/hmac.c.fips openssl-1.1.1e/crypto/hmac/hmac.c +--- openssl-1.1.1e/crypto/hmac/hmac.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/hmac/hmac.c 2020-03-17 17:38:16.969802663 +0100 +@@ -44,6 +44,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo + return 0; + + if (key != NULL) { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(EVP_MD_flags(md) & EVP_MD_FLAG_FIPS) ++ && (!EVP_MD_CTX_test_flags(ctx->md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) ++ || !EVP_MD_CTX_test_flags(ctx->i_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) ++ || !EVP_MD_CTX_test_flags(ctx->o_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW))) ++ goto err; ++#endif + reset = 1; + + j = EVP_MD_block_size(md); +diff -up openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1e/crypto/hmac/hm_pmeth.c +--- openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/hmac/hm_pmeth.c 2020-03-17 17:30:52.051566956 +0100 +@@ -180,7 +180,7 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_C + + const EVP_PKEY_METHOD hmac_pkey_meth = { + EVP_PKEY_HMAC, +- 0, ++ EVP_PKEY_FLAG_FIPS, + pkey_hmac_init, + pkey_hmac_copy, + pkey_hmac_cleanup, +diff -up openssl-1.1.1e/include/crypto/fips.h.fips openssl-1.1.1e/include/crypto/fips.h +--- openssl-1.1.1e/include/crypto/fips.h.fips 2020-03-17 17:30:52.051566956 +0100 ++++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 17:30:52.051566956 +0100 +@@ -0,0 +1,98 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++ ++#ifndef OPENSSL_FIPS ++# error FIPS is disabled. ++#endif ++ ++#ifdef OPENSSL_FIPS ++ ++int FIPS_module_mode_set(int onoff); ++int FIPS_module_mode(void); ++int FIPS_module_installed(void); ++int FIPS_selftest_sha1(void); ++int FIPS_selftest_sha2(void); ++int FIPS_selftest_sha3(void); ++int FIPS_selftest_aes_ccm(void); ++int FIPS_selftest_aes_gcm(void); ++int FIPS_selftest_aes_xts(void); ++int FIPS_selftest_aes(void); ++int FIPS_selftest_des(void); ++int FIPS_selftest_rsa(void); ++int FIPS_selftest_dsa(void); ++int FIPS_selftest_ecdsa(void); ++int FIPS_selftest_ecdh(void); ++int FIPS_selftest_dh(void); ++void FIPS_drbg_stick(int onoff); ++int FIPS_selftest_hmac(void); ++int FIPS_selftest_drbg(void); ++int FIPS_selftest_cmac(void); ++ ++int fips_pkey_signature_test(EVP_PKEY *pkey, ++ const unsigned char *tbs, int tbslen, ++ const unsigned char *kat, ++ unsigned int katlen, ++ const EVP_MD *digest, ++ unsigned int md_flags, const char *fail_str); ++ ++int fips_cipher_test(EVP_CIPHER_CTX *ctx, ++ const EVP_CIPHER *cipher, ++ const unsigned char *key, ++ const unsigned char *iv, ++ const unsigned char *plaintext, ++ const unsigned char *ciphertext, int len); ++ ++void fips_set_selftest_fail(void); ++ ++void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); ++ ++#endif +diff -up openssl-1.1.1e/crypto/o_fips.c.fips openssl-1.1.1e/crypto/o_fips.c +--- openssl-1.1.1e/crypto/o_fips.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/o_fips.c 2020-03-17 17:30:52.052566939 +0100 +@@ -8,17 +8,28 @@ + */ + + #include "internal/cryptlib.h" ++#include "crypto/fips.h" + + int FIPS_mode(void) + { ++#ifdef OPENSSL_FIPS ++ return FIPS_module_mode(); ++#else + /* This version of the library does not support FIPS mode. */ + return 0; ++#endif + } + + int FIPS_mode_set(int r) + { ++#ifdef OPENSSL_FIPS ++ if (r && FIPS_module_mode()) /* can be implicitly initialized by OPENSSL_init() */ ++ return 1; ++ return FIPS_module_mode_set(r); ++#else + if (r == 0) + return 1; + CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED); + return 0; ++#endif + } +diff -up openssl-1.1.1e/crypto/o_init.c.fips openssl-1.1.1e/crypto/o_init.c +--- openssl-1.1.1e/crypto/o_init.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/o_init.c 2020-03-17 17:30:52.052566939 +0100 +@@ -7,8 +7,69 @@ + * https://www.openssl.org/source/license.html + */ + ++/* for secure_getenv */ ++#define _GNU_SOURCE + #include "e_os.h" + #include ++#ifdef OPENSSL_FIPS ++# include ++# include ++# include ++# include ++# include ++# include ++# include ++# include ++# include "crypto/fips.h" ++ ++# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" ++ ++static void init_fips_mode(void) ++{ ++ char buf[2] = "0"; ++ int fd; ++ ++ if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) { ++ buf[0] = '1'; ++ } else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) { ++ while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR) ; ++ close(fd); ++ } ++ ++ if (buf[0] != '1' && !FIPS_module_installed()) ++ return; ++ ++ /* Ensure the selftests always run */ ++ /* XXX: TO SOLVE - premature initialization due to selftests */ ++ FIPS_mode_set(1); ++ ++ /* Failure reading the fips mode switch file means just not ++ * switching into FIPS mode. We would break too many things ++ * otherwise.. ++ */ ++ ++ if (buf[0] != '1') { ++ /* drop down to non-FIPS mode if it is not requested */ ++ FIPS_mode_set(0); ++ } else { ++ /* abort if selftest failed */ ++ FIPS_selftest_check(); ++ } ++} ++ ++/* ++ * Perform FIPS module power on selftest and automatic FIPS mode switch. ++ */ ++ ++void __attribute__ ((constructor)) OPENSSL_init_library(void) ++{ ++ static int done = 0; ++ if (done) ++ return; ++ done = 1; ++ init_fips_mode(); ++} ++#endif + + /* + * Perform any essential OpenSSL initialization operations. Currently does +diff -up openssl-1.1.1e/crypto/rand/rand_lib.c.fips openssl-1.1.1e/crypto/rand/rand_lib.c +--- openssl-1.1.1e/crypto/rand/rand_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/rand_lib.c 2020-03-17 17:35:56.471259207 +0100 +@@ -16,6 +16,10 @@ + #include "internal/thread_once.h" + #include "rand_local.h" + #include "e_os.h" ++#ifdef OPENSSL_FIPS ++# include ++# include ++#endif + + #ifndef OPENSSL_NO_ENGINE + /* non-NULL if default_RAND_meth is ENGINE-provided */ +@@ -961,3 +965,15 @@ int RAND_status(void) + return meth->status(); + return 0; + } ++ ++#ifdef OPENSSL_FIPS ++void RAND_set_fips_drbg_type(int type, int flags) ++{ /* just a stub for ABI compatibility */ ++} ++ ++int RAND_init_fips(void) ++{ ++ /* just a stub for ABI compatibility */ ++ return 1; ++} ++#endif +diff -up openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1e/crypto/rsa/rsa_crpt.c +--- openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_crpt.c 2020-03-17 17:30:52.055566886 +0100 +@@ -27,24 +27,52 @@ int RSA_size(const RSA *r) + int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, + RSA *rsa, int padding) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) ++ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_PUBLIC_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD); ++ return -1; ++ } ++#endif + return rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding); + } + + int RSA_private_encrypt(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, ++ RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); ++ return -1; ++ } ++#endif + return rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding); + } + + int RSA_private_decrypt(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) ++ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_PRIVATE_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD); ++ return -1; ++ } ++#endif + return rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding); + } + + int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, + RSA *rsa, int padding) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, ++ RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); ++ return -1; ++ } ++#endif + return rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding); + } + +diff -up openssl-1.1.1e/crypto/rsa/rsa_err.c.fips openssl-1.1.1e/crypto/rsa/rsa_err.c +--- openssl-1.1.1e/crypto/rsa/rsa_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_err.c 2020-03-17 17:30:52.055566886 +0100 +@@ -16,6 +16,8 @@ + static const ERR_STRING_DATA RSA_str_functs[] = { + {ERR_PACK(ERR_LIB_RSA, RSA_F_CHECK_PADDING_MD, 0), "check_padding_md"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_ENCODE_PKCS1, 0), "encode_pkcs1"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_FIPS_RSA_BUILTIN_KEYGEN, 0), ++ "fips_rsa_builtin_keygen"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_INT_RSA_VERIFY, 0), "int_rsa_verify"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_OLD_RSA_PRIV_DECODE, 0), + "old_rsa_priv_decode"}, +@@ -32,6 +34,9 @@ static const ERR_STRING_DATA RSA_str_fun + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CHECK_KEY_EX, 0), "RSA_check_key_ex"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_DECRYPT, 0), "rsa_cms_decrypt"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_VERIFY, 0), "rsa_cms_verify"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_KEY_EX, 0), "RSA_generate_key_ex"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, 0), ++ "RSA_generate_multi_prime_key"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_ITEM_VERIFY, 0), "rsa_item_verify"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_DUP, 0), "RSA_meth_dup"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_NEW, 0), "RSA_meth_new"}, +@@ -90,9 +95,13 @@ static const ERR_STRING_DATA RSA_str_fun + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRINT_FP, 0), "RSA_print_fp"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_DECODE, 0), "rsa_priv_decode"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_ENCODE, 0), "rsa_priv_encode"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_DECRYPT, 0), "RSA_private_decrypt"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_ENCRYPT, 0), "RSA_private_encrypt"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_GET_PARAM, 0), "rsa_pss_get_param"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_TO_CTX, 0), "rsa_pss_to_ctx"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUB_DECODE, 0), "rsa_pub_decode"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUBLIC_DECRYPT, 0), "RSA_public_decrypt"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUBLIC_ENCRYPT, 0), "RSA_public_encrypt"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SETUP_BLINDING, 0), "RSA_setup_blinding"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN, 0), "RSA_sign"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN_ASN1_OCTET_STRING, 0), +@@ -102,6 +111,8 @@ static const ERR_STRING_DATA RSA_str_fun + "RSA_verify_ASN1_OCTET_STRING"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, 0), + "RSA_verify_PKCS1_PSS_mgf1"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_DEFAULT_METHOD, 0), "RSA_set_default_method"}, ++ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_METHOD, 0), "RSA_set_method"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_SETUP_TBUF, 0), "setup_tbuf"}, + {0, NULL} + }; +@@ -183,6 +194,7 @@ static const ERR_STRING_DATA RSA_str_rea + "mp exponent not congruent to d"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MP_R_NOT_PRIME), "mp r not prime"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"}, ++ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NON_FIPS_RSA_METHOD), "non FIPS rsa method"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NULL_BEFORE_BLOCK_MISSING), + "null before block missing"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES), +@@ -191,6 +203,8 @@ static const ERR_STRING_DATA RSA_str_rea + "n does not equal p q"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OAEP_DECODING_ERROR), + "oaep decoding error"}, ++ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE), ++ "operation not allowed in FIPS mode"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), + "operation not supported for this keytype"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PADDING_CHECK_FAILED), +@@ -226,6 +240,8 @@ static const ERR_STRING_DATA RSA_str_rea + "unsupported mask algorithm"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_MASK_PARAMETER), + "unsupported mask parameter"}, ++ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_PARAMETERS), ++ "unsupported parameters"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_SIGNATURE_TYPE), + "unsupported signature type"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_VALUE_MISSING), "value missing"}, +diff -up openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips openssl-1.1.1e/crypto/rsa/rsa_gen.c +--- openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_gen.c 2020-03-17 17:33:55.560367363 +0100 +@@ -18,6 +18,76 @@ + #include "internal/cryptlib.h" + #include + #include "rsa_local.h" ++#ifdef OPENSSL_FIPS ++# include ++# include "crypto/fips.h" ++ ++int fips_check_rsa(RSA *rsa) ++{ ++ const unsigned char tbs[] = "RSA Pairwise Check Data"; ++ unsigned char *ctbuf = NULL, *ptbuf = NULL; ++ int len, ret = 0; ++ EVP_PKEY *pk; ++ ++ if ((pk = EVP_PKEY_new()) == NULL) ++ goto err; ++ ++ EVP_PKEY_set1_RSA(pk, rsa); ++ ++ /* Perform pairwise consistency signature test */ ++ if (!fips_pkey_signature_test(pk, tbs, -1, ++ NULL, 0, EVP_sha256(), ++ EVP_MD_CTX_FLAG_PAD_PKCS1, NULL) ++ || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha256(), ++ EVP_MD_CTX_FLAG_PAD_PSS, NULL)) ++ goto err; ++ /* Now perform pairwise consistency encrypt/decrypt test */ ++ ctbuf = OPENSSL_malloc(RSA_size(rsa)); ++ if (!ctbuf) ++ goto err; ++ ++ len = ++ RSA_public_encrypt(sizeof(tbs) - 1, tbs, ctbuf, rsa, ++ RSA_PKCS1_PADDING); ++ if (len <= 0) ++ goto err; ++ /* Check ciphertext doesn't match plaintext */ ++ if ((len == (sizeof(tbs) - 1)) && !memcmp(tbs, ctbuf, len)) ++ goto err; ++ ptbuf = OPENSSL_malloc(RSA_size(rsa)); ++ ++ if (!ptbuf) ++ goto err; ++ len = RSA_private_decrypt(len, ctbuf, ptbuf, rsa, RSA_PKCS1_PADDING); ++ if (len != (sizeof(tbs) - 1)) ++ goto err; ++ if (memcmp(ptbuf, tbs, len)) ++ goto err; ++ ++ ret = 1; ++ ++ if (!ptbuf) ++ goto err; ++ ++ err: ++ if (ret == 0) { ++ fips_set_selftest_fail(); ++ FIPSerr(FIPS_F_FIPS_CHECK_RSA, FIPS_R_PAIRWISE_TEST_FAILED); ++ } ++ ++ if (ctbuf) ++ OPENSSL_free(ctbuf); ++ if (ptbuf) ++ OPENSSL_free(ptbuf); ++ if (pk) ++ EVP_PKEY_free(pk); ++ ++ return ret; ++} ++ ++static int fips_rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, ++ BN_GENCB *cb); ++#endif + + static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, + BN_GENCB *cb); +@@ -31,6 +101,13 @@ static int rsa_builtin_keygen(RSA *rsa, + */ + int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) ++ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_GENERATE_KEY_EX, RSA_R_NON_FIPS_RSA_METHOD); ++ return 0; ++ } ++#endif + if (rsa->meth->rsa_keygen != NULL) + return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); + +@@ -41,6 +118,13 @@ int RSA_generate_key_ex(RSA *rsa, int bi + int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, + BIGNUM *e_value, BN_GENCB *cb) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) ++ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, RSA_R_NON_FIPS_RSA_METHOD); ++ return 0; ++ } ++#endif + /* multi-prime is only supported with the builtin key generation */ + if (rsa->meth->rsa_multi_prime_keygen != NULL) { + return rsa->meth->rsa_multi_prime_keygen(rsa, bits, primes, +@@ -57,10 +141,285 @@ int RSA_generate_multi_prime_key(RSA *rs + else + return 0; + } +- ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (primes != 2) { ++ RSAerr(RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, RSA_R_UNSUPPORTED_PARAMETERS); ++ return 0; ++ } ++ return fips_rsa_builtin_keygen(rsa, bits, e_value, cb); ++ } ++#endif + return rsa_builtin_keygen(rsa, bits, primes, e_value, cb); + } + ++#ifdef OPENSSL_FIPS ++static int fips_rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, ++ BN_GENCB *cb) ++{ ++ BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp; ++ BN_CTX *ctx = NULL; ++ int ok = -1; ++ int i; ++ int n = 0; ++ int test = 0; ++ int pbits = bits / 2; ++ unsigned long error = 0; ++ ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_FIPS_SELFTEST_FAILED); ++ return 0; ++ } ++ ++ if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS ++ || (getenv("OPENSSL_ENFORCE_MODULUS_BITS") && bits < 2048)) { ++ FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_KEY_TOO_SHORT); ++ return 0; ++ } ++ if ((pbits & 0xFF) != 0) { ++ FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_INVALID_KEY_LENGTH); ++ return 0; ++ } ++ ++ ctx = BN_CTX_new(); ++ if (ctx == NULL) ++ goto err; ++ BN_CTX_start(ctx); ++ r0 = BN_CTX_get(ctx); ++ r1 = BN_CTX_get(ctx); ++ r2 = BN_CTX_get(ctx); ++ r3 = BN_CTX_get(ctx); ++ ++ if (r3 == NULL) ++ goto err; ++ ++ /* We need the RSA components non-NULL */ ++ if (!rsa->n && ((rsa->n = BN_new()) == NULL)) ++ goto err; ++ if (!rsa->d && ((rsa->d = BN_secure_new()) == NULL)) ++ goto err; ++ if (!rsa->e && ((rsa->e = BN_new()) == NULL)) ++ goto err; ++ if (!rsa->p && ((rsa->p = BN_secure_new()) == NULL)) ++ goto err; ++ if (!rsa->q && ((rsa->q = BN_secure_new()) == NULL)) ++ goto err; ++ if (!rsa->dmp1 && ((rsa->dmp1 = BN_secure_new()) == NULL)) ++ goto err; ++ if (!rsa->dmq1 && ((rsa->dmq1 = BN_secure_new()) == NULL)) ++ goto err; ++ if (!rsa->iqmp && ((rsa->iqmp = BN_secure_new()) == NULL)) ++ goto err; ++ ++ if (!BN_set_word(r0, RSA_F4)) ++ goto err; ++ if (BN_cmp(e_value, r0) < 0 || BN_num_bits(e_value) > 256) { ++ ok = 0; /* we set our own err */ ++ RSAerr(RSA_F_FIPS_RSA_BUILTIN_KEYGEN, RSA_R_BAD_E_VALUE); ++ goto err; ++ } ++ ++ /* prepare approximate minimum p and q */ ++ if (!BN_set_word(r0, 0xB504F334)) ++ goto err; ++ if (!BN_lshift(r0, r0, pbits - 32)) ++ goto err; ++ ++ /* prepare minimum p and q difference */ ++ if (!BN_one(r3)) ++ goto err; ++ if (!BN_lshift(r3, r3, pbits - 100)) ++ goto err; ++ ++ BN_copy(rsa->e, e_value); ++ ++ if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q)) ++ test = 1; ++ ++ BN_set_flags(r0, BN_FLG_CONSTTIME); ++ BN_set_flags(r1, BN_FLG_CONSTTIME); ++ BN_set_flags(r2, BN_FLG_CONSTTIME); ++ BN_set_flags(rsa->p, BN_FLG_CONSTTIME); ++ BN_set_flags(rsa->q, BN_FLG_CONSTTIME); ++ ++ retry: ++ /* generate p and q */ ++ for (i = 0; i < 5 * pbits; i++) { ++ ploop: ++ if (!test) ++ if (!BN_rand(rsa->p, pbits, 0, 1)) ++ goto err; ++ if (BN_cmp(rsa->p, r0) < 0) { ++ if (test) ++ goto err; ++ goto ploop; ++ } ++ ++ if (!BN_sub(r2, rsa->p, BN_value_one())) ++ goto err; ++ ERR_set_mark(); ++ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) { ++ /* GCD == 1 since inverse exists */ ++ int r; ++ r = BN_is_prime_fasttest_ex(rsa->p, pbits > 1024 ? 4 : 5, ctx, 0, ++ cb); ++ if (r == -1 || (test && r <= 0)) ++ goto err; ++ if (r > 0) ++ break; ++ } else { ++ error = ERR_peek_last_error(); ++ if (ERR_GET_LIB(error) == ERR_LIB_BN ++ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) { ++ /* GCD != 1 */ ++ ERR_pop_to_mark(); ++ } else { ++ goto err; ++ } ++ } ++ if (!BN_GENCB_call(cb, 2, n++)) ++ goto err; ++ } ++ ++ if (!BN_GENCB_call(cb, 3, 0)) ++ goto err; ++ ++ if (i >= 5 * pbits) ++ /* prime not found */ ++ goto err; ++ ++ for (i = 0; i < 5 * pbits; i++) { ++ qloop: ++ if (!test) ++ if (!BN_rand(rsa->q, pbits, 0, 1)) ++ goto err; ++ if (BN_cmp(rsa->q, r0) < 0) { ++ if (test) ++ goto err; ++ goto qloop; ++ } ++ if (!BN_sub(r2, rsa->q, rsa->p)) ++ goto err; ++ if (BN_ucmp(r2, r3) <= 0) { ++ if (test) ++ goto err; ++ goto qloop; ++ } ++ ++ if (!BN_sub(r2, rsa->q, BN_value_one())) ++ goto err; ++ ERR_set_mark(); ++ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) { ++ /* GCD == 1 since inverse exists */ ++ int r; ++ r = BN_is_prime_fasttest_ex(rsa->q, pbits > 1024 ? 4 : 5, ctx, 0, ++ cb); ++ if (r == -1 || (test && r <= 0)) ++ goto err; ++ if (r > 0) ++ break; ++ } else { ++ error = ERR_peek_last_error(); ++ if (ERR_GET_LIB(error) == ERR_LIB_BN ++ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) { ++ /* GCD != 1 */ ++ ERR_pop_to_mark(); ++ } else { ++ goto err; ++ } ++ } ++ if (!BN_GENCB_call(cb, 2, n++)) ++ goto err; ++ } ++ ++ if (!BN_GENCB_call(cb, 3, 1)) ++ goto err; ++ ++ if (i >= 5 * pbits) ++ /* prime not found */ ++ goto err; ++ ++ if (test) { ++ /* do not try to calculate the remaining key values */ ++ BN_clear(rsa->n); ++ ok = 1; ++ goto err; ++ } ++ ++ if (BN_cmp(rsa->p, rsa->q) < 0) { ++ tmp = rsa->p; ++ rsa->p = rsa->q; ++ rsa->q = tmp; ++ } ++ ++ /* calculate n */ ++ if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) ++ goto err; ++ ++ /* calculate d */ ++ if (!BN_sub(r1, rsa->p, BN_value_one())) ++ goto err; /* p-1 */ ++ if (!BN_sub(r2, rsa->q, BN_value_one())) ++ goto err; /* q-1 */ ++ ++ /* note that computing gcd is not safe to timing attacks */ ++ if (!BN_gcd(r0, r1, r2, ctx)) ++ goto err; ++ ++ { ++ if (!BN_div(r0, NULL, r1, r0, ctx)) ++ goto err; ++ ++ if (!BN_mul(r0, r0, r2, ctx)) /* lcm(p-1, q-1) */ ++ goto err; ++ ++ if (!BN_mod_inverse(rsa->d, rsa->e, r0, ctx)) /* d */ ++ goto err; ++ } ++ ++ if (BN_num_bits(rsa->d) < pbits) ++ goto retry; /* d is too small */ ++ ++ { ++ BIGNUM *d = BN_new(); ++ ++ if (d == NULL) ++ goto err; ++ BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); ++ ++ if (/* calculate d mod (p-1) */ ++ !BN_mod(rsa->dmp1, d, r1, ctx) ++ /* calculate d mod (q-1) */ ++ || !BN_mod(rsa->dmq1, d, r2, ctx)) { ++ BN_free(d); ++ goto err; ++ } ++ /* We MUST free d before any further use of rsa->d */ ++ BN_free(d); ++ } ++ ++ /* calculate inverse of q mod p */ ++ if (!BN_mod_inverse(rsa->iqmp, rsa->q, rsa->p, ctx)) ++ goto err; ++ ++ if (!fips_check_rsa(rsa)) ++ goto err; ++ ++ ok = 1; ++ err: ++ if (ok == -1) { ++ RSAerr(RSA_F_FIPS_RSA_BUILTIN_KEYGEN, ERR_LIB_BN); ++ ok = 0; ++ } ++ if (ctx != NULL) { ++ BN_CTX_end(ctx); ++ BN_CTX_free(ctx); ++ } ++ ++ return ok; ++} ++#endif ++ + static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, + BN_GENCB *cb) + { +diff -up openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips openssl-1.1.1e/crypto/rsa/rsa_lib.c +--- openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_lib.c 2020-03-17 17:30:52.056566869 +0100 +@@ -34,6 +34,12 @@ int RSA_set_method(RSA *rsa, const RSA_M + * to deal with which ENGINE it comes from. + */ + const RSA_METHOD *mtmp; ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) { ++ RSAerr(RSA_F_RSA_SET_METHOD, RSA_R_NON_FIPS_RSA_METHOD); ++ return 0; ++ } ++#endif + mtmp = rsa->meth; + if (mtmp->finish) + mtmp->finish(rsa); +@@ -66,7 +72,6 @@ RSA *RSA_new_method(ENGINE *engine) + + ret->meth = RSA_get_default_method(); + #ifndef OPENSSL_NO_ENGINE +- ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; + if (engine) { + if (!ENGINE_init(engine)) { + RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); +@@ -84,8 +89,19 @@ RSA *RSA_new_method(ENGINE *engine) + } + } + #endif ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(ret->meth->flags & RSA_FLAG_FIPS_METHOD)) { ++ RSAerr(RSA_F_RSA_NEW_METHOD, RSA_R_NON_FIPS_RSA_METHOD); ++# ifndef OPENSSL_NO_ENGINE ++ if (ret->engine) ++ ENGINE_finish(ret->engine); ++# endif ++ OPENSSL_free(ret); ++ return NULL; ++ } ++#endif + +- ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; ++ ret->flags = ret->meth->flags; + if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) { + goto err; + } +diff -up openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1e/crypto/rsa/rsa_ossl.c +--- openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_ossl.c 2020-03-17 17:34:32.289726964 +0100 +@@ -12,6 +12,10 @@ + #include "rsa_local.h" + #include "internal/constant_time.h" + ++#ifdef OPENSSL_FIPS ++# include ++#endif ++ + static int rsa_ossl_public_encrypt(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding); + static int rsa_ossl_private_encrypt(int flen, const unsigned char *from, +@@ -47,6 +51,12 @@ static const RSA_METHOD *default_RSA_met + + void RSA_set_default_method(const RSA_METHOD *meth) + { ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) { ++ RSAerr(RSA_F_RSA_SET_DEFAULT_METHOD, RSA_R_NON_FIPS_RSA_METHOD); ++ return; ++ } ++#endif + default_RSA_meth = meth; + } + +@@ -73,6 +83,22 @@ static int rsa_ossl_public_encrypt(int f + unsigned char *buf = NULL; + BN_CTX *ctx = NULL; + ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT, ++ FIPS_R_FIPS_SELFTEST_FAILED); ++ goto err; ++ } ++ ++ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { ++ RSAerr(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); ++ return -1; ++ } ++ } ++# endif ++ + if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { + RSAerr(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE); + return -1; +@@ -246,6 +272,22 @@ static int rsa_ossl_private_encrypt(int + BIGNUM *unblind = NULL; + BN_BLINDING *blinding = NULL; + ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT, ++ FIPS_R_FIPS_SELFTEST_FAILED); ++ return -1; ++ } ++ ++ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { ++ RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); ++ return -1; ++ } ++ } ++# endif ++ + if ((ctx = BN_CTX_new()) == NULL) + goto err; + BN_CTX_start(ctx); +@@ -380,6 +422,22 @@ static int rsa_ossl_private_decrypt(int + BIGNUM *unblind = NULL; + BN_BLINDING *blinding = NULL; + ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_RSA_OSSL_PRIVATE_DECRYPT, ++ FIPS_R_FIPS_SELFTEST_FAILED); ++ return -1; ++ } ++ ++ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { ++ RSAerr(RSA_F_RSA_OSSL_PRIVATE_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL); ++ return -1; ++ } ++ } ++# endif ++ + if ((ctx = BN_CTX_new()) == NULL) + goto err; + BN_CTX_start(ctx); +@@ -507,6 +565,22 @@ static int rsa_ossl_public_decrypt(int f + unsigned char *buf = NULL; + BN_CTX *ctx = NULL; + ++# ifdef OPENSSL_FIPS ++ if (FIPS_mode()) { ++ if (FIPS_selftest_failed()) { ++ FIPSerr(FIPS_F_RSA_OSSL_PUBLIC_DECRYPT, ++ FIPS_R_FIPS_SELFTEST_FAILED); ++ goto err; ++ } ++ ++ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) ++ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { ++ RSAerr(RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL); ++ return -1; ++ } ++ } ++# endif ++ + if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { + RSAerr(RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); + return -1; +diff -up openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1e/crypto/rsa/rsa_pmeth.c +--- openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_pmeth.c 2020-03-17 17:30:52.056566869 +0100 +@@ -756,7 +756,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX + + const EVP_PKEY_METHOD rsa_pkey_meth = { + EVP_PKEY_RSA, +- EVP_PKEY_FLAG_AUTOARGLEN, ++ EVP_PKEY_FLAG_AUTOARGLEN | EVP_PKEY_FLAG_FIPS, + pkey_rsa_init, + pkey_rsa_copy, + pkey_rsa_cleanup, +@@ -838,7 +838,7 @@ static int pkey_pss_init(EVP_PKEY_CTX *c + + const EVP_PKEY_METHOD rsa_pss_pkey_meth = { + EVP_PKEY_RSA_PSS, +- EVP_PKEY_FLAG_AUTOARGLEN, ++ EVP_PKEY_FLAG_AUTOARGLEN | EVP_PKEY_FLAG_FIPS, + pkey_rsa_init, + pkey_rsa_copy, + pkey_rsa_cleanup, +diff -up openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips openssl-1.1.1e/crypto/rsa/rsa_sign.c +--- openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_sign.c 2020-03-17 17:30:52.057566851 +0100 +@@ -73,6 +73,13 @@ int RSA_sign(int type, const unsigned ch + unsigned char *tmps = NULL; + const unsigned char *encoded = NULL; + ++#ifdef OPENSSL_FIPS ++ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) ++ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { ++ RSAerr(RSA_F_RSA_SIGN, RSA_R_NON_FIPS_RSA_METHOD); ++ return 0; ++ } ++#endif + if (rsa->meth->rsa_sign) { + return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa); + } +@@ -100,8 +107,9 @@ int RSA_sign(int type, const unsigned ch + RSAerr(RSA_F_RSA_SIGN, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); + goto err; + } +- encrypt_len = RSA_private_encrypt(encoded_len, encoded, sigret, rsa, +- RSA_PKCS1_PADDING); ++ /* NB: call underlying method directly to avoid FIPS blocking */ ++ encrypt_len = rsa->meth->rsa_priv_enc ? rsa->meth->rsa_priv_enc(encoded_len, encoded, sigret, rsa, ++ RSA_PKCS1_PADDING) : 0; + if (encrypt_len <= 0) + goto err; + +diff -up openssl-1.1.1e/crypto/sha/sha256.c.fips openssl-1.1.1e/crypto/sha/sha256.c +--- openssl-1.1.1e/crypto/sha/sha256.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/sha/sha256.c 2020-03-17 17:30:52.057566851 +0100 +@@ -18,6 +18,9 @@ + + int SHA224_Init(SHA256_CTX *c) + { ++# ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++# endif + memset(c, 0, sizeof(*c)); + c->h[0] = 0xc1059ed8UL; + c->h[1] = 0x367cd507UL; +@@ -33,6 +36,9 @@ int SHA224_Init(SHA256_CTX *c) + + int SHA256_Init(SHA256_CTX *c) + { ++# ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++# endif + memset(c, 0, sizeof(*c)); + c->h[0] = 0x6a09e667UL; + c->h[1] = 0xbb67ae85UL; +diff -up openssl-1.1.1e/crypto/sha/sha512.c.fips openssl-1.1.1e/crypto/sha/sha512.c +--- openssl-1.1.1e/crypto/sha/sha512.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/sha/sha512.c 2020-03-17 17:30:52.057566851 +0100 +@@ -98,6 +98,9 @@ int sha512_256_init(SHA512_CTX *c) + + int SHA384_Init(SHA512_CTX *c) + { ++# ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++# endif + c->h[0] = U64(0xcbbb9d5dc1059ed8); + c->h[1] = U64(0x629a292a367cd507); + c->h[2] = U64(0x9159015a3070dd17); +@@ -116,6 +119,9 @@ int SHA384_Init(SHA512_CTX *c) + + int SHA512_Init(SHA512_CTX *c) + { ++# ifdef OPENSSL_FIPS ++ FIPS_selftest_check(); ++# endif + c->h[0] = U64(0x6a09e667f3bcc908); + c->h[1] = U64(0xbb67ae8584caa73b); + c->h[2] = U64(0x3c6ef372fe94f82b); +diff -up openssl-1.1.1e/crypto/sha/sha_local.h.fips openssl-1.1.1e/crypto/sha/sha_local.h +--- openssl-1.1.1e/crypto/sha/sha_local.h.fips 2020-03-17 17:30:51.766571925 +0100 ++++ openssl-1.1.1e/crypto/sha/sha_local.h 2020-03-17 17:31:00.996410998 +0100 +@@ -52,6 +52,9 @@ void sha1_block_data_order(SHA_CTX *c, c + + int HASH_INIT(SHA_CTX *c) + { ++#if defined(OPENSSL_FIPS) ++ FIPS_selftest_check(); ++#endif + memset(c, 0, sizeof(*c)); + c->h0 = INIT_DATA_h0; + c->h1 = INIT_DATA_h1; +diff -up openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod +--- openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod 2020-03-17 17:31:00.996410998 +0100 +@@ -30,8 +30,10 @@ B is the length of the prime p to + For lengths under 2048 bits, the length of q is 160 bits; for lengths + greater than or equal to 2048 bits, the length of q is set to 256 bits. + +-If B is NULL, the primes will be generated at random. +-If B is less than the length of q, an error is returned. ++If B is NULL, or it does not generate primes, the primes will be ++generated at random. ++If B is less than the length of q, an error is returned ++if old DSA parameter generation method is used as a backend. + + DSA_generate_parameters_ex() places the iteration count in + *B and a counter used for finding a generator in +diff -up openssl-1.1.1e/include/openssl/crypto.h.fips openssl-1.1.1e/include/openssl/crypto.h +--- openssl-1.1.1e/include/openssl/crypto.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/crypto.h 2020-03-17 17:31:00.997410980 +0100 +@@ -331,6 +331,11 @@ int OPENSSL_isservice(void); + int FIPS_mode(void); + int FIPS_mode_set(int r); + ++# ifdef OPENSSL_FIPS ++/* die if FIPS selftest failed */ ++void FIPS_selftest_check(void); ++# endif ++ + void OPENSSL_init(void); + # ifdef OPENSSL_SYS_UNIX + void OPENSSL_fork_prepare(void); +diff -up openssl-1.1.1e/include/openssl/dherr.h.fips openssl-1.1.1e/include/openssl/dherr.h +--- openssl-1.1.1e/include/openssl/dherr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dherr.h 2020-03-17 17:31:00.998410963 +0100 +@@ -36,6 +36,9 @@ int ERR_load_DH_strings(void); + # define DH_F_DH_CMS_DECRYPT 114 + # define DH_F_DH_CMS_SET_PEERKEY 115 + # define DH_F_DH_CMS_SET_SHARED_INFO 116 ++# define DH_F_DH_COMPUTE_KEY 203 ++# define DH_F_DH_GENERATE_KEY 202 ++# define DH_F_DH_GENERATE_PARAMETERS_EX 201 + # define DH_F_DH_METH_DUP 117 + # define DH_F_DH_METH_NEW 118 + # define DH_F_DH_METH_SET1_NAME 119 +@@ -73,12 +76,14 @@ int ERR_load_DH_strings(void); + # define DH_R_INVALID_PARAMETER_NID 114 + # define DH_R_INVALID_PUBKEY 102 + # define DH_R_KDF_PARAMETER_ERROR 112 ++# define DH_R_KEY_SIZE_TOO_SMALL 201 + # define DH_R_KEYS_NOT_SET 108 + # define DH_R_MISSING_PUBKEY 125 + # define DH_R_MODULUS_TOO_LARGE 103 + # define DH_R_NOT_SUITABLE_GENERATOR 120 + # define DH_R_NO_PARAMETERS_SET 107 + # define DH_R_NO_PRIVATE_VALUE 100 ++# define DH_R_NON_FIPS_METHOD 202 + # define DH_R_PARAMETER_ENCODING_ERROR 105 + # define DH_R_PEER_KEY_ERROR 111 + # define DH_R_SHARED_INFO_ERROR 113 +diff -up openssl-1.1.1e/include/openssl/dh.h.fips openssl-1.1.1e/include/openssl/dh.h +--- openssl-1.1.1e/include/openssl/dh.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dh.h 2020-03-17 17:31:00.998410963 +0100 +@@ -31,6 +31,7 @@ extern "C" { + # endif + + # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 ++# define OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN 2048 + + # define DH_FLAG_CACHE_MONT_P 0x01 + +diff -up openssl-1.1.1e/include/openssl/dsaerr.h.fips openssl-1.1.1e/include/openssl/dsaerr.h +--- openssl-1.1.1e/include/openssl/dsaerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dsaerr.h 2020-03-17 17:31:00.999410945 +0100 +@@ -29,8 +29,11 @@ int ERR_load_DSA_strings(void); + */ + # define DSA_F_DSAPARAMS_PRINT 100 + # define DSA_F_DSAPARAMS_PRINT_FP 101 ++# define DSA_F_DSA_BUILTIN_KEYGEN 202 + # define DSA_F_DSA_BUILTIN_PARAMGEN 125 + # define DSA_F_DSA_BUILTIN_PARAMGEN2 126 ++# define DSA_F_DSA_GENERATE_KEY 201 ++# define DSA_F_DSA_GENERATE_PARAMETERS_EX 200 + # define DSA_F_DSA_DO_SIGN 112 + # define DSA_F_DSA_DO_VERIFY 113 + # define DSA_F_DSA_METH_DUP 127 +@@ -60,10 +63,13 @@ int ERR_load_DSA_strings(void); + # define DSA_R_DECODE_ERROR 104 + # define DSA_R_INVALID_DIGEST_TYPE 106 + # define DSA_R_INVALID_PARAMETERS 112 ++# define DSA_R_KEY_SIZE_INVALID 201 ++# define DSA_R_KEY_SIZE_TOO_SMALL 202 + # define DSA_R_MISSING_PARAMETERS 101 + # define DSA_R_MISSING_PRIVATE_KEY 111 + # define DSA_R_MODULUS_TOO_LARGE 103 + # define DSA_R_NO_PARAMETERS_SET 107 ++# define DSA_R_NON_FIPS_DSA_METHOD 200 + # define DSA_R_PARAMETER_ENCODING_ERROR 105 + # define DSA_R_Q_NOT_PRIME 113 + # define DSA_R_SEED_LEN_SMALL 110 +diff -up openssl-1.1.1e/include/openssl/dsa.h.fips openssl-1.1.1e/include/openssl/dsa.h +--- openssl-1.1.1e/include/openssl/dsa.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dsa.h 2020-03-17 17:31:01.000410928 +0100 +@@ -31,6 +31,7 @@ extern "C" { + # endif + + # define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024 ++# define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS_GEN 2048 + + # define DSA_FLAG_CACHE_MONT_P 0x01 + # if OPENSSL_API_COMPAT < 0x10100000L +diff -up openssl-1.1.1e/include/openssl/evperr.h.fips openssl-1.1.1e/include/openssl/evperr.h +--- openssl-1.1.1e/include/openssl/evperr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-17 17:31:01.000410928 +0100 +@@ -24,14 +24,15 @@ int ERR_load_EVP_strings(void); + * EVP function codes. + */ + # define EVP_F_AESNI_INIT_KEY 165 +-# define EVP_F_AESNI_XTS_INIT_KEY 207 ++# define EVP_F_AESNI_XTS_INIT_KEY 233 + # define EVP_F_AES_GCM_CTRL 196 + # define EVP_F_AES_INIT_KEY 133 + # define EVP_F_AES_OCB_CIPHER 169 + # define EVP_F_AES_T4_INIT_KEY 178 +-# define EVP_F_AES_T4_XTS_INIT_KEY 208 ++# define EVP_F_AES_T4_XTS_INIT_KEY 234 + # define EVP_F_AES_WRAP_CIPHER 170 +-# define EVP_F_AES_XTS_INIT_KEY 209 ++# define EVP_F_AES_XTS_CIPHER 229 ++# define EVP_F_AES_XTS_INIT_KEY 235 + # define EVP_F_ALG_MODULE_INIT 177 + # define EVP_F_ARIA_CCM_INIT_KEY 175 + # define EVP_F_ARIA_GCM_CTRL 197 +@@ -142,6 +143,7 @@ int ERR_load_EVP_strings(void); + # define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 + # define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 + # define EVP_R_DECODE_ERROR 114 ++# define EVP_R_DISABLED_FOR_FIPS 200 + # define EVP_R_DIFFERENT_KEY_TYPES 101 + # define EVP_R_DIFFERENT_PARAMETERS 153 + # define EVP_R_ERROR_LOADING_SECTION 165 +@@ -185,6 +187,7 @@ int ERR_load_EVP_strings(void); + # define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 + # define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 + # define EVP_R_PUBLIC_KEY_NOT_RSA 106 ++# define EVP_R_TOO_LARGE 201 + # define EVP_R_UNKNOWN_CIPHER 160 + # define EVP_R_UNKNOWN_DIGEST 161 + # define EVP_R_UNKNOWN_OPTION 169 +@@ -200,6 +203,7 @@ int ERR_load_EVP_strings(void); + # define EVP_R_UNSUPPORTED_SALT_TYPE 126 + # define EVP_R_WRAP_MODE_NOT_ALLOWED 170 + # define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 +-# define EVP_R_XTS_DUPLICATED_KEYS 183 ++# define EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE 191 ++# define EVP_R_XTS_DUPLICATED_KEYS 192 + + #endif +diff -up openssl-1.1.1e/include/openssl/evp.h.fips openssl-1.1.1e/include/openssl/evp.h +--- openssl-1.1.1e/include/openssl/evp.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/evp.h 2020-03-17 17:31:01.001410911 +0100 +@@ -1324,6 +1324,9 @@ void EVP_PKEY_asn1_set_security_bits(EVP + */ + # define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 + ++/* Downstream modification, large value to avoid conflict */ ++# define EVP_PKEY_FLAG_FIPS 0x4000 ++ + const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); + EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags); + void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, +diff -up openssl-1.1.1e/include/openssl/fips.h.fips openssl-1.1.1e/include/openssl/fips.h +--- openssl-1.1.1e/include/openssl/fips.h.fips 2020-03-17 17:31:01.002410893 +0100 ++++ openssl-1.1.1e/include/openssl/fips.h 2020-03-17 17:31:01.002410893 +0100 +@@ -0,0 +1,187 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++#include ++#include ++ ++#ifndef OPENSSL_FIPS ++# error FIPS is disabled. ++#endif ++ ++#ifdef OPENSSL_FIPS ++ ++# ifdef __cplusplus ++extern "C" { ++# endif ++ ++ int FIPS_selftest(void); ++ int FIPS_selftest_failed(void); ++ int FIPS_selftest_drbg_all(void); ++ ++ int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, ++ const EVP_MD *evpmd, const unsigned char *seed_in, ++ size_t seed_len, int idx, unsigned char *seed_out, ++ int *counter_ret, unsigned long *h_ret, ++ BN_GENCB *cb); ++ int FIPS_dsa_paramgen_check_g(DSA *dsa); ++ ++/* BEGIN ERROR CODES */ ++/* The following lines are auto generated by the script mkerr.pl. Any changes ++ * made after this point may be overwritten when the script is next run. ++ */ ++ int ERR_load_FIPS_strings(void); ++ ++/* Error codes for the FIPS functions. */ ++ ++/* Function codes. */ ++# define FIPS_F_DH_BUILTIN_GENPARAMS 100 ++# define FIPS_F_DRBG_RESEED 121 ++# define FIPS_F_DSA_BUILTIN_PARAMGEN2 107 ++# define FIPS_F_DSA_DO_SIGN 102 ++# define FIPS_F_DSA_DO_VERIFY 103 ++# define FIPS_F_EVP_CIPHER_CTX_NEW 137 ++# define FIPS_F_EVP_CIPHER_CTX_RESET 122 ++# define FIPS_F_ECDH_COMPUTE_KEY 123 ++# define FIPS_F_EVP_CIPHERINIT_EX 124 ++# define FIPS_F_EVP_DIGESTINIT_EX 125 ++# define FIPS_F_FIPS_CHECK_DSA 104 ++# define FIPS_F_FIPS_CHECK_EC 142 ++# define FIPS_F_FIPS_CHECK_RSA 106 ++# define FIPS_F_FIPS_DRBG_BYTES 131 ++# define FIPS_F_FIPS_DRBG_CHECK 146 ++# define FIPS_F_FIPS_DRBG_CPRNG_TEST 132 ++# define FIPS_F_FIPS_DRBG_ERROR_CHECK 136 ++# define FIPS_F_FIPS_DRBG_GENERATE 134 ++# define FIPS_F_FIPS_DRBG_INIT 135 ++# define FIPS_F_FIPS_DRBG_INSTANTIATE 138 ++# define FIPS_F_FIPS_DRBG_NEW 139 ++# define FIPS_F_FIPS_DRBG_RESEED 140 ++# define FIPS_F_FIPS_DRBG_SINGLE_KAT 141 ++# define FIPS_F_FIPS_GET_ENTROPY 147 ++# define FIPS_F_FIPS_MODULE_MODE_SET 108 ++# define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109 ++# define FIPS_F_FIPS_RAND_BYTES 114 ++# define FIPS_F_FIPS_RAND_SEED 128 ++# define FIPS_F_FIPS_RAND_SET_METHOD 126 ++# define FIPS_F_FIPS_RAND_STATUS 127 ++# define FIPS_F_FIPS_RSA_BUILTIN_KEYGEN 101 ++# define FIPS_F_FIPS_SELFTEST 150 ++# define FIPS_F_FIPS_SELFTEST_AES 110 ++# define FIPS_F_FIPS_SELFTEST_AES_CCM 145 ++# define FIPS_F_FIPS_SELFTEST_AES_GCM 129 ++# define FIPS_F_FIPS_SELFTEST_AES_XTS 144 ++# define FIPS_F_FIPS_SELFTEST_CMAC 130 ++# define FIPS_F_FIPS_SELFTEST_DES 111 ++# define FIPS_F_FIPS_SELFTEST_DSA 112 ++# define FIPS_F_FIPS_SELFTEST_ECDSA 133 ++# define FIPS_F_FIPS_SELFTEST_HMAC 113 ++# define FIPS_F_FIPS_SELFTEST_SHA1 115 ++# define FIPS_F_FIPS_SELFTEST_SHA2 105 ++# define FIPS_F_OSSL_ECDSA_SIGN_SIG 143 ++# define FIPS_F_OSSL_ECDSA_VERIFY_SIG 148 ++# define FIPS_F_RSA_BUILTIN_KEYGEN 116 ++# define FIPS_F_RSA_OSSL_INIT 149 ++# define FIPS_F_RSA_OSSL_PRIVATE_DECRYPT 117 ++# define FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT 118 ++# define FIPS_F_RSA_OSSL_PUBLIC_DECRYPT 119 ++# define FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT 120 ++ ++/* Reason codes. */ ++# define FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED 150 ++# define FIPS_R_ADDITIONAL_INPUT_TOO_LONG 125 ++# define FIPS_R_ALREADY_INSTANTIATED 134 ++# define FIPS_R_DRBG_NOT_INITIALISED 152 ++# define FIPS_R_DRBG_STUCK 103 ++# define FIPS_R_ENTROPY_ERROR_UNDETECTED 104 ++# define FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED 105 ++# define FIPS_R_ENTROPY_SOURCE_STUCK 142 ++# define FIPS_R_ERROR_INITIALISING_DRBG 115 ++# define FIPS_R_ERROR_INSTANTIATING_DRBG 127 ++# define FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT 124 ++# define FIPS_R_ERROR_RETRIEVING_ENTROPY 122 ++# define FIPS_R_ERROR_RETRIEVING_NONCE 140 ++# define FIPS_R_FINGERPRINT_DOES_NOT_MATCH 110 ++# define FIPS_R_FIPS_MODE_ALREADY_SET 102 ++# define FIPS_R_FIPS_SELFTEST_FAILED 106 ++# define FIPS_R_FUNCTION_ERROR 116 ++# define FIPS_R_GENERATE_ERROR 137 ++# define FIPS_R_GENERATE_ERROR_UNDETECTED 118 ++# define FIPS_R_INSTANTIATE_ERROR 119 ++# define FIPS_R_INTERNAL_ERROR 121 ++# define FIPS_R_INVALID_KEY_LENGTH 109 ++# define FIPS_R_IN_ERROR_STATE 123 ++# define FIPS_R_KEY_TOO_SHORT 108 ++# define FIPS_R_NONCE_ERROR_UNDETECTED 149 ++# define FIPS_R_NON_FIPS_METHOD 100 ++# define FIPS_R_NOPR_TEST1_FAILURE 145 ++# define FIPS_R_NOPR_TEST2_FAILURE 146 ++# define FIPS_R_NOT_INSTANTIATED 126 ++# define FIPS_R_PAIRWISE_TEST_FAILED 107 ++# define FIPS_R_PERSONALISATION_ERROR_UNDETECTED 128 ++# define FIPS_R_PERSONALISATION_STRING_TOO_LONG 129 ++# define FIPS_R_PR_TEST1_FAILURE 147 ++# define FIPS_R_PR_TEST2_FAILURE 148 ++# define FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED 130 ++# define FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG 131 ++# define FIPS_R_RESEED_COUNTER_ERROR 132 ++# define FIPS_R_RESEED_ERROR 133 ++# define FIPS_R_SELFTEST_FAILED 101 ++# define FIPS_R_SELFTEST_FAILURE 135 ++# define FIPS_R_TEST_FAILURE 117 ++# define FIPS_R_UNINSTANTIATE_ERROR 141 ++# define FIPS_R_UNINSTANTIATE_ZEROISE_ERROR 138 ++# define FIPS_R_UNSUPPORTED_DRBG_TYPE 139 ++# define FIPS_R_UNSUPPORTED_PLATFORM 113 ++ ++# ifdef __cplusplus ++} ++# endif ++#endif +diff -up openssl-1.1.1e/include/openssl/fips_rand.h.fips openssl-1.1.1e/include/openssl/fips_rand.h +--- openssl-1.1.1e/include/openssl/fips_rand.h.fips 2020-03-17 17:31:01.003410876 +0100 ++++ openssl-1.1.1e/include/openssl/fips_rand.h 2020-03-17 17:31:01.003410876 +0100 +@@ -0,0 +1,145 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#ifndef HEADER_FIPS_RAND_H ++# define HEADER_FIPS_RAND_H ++ ++# include ++# include ++# include ++# include ++ ++# ifdef OPENSSL_FIPS ++ ++# ifdef __cplusplus ++extern "C" { ++# endif ++ typedef struct drbg_ctx_st DRBG_CTX; ++/* DRBG external flags */ ++/* Flag for CTR mode only: use derivation function ctr_df */ ++# define DRBG_FLAG_CTR_USE_DF 0x1 ++/* PRNG is in test state */ ++# define DRBG_FLAG_TEST 0x2 ++ ++ DRBG_CTX *FIPS_drbg_new(int type, unsigned int flags); ++ int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags); ++ int FIPS_drbg_instantiate(DRBG_CTX *dctx, ++ const unsigned char *pers, size_t perslen); ++ int FIPS_drbg_reseed(DRBG_CTX *dctx, const unsigned char *adin, ++ size_t adinlen); ++ int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, ++ int prediction_resistance, ++ const unsigned char *adin, size_t adinlen); ++ ++ int FIPS_drbg_uninstantiate(DRBG_CTX *dctx); ++ void FIPS_drbg_free(DRBG_CTX *dctx); ++ ++ int FIPS_drbg_set_callbacks(DRBG_CTX *dctx, ++ size_t (*get_entropy) (DRBG_CTX *ctx, ++ unsigned char **pout, ++ int entropy, ++ size_t min_len, ++ size_t max_len), ++ void (*cleanup_entropy) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen), ++ size_t entropy_blocklen, ++ size_t (*get_nonce) (DRBG_CTX *ctx, ++ unsigned char **pout, ++ int entropy, ++ size_t min_len, ++ size_t max_len), ++ void (*cleanup_nonce) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen)); ++ ++ int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx, ++ size_t (*get_adin) (DRBG_CTX *ctx, ++ unsigned char ++ **pout), ++ void (*cleanup_adin) (DRBG_CTX *ctx, ++ unsigned char *out, ++ size_t olen), ++ int (*rand_seed_cb) (DRBG_CTX *ctx, ++ const void *buf, ++ int num), ++ int (*rand_add_cb) (DRBG_CTX *ctx, ++ const void *buf, ++ int num, ++ double entropy)); ++ ++ void *FIPS_drbg_get_app_data(DRBG_CTX *ctx); ++ void FIPS_drbg_set_app_data(DRBG_CTX *ctx, void *app_data); ++ size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx); ++ int FIPS_drbg_get_strength(DRBG_CTX *dctx); ++ void FIPS_drbg_set_check_interval(DRBG_CTX *dctx, int interval); ++ void FIPS_drbg_set_reseed_interval(DRBG_CTX *dctx, int interval); ++ ++ int FIPS_drbg_health_check(DRBG_CTX *dctx); ++ ++ DRBG_CTX *FIPS_get_default_drbg(void); ++ const RAND_METHOD *FIPS_drbg_method(void); ++ ++ int FIPS_rand_set_method(const RAND_METHOD *meth); ++ const RAND_METHOD *FIPS_rand_get_method(void); ++ ++ void FIPS_rand_set_bits(int nbits); ++ ++ int FIPS_rand_strength(void); ++ ++/* 1.0.0 compat functions */ ++ int FIPS_rand_seed(const void *buf, int num); ++ int FIPS_rand_bytes(unsigned char *out, int outlen); ++ void FIPS_rand_reset(void); ++ int FIPS_rand_status(void); ++# ifdef __cplusplus ++} ++# endif ++# endif ++#endif +diff -up openssl-1.1.1e/include/openssl/opensslconf.h.in.fips openssl-1.1.1e/include/openssl/opensslconf.h.in +--- openssl-1.1.1e/include/openssl/opensslconf.h.in.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/opensslconf.h.in 2020-03-17 17:31:01.003410876 +0100 +@@ -150,6 +150,11 @@ extern "C" { + + #define RC4_INT {- $config{rc4_int} -} + ++/* Always build FIPS module */ ++#ifndef OPENSSL_FIPS ++# define OPENSSL_FIPS ++#endif ++ + #ifdef __cplusplus + } + #endif +diff -up openssl-1.1.1e/include/openssl/randerr.h.fips openssl-1.1.1e/include/openssl/randerr.h +--- openssl-1.1.1e/include/openssl/randerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/randerr.h 2020-03-17 17:31:01.004410858 +0100 +@@ -38,6 +38,7 @@ int ERR_load_RAND_strings(void); + # define RAND_F_RAND_DRBG_SET 104 + # define RAND_F_RAND_DRBG_SET_DEFAULTS 121 + # define RAND_F_RAND_DRBG_UNINSTANTIATE 118 ++# define RAND_F_RAND_INIT_FIPS 200 + # define RAND_F_RAND_LOAD_FILE 111 + # define RAND_F_RAND_POOL_ACQUIRE_ENTROPY 122 + # define RAND_F_RAND_POOL_ADD 103 +diff -up openssl-1.1.1e/include/openssl/rand.h.fips openssl-1.1.1e/include/openssl/rand.h +--- openssl-1.1.1e/include/openssl/rand.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/rand.h 2020-03-17 17:31:01.004410858 +0100 +@@ -69,6 +69,11 @@ DEPRECATEDIN_1_1_0(void RAND_screen(void + DEPRECATEDIN_1_1_0(int RAND_event(UINT, WPARAM, LPARAM)) + # endif + ++# ifdef OPENSSL_FIPS ++/* just stubs for API compatibility */ ++void RAND_set_fips_drbg_type(int type, int flags); ++int RAND_init_fips(void); ++# endif + + #ifdef __cplusplus + } +diff -up openssl-1.1.1e/include/openssl/rsaerr.h.fips openssl-1.1.1e/include/openssl/rsaerr.h +--- openssl-1.1.1e/include/openssl/rsaerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/rsaerr.h 2020-03-17 17:31:01.005410841 +0100 +@@ -25,6 +25,7 @@ int ERR_load_RSA_strings(void); + */ + # define RSA_F_CHECK_PADDING_MD 140 + # define RSA_F_ENCODE_PKCS1 146 ++# define RSA_F_FIPS_RSA_BUILTIN_KEYGEN 206 + # define RSA_F_INT_RSA_VERIFY 145 + # define RSA_F_OLD_RSA_PRIV_DECODE 147 + # define RSA_F_PKEY_PSS_INIT 165 +@@ -39,6 +40,8 @@ int ERR_load_RSA_strings(void); + # define RSA_F_RSA_CHECK_KEY_EX 160 + # define RSA_F_RSA_CMS_DECRYPT 159 + # define RSA_F_RSA_CMS_VERIFY 158 ++# define RSA_F_RSA_GENERATE_KEY_EX 204 ++# define RSA_F_RSA_GENERATE_MULTI_PRIME_KEY 207 + # define RSA_F_RSA_ITEM_VERIFY 148 + # define RSA_F_RSA_METH_DUP 161 + # define RSA_F_RSA_METH_NEW 162 +@@ -76,10 +79,16 @@ int ERR_load_RSA_strings(void); + # define RSA_F_RSA_PRINT_FP 116 + # define RSA_F_RSA_PRIV_DECODE 150 + # define RSA_F_RSA_PRIV_ENCODE 138 ++# define RSA_F_RSA_PRIVATE_DECRYPT 200 ++# define RSA_F_RSA_PRIVATE_ENCRYPT 201 + # define RSA_F_RSA_PSS_GET_PARAM 151 + # define RSA_F_RSA_PSS_TO_CTX 155 + # define RSA_F_RSA_PUB_DECODE 139 ++# define RSA_F_RSA_PUBLIC_DECRYPT 202 ++# define RSA_F_RSA_PUBLIC_ENCRYPT 203 + # define RSA_F_RSA_SETUP_BLINDING 136 ++# define RSA_F_RSA_SET_DEFAULT_METHOD 205 ++# define RSA_F_RSA_SET_METHOD 204 + # define RSA_F_RSA_SIGN 117 + # define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 + # define RSA_F_RSA_VERIFY 119 +@@ -137,10 +146,12 @@ int ERR_load_RSA_strings(void); + # define RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D 169 + # define RSA_R_MP_R_NOT_PRIME 170 + # define RSA_R_NO_PUBLIC_EXPONENT 140 ++# define RSA_R_NON_FIPS_RSA_METHOD 200 + # define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 + # define RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES 172 + # define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 + # define RSA_R_OAEP_DECODING_ERROR 121 ++# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 201 + # define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 + # define RSA_R_PADDING_CHECK_FAILED 114 + # define RSA_R_PKCS_DECODING_ERROR 159 +@@ -160,6 +171,7 @@ int ERR_load_RSA_strings(void); + # define RSA_R_UNSUPPORTED_LABEL_SOURCE 163 + # define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153 + # define RSA_R_UNSUPPORTED_MASK_PARAMETER 154 ++# define RSA_R_UNSUPPORTED_PARAMETERS 202 + # define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155 + # define RSA_R_VALUE_MISSING 147 + # define RSA_R_WRONG_SIGNATURE_LENGTH 119 +diff -up openssl-1.1.1e/ssl/s3_lib.c.fips openssl-1.1.1e/ssl/s3_lib.c +--- openssl-1.1.1e/ssl/s3_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/s3_lib.c 2020-03-17 17:31:01.007410806 +0100 +@@ -43,7 +43,7 @@ static SSL_CIPHER tls13_ciphers[] = { + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, + 0, 0, +- SSL_HIGH, ++ SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256, + 128, + 128, +@@ -58,7 +58,7 @@ static SSL_CIPHER tls13_ciphers[] = { + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, + 0, 0, +- SSL_HIGH, ++ SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA384, + 256, + 256, +@@ -92,7 +92,7 @@ static SSL_CIPHER tls13_ciphers[] = { + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, + 0, 0, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256, + 128, + 128, +@@ -634,7 +634,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 128, + 128, +@@ -650,7 +650,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 256, + 256, +@@ -666,7 +666,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 128, + 128, +@@ -682,7 +682,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 256, + 256, +@@ -794,7 +794,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 128, + 128, +@@ -810,7 +810,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 256, + 256, +@@ -890,7 +890,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 128, + 128, +@@ -906,7 +906,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_AEAD, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, +- SSL_NOT_DEFAULT | SSL_HIGH, ++ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 256, + 256, +diff -up openssl-1.1.1e/ssl/ssl_ciph.c.fips openssl-1.1.1e/ssl/ssl_ciph.c +--- openssl-1.1.1e/ssl/ssl_ciph.c.fips 2020-03-17 17:30:52.017567549 +0100 ++++ openssl-1.1.1e/ssl/ssl_ciph.c 2020-03-17 17:31:01.008410788 +0100 +@@ -387,7 +387,7 @@ int ssl_load_ciphers(void) + } + } + /* Make sure we can access MD5 and SHA1 */ +- if (!ossl_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL)) ++ if (!FIPS_mode() && !ossl_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL)) + return 0; + if (!ossl_assert(ssl_digest_methods[SSL_MD_SHA1_IDX] != NULL)) + return 0; +@@ -559,6 +559,9 @@ int ssl_cipher_get_evp(const SSL_SESSION + s->ssl_version < TLS1_VERSION) + return 1; + ++ if (FIPS_mode()) ++ return 1; ++ + if (c->algorithm_enc == SSL_RC4 && + c->algorithm_mac == SSL_MD5 && + (evp = EVP_get_cipherbyname("RC4-HMAC-MD5"))) +@@ -667,6 +670,8 @@ static void ssl_cipher_collect_ciphers(c + /* drop those that use any of that is not available */ + if (c == NULL || !c->valid) + continue; ++ if (FIPS_mode() && !(c->algo_strength & SSL_FIPS)) ++ continue; + if ((c->algorithm_mkey & disabled_mkey) || + (c->algorithm_auth & disabled_auth) || + (c->algorithm_enc & disabled_enc) || +@@ -1671,7 +1676,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + * to the resulting precedence to the STACK_OF(SSL_CIPHER). + */ + for (curr = head; curr != NULL; curr = curr->next) { +- if (curr->active) { ++ if (curr->active ++ && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS)) { + if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) { + OPENSSL_free(co_list); + sk_SSL_CIPHER_free(cipherstack); +diff -up openssl-1.1.1e/ssl/ssl_init.c.fips openssl-1.1.1e/ssl/ssl_init.c +--- openssl-1.1.1e/ssl/ssl_init.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/ssl_init.c 2020-03-17 17:31:01.009410771 +0100 +@@ -27,6 +27,10 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_bas + fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " + "Adding SSL ciphers and digests\n"); + #endif ++#ifdef OPENSSL_FIPS ++ if (!FIPS_mode()) { ++#endif ++ + #ifndef OPENSSL_NO_DES + EVP_add_cipher(EVP_des_cbc()); + EVP_add_cipher(EVP_des_ede3_cbc()); +@@ -87,6 +91,31 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_bas + EVP_add_digest(EVP_sha256()); + EVP_add_digest(EVP_sha384()); + EVP_add_digest(EVP_sha512()); ++#ifdef OPENSSL_FIPS ++ } else { ++# ifndef OPENSSL_NO_DES ++ EVP_add_cipher(EVP_des_ede3_cbc()); ++# endif ++ EVP_add_cipher(EVP_aes_128_cbc()); ++ EVP_add_cipher(EVP_aes_192_cbc()); ++ EVP_add_cipher(EVP_aes_256_cbc()); ++ EVP_add_cipher(EVP_aes_128_gcm()); ++ EVP_add_cipher(EVP_aes_256_gcm()); ++ EVP_add_cipher(EVP_aes_128_ccm()); ++ EVP_add_cipher(EVP_aes_256_ccm()); ++# ifndef OPENSSL_NO_MD5 ++ /* needed even in the FIPS mode for TLS-1.0 */ ++ EVP_add_digest(EVP_md5_sha1()); ++# endif ++ EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ ++ EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); ++ EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); ++ EVP_add_digest(EVP_sha224()); ++ EVP_add_digest(EVP_sha256()); ++ EVP_add_digest(EVP_sha384()); ++ EVP_add_digest(EVP_sha512()); ++ } ++#endif + #ifndef OPENSSL_NO_COMP + # ifdef OPENSSL_INIT_DEBUG + fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " +diff -up openssl-1.1.1e/ssl/ssl_lib.c.fips openssl-1.1.1e/ssl/ssl_lib.c +--- openssl-1.1.1e/ssl/ssl_lib.c.fips 2020-03-17 17:30:52.018567531 +0100 ++++ openssl-1.1.1e/ssl/ssl_lib.c 2020-03-17 17:31:01.011410736 +0100 +@@ -2970,6 +2970,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m + if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL)) + return NULL; + ++ if (FIPS_mode() && (meth->version < TLS1_VERSION)) { ++ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE); ++ return NULL; ++ } ++ + if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { + SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); + goto err; +@@ -3026,13 +3031,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m + if (ret->param == NULL) + goto err; + +- if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { +- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); +- goto err2; +- } +- if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { +- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); +- goto err2; ++ if (!FIPS_mode()) { ++ if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { ++ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); ++ goto err2; ++ } ++ if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { ++ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); ++ goto err2; ++ } ++ } else { ++ ret->min_proto_version = TLS1_VERSION; + } + + if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) +diff -up openssl-1.1.1e/ssl/ssl_local.h.fips openssl-1.1.1e/ssl/ssl_local.h +--- openssl-1.1.1e/ssl/ssl_local.h.fips 2020-03-17 17:30:51.842570600 +0100 ++++ openssl-1.1.1e/ssl/ssl_local.h 2020-03-17 17:31:10.740241108 +0100 +@@ -1516,6 +1516,7 @@ typedef struct tls_group_info_st { + # define TLS_CURVE_PRIME 0x0 + # define TLS_CURVE_CHAR2 0x1 + # define TLS_CURVE_CUSTOM 0x2 ++# define TLS_CURVE_FIPS 0x80 + + typedef struct cert_pkey_st CERT_PKEY; + +diff -up openssl-1.1.1e/ssl/t1_lib.c.fips openssl-1.1.1e/ssl/t1_lib.c +--- openssl-1.1.1e/ssl/t1_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/t1_lib.c 2020-03-17 17:31:10.741241091 +0100 +@@ -159,11 +159,11 @@ static const TLS_GROUP_INFO nid_list[] = + {NID_secp192k1, 80, TLS_CURVE_PRIME}, /* secp192k1 (18) */ + {NID_X9_62_prime192v1, 80, TLS_CURVE_PRIME}, /* secp192r1 (19) */ + {NID_secp224k1, 112, TLS_CURVE_PRIME}, /* secp224k1 (20) */ +- {NID_secp224r1, 112, TLS_CURVE_PRIME}, /* secp224r1 (21) */ ++ {NID_secp224r1, 112, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp224r1 (21) */ + {NID_secp256k1, 128, TLS_CURVE_PRIME}, /* secp256k1 (22) */ +- {NID_X9_62_prime256v1, 128, TLS_CURVE_PRIME}, /* secp256r1 (23) */ +- {NID_secp384r1, 192, TLS_CURVE_PRIME}, /* secp384r1 (24) */ +- {NID_secp521r1, 256, TLS_CURVE_PRIME}, /* secp521r1 (25) */ ++ {NID_X9_62_prime256v1, 128, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp256r1 (23) */ ++ {NID_secp384r1, 192, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp384r1 (24) */ ++ {NID_secp521r1, 256, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp521r1 (25) */ + {NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */ + {NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */ + {NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */ +@@ -258,6 +258,8 @@ int tls_curve_allowed(SSL *s, uint16_t c + if (cinfo->flags & TLS_CURVE_CHAR2) + return 0; + # endif ++ if (FIPS_mode() && !(cinfo->flags & TLS_CURVE_FIPS)) ++ return 0; + ctmp[0] = curve >> 8; + ctmp[1] = curve & 0xff; + return ssl_security(s, op, cinfo->secbits, cinfo->nid, (void *)ctmp); +diff -up openssl-1.1.1e/test/dsatest.c.fips openssl-1.1.1e/test/dsatest.c +--- openssl-1.1.1e/test/dsatest.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/dsatest.c 2020-03-17 17:31:10.741241091 +0100 +@@ -24,41 +24,42 @@ + #ifndef OPENSSL_NO_DSA + static int dsa_cb(int p, int n, BN_GENCB *arg); + +-/* +- * seed, out_p, out_q, out_g are taken from the updated Appendix 5 to FIPS +- * PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 +- */ + static unsigned char seed[20] = { +- 0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8, 0xb6, 0x21, 0x1b, 0x40, +- 0x62, 0xba, 0x32, 0x24, 0xe0, 0x42, 0x7d, 0xd3, ++ 0x02, 0x47, 0x11, 0x92, 0x11, 0x88, 0xC8, 0xFB, 0xAF, 0x48, 0x4C, 0x62, ++ 0xDF, 0xA5, 0xBE, 0xA0, 0xA4, 0x3C, 0x56, 0xE3, + }; + + static unsigned char out_p[] = { +- 0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76, 0xaa, +- 0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69, 0xcb, +- 0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c, 0xf7, +- 0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82, 0xe5, +- 0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e, 0xaf, +- 0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a, 0xac, +- 0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24, 0xc2, +- 0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02, 0x91, ++ 0xAC, 0xCB, 0x1E, 0x63, 0x60, 0x69, 0x0C, 0xFB, 0x06, 0x19, 0x68, 0x3E, ++ 0xA5, 0x01, 0x5A, 0xA2, 0x15, 0x5C, 0xE2, 0x99, 0x2D, 0xD5, 0x30, 0x99, ++ 0x7E, 0x5F, 0x8D, 0xE2, 0xF7, 0xC6, 0x2E, 0x8D, 0xA3, 0x9F, 0x58, 0xAD, ++ 0xD6, 0xA9, 0x7D, 0x0E, 0x0D, 0x95, 0x53, 0xA6, 0x71, 0x3A, 0xDE, 0xAB, ++ 0xAC, 0xE9, 0xF4, 0x36, 0x55, 0x9E, 0xB9, 0xD6, 0x93, 0xBF, 0xF3, 0x18, ++ 0x1C, 0x14, 0x7B, 0xA5, 0x42, 0x2E, 0xCD, 0x00, 0xEB, 0x35, 0x3B, 0x1B, ++ 0xA8, 0x51, 0xBB, 0xE1, 0x58, 0x42, 0x85, 0x84, 0x22, 0xA7, 0x97, 0x5E, ++ 0x99, 0x6F, 0x38, 0x20, 0xBD, 0x9D, 0xB6, 0xD9, 0x33, 0x37, 0x2A, 0xFD, ++ 0xBB, 0xD4, 0xBC, 0x0C, 0x2A, 0x67, 0xCB, 0x9F, 0xBB, 0xDF, 0xF9, 0x93, ++ 0xAA, 0xD6, 0xF0, 0xD6, 0x95, 0x0B, 0x5D, 0x65, 0x14, 0xD0, 0x18, 0x9D, ++ 0xC6, 0xAF, 0xF0, 0xC6, 0x37, 0x7C, 0xF3, 0x5F, + }; + + static unsigned char out_q[] = { +- 0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8, 0xee, +- 0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4, 0x8e, +- 0xda, 0xce, 0x91, 0x5f, ++ 0xE3, 0x8E, 0x5E, 0x6D, 0xBF, 0x2B, 0x79, 0xF8, 0xC5, 0x4B, 0x89, 0x8B, ++ 0xBA, 0x2D, 0x91, 0xC3, 0x6C, 0x80, 0xAC, 0x87, + }; + + static unsigned char out_g[] = { +- 0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a, 0x13, +- 0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5, 0x00, +- 0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef, 0xcb, +- 0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c, 0x2e, +- 0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba, 0xbf, +- 0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c, 0x9c, +- 0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08, 0x8c, +- 0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88, 0x02, ++ 0x42, 0x4A, 0x04, 0x4E, 0x79, 0xB4, 0x99, 0x7F, 0xFD, 0x58, 0x36, 0x2C, ++ 0x1B, 0x5F, 0x18, 0x7E, 0x0D, 0xCC, 0xAB, 0x81, 0xC9, 0x5D, 0x10, 0xCE, ++ 0x4E, 0x80, 0x7E, 0x58, 0xB4, 0x34, 0x3F, 0xA7, 0x45, 0xC7, 0xAA, 0x36, ++ 0x24, 0x42, 0xA9, 0x3B, 0xE8, 0x0E, 0x04, 0x02, 0x2D, 0xFB, 0xA6, 0x13, ++ 0xB9, 0xB5, 0x15, 0xA5, 0x56, 0x07, 0x35, 0xE4, 0x03, 0xB6, 0x79, 0x7C, ++ 0x62, 0xDD, 0xDF, 0x3F, 0x71, 0x3A, 0x9D, 0x8B, 0xC4, 0xF6, 0xE7, 0x1D, ++ 0x52, 0xA8, 0xA9, 0x43, 0x1D, 0x33, 0x51, 0x88, 0x39, 0xBD, 0x73, 0xE9, ++ 0x5F, 0xBE, 0x82, 0x49, 0x27, 0xE6, 0xB5, 0x53, 0xC1, 0x38, 0xAC, 0x2F, ++ 0x6D, 0x97, 0x6C, 0xEB, 0x67, 0xC1, 0x5F, 0x67, 0xF8, 0x35, 0x05, 0x5E, ++ 0xD5, 0x68, 0x80, 0xAA, 0x96, 0xCA, 0x0B, 0x8A, 0xE6, 0xF1, 0xB1, 0x41, ++ 0xC6, 0x75, 0x94, 0x0A, 0x0A, 0x2A, 0xFA, 0x29, + }; + + static const unsigned char str1[] = "12345678901234567890"; +@@ -79,11 +80,11 @@ static int dsa_test(void) + + BN_GENCB_set(cb, dsa_cb, NULL); + if (!TEST_ptr(dsa = DSA_new()) +- || !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20, ++ || !TEST_true(DSA_generate_parameters_ex(dsa, 1024, seed, 20, + &counter, &h, cb))) + goto end; + +- if (!TEST_int_eq(counter, 105)) ++ if (!TEST_int_eq(counter, 239)) + goto end; + if (!TEST_int_eq(h, 2)) + goto end; +diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt +--- openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt 2020-03-17 17:31:10.742241073 +0100 +@@ -1206,6 +1206,7 @@ Key = 0000000000000000000000000000000000 + IV = 00000000000000000000000000000000 + Plaintext = 0000000000000000000000000000000000000000000000000000000000000000 + Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e ++Result = KEY_SET_ERROR + + Cipher = aes-128-xts + Key = 1111111111111111111111111111111122222222222222222222222222222222 +diff -up openssl-1.1.1e/util/libcrypto.num.fips openssl-1.1.1e/util/libcrypto.num +--- openssl-1.1.1e/util/libcrypto.num.fips 2020-03-17 17:31:10.744241038 +0100 ++++ openssl-1.1.1e/util/libcrypto.num 2020-03-17 17:32:37.851722261 +0100 +@@ -4587,3 +4587,38 @@ EVP_PKEY_meth_set_digestverify + EVP_PKEY_meth_get_digestverify 4541 1_1_1e EXIST::FUNCTION: + EVP_PKEY_meth_get_digestsign 4542 1_1_1e EXIST::FUNCTION: + RSA_get0_pss_params 4543 1_1_1e EXIST::FUNCTION:RSA ++FIPS_drbg_reseed 6348 1_1_0g EXIST::FUNCTION: ++FIPS_selftest_check 6349 1_1_0g EXIST::FUNCTION: ++FIPS_rand_set_method 6350 1_1_0g EXIST::FUNCTION: ++FIPS_get_default_drbg 6351 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_set_reseed_interval 6352 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_set_app_data 6353 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_method 6354 1_1_0g EXIST::FUNCTION: ++FIPS_rand_status 6355 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_instantiate 6356 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_set_callbacks 6357 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_new 6358 1_1_0g EXIST::FUNCTION: ++FIPS_dsa_paramgen_check_g 6359 1_1_0g EXIST::FUNCTION: ++FIPS_selftest 6360 1_1_0g EXIST::FUNCTION: ++FIPS_rand_set_bits 6361 1_1_0g EXIST::FUNCTION: ++FIPS_rand_bytes 6362 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_get_app_data 6363 1_1_0g EXIST::FUNCTION: ++FIPS_selftest_failed 6364 1_1_0g EXIST::FUNCTION: ++FIPS_dsa_builtin_paramgen2 6365 1_1_0g EXIST::FUNCTION: ++FIPS_rand_reset 6366 1_1_0g EXIST::FUNCTION: ++ERR_load_FIPS_strings 6367 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_generate 6368 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_uninstantiate 6369 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_set_check_interval 6370 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_free 6371 1_1_0g EXIST::FUNCTION: ++FIPS_selftest_drbg_all 6372 1_1_0g EXIST::FUNCTION: ++FIPS_rand_get_method 6373 1_1_0g EXIST::FUNCTION: ++RAND_set_fips_drbg_type 6374 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_health_check 6375 1_1_0g EXIST::FUNCTION: ++RAND_init_fips 6376 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_set_rand_callbacks 6377 1_1_0g EXIST::FUNCTION: ++FIPS_rand_seed 6378 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_get_strength 6379 1_1_0g EXIST::FUNCTION: ++FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION: ++FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION: diff --git a/openssl-1.1.1-ignore-bound.patch b/openssl-1.1.1-ignore-bound.patch new file mode 100644 index 0000000..4838f3d --- /dev/null +++ b/openssl-1.1.1-ignore-bound.patch @@ -0,0 +1,14 @@ +Do not return failure when setting version bound on fixed protocol +version method. +diff -up openssl-1.1.1-pre8/ssl/statem/statem_lib.c.ignore-bound openssl-1.1.1-pre8/ssl/statem/statem_lib.c +--- openssl-1.1.1-pre8/ssl/statem/statem_lib.c.ignore-bound 2018-06-20 16:48:13.000000000 +0200 ++++ openssl-1.1.1-pre8/ssl/statem/statem_lib.c 2018-08-13 11:07:52.826304045 +0200 +@@ -1595,7 +1595,7 @@ int ssl_set_version_bound(int method_ver + * methods are not subject to controls that disable individual protocol + * versions. + */ +- return 0; ++ return 1; + + case TLS_ANY_VERSION: + if (version < SSL3_VERSION || version > TLS_MAX_VERSION) diff --git a/openssl-1.1.1-intel-cet.patch b/openssl-1.1.1-intel-cet.patch new file mode 100644 index 0000000..a95bf9c --- /dev/null +++ b/openssl-1.1.1-intel-cet.patch @@ -0,0 +1,500 @@ +diff -up openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl +--- openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl 2020-03-19 17:07:02.626522694 +0100 +@@ -275,6 +275,7 @@ $code.=<<___; + .align 16 + ${PREFIX}_encrypt: + .cfi_startproc ++ endbranch + movups ($inp),$inout0 # load input + mov 240($key),$rounds # key->rounds + ___ +@@ -293,6 +294,7 @@ $code.=<<___; + .align 16 + ${PREFIX}_decrypt: + .cfi_startproc ++ endbranch + movups ($inp),$inout0 # load input + mov 240($key),$rounds # key->rounds + ___ +@@ -613,6 +615,7 @@ $code.=<<___; + .align 16 + aesni_ecb_encrypt: + .cfi_startproc ++ endbranch + ___ + $code.=<<___ if ($win64); + lea -0x58(%rsp),%rsp +@@ -985,6 +988,7 @@ $code.=<<___; + .align 16 + aesni_ccm64_encrypt_blocks: + .cfi_startproc ++ endbranch + ___ + $code.=<<___ if ($win64); + lea -0x58(%rsp),%rsp +@@ -1077,6 +1081,7 @@ $code.=<<___; + .align 16 + aesni_ccm64_decrypt_blocks: + .cfi_startproc ++ endbranch + ___ + $code.=<<___ if ($win64); + lea -0x58(%rsp),%rsp +@@ -1203,6 +1208,7 @@ $code.=<<___; + .align 16 + aesni_ctr32_encrypt_blocks: + .cfi_startproc ++ endbranch + cmp \$1,$len + jne .Lctr32_bulk + +@@ -1775,6 +1781,7 @@ $code.=<<___; + .align 16 + aesni_xts_encrypt: + .cfi_startproc ++ endbranch + lea (%rsp),%r11 # frame pointer + .cfi_def_cfa_register %r11 + push %rbp +@@ -2258,6 +2265,7 @@ $code.=<<___; + .align 16 + aesni_xts_decrypt: + .cfi_startproc ++ endbranch + lea (%rsp),%r11 # frame pointer + .cfi_def_cfa_register %r11 + push %rbp +@@ -2783,6 +2791,7 @@ $code.=<<___; + .align 32 + aesni_ocb_encrypt: + .cfi_startproc ++ endbranch + lea (%rsp),%rax + push %rbx + .cfi_push %rbx +@@ -3249,6 +3258,7 @@ __ocb_encrypt1: + .align 32 + aesni_ocb_decrypt: + .cfi_startproc ++ endbranch + lea (%rsp),%rax + push %rbx + .cfi_push %rbx +@@ -3737,6 +3747,7 @@ $code.=<<___; + .align 16 + ${PREFIX}_cbc_encrypt: + .cfi_startproc ++ endbranch + test $len,$len # check length + jz .Lcbc_ret + +diff -up openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl +--- openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl 2020-03-19 17:00:15.974621757 +0100 +@@ -696,6 +696,7 @@ _vpaes_schedule_mangle: + .align 16 + ${PREFIX}_set_encrypt_key: + .cfi_startproc ++ endbranch + ___ + $code.=<<___ if ($win64); + lea -0xb8(%rsp),%rsp +@@ -746,6 +747,7 @@ $code.=<<___; + .align 16 + ${PREFIX}_set_decrypt_key: + .cfi_startproc ++ endbranch + ___ + $code.=<<___ if ($win64); + lea -0xb8(%rsp),%rsp +@@ -801,6 +803,7 @@ $code.=<<___; + .align 16 + ${PREFIX}_encrypt: + .cfi_startproc ++ endbranch + ___ + $code.=<<___ if ($win64); + lea -0xb8(%rsp),%rsp +@@ -846,6 +849,7 @@ $code.=<<___; + .align 16 + ${PREFIX}_decrypt: + .cfi_startproc ++ endbranch + ___ + $code.=<<___ if ($win64); + lea -0xb8(%rsp),%rsp +@@ -897,6 +901,7 @@ $code.=<<___; + .align 16 + ${PREFIX}_cbc_encrypt: + .cfi_startproc ++ endbranch + xchg $key,$len + ___ + ($len,$key)=($key,$len); +diff -up openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.c +--- openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/async/arch/async_posix.c 2020-03-19 17:00:15.974621757 +0100 +@@ -34,7 +34,9 @@ void async_local_cleanup(void) + + int async_fibre_makecontext(async_fibre *fibre) + { ++#ifndef USE_SWAPCONTEXT + fibre->env_init = 0; ++#endif + if (getcontext(&fibre->fibre) == 0) { + fibre->fibre.uc_stack.ss_sp = OPENSSL_malloc(STACKSIZE); + if (fibre->fibre.uc_stack.ss_sp != NULL) { +diff -up openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.h +--- openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet 2020-03-19 17:00:15.435631166 +0100 ++++ openssl-1.1.1e/crypto/async/arch/async_posix.h 2020-03-19 17:00:15.975621739 +0100 +@@ -25,17 +25,33 @@ + # define ASYNC_POSIX + # define ASYNC_ARCH + ++# ifdef __CET__ ++/* ++ * When Intel CET is enabled, makecontext will create a different ++ * shadow stack for each context. async_fibre_swapcontext cannot ++ * use _longjmp. It must call swapcontext to swap shadow stack as ++ * well as normal stack. ++ */ ++# define USE_SWAPCONTEXT ++# endif + # include +-# include ++# ifndef USE_SWAPCONTEXT ++# include ++# endif + + typedef struct async_fibre_st { + ucontext_t fibre; ++# ifndef USE_SWAPCONTEXT + jmp_buf env; + int env_init; ++# endif + } async_fibre; + + static ossl_inline int async_fibre_swapcontext(async_fibre *o, async_fibre *n, int r) + { ++# ifdef USE_SWAPCONTEXT ++ swapcontext(&o->fibre, &n->fibre); ++# else + o->env_init = 1; + + if (!r || !_setjmp(o->env)) { +@@ -44,6 +60,7 @@ static ossl_inline int async_fibre_swapc + else + setcontext(&n->fibre); + } ++# endif + + return 1; + } +diff -up openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl +--- openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl 2020-03-19 17:00:15.975621739 +0100 +@@ -685,6 +685,7 @@ $code.=<<___; + .align 16 + Camellia_cbc_encrypt: + .cfi_startproc ++ endbranch + cmp \$0,%rdx + je .Lcbc_abort + push %rbx +diff -up openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl +--- openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl 2020-03-19 17:00:15.975621739 +0100 +@@ -239,6 +239,7 @@ $code=<<___; + .align 16 + gcm_gmult_4bit: + .cfi_startproc ++ endbranch + push %rbx + .cfi_push %rbx + push %rbp # %rbp and others are pushed exclusively in +@@ -286,6 +287,7 @@ $code.=<<___; + .align 16 + gcm_ghash_4bit: + .cfi_startproc ++ endbranch + push %rbx + .cfi_push %rbx + push %rbp +@@ -612,6 +614,7 @@ $code.=<<___; + .align 16 + gcm_gmult_clmul: + .cfi_startproc ++ endbranch + .L_gmult_clmul: + movdqu ($Xip),$Xi + movdqa .Lbswap_mask(%rip),$T3 +@@ -663,6 +666,7 @@ $code.=<<___; + .align 32 + gcm_ghash_clmul: + .cfi_startproc ++ endbranch + .L_ghash_clmul: + ___ + $code.=<<___ if ($win64); +@@ -1166,6 +1170,7 @@ $code.=<<___; + .align 32 + gcm_gmult_avx: + .cfi_startproc ++ endbranch + jmp .L_gmult_clmul + .cfi_endproc + .size gcm_gmult_avx,.-gcm_gmult_avx +@@ -1177,6 +1182,7 @@ $code.=<<___; + .align 32 + gcm_ghash_avx: + .cfi_startproc ++ endbranch + ___ + if ($avx) { + my ($Xip,$Htbl,$inp,$len)=@_4args; +diff -up openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet openssl-1.1.1e/crypto/perlasm/cbc.pl +--- openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/perlasm/cbc.pl 2020-03-19 17:00:15.976621722 +0100 +@@ -165,21 +165,28 @@ sub cbc + &jmp_ptr($count); + + &set_label("ej7"); ++ &endbranch() + &movb(&HB("edx"), &BP(6,$in,"",0)); + &shl("edx",8); + &set_label("ej6"); ++ &endbranch() + &movb(&HB("edx"), &BP(5,$in,"",0)); + &set_label("ej5"); ++ &endbranch() + &movb(&LB("edx"), &BP(4,$in,"",0)); + &set_label("ej4"); ++ &endbranch() + &mov("ecx", &DWP(0,$in,"",0)); + &jmp(&label("ejend")); + &set_label("ej3"); ++ &endbranch() + &movb(&HB("ecx"), &BP(2,$in,"",0)); + &shl("ecx",8); + &set_label("ej2"); ++ &endbranch() + &movb(&HB("ecx"), &BP(1,$in,"",0)); + &set_label("ej1"); ++ &endbranch() + &movb(&LB("ecx"), &BP(0,$in,"",0)); + &set_label("ejend"); + +diff -up openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl +--- openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl 2020-03-19 17:00:15.984621582 +0100 +@@ -101,6 +101,33 @@ elsif (!$gas) + $decor="\$L\$"; + } + ++my $cet_property; ++if ($flavour =~ /elf/) { ++ # Always generate .note.gnu.property section for ELF outputs to ++ # mark Intel CET support since all input files must be marked ++ # with Intel CET support in order for linker to mark output with ++ # Intel CET support. ++ my $p2align=3; $p2align=2 if ($flavour eq "elf32"); ++ $cet_property = <<_____; ++ .section ".note.gnu.property", "a" ++ .p2align $p2align ++ .long 1f - 0f ++ .long 4f - 1f ++ .long 5 ++0: ++ .asciz "GNU" ++1: ++ .p2align $p2align ++ .long 0xc0000002 ++ .long 3f - 2f ++2: ++ .long 3 ++3: ++ .p2align $p2align ++4: ++_____ ++} ++ + my $current_segment; + my $current_function; + my %globals; +@@ -1213,6 +1240,7 @@ while(defined(my $line=<>)) { + print $line,"\n"; + } + ++print "$cet_property" if ($cet_property); + print "\n$current_segment\tENDS\n" if ($current_segment && $masm); + print "END\n" if ($masm); + +diff -up openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86gas.pl +--- openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/perlasm/x86gas.pl 2020-03-19 17:00:15.985621565 +0100 +@@ -124,6 +124,7 @@ sub ::function_begin_B + push(@out,".align\t$align\n"); + push(@out,"$func:\n"); + push(@out,"$begin:\n") if ($global); ++ &::endbranch(); + $::stack=4; + } + +@@ -172,6 +173,26 @@ sub ::file_end + else { push (@out,"$tmp\n"); } + } + push(@out,$initseg) if ($initseg); ++ if ($::elf) { ++ push(@out," ++ .section \".note.gnu.property\", \"a\" ++ .p2align 2 ++ .long 1f - 0f ++ .long 4f - 1f ++ .long 5 ++0: ++ .asciz \"GNU\" ++1: ++ .p2align 2 ++ .long 0xc0000002 ++ .long 3f - 2f ++2: ++ .long 3 ++3: ++ .p2align 2 ++4: ++"); ++ } + } + + sub ::data_byte { push(@out,".byte\t".join(',',@_)."\n"); } +diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl +--- openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet 2020-03-19 17:00:38.185234015 +0100 ++++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl 2020-03-19 17:05:46.575850341 +0100 +@@ -2806,6 +2806,7 @@ $code.=<<___; + .align 32 + poly1305_blocks_vpmadd52: + .cfi_startproc ++ endbranch + shr \$4,$len + jz .Lno_data_vpmadd52 # too short + +@@ -3739,6 +3740,7 @@ $code.=<<___; + .align 32 + poly1305_emit_base2_44: + .cfi_startproc ++ endbranch + mov 0($ctx),%r8 # load hash value + mov 8($ctx),%r9 + mov 16($ctx),%r10 +diff -up openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl +--- openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet 2020-03-19 17:00:38.190233928 +0100 ++++ openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl 2020-03-19 17:05:02.598618064 +0100 +@@ -140,6 +140,7 @@ $code=<<___; + .align 16 + RC4: + .cfi_startproc ++ endbranch + or $len,$len + jne .Lentry + ret +@@ -455,6 +456,7 @@ $code.=<<___; + .align 16 + RC4_set_key: + .cfi_startproc ++ endbranch + lea 8($dat),$dat + lea ($inp,$len),$inp + neg $len +@@ -529,6 +531,7 @@ RC4_set_key: + .align 16 + RC4_options: + .cfi_startproc ++ endbranch + lea .Lopts(%rip),%rax + mov OPENSSL_ia32cap_P(%rip),%edx + bt \$20,%edx +diff -up openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet openssl-1.1.1e/crypto/x86_64cpuid.pl +--- openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/x86_64cpuid.pl 2020-03-19 17:03:58.172742775 +0100 +@@ -40,6 +40,7 @@ print<<___; + .align 16 + OPENSSL_atomic_add: + .cfi_startproc ++ endbranch + movl ($arg1),%eax + .Lspin: leaq ($arg2,%rax),%r8 + .byte 0xf0 # lock +@@ -56,6 +57,7 @@ OPENSSL_atomic_add: + .align 16 + OPENSSL_rdtsc: + .cfi_startproc ++ endbranch + rdtsc + shl \$32,%rdx + or %rdx,%rax +@@ -68,6 +70,7 @@ OPENSSL_rdtsc: + .align 16 + OPENSSL_ia32_cpuid: + .cfi_startproc ++ endbranch + mov %rbx,%r8 # save %rbx + .cfi_register %rbx,%r8 + +@@ -237,6 +240,7 @@ OPENSSL_ia32_cpuid: + .align 16 + OPENSSL_cleanse: + .cfi_startproc ++ endbranch + xor %rax,%rax + cmp \$15,$arg2 + jae .Lot +@@ -274,6 +278,7 @@ OPENSSL_cleanse: + .align 16 + CRYPTO_memcmp: + .cfi_startproc ++ endbranch + xor %rax,%rax + xor %r10,%r10 + cmp \$0,$arg3 +@@ -312,6 +317,7 @@ print<<___ if (!$win64); + .align 16 + OPENSSL_wipe_cpu: + .cfi_startproc ++ endbranch + pxor %xmm0,%xmm0 + pxor %xmm1,%xmm1 + pxor %xmm2,%xmm2 +@@ -346,6 +352,8 @@ print<<___ if ($win64); + .type OPENSSL_wipe_cpu,\@abi-omnipotent + .align 16 + OPENSSL_wipe_cpu: ++.cfi_startproc ++ endbranch + pxor %xmm0,%xmm0 + pxor %xmm1,%xmm1 + pxor %xmm2,%xmm2 +@@ -376,6 +384,7 @@ print<<___; + .align 16 + OPENSSL_instrument_bus: + .cfi_startproc ++ endbranch + mov $arg1,$out # tribute to Win64 + mov $arg2,$cnt + mov $arg2,$max +@@ -410,6 +419,7 @@ OPENSSL_instrument_bus: + .align 16 + OPENSSL_instrument_bus2: + .cfi_startproc ++ endbranch + mov $arg1,$out # tribute to Win64 + mov $arg2,$cnt + mov $arg3,$max +@@ -465,6 +475,7 @@ print<<___; + .align 16 + OPENSSL_ia32_${rdop}_bytes: + .cfi_startproc ++ endbranch + xor %rax, %rax # return value + cmp \$0,$arg2 + je .Ldone_${rdop}_bytes diff --git a/openssl-1.1.1-kdf-selftest.patch b/openssl-1.1.1-kdf-selftest.patch new file mode 100644 index 0000000..3cb3718 --- /dev/null +++ b/openssl-1.1.1-kdf-selftest.patch @@ -0,0 +1,170 @@ +diff -up openssl-1.1.1g/crypto/fips/build.info.kdf-selftest openssl-1.1.1g/crypto/fips/build.info +--- openssl-1.1.1g/crypto/fips/build.info.kdf-selftest 2020-06-03 16:08:36.274849058 +0200 ++++ openssl-1.1.1g/crypto/fips/build.info 2020-06-03 16:11:05.609079372 +0200 +@@ -5,7 +5,7 @@ SOURCE[../../libcrypto]=\ + fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \ + fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \ + fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \ +- fips_dh_selftest.c fips_ers.c ++ fips_dh_selftest.c fips_kdf_selftest.c fips_ers.c + + PROGRAMS_NO_INST=\ + fips_standalone_hmac +diff -up openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c +--- openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest 2020-06-03 16:08:36.337849577 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c 2020-06-03 16:08:36.337849577 +0200 +@@ -0,0 +1,117 @@ ++/* ++ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include "crypto/fips.h" ++ ++#include ++#include ++ ++#ifdef OPENSSL_FIPS ++int FIPS_selftest_pbkdf2(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[32]; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ goto err; ++ } ++ ++ { ++ const unsigned char expected[sizeof(out)] = { ++ 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3, ++ 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0, ++ 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf, ++ 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43 ++ }; ++ if (memcmp(out, expected, sizeof(expected))) { ++ goto err; ++ } ++ } ++ ret = 1; ++ ++err: ++ if (!ret) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_PBKDF2, FIPS_R_SELFTEST_FAILED); ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++/* Test vector from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos ++ * 5) appendix A. */ ++int FIPS_selftest_kbkdf(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ char *label = "prf", *prf_input = "test"; ++ static unsigned char input_key[] = { ++ 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28, ++ 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C, ++ }; ++ static unsigned char output[] = { ++ 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE, ++ 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86, ++ 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B, ++ 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95, ++ }; ++ unsigned char result[sizeof(output)] = { 0 }; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) { ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) { ++ goto err; ++ } ++ ret = EVP_KDF_derive(kctx, result, sizeof(result)) > 0 ++ && memcmp(result, output, sizeof(output)) == 0; ++err: ++ ++ if (!ret) ++ FIPSerr(FIPS_F_FIPS_SELFTEST_KBKDF, FIPS_R_SELFTEST_FAILED); ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++int FIPS_selftest_kdf(void) ++{ ++ return FIPS_selftest_pbkdf2() && FIPS_selftest_kbkdf(); ++} ++ ++#endif +diff -up openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_post.c +--- openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest 2020-06-03 16:08:36.332849536 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-03 16:08:36.338849585 +0200 +@@ -111,6 +111,8 @@ int FIPS_selftest(void) + rv = 0; + if (!FIPS_selftest_ecdh()) + rv = 0; ++ if (!FIPS_selftest_kdf()) ++ rv = 0; + return rv; + } + +diff -up openssl-1.1.1g/include/crypto/fips.h.kdf-selftest openssl-1.1.1g/include/crypto/fips.h +--- openssl-1.1.1g/include/crypto/fips.h.kdf-selftest 2020-06-03 16:08:36.330849519 +0200 ++++ openssl-1.1.1g/include/crypto/fips.h 2020-06-03 16:08:36.338849585 +0200 +@@ -72,6 +72,9 @@ void FIPS_drbg_stick(int onoff); + int FIPS_selftest_hmac(void); + int FIPS_selftest_drbg(void); + int FIPS_selftest_cmac(void); ++int FIPS_selftest_kbkdf(void); ++int FIPS_selftest_pbkdf2(void); ++int FIPS_selftest_kdf(void); + + int fips_in_post(void); + +diff -up openssl-1.1.1g/include/openssl/fips.h.kdf-selftest openssl-1.1.1g/include/openssl/fips.h +--- openssl-1.1.1g/include/openssl/fips.h.kdf-selftest 2020-06-03 16:08:36.282849124 +0200 ++++ openssl-1.1.1g/include/openssl/fips.h 2020-06-03 16:08:36.338849585 +0200 +@@ -123,6 +123,8 @@ extern "C" { + # define FIPS_F_FIPS_SELFTEST_DSA 112 + # define FIPS_F_FIPS_SELFTEST_ECDSA 133 + # define FIPS_F_FIPS_SELFTEST_HMAC 113 ++# define FIPS_F_FIPS_SELFTEST_KBKDF 151 ++# define FIPS_F_FIPS_SELFTEST_PBKDF2 152 + # define FIPS_F_FIPS_SELFTEST_SHA1 115 + # define FIPS_F_FIPS_SELFTEST_SHA2 105 + # define FIPS_F_OSSL_ECDSA_SIGN_SIG 143 diff --git a/openssl-1.1.1-krb5-kdf.patch b/openssl-1.1.1-krb5-kdf.patch new file mode 100644 index 0000000..249a5c5 --- /dev/null +++ b/openssl-1.1.1-krb5-kdf.patch @@ -0,0 +1,3030 @@ +diff -up openssl-1.1.1d/crypto/err/openssl.txt.krb5-kdf openssl-1.1.1d/crypto/err/openssl.txt +--- openssl-1.1.1d/crypto/err/openssl.txt.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/crypto/err/openssl.txt 2019-11-14 15:07:05.342094129 +0100 +@@ -821,6 +821,11 @@ EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_g + EVP_F_SCRYPT_ALG:228:scrypt_alg + EVP_F_UPDATE:173:update + KDF_F_HKDF_EXTRACT:112:HKDF_Extract ++KDF_F_KBKDF_CTRL:134:kbkdf_ctrl ++KDF_F_KBKDF_CTRL_STR:135:kbkdf_ctrl_str ++KDF_F_KBKDF_DERIVE:136:kbkdf_derive ++KDF_F_KBKDF_NEW:137:kbkdf_new ++KDF_F_KDF_CIPHER2CTRL:138:kdf_cipher2ctrl + KDF_F_KDF_HKDF_DERIVE:113:kdf_hkdf_derive + KDF_F_KDF_HKDF_NEW:114:kdf_hkdf_new + KDF_F_KDF_HKDF_SIZE:115:kdf_hkdf_size +@@ -840,6 +845,8 @@ KDF_F_KDF_SSHKDF_NEW:133:kdf_sshkdf_new + KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str + KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive + KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new ++KDF_F_KRB5KDF:139:KRB5KDF ++KDF_F_KRB5KDF_DERIVE:140:krb5kdf_derive + KDF_F_PBKDF2_SET_MEMBUF:128:pbkdf2_set_membuf + KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str + KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive +@@ -853,6 +860,9 @@ KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tl + KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive + KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init + KDF_F_SCRYPT_SET_MEMBUF:129:scrypt_set_membuf ++KDF_F_SSKDF_DERIVE:141:sskdf_derive ++KDF_F_SSKDF_NEW:142:sskdf_new ++KDF_F_SSKDF_SIZE:143:sskdf_size + KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg + OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object + OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid +@@ -2325,7 +2335,13 @@ EVP_R_UNSUPPORTED_SALT_TYPE:126:unsuppor + EVP_R_WRAP_MODE_NOT_ALLOWED:170:wrap mode not allowed + EVP_R_WRONG_FINAL_BLOCK_LENGTH:109:wrong final block length + EVP_R_XTS_DUPLICATED_KEYS:183:xts duplicated keys ++KDF_R_FAILED_TO_GENERATE_KEY:118:failed to generate key ++KDF_R_INVALID_CIPHER:116:invalid cipher ++KDF_R_INVALID_CONSTANT_LENGTH:119:invalid constant length + KDF_R_INVALID_DIGEST:100:invalid digest ++KDF_R_INVALID_SEED_LENGTH:117:invalid seed length ++KDF_R_MISSING_CIPHER:120:missing cipher ++KDF_R_MISSING_CONSTANT:121:missing constant + KDF_R_MISSING_ITERATION_COUNT:109:missing iteration count + KDF_R_MISSING_KEY:104:missing key + KDF_R_MISSING_MESSAGE_DIGEST:105:missing message digest +@@ -2340,6 +2356,7 @@ KDF_R_MISSING_XCGHASH:115:missing xcghas + KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type + KDF_R_VALUE_ERROR:108:value error + KDF_R_VALUE_MISSING:102:value missing ++KDF_R_WRONG_FINAL_BLOCK_LENGTH:120:wrong final block length + KDF_R_WRONG_OUTPUT_BUFFER_SIZE:112:wrong output buffer size + OBJ_R_OID_EXISTS:102:oid exists + OBJ_R_UNKNOWN_NID:101:unknown nid +diff -up openssl-1.1.1d/crypto/evp/kdf_lib.c.krb5-kdf openssl-1.1.1d/crypto/evp/kdf_lib.c +--- openssl-1.1.1d/crypto/evp/kdf_lib.c.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/crypto/evp/kdf_lib.c 2019-11-14 15:07:05.342094129 +0100 +@@ -31,6 +31,9 @@ static const EVP_KDF_METHOD *standard_me + &tls1_prf_kdf_meth, + &hkdf_kdf_meth, + &sshkdf_kdf_meth, ++ &kb_kdf_meth, ++ &krb5kdf_kdf_meth, ++ &ss_kdf_meth + }; + + DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, +diff -up openssl-1.1.1d/include/crypto/evp.h.krb5-kdf openssl-1.1.1d/include/crypto/evp.h +--- openssl-1.1.1d/include/crypto/evp.h.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/include/crypto/evp.h 2019-11-14 15:07:05.342094129 +0100 +@@ -130,6 +130,9 @@ extern const EVP_KDF_METHOD scrypt_kdf_m + extern const EVP_KDF_METHOD tls1_prf_kdf_meth; + extern const EVP_KDF_METHOD hkdf_kdf_meth; + extern const EVP_KDF_METHOD sshkdf_kdf_meth; ++extern const EVP_KDF_METHOD kb_kdf_meth; ++extern const EVP_KDF_METHOD krb5kdf_kdf_meth; ++extern const EVP_KDF_METHOD ss_kdf_meth; + + struct evp_md_st { + int type; +diff -up openssl-1.1.1d/crypto/kdf/build.info.krb5-kdf openssl-1.1.1d/crypto/kdf/build.info +--- openssl-1.1.1d/crypto/kdf/build.info.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/crypto/kdf/build.info 2019-11-14 15:07:05.342094129 +0100 +@@ -1,3 +1,3 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ +- tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c ++ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c kbkdf.c krb5kdf.c sskdf.c +diff -up openssl-1.1.1d/crypto/kdf/kbkdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kbkdf.c +--- openssl-1.1.1d/crypto/kdf/kbkdf.c.krb5-kdf 2019-11-14 15:07:05.343094112 +0100 ++++ openssl-1.1.1d/crypto/kdf/kbkdf.c 2019-11-18 17:21:58.326635901 +0100 +@@ -0,0 +1,540 @@ ++/* ++ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright 2019 Red Hat, Inc. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++/* ++ * This implements https://csrc.nist.gov/publications/detail/sp/800-108/final ++ * section 5.1 ("counter mode") and section 5.2 ("feedback mode") in both HMAC ++ * and CMAC. That document does not name the KDFs it defines; the name is ++ * derived from ++ * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Key-Derivation ++ * ++ * Note that section 5.3 ("double-pipeline mode") is not implemented, though ++ * it would be possible to do so in the future. ++ * ++ * These versions all assume the counter is used. It would be relatively ++ * straightforward to expose a configuration handle should the need arise. ++ * ++ * Variable names attempt to match those of SP800-108. ++ */ ++ ++#include ++#include ++#include ++ ++#include ++#include ++#include ++#include ++ ++#include "internal/numbers.h" ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "kdf_local.h" ++ ++#include "e_os.h" ++ ++#ifdef MIN ++# undef MIN ++#endif ++#define MIN(a, b) ((a) < (b)) ? (a) : (b) ++ ++typedef struct { ++ int mac_type; ++ union { ++ HMAC_CTX *hmac; ++ CMAC_CTX *cmac; ++ } m; ++} MAC_CTX; ++ ++/* Our context structure. */ ++struct evp_kdf_impl_st { ++ int mode; ++ ++ MAC_CTX *ctx_init; ++ ++ const EVP_CIPHER *cipher; ++ const EVP_MD *md; ++ ++ /* Names are lowercased versions of those found in SP800-108. */ ++ unsigned char *ki; ++ size_t ki_len; ++ unsigned char *label; ++ size_t label_len; ++ unsigned char *context; ++ size_t context_len; ++ unsigned char *iv; ++ size_t iv_len; ++}; ++ ++static MAC_CTX *EVP_MAC_CTX_new(int mac_type) ++{ ++ MAC_CTX *ctx; ++ ++ ctx = OPENSSL_zalloc(sizeof(*ctx)); ++ if (ctx == NULL) ++ return NULL; ++ ++ ctx->mac_type = mac_type; ++ if (mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { ++ if ((ctx->m.hmac = HMAC_CTX_new()) == NULL) ++ goto err; ++ } else { ++ if ((ctx->m.cmac = CMAC_CTX_new()) == NULL) ++ goto err; ++ } ++ return ctx; ++ ++err: ++ OPENSSL_free(ctx); ++ return NULL; ++} ++ ++static void EVP_MAC_CTX_free(MAC_CTX *ctx) ++{ ++ if (ctx == NULL) ++ return; ++ ++ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) ++ HMAC_CTX_free(ctx->m.hmac); ++ else ++ CMAC_CTX_free(ctx->m.cmac); ++ OPENSSL_free(ctx); ++} ++ ++static MAC_CTX *EVP_MAC_CTX_dup(MAC_CTX *sctx) ++{ ++ MAC_CTX *ctx; ++ ++ ctx = OPENSSL_zalloc(sizeof(*sctx)); ++ if (ctx == NULL) ++ return NULL; ++ ++ ctx->mac_type = sctx->mac_type; ++ if (sctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { ++ if ((ctx->m.hmac = HMAC_CTX_new()) == NULL ++ || HMAC_CTX_copy(ctx->m.hmac, sctx->m.hmac) <= 0) ++ goto err; ++ } else { ++ if ((ctx->m.cmac = CMAC_CTX_new()) == NULL ++ || CMAC_CTX_copy(ctx->m.cmac, sctx->m.cmac) <= 0) ++ goto err; ++ } ++ return ctx; ++ ++err: ++ EVP_MAC_CTX_free(ctx); ++ return NULL; ++} ++ ++static size_t EVP_MAC_size(MAC_CTX *ctx) ++{ ++ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { ++ const EVP_MD *md; ++ ++ if (ctx->m.hmac == NULL) ++ return 0; ++ if ((md = HMAC_CTX_get_md(ctx->m.hmac)) == NULL) ++ return 0; ++ return (size_t)EVP_MD_size(md); ++ } else { ++ const EVP_CIPHER_CTX *cctx; ++ ++ if (ctx->m.cmac == NULL) ++ return 0; ++ if ((cctx = CMAC_CTX_get0_cipher_ctx(ctx->m.cmac)) == NULL) ++ return 0; ++ return EVP_CIPHER_CTX_block_size(cctx); ++ } ++} ++ ++static int EVP_MAC_update(MAC_CTX *ctx, const unsigned char *data, ++ size_t datalen) ++{ ++ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) ++ return HMAC_Update(ctx->m.hmac, data, datalen); ++ else ++ return CMAC_Update(ctx->m.cmac, data, datalen); ++} ++ ++static int EVP_MAC_final(MAC_CTX *ctx, unsigned char *out, ++ size_t *outl, size_t outsize) ++{ ++ if (outsize != EVP_MAC_size(ctx)) ++ /* we do not cope with anything else */ ++ return 0; ++ ++ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { ++ unsigned int intsize = (unsigned int)outsize; ++ int ret; ++ ++ ret = HMAC_Final(ctx->m.hmac, out, &intsize); ++ if (outl != NULL) ++ *outl = intsize; ++ return ret; ++ } else { ++ size_t size = outsize; ++ int ret; ++ ++ ret = CMAC_Final(ctx->m.cmac, out, &size); ++ if (outl != NULL) ++ *outl = size; ++ return ret; ++ } ++} ++ ++static int evp_mac_init(MAC_CTX *ctx, const EVP_MD *md, ++ const EVP_CIPHER *cipher, unsigned char *key, size_t keylen) ++{ ++ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { ++ if (md == NULL) ++ return 0; ++ return HMAC_Init_ex(ctx->m.hmac, key, (int)keylen, md, NULL); ++ } else { ++ if (cipher == NULL) ++ return 0; ++ return CMAC_Init(ctx->m.cmac, key, keylen, cipher, NULL); ++ } ++} ++ ++static void kbkdf_reset(EVP_KDF_IMPL *ctx); ++ ++/* Not all platforms have htobe32(). */ ++static uint32_t be32(uint32_t host) ++{ ++ uint32_t big = 0; ++ const union { ++ long one; ++ char little; ++ } is_endian = { 1 }; ++ ++ if (!is_endian.little) ++ return host; ++ ++ big |= (host & 0xff000000) >> 24; ++ big |= (host & 0x00ff0000) >> 8; ++ big |= (host & 0x0000ff00) << 8; ++ big |= (host & 0x000000ff) << 24; ++ return big; ++} ++ ++static EVP_KDF_IMPL *kbkdf_new(void) ++{ ++ EVP_KDF_IMPL *ctx; ++ ++ ctx = OPENSSL_zalloc(sizeof(*ctx)); ++ if (ctx == NULL) { ++ KDFerr(KDF_F_KBKDF_NEW, ERR_R_MALLOC_FAILURE); ++ return NULL; ++ } ++ ++ return ctx; ++} ++ ++static void kbkdf_free(EVP_KDF_IMPL *ctx) ++{ ++ kbkdf_reset(ctx); ++ OPENSSL_free(ctx); ++} ++ ++static void kbkdf_reset(EVP_KDF_IMPL *ctx) ++{ ++ EVP_MAC_CTX_free(ctx->ctx_init); ++ OPENSSL_clear_free(ctx->context, ctx->context_len); ++ OPENSSL_clear_free(ctx->label, ctx->label_len); ++ OPENSSL_clear_free(ctx->ki, ctx->ki_len); ++ OPENSSL_clear_free(ctx->iv, ctx->iv_len); ++ memset(ctx, 0, sizeof(*ctx)); ++} ++ ++/* SP800-108 section 5.1 or section 5.2 depending on mode. */ ++static int derive(MAC_CTX *ctx_init, int mode, unsigned char *iv, ++ size_t iv_len, unsigned char *label, size_t label_len, ++ unsigned char *context, size_t context_len, ++ unsigned char *k_i, size_t h, uint32_t l, unsigned char *ko, ++ size_t ko_len) ++{ ++ int ret = 0; ++ MAC_CTX *ctx = NULL; ++ size_t written = 0, to_write, k_i_len = iv_len; ++ const unsigned char zero = 0; ++ uint32_t counter, i; ++ ++ /* Setup K(0) for feedback mode. */ ++ if (iv_len > 0) ++ memcpy(k_i, iv, iv_len); ++ ++ for (counter = 1; written < ko_len; counter++) { ++ i = be32(counter); ++ ++ ctx = EVP_MAC_CTX_dup(ctx_init); ++ if (ctx == NULL) ++ goto done; ++ ++ /* Perform feedback, if appropriate. */ ++ if (mode == EVP_KDF_KB_MODE_FEEDBACK && !EVP_MAC_update(ctx, k_i, k_i_len)) ++ goto done; ++ ++ if (!EVP_MAC_update(ctx, (unsigned char *)&i, 4) ++ || !EVP_MAC_update(ctx, label, label_len) ++ || !EVP_MAC_update(ctx, &zero, 1) ++ || !EVP_MAC_update(ctx, context, context_len) ++ || !EVP_MAC_update(ctx, (unsigned char *)&l, 4) ++ || !EVP_MAC_final(ctx, k_i, NULL, h)) ++ goto done; ++ ++ to_write = ko_len - written; ++ memcpy(ko + written, k_i, MIN(to_write, h)); ++ written += h; ++ ++ k_i_len = h; ++ EVP_MAC_CTX_free(ctx); ++ ctx = NULL; ++ } ++ ++ ret = 1; ++done: ++ EVP_MAC_CTX_free(ctx); ++ return ret; ++} ++ ++static int kbkdf_derive(EVP_KDF_IMPL *ctx, unsigned char *key, size_t keylen) ++{ ++ int ret = 0; ++ unsigned char *k_i = NULL; ++ uint32_t l = be32(keylen * 8); ++ size_t h = 0; ++ ++ /* label, context, and iv are permitted to be empty. Check everything ++ * else. */ ++ if (ctx->ctx_init == NULL ++ || evp_mac_init(ctx->ctx_init, ctx->md, ctx->cipher, ctx->ki, ctx->ki_len) <= 0) { ++ if (ctx->ki_len == 0 || ctx->ki == NULL) { ++ KDFerr(KDF_F_KBKDF_DERIVE, KDF_R_MISSING_KEY); ++ return 0; ++ } ++ /* Could either be missing MAC or missing message digest or missing ++ * cipher - arbitrarily, I pick this one. */ ++ KDFerr(KDF_F_KBKDF_DERIVE, KDF_R_MISSING_PARAMETER); ++ return 0; ++ } ++ ++ h = EVP_MAC_size(ctx->ctx_init); ++ if (h == 0) ++ goto done; ++ if (ctx->iv_len != 0 && ctx->iv_len != h) { ++ KDFerr(KDF_F_KBKDF_DERIVE, KDF_R_INVALID_SEED_LENGTH); ++ goto done; ++ } ++ ++ k_i = OPENSSL_zalloc(h); ++ if (k_i == NULL) ++ goto done; ++ ++ ret = derive(ctx->ctx_init, ctx->mode, ctx->iv, ctx->iv_len, ctx->label, ++ ctx->label_len, ctx->context, ctx->context_len, k_i, h, l, ++ key, keylen); ++done: ++ if (ret != 1) ++ OPENSSL_cleanse(key, keylen); ++ OPENSSL_clear_free(k_i, h); ++ return ret; ++} ++ ++static size_t kbkdf_size(EVP_KDF_IMPL *ctx) ++{ ++ return UINT32_MAX/8; ++} ++ ++static int kbkdf_parse_buffer_arg(unsigned char **dst, size_t *dst_len, ++ va_list args) ++{ ++ const unsigned char *p; ++ size_t len; ++ ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(*dst, *dst_len); ++ if (len == 0) { ++ *dst = NULL; ++ *dst_len = 0; ++ return 1; ++ } ++ ++ *dst = OPENSSL_memdup(p, len); ++ if (*dst == NULL) ++ return 0; ++ ++ *dst_len = len; ++ return 1; ++} ++ ++static int kbkdf_ctrl(EVP_KDF_IMPL *ctx, int cmd, va_list args) ++{ ++ int t; ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_MD: ++ ctx->md = va_arg(args, const EVP_MD *); ++ if (ctx->md == NULL) ++ return 0; ++ ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_CIPHER: ++ ctx->cipher = va_arg(args, const EVP_CIPHER *); ++ if (ctx->cipher == NULL) ++ return 0; ++ ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_KEY: ++ return kbkdf_parse_buffer_arg(&ctx->ki, ++ &ctx->ki_len, args); ++ ++ case EVP_KDF_CTRL_SET_SALT: ++ return kbkdf_parse_buffer_arg(&ctx->label, ++ &ctx->label_len, args); ++ ++ case EVP_KDF_CTRL_SET_KB_INFO: ++ return kbkdf_parse_buffer_arg(&ctx->context, ++ &ctx->context_len, args); ++ ++ case EVP_KDF_CTRL_SET_KB_SEED: ++ return kbkdf_parse_buffer_arg(&ctx->iv, ++ &ctx->iv_len, args); ++ ++ case EVP_KDF_CTRL_SET_KB_MODE: ++ t = va_arg(args, int); ++ if (t != EVP_KDF_KB_MODE_COUNTER && t != EVP_KDF_KB_MODE_FEEDBACK ) { ++ KDFerr(KDF_F_KBKDF_CTRL, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ctx->mode = t; ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_KB_MAC_TYPE: ++ t = va_arg(args, int); ++ if (t != EVP_KDF_KB_MAC_TYPE_HMAC && t != EVP_KDF_KB_MAC_TYPE_CMAC ) { ++ KDFerr(KDF_F_KBKDF_CTRL, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ++ if (ctx->ctx_init != NULL) { ++ EVP_MAC_CTX_free(ctx->ctx_init); ++ } ++ ctx->ctx_init = EVP_MAC_CTX_new(t); ++ if (ctx->ctx_init == NULL) { ++ KDFerr(KDF_F_KBKDF_CTRL, ERR_R_MALLOC_FAILURE); ++ return 0; ++ } ++ return 1; ++ ++ default: ++ return -2; ++ ++ } ++} ++ ++static int kbkdf_ctrl_str(EVP_KDF_IMPL *ctx, const char *type, ++ const char *value) ++{ ++ if (value == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_MISSING); ++ return 0; ++ } ++ ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(ctx, kbkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ /* alias, for historical reasons */ ++ if (strcmp(type, "md") == 0) ++ return kdf_md2ctrl(ctx, kbkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ ++ if (strcmp(type, "cipher") == 0) ++ return kdf_cipher2ctrl(ctx, kbkdf_ctrl, EVP_KDF_CTRL_SET_CIPHER, value); ++ ++ if (strcmp(type, "key") == 0) ++ return kdf_str2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "hexkey") == 0) ++ return kdf_hex2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "salt") == 0) ++ return kdf_str2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_SALT, value); ++ ++ if (strcmp(type, "hexsalt") == 0) ++ return kdf_hex2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_SALT, value); ++ ++ if (strcmp(type, "info") == 0) ++ return kdf_str2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KB_INFO, value); ++ ++ if (strcmp(type, "hexinfo") == 0) ++ return kdf_hex2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KB_INFO, value); ++ ++ if (strcmp(type, "seed") == 0) ++ return kdf_str2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KB_SEED, value); ++ ++ if (strcmp(type, "hexseed") == 0) ++ return kdf_hex2ctrl(ctx, kbkdf_ctrl, ++ EVP_KDF_CTRL_SET_KB_SEED, value); ++ ++ if (strcmp(type, "mode") == 0) { ++ int mode; ++ ++ if (strcasecmp(value, "counter") == 0) { ++ mode = EVP_KDF_KB_MODE_COUNTER; ++ } else if (strcasecmp(value, "feedback") == 0) { ++ mode = EVP_KDF_KB_MODE_FEEDBACK; ++ } else { ++ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ++ return call_ctrl(kbkdf_ctrl, ctx, EVP_KDF_CTRL_SET_KB_MODE, ++ mode); ++ } ++ ++ if (strcmp(type, "mac_type") == 0) { ++ int mac_type; ++ ++ if (strcasecmp(value, "hmac") == 0) { ++ mac_type = EVP_KDF_KB_MAC_TYPE_HMAC; ++ } else if (strcasecmp(value, "cmac") == 0) { ++ mac_type = EVP_KDF_KB_MAC_TYPE_CMAC; ++ } else { ++ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ++ return call_ctrl(kbkdf_ctrl, ctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, ++ mac_type); ++ } ++ ++ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); ++ return -2; ++} ++ ++const EVP_KDF_METHOD kb_kdf_meth = { ++ EVP_KDF_KB, ++ kbkdf_new, ++ kbkdf_free, ++ kbkdf_reset, ++ kbkdf_ctrl, ++ kbkdf_ctrl_str, ++ kbkdf_size, ++ kbkdf_derive, ++}; ++ +diff -up openssl-1.1.1d/crypto/kdf/kdf_err.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_err.c +--- openssl-1.1.1d/crypto/kdf/kdf_err.c.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/crypto/kdf/kdf_err.c 2019-11-14 15:07:05.343094112 +0100 +@@ -15,6 +15,11 @@ + + static const ERR_STRING_DATA KDF_str_functs[] = { + {ERR_PACK(ERR_LIB_KDF, KDF_F_HKDF_EXTRACT, 0), "HKDF_Extract"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_CTRL, 0), "kbkdf_ctrl"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_CTRL_STR, 0), "kbkdf_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_DERIVE, 0), "kbkdf_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_NEW, 0), "kbkdf_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_CIPHER2CTRL, 0), "kdf_cipher2ctrl"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_DERIVE, 0), "kdf_hkdf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_NEW, 0), "kdf_hkdf_new"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_SIZE, 0), "kdf_hkdf_size"}, +@@ -41,6 +46,8 @@ static const ERR_STRING_DATA KDF_str_fun + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_DERIVE, 0), + "kdf_tls1_prf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_NEW, 0), "kdf_tls1_prf_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KRB5KDF, 0), "KRB5KDF"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KRB5KDF_DERIVE, 0), "krb5kdf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PBKDF2_SET_MEMBUF, 0), "pbkdf2_set_membuf"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, +@@ -59,12 +66,22 @@ static const ERR_STRING_DATA KDF_str_fun + "pkey_tls1_prf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_SCRYPT_SET_MEMBUF, 0), "scrypt_set_membuf"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_SSKDF_DERIVE, 0), "sskdf_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_SSKDF_NEW, 0), "sskdf_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_SSKDF_SIZE, 0), "sskdf_size"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "tls1_prf_alg"}, + {0, NULL} + }; + + static const ERR_STRING_DATA KDF_str_reasons[] = { ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_FAILED_TO_GENERATE_KEY), ++ "failed to generate key"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_CIPHER), "invalid cipher"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_CONSTANT_LENGTH), "invalid constant length"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_SEED_LENGTH), "invalid seed length"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_CIPHER), "missing cipher"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_CONSTANT), "missing constant"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_ITERATION_COUNT), + "missing iteration count"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"}, +@@ -82,6 +99,8 @@ static const ERR_STRING_DATA KDF_str_rea + "unknown parameter type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_FINAL_BLOCK_LENGTH), ++ "wrong final block length"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_OUTPUT_BUFFER_SIZE), + "wrong output buffer size"}, + {0, NULL} +diff -up openssl-1.1.1d/crypto/kdf/kdf_local.h.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_local.h +--- openssl-1.1.1d/crypto/kdf/kdf_local.h.krb5-kdf 2019-11-14 15:07:05.313094646 +0100 ++++ openssl-1.1.1d/crypto/kdf/kdf_local.h 2019-11-14 15:07:05.344094093 +0100 +@@ -19,4 +19,6 @@ int kdf_hex2ctrl(EVP_KDF_IMPL *impl, + int kdf_md2ctrl(EVP_KDF_IMPL *impl, + int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), + int cmd, const char *md_name); +- ++int kdf_cipher2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *cipher_name); +diff -up openssl-1.1.1d/crypto/kdf/kdf_util.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_util.c +--- openssl-1.1.1d/crypto/kdf/kdf_util.c.krb5-kdf 2019-11-14 15:07:05.313094646 +0100 ++++ openssl-1.1.1d/crypto/kdf/kdf_util.c 2019-11-14 15:07:05.344094093 +0100 +@@ -71,3 +71,16 @@ int kdf_md2ctrl(EVP_KDF_IMPL *impl, + return call_ctrl(ctrl, impl, cmd, md); + } + ++/* Pass a cipher to a ctrl */ ++int kdf_cipher2ctrl(EVP_KDF_IMPL *impl, ++ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), ++ int cmd, const char *cipher_name) ++{ ++ const EVP_CIPHER *cipher; ++ ++ if (cipher_name == NULL || (cipher = EVP_get_cipherbyname(cipher_name)) == NULL) { ++ KDFerr(KDF_F_KDF_CIPHER2CTRL, KDF_R_INVALID_CIPHER); ++ return 0; ++ } ++ return call_ctrl(ctrl, impl, cmd, cipher); ++} +diff -up openssl-1.1.1d/crypto/kdf/krb5kdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/krb5kdf.c +--- openssl-1.1.1d/crypto/kdf/krb5kdf.c.krb5-kdf 2019-11-14 15:07:05.344094093 +0100 ++++ openssl-1.1.1d/crypto/kdf/krb5kdf.c 2019-11-18 17:18:13.056604404 +0100 +@@ -0,0 +1,423 @@ ++/* ++ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the OpenSSL license (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++ ++#include ++#include ++#include ++ ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "kdf_local.h" ++ ++/* KRB5 KDF defined in RFC 3961, Section 5.1 */ ++ ++static int KRB5KDF(const EVP_CIPHER *cipher, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *constant, size_t constant_len, ++ unsigned char *okey, size_t okey_len); ++ ++struct evp_kdf_impl_st { ++ const EVP_CIPHER *cipher; ++ unsigned char *key; ++ size_t key_len; ++ unsigned char *constant; ++ size_t constant_len; ++}; ++ ++static void krb5kdf_reset(EVP_KDF_IMPL *ctx); ++ ++static EVP_KDF_IMPL *krb5kdf_new(void) ++{ ++ EVP_KDF_IMPL *ctx; ++ ++ if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) ++ KDFerr(KDF_F_KBKDF_NEW, ERR_R_MALLOC_FAILURE); ++ return ctx; ++} ++ ++static void krb5kdf_free(EVP_KDF_IMPL *ctx) ++{ ++ krb5kdf_reset(ctx); ++ OPENSSL_free(ctx); ++} ++ ++static void krb5kdf_reset(EVP_KDF_IMPL *ctx) ++{ ++ OPENSSL_clear_free(ctx->key, ctx->key_len); ++ OPENSSL_clear_free(ctx->constant, ctx->constant_len); ++ memset(ctx, 0, sizeof(*ctx)); ++} ++ ++static int krb5kdf_derive(EVP_KDF_IMPL *ctx, unsigned char *key, ++ size_t keylen) ++{ ++ if (ctx->cipher == NULL) { ++ KDFerr(KDF_F_KRB5KDF_DERIVE, KDF_R_MISSING_CIPHER); ++ return 0; ++ } ++ if (ctx->key == NULL) { ++ KDFerr(KDF_F_KRB5KDF_DERIVE, KDF_R_MISSING_KEY); ++ return 0; ++ } ++ if (ctx->constant == NULL) { ++ KDFerr(KDF_F_KRB5KDF_DERIVE, KDF_R_MISSING_CONSTANT); ++ return 0; ++ } ++ return KRB5KDF(ctx->cipher, ctx->key, ctx->key_len, ++ ctx->constant, ctx->constant_len, ++ key, keylen); ++} ++ ++static size_t krb5kdf_size(EVP_KDF_IMPL *ctx) ++{ ++ if (ctx->cipher != NULL) ++ return EVP_CIPHER_key_length(ctx->cipher); ++ else ++ return EVP_MAX_KEY_LENGTH; ++} ++ ++ ++static int krb5kdf_parse_buffer_arg(unsigned char **dst, size_t *dst_len, ++ va_list args) ++{ ++ const unsigned char *p; ++ size_t len; ++ ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(*dst, *dst_len); ++ if (len == 0) { ++ *dst = NULL; ++ *dst_len = 0; ++ return 1; ++ } ++ ++ *dst = OPENSSL_memdup(p, len); ++ if (*dst == NULL) ++ return 0; ++ ++ *dst_len = len; ++ return 1; ++} ++ ++static int krb5kdf_ctrl(EVP_KDF_IMPL *ctx, int cmd, va_list args) ++{ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_CIPHER: ++ ctx->cipher = va_arg(args, const EVP_CIPHER *); ++ if (ctx->cipher == NULL) ++ return 0; ++ ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_KEY: ++ return krb5kdf_parse_buffer_arg(&ctx->key, ++ &ctx->key_len, args); ++ ++ case EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT: ++ return krb5kdf_parse_buffer_arg(&ctx->constant, ++ &ctx->constant_len, args); ++ default: ++ return -2; ++ ++ } ++} ++ ++static int krb5kdf_ctrl_str(EVP_KDF_IMPL *ctx, const char *type, ++ const char *value) ++{ ++ if (value == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_MISSING); ++ return 0; ++ } ++ ++ if (strcmp(type, "cipher") == 0) ++ return kdf_cipher2ctrl(ctx, krb5kdf_ctrl, EVP_KDF_CTRL_SET_CIPHER, value); ++ ++ if (strcmp(type, "key") == 0) ++ return kdf_str2ctrl(ctx, krb5kdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "hexkey") == 0) ++ return kdf_hex2ctrl(ctx, krb5kdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "constant") == 0) ++ return kdf_str2ctrl(ctx, krb5kdf_ctrl, ++ EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, value); ++ ++ if (strcmp(type, "hexconstant") == 0) ++ return kdf_hex2ctrl(ctx, krb5kdf_ctrl, ++ EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, value); ++ ++ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); ++ return -2; ++} ++ ++ ++#ifndef OPENSSL_NO_DES ++/* ++ * DES3 is a special case, it requires a random-to-key function and its ++ * input truncated to 21 bytes of the 24 produced by the cipher. ++ * See RFC3961 6.3.1 ++ */ ++static int fixup_des3_key(unsigned char *key) ++{ ++ unsigned char *cblock; ++ int i, j; ++ ++ for (i = 2; i >= 0; i--) { ++ cblock = &key[i * 8]; ++ memmove(cblock, &key[i * 7], 7); ++ cblock[7] = 0; ++ for (j = 0; j < 7; j++) ++ cblock[7] |= (cblock[j] & 1) << (j + 1); ++ DES_set_odd_parity((DES_cblock *)cblock); ++ } ++ ++ /* fail if keys are such that triple des degrades to single des */ ++ if (CRYPTO_memcmp(&key[0], &key[8], 8) == 0 || ++ CRYPTO_memcmp(&key[8], &key[16], 8) == 0) { ++ return 0; ++ } ++ ++ return 1; ++} ++#endif ++ ++/* ++ * N-fold(K) where blocksize is N, and constant_len is K ++ * Note: Here |= denotes concatenation ++ * ++ * L = lcm(N,K) ++ * R = L/K ++ * ++ * for r: 1 -> R ++ * s |= constant rot 13*(r-1)) ++ * ++ * block = 0 ++ * for k: 1 -> K ++ * block += s[N(k-1)..(N-1)k] (one's complement addition) ++ * ++ * Optimizing for space we compute: ++ * for each l in L-1 -> 0: ++ * s[l] = (constant rot 13*(l/K))[l%k] ++ * block[l % N] += s[l] (with carry) ++ * finally add carry if any ++ */ ++static void n_fold(unsigned char *block, unsigned int blocksize, ++ const unsigned char *constant, size_t constant_len) ++{ ++ unsigned int tmp, gcd, remainder, lcm, carry; ++ int b, l; ++ ++ if (constant_len == blocksize) { ++ memcpy(block, constant, constant_len); ++ return; ++ } ++ ++ /* Least Common Multiple of lengths: LCM(a,b)*/ ++ gcd = blocksize; ++ remainder = constant_len; ++ /* Calculate Great Common Divisor first GCD(a,b) */ ++ while (remainder != 0) { ++ tmp = gcd % remainder; ++ gcd = remainder; ++ remainder = tmp; ++ } ++ /* resulting a is the GCD, LCM(a,b) = |a*b|/GCD(a,b) */ ++ lcm = blocksize * constant_len / gcd; ++ ++ /* now spread out the bits */ ++ memset(block, 0, blocksize); ++ ++ /* last to first to be able to bring carry forward */ ++ carry = 0; ++ for (l = lcm - 1; l >= 0; l--) { ++ unsigned int rotbits, rshift, rbyte; ++ ++ /* destination byte in block is l % N */ ++ b = l % blocksize; ++ /* Our virtual s buffer is R = L/K long (K = constant_len) */ ++ /* So we rotate backwards from R-1 to 0 (none) rotations */ ++ rotbits = 13 * (l / constant_len); ++ /* find the byte on s where rotbits falls onto */ ++ rbyte = l - (rotbits / 8); ++ /* calculate how much shift on that byte */ ++ rshift = rotbits & 0x07; ++ /* rbyte % constant_len gives us the unrotated byte in the ++ * constant buffer, get also the previous byte then ++ * appropriately shift them to get the rotated byte we need */ ++ tmp = (constant[(rbyte-1) % constant_len] << (8 - rshift) ++ | constant[rbyte % constant_len] >> rshift) ++ & 0xff; ++ /* add with carry to any value placed by previous passes */ ++ tmp += carry + block[b]; ++ block[b] = tmp & 0xff; ++ /* save any carry that may be left */ ++ carry = tmp >> 8; ++ } ++ ++ /* if any carry is left at the end, add it through the number */ ++ for (b = blocksize - 1; b >= 0 && carry != 0; b--) { ++ carry += block[b]; ++ block[b] = carry & 0xff; ++ carry >>= 8; ++ } ++} ++ ++static int cipher_init(EVP_CIPHER_CTX *ctx, ++ const EVP_CIPHER *cipher, ++ const unsigned char *key, size_t key_len) ++{ ++ int klen, ret; ++ ++ ret = EVP_EncryptInit_ex(ctx, cipher, NULL, key, NULL); ++ if (!ret) ++ goto out; ++ /* set the key len for the odd variable key len cipher */ ++ klen = EVP_CIPHER_CTX_key_length(ctx); ++ if (key_len != (size_t)klen) { ++ ret = EVP_CIPHER_CTX_set_key_length(ctx, key_len); ++ if (!ret) ++ goto out; ++ } ++ /* we never want padding, either the length requested is a multiple of ++ * the cipher block size or we are passed a cipher that can cope with ++ * partial blocks via techniques like cipher text stealing */ ++ ret = EVP_CIPHER_CTX_set_padding(ctx, 0); ++ if (!ret) ++ goto out; ++ ++out: ++ return ret; ++} ++ ++static int KRB5KDF(const EVP_CIPHER *cipher, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *constant, size_t constant_len, ++ unsigned char *okey, size_t okey_len) ++{ ++ EVP_CIPHER_CTX *ctx = NULL; ++ unsigned char block[EVP_MAX_BLOCK_LENGTH * 2]; ++ unsigned char *plainblock, *cipherblock; ++ size_t blocksize; ++ size_t cipherlen; ++ size_t osize; ++ int des3_no_fixup = 0; ++ int ret; ++ ++ if (key_len != okey_len) { ++ /* special case for 3des, where the caller may be requesting ++ * the random raw key, instead of the fixed up key */ ++ if (EVP_CIPHER_nid(cipher) == NID_des_ede3_cbc && ++ key_len == 24 && okey_len == 21) { ++ des3_no_fixup = 1; ++ } else { ++ KDFerr(KDF_F_KRB5KDF, KDF_R_WRONG_OUTPUT_BUFFER_SIZE); ++ return 0; ++ } ++ } ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ return 0; ++ ++ ret = cipher_init(ctx, cipher, key, key_len); ++ if (!ret) ++ goto out; ++ ++ /* Initialize input block */ ++ blocksize = EVP_CIPHER_CTX_block_size(ctx); ++ ++ if (constant_len == 0 || constant_len > blocksize) { ++ KDFerr(KDF_F_KRB5KDF, KDF_R_INVALID_CONSTANT_LENGTH); ++ ret = 0; ++ goto out; ++ } ++ ++ n_fold(block, blocksize, constant, constant_len); ++ plainblock = block; ++ cipherblock = block + EVP_MAX_BLOCK_LENGTH; ++ ++ for (osize = 0; osize < okey_len; osize += cipherlen) { ++ int olen; ++ ++ ret = EVP_EncryptUpdate(ctx, cipherblock, &olen, ++ plainblock, blocksize); ++ if (!ret) ++ goto out; ++ cipherlen = olen; ++ ret = EVP_EncryptFinal_ex(ctx, cipherblock, &olen); ++ if (!ret) ++ goto out; ++ if (olen != 0) { ++ KDFerr(KDF_F_KRB5KDF, KDF_R_WRONG_FINAL_BLOCK_LENGTH); ++ ret = 0; ++ goto out; ++ } ++ ++ /* write cipherblock out */ ++ if (cipherlen > okey_len - osize) ++ cipherlen = okey_len - osize; ++ memcpy(okey + osize, cipherblock, cipherlen); ++ ++ if (okey_len > osize + cipherlen) { ++ /* we need to reinitialize cipher context per spec */ ++ ret = EVP_CIPHER_CTX_reset(ctx); ++ if (!ret) ++ goto out; ++ ret = cipher_init(ctx, cipher, key, key_len); ++ if (!ret) ++ goto out; ++ ++ /* also swap block offsets so last ciphertext becomes new ++ * plaintext */ ++ plainblock = cipherblock; ++ if (cipherblock == block) { ++ cipherblock += EVP_MAX_BLOCK_LENGTH; ++ } else { ++ cipherblock = block; ++ } ++ } ++ } ++ ++#ifndef OPENSSL_NO_DES ++ if (EVP_CIPHER_nid(cipher) == NID_des_ede3_cbc && !des3_no_fixup) { ++ ret = fixup_des3_key(okey); ++ if (!ret) { ++ KDFerr(KDF_F_KRB5KDF, KDF_R_FAILED_TO_GENERATE_KEY); ++ goto out; ++ } ++ } ++#endif ++ ++ ret = 1; ++ ++out: ++ EVP_CIPHER_CTX_free(ctx); ++ OPENSSL_cleanse(block, EVP_MAX_BLOCK_LENGTH * 2); ++ return ret; ++} ++ ++const EVP_KDF_METHOD krb5kdf_kdf_meth = { ++ EVP_KDF_KRB5KDF, ++ krb5kdf_new, ++ krb5kdf_free, ++ krb5kdf_reset, ++ krb5kdf_ctrl, ++ krb5kdf_ctrl_str, ++ krb5kdf_size, ++ krb5kdf_derive, ++}; ++ +diff -up openssl-1.1.1d/crypto/kdf/sshkdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/sshkdf.c +--- openssl-1.1.1d/crypto/kdf/sshkdf.c.krb5-kdf 2019-11-14 15:07:05.327094396 +0100 ++++ openssl-1.1.1d/crypto/kdf/sshkdf.c 2019-11-18 17:18:25.343388314 +0100 +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include "internal/numbers.h" + #include "internal/cryptlib.h" + #include "crypto/evp.h" + #include "kdf_local.h" +@@ -68,6 +69,12 @@ static int kdf_sshkdf_parse_buffer_arg(u + p = va_arg(args, const unsigned char *); + len = va_arg(args, size_t); + OPENSSL_clear_free(*dst, *dst_len); ++ if (len == 0) { ++ *dst = NULL; ++ *dst_len = 0; ++ return 1; ++ } ++ + *dst = OPENSSL_memdup(p, len); + if (*dst == NULL) + return 0; +diff -up openssl-1.1.1d/crypto/kdf/sskdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/sskdf.c +--- openssl-1.1.1d/crypto/kdf/sskdf.c.krb5-kdf 2019-11-14 15:07:05.344094093 +0100 ++++ openssl-1.1.1d/crypto/kdf/sskdf.c 2019-11-18 17:21:40.349952802 +0100 +@@ -0,0 +1,255 @@ ++/* ++ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. ++ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++/* ++ * Refer to https://csrc.nist.gov/publications/detail/sp/800-56c/rev-1/final ++ * Section 4.1. ++ * ++ * The Single Step KDF algorithm is given by: ++ * ++ * Result(0) = empty bit string (i.e., the null string). ++ * For i = 1 to reps, do the following: ++ * Increment counter by 1. ++ * Result(i) = Result(i – 1) || H(counter || Z || FixedInfo). ++ * DKM = LeftmostBits(Result(reps), L)) ++ * ++ * NOTES: ++ * Z is a shared secret required to produce the derived key material. ++ * counter is a 4 byte buffer. ++ * FixedInfo is a bit string containing context specific data. ++ * DKM is the output derived key material. ++ * L is the required size of the DKM. ++ * reps = [L / H_outputBits] ++ * H(x) is the auxiliary function that can be either a hash, HMAC or KMAC. ++ * This backported version supports only a hash. ++ * H_outputBits is the length of the output of the auxiliary function H(x). ++ * ++ * Currently there is not a comprehensive list of test vectors for this ++ * algorithm, especially for H(x) = HMAC and H(x) = KMAC. ++ * Test vectors for H(x) = Hash are indirectly used by CAVS KAS tests. ++ */ ++#include ++#include ++#include ++#include ++#include ++#include ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "kdf_local.h" ++ ++struct evp_kdf_impl_st { ++ const EVP_MD *md; /* H(x) = hash */ ++ unsigned char *secret; ++ size_t secret_len; ++ unsigned char *info; ++ size_t info_len; ++}; ++ ++#define SSKDF_MAX_INLEN (1<<30) ++ ++/* ++ * Refer to https://csrc.nist.gov/publications/detail/sp/800-56c/rev-1/final ++ * Section 4. One-Step Key Derivation using H(x) = hash(x) ++ */ ++static int SSKDF_hash_kdm(const EVP_MD *kdf_md, ++ const unsigned char *z, size_t z_len, ++ const unsigned char *info, size_t info_len, ++ unsigned char *derived_key, size_t derived_key_len) ++{ ++ int ret = 0, hlen; ++ size_t counter, out_len, len = derived_key_len; ++ unsigned char c[4]; ++ unsigned char mac[EVP_MAX_MD_SIZE]; ++ unsigned char *out = derived_key; ++ EVP_MD_CTX *ctx = NULL, *ctx_init = NULL; ++ ++ if (z_len > SSKDF_MAX_INLEN || info_len > SSKDF_MAX_INLEN ++ || derived_key_len > SSKDF_MAX_INLEN ++ || derived_key_len == 0) ++ return 0; ++ ++ hlen = EVP_MD_size(kdf_md); ++ if (hlen <= 0) ++ return 0; ++ out_len = (size_t)hlen; ++ ++ ctx = EVP_MD_CTX_create(); ++ ctx_init = EVP_MD_CTX_create(); ++ if (ctx == NULL || ctx_init == NULL) ++ goto end; ++ ++ if (!EVP_DigestInit(ctx_init, kdf_md)) ++ goto end; ++ ++ for (counter = 1;; counter++) { ++ c[0] = (unsigned char)((counter >> 24) & 0xff); ++ c[1] = (unsigned char)((counter >> 16) & 0xff); ++ c[2] = (unsigned char)((counter >> 8) & 0xff); ++ c[3] = (unsigned char)(counter & 0xff); ++ ++ if (!(EVP_MD_CTX_copy_ex(ctx, ctx_init) ++ && EVP_DigestUpdate(ctx, c, sizeof(c)) ++ && EVP_DigestUpdate(ctx, z, z_len) ++ && EVP_DigestUpdate(ctx, info, info_len))) ++ goto end; ++ if (len >= out_len) { ++ if (!EVP_DigestFinal_ex(ctx, out, NULL)) ++ goto end; ++ out += out_len; ++ len -= out_len; ++ if (len == 0) ++ break; ++ } else { ++ if (!EVP_DigestFinal_ex(ctx, mac, NULL)) ++ goto end; ++ memcpy(out, mac, len); ++ break; ++ } ++ } ++ ret = 1; ++end: ++ EVP_MD_CTX_destroy(ctx); ++ EVP_MD_CTX_destroy(ctx_init); ++ OPENSSL_cleanse(mac, sizeof(mac)); ++ return ret; ++} ++ ++static EVP_KDF_IMPL *sskdf_new(void) ++{ ++ EVP_KDF_IMPL *impl; ++ ++ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) ++ KDFerr(KDF_F_SSKDF_NEW, ERR_R_MALLOC_FAILURE); ++ return impl; ++} ++ ++static void sskdf_reset(EVP_KDF_IMPL *impl) ++{ ++ OPENSSL_clear_free(impl->secret, impl->secret_len); ++ OPENSSL_clear_free(impl->info, impl->info_len); ++ memset(impl, 0, sizeof(*impl)); ++} ++ ++static void sskdf_free(EVP_KDF_IMPL *impl) ++{ ++ sskdf_reset(impl); ++ OPENSSL_free(impl); ++} ++ ++static int sskdf_set_buffer(va_list args, unsigned char **out, size_t *out_len) ++{ ++ const unsigned char *p; ++ size_t len; ++ ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(*out, *out_len); ++ if (len == 0) { ++ *out = NULL; ++ *out_len = 0; ++ return 1; ++ } ++ ++ *out = OPENSSL_memdup(p, len); ++ if (*out == NULL) ++ return 0; ++ ++ *out_len = len; ++ return 1; ++} ++ ++static int sskdf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) ++{ ++ const EVP_MD *md; ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_KEY: ++ return sskdf_set_buffer(args, &impl->secret, &impl->secret_len); ++ ++ case EVP_KDF_CTRL_SET_SSKDF_INFO: ++ return sskdf_set_buffer(args, &impl->info, &impl->info_len); ++ ++ case EVP_KDF_CTRL_SET_MD: ++ md = va_arg(args, const EVP_MD *); ++ if (md == NULL) ++ return 0; ++ ++ impl->md = md; ++ return 1; ++ ++ default: ++ return -2; ++ } ++} ++ ++static int sskdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, ++ const char *value) ++{ ++ if (strcmp(type, "secret") == 0 || strcmp(type, "key") == 0) ++ return kdf_str2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_KEY, ++ value); ++ ++ if (strcmp(type, "hexsecret") == 0 || strcmp(type, "hexkey") == 0) ++ return kdf_hex2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_KEY, ++ value); ++ ++ if (strcmp(type, "info") == 0) ++ return kdf_str2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_SSKDF_INFO, ++ value); ++ ++ if (strcmp(type, "hexinfo") == 0) ++ return kdf_hex2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_SSKDF_INFO, ++ value); ++ ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ ++ return -2; ++} ++ ++static size_t sskdf_size(EVP_KDF_IMPL *impl) ++{ ++ int len; ++ ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_SSKDF_SIZE, KDF_R_MISSING_MESSAGE_DIGEST); ++ return 0; ++ } ++ len = EVP_MD_size(impl->md); ++ return (len <= 0) ? 0 : (size_t)len; ++} ++ ++static int sskdf_derive(EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen) ++{ ++ if (impl->secret == NULL) { ++ KDFerr(KDF_F_SSKDF_DERIVE, KDF_R_MISSING_SECRET); ++ return 0; ++ } ++ ++ /* H(x) = hash */ ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_SSKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); ++ return 0; ++ } ++ return SSKDF_hash_kdm(impl->md, impl->secret, impl->secret_len, ++ impl->info, impl->info_len, key, keylen); ++} ++ ++const EVP_KDF_METHOD ss_kdf_meth = { ++ EVP_KDF_SS, ++ sskdf_new, ++ sskdf_free, ++ sskdf_reset, ++ sskdf_ctrl, ++ sskdf_ctrl_str, ++ sskdf_size, ++ sskdf_derive ++}; +diff -up openssl-1.1.1d/crypto/objects/obj_dat.h.krb5-kdf openssl-1.1.1d/crypto/objects/obj_dat.h +--- openssl-1.1.1d/crypto/objects/obj_dat.h.krb5-kdf 2019-11-14 15:07:05.322094485 +0100 ++++ openssl-1.1.1d/crypto/objects/obj_dat.h 2019-11-14 15:07:05.345094076 +0100 +@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = { + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ + }; + +-#define NUM_NID 1196 ++#define NUM_NID 1199 + static const ASN1_OBJECT nid_objs[NUM_NID] = { + {"UNDEF", "undefined", NID_undef}, + {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, +@@ -2276,9 +2276,12 @@ static const ASN1_OBJECT nid_objs[NUM_NI + {"hmacWithSHA512-224", "hmacWithSHA512-224", NID_hmacWithSHA512_224, 8, &so[7745]}, + {"hmacWithSHA512-256", "hmacWithSHA512-256", NID_hmacWithSHA512_256, 8, &so[7753]}, + {"SSHKDF", "sshkdf", NID_sshkdf}, ++ {"KBKDF", "kbkdf", NID_kbkdf}, ++ {"KRB5KDF", "krb5kdf", NID_krb5kdf}, ++ {"SSKDF", "sskdf", NID_sskdf}, + }; + +-#define NUM_SN 1187 ++#define NUM_SN 1190 + static const unsigned int sn_objs[NUM_SN] = { + 364, /* "AD_DVCS" */ + 419, /* "AES-128-CBC" */ +@@ -2442,7 +2445,9 @@ static const unsigned int sn_objs[NUM_SN + 183, /* "ISO-US" */ + 645, /* "ITU-T" */ + 646, /* "JOINT-ISO-ITU-T" */ ++ 1196, /* "KBKDF" */ + 773, /* "KISA" */ ++ 1197, /* "KRB5KDF" */ + 1063, /* "KxANY" */ + 1039, /* "KxDHE" */ + 1041, /* "KxDHE-PSK" */ +@@ -2557,6 +2562,7 @@ static const unsigned int sn_objs[NUM_SN + 100, /* "SN" */ + 1006, /* "SNILS" */ + 1195, /* "SSHKDF" */ ++ 1198, /* "SSKDF" */ + 16, /* "ST" */ + 143, /* "SXNetID" */ + 1062, /* "SipHash" */ +@@ -3469,7 +3475,7 @@ static const unsigned int sn_objs[NUM_SN + 1093, /* "x509ExtAdmission" */ + }; + +-#define NUM_LN 1187 ++#define NUM_LN 1190 + static const unsigned int ln_objs[NUM_LN] = { + 363, /* "AD Time Stamping" */ + 405, /* "ANSI X9.62" */ +@@ -4262,8 +4268,10 @@ static const unsigned int ln_objs[NUM_LN + 957, /* "jurisdictionCountryName" */ + 955, /* "jurisdictionLocalityName" */ + 956, /* "jurisdictionStateOrProvinceName" */ ++ 1196, /* "kbkdf" */ + 150, /* "keyBag" */ + 773, /* "kisa" */ ++ 1197, /* "krb5kdf" */ + 1063, /* "kx-any" */ + 1039, /* "kx-dhe" */ + 1041, /* "kx-dhe-psk" */ +@@ -4612,6 +4620,7 @@ static const unsigned int ln_objs[NUM_LN + 1133, /* "sm4-ecb" */ + 1135, /* "sm4-ofb" */ + 1195, /* "sshkdf" */ ++ 1198, /* "sskdf" */ + 16, /* "stateOrProvinceName" */ + 660, /* "streetAddress" */ + 498, /* "subtreeMaximumQuality" */ +diff -up openssl-1.1.1d/crypto/objects/objects.txt.krb5-kdf openssl-1.1.1d/crypto/objects/objects.txt +--- openssl-1.1.1d/crypto/objects/objects.txt.krb5-kdf 2019-11-14 15:07:05.322094485 +0100 ++++ openssl-1.1.1d/crypto/objects/objects.txt 2019-11-14 15:07:05.345094076 +0100 +@@ -1603,6 +1603,15 @@ secg-scheme 14 3 : dhSinglePass-cofactor + # NID for SSHKDF + : SSHKDF : sshkdf + ++# NID for KBKDF ++ : KBKDF : kbkdf ++ ++# NID for KRB5KDF ++ : KRB5KDF : krb5kdf ++ ++# NID for SSKDF ++ : SSKDF : sskdf ++ + # RFC 4556 + 1 3 6 1 5 2 3 : id-pkinit + id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth +diff -up openssl-1.1.1d/crypto/objects/obj_mac.num.krb5-kdf openssl-1.1.1d/crypto/objects/obj_mac.num +--- openssl-1.1.1d/crypto/objects/obj_mac.num.krb5-kdf 2019-11-14 15:07:05.322094485 +0100 ++++ openssl-1.1.1d/crypto/objects/obj_mac.num 2019-11-14 15:07:05.346094058 +0100 +@@ -1193,3 +1193,6 @@ magma_mac 1192 + hmacWithSHA512_224 1193 + hmacWithSHA512_256 1194 + sshkdf 1195 ++kbkdf 1196 ++krb5kdf 1197 ++sskdf 1198 +diff -up openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.krb5-kdf openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod +--- openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.krb5-kdf 2019-11-14 15:07:05.314094628 +0100 ++++ openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod 2019-11-14 15:07:05.346094058 +0100 +@@ -140,7 +140,14 @@ The value string is expected to be a dec + This control expects one argument: C + + For MAC implementations that use a message digest as an underlying computation +-algorithm, this control set what the digest algorithm should be. ++algorithm, this control sets what the digest algorithm should be. ++ ++=item B ++ ++This control expects one argument: C ++ ++For MAC implementations that use a cipher as an underlying computation ++algorithm, this control sets what the cipher algorithm should be. + + EVP_KDF_ctrl_str() type string: "md" + +diff -up openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod +--- openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100 ++++ openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod 2019-11-14 15:07:05.346094058 +0100 +@@ -0,0 +1,173 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_KB - The Key-Based EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++The EVP_KDF_KB algorithm implements the Key-Based key derivation function ++(KBKDF). KBKDF derives a key from repeated application of a keyed MAC to an ++input secret (and other optional values). ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it can be used with the ++EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++This control expects one argument: C ++ ++Sets the mode for the KBKDF operation. There are two supported modes: ++ ++=over 4 ++ ++=item B ++ ++The counter mode of KBKDF should be used. This is the default. ++ ++=item B ++ ++The feedback mode of KBKDF should be used. ++ ++=back ++ ++=item B ++ ++This control expects one argument: C ++ ++Sets the mac type for the KBKDF operation. There are two supported mac types: ++ ++=over 4 ++ ++=item B ++ ++The HMAC with the digest set by B should be used as the mac. ++ ++=item B ++ ++The CMAC with the cipher set by B should be used as the mac. ++ ++=back ++ ++=item B ++ ++=item B ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++It is used only in the feedback mode and the length must be the same ++as the block length of the cipher in CMAC or the size of the digest in HMAC. ++ ++=back ++ ++The controls B, B, ++B, and B ++correspond to KI, Label, Context, and IV (respectively) in SP800-108. ++As in that document, salt, info, and seed are optional and may be ++omitted. ++ ++Depending on whether mac is CMAC or HMAC, either digest or cipher is ++required (respectively) and the other is unused. ++ ++=head1 NOTES ++ ++A context for KBKDF can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB); ++ ++The output length of an KBKDF is specified via the C ++parameter to the L function. ++ ++Note that currently OpenSSL only implements counter and feedback modes. Other ++variants may be supported in the future. ++ ++=head1 EXAMPLES ++ ++This example derives 10 bytes using COUNTER-HMAC-SHA256, with KI "secret", ++Label "label", and Context "context". ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB); ++ ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", strlen("secret")); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "label", strlen("label")); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, "context", strlen("context")); ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) ++ error("EVP_KDF_derive"); ++ ++ EVP_KDF_CTX_free(kctx); ++ ++This example derives 10 bytes using FEEDBACK-CMAC-AES256, with KI "secret", ++Label "label", Context "context", and IV "sixteen bytes iv". ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ unsigned char *iv = "sixteen bytes iv"; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB); ++ ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_aes_256_cbc()); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_CMAC); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MODE, EVP_KDF_KB_MODE_FEEDBACK); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", strlen("secret")); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "label", strlen("label")); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, "context", strlen("context")); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_SEED, iv, strlen(iv)); ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) ++ error("EVP_KDF_derive"); ++ ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 CONFORMING TO ++ ++NIST SP800-108, IETF RFC 6803, IETF RFC 8009. ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 HISTORY ++ ++This functionality was added to OpenSSL 3.0. ++ ++=head1 COPYRIGHT ++ ++Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. ++Copyright 2019 Red Hat, Inc. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod +--- openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100 ++++ openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod 2019-11-14 15:07:05.346094058 +0100 +@@ -0,0 +1,107 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_KRB5KDF - The RFC3961 Krb5 KDF EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B KDF through the B API. ++ ++The B algorithm implements the key derivation function defined ++in RFC 3961, section 5.1 and is used by Krb5 to derive session keys. ++Three inputs are required to perform key derivation: a cipher, (for example ++AES-128-CBC), the initial key, and a constant. ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it can be used with the ++EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++This control sets the I value for the KDF. ++If a value is already set, the contents are replaced. ++ ++=back ++ ++ ++=head1 NOTES ++ ++A context for KRB5KDF can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_KRB5KDF); ++ ++The output length of the KRB5KDF derivation is specified via the I ++parameter to the L function, and MUST match the key ++length for the chosen cipher or an error is returned. Moreover the ++I's length must not exceed the block size of the cipher. ++Since the KRB5KDF output length depends on the chosen cipher, calling ++L to obtain the requisite length returns the correct length ++only after the cipher is set. Prior to that B is returned. ++The caller must allocate a buffer of the correct length for the chosen ++cipher, and pass that buffer to the L function along ++with that length. ++ ++=head1 EXAMPLES ++ ++This example derives a key using the AES-128-CBC cipher: ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char key[16] = "01234..."; ++ unsigned char constant[] = "I'm a constant"; ++ unsigned char out[16]; ++ size_t outlen = sizeof(out); ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_KRB5KDF); ++ ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_aes_128_cbc()); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key, (size_t)16); ++ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, constant, strlen(constant)); ++ if (EVP_KDF_derive(kctx, out, outlen) <= 0) ++ /* Error */ ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 CONFORMING TO ++ ++RFC 3961 ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 HISTORY ++ ++This functionality was added to OpenSSL 3.0. ++ ++=head1 COPYRIGHT ++ ++Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the OpenSSL license (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut ++ +diff -up openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod +--- openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100 ++++ openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod 2019-11-14 15:07:05.346094058 +0100 +@@ -0,0 +1,146 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_SS - The Single Step / One Step EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++The EVP_KDF_SS algorithm implements the Single Step key derivation function (SSKDF). ++SSKDF derives a key using input such as a shared secret key (that was generated ++during the execution of a key establishment scheme) and fixedinfo. ++SSKDF is also informally referred to as 'Concat KDF'. ++ ++=head2 Auxilary function ++ ++The implementation uses a selectable auxiliary function H, which can be in the ++backported version only a: ++ ++=over 4 ++ ++=item B ++ ++=back ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++This control works as described in L. ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++The shared secret used for key derivation. This control sets the secret. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "secret" ++ ++The value string is used as is. ++ ++=item "hexsecret" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects two arguments: C, C ++ ++An optional value for fixedinfo, also known as otherinfo. This control sets the fixedinfo. ++ ++EVP_KDF_ctrl_str() takes two type strings for this control: ++ ++=over 4 ++ ++=item "info" ++ ++The value string is used as is. ++ ++=item "hexinfo" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=back ++ ++=head1 NOTES ++ ++A context for SSKDF can be obtained by calling: ++ ++EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); ++ ++The output length of an SSKDF is specified via the C ++parameter to the L function. ++ ++=head1 EXAMPLE ++ ++This example derives 10 bytes using H(x) = SHA-256, with the secret key "secret" ++and fixedinfo value "label": ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char out[10]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); ++ ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ error("EVP_KDF_CTRL_SET_MD"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) { ++ error("EVP_KDF_CTRL_SET_KEY"); ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, "label", (size_t)5) <= 0) { ++ error("EVP_KDF_CTRL_SET_SSKDF_INFO"); ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ error("EVP_KDF_derive"); ++ } ++ ++ EVP_KDF_CTX_free(kctx); ++ ++=head1 CONFORMING TO ++ ++NIST SP800-56Cr1. ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 HISTORY ++ ++This functionality was added to OpenSSL 3.0.0. ++ ++=head1 COPYRIGHT ++ ++Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. Copyright ++(c) 2019, Oracle and/or its affiliates. All rights reserved. ++ ++Licensed under the Apache License 2.0 (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut +diff -up openssl-1.1.1d/include/openssl/kdferr.h.krb5-kdf openssl-1.1.1d/include/openssl/kdferr.h +--- openssl-1.1.1d/include/openssl/kdferr.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100 ++++ openssl-1.1.1d/include/openssl/kdferr.h 2019-11-14 15:07:05.347094040 +0100 +@@ -24,6 +24,11 @@ int ERR_load_KDF_strings(void); + * KDF function codes. + */ + # define KDF_F_HKDF_EXTRACT 112 ++# define KDF_F_KBKDF_CTRL 134 ++# define KDF_F_KBKDF_CTRL_STR 135 ++# define KDF_F_KBKDF_DERIVE 136 ++# define KDF_F_KBKDF_NEW 137 ++# define KDF_F_KDF_CIPHER2CTRL 138 + # define KDF_F_KDF_HKDF_DERIVE 113 + # define KDF_F_KDF_HKDF_NEW 114 + # define KDF_F_KDF_HKDF_SIZE 115 +@@ -43,6 +48,8 @@ int ERR_load_KDF_strings(void); + # define KDF_F_KDF_TLS1_PRF_CTRL_STR 125 + # define KDF_F_KDF_TLS1_PRF_DERIVE 126 + # define KDF_F_KDF_TLS1_PRF_NEW 127 ++# define KDF_F_KRB5KDF 139 ++# define KDF_F_KRB5KDF_DERIVE 140 + # define KDF_F_PBKDF2_SET_MEMBUF 128 + # define KDF_F_PKEY_HKDF_CTRL_STR 103 + # define KDF_F_PKEY_HKDF_DERIVE 102 +@@ -56,12 +63,21 @@ int ERR_load_KDF_strings(void); + # define KDF_F_PKEY_TLS1_PRF_DERIVE 101 + # define KDF_F_PKEY_TLS1_PRF_INIT 110 + # define KDF_F_SCRYPT_SET_MEMBUF 129 ++# define KDF_F_SSKDF_DERIVE 141 ++# define KDF_F_SSKDF_NEW 142 ++# define KDF_F_SSKDF_SIZE 143 + # define KDF_F_TLS1_PRF_ALG 111 + + /* + * KDF reason codes. + */ ++# define KDF_R_FAILED_TO_GENERATE_KEY 118 ++# define KDF_R_INVALID_CIPHER 116 ++# define KDF_R_INVALID_CONSTANT_LENGTH 119 + # define KDF_R_INVALID_DIGEST 100 ++# define KDF_R_INVALID_SEED_LENGTH 117 ++# define KDF_R_MISSING_CIPHER 120 ++# define KDF_R_MISSING_CONSTANT 121 + # define KDF_R_MISSING_ITERATION_COUNT 109 + # define KDF_R_MISSING_KEY 104 + # define KDF_R_MISSING_MESSAGE_DIGEST 105 +@@ -76,6 +92,7 @@ int ERR_load_KDF_strings(void); + # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 + # define KDF_R_VALUE_ERROR 108 + # define KDF_R_VALUE_MISSING 102 ++# define KDF_R_WRONG_FINAL_BLOCK_LENGTH 122 + # define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112 + + #endif +diff -up openssl-1.1.1d/include/openssl/kdf.h.krb5-kdf openssl-1.1.1d/include/openssl/kdf.h +--- openssl-1.1.1d/include/openssl/kdf.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100 ++++ openssl-1.1.1d/include/openssl/kdf.h 2019-11-14 15:07:05.347094040 +0100 +@@ -21,6 +21,9 @@ extern "C" { + # define EVP_KDF_TLS1_PRF NID_tls1_prf + # define EVP_KDF_HKDF NID_hkdf + # define EVP_KDF_SSHKDF NID_sshkdf ++# define EVP_KDF_KB NID_kbkdf ++# define EVP_KDF_KRB5KDF NID_krb5kdf ++# define EVP_KDF_SS NID_sskdf + + EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); + void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); +@@ -51,6 +54,13 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, uns + # define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x10 /* unsigned char *, size_t */ + # define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x11 /* unsigned char *, size_t */ + # define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x12 /* int */ ++# define EVP_KDF_CTRL_SET_KB_MODE 0x13 /* int */ ++# define EVP_KDF_CTRL_SET_KB_MAC_TYPE 0x14 /* int */ ++# define EVP_KDF_CTRL_SET_CIPHER 0x15 /* EVP_CIPHER * */ ++# define EVP_KDF_CTRL_SET_KB_INFO 0x16 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_KB_SEED 0x17 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT 0x18 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_SSKDF_INFO 0x19 /* unsigned char *, size_t */ + + # define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 + # define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 +@@ -63,6 +73,12 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, uns + #define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV 69 + #define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI 70 + ++#define EVP_KDF_KB_MODE_COUNTER 0 ++#define EVP_KDF_KB_MODE_FEEDBACK 1 ++ ++#define EVP_KDF_KB_MAC_TYPE_HMAC 0 ++#define EVP_KDF_KB_MAC_TYPE_CMAC 1 ++ + /**** The legacy PKEY-based KDF API follows. ****/ + + # define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL) +diff -up openssl-1.1.1d/include/openssl/obj_mac.h.krb5-kdf openssl-1.1.1d/include/openssl/obj_mac.h +--- openssl-1.1.1d/include/openssl/obj_mac.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100 ++++ openssl-1.1.1d/include/openssl/obj_mac.h 2019-11-14 15:07:05.347094040 +0100 +@@ -4974,6 +4974,18 @@ + #define LN_sshkdf "sshkdf" + #define NID_sshkdf 1203 + ++#define SN_kbkdf "KBKDF" ++#define LN_kbkdf "kbkdf" ++#define NID_kbkdf 1204 ++ ++#define SN_krb5kdf "KRB5KDF" ++#define LN_krb5kdf "krb5kdf" ++#define NID_krb5kdf 1205 ++ ++#define SN_sskdf "SSKDF" ++#define LN_sskdf "sskdf" ++#define NID_sskdf 1206 ++ + #define SN_id_pkinit "id-pkinit" + #define NID_id_pkinit 1031 + #define OBJ_id_pkinit 1L,3L,6L,1L,5L,2L,3L +diff -up openssl-1.1.1d/test/evp_kdf_test.c.krb5-kdf openssl-1.1.1d/test/evp_kdf_test.c +--- openssl-1.1.1d/test/evp_kdf_test.c.krb5-kdf 2019-11-14 15:07:05.315094610 +0100 ++++ openssl-1.1.1d/test/evp_kdf_test.c 2019-11-14 15:07:05.348094022 +0100 +@@ -225,13 +225,358 @@ err: + } + #endif + ++/* ++ * KBKDF test vectors from RFC 6803 (Camellia Encryption for Kerberos 5) ++ * section 10. ++ */ ++static int test_kdf_kbkdf_6803_128(void) ++{ ++ int ret = 0, i; ++ EVP_KDF_CTX *kctx; ++ static unsigned char input_key[] = { ++ 0x57, 0xD0, 0x29, 0x72, 0x98, 0xFF, 0xD9, 0xD3, ++ 0x5D, 0xE5, 0xA4, 0x7F, 0xB4, 0xBD, 0xE2, 0x4B, ++ }; ++ static unsigned char constants[][5] = { ++ { 0x00, 0x00, 0x00, 0x02, 0x99 }, ++ { 0x00, 0x00, 0x00, 0x02, 0xaa }, ++ { 0x00, 0x00, 0x00, 0x02, 0x55 }, ++ }; ++ static unsigned char outputs[][16] = { ++ {0xD1, 0x55, 0x77, 0x5A, 0x20, 0x9D, 0x05, 0xF0, ++ 0x2B, 0x38, 0xD4, 0x2A, 0x38, 0x9E, 0x5A, 0x56}, ++ {0x64, 0xDF, 0x83, 0xF8, 0x5A, 0x53, 0x2F, 0x17, ++ 0x57, 0x7D, 0x8C, 0x37, 0x03, 0x57, 0x96, 0xAB}, ++ {0x3E, 0x4F, 0xBD, 0xF3, 0x0F, 0xB8, 0x25, 0x9C, ++ 0x42, 0x5C, 0xB6, 0xC9, 0x6F, 0x1F, 0x46, 0x35} ++ }; ++ static unsigned char iv[16] = { 0 }; ++ unsigned char result[16] = { 0 }; ++ ++ for (i = 0; i < 3; i++) { ++ ret = 0; ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { ++ TEST_error("EVP_KDF_KB"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_CMAC) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MODE, EVP_KDF_KB_MODE_FEEDBACK) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MODE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_camellia_128_cbc()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_CIPHER"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, constants[i], sizeof(constants[i])) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_SEED, iv, sizeof(iv)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_SEED"); ++ goto err; ++ } ++ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) ++ && TEST_mem_eq(result, sizeof(result), outputs[i], ++ sizeof(outputs[i])); ++err: ++ EVP_KDF_CTX_free(kctx); ++ if (ret != 1) ++ return ret; ++ } ++ return ret; ++} ++ ++static int test_kdf_kbkdf_6803_256(void) ++{ ++ int ret = 0, i; ++ EVP_KDF_CTX *kctx; ++ static unsigned char input_key[] = { ++ 0xB9, 0xD6, 0x82, 0x8B, 0x20, 0x56, 0xB7, 0xBE, ++ 0x65, 0x6D, 0x88, 0xA1, 0x23, 0xB1, 0xFA, 0xC6, ++ 0x82, 0x14, 0xAC, 0x2B, 0x72, 0x7E, 0xCF, 0x5F, ++ 0x69, 0xAF, 0xE0, 0xC4, 0xDF, 0x2A, 0x6D, 0x2C, ++ }; ++ static unsigned char constants[][5] = { ++ { 0x00, 0x00, 0x00, 0x02, 0x99 }, ++ { 0x00, 0x00, 0x00, 0x02, 0xaa }, ++ { 0x00, 0x00, 0x00, 0x02, 0x55 }, ++ }; ++ static unsigned char outputs[][32] = { ++ {0xE4, 0x67, 0xF9, 0xA9, 0x55, 0x2B, 0xC7, 0xD3, ++ 0x15, 0x5A, 0x62, 0x20, 0xAF, 0x9C, 0x19, 0x22, ++ 0x0E, 0xEE, 0xD4, 0xFF, 0x78, 0xB0, 0xD1, 0xE6, ++ 0xA1, 0x54, 0x49, 0x91, 0x46, 0x1A, 0x9E, 0x50, ++ }, ++ {0x41, 0x2A, 0xEF, 0xC3, 0x62, 0xA7, 0x28, 0x5F, ++ 0xC3, 0x96, 0x6C, 0x6A, 0x51, 0x81, 0xE7, 0x60, ++ 0x5A, 0xE6, 0x75, 0x23, 0x5B, 0x6D, 0x54, 0x9F, ++ 0xBF, 0xC9, 0xAB, 0x66, 0x30, 0xA4, 0xC6, 0x04, ++ }, ++ {0xFA, 0x62, 0x4F, 0xA0, 0xE5, 0x23, 0x99, 0x3F, ++ 0xA3, 0x88, 0xAE, 0xFD, 0xC6, 0x7E, 0x67, 0xEB, ++ 0xCD, 0x8C, 0x08, 0xE8, 0xA0, 0x24, 0x6B, 0x1D, ++ 0x73, 0xB0, 0xD1, 0xDD, 0x9F, 0xC5, 0x82, 0xB0, ++ }, ++ }; ++ static unsigned char iv[16] = { 0 }; ++ unsigned char result[32] = { 0 }; ++ ++ for (i = 0; i < 3; i++) { ++ ret = 0; ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { ++ TEST_error("EVP_KDF_KB"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_CMAC) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MODE, EVP_KDF_KB_MODE_FEEDBACK) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MODE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_camellia_256_cbc()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_CIPHER"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, constants[i], sizeof(constants[i])) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_SEED, iv, sizeof(iv)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_SEED"); ++ goto err; ++ } ++ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) ++ && TEST_mem_eq(result, sizeof(result), outputs[i], ++ sizeof(outputs[i])); ++err: ++ EVP_KDF_CTX_free(kctx); ++ if (ret != 1) ++ return ret; ++ } ++ return ret; ++} ++ ++/* Two test vectors from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos ++ * 5) appendix A. */ ++static int test_kdf_kbkdf_8009_prf1(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ char *label = "prf", *prf_input = "test"; ++ static unsigned char input_key[] = { ++ 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28, ++ 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C, ++ }; ++ static unsigned char output[] = { ++ 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE, ++ 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86, ++ 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B, ++ 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95, ++ }; ++ unsigned char result[sizeof(output)] = { 0 }; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { ++ TEST_error("EVP_KDF_KB"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_INFO"); ++ goto err; ++ } ++ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) ++ && TEST_mem_eq(result, sizeof(result), output, ++ sizeof(output)); ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static int test_kdf_kbkdf_8009_prf2(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ char *label = "prf", *prf_input = "test"; ++ static unsigned char input_key[] = { ++ 0x6D, 0x40, 0x4D, 0x37, 0xFA, 0xF7, 0x9F, 0x9D, ++ 0xF0, 0xD3, 0x35, 0x68, 0xD3, 0x20, 0x66, 0x98, ++ 0x00, 0xEB, 0x48, 0x36, 0x47, 0x2E, 0xA8, 0xA0, ++ 0x26, 0xD1, 0x6B, 0x71, 0x82, 0x46, 0x0C, 0x52, ++ }; ++ static unsigned char output[] = { ++ 0x98, 0x01, 0xF6, 0x9A, 0x36, 0x8C, 0x2B, 0xF6, ++ 0x75, 0xE5, 0x95, 0x21, 0xE1, 0x77, 0xD9, 0xA0, ++ 0x7F, 0x67, 0xEF, 0xE1, 0xCF, 0xDE, 0x8D, 0x3C, ++ 0x8D, 0x6F, 0x6A, 0x02, 0x56, 0xE3, 0xB1, 0x7D, ++ 0xB3, 0xC1, 0xB6, 0x2A, 0xD1, 0xB8, 0x55, 0x33, ++ 0x60, 0xD1, 0x73, 0x67, 0xEB, 0x15, 0x14, 0xD2, ++ }; ++ unsigned char result[sizeof(output)] = { 0 }; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { ++ TEST_error("EVP_KDF_KB"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha384()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SALT"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KB_INFO"); ++ goto err; ++ } ++ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) ++ && TEST_mem_eq(result, sizeof(result), output, ++ sizeof(output)); ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static int test_kdf_krb5kdf(void) ++{ ++ int ret = 0; ++ EVP_KDF_CTX *kctx; ++ unsigned char out[16]; ++ static unsigned char key[] = { ++ 0x42, 0x26, 0x3C, 0x6E, 0x89, 0xF4, 0xFC, 0x28, ++ 0xB8, 0xDF, 0x68, 0xEE, 0x09, 0x79, 0x9F, 0x15 ++ }; ++ static unsigned char constant[] = { ++ 0x00, 0x00, 0x00, 0x02, 0x99 ++ }; ++ static const unsigned char expected[sizeof(out)] = { ++ 0x34, 0x28, 0x0A, 0x38, 0x2B, 0xC9, 0x27, 0x69, ++ 0xB2, 0xDA, 0x2F, 0x9E, 0xF0, 0x66, 0x85, 0x4B ++ }; ++ ++ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KRB5KDF)) == NULL) { ++ TEST_error("EVP_KDF_KRB5KDF"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_aes_128_cbc()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_CIPHER"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key, sizeof(key)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ goto err; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, constant, sizeof(constant)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT"); ++ goto err; ++ } ++ ++ ret = ++ TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0) ++ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); ++ ++err: ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static int test_kdf_ss_hash(void) ++{ ++ EVP_KDF_CTX *kctx; ++ const unsigned char z[] = { ++ 0x6d,0xbd,0xc2,0x3f,0x04,0x54,0x88,0xe4,0x06,0x27,0x57,0xb0,0x6b,0x9e, ++ 0xba,0xe1,0x83,0xfc,0x5a,0x59,0x46,0xd8,0x0d,0xb9,0x3f,0xec,0x6f,0x62, ++ 0xec,0x07,0xe3,0x72,0x7f,0x01,0x26,0xae,0xd1,0x2c,0xe4,0xb2,0x62,0xf4, ++ 0x7d,0x48,0xd5,0x42,0x87,0xf8,0x1d,0x47,0x4c,0x7c,0x3b,0x18,0x50,0xe9 ++ }; ++ const unsigned char other[] = { ++ 0xa1,0xb2,0xc3,0xd4,0xe5,0x43,0x41,0x56,0x53,0x69,0x64,0x3c,0x83,0x2e, ++ 0x98,0x49,0xdc,0xdb,0xa7,0x1e,0x9a,0x31,0x39,0xe6,0x06,0xe0,0x95,0xde, ++ 0x3c,0x26,0x4a,0x66,0xe9,0x8a,0x16,0x58,0x54,0xcd,0x07,0x98,0x9b,0x1e, ++ 0xe0,0xec,0x3f,0x8d,0xbe ++ }; ++ const unsigned char expected[] = { ++ 0xa4,0x62,0xde,0x16,0xa8,0x9d,0xe8,0x46,0x6e,0xf5,0x46,0x0b,0x47,0xb8 ++ }; ++ unsigned char out[14]; ++ ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); ++ ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha224()) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_MD"); ++ return 0; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_KEY"); ++ return 0; ++ } ++ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other, ++ sizeof(other)) <= 0) { ++ TEST_error("EVP_KDF_CTRL_SET_SSKDF_INFO"); ++ return 0; ++ } ++ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { ++ TEST_error("EVP_KDF_derive"); ++ return 0; ++ } ++ ++ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) ++ return 0; ++ ++ EVP_KDF_CTX_free(kctx); ++ return 1; ++} ++ + int setup_tests(void) + { ++ ADD_TEST(test_kdf_kbkdf_6803_128); ++ ADD_TEST(test_kdf_kbkdf_6803_256); ++ ADD_TEST(test_kdf_kbkdf_8009_prf1); ++ ADD_TEST(test_kdf_kbkdf_8009_prf2); + ADD_TEST(test_kdf_tls1_prf); + ADD_TEST(test_kdf_hkdf); + ADD_TEST(test_kdf_pbkdf2); + #ifndef OPENSSL_NO_SCRYPT + ADD_TEST(test_kdf_scrypt); + #endif ++ ADD_TEST(test_kdf_krb5kdf); ++ ADD_TEST(test_kdf_ss_hash); + return 1; + } +diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.krb5-kdf openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt +--- openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.krb5-kdf 2019-11-14 15:07:05.327094396 +0100 ++++ openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt 2019-11-14 15:07:05.349094005 +0100 +@@ -5286,3 +5286,559 @@ Ctrl.hexsession_id = hexsession_id:a4ebd + Ctrl.type = type:A + Output = FF + Result = KDF_MISMATCH ++ ++Title = KRB5KDF tests (from RFC 3961 test vectors and krb5 sources) ++ ++#RFC3961 ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92 ++Ctrl.hexconstant = hexconstant:0000000155 ++Output = 925179d04591a79b5d3192c4a7e9c289b049c71f6ee604cd ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:5e13d31c70ef765746578531cb51c15bf11ca82c97cee9f2 ++Ctrl.hexconstant = hexconstant:00000001aa ++Output = 9e58e5a146d9942a101c469845d67a20e3c4259ed913f207 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:98e6fd8a04a4b6859b75a176540b9752bad3ecd610a252bc ++Ctrl.hexconstant = hexconstant:0000000155 ++Output = 13fef80d763e94ec6d13fd2ca1d085070249dad39808eabf ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:622aec25a2fe2cad7094680b7c64940280084c1a7cec92b5 ++Ctrl.hexconstant = hexconstant:00000001aa ++Output = f8dfbf04b097e6d9dc0702686bcb3489d91fd9a4516b703e ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:d3f8298ccb166438dcb9b93ee5a7629286a491f838f802fb ++Ctrl.hexconstant = hexconstant:6b65726265726f73 ++Output = 2370da575d2a3da864cebfdc5204d56df779a7df43d9da43 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:c1081649ada74362e6a1459d01dfd30d67c2234c940704da ++Ctrl.hexconstant = hexconstant:0000000155 ++Output = 348057ec98fdc48016161c2a4c7a943e92ae492c989175f7 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:5d154af238f46713155719d55e2f1f790dd661f279a7917c ++Ctrl.hexconstant = hexconstant:00000001aa ++Output = a8808ac267dada3dcbe9a7c84626fbc761c294b01315e5c1 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:798562e049852f57dc8c343ba17f2ca1d97394efc8adc443 ++Ctrl.hexconstant = hexconstant:0000000155 ++Output = c813f88a3be3b334f75425ce9175fbe3c8493b89c8703b49 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:26dce334b545292f2feab9a8701a89a4b99eb9942cecd016 ++Ctrl.hexconstant = hexconstant:00000001aa ++Output = f48ffd6e83f83e7354e694fd252cf83bfe58f7d5ba37ec5d ++ ++#Krb5 sources ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E ++Ctrl.hexconstant = hexconstant:0000000299 ++Output = F78C496D16E6C2DAE0E0B6C24057A84C0426AEEF26FD6DCE ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E ++Ctrl.hexconstant = hexconstant:00000002AA ++Output = 5B5723D0B634CB684C3EBA5264E9A70D52E683231AD3C4CE ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E ++Ctrl.hexconstant = hexconstant:0000000255 ++Output = A77C94980E9B7345A81525C423A737CE67F4CD91B6B3DA45 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-128-CBC ++Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15 ++Ctrl.hexconstant = hexconstant:0000000299 ++Output = 34280A382BC92769B2DA2F9EF066854B ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-128-CBC ++Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15 ++Ctrl.hexconstant = hexconstant:00000002AA ++Output = 5B14FC4E250E14DDF9DCCF1AF6674F53 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-128-CBC ++Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15 ++Ctrl.hexconstant = hexconstant:0000000255 ++Output = 4ED31063621684F09AE8D89991AF3E8F ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-256-CBC ++Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161 ++Ctrl.hexconstant = hexconstant:0000000299 ++Output = BFAB388BDCB238E9F9C98D6A878304F04D30C82556375AC507A7A852790F4674 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-256-CBC ++Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161 ++Ctrl.hexconstant = hexconstant:00000002AA ++Output = C7CFD9CD75FE793A586A542D87E0D1396F1134A104BB1A9190B8C90ADA3DDF37 ++ ++KDF = KRB5KDF ++Ctrl.cipher = cipher:AES-256-CBC ++Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161 ++Ctrl.hexconstant = hexconstant:0000000255 ++Output = 97151B4C76945063E2EB0529DC067D97D7BBA90776D8126D91F34F3101AEA8BA ++ ++#Same as the first but with no "fixup" ++KDF = KRB5KDF ++Ctrl.cipher = cipher:DES-EDE3-CBC ++Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92 ++Ctrl.hexconstant = hexconstant:0000000155 ++Output = 935079d14490a75c3093c4a6e8c3b049c71e6ee705 ++ ++#There are currently no official test vectors for Single Step KDF ++#https://github.com/patrickfav/singlestep-kdf/wiki/NIST-SP-800-56C-Rev1:-Non-Official-Test-Vectors ++Title = Single Step KDF tests ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:d09a6b1a472f930db4f5e6b967900744 ++Ctrl.hexinfo = hexinfo:b117255ab5f1b6b96fc434b0 ++Output = b5a3c52e97ae6e8c5069954354eab3c7 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:343666c0dd34b756e70f759f14c304f5 ++Ctrl.hexinfo = hexinfo:722b28448d7eab85491bce09 ++Output = 1003b650ddd3f0891a15166db5ec881d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:b84acf03ab08652dd7f82fa956933261 ++Ctrl.hexinfo = hexinfo:3d8773ec068c86053a918565 ++Output = 1635dcd1ce698f736831b4badb68ab2b ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:8cc24ca3f1d1a8b34783780b79890430 ++Ctrl.hexinfo = hexinfo:f08d4f2d9a8e6d7105c0bc16 ++Output = b8e716fb84a420aed4812cd76d9700ee ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:b616905a6f7562cd2689142ce21e42a3 ++Ctrl.hexinfo = hexinfo:ead310159a909da87e7b4b40 ++Output = 1b9201358c50fe5d5d42907c4a9fce78 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:3f57fd3fd56199b3eb33890f7ee28180 ++Ctrl.hexinfo = hexinfo:7a5056ba4fdb034c7cb6c4fe ++Output = e51ebd30a8c4b8449b0fb29d9adc11af ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:fb9fb108d104e9f662d6593fc84cde69 ++Ctrl.hexinfo = hexinfo:5faf29211c1bdbf1b2696a7c ++Output = 7a3a7e670656e48c390cdd7c51e167e0 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:237a39981794f4516dccffc3dda28396 ++Ctrl.hexinfo = hexinfo:62ed9528d104c241e0f66275 ++Output = 0c26fc9e90e1c5c5f943428301682045 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:b9b6c45f7279218fa09894e06366a3a1 ++Ctrl.hexinfo = hexinfo:0f384339670aaed4b89ecb7e ++Output = ee5fad414e32fad5d52a2bf61a7f6c72 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:08b7140e2cd0a4abd79171e4d5a71cad ++Ctrl.hexinfo = hexinfo:099211f0d8a2e02dbb5958c0 ++Output = 6162f5142e057efafd2c4f2bad5985a1 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a2 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f4853 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759a ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac704 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbe ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf1050 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f3 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8b ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f22 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f227688 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abf ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d480d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 ++Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b ++Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d480d9192 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:d7e6 ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 31e798e9931b612a3ad1b9b1008faa8c ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:4646779d ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 139f68bcca879b490e268e569087d04d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:d9811c81d4c6 ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 914dc4f09cb633a76e6c389e04c64485 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:8838f9d99ec46f09 ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 4f07dfb6f7a5bf348689e08b2e29c948 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:3e0939b33f34e779f30e ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = b42c7a98c23be19d1187ff960e87557f ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:f36230cacca4d245d303058c ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 50f2068d8010d355d56c5e34aaffbc67 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:7005d32c3d4284c73c3aefc70438 ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 66fd712ccf5462bbd41e89041ea7ea26 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:c01c83150b7734f8dbd6efd6f54d7365 ++Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff ++Output = 5c5edb0ceda9cd0c7f1f3d9e239c67d5 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:9949 ++Output = 33c83f54ed00fb1bccd2113e88550941 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:17144da6 ++Output = a999c28961424cab35ec06015e8c376a ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:dffdee1062eb ++Output = 4101ad50e626ed6f957bff926dfbb7db ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:9f365043e23b4648 ++Output = 4d3e4b971b88771f229df9f564984832 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:a885a0c4567ddc4f96da ++Output = bebbc30f5a83df5e9c9b57db33c0c879 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:c9d86183295bfe4c3d85f0fd ++Output = 87c947e45407db63eb94cbaa02d14e94 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:825fadce46964236a486732c5dad ++Output = 192370a85ff78e3c0245129d9b398558 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 ++Ctrl.hexinfo = hexinfo:5c0b5eb3ac9f342347d73d7a521723aa ++Output = c7b7634fd809383e87c4b1b3e728be56 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:8d7a4e7d5cf34b3f74873b862aeb33b7 ++Output = 6a5594f402f74f69 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:9b208e7ee1e641fac1dff48fc1beb2d2 ++Output = 556ed67e24ac0c7c46cc432da8bdb23c ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:4d2572539fed433211da28c8a0eebac3 ++Output = 5a4054c59c5b92814025578f43c1b79fe84968fc284e240b ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:4e1e70c9886819a31bc29a537911add9 ++Output = ddbfc440449aab4131c6d8aec08ce1496f2702241d0e27cc155c5c7c3cda75b5 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:68f144c952528e540c686dc353b766f2 ++Output = 59ed66bb6f54a9688a0b891d0b2ea6743621d9e1b5cc098cf3a55e6f864f9af8a95e4d945d2f987f ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:b66c9d507c9f837fbe60b6675fdbf38b ++Output = c282787ddf421a72fc88811be81b08d0d6ab66c92d1011974aa58335a6bbbd62e9e982bfae5929865ea1d517247089d2 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:34e730b49e46c7ed2fb25975a4cccd2d ++Output = 39e76e6571cb00740260b9070accbdcc4a492c295cbef33d9e37dac21e5e9d07e0f12dc7063d2172641475d4e08b8e3712fb26a10c8376b8 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:e340d87e2d7adbc1b95ec2dbdc3b82be ++Output = a660c0037a53f76f1e7667043f5869348ad07ac0e272e615ce31f16d4ab90d4b35fe5c370c0010ce79aff45682c6fb8b97f9a05b7d40b5af3c62999a10df9c6d ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA256 ++Ctrl.hexsecret = hexsecret:afc4e154498d4770aa8365f6903dc83b ++Ctrl.hexinfo = hexinfo:662af20379b29d5ef813e655 ++Output = f0b80d6ae4c1e19e2105a37024e35dc6 ++ ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA512 ++Ctrl.hexsecret = hexsecret:108cf63318555c787fa578731dd4f037 ++Ctrl.hexinfo = hexinfo:53191b1dd3f94d83084d61d6 ++Output = 0ad475c1826da3007637970c8b92b993 ++ ++Title = SSKDF Test vectors from RFC 8636 Section 8 (With precoumputed ASN.1 info) ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA1 ++Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ++Ctrl.hexinfo = hexinfo:307e300a06082b06010502030601a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020112a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb ++Output = e6ab38c9413e035bb079201ed0b6b73d8d49a814a737c04ee6649614206f73ad ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA256 ++Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ++Ctrl.hexinfo = hexinfo:307e300a06082b06010502030602a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020112a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb ++Output = 77ef4e48c420ae3fec75109d7981697eed5d295c90c62564f7bfd101fa9bc1d5 ++ ++KDF = SSKDF ++Ctrl.digest = digest:SHA512 ++Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ++Ctrl.hexinfo = hexinfo:307e300a06082b06010502030603a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020110a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb ++Output = d3c78b78d75313e9a926f75dfb012363fa17fa01db diff --git a/openssl-1.1.1-man-rename.patch b/openssl-1.1.1-man-rename.patch new file mode 100644 index 0000000..4e504b4 --- /dev/null +++ b/openssl-1.1.1-man-rename.patch @@ -0,0 +1,19 @@ +diff -up openssl-1.1.1-pre9/doc/man1/openssl.pod.man-rename openssl-1.1.1-pre9/doc/man1/openssl.pod +--- openssl-1.1.1-pre9/doc/man1/openssl.pod.man-rename 2018-08-21 14:14:13.000000000 +0200 ++++ openssl-1.1.1-pre9/doc/man1/openssl.pod 2018-08-22 12:13:04.092568064 +0200 +@@ -482,13 +482,13 @@ L, L, L + L, L, + L, L, L, L, L, + L, L, L, +-L, + L, L, L, + L, L, L, L, +-L, L, L, L, ++L, L, L, + L, L, + L, L, L, + L, L, L, L, L, ++L, L, + L, + L, L, L, + L, L, L diff --git a/openssl-1.1.1-no-brainpool.patch b/openssl-1.1.1-no-brainpool.patch new file mode 100644 index 0000000..90c87a8 --- /dev/null +++ b/openssl-1.1.1-no-brainpool.patch @@ -0,0 +1,112 @@ +diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in +--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool 2019-09-10 15:13:07.000000000 +0200 ++++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in 2019-09-13 15:11:07.358687169 +0200 +@@ -147,22 +147,22 @@ our @tests = ( + { + name => "ECDSA with brainpool", + server => { +- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), +- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), +- "Groups" => "brainpoolP256r1", ++ "Certificate" => test_pem("server-ecdsa-cert.pem"), ++ "PrivateKey" => test_pem("server-ecdsa-key.pem"), ++# "Groups" => "brainpoolP256r1", + }, + client => { + #We don't restrict this to TLSv1.2, although use of brainpool + #should force this anyway so that this should succeed + "CipherString" => "aECDSA", + "RequestCAFile" => test_pem("root-cert.pem"), +- "Groups" => "brainpoolP256r1", ++# "Groups" => "brainpoolP256r1", + }, + test => { +- "ExpectedServerCertType" =>, "brainpoolP256r1", +- "ExpectedServerSignType" =>, "EC", ++# "ExpectedServerCertType" =>, "brainpoolP256r1", ++# "ExpectedServerSignType" =>, "EC", + # Note: certificate_authorities not sent for TLS < 1.3 +- "ExpectedServerCANames" =>, "empty", ++# "ExpectedServerCANames" =>, "empty", + "ExpectedResult" => "Success" + }, + }, +@@ -853,18 +853,18 @@ my @tests_tls_1_3 = ( + { + name => "TLS 1.3 ECDSA with brainpool", + server => { +- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), +- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), +- "Groups" => "brainpoolP256r1", ++ "Certificate" => test_pem("server-ecdsa-cert.pem"), ++ "PrivateKey" => test_pem("server-ecdsa-key.pem"), ++# "Groups" => "brainpoolP256r1", + }, + client => { + "RequestCAFile" => test_pem("root-cert.pem"), +- "Groups" => "brainpoolP256r1", ++# "Groups" => "brainpoolP256r1", + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3" + }, + test => { +- "ExpectedResult" => "ServerFail" ++ "ExpectedResult" => "Success" + }, + }, + ); +diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf +--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool 2019-09-10 15:13:07.000000000 +0200 ++++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf 2019-09-13 15:12:27.380288469 +0200 +@@ -238,23 +238,18 @@ server = 5-ECDSA with brainpool-server + client = 5-ECDSA with brainpool-client + + [5-ECDSA with brainpool-server] +-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem ++Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem + CipherString = DEFAULT +-Groups = brainpoolP256r1 +-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem ++PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem + + [5-ECDSA with brainpool-client] + CipherString = aECDSA +-Groups = brainpoolP256r1 + RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + + [test-5] + ExpectedResult = Success +-ExpectedServerCANames = empty +-ExpectedServerCertType = brainpoolP256r1 +-ExpectedServerSignType = EC + + + # =========================================================== +@@ -1713,14 +1708,12 @@ server = 52-TLS 1.3 ECDSA with brainpool + client = 52-TLS 1.3 ECDSA with brainpool-client + + [52-TLS 1.3 ECDSA with brainpool-server] +-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem ++Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem + CipherString = DEFAULT +-Groups = brainpoolP256r1 +-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem ++PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem + + [52-TLS 1.3 ECDSA with brainpool-client] + CipherString = DEFAULT +-Groups = brainpoolP256r1 + MaxProtocol = TLSv1.3 + MinProtocol = TLSv1.3 + RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +@@ -1728,7 +1721,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro + VerifyMode = Peer + + [test-52] +-ExpectedResult = ServerFail ++ExpectedResult = Success + + + # =========================================================== diff --git a/openssl-1.1.1-no-html.patch b/openssl-1.1.1-no-html.patch new file mode 100644 index 0000000..d0e335e --- /dev/null +++ b/openssl-1.1.1-no-html.patch @@ -0,0 +1,12 @@ +diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html openssl-1.1.1f/Configurations/unix-Makefile.tmpl +--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html 2020-04-07 16:45:21.904083989 +0200 ++++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-04-07 16:45:56.218461895 +0200 +@@ -544,7 +544,7 @@ install_sw: install_dev install_engines + + uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev + +-install_docs: install_man_docs install_html_docs ++install_docs: install_man_docs + + uninstall_docs: uninstall_man_docs uninstall_html_docs + $(RM) -r "$(DESTDIR)$(DOCDIR)" diff --git a/openssl-1.1.1-no-weak-verify.patch b/openssl-1.1.1-no-weak-verify.patch new file mode 100644 index 0000000..5756c68 --- /dev/null +++ b/openssl-1.1.1-no-weak-verify.patch @@ -0,0 +1,26 @@ +diff -up openssl-1.1.1b/crypto/asn1/a_verify.c.no-weak-verify openssl-1.1.1b/crypto/asn1/a_verify.c +--- openssl-1.1.1b/crypto/asn1/a_verify.c.no-weak-verify 2019-02-26 15:15:30.000000000 +0100 ++++ openssl-1.1.1b/crypto/asn1/a_verify.c 2019-02-28 11:25:31.531862873 +0100 +@@ -7,6 +7,9 @@ + * https://www.openssl.org/source/license.html + */ + ++/* for secure_getenv */ ++#define _GNU_SOURCE ++ + #include + #include + #include +@@ -130,6 +133,12 @@ int ASN1_item_verify(const ASN1_ITEM *it + if (ret != 2) + goto err; + ret = -1; ++ } else if ((mdnid == NID_md5 ++ && secure_getenv("OPENSSL_ENABLE_MD5_VERIFY") == NULL) || ++ mdnid == NID_md4 || mdnid == NID_md2 || mdnid == NID_sha) { ++ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ++ ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); ++ goto err; + } else { + const EVP_MD *type = EVP_get_digestbynid(mdnid); + diff --git a/openssl-1.1.1-reneg-no-extms.patch b/openssl-1.1.1-reneg-no-extms.patch new file mode 100644 index 0000000..76adef7 --- /dev/null +++ b/openssl-1.1.1-reneg-no-extms.patch @@ -0,0 +1,44 @@ +diff -up openssl-1.1.1g/include/openssl/ssl3.h.reneg-no-extms openssl-1.1.1g/include/openssl/ssl3.h +--- openssl-1.1.1g/include/openssl/ssl3.h.reneg-no-extms 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/include/openssl/ssl3.h 2020-06-05 15:20:22.090682776 +0200 +@@ -292,6 +292,9 @@ extern "C" { + + # define TLS1_FLAGS_STATELESS 0x0800 + ++/* Set if extended master secret extension required on renegotiation */ ++# define TLS1_FLAGS_REQUIRED_EXTMS 0x1000 ++ + # define SSL3_MT_HELLO_REQUEST 0 + # define SSL3_MT_CLIENT_HELLO 1 + # define SSL3_MT_SERVER_HELLO 2 +diff -up openssl-1.1.1g/ssl/statem/extensions.c.reneg-no-extms openssl-1.1.1g/ssl/statem/extensions.c +--- openssl-1.1.1g/ssl/statem/extensions.c.reneg-no-extms 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/ssl/statem/extensions.c 2020-06-05 15:22:19.677653437 +0200 +@@ -1168,14 +1168,26 @@ static int init_etm(SSL *s, unsigned int + + static int init_ems(SSL *s, unsigned int context) + { +- if (!s->server) ++ if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) { + s->s3->flags &= ~TLS1_FLAGS_RECEIVED_EXTMS; ++ s->s3->flags |= TLS1_FLAGS_REQUIRED_EXTMS; ++ } + + return 1; + } + + static int final_ems(SSL *s, unsigned int context, int sent) + { ++ /* ++ * Check extended master secret extension is not dropped on ++ * renegotiation. ++ */ ++ if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) ++ && (s->s3->flags & TLS1_FLAGS_REQUIRED_EXTMS)) { ++ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_FINAL_EMS, ++ SSL_R_INCONSISTENT_EXTMS); ++ return 0; ++ } + if (!s->server && s->hit) { + /* + * Check extended master secret extension is consistent with diff --git a/openssl-1.1.1-rewire-fips-drbg.patch b/openssl-1.1.1-rewire-fips-drbg.patch new file mode 100644 index 0000000..4d04d37 --- /dev/null +++ b/openssl-1.1.1-rewire-fips-drbg.patch @@ -0,0 +1,170 @@ +diff -up openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_lib.c +--- openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_drbg_lib.c 2020-06-22 13:32:47.675852917 +0200 +@@ -337,6 +337,19 @@ static int drbg_reseed(DRBG_CTX *dctx, + int FIPS_drbg_reseed(DRBG_CTX *dctx, + const unsigned char *adin, size_t adinlen) + { ++ int len = (int)adinlen; ++ ++ if (len < 0 || (size_t)len != adinlen) { ++ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG); ++ return 0; ++ } ++ RAND_seed(adin, len); ++ return 1; ++} ++ ++int FIPS_drbg_reseed_internal(DRBG_CTX *dctx, ++ const unsigned char *adin, size_t adinlen) ++{ + return drbg_reseed(dctx, adin, adinlen, 1); + } + +@@ -358,6 +371,19 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, u + int prediction_resistance, + const unsigned char *adin, size_t adinlen) + { ++ int len = (int)outlen; ++ ++ if (len < 0 || (size_t)len != outlen) { ++ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG); ++ return 0; ++ } ++ return RAND_bytes(out, len); ++} ++ ++int FIPS_drbg_generate_internal(DRBG_CTX *dctx, unsigned char *out, size_t outlen, ++ int prediction_resistance, ++ const unsigned char *adin, size_t adinlen) ++{ + int r = 0; + + if (FIPS_selftest_failed()) { +diff -up openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_rand.c +--- openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_drbg_rand.c 2020-06-22 13:32:47.675852917 +0200 +@@ -57,6 +57,8 @@ + #include + #include + #include ++#define FIPS_DRBG_generate FIPS_DRBG_generate_internal ++#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal + #include + #include "fips_rand_lcl.h" + +diff -up openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c +--- openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg 2020-06-22 13:32:47.612852927 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c 2020-06-22 13:32:47.675852917 +0200 +@@ -55,6 +55,8 @@ + #include + #include + #include ++#define FIPS_DRBG_generate FIPS_DRBG_generate_internal ++#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal + #include + #include "fips_rand_lcl.h" + #include "fips_locl.h" +diff -up openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_post.c +--- openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-22 13:32:47.675852917 +0200 +@@ -79,8 +79,6 @@ int FIPS_selftest(void) + ERR_add_error_data(2, "Type=", "rand_drbg_selftest"); + rv = 0; + } +- if (!FIPS_selftest_drbg()) +- rv = 0; + if (!FIPS_selftest_sha1()) + rv = 0; + if (!FIPS_selftest_sha2()) +diff -up openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_rand_lib.c +--- openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.613852927 +0200 ++++ openssl-1.1.1g/crypto/fips/fips_rand_lib.c 2020-06-22 13:36:28.722817967 +0200 +@@ -120,6 +120,7 @@ void FIPS_rand_reset(void) + + int FIPS_rand_seed(const void *buf, int num) + { ++#if 0 + if (!fips_approved_rand_meth && FIPS_module_mode()) { + FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD); + return 0; +@@ -127,10 +128,15 @@ int FIPS_rand_seed(const void *buf, int + if (fips_rand_meth && fips_rand_meth->seed) + fips_rand_meth->seed(buf, num); + return 1; ++#else ++ RAND_seed(buf, num); ++ return 1; ++#endif + } + + int FIPS_rand_bytes(unsigned char *buf, int num) + { ++#if 0 + if (!fips_approved_rand_meth && FIPS_module_mode()) { + FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD); + return 0; +@@ -138,10 +144,14 @@ int FIPS_rand_bytes(unsigned char *buf, + if (fips_rand_meth && fips_rand_meth->bytes) + return fips_rand_meth->bytes(buf, num); + return 0; ++#else ++ return RAND_bytes(buf, num); ++#endif + } + + int FIPS_rand_status(void) + { ++#if 0 + if (!fips_approved_rand_meth && FIPS_module_mode()) { + FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD); + return 0; +@@ -149,6 +159,9 @@ int FIPS_rand_status(void) + if (fips_rand_meth && fips_rand_meth->status) + return fips_rand_meth->status(); + return 0; ++#else ++ return RAND_status(); ++#endif + } + + /* Return instantiated strength of PRNG. For DRBG this is an internal +diff -up openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips.h +--- openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200 ++++ openssl-1.1.1g/include/openssl/fips.h 2020-06-22 13:32:47.675852917 +0200 +@@ -64,6 +64,11 @@ extern "C" { + + int FIPS_selftest(void); + int FIPS_selftest_failed(void); ++ ++ /* ++ * This function is deprecated as it performs selftest of the old FIPS drbg ++ * implementation that is not validated. ++ */ + int FIPS_selftest_drbg_all(void); + + int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, +diff -up openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips_rand.h +--- openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg 2020-06-22 13:32:47.617852926 +0200 ++++ openssl-1.1.1g/include/openssl/fips_rand.h 2020-06-22 13:32:47.675852917 +0200 +@@ -60,6 +60,20 @@ + # ifdef __cplusplus + extern "C" { + # endif ++ ++/* ++ * IMPORTANT NOTE: ++ * All functions in this header file are deprecated and should not be used ++ * as they use the old FIPS_drbg implementation that is not FIPS validated ++ * anymore. ++ * To provide backwards compatibility for applications that need FIPS compliant ++ * RNG number generation and use FIPS_drbg_generate, this function was ++ * re-wired to call the FIPS validated DRBG instance instead through ++ * the RAND_bytes() call. ++ * ++ * All these functions will be removed in future. ++ */ ++ + typedef struct drbg_ctx_st DRBG_CTX; + /* DRBG external flags */ + /* Flag for CTR mode only: use derivation function ctr_df */ diff --git a/openssl-1.1.1-s390x-ecc.patch b/openssl-1.1.1-s390x-ecc.patch new file mode 100644 index 0000000..6b5963f --- /dev/null +++ b/openssl-1.1.1-s390x-ecc.patch @@ -0,0 +1,2306 @@ +diff -up openssl-1.1.1g/Configurations/00-base-templates.conf.s390x-ecc openssl-1.1.1g/Configurations/00-base-templates.conf +--- openssl-1.1.1g/Configurations/00-base-templates.conf.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/Configurations/00-base-templates.conf 2020-05-18 12:45:40.855234262 +0200 +@@ -289,6 +289,7 @@ my %targets=( + template => 1, + cpuid_asm_src => "s390xcap.c s390xcpuid.S", + bn_asm_src => "asm/s390x.S s390x-mont.S s390x-gf2m.s", ++ ec_asm_src => "ecp_s390x_nistp.c", + aes_asm_src => "aes-s390x.S aes-ctr.fake aes-xts.fake", + sha1_asm_src => "sha1-s390x.S sha256-s390x.S sha512-s390x.S", + rc4_asm_src => "rc4-s390x.s", +diff -up openssl-1.1.1g/Configure.s390x-ecc openssl-1.1.1g/Configure +--- openssl-1.1.1g/Configure.s390x-ecc 2020-05-18 12:45:40.781233618 +0200 ++++ openssl-1.1.1g/Configure 2020-05-18 12:45:40.856234270 +0200 +@@ -1398,6 +1398,9 @@ unless ($disabled{asm}) { + if ($target{ec_asm_src} =~ /ecp_nistz256/) { + push @{$config{lib_defines}}, "ECP_NISTZ256_ASM"; + } ++ if ($target{ec_asm_src} =~ /ecp_s390x_nistp/) { ++ push @{$config{lib_defines}}, "S390X_EC_ASM"; ++ } + if ($target{ec_asm_src} =~ /x25519/) { + push @{$config{lib_defines}}, "X25519_ASM"; + } +diff -up openssl-1.1.1g/crypto/cmac/cm_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/cmac/cm_pmeth.c +--- openssl-1.1.1g/crypto/cmac/cm_pmeth.c.s390x-ecc 2020-05-18 12:45:40.782233627 +0200 ++++ openssl-1.1.1g/crypto/cmac/cm_pmeth.c 2020-05-18 12:45:42.661249957 +0200 +@@ -159,3 +159,8 @@ const EVP_PKEY_METHOD cmac_pkey_meth = { + pkey_cmac_ctrl, + pkey_cmac_ctrl_str + }; ++ ++const EVP_PKEY_METHOD *cmac_pkey_method(void) ++{ ++ return &cmac_pkey_meth; ++} +diff -up openssl-1.1.1g/crypto/dh/dh_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/dh/dh_pmeth.c +--- openssl-1.1.1g/crypto/dh/dh_pmeth.c.s390x-ecc 2020-05-18 12:45:40.782233627 +0200 ++++ openssl-1.1.1g/crypto/dh/dh_pmeth.c 2020-05-18 12:45:42.661249957 +0200 +@@ -512,6 +512,11 @@ const EVP_PKEY_METHOD dh_pkey_meth = { + pkey_dh_ctrl_str + }; + ++const EVP_PKEY_METHOD *dh_pkey_method(void) ++{ ++ return &dh_pkey_meth; ++} ++ + const EVP_PKEY_METHOD dhx_pkey_meth = { + EVP_PKEY_DHX, + EVP_PKEY_FLAG_FIPS, +@@ -545,3 +550,8 @@ const EVP_PKEY_METHOD dhx_pkey_meth = { + pkey_dh_ctrl, + pkey_dh_ctrl_str + }; ++ ++const EVP_PKEY_METHOD *dhx_pkey_method(void) ++{ ++ return &dhx_pkey_meth; ++} +diff -up openssl-1.1.1g/crypto/dsa/dsa_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/dsa/dsa_pmeth.c +--- openssl-1.1.1g/crypto/dsa/dsa_pmeth.c.s390x-ecc 2020-05-18 12:45:40.783233636 +0200 ++++ openssl-1.1.1g/crypto/dsa/dsa_pmeth.c 2020-05-18 12:45:42.662249966 +0200 +@@ -271,3 +271,8 @@ const EVP_PKEY_METHOD dsa_pkey_meth = { + pkey_dsa_ctrl, + pkey_dsa_ctrl_str + }; ++ ++const EVP_PKEY_METHOD *dsa_pkey_method(void) ++{ ++ return &dsa_pkey_meth; ++} +diff -up openssl-1.1.1g/crypto/ec/build.info.s390x-ecc openssl-1.1.1g/crypto/ec/build.info +--- openssl-1.1.1g/crypto/ec/build.info.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/ec/build.info 2020-05-18 12:45:42.662249966 +0200 +@@ -26,6 +26,9 @@ GENERATE[ecp_nistz256-armv8.S]=asm/ecp_n + INCLUDE[ecp_nistz256-armv8.o]=.. + GENERATE[ecp_nistz256-ppc64.s]=asm/ecp_nistz256-ppc64.pl $(PERLASM_SCHEME) + ++INCLUDE[ecp_s390x_nistp.o]=.. ++INCLUDE[ecx_meth.o]=.. ++ + GENERATE[x25519-x86_64.s]=asm/x25519-x86_64.pl $(PERLASM_SCHEME) + GENERATE[x25519-ppc64.s]=asm/x25519-ppc64.pl $(PERLASM_SCHEME) + +diff -up openssl-1.1.1g/crypto/ec/ec_curve.c.s390x-ecc openssl-1.1.1g/crypto/ec/ec_curve.c +--- openssl-1.1.1g/crypto/ec/ec_curve.c.s390x-ecc 2020-05-18 12:45:40.753233375 +0200 ++++ openssl-1.1.1g/crypto/ec/ec_curve.c 2020-05-18 12:45:42.663249975 +0200 +@@ -255,20 +255,29 @@ static const ec_list_element curve_list[ + {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, + "SECG curve over a 256 bit prime field"}, + /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ +- {NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, ++ {NID_secp384r1, &_EC_NIST_PRIME_384.h, ++# if defined(S390X_EC_ASM) ++ EC_GFp_s390x_nistp384_method, ++# else ++ 0, ++# endif + "NIST/SECG curve over a 384 bit prime field"}, +-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +- {NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method, +- "NIST/SECG curve over a 521 bit prime field"}, +-#else +- {NID_secp521r1, &_EC_NIST_PRIME_521.h, 0, ++ {NID_secp521r1, &_EC_NIST_PRIME_521.h, ++# if defined(S390X_EC_ASM) ++ EC_GFp_s390x_nistp521_method, ++# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) ++ EC_GFp_nistp521_method, ++# else ++ 0, ++# endif + "NIST/SECG curve over a 521 bit prime field"}, +-#endif + /* X9.62 curves */ + {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, + #if defined(ECP_NISTZ256_ASM) + EC_GFp_nistz256_method, +-#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) ++# elif defined(S390X_EC_ASM) ++ EC_GFp_s390x_nistp256_method, ++# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) + EC_GFp_nistp256_method, + #else + 0, +diff -up openssl-1.1.1g/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecdsa_ossl.c +--- openssl-1.1.1g/crypto/ec/ecdsa_ossl.c.s390x-ecc 2020-05-18 12:45:40.784233644 +0200 ++++ openssl-1.1.1g/crypto/ec/ecdsa_ossl.c 2020-05-18 12:45:42.664249983 +0200 +@@ -18,6 +18,41 @@ + # include + #endif + ++int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, ++ BIGNUM **rp) ++{ ++ if (eckey->group->meth->ecdsa_sign_setup == NULL) { ++ ECerr(EC_F_OSSL_ECDSA_SIGN_SETUP, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA); ++ return 0; ++ } ++ ++ return eckey->group->meth->ecdsa_sign_setup(eckey, ctx_in, kinvp, rp); ++} ++ ++ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, ++ const BIGNUM *in_kinv, const BIGNUM *in_r, ++ EC_KEY *eckey) ++{ ++ if (eckey->group->meth->ecdsa_sign_sig == NULL) { ++ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA); ++ return NULL; ++ } ++ ++ return eckey->group->meth->ecdsa_sign_sig(dgst, dgst_len, ++ in_kinv, in_r, eckey); ++} ++ ++int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, ++ const ECDSA_SIG *sig, EC_KEY *eckey) ++{ ++ if (eckey->group->meth->ecdsa_verify_sig == NULL) { ++ ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA); ++ return 0; ++ } ++ ++ return eckey->group->meth->ecdsa_verify_sig(dgst, dgst_len, sig, eckey); ++} ++ + int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, + unsigned char *sig, unsigned int *siglen, + const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) +@@ -149,15 +184,15 @@ static int ecdsa_sign_setup(EC_KEY *ecke + return ret; + } + +-int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, +- BIGNUM **rp) ++int ecdsa_simple_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, ++ BIGNUM **rp) + { + return ecdsa_sign_setup(eckey, ctx_in, kinvp, rp, NULL, 0); + } + +-ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, +- const BIGNUM *in_kinv, const BIGNUM *in_r, +- EC_KEY *eckey) ++ECDSA_SIG *ecdsa_simple_sign_sig(const unsigned char *dgst, int dgst_len, ++ const BIGNUM *in_kinv, const BIGNUM *in_r, ++ EC_KEY *eckey) + { + int ok = 0, i; + BIGNUM *kinv = NULL, *s, *m = NULL; +@@ -218,25 +253,25 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns + if (8 * dgst_len > i) + dgst_len = (i + 7) / 8; + if (!BN_bin2bn(dgst, dgst_len, m)) { +- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_BN_LIB); + goto err; + } + /* If still too long, truncate remaining bits with a shift */ + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { +- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_BN_LIB); + goto err; + } + do { + if (in_kinv == NULL || in_r == NULL) { + if (!ecdsa_sign_setup(eckey, ctx, &kinv, &ret->r, dgst, dgst_len)) { +- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_ECDSA_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_ECDSA_LIB); + goto err; + } + ckinv = kinv; + } else { + ckinv = in_kinv; + if (BN_copy(ret->r, in_r) == NULL) { +- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE); ++ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_MALLOC_FAILURE); + goto err; + } + } +@@ -250,11 +285,11 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns + */ + if (!bn_to_mont_fixed_top(s, ret->r, group->mont_data, ctx) + || !bn_mul_mont_fixed_top(s, s, priv_key, group->mont_data, ctx)) { +- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_BN_LIB); + goto err; + } + if (!bn_mod_add_fixed_top(s, s, m, order)) { +- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_BN_LIB); + goto err; + } + /* +@@ -263,7 +298,7 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns + */ + if (!bn_to_mont_fixed_top(s, s, group->mont_data, ctx) + || !BN_mod_mul_montgomery(s, s, ckinv, group->mont_data, ctx)) { +- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_BN_LIB); + goto err; + } + +@@ -273,7 +308,7 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns + * generate new kinv and r values + */ + if (in_kinv != NULL && in_r != NULL) { +- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, EC_R_NEED_NEW_SETUP_VALUES); ++ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, EC_R_NEED_NEW_SETUP_VALUES); + goto err; + } + } else { +@@ -325,8 +360,8 @@ int ossl_ecdsa_verify(int type, const un + return ret; + } + +-int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, +- const ECDSA_SIG *sig, EC_KEY *eckey) ++int ecdsa_simple_verify_sig(const unsigned char *dgst, int dgst_len, ++ const ECDSA_SIG *sig, EC_KEY *eckey) + { + int ret = -1, i; + BN_CTX *ctx; +@@ -346,18 +381,18 @@ int ossl_ecdsa_verify_sig(const unsigned + /* check input values */ + if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || + (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, EC_R_MISSING_PARAMETERS); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, EC_R_MISSING_PARAMETERS); + return -1; + } + + if (!EC_KEY_can_sign(eckey)) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); + return -1; + } + + ctx = BN_CTX_new(); + if (ctx == NULL) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_MALLOC_FAILURE); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_MALLOC_FAILURE); + return -1; + } + BN_CTX_start(ctx); +@@ -366,26 +401,26 @@ int ossl_ecdsa_verify_sig(const unsigned + m = BN_CTX_get(ctx); + X = BN_CTX_get(ctx); + if (X == NULL) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); + goto err; + } + + order = EC_GROUP_get0_order(group); + if (order == NULL) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_EC_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_EC_LIB); + goto err; + } + + if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || + BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) || + BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, EC_R_BAD_SIGNATURE); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, EC_R_BAD_SIGNATURE); + ret = 0; /* signature is invalid */ + goto err; + } + /* calculate tmp1 = inv(S) mod order */ + if (!ec_group_do_inverse_ord(group, u2, sig->s, ctx)) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); + goto err; + } + /* digest -> m */ +@@ -396,41 +431,41 @@ int ossl_ecdsa_verify_sig(const unsigned + if (8 * dgst_len > i) + dgst_len = (i + 7) / 8; + if (!BN_bin2bn(dgst, dgst_len, m)) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); + goto err; + } + /* If still too long truncate remaining bits with a shift */ + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); + goto err; + } + /* u1 = m * tmp mod order */ + if (!BN_mod_mul(u1, m, u2, order, ctx)) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); + goto err; + } + /* u2 = r * w mod q */ + if (!BN_mod_mul(u2, sig->r, u2, order, ctx)) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); + goto err; + } + + if ((point = EC_POINT_new(group)) == NULL) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_MALLOC_FAILURE); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_MALLOC_FAILURE); + goto err; + } + if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_EC_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_EC_LIB); + goto err; + } + + if (!EC_POINT_get_affine_coordinates(group, point, X, NULL, ctx)) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_EC_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_EC_LIB); + goto err; + } + + if (!BN_nnmod(u1, X, order, ctx)) { +- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); ++ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); + goto err; + } + /* if the signature is correct u1 is equal to sig->r */ +diff -up openssl-1.1.1g/crypto/ec/ec_err.c.s390x-ecc openssl-1.1.1g/crypto/ec/ec_err.c +--- openssl-1.1.1g/crypto/ec/ec_err.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/ec/ec_err.c 2020-05-18 12:45:42.664249983 +0200 +@@ -31,6 +31,11 @@ static const ERR_STRING_DATA EC_str_func + {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIGN_SETUP, 0), "ECDSA_sign_setup"}, + {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIG_NEW, 0), "ECDSA_SIG_new"}, + {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_VERIFY, 0), "ECDSA_verify"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_SIGN_SETUP, 0), "ecdsa_simple_sign_setup"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_SIGN_SIG, 0), "ecdsa_simple_sign_sig"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_VERIFY_SIG, 0), "ecdsa_simple_verify_sig"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_S390X_NISTP_SIGN_SIG, 0), "ecdsa_s390x_nistp_sign_sig"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, 0), "ecdsa_s390x_nistp_verify_sig"}, + {ERR_PACK(ERR_LIB_EC, EC_F_ECD_ITEM_VERIFY, 0), "ecd_item_verify"}, + {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PARAM2TYPE, 0), "eckey_param2type"}, + {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PARAM_DECODE, 0), "eckey_param_decode"}, +@@ -266,6 +271,7 @@ static const ERR_STRING_DATA EC_str_func + {ERR_PACK(ERR_LIB_EC, EC_F_OLD_EC_PRIV_DECODE, 0), "old_ec_priv_decode"}, + {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDH_COMPUTE_KEY, 0), + "ossl_ecdh_compute_key"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_SIGN_SETUP, 0), "ossl_ecdsa_sign_setup"}, + {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_SIGN_SIG, 0), "ossl_ecdsa_sign_sig"}, + {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_VERIFY_SIG, 0), + "ossl_ecdsa_verify_sig"}, +@@ -284,6 +290,12 @@ static const ERR_STRING_DATA EC_str_func + {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_KEYGEN, 0), "pkey_ec_keygen"}, + {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_PARAMGEN, 0), "pkey_ec_paramgen"}, + {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_SIGN, 0), "pkey_ec_sign"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_DIGESTSIGN25519, 0), "s390x_pkey_ecd_digestsign25519"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_DIGESTSIGN448, 0), "s390x_pkey_ecd_digestsign448"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_KEYGEN25519, 0), "s390x_pkey_ecd_keygen25519"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_KEYGEN448, 0), "s390x_pkey_ecd_keygen448"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECX_KEYGEN25519, 0), "s390x_pkey_ecx_keygen25519"}, ++ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECX_KEYGEN448, 0), "s390x_pkey_ecx_keygen448"}, + {ERR_PACK(ERR_LIB_EC, EC_F_VALIDATE_ECX_DERIVE, 0), "validate_ecx_derive"}, + {0, NULL} + }; +@@ -298,6 +310,8 @@ static const ERR_STRING_DATA EC_str_reas + "coordinates out of range"}, + {ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH), + "curve does not support ecdh"}, ++ {ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA), ++ "curve does not support ecdsa"}, + {ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING), + "curve does not support signing"}, + {ERR_PACK(ERR_LIB_EC, 0, EC_R_D2I_ECPKPARAMETERS_FAILURE), +diff -up openssl-1.1.1g/crypto/ec/ec_local.h.s390x-ecc openssl-1.1.1g/crypto/ec/ec_local.h +--- openssl-1.1.1g/crypto/ec/ec_local.h.s390x-ecc 2020-05-18 12:45:40.554231646 +0200 ++++ openssl-1.1.1g/crypto/ec/ec_local.h 2020-05-18 12:45:44.564266496 +0200 +@@ -179,6 +179,14 @@ struct ec_method_st { + /* custom ECDH operation */ + int (*ecdh_compute_key)(unsigned char **pout, size_t *poutlen, + const EC_POINT *pub_key, const EC_KEY *ecdh); ++ /* custom ECDSA */ ++ int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinvp, ++ BIGNUM **rp); ++ ECDSA_SIG *(*ecdsa_sign_sig)(const unsigned char *dgst, int dgstlen, ++ const BIGNUM *kinv, const BIGNUM *r, ++ EC_KEY *eckey); ++ int (*ecdsa_verify_sig)(const unsigned char *dgst, int dgstlen, ++ const ECDSA_SIG *sig, EC_KEY *eckey); + /* Inverse modulo order */ + int (*field_inverse_mod_ord)(const EC_GROUP *, BIGNUM *r, + const BIGNUM *x, BN_CTX *); +@@ -587,6 +595,11 @@ int ec_group_simple_order_bits(const EC_ + */ + const EC_METHOD *EC_GFp_nistz256_method(void); + #endif ++#ifdef S390X_EC_ASM ++const EC_METHOD *EC_GFp_s390x_nistp256_method(void); ++const EC_METHOD *EC_GFp_s390x_nistp384_method(void); ++const EC_METHOD *EC_GFp_s390x_nistp521_method(void); ++#endif + + size_t ec_key_simple_priv2oct(const EC_KEY *eckey, + unsigned char *buf, size_t len); +@@ -651,6 +664,13 @@ int ossl_ecdsa_verify(int type, const un + const unsigned char *sigbuf, int sig_len, EC_KEY *eckey); + int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, + const ECDSA_SIG *sig, EC_KEY *eckey); ++int ecdsa_simple_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, ++ BIGNUM **rp); ++ECDSA_SIG *ecdsa_simple_sign_sig(const unsigned char *dgst, int dgst_len, ++ const BIGNUM *in_kinv, const BIGNUM *in_r, ++ EC_KEY *eckey); ++int ecdsa_simple_verify_sig(const unsigned char *dgst, int dgst_len, ++ const ECDSA_SIG *sig, EC_KEY *eckey); + + int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, + const uint8_t public_key[32], const uint8_t private_key[32]); +diff -up openssl-1.1.1g/crypto/ec/ec_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/ec/ec_pmeth.c +--- openssl-1.1.1g/crypto/ec/ec_pmeth.c.s390x-ecc 2020-05-18 12:45:40.784233644 +0200 ++++ openssl-1.1.1g/crypto/ec/ec_pmeth.c 2020-05-18 12:45:44.565266505 +0200 +@@ -474,3 +474,8 @@ const EVP_PKEY_METHOD ec_pkey_meth = { + pkey_ec_ctrl, + pkey_ec_ctrl_str + }; ++ ++const EVP_PKEY_METHOD *ec_pkey_method(void) ++{ ++ return &ec_pkey_meth; ++} +diff -up openssl-1.1.1g/crypto/ec/ecp_mont.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_mont.c +--- openssl-1.1.1g/crypto/ec/ecp_mont.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/ec/ecp_mont.c 2020-05-18 12:45:44.567266523 +0200 +@@ -63,6 +63,9 @@ const EC_METHOD *EC_GFp_mont_method(void + 0, /* keycopy */ + 0, /* keyfinish */ + ecdh_simple_compute_key, ++ ecdsa_simple_sign_setup, ++ ecdsa_simple_sign_sig, ++ ecdsa_simple_verify_sig, + 0, /* field_inverse_mod_ord */ + ec_GFp_simple_blind_coordinates, + ec_GFp_simple_ladder_pre, +diff -up openssl-1.1.1g/crypto/ec/ecp_nist.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nist.c +--- openssl-1.1.1g/crypto/ec/ecp_nist.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/ec/ecp_nist.c 2020-05-18 12:45:44.567266523 +0200 +@@ -65,6 +65,9 @@ const EC_METHOD *EC_GFp_nist_method(void + 0, /* keycopy */ + 0, /* keyfinish */ + ecdh_simple_compute_key, ++ ecdsa_simple_sign_setup, ++ ecdsa_simple_sign_sig, ++ ecdsa_simple_verify_sig, + 0, /* field_inverse_mod_ord */ + ec_GFp_simple_blind_coordinates, + ec_GFp_simple_ladder_pre, +diff -up openssl-1.1.1g/crypto/ec/ecp_nistp224.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistp224.c +--- openssl-1.1.1g/crypto/ec/ecp_nistp224.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/ec/ecp_nistp224.c 2020-05-18 12:45:44.568266531 +0200 +@@ -292,6 +292,9 @@ const EC_METHOD *EC_GFp_nistp224_method( + 0, /* keycopy */ + 0, /* keyfinish */ + ecdh_simple_compute_key, ++ ecdsa_simple_sign_setup, ++ ecdsa_simple_sign_sig, ++ ecdsa_simple_verify_sig, + 0, /* field_inverse_mod_ord */ + 0, /* blind_coordinates */ + 0, /* ladder_pre */ +diff -up openssl-1.1.1g/crypto/ec/ecp_nistp256.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistp256.c +--- openssl-1.1.1g/crypto/ec/ecp_nistp256.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/ec/ecp_nistp256.c 2020-05-18 12:45:44.568266531 +0200 +@@ -1829,6 +1829,9 @@ const EC_METHOD *EC_GFp_nistp256_method( + 0, /* keycopy */ + 0, /* keyfinish */ + ecdh_simple_compute_key, ++ ecdsa_simple_sign_setup, ++ ecdsa_simple_sign_sig, ++ ecdsa_simple_verify_sig, + 0, /* field_inverse_mod_ord */ + 0, /* blind_coordinates */ + 0, /* ladder_pre */ +diff -up openssl-1.1.1g/crypto/ec/ecp_nistp521.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistp521.c +--- openssl-1.1.1g/crypto/ec/ecp_nistp521.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/ec/ecp_nistp521.c 2020-05-18 12:45:44.569266540 +0200 +@@ -1669,6 +1669,9 @@ const EC_METHOD *EC_GFp_nistp521_method( + 0, /* keycopy */ + 0, /* keyfinish */ + ecdh_simple_compute_key, ++ ecdsa_simple_sign_setup, ++ ecdsa_simple_sign_sig, ++ ecdsa_simple_verify_sig, + 0, /* field_inverse_mod_ord */ + 0, /* blind_coordinates */ + 0, /* ladder_pre */ +diff -up openssl-1.1.1g/crypto/ec/ecp_nistz256.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistz256.c +--- openssl-1.1.1g/crypto/ec/ecp_nistz256.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/ec/ecp_nistz256.c 2020-05-18 12:45:44.570266549 +0200 +@@ -1720,6 +1720,9 @@ const EC_METHOD *EC_GFp_nistz256_method( + 0, /* keycopy */ + 0, /* keyfinish */ + ecdh_simple_compute_key, ++ ecdsa_simple_sign_setup, ++ ecdsa_simple_sign_sig, ++ ecdsa_simple_verify_sig, + ecp_nistz256_inv_mod_ord, /* can be #define-d NULL */ + 0, /* blind_coordinates */ + 0, /* ladder_pre */ +diff -up openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c +--- openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c.s390x-ecc 2020-05-18 12:45:44.571266557 +0200 ++++ openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c 2020-05-18 12:45:44.571266557 +0200 +@@ -0,0 +1,394 @@ ++/* ++ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include ++#include "ec_local.h" ++#include "s390x_arch.h" ++ ++/* Size of parameter blocks */ ++#define S390X_SIZE_PARAM 4096 ++ ++/* Size of fields in parameter blocks */ ++#define S390X_SIZE_P256 32 ++#define S390X_SIZE_P384 48 ++#define S390X_SIZE_P521 80 ++ ++/* Offsets of fields in PCC parameter blocks */ ++#define S390X_OFF_RES_X(n) (0 * n) ++#define S390X_OFF_RES_Y(n) (1 * n) ++#define S390X_OFF_SRC_X(n) (2 * n) ++#define S390X_OFF_SRC_Y(n) (3 * n) ++#define S390X_OFF_SCALAR(n) (4 * n) ++ ++/* Offsets of fields in KDSA parameter blocks */ ++#define S390X_OFF_R(n) (0 * n) ++#define S390X_OFF_S(n) (1 * n) ++#define S390X_OFF_H(n) (2 * n) ++#define S390X_OFF_K(n) (3 * n) ++#define S390X_OFF_X(n) (3 * n) ++#define S390X_OFF_RN(n) (4 * n) ++#define S390X_OFF_Y(n) (4 * n) ++ ++static int ec_GFp_s390x_nistp_mul(const EC_GROUP *group, EC_POINT *r, ++ const BIGNUM *scalar, ++ size_t num, const EC_POINT *points[], ++ const BIGNUM *scalars[], ++ BN_CTX *ctx, unsigned int fc, int len) ++{ ++ unsigned char param[S390X_SIZE_PARAM]; ++ BIGNUM *x, *y; ++ const EC_POINT *point_ptr = NULL; ++ const BIGNUM *scalar_ptr = NULL; ++ BN_CTX *new_ctx = NULL; ++ int rc = -1; ++ ++ if (ctx == NULL) { ++ ctx = new_ctx = BN_CTX_new(); ++ if (ctx == NULL) ++ return 0; ++ } ++ ++ BN_CTX_start(ctx); ++ ++ x = BN_CTX_get(ctx); ++ y = BN_CTX_get(ctx); ++ if (x == NULL || y == NULL) { ++ rc = 0; ++ goto ret; ++ } ++ ++ /* ++ * Use PCC for EC keygen and ECDH key derivation: ++ * scalar * generator and scalar * peer public key, ++ * scalar in [0,order). ++ */ ++ if ((scalar != NULL && num == 0 && BN_is_negative(scalar) == 0) ++ || (scalar == NULL && num == 1 && BN_is_negative(scalars[0]) == 0)) { ++ ++ if (num == 0) { ++ point_ptr = EC_GROUP_get0_generator(group); ++ scalar_ptr = scalar; ++ } else { ++ point_ptr = points[0]; ++ scalar_ptr = scalars[0]; ++ } ++ ++ if (EC_POINT_is_at_infinity(group, point_ptr) == 1 ++ || BN_is_zero(scalar_ptr)) { ++ rc = EC_POINT_set_to_infinity(group, r); ++ goto ret; ++ } ++ ++ memset(¶m, 0, sizeof(param)); ++ ++ if (group->meth->point_get_affine_coordinates(group, point_ptr, ++ x, y, ctx) != 1 ++ || BN_bn2binpad(x, param + S390X_OFF_SRC_X(len), len) == -1 ++ || BN_bn2binpad(y, param + S390X_OFF_SRC_Y(len), len) == -1 ++ || BN_bn2binpad(scalar_ptr, ++ param + S390X_OFF_SCALAR(len), len) == -1 ++ || s390x_pcc(fc, param) != 0 ++ || BN_bin2bn(param + S390X_OFF_RES_X(len), len, x) == NULL ++ || BN_bin2bn(param + S390X_OFF_RES_Y(len), len, y) == NULL ++ || group->meth->point_set_affine_coordinates(group, r, ++ x, y, ctx) != 1) ++ goto ret; ++ ++ rc = 1; ++ } ++ ++ret: ++ /* Otherwise use default. */ ++ if (rc == -1) ++ rc = ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx); ++ OPENSSL_cleanse(param + S390X_OFF_SCALAR(len), len); ++ BN_CTX_end(ctx); ++ BN_CTX_free(new_ctx); ++ return rc; ++} ++ ++static ECDSA_SIG *ecdsa_s390x_nistp_sign_sig(const unsigned char *dgst, ++ int dgstlen, ++ const BIGNUM *kinv, ++ const BIGNUM *r, ++ EC_KEY *eckey, ++ unsigned int fc, int len) ++{ ++ unsigned char param[S390X_SIZE_PARAM]; ++ int ok = 0; ++ BIGNUM *k; ++ ECDSA_SIG *sig; ++ const EC_GROUP *group; ++ const BIGNUM *privkey; ++ int off; ++ ++ group = EC_KEY_get0_group(eckey); ++ privkey = EC_KEY_get0_private_key(eckey); ++ if (group == NULL || privkey == NULL) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, EC_R_MISSING_PARAMETERS); ++ return NULL; ++ } ++ ++ if (!EC_KEY_can_sign(eckey)) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ++ EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); ++ return NULL; ++ } ++ ++ k = BN_secure_new(); ++ sig = ECDSA_SIG_new(); ++ if (k == NULL || sig == NULL) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_MALLOC_FAILURE); ++ goto ret; ++ } ++ ++ sig->r = BN_new(); ++ sig->s = BN_new(); ++ if (sig->r == NULL || sig->s == NULL) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_MALLOC_FAILURE); ++ goto ret; ++ } ++ ++ memset(param, 0, sizeof(param)); ++ off = len - (dgstlen > len ? len : dgstlen); ++ memcpy(param + S390X_OFF_H(len) + off, dgst, len - off); ++ ++ if (BN_bn2binpad(privkey, param + S390X_OFF_K(len), len) == -1) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_BN_LIB); ++ goto ret; ++ } ++ ++ if (r == NULL || kinv == NULL) { ++ /* ++ * Generate random k and copy to param param block. RAND_priv_bytes ++ * is used instead of BN_priv_rand_range or BN_generate_dsa_nonce ++ * because kdsa instruction constructs an in-range, invertible nonce ++ * internally implementing counter-measures for RNG weakness. ++ */ ++ if (RAND_priv_bytes(param + S390X_OFF_RN(len), len) != 1) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ++ EC_R_RANDOM_NUMBER_GENERATION_FAILED); ++ goto ret; ++ } ++ } else { ++ /* Reconstruct k = (k^-1)^-1. */ ++ if (ec_group_do_inverse_ord(group, k, kinv, NULL) == 0 ++ || BN_bn2binpad(k, param + S390X_OFF_RN(len), len) == -1) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_BN_LIB); ++ goto ret; ++ } ++ /* Turns KDSA internal nonce-generation off. */ ++ fc |= S390X_KDSA_D; ++ } ++ ++ if (s390x_kdsa(fc, param, NULL, 0) != 0) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_ECDSA_LIB); ++ goto ret; ++ } ++ ++ if (BN_bin2bn(param + S390X_OFF_R(len), len, sig->r) == NULL ++ || BN_bin2bn(param + S390X_OFF_S(len), len, sig->s) == NULL) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_BN_LIB); ++ goto ret; ++ } ++ ++ ok = 1; ++ret: ++ OPENSSL_cleanse(param + S390X_OFF_K(len), 2 * len); ++ if (ok != 1) { ++ ECDSA_SIG_free(sig); ++ sig = NULL; ++ } ++ BN_clear_free(k); ++ return sig; ++} ++ ++static int ecdsa_s390x_nistp_verify_sig(const unsigned char *dgst, int dgstlen, ++ const ECDSA_SIG *sig, EC_KEY *eckey, ++ unsigned int fc, int len) ++{ ++ unsigned char param[S390X_SIZE_PARAM]; ++ int rc = -1; ++ BN_CTX *ctx; ++ BIGNUM *x, *y; ++ const EC_GROUP *group; ++ const EC_POINT *pubkey; ++ int off; ++ ++ group = EC_KEY_get0_group(eckey); ++ pubkey = EC_KEY_get0_public_key(eckey); ++ if (eckey == NULL || group == NULL || pubkey == NULL || sig == NULL) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, EC_R_MISSING_PARAMETERS); ++ return -1; ++ } ++ ++ if (!EC_KEY_can_sign(eckey)) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, ++ EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); ++ return -1; ++ } ++ ++ ctx = BN_CTX_new(); ++ if (ctx == NULL) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, ERR_R_MALLOC_FAILURE); ++ return -1; ++ } ++ ++ BN_CTX_start(ctx); ++ ++ x = BN_CTX_get(ctx); ++ y = BN_CTX_get(ctx); ++ if (x == NULL || y == NULL) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, ERR_R_MALLOC_FAILURE); ++ goto ret; ++ } ++ ++ memset(param, 0, sizeof(param)); ++ off = len - (dgstlen > len ? len : dgstlen); ++ memcpy(param + S390X_OFF_H(len) + off, dgst, len - off); ++ ++ if (group->meth->point_get_affine_coordinates(group, pubkey, ++ x, y, ctx) != 1 ++ || BN_bn2binpad(sig->r, param + S390X_OFF_R(len), len) == -1 ++ || BN_bn2binpad(sig->s, param + S390X_OFF_S(len), len) == -1 ++ || BN_bn2binpad(x, param + S390X_OFF_X(len), len) == -1 ++ || BN_bn2binpad(y, param + S390X_OFF_Y(len), len) == -1) { ++ ECerr(EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, ERR_R_BN_LIB); ++ goto ret; ++ } ++ ++ rc = s390x_kdsa(fc, param, NULL, 0) == 0 ? 1 : 0; ++ret: ++ BN_CTX_end(ctx); ++ BN_CTX_free(ctx); ++ return rc; ++} ++ ++#define EC_GFP_S390X_NISTP_METHOD(bits) \ ++ \ ++static int ec_GFp_s390x_nistp##bits##_mul(const EC_GROUP *group, \ ++ EC_POINT *r, \ ++ const BIGNUM *scalar, \ ++ size_t num, \ ++ const EC_POINT *points[], \ ++ const BIGNUM *scalars[], \ ++ BN_CTX *ctx) \ ++{ \ ++ return ec_GFp_s390x_nistp_mul(group, r, scalar, num, points, \ ++ scalars, ctx, \ ++ S390X_SCALAR_MULTIPLY_P##bits, \ ++ S390X_SIZE_P##bits); \ ++} \ ++ \ ++static ECDSA_SIG *ecdsa_s390x_nistp##bits##_sign_sig(const unsigned \ ++ char *dgst, \ ++ int dgstlen, \ ++ const BIGNUM *kinv,\ ++ const BIGNUM *r, \ ++ EC_KEY *eckey) \ ++{ \ ++ return ecdsa_s390x_nistp_sign_sig(dgst, dgstlen, kinv, r, eckey, \ ++ S390X_ECDSA_SIGN_P##bits, \ ++ S390X_SIZE_P##bits); \ ++} \ ++ \ ++static int ecdsa_s390x_nistp##bits##_verify_sig(const \ ++ unsigned char *dgst, \ ++ int dgstlen, \ ++ const ECDSA_SIG *sig, \ ++ EC_KEY *eckey) \ ++{ \ ++ return ecdsa_s390x_nistp_verify_sig(dgst, dgstlen, sig, eckey, \ ++ S390X_ECDSA_VERIFY_P##bits, \ ++ S390X_SIZE_P##bits); \ ++} \ ++ \ ++const EC_METHOD *EC_GFp_s390x_nistp##bits##_method(void) \ ++{ \ ++ static const EC_METHOD EC_GFp_s390x_nistp##bits##_meth = { \ ++ EC_FLAGS_DEFAULT_OCT, \ ++ NID_X9_62_prime_field, \ ++ ec_GFp_simple_group_init, \ ++ ec_GFp_simple_group_finish, \ ++ ec_GFp_simple_group_clear_finish, \ ++ ec_GFp_simple_group_copy, \ ++ ec_GFp_simple_group_set_curve, \ ++ ec_GFp_simple_group_get_curve, \ ++ ec_GFp_simple_group_get_degree, \ ++ ec_group_simple_order_bits, \ ++ ec_GFp_simple_group_check_discriminant, \ ++ ec_GFp_simple_point_init, \ ++ ec_GFp_simple_point_finish, \ ++ ec_GFp_simple_point_clear_finish, \ ++ ec_GFp_simple_point_copy, \ ++ ec_GFp_simple_point_set_to_infinity, \ ++ ec_GFp_simple_set_Jprojective_coordinates_GFp, \ ++ ec_GFp_simple_get_Jprojective_coordinates_GFp, \ ++ ec_GFp_simple_point_set_affine_coordinates, \ ++ ec_GFp_simple_point_get_affine_coordinates, \ ++ NULL, /* point_set_compressed_coordinates */ \ ++ NULL, /* point2oct */ \ ++ NULL, /* oct2point */ \ ++ ec_GFp_simple_add, \ ++ ec_GFp_simple_dbl, \ ++ ec_GFp_simple_invert, \ ++ ec_GFp_simple_is_at_infinity, \ ++ ec_GFp_simple_is_on_curve, \ ++ ec_GFp_simple_cmp, \ ++ ec_GFp_simple_make_affine, \ ++ ec_GFp_simple_points_make_affine, \ ++ ec_GFp_s390x_nistp##bits##_mul, \ ++ NULL, /* precompute_mult */ \ ++ NULL, /* have_precompute_mult */ \ ++ ec_GFp_simple_field_mul, \ ++ ec_GFp_simple_field_sqr, \ ++ NULL, /* field_div */ \ ++ ec_GFp_simple_field_inv, \ ++ NULL, /* field_encode */ \ ++ NULL, /* field_decode */ \ ++ NULL, /* field_set_to_one */ \ ++ ec_key_simple_priv2oct, \ ++ ec_key_simple_oct2priv, \ ++ NULL, /* set_private */ \ ++ ec_key_simple_generate_key, \ ++ ec_key_simple_check_key, \ ++ ec_key_simple_generate_public_key, \ ++ NULL, /* keycopy */ \ ++ NULL, /* keyfinish */ \ ++ ecdh_simple_compute_key, \ ++ ecdsa_simple_sign_setup, \ ++ ecdsa_s390x_nistp##bits##_sign_sig, \ ++ ecdsa_s390x_nistp##bits##_verify_sig, \ ++ NULL, /* field_inverse_mod_ord */ \ ++ ec_GFp_simple_blind_coordinates, \ ++ ec_GFp_simple_ladder_pre, \ ++ ec_GFp_simple_ladder_step, \ ++ ec_GFp_simple_ladder_post \ ++ }; \ ++ static const EC_METHOD *ret; \ ++ \ ++ if ((OPENSSL_s390xcap_P.pcc[1] \ ++ & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_P##bits)) \ ++ && (OPENSSL_s390xcap_P.kdsa[0] \ ++ & S390X_CAPBIT(S390X_ECDSA_VERIFY_P##bits)) \ ++ && (OPENSSL_s390xcap_P.kdsa[0] \ ++ & S390X_CAPBIT(S390X_ECDSA_SIGN_P##bits))) \ ++ ret = &EC_GFp_s390x_nistp##bits##_meth; \ ++ else \ ++ ret = EC_GFp_mont_method(); \ ++ \ ++ return ret; \ ++} ++ ++EC_GFP_S390X_NISTP_METHOD(256) ++EC_GFP_S390X_NISTP_METHOD(384) ++EC_GFP_S390X_NISTP_METHOD(521) +diff -up openssl-1.1.1g/crypto/ec/ecp_smpl.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_smpl.c +--- openssl-1.1.1g/crypto/ec/ecp_smpl.c.s390x-ecc 2020-05-18 12:45:40.769233514 +0200 ++++ openssl-1.1.1g/crypto/ec/ecp_smpl.c 2020-05-18 12:45:44.572266566 +0200 +@@ -64,6 +64,9 @@ const EC_METHOD *EC_GFp_simple_method(vo + 0, /* keycopy */ + 0, /* keyfinish */ + ecdh_simple_compute_key, ++ ecdsa_simple_sign_setup, ++ ecdsa_simple_sign_sig, ++ ecdsa_simple_verify_sig, + 0, /* field_inverse_mod_ord */ + ec_GFp_simple_blind_coordinates, + ec_GFp_simple_ladder_pre, +diff -up openssl-1.1.1g/crypto/ec/ecx_meth.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecx_meth.c +--- openssl-1.1.1g/crypto/ec/ecx_meth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/ec/ecx_meth.c 2020-05-18 12:45:44.573266575 +0200 +@@ -20,6 +20,7 @@ + #define X25519_BITS 253 + #define X25519_SECURITY_BITS 128 + ++#define ED25519_KEYLEN 32 + #define ED25519_SIGSIZE 64 + + #define X448_BITS 448 +@@ -839,3 +840,666 @@ const EVP_PKEY_METHOD ed448_pkey_meth = + pkey_ecd_digestsign448, + pkey_ecd_digestverify448 + }; ++ ++#ifdef S390X_EC_ASM ++# include "s390x_arch.h" ++# include "internal/constant_time.h" ++ ++static void s390x_x25519_mod_p(unsigned char u[32]) ++{ ++ unsigned char u_red[32]; ++ unsigned int c = 0; ++ int i; ++ ++ memcpy(u_red, u, sizeof(u_red)); ++ ++ c += (unsigned int)u_red[31] + 19; ++ u_red[31] = (unsigned char)c; ++ c >>= 8; ++ ++ for (i = 30; i >= 0; i--) { ++ c += (unsigned int)u_red[i]; ++ u_red[i] = (unsigned char)c; ++ c >>= 8; ++ } ++ ++ c = (u_red[0] & 0x80) >> 7; ++ u_red[0] &= 0x7f; ++ constant_time_cond_swap_buff(0 - (unsigned char)c, ++ u, u_red, sizeof(u_red)); ++} ++ ++static void s390x_x448_mod_p(unsigned char u[56]) ++{ ++ unsigned char u_red[56]; ++ unsigned int c = 0; ++ int i; ++ ++ memcpy(u_red, u, sizeof(u_red)); ++ ++ c += (unsigned int)u_red[55] + 1; ++ u_red[55] = (unsigned char)c; ++ c >>= 8; ++ ++ for (i = 54; i >= 28; i--) { ++ c += (unsigned int)u_red[i]; ++ u_red[i] = (unsigned char)c; ++ c >>= 8; ++ } ++ ++ c += (unsigned int)u_red[27] + 1; ++ u_red[27] = (unsigned char)c; ++ c >>= 8; ++ ++ for (i = 26; i >= 0; i--) { ++ c += (unsigned int)u_red[i]; ++ u_red[i] = (unsigned char)c; ++ c >>= 8; ++ } ++ ++ constant_time_cond_swap_buff(0 - (unsigned char)c, ++ u, u_red, sizeof(u_red)); ++} ++ ++static int s390x_x25519_mul(unsigned char u_dst[32], ++ const unsigned char u_src[32], ++ const unsigned char d_src[32]) ++{ ++ union { ++ struct { ++ unsigned char u_dst[32]; ++ unsigned char u_src[32]; ++ unsigned char d_src[32]; ++ } x25519; ++ unsigned long long buff[512]; ++ } param; ++ int rc; ++ ++ memset(¶m, 0, sizeof(param)); ++ ++ s390x_flip_endian32(param.x25519.u_src, u_src); ++ param.x25519.u_src[0] &= 0x7f; ++ s390x_x25519_mod_p(param.x25519.u_src); ++ ++ s390x_flip_endian32(param.x25519.d_src, d_src); ++ param.x25519.d_src[31] &= 248; ++ param.x25519.d_src[0] &= 127; ++ param.x25519.d_src[0] |= 64; ++ ++ rc = s390x_pcc(S390X_SCALAR_MULTIPLY_X25519, ¶m.x25519) ? 0 : 1; ++ if (rc == 1) ++ s390x_flip_endian32(u_dst, param.x25519.u_dst); ++ ++ OPENSSL_cleanse(param.x25519.d_src, sizeof(param.x25519.d_src)); ++ return rc; ++} ++ ++static int s390x_x448_mul(unsigned char u_dst[56], ++ const unsigned char u_src[56], ++ const unsigned char d_src[56]) ++{ ++ union { ++ struct { ++ unsigned char u_dst[64]; ++ unsigned char u_src[64]; ++ unsigned char d_src[64]; ++ } x448; ++ unsigned long long buff[512]; ++ } param; ++ int rc; ++ ++ memset(¶m, 0, sizeof(param)); ++ ++ memcpy(param.x448.u_src, u_src, 56); ++ memcpy(param.x448.d_src, d_src, 56); ++ ++ s390x_flip_endian64(param.x448.u_src, param.x448.u_src); ++ s390x_x448_mod_p(param.x448.u_src + 8); ++ ++ s390x_flip_endian64(param.x448.d_src, param.x448.d_src); ++ param.x448.d_src[63] &= 252; ++ param.x448.d_src[8] |= 128; ++ ++ rc = s390x_pcc(S390X_SCALAR_MULTIPLY_X448, ¶m.x448) ? 0 : 1; ++ if (rc == 1) { ++ s390x_flip_endian64(param.x448.u_dst, param.x448.u_dst); ++ memcpy(u_dst, param.x448.u_dst, 56); ++ } ++ ++ OPENSSL_cleanse(param.x448.d_src, sizeof(param.x448.d_src)); ++ return rc; ++} ++ ++static int s390x_ed25519_mul(unsigned char x_dst[32], ++ unsigned char y_dst[32], ++ const unsigned char x_src[32], ++ const unsigned char y_src[32], ++ const unsigned char d_src[32]) ++{ ++ union { ++ struct { ++ unsigned char x_dst[32]; ++ unsigned char y_dst[32]; ++ unsigned char x_src[32]; ++ unsigned char y_src[32]; ++ unsigned char d_src[32]; ++ } ed25519; ++ unsigned long long buff[512]; ++ } param; ++ int rc; ++ ++ memset(¶m, 0, sizeof(param)); ++ ++ s390x_flip_endian32(param.ed25519.x_src, x_src); ++ s390x_flip_endian32(param.ed25519.y_src, y_src); ++ s390x_flip_endian32(param.ed25519.d_src, d_src); ++ ++ rc = s390x_pcc(S390X_SCALAR_MULTIPLY_ED25519, ¶m.ed25519) ? 0 : 1; ++ if (rc == 1) { ++ s390x_flip_endian32(x_dst, param.ed25519.x_dst); ++ s390x_flip_endian32(y_dst, param.ed25519.y_dst); ++ } ++ ++ OPENSSL_cleanse(param.ed25519.d_src, sizeof(param.ed25519.d_src)); ++ return rc; ++} ++ ++static int s390x_ed448_mul(unsigned char x_dst[57], ++ unsigned char y_dst[57], ++ const unsigned char x_src[57], ++ const unsigned char y_src[57], ++ const unsigned char d_src[57]) ++{ ++ union { ++ struct { ++ unsigned char x_dst[64]; ++ unsigned char y_dst[64]; ++ unsigned char x_src[64]; ++ unsigned char y_src[64]; ++ unsigned char d_src[64]; ++ } ed448; ++ unsigned long long buff[512]; ++ } param; ++ int rc; ++ ++ memset(¶m, 0, sizeof(param)); ++ ++ memcpy(param.ed448.x_src, x_src, 57); ++ memcpy(param.ed448.y_src, y_src, 57); ++ memcpy(param.ed448.d_src, d_src, 57); ++ s390x_flip_endian64(param.ed448.x_src, param.ed448.x_src); ++ s390x_flip_endian64(param.ed448.y_src, param.ed448.y_src); ++ s390x_flip_endian64(param.ed448.d_src, param.ed448.d_src); ++ ++ rc = s390x_pcc(S390X_SCALAR_MULTIPLY_ED448, ¶m.ed448) ? 0 : 1; ++ if (rc == 1) { ++ s390x_flip_endian64(param.ed448.x_dst, param.ed448.x_dst); ++ s390x_flip_endian64(param.ed448.y_dst, param.ed448.y_dst); ++ memcpy(x_dst, param.ed448.x_dst, 57); ++ memcpy(y_dst, param.ed448.y_dst, 57); ++ } ++ ++ OPENSSL_cleanse(param.ed448.d_src, sizeof(param.ed448.d_src)); ++ return rc; ++} ++ ++static int s390x_pkey_ecx_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) ++{ ++ static const unsigned char generator[] = { ++ 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ++ }; ++ ECX_KEY *key; ++ unsigned char *privkey = NULL, *pubkey; ++ ++ key = OPENSSL_zalloc(sizeof(*key)); ++ if (key == NULL) { ++ ECerr(EC_F_S390X_PKEY_ECX_KEYGEN25519, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ pubkey = key->pubkey; ++ ++ privkey = key->privkey = OPENSSL_secure_malloc(X25519_KEYLEN); ++ if (privkey == NULL) { ++ ECerr(EC_F_S390X_PKEY_ECX_KEYGEN25519, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (RAND_priv_bytes(privkey, X25519_KEYLEN) <= 0) ++ goto err; ++ ++ privkey[0] &= 248; ++ privkey[31] &= 127; ++ privkey[31] |= 64; ++ ++ if (s390x_x25519_mul(pubkey, generator, privkey) != 1) ++ goto err; ++ ++ EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); ++ return 1; ++ err: ++ OPENSSL_secure_clear_free(privkey, X25519_KEYLEN); ++ key->privkey = NULL; ++ OPENSSL_free(key); ++ return 0; ++} ++ ++static int s390x_pkey_ecx_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) ++{ ++ static const unsigned char generator[] = { ++ 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ++ }; ++ ECX_KEY *key; ++ unsigned char *privkey = NULL, *pubkey; ++ ++ key = OPENSSL_zalloc(sizeof(*key)); ++ if (key == NULL) { ++ ECerr(EC_F_S390X_PKEY_ECX_KEYGEN448, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ pubkey = key->pubkey; ++ ++ privkey = key->privkey = OPENSSL_secure_malloc(X448_KEYLEN); ++ if (privkey == NULL) { ++ ECerr(EC_F_S390X_PKEY_ECX_KEYGEN448, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (RAND_priv_bytes(privkey, X448_KEYLEN) <= 0) ++ goto err; ++ ++ privkey[0] &= 252; ++ privkey[55] |= 128; ++ ++ if (s390x_x448_mul(pubkey, generator, privkey) != 1) ++ goto err; ++ ++ EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); ++ return 1; ++ err: ++ OPENSSL_secure_clear_free(privkey, X448_KEYLEN); ++ key->privkey = NULL; ++ OPENSSL_free(key); ++ return 0; ++} ++ ++static int s390x_pkey_ecd_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) ++{ ++ static const unsigned char generator_x[] = { ++ 0x1a, 0xd5, 0x25, 0x8f, 0x60, 0x2d, 0x56, 0xc9, 0xb2, 0xa7, 0x25, 0x95, ++ 0x60, 0xc7, 0x2c, 0x69, 0x5c, 0xdc, 0xd6, 0xfd, 0x31, 0xe2, 0xa4, 0xc0, ++ 0xfe, 0x53, 0x6e, 0xcd, 0xd3, 0x36, 0x69, 0x21 ++ }; ++ static const unsigned char generator_y[] = { ++ 0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, ++ 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, ++ 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, ++ }; ++ unsigned char x_dst[32], buff[SHA512_DIGEST_LENGTH]; ++ ECX_KEY *key; ++ unsigned char *privkey = NULL, *pubkey; ++ ++ key = OPENSSL_zalloc(sizeof(*key)); ++ if (key == NULL) { ++ ECerr(EC_F_S390X_PKEY_ECD_KEYGEN25519, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ pubkey = key->pubkey; ++ ++ privkey = key->privkey = OPENSSL_secure_malloc(ED25519_KEYLEN); ++ if (privkey == NULL) { ++ ECerr(EC_F_S390X_PKEY_ECD_KEYGEN25519, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (RAND_priv_bytes(privkey, ED25519_KEYLEN) <= 0) ++ goto err; ++ ++ SHA512(privkey, 32, buff); ++ buff[0] &= 248; ++ buff[31] &= 63; ++ buff[31] |= 64; ++ ++ if (s390x_ed25519_mul(x_dst, pubkey, ++ generator_x, generator_y, buff) != 1) ++ goto err; ++ ++ pubkey[31] |= ((x_dst[0] & 0x01) << 7); ++ ++ EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); ++ return 1; ++ err: ++ OPENSSL_secure_clear_free(privkey, ED25519_KEYLEN); ++ key->privkey = NULL; ++ OPENSSL_free(key); ++ return 0; ++} ++ ++static int s390x_pkey_ecd_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) ++{ ++ static const unsigned char generator_x[] = { ++ 0x5e, 0xc0, 0x0c, 0xc7, 0x2b, 0xa8, 0x26, 0x26, 0x8e, 0x93, 0x00, 0x8b, ++ 0xe1, 0x80, 0x3b, 0x43, 0x11, 0x65, 0xb6, 0x2a, 0xf7, 0x1a, 0xae, 0x12, ++ 0x64, 0xa4, 0xd3, 0xa3, 0x24, 0xe3, 0x6d, 0xea, 0x67, 0x17, 0x0f, 0x47, ++ 0x70, 0x65, 0x14, 0x9e, 0xda, 0x36, 0xbf, 0x22, 0xa6, 0x15, 0x1d, 0x22, ++ 0xed, 0x0d, 0xed, 0x6b, 0xc6, 0x70, 0x19, 0x4f, 0x00 ++ }; ++ static const unsigned char generator_y[] = { ++ 0x14, 0xfa, 0x30, 0xf2, 0x5b, 0x79, 0x08, 0x98, 0xad, 0xc8, 0xd7, 0x4e, ++ 0x2c, 0x13, 0xbd, 0xfd, 0xc4, 0x39, 0x7c, 0xe6, 0x1c, 0xff, 0xd3, 0x3a, ++ 0xd7, 0xc2, 0xa0, 0x05, 0x1e, 0x9c, 0x78, 0x87, 0x40, 0x98, 0xa3, 0x6c, ++ 0x73, 0x73, 0xea, 0x4b, 0x62, 0xc7, 0xc9, 0x56, 0x37, 0x20, 0x76, 0x88, ++ 0x24, 0xbc, 0xb6, 0x6e, 0x71, 0x46, 0x3f, 0x69, 0x00 ++ }; ++ unsigned char x_dst[57], buff[114]; ++ ECX_KEY *key; ++ unsigned char *privkey = NULL, *pubkey; ++ EVP_MD_CTX *hashctx = NULL; ++ ++ key = OPENSSL_zalloc(sizeof(*key)); ++ if (key == NULL) { ++ ECerr(EC_F_S390X_PKEY_ECD_KEYGEN448, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ pubkey = key->pubkey; ++ ++ privkey = key->privkey = OPENSSL_secure_malloc(ED448_KEYLEN); ++ if (privkey == NULL) { ++ ECerr(EC_F_S390X_PKEY_ECD_KEYGEN448, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (RAND_priv_bytes(privkey, ED448_KEYLEN) <= 0) ++ goto err; ++ ++ hashctx = EVP_MD_CTX_new(); ++ if (hashctx == NULL) ++ goto err; ++ if (EVP_DigestInit_ex(hashctx, EVP_shake256(), NULL) != 1) ++ goto err; ++ if (EVP_DigestUpdate(hashctx, privkey, 57) != 1) ++ goto err; ++ if (EVP_DigestFinalXOF(hashctx, buff, sizeof(buff)) != 1) ++ goto err; ++ ++ buff[0] &= -4; ++ buff[55] |= 0x80; ++ buff[56] = 0; ++ ++ if (s390x_ed448_mul(x_dst, pubkey, ++ generator_x, generator_y, buff) != 1) ++ goto err; ++ ++ pubkey[56] |= ((x_dst[0] & 0x01) << 7); ++ ++ EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); ++ EVP_MD_CTX_free(hashctx); ++ return 1; ++ err: ++ OPENSSL_secure_clear_free(privkey, ED448_KEYLEN); ++ key->privkey = NULL; ++ OPENSSL_free(key); ++ EVP_MD_CTX_free(hashctx); ++ return 0; ++} ++ ++static int s390x_pkey_ecx_derive25519(EVP_PKEY_CTX *ctx, unsigned char *key, ++ size_t *keylen) ++{ ++ const unsigned char *privkey, *pubkey; ++ ++ if (!validate_ecx_derive(ctx, key, keylen, &privkey, &pubkey)) ++ return 0; ++ ++ if (key != NULL) ++ return s390x_x25519_mul(key, pubkey, privkey); ++ ++ *keylen = X25519_KEYLEN; ++ return 1; ++} ++ ++static int s390x_pkey_ecx_derive448(EVP_PKEY_CTX *ctx, unsigned char *key, ++ size_t *keylen) ++{ ++ const unsigned char *privkey, *pubkey; ++ ++ if (!validate_ecx_derive(ctx, key, keylen, &privkey, &pubkey)) ++ return 0; ++ ++ if (key != NULL) ++ return s390x_x448_mul(key, pubkey, privkey); ++ ++ *keylen = X448_KEYLEN; ++ return 1; ++} ++ ++static int s390x_pkey_ecd_digestsign25519(EVP_MD_CTX *ctx, ++ unsigned char *sig, size_t *siglen, ++ const unsigned char *tbs, ++ size_t tbslen) ++{ ++ union { ++ struct { ++ unsigned char sig[64]; ++ unsigned char priv[32]; ++ } ed25519; ++ unsigned long long buff[512]; ++ } param; ++ const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx; ++ int rc; ++ ++ if (sig == NULL) { ++ *siglen = ED25519_SIGSIZE; ++ return 1; ++ } ++ ++ if (*siglen < ED25519_SIGSIZE) { ++ ECerr(EC_F_S390X_PKEY_ECD_DIGESTSIGN25519, EC_R_BUFFER_TOO_SMALL); ++ return 0; ++ } ++ ++ memset(¶m, 0, sizeof(param)); ++ memcpy(param.ed25519.priv, edkey->privkey, sizeof(param.ed25519.priv)); ++ ++ rc = s390x_kdsa(S390X_EDDSA_SIGN_ED25519, ¶m.ed25519, tbs, tbslen); ++ OPENSSL_cleanse(param.ed25519.priv, sizeof(param.ed25519.priv)); ++ if (rc != 0) ++ return 0; ++ ++ s390x_flip_endian32(sig, param.ed25519.sig); ++ s390x_flip_endian32(sig + 32, param.ed25519.sig + 32); ++ ++ *siglen = ED25519_SIGSIZE; ++ return 1; ++} ++ ++static int s390x_pkey_ecd_digestsign448(EVP_MD_CTX *ctx, ++ unsigned char *sig, size_t *siglen, ++ const unsigned char *tbs, ++ size_t tbslen) ++{ ++ union { ++ struct { ++ unsigned char sig[128]; ++ unsigned char priv[64]; ++ } ed448; ++ unsigned long long buff[512]; ++ } param; ++ const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx; ++ int rc; ++ ++ if (sig == NULL) { ++ *siglen = ED448_SIGSIZE; ++ return 1; ++ } ++ ++ if (*siglen < ED448_SIGSIZE) { ++ ECerr(EC_F_S390X_PKEY_ECD_DIGESTSIGN448, EC_R_BUFFER_TOO_SMALL); ++ return 0; ++ } ++ ++ memset(¶m, 0, sizeof(param)); ++ memcpy(param.ed448.priv + 64 - 57, edkey->privkey, 57); ++ ++ rc = s390x_kdsa(S390X_EDDSA_SIGN_ED448, ¶m.ed448, tbs, tbslen); ++ OPENSSL_cleanse(param.ed448.priv, sizeof(param.ed448.priv)); ++ if (rc != 0) ++ return 0; ++ ++ s390x_flip_endian64(param.ed448.sig, param.ed448.sig); ++ s390x_flip_endian64(param.ed448.sig + 64, param.ed448.sig + 64); ++ memcpy(sig, param.ed448.sig, 57); ++ memcpy(sig + 57, param.ed448.sig + 64, 57); ++ ++ *siglen = ED448_SIGSIZE; ++ return 1; ++} ++ ++static int s390x_pkey_ecd_digestverify25519(EVP_MD_CTX *ctx, ++ const unsigned char *sig, ++ size_t siglen, ++ const unsigned char *tbs, ++ size_t tbslen) ++{ ++ union { ++ struct { ++ unsigned char sig[64]; ++ unsigned char pub[32]; ++ } ed25519; ++ unsigned long long buff[512]; ++ } param; ++ const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx; ++ ++ if (siglen != ED25519_SIGSIZE) ++ return 0; ++ ++ memset(¶m, 0, sizeof(param)); ++ s390x_flip_endian32(param.ed25519.sig, sig); ++ s390x_flip_endian32(param.ed25519.sig + 32, sig + 32); ++ s390x_flip_endian32(param.ed25519.pub, edkey->pubkey); ++ ++ return s390x_kdsa(S390X_EDDSA_VERIFY_ED25519, ++ ¶m.ed25519, tbs, tbslen) == 0 ? 1 : 0; ++} ++ ++static int s390x_pkey_ecd_digestverify448(EVP_MD_CTX *ctx, ++ const unsigned char *sig, ++ size_t siglen, ++ const unsigned char *tbs, ++ size_t tbslen) ++{ ++ union { ++ struct { ++ unsigned char sig[128]; ++ unsigned char pub[64]; ++ } ed448; ++ unsigned long long buff[512]; ++ } param; ++ const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx; ++ ++ if (siglen != ED448_SIGSIZE) ++ return 0; ++ ++ memset(¶m, 0, sizeof(param)); ++ memcpy(param.ed448.sig, sig, 57); ++ s390x_flip_endian64(param.ed448.sig, param.ed448.sig); ++ memcpy(param.ed448.sig + 64, sig + 57, 57); ++ s390x_flip_endian64(param.ed448.sig + 64, param.ed448.sig + 64); ++ memcpy(param.ed448.pub, edkey->pubkey, 57); ++ s390x_flip_endian64(param.ed448.pub, param.ed448.pub); ++ ++ return s390x_kdsa(S390X_EDDSA_VERIFY_ED448, ++ ¶m.ed448, tbs, tbslen) == 0 ? 1 : 0; ++} ++ ++static const EVP_PKEY_METHOD ecx25519_s390x_pkey_meth = { ++ EVP_PKEY_X25519, ++ 0, 0, 0, 0, 0, 0, 0, ++ s390x_pkey_ecx_keygen25519, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ s390x_pkey_ecx_derive25519, ++ pkey_ecx_ctrl, ++ 0 ++}; ++ ++static const EVP_PKEY_METHOD ecx448_s390x_pkey_meth = { ++ EVP_PKEY_X448, ++ 0, 0, 0, 0, 0, 0, 0, ++ s390x_pkey_ecx_keygen448, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ s390x_pkey_ecx_derive448, ++ pkey_ecx_ctrl, ++ 0 ++}; ++static const EVP_PKEY_METHOD ed25519_s390x_pkey_meth = { ++ EVP_PKEY_ED25519, EVP_PKEY_FLAG_SIGCTX_CUSTOM, ++ 0, 0, 0, 0, 0, 0, ++ s390x_pkey_ecd_keygen25519, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ pkey_ecd_ctrl, ++ 0, ++ s390x_pkey_ecd_digestsign25519, ++ s390x_pkey_ecd_digestverify25519 ++}; ++ ++static const EVP_PKEY_METHOD ed448_s390x_pkey_meth = { ++ EVP_PKEY_ED448, EVP_PKEY_FLAG_SIGCTX_CUSTOM, ++ 0, 0, 0, 0, 0, 0, ++ s390x_pkey_ecd_keygen448, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ pkey_ecd_ctrl, ++ 0, ++ s390x_pkey_ecd_digestsign448, ++ s390x_pkey_ecd_digestverify448 ++}; ++#endif ++ ++const EVP_PKEY_METHOD *ecx25519_pkey_method(void) ++{ ++#ifdef S390X_EC_ASM ++ if (OPENSSL_s390xcap_P.pcc[1] & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X25519)) ++ return &ecx25519_s390x_pkey_meth; ++#endif ++ return &ecx25519_pkey_meth; ++} ++ ++const EVP_PKEY_METHOD *ecx448_pkey_method(void) ++{ ++#ifdef S390X_EC_ASM ++ if (OPENSSL_s390xcap_P.pcc[1] & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) ++ return &ecx448_s390x_pkey_meth; ++#endif ++ return &ecx448_pkey_meth; ++} ++ ++const EVP_PKEY_METHOD *ed25519_pkey_method(void) ++{ ++#ifdef S390X_EC_ASM ++ if (OPENSSL_s390xcap_P.pcc[1] & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_ED25519) ++ && OPENSSL_s390xcap_P.kdsa[0] & S390X_CAPBIT(S390X_EDDSA_SIGN_ED25519) ++ && OPENSSL_s390xcap_P.kdsa[0] ++ & S390X_CAPBIT(S390X_EDDSA_VERIFY_ED25519)) ++ return &ed25519_s390x_pkey_meth; ++#endif ++ return &ed25519_pkey_meth; ++} ++ ++const EVP_PKEY_METHOD *ed448_pkey_method(void) ++{ ++#ifdef S390X_EC_ASM ++ if (OPENSSL_s390xcap_P.pcc[1] & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_ED448) ++ && OPENSSL_s390xcap_P.kdsa[0] & S390X_CAPBIT(S390X_EDDSA_SIGN_ED448) ++ && OPENSSL_s390xcap_P.kdsa[0] & S390X_CAPBIT(S390X_EDDSA_VERIFY_ED448)) ++ return &ed448_s390x_pkey_meth; ++#endif ++ return &ed448_pkey_meth; ++} +diff -up openssl-1.1.1g/crypto/err/openssl.txt.s390x-ecc openssl-1.1.1g/crypto/err/openssl.txt +--- openssl-1.1.1g/crypto/err/openssl.txt.s390x-ecc 2020-05-18 12:45:40.834234079 +0200 ++++ openssl-1.1.1g/crypto/err/openssl.txt 2020-05-18 12:45:44.575266592 +0200 +@@ -496,6 +496,11 @@ EC_F_ECDSA_SIGN_EX:254:ECDSA_sign_ex + EC_F_ECDSA_SIGN_SETUP:248:ECDSA_sign_setup + EC_F_ECDSA_SIG_NEW:265:ECDSA_SIG_new + EC_F_ECDSA_VERIFY:253:ECDSA_verify ++EC_F_ECDSA_SIMPLE_SIGN_SETUP:310:ecdsa_simple_sign_setup ++EC_F_ECDSA_SIMPLE_SIGN_SIG:311:ecdsa_simple_sign_sig ++EC_F_ECDSA_SIMPLE_VERIFY_SIG:312:ecdsa_simple_verify_sig ++EC_F_ECDSA_S390X_NISTP_SIGN_SIG:313:ecdsa_s390x_nistp_sign_sig ++EC_F_ECDSA_S390X_NISTP_VERIFY_SIG:314:ecdsa_s390x_nistp_verify_sig + EC_F_ECD_ITEM_VERIFY:270:ecd_item_verify + EC_F_ECKEY_PARAM2TYPE:223:eckey_param2type + EC_F_ECKEY_PARAM_DECODE:212:eckey_param_decode +@@ -657,6 +662,7 @@ EC_F_NISTP521_PRE_COMP_NEW:237:nistp521_ + EC_F_O2I_ECPUBLICKEY:152:o2i_ECPublicKey + EC_F_OLD_EC_PRIV_DECODE:222:old_ec_priv_decode + EC_F_OSSL_ECDH_COMPUTE_KEY:247:ossl_ecdh_compute_key ++EC_F_OSSL_ECDSA_SIGN_SETUP:300:ossl_ecdsa_sign_setup + EC_F_OSSL_ECDSA_SIGN_SIG:249:ossl_ecdsa_sign_sig + EC_F_OSSL_ECDSA_VERIFY_SIG:250:ossl_ecdsa_verify_sig + EC_F_PKEY_ECD_CTRL:271:pkey_ecd_ctrl +@@ -672,6 +678,12 @@ EC_F_PKEY_EC_KDF_DERIVE:283:pkey_ec_kdf_ + EC_F_PKEY_EC_KEYGEN:199:pkey_ec_keygen + EC_F_PKEY_EC_PARAMGEN:219:pkey_ec_paramgen + EC_F_PKEY_EC_SIGN:218:pkey_ec_sign ++EC_F_S390X_PKEY_ECD_DIGESTSIGN25519:303:s390x_pkey_ecd_digestsign25519 ++EC_F_S390X_PKEY_ECD_DIGESTSIGN448:304:s390x_pkey_ecd_digestsign448 ++EC_F_S390X_PKEY_ECD_KEYGEN25519:305:s390x_pkey_ecd_keygen25519 ++EC_F_S390X_PKEY_ECD_KEYGEN448:306:s390x_pkey_ecd_keygen448 ++EC_F_S390X_PKEY_ECX_KEYGEN25519:307:s390x_pkey_ecx_keygen25519 ++EC_F_S390X_PKEY_ECX_KEYGEN448:308:s390x_pkey_ecx_keygen448 + EC_F_VALIDATE_ECX_DERIVE:278:validate_ecx_derive + ENGINE_F_DIGEST_UPDATE:198:digest_update + ENGINE_F_DYNAMIC_CTRL:180:dynamic_ctrl +@@ -2160,6 +2172,7 @@ EC_R_BUFFER_TOO_SMALL:100:buffer too sma + EC_R_CANNOT_INVERT:165:cannot invert + EC_R_COORDINATES_OUT_OF_RANGE:146:coordinates out of range + EC_R_CURVE_DOES_NOT_SUPPORT_ECDH:160:curve does not support ecdh ++EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA:170:curve does not support ecdsa + EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING:159:curve does not support signing + EC_R_D2I_ECPKPARAMETERS_FAILURE:117:d2i ecpkparameters failure + EC_R_DECODE_ERROR:142:decode error +diff -up openssl-1.1.1g/crypto/evp/pmeth_lib.c.s390x-ecc openssl-1.1.1g/crypto/evp/pmeth_lib.c +--- openssl-1.1.1g/crypto/evp/pmeth_lib.c.s390x-ecc 2020-05-18 12:45:40.787233671 +0200 ++++ openssl-1.1.1g/crypto/evp/pmeth_lib.c 2020-05-18 12:45:44.576266601 +0200 +@@ -17,60 +17,67 @@ + #include "crypto/evp.h" + #include "internal/numbers.h" + ++typedef const EVP_PKEY_METHOD *(*pmeth_fn)(void); + typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); + + static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; + + /* This array needs to be in order of NIDs */ +-static const EVP_PKEY_METHOD *standard_methods[] = { ++static pmeth_fn standard_methods[] = { + #ifndef OPENSSL_NO_RSA +- &rsa_pkey_meth, ++ rsa_pkey_method, + #endif + #ifndef OPENSSL_NO_DH +- &dh_pkey_meth, ++ dh_pkey_method, + #endif + #ifndef OPENSSL_NO_DSA +- &dsa_pkey_meth, ++ dsa_pkey_method, + #endif + #ifndef OPENSSL_NO_EC +- &ec_pkey_meth, ++ ec_pkey_method, + #endif +- &hmac_pkey_meth, ++ hmac_pkey_method, + #ifndef OPENSSL_NO_CMAC +- &cmac_pkey_meth, ++ cmac_pkey_method, + #endif + #ifndef OPENSSL_NO_RSA +- &rsa_pss_pkey_meth, ++ rsa_pss_pkey_method, + #endif + #ifndef OPENSSL_NO_DH +- &dhx_pkey_meth, ++ dhx_pkey_method, + #endif + #ifndef OPENSSL_NO_SCRYPT +- &scrypt_pkey_meth, ++ scrypt_pkey_method, + #endif +- &tls1_prf_pkey_meth, ++ tls1_prf_pkey_method, + #ifndef OPENSSL_NO_EC +- &ecx25519_pkey_meth, +- &ecx448_pkey_meth, ++ ecx25519_pkey_method, ++ ecx448_pkey_method, + #endif +- &hkdf_pkey_meth, ++ hkdf_pkey_method, + #ifndef OPENSSL_NO_POLY1305 +- &poly1305_pkey_meth, ++ poly1305_pkey_method, + #endif + #ifndef OPENSSL_NO_SIPHASH +- &siphash_pkey_meth, ++ siphash_pkey_method, + #endif + #ifndef OPENSSL_NO_EC +- &ed25519_pkey_meth, +- &ed448_pkey_meth, ++ ed25519_pkey_method, ++ ed448_pkey_method, + #endif + #ifndef OPENSSL_NO_SM2 +- &sm2_pkey_meth, ++ sm2_pkey_method, + #endif + }; + +-DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *, +- pmeth); ++DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func); ++ ++static int pmeth_func_cmp(const EVP_PKEY_METHOD *const *a, pmeth_fn const *b) ++{ ++ return ((*a)->pkey_id - ((**b)())->pkey_id); ++} ++ ++IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func); + + static int pmeth_cmp(const EVP_PKEY_METHOD *const *a, + const EVP_PKEY_METHOD *const *b) +@@ -78,13 +85,11 @@ static int pmeth_cmp(const EVP_PKEY_METH + return ((*a)->pkey_id - (*b)->pkey_id); + } + +-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *, +- pmeth); +- + const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type) + { ++ pmeth_fn *ret; + EVP_PKEY_METHOD tmp; +- const EVP_PKEY_METHOD *t = &tmp, **ret; ++ const EVP_PKEY_METHOD *t = &tmp; + tmp.pkey_id = type; + if (app_pkey_methods) { + int idx; +@@ -92,12 +97,12 @@ const EVP_PKEY_METHOD *EVP_PKEY_meth_fin + if (idx >= 0) + return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx); + } +- ret = OBJ_bsearch_pmeth(&t, standard_methods, +- sizeof(standard_methods) / +- sizeof(EVP_PKEY_METHOD *)); ++ ret = OBJ_bsearch_pmeth_func(&t, standard_methods, ++ sizeof(standard_methods) / ++ sizeof(pmeth_fn)); + if (!ret || !*ret) + return NULL; +- return *ret; ++ return (**ret)(); + } + + static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) +@@ -348,7 +353,7 @@ size_t EVP_PKEY_meth_get_count(void) + const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx) + { + if (idx < OSSL_NELEM(standard_methods)) +- return standard_methods[idx]; ++ return (standard_methods[idx])(); + if (app_pkey_methods == NULL) + return NULL; + idx -= OSSL_NELEM(standard_methods); +diff -up openssl-1.1.1g/crypto/hmac/hm_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/hmac/hm_pmeth.c +--- openssl-1.1.1g/crypto/hmac/hm_pmeth.c.s390x-ecc 2020-05-18 12:45:40.796233749 +0200 ++++ openssl-1.1.1g/crypto/hmac/hm_pmeth.c 2020-05-18 12:45:44.576266601 +0200 +@@ -210,3 +210,8 @@ const EVP_PKEY_METHOD hmac_pkey_meth = { + pkey_hmac_ctrl, + pkey_hmac_ctrl_str + }; ++ ++const EVP_PKEY_METHOD *hmac_pkey_method(void) ++{ ++ return &hmac_pkey_meth; ++} +diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.s390x-ecc openssl-1.1.1g/crypto/kdf/hkdf.c +--- openssl-1.1.1g/crypto/kdf/hkdf.c.s390x-ecc 2020-05-18 12:45:40.826234009 +0200 ++++ openssl-1.1.1g/crypto/kdf/hkdf.c 2020-05-18 12:45:44.577266609 +0200 +@@ -233,6 +233,11 @@ const EVP_KDF_METHOD hkdf_kdf_meth = { + kdf_hkdf_derive + }; + ++const EVP_PKEY_METHOD *hkdf_pkey_method(void) ++{ ++ return &hkdf_pkey_meth; ++} ++ + static int HKDF(const EVP_MD *evp_md, + const unsigned char *salt, size_t salt_len, + const unsigned char *key, size_t key_len, +diff -up openssl-1.1.1g/crypto/kdf/scrypt.c.s390x-ecc openssl-1.1.1g/crypto/kdf/scrypt.c +--- openssl-1.1.1g/crypto/kdf/scrypt.c.s390x-ecc 2020-05-18 12:45:40.827234018 +0200 ++++ openssl-1.1.1g/crypto/kdf/scrypt.c 2020-05-18 12:45:44.578266618 +0200 +@@ -504,4 +504,9 @@ static int scrypt_alg(const char *pass, + return rv; + } + ++const EVP_PKEY_METHOD *scrypt_pkey_method(void) ++{ ++ return &scrypt_pkey_meth; ++} ++ + #endif +diff -up openssl-1.1.1g/crypto/kdf/tls1_prf.c.s390x-ecc openssl-1.1.1g/crypto/kdf/tls1_prf.c +--- openssl-1.1.1g/crypto/kdf/tls1_prf.c.s390x-ecc 2020-05-18 12:45:40.828234027 +0200 ++++ openssl-1.1.1g/crypto/kdf/tls1_prf.c 2020-05-18 12:45:44.578266618 +0200 +@@ -168,6 +168,11 @@ const EVP_KDF_METHOD tls1_prf_kdf_meth = + kdf_tls1_prf_derive + }; + ++const EVP_PKEY_METHOD *tls1_prf_pkey_method(void) ++{ ++ return &tls1_prf_pkey_meth; ++} ++ + static int tls1_prf_P_hash(const EVP_MD *md, + const unsigned char *sec, size_t sec_len, + const unsigned char *seed, size_t seed_len, +diff -up openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c +--- openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c 2020-05-18 12:45:44.579266627 +0200 +@@ -192,3 +192,8 @@ const EVP_PKEY_METHOD poly1305_pkey_meth + pkey_poly1305_ctrl, + pkey_poly1305_ctrl_str + }; ++ ++const EVP_PKEY_METHOD *poly1305_pkey_method(void) ++{ ++ return &poly1305_pkey_meth; ++} +diff -up openssl-1.1.1g/crypto/rsa/rsa_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/rsa/rsa_pmeth.c +--- openssl-1.1.1g/crypto/rsa/rsa_pmeth.c.s390x-ecc 2020-05-18 12:45:40.798233766 +0200 ++++ openssl-1.1.1g/crypto/rsa/rsa_pmeth.c 2020-05-18 12:45:44.580266635 +0200 +@@ -789,6 +789,11 @@ const EVP_PKEY_METHOD rsa_pkey_meth = { + pkey_rsa_ctrl_str + }; + ++const EVP_PKEY_METHOD *rsa_pkey_method(void) ++{ ++ return &rsa_pkey_meth; ++} ++ + /* + * Called for PSS sign or verify initialisation: checks PSS parameter + * sanity and sets any restrictions on key usage. +@@ -859,3 +864,8 @@ const EVP_PKEY_METHOD rsa_pss_pkey_meth + pkey_rsa_ctrl, + pkey_rsa_ctrl_str + }; ++ ++const EVP_PKEY_METHOD *rsa_pss_pkey_method(void) ++{ ++ return &rsa_pss_pkey_meth; ++} +diff -up openssl-1.1.1g/crypto/s390x_arch.h.s390x-ecc openssl-1.1.1g/crypto/s390x_arch.h +--- openssl-1.1.1g/crypto/s390x_arch.h.s390x-ecc 2020-05-18 12:45:40.603232072 +0200 ++++ openssl-1.1.1g/crypto/s390x_arch.h 2020-05-18 12:45:44.580266635 +0200 +@@ -26,6 +26,12 @@ void s390x_kmf(const unsigned char *in, + unsigned int fc, void *param); + void s390x_kma(const unsigned char *aad, size_t alen, const unsigned char *in, + size_t len, unsigned char *out, unsigned int fc, void *param); ++int s390x_pcc(unsigned int fc, void *param); ++int s390x_kdsa(unsigned int fc, void *param, const unsigned char *in, ++ size_t len); ++ ++void s390x_flip_endian32(unsigned char dst[32], const unsigned char src[32]); ++void s390x_flip_endian64(unsigned char dst[64], const unsigned char src[64]); + + /* + * The field elements of OPENSSL_s390xcap_P are the 64-bit words returned by +@@ -45,6 +51,8 @@ struct OPENSSL_s390xcap_st { + unsigned long long kmf[2]; + unsigned long long prno[2]; + unsigned long long kma[2]; ++ unsigned long long pcc[2]; ++ unsigned long long kdsa[2]; + }; + + extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P; +@@ -66,11 +74,14 @@ extern struct OPENSSL_s390xcap_st OPENSS + # define S390X_KMF 0x90 + # define S390X_PRNO 0xa0 + # define S390X_KMA 0xb0 ++# define S390X_PCC 0xc0 ++# define S390X_KDSA 0xd0 + + /* Facility Bit Numbers */ + # define S390X_VX 129 + # define S390X_VXD 134 + # define S390X_VXE 135 ++# define S390X_MSA9 155 /* message-security-assist-ext. 9 */ + + /* Function Codes */ + +@@ -94,10 +105,32 @@ extern struct OPENSSL_s390xcap_st OPENSS + /* prno */ + # define S390X_TRNG 114 + ++/* pcc */ ++# define S390X_SCALAR_MULTIPLY_P256 64 ++# define S390X_SCALAR_MULTIPLY_P384 65 ++# define S390X_SCALAR_MULTIPLY_P521 66 ++# define S390X_SCALAR_MULTIPLY_ED25519 72 ++# define S390X_SCALAR_MULTIPLY_ED448 73 ++# define S390X_SCALAR_MULTIPLY_X25519 80 ++# define S390X_SCALAR_MULTIPLY_X448 81 ++ ++/* kdsa */ ++# define S390X_ECDSA_VERIFY_P256 1 ++# define S390X_ECDSA_VERIFY_P384 2 ++# define S390X_ECDSA_VERIFY_P521 3 ++# define S390X_ECDSA_SIGN_P256 9 ++# define S390X_ECDSA_SIGN_P384 10 ++# define S390X_ECDSA_SIGN_P521 11 ++# define S390X_EDDSA_VERIFY_ED25519 32 ++# define S390X_EDDSA_VERIFY_ED448 36 ++# define S390X_EDDSA_SIGN_ED25519 40 ++# define S390X_EDDSA_SIGN_ED448 44 ++ + /* Register 0 Flags */ + # define S390X_DECRYPT 0x80 + # define S390X_KMA_LPC 0x100 + # define S390X_KMA_LAAD 0x200 + # define S390X_KMA_HS 0x400 ++# define S390X_KDSA_D 0x80 + + #endif +diff -up openssl-1.1.1g/crypto/s390xcpuid.pl.s390x-ecc openssl-1.1.1g/crypto/s390xcpuid.pl +--- openssl-1.1.1g/crypto/s390xcpuid.pl.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/s390xcpuid.pl 2020-05-18 12:45:44.581266644 +0200 +@@ -58,6 +58,10 @@ OPENSSL_s390x_facilities: + stg %r0,S390X_PRNO+8(%r4) + stg %r0,S390X_KMA(%r4) + stg %r0,S390X_KMA+8(%r4) ++ stg %r0,S390X_PCC(%r4) ++ stg %r0,S390X_PCC+8(%r4) ++ stg %r0,S390X_KDSA(%r4) ++ stg %r0,S390X_KDSA+8(%r4) + + .long 0xb2b04000 # stfle 0(%r4) + brc 8,.Ldone +@@ -68,6 +72,7 @@ OPENSSL_s390x_facilities: + .long 0xb2b04000 # stfle 0(%r4) + .Ldone: + lmg %r2,%r3,S390X_STFLE(%r4) ++ + tmhl %r2,0x4000 # check for message-security-assist + jz .Lret + +@@ -91,6 +96,13 @@ OPENSSL_s390x_facilities: + la %r1,S390X_KMAC(%r4) + .long 0xb91e0042 # kmac %r4,%r2 + ++ tmhh %r3,0x0008 # check for message-security-assist-3 ++ jz .Lret ++ ++ lghi %r0,S390X_QUERY # query pcc capability vector ++ la %r1,S390X_PCC(%r4) ++ .long 0xb92c0000 # pcc ++ + tmhh %r3,0x0004 # check for message-security-assist-4 + jz .Lret + +@@ -114,6 +126,7 @@ OPENSSL_s390x_facilities: + .long 0xb93c0042 # prno %r4,%r2 + + lg %r2,S390X_STFLE+16(%r4) ++ + tmhl %r2,0x2000 # check for message-security-assist-8 + jz .Lret + +@@ -121,6 +134,13 @@ OPENSSL_s390x_facilities: + la %r1,S390X_KMA(%r4) + .long 0xb9294022 # kma %r2,%r4,%r2 + ++ tmhl %r2,0x0010 # check for message-security-assist-9 ++ jz .Lret ++ ++ lghi %r0,S390X_QUERY # query kdsa capability vector ++ la %r1,S390X_KDSA(%r4) ++ .long 0xb93a0002 # kdsa %r0,%r2 ++ + .Lret: + br $ra + .size OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities +@@ -411,6 +431,113 @@ s390x_kma: + ___ + } + ++################ ++# int s390x_pcc(unsigned int fc, void *param) ++{ ++my ($fc,$param) = map("%r$_",(2..3)); ++$code.=<<___; ++.globl s390x_pcc ++.type s390x_pcc,\@function ++.align 16 ++s390x_pcc: ++ lr %r0,$fc ++ l${g}r %r1,$param ++ lhi %r2,0 ++ ++ .long 0xb92c0000 # pcc ++ brc 1,.-4 # pay attention to "partial completion" ++ brc 7,.Lpcc_err # if CC==0 return 0, else return 1 ++.Lpcc_out: ++ br $ra ++.Lpcc_err: ++ lhi %r2,1 ++ j .Lpcc_out ++.size s390x_pcc,.-s390x_pcc ++___ ++} ++ ++################ ++# int s390x_kdsa(unsigned int fc, void *param, ++# const unsigned char *in, size_t len) ++{ ++my ($fc,$param,$in,$len) = map("%r$_",(2..5)); ++$code.=<<___; ++.globl s390x_kdsa ++.type s390x_kdsa,\@function ++.align 16 ++s390x_kdsa: ++ lr %r0,$fc ++ l${g}r %r1,$param ++ lhi %r2,0 ++ ++ .long 0xb93a0004 # kdsa %r0,$in ++ brc 1,.-4 # pay attention to "partial completion" ++ brc 7,.Lkdsa_err # if CC==0 return 0, else return 1 ++.Lkdsa_out: ++ br $ra ++.Lkdsa_err: ++ lhi %r2,1 ++ j .Lkdsa_out ++.size s390x_kdsa,.-s390x_kdsa ++___ ++} ++ ++################ ++# void s390x_flip_endian32(unsigned char dst[32], const unsigned char src[32]) ++{ ++my ($dst,$src) = map("%r$_",(2..3)); ++$code.=<<___; ++.globl s390x_flip_endian32 ++.type s390x_flip_endian32,\@function ++.align 16 ++s390x_flip_endian32: ++ lrvg %r0,0(%r0,$src) ++ lrvg %r1,8(%r0,$src) ++ lrvg %r4,16(%r0,$src) ++ lrvg %r5,24(%r0,$src) ++ stg %r0,24(%r0,$dst) ++ stg %r1,16(%r0,$dst) ++ stg %r4,8(%r0,$dst) ++ stg %r5,0(%r0,$dst) ++ br $ra ++.size s390x_flip_endian32,.-s390x_flip_endian32 ++___ ++} ++ ++################ ++# void s390x_flip_endian64(unsigned char dst[64], const unsigned char src[64]) ++{ ++my ($dst,$src) = map("%r$_",(2..3)); ++$code.=<<___; ++.globl s390x_flip_endian64 ++.type s390x_flip_endian64,\@function ++.align 16 ++s390x_flip_endian64: ++ stmg %r6,%r9,6*$SIZE_T($sp) ++ ++ lrvg %r0,0(%r0,$src) ++ lrvg %r1,8(%r0,$src) ++ lrvg %r4,16(%r0,$src) ++ lrvg %r5,24(%r0,$src) ++ lrvg %r6,32(%r0,$src) ++ lrvg %r7,40(%r0,$src) ++ lrvg %r8,48(%r0,$src) ++ lrvg %r9,56(%r0,$src) ++ stg %r0,56(%r0,$dst) ++ stg %r1,48(%r0,$dst) ++ stg %r4,40(%r0,$dst) ++ stg %r5,32(%r0,$dst) ++ stg %r6,24(%r0,$dst) ++ stg %r7,16(%r0,$dst) ++ stg %r8,8(%r0,$dst) ++ stg %r9,0(%r0,$dst) ++ ++ lmg %r6,%r9,6*$SIZE_T($sp) ++ br $ra ++.size s390x_flip_endian64,.-s390x_flip_endian64 ++___ ++} ++ + $code.=<<___; + .section .init + brasl $ra,OPENSSL_cpuid_setup +diff -up openssl-1.1.1g/crypto/siphash/siphash_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/siphash/siphash_pmeth.c +--- openssl-1.1.1g/crypto/siphash/siphash_pmeth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/siphash/siphash_pmeth.c 2020-05-18 12:45:44.581266644 +0200 +@@ -203,3 +203,8 @@ const EVP_PKEY_METHOD siphash_pkey_meth + pkey_siphash_ctrl, + pkey_siphash_ctrl_str + }; ++ ++const EVP_PKEY_METHOD *siphash_pkey_method(void) ++{ ++ return &siphash_pkey_meth; ++} +diff -up openssl-1.1.1g/crypto/sm2/sm2_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/sm2/sm2_pmeth.c +--- openssl-1.1.1g/crypto/sm2/sm2_pmeth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/sm2/sm2_pmeth.c 2020-05-18 12:45:44.582266653 +0200 +@@ -327,3 +327,8 @@ const EVP_PKEY_METHOD sm2_pkey_meth = { + + pkey_sm2_digest_custom + }; ++ ++const EVP_PKEY_METHOD *sm2_pkey_method(void) ++{ ++ return &sm2_pkey_meth; ++} +diff -up openssl-1.1.1g/include/crypto/evp.h.s390x-ecc openssl-1.1.1g/include/crypto/evp.h +--- openssl-1.1.1g/include/crypto/evp.h.s390x-ecc 2020-05-18 12:45:40.834234079 +0200 ++++ openssl-1.1.1g/include/crypto/evp.h 2020-05-18 12:45:44.577266609 +0200 +@@ -459,3 +459,22 @@ void evp_encode_ctx_set_flags(EVP_ENCODE + #define EVP_ENCODE_CTX_NO_NEWLINES 1 + /* Use the SRP base64 alphabet instead of the standard one */ + #define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2 ++ ++const EVP_PKEY_METHOD *cmac_pkey_method(void); ++const EVP_PKEY_METHOD *dh_pkey_method(void); ++const EVP_PKEY_METHOD *dhx_pkey_method(void); ++const EVP_PKEY_METHOD *dsa_pkey_method(void); ++const EVP_PKEY_METHOD *ec_pkey_method(void); ++const EVP_PKEY_METHOD *sm2_pkey_method(void); ++const EVP_PKEY_METHOD *ecx25519_pkey_method(void); ++const EVP_PKEY_METHOD *ecx448_pkey_method(void); ++const EVP_PKEY_METHOD *ed25519_pkey_method(void); ++const EVP_PKEY_METHOD *ed448_pkey_method(void); ++const EVP_PKEY_METHOD *hmac_pkey_method(void); ++const EVP_PKEY_METHOD *rsa_pkey_method(void); ++const EVP_PKEY_METHOD *rsa_pss_pkey_method(void); ++const EVP_PKEY_METHOD *scrypt_pkey_method(void); ++const EVP_PKEY_METHOD *tls1_prf_pkey_method(void); ++const EVP_PKEY_METHOD *hkdf_pkey_method(void); ++const EVP_PKEY_METHOD *poly1305_pkey_method(void); ++const EVP_PKEY_METHOD *siphash_pkey_method(void); +diff -up openssl-1.1.1g/include/internal/constant_time.h.s390x-ecc openssl-1.1.1g/include/internal/constant_time.h +--- openssl-1.1.1g/include/internal/constant_time.h.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/include/internal/constant_time.h 2020-05-18 12:45:44.582266653 +0200 +@@ -353,6 +353,34 @@ static ossl_inline void constant_time_co + } + + /* ++ * mask must be 0xFF or 0x00. ++ * "constant time" is per len. ++ * ++ * if (mask) { ++ * unsigned char tmp[len]; ++ * ++ * memcpy(tmp, a, len); ++ * memcpy(a, b); ++ * memcpy(b, tmp); ++ * } ++ */ ++static ossl_inline void constant_time_cond_swap_buff(unsigned char mask, ++ unsigned char *a, ++ unsigned char *b, ++ size_t len) ++{ ++ size_t i; ++ unsigned char tmp; ++ ++ for (i = 0; i < len; i++) { ++ tmp = a[i] ^ b[i]; ++ tmp &= mask; ++ a[i] ^= tmp; ++ b[i] ^= tmp; ++ } ++} ++ ++/* + * table is a two dimensional array of bytes. Each row has rowsize elements. + * Copies row number idx into out. rowsize and numrows are not considered + * private. +diff -up openssl-1.1.1g/include/openssl/ecerr.h.s390x-ecc openssl-1.1.1g/include/openssl/ecerr.h +--- openssl-1.1.1g/include/openssl/ecerr.h.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/include/openssl/ecerr.h 2020-05-18 12:45:44.583266662 +0200 +@@ -42,6 +42,11 @@ int ERR_load_EC_strings(void); + # define EC_F_ECDSA_SIGN_SETUP 248 + # define EC_F_ECDSA_SIG_NEW 265 + # define EC_F_ECDSA_VERIFY 253 ++# define EC_F_ECDSA_SIMPLE_SIGN_SETUP 310 ++# define EC_F_ECDSA_SIMPLE_SIGN_SIG 311 ++# define EC_F_ECDSA_SIMPLE_VERIFY_SIG 312 ++# define EC_F_ECDSA_S390X_NISTP_SIGN_SIG 313 ++# define EC_F_ECDSA_S390X_NISTP_VERIFY_SIG 314 + # define EC_F_ECD_ITEM_VERIFY 270 + # define EC_F_ECKEY_PARAM2TYPE 223 + # define EC_F_ECKEY_PARAM_DECODE 212 +@@ -185,6 +190,7 @@ int ERR_load_EC_strings(void); + # define EC_F_O2I_ECPUBLICKEY 152 + # define EC_F_OLD_EC_PRIV_DECODE 222 + # define EC_F_OSSL_ECDH_COMPUTE_KEY 247 ++# define EC_F_OSSL_ECDSA_SIGN_SETUP 300 + # define EC_F_OSSL_ECDSA_SIGN_SIG 249 + # define EC_F_OSSL_ECDSA_VERIFY_SIG 250 + # define EC_F_PKEY_ECD_CTRL 271 +@@ -200,6 +206,12 @@ int ERR_load_EC_strings(void); + # define EC_F_PKEY_EC_KEYGEN 199 + # define EC_F_PKEY_EC_PARAMGEN 219 + # define EC_F_PKEY_EC_SIGN 218 ++# define EC_F_S390X_PKEY_ECD_DIGESTSIGN25519 320 ++# define EC_F_S390X_PKEY_ECD_DIGESTSIGN448 321 ++# define EC_F_S390X_PKEY_ECD_KEYGEN25519 322 ++# define EC_F_S390X_PKEY_ECD_KEYGEN448 323 ++# define EC_F_S390X_PKEY_ECX_KEYGEN25519 324 ++# define EC_F_S390X_PKEY_ECX_KEYGEN448 325 + # define EC_F_VALIDATE_ECX_DERIVE 278 + + /* +@@ -212,6 +224,7 @@ int ERR_load_EC_strings(void); + # define EC_R_CANNOT_INVERT 165 + # define EC_R_COORDINATES_OUT_OF_RANGE 146 + # define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160 ++# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA 170 + # define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159 + # define EC_R_D2I_ECPKPARAMETERS_FAILURE 117 + # define EC_R_DECODE_ERROR 142 +diff -up openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt.s390x-ecc openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt +--- openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt 2020-05-18 12:45:44.590266722 +0200 +@@ -814,6 +814,8 @@ PublicKeyRaw=Bob-448-PUBLIC-Raw:X448:3eb + + PrivPubKeyPair = Bob-448-Raw:Bob-448-PUBLIC-Raw + ++PublicKeyRaw=Bob-448-PUBLIC-Raw-NonCanonical:X448:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff ++ + Derive=Alice-448 + PeerKey=Bob-448-PUBLIC + SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d +@@ -830,6 +832,11 @@ Derive=Bob-448-Raw + PeerKey=Alice-448-PUBLIC-Raw + SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d + ++# Self-generated non-canonical ++Derive=Alice-448-Raw ++PeerKey=Bob-448-PUBLIC-Raw-NonCanonical ++SharedSecret=66e2e682b1f8e68c809f1bb3e406bd826921d9c1a5bfbfcbab7ae72feecee63660eabd54934f3382061d17607f581a90bdac917a064959fb ++ + # Illegal sign/verify operations with X448 key + + Sign=Alice-448 diff --git a/openssl-1.1.1-s390x-update.patch b/openssl-1.1.1-s390x-update.patch new file mode 100644 index 0000000..83061af --- /dev/null +++ b/openssl-1.1.1-s390x-update.patch @@ -0,0 +1,5502 @@ +diff -up openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl.s390x-update openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl +--- openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl.s390x-update 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl 2020-03-19 16:45:05.483440129 +0100 +@@ -20,41 +20,53 @@ + # + # 3 times faster than compiler-generated code. + +-$flavour = shift; ++# ++# August 2018 ++# ++# Add vx code path: 4x"vertical". ++# ++# Copyright IBM Corp. 2018 ++# Author: Patrick Steuer ++ ++# ++# February 2019 ++# ++# Add 6x"horizontal" VX implementation. It's ~25% faster than IBM's ++# 4x"vertical" submission [on z13] and >3 faster than scalar code. ++# But to harness overheads revert to transliteration of VSX code path ++# from chacha-ppc module, which is also 4x"vertical", to handle inputs ++# not longer than 256 bytes. ++ ++use strict; ++use FindBin qw($Bin); ++use lib "$Bin/../.."; ++use perlasm::s390x qw(:DEFAULT :VX AUTOLOAD LABEL INCLUDE); + ++my $flavour = shift; ++ ++my ($z,$SIZE_T); + if ($flavour =~ /3[12]/) { ++ $z=0; # S/390 ABI + $SIZE_T=4; +- $g=""; + } else { ++ $z=1; # zSeries ABI + $SIZE_T=8; +- $g="g"; + } + ++my $output; + while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {} +-open STDOUT,">$output"; +- +-sub AUTOLOAD() # thunk [simplified] x86-style perlasm +-{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://; +- $code .= "\t$opcode\t".join(',',@_)."\n"; +-} + + my $sp="%r15"; +- + my $stdframe=16*$SIZE_T+4*8; +-my $frame=$stdframe+4*20; +- +-my ($out,$inp,$len,$key,$counter)=map("%r$_",(2..6)); + ++sub ROUND { + my @x=map("%r$_",(0..7,"x","x","x","x",(10..13))); + my @t=map("%r$_",(8,9)); +- +-sub ROUND { + my ($a0,$b0,$c0,$d0)=@_; + my ($a1,$b1,$c1,$d1)=map(($_&~3)+(($_+1)&3),($a0,$b0,$c0,$d0)); + my ($a2,$b2,$c2,$d2)=map(($_&~3)+(($_+1)&3),($a1,$b1,$c1,$d1)); + my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2)); +-my ($xc,$xc_)=map("\"$_\"",@t); +-my @x=map("\"$_\"",@x); ++my ($xc,$xc_)=map("$_",@t); + + # Consider order in which variables are addressed by their + # index: +@@ -78,249 +90,967 @@ my @x=map("\"$_\"",@x); + # 'c' stores and loads in the middle, but none in the beginning + # or end. + +- ( +- "&alr (@x[$a0],@x[$b0])", # Q1 +- "&alr (@x[$a1],@x[$b1])", # Q2 +- "&xr (@x[$d0],@x[$a0])", +- "&xr (@x[$d1],@x[$a1])", +- "&rll (@x[$d0],@x[$d0],16)", +- "&rll (@x[$d1],@x[$d1],16)", +- +- "&alr ($xc,@x[$d0])", +- "&alr ($xc_,@x[$d1])", +- "&xr (@x[$b0],$xc)", +- "&xr (@x[$b1],$xc_)", +- "&rll (@x[$b0],@x[$b0],12)", +- "&rll (@x[$b1],@x[$b1],12)", +- +- "&alr (@x[$a0],@x[$b0])", +- "&alr (@x[$a1],@x[$b1])", +- "&xr (@x[$d0],@x[$a0])", +- "&xr (@x[$d1],@x[$a1])", +- "&rll (@x[$d0],@x[$d0],8)", +- "&rll (@x[$d1],@x[$d1],8)", +- +- "&alr ($xc,@x[$d0])", +- "&alr ($xc_,@x[$d1])", +- "&xr (@x[$b0],$xc)", +- "&xr (@x[$b1],$xc_)", +- "&rll (@x[$b0],@x[$b0],7)", +- "&rll (@x[$b1],@x[$b1],7)", +- +- "&stm ($xc,$xc_,'$stdframe+4*8+4*$c0($sp)')", # reload pair of 'c's +- "&lm ($xc,$xc_,'$stdframe+4*8+4*$c2($sp)')", +- +- "&alr (@x[$a2],@x[$b2])", # Q3 +- "&alr (@x[$a3],@x[$b3])", # Q4 +- "&xr (@x[$d2],@x[$a2])", +- "&xr (@x[$d3],@x[$a3])", +- "&rll (@x[$d2],@x[$d2],16)", +- "&rll (@x[$d3],@x[$d3],16)", +- +- "&alr ($xc,@x[$d2])", +- "&alr ($xc_,@x[$d3])", +- "&xr (@x[$b2],$xc)", +- "&xr (@x[$b3],$xc_)", +- "&rll (@x[$b2],@x[$b2],12)", +- "&rll (@x[$b3],@x[$b3],12)", +- +- "&alr (@x[$a2],@x[$b2])", +- "&alr (@x[$a3],@x[$b3])", +- "&xr (@x[$d2],@x[$a2])", +- "&xr (@x[$d3],@x[$a3])", +- "&rll (@x[$d2],@x[$d2],8)", +- "&rll (@x[$d3],@x[$d3],8)", +- +- "&alr ($xc,@x[$d2])", +- "&alr ($xc_,@x[$d3])", +- "&xr (@x[$b2],$xc)", +- "&xr (@x[$b3],$xc_)", +- "&rll (@x[$b2],@x[$b2],7)", +- "&rll (@x[$b3],@x[$b3],7)" +- ); +-} +- +-$code.=<<___; +-.text +- +-.globl ChaCha20_ctr32 +-.type ChaCha20_ctr32,\@function +-.align 32 +-ChaCha20_ctr32: +- lt${g}r $len,$len # $len==0? +- bzr %r14 +- a${g}hi $len,-64 +- l${g}hi %r1,-$frame +- stm${g} %r6,%r15,`6*$SIZE_T`($sp) +- sl${g}r $out,$inp # difference +- la $len,0($inp,$len) # end of input minus 64 +- larl %r7,.Lsigma +- lgr %r0,$sp +- la $sp,0(%r1,$sp) +- st${g} %r0,0($sp) +- +- lmg %r8,%r11,0($key) # load key +- lmg %r12,%r13,0($counter) # load counter +- lmg %r6,%r7,0(%r7) # load sigma constant +- +- la %r14,0($inp) +- st${g} $out,$frame+3*$SIZE_T($sp) +- st${g} $len,$frame+4*$SIZE_T($sp) +- stmg %r6,%r13,$stdframe($sp) # copy key schedule to stack +- srlg @x[12],%r12,32 # 32-bit counter value +- j .Loop_outer +- +-.align 16 +-.Loop_outer: +- lm @x[0],@x[7],$stdframe+4*0($sp) # load x[0]-x[7] +- lm @t[0],@t[1],$stdframe+4*10($sp) # load x[10]-x[11] +- lm @x[13],@x[15],$stdframe+4*13($sp) # load x[13]-x[15] +- stm @t[0],@t[1],$stdframe+4*8+4*10($sp) # offload x[10]-x[11] +- lm @t[0],@t[1],$stdframe+4*8($sp) # load x[8]-x[9] +- st @x[12],$stdframe+4*12($sp) # save counter +- st${g} %r14,$frame+2*$SIZE_T($sp) # save input pointer +- lhi %r14,10 +- j .Loop +- +-.align 4 +-.Loop: +-___ +- foreach (&ROUND(0, 4, 8,12)) { eval; } +- foreach (&ROUND(0, 5,10,15)) { eval; } +-$code.=<<___; +- brct %r14,.Loop +- +- l${g} %r14,$frame+2*$SIZE_T($sp) # pull input pointer +- stm @t[0],@t[1],$stdframe+4*8+4*8($sp) # offload x[8]-x[9] +- lm${g} @t[0],@t[1],$frame+3*$SIZE_T($sp) +- +- al @x[0],$stdframe+4*0($sp) # accumulate key schedule +- al @x[1],$stdframe+4*1($sp) +- al @x[2],$stdframe+4*2($sp) +- al @x[3],$stdframe+4*3($sp) +- al @x[4],$stdframe+4*4($sp) +- al @x[5],$stdframe+4*5($sp) +- al @x[6],$stdframe+4*6($sp) +- al @x[7],$stdframe+4*7($sp) +- lrvr @x[0],@x[0] +- lrvr @x[1],@x[1] +- lrvr @x[2],@x[2] +- lrvr @x[3],@x[3] +- lrvr @x[4],@x[4] +- lrvr @x[5],@x[5] +- lrvr @x[6],@x[6] +- lrvr @x[7],@x[7] +- al @x[12],$stdframe+4*12($sp) +- al @x[13],$stdframe+4*13($sp) +- al @x[14],$stdframe+4*14($sp) +- al @x[15],$stdframe+4*15($sp) +- lrvr @x[12],@x[12] +- lrvr @x[13],@x[13] +- lrvr @x[14],@x[14] +- lrvr @x[15],@x[15] +- +- la @t[0],0(@t[0],%r14) # reconstruct output pointer +- cl${g}r %r14,@t[1] +- jh .Ltail +- +- x @x[0],4*0(%r14) # xor with input +- x @x[1],4*1(%r14) +- st @x[0],4*0(@t[0]) # store output +- x @x[2],4*2(%r14) +- st @x[1],4*1(@t[0]) +- x @x[3],4*3(%r14) +- st @x[2],4*2(@t[0]) +- x @x[4],4*4(%r14) +- st @x[3],4*3(@t[0]) +- lm @x[0],@x[3],$stdframe+4*8+4*8($sp) # load x[8]-x[11] +- x @x[5],4*5(%r14) +- st @x[4],4*4(@t[0]) +- x @x[6],4*6(%r14) +- al @x[0],$stdframe+4*8($sp) +- st @x[5],4*5(@t[0]) +- x @x[7],4*7(%r14) +- al @x[1],$stdframe+4*9($sp) +- st @x[6],4*6(@t[0]) +- x @x[12],4*12(%r14) +- al @x[2],$stdframe+4*10($sp) +- st @x[7],4*7(@t[0]) +- x @x[13],4*13(%r14) +- al @x[3],$stdframe+4*11($sp) +- st @x[12],4*12(@t[0]) +- x @x[14],4*14(%r14) +- st @x[13],4*13(@t[0]) +- x @x[15],4*15(%r14) +- st @x[14],4*14(@t[0]) +- lrvr @x[0],@x[0] +- st @x[15],4*15(@t[0]) +- lrvr @x[1],@x[1] +- lrvr @x[2],@x[2] +- lrvr @x[3],@x[3] +- lhi @x[12],1 +- x @x[0],4*8(%r14) +- al @x[12],$stdframe+4*12($sp) # increment counter +- x @x[1],4*9(%r14) +- st @x[0],4*8(@t[0]) +- x @x[2],4*10(%r14) +- st @x[1],4*9(@t[0]) +- x @x[3],4*11(%r14) +- st @x[2],4*10(@t[0]) +- st @x[3],4*11(@t[0]) +- +- cl${g}r %r14,@t[1] # done yet? +- la %r14,64(%r14) +- jl .Loop_outer +- +-.Ldone: +- xgr %r0,%r0 +- xgr %r1,%r1 +- xgr %r2,%r2 +- xgr %r3,%r3 +- stmg %r0,%r3,$stdframe+4*4($sp) # wipe key copy +- stmg %r0,%r3,$stdframe+4*12($sp) +- +- lm${g} %r6,%r15,`$frame+6*$SIZE_T`($sp) +- br %r14 +- +-.align 16 +-.Ltail: +- la @t[1],64($t[1]) +- stm @x[0],@x[7],$stdframe+4*0($sp) +- sl${g}r @t[1],%r14 +- lm @x[0],@x[3],$stdframe+4*8+4*8($sp) +- l${g}hi @x[6],0 +- stm @x[12],@x[15],$stdframe+4*12($sp) +- al @x[0],$stdframe+4*8($sp) +- al @x[1],$stdframe+4*9($sp) +- al @x[2],$stdframe+4*10($sp) +- al @x[3],$stdframe+4*11($sp) +- lrvr @x[0],@x[0] +- lrvr @x[1],@x[1] +- lrvr @x[2],@x[2] +- lrvr @x[3],@x[3] +- stm @x[0],@x[3],$stdframe+4*8($sp) +- +-.Loop_tail: +- llgc @x[4],0(@x[6],%r14) +- llgc @x[5],$stdframe(@x[6],$sp) +- xr @x[5],@x[4] +- stc @x[5],0(@x[6],@t[0]) +- la @x[6],1(@x[6]) +- brct @t[1],.Loop_tail +- +- j .Ldone +-.size ChaCha20_ctr32,.-ChaCha20_ctr32 +- +-.align 32 +-.Lsigma: +-.long 0x61707865,0x3320646e,0x79622d32,0x6b206574 # endian-neutral +-.asciz "ChaCha20 for s390x, CRYPTOGAMS by " +-.align 4 +-___ ++ alr (@x[$a0],@x[$b0]); # Q1 ++ alr (@x[$a1],@x[$b1]); # Q2 ++ xr (@x[$d0],@x[$a0]); ++ xr (@x[$d1],@x[$a1]); ++ rll (@x[$d0],@x[$d0],16); ++ rll (@x[$d1],@x[$d1],16); ++ ++ alr ($xc,@x[$d0]); ++ alr ($xc_,@x[$d1]); ++ xr (@x[$b0],$xc); ++ xr (@x[$b1],$xc_); ++ rll (@x[$b0],@x[$b0],12); ++ rll (@x[$b1],@x[$b1],12); ++ ++ alr (@x[$a0],@x[$b0]); ++ alr (@x[$a1],@x[$b1]); ++ xr (@x[$d0],@x[$a0]); ++ xr (@x[$d1],@x[$a1]); ++ rll (@x[$d0],@x[$d0],8); ++ rll (@x[$d1],@x[$d1],8); ++ ++ alr ($xc,@x[$d0]); ++ alr ($xc_,@x[$d1]); ++ xr (@x[$b0],$xc); ++ xr (@x[$b1],$xc_); ++ rll (@x[$b0],@x[$b0],7); ++ rll (@x[$b1],@x[$b1],7); ++ ++ stm ($xc,$xc_,"$stdframe+4*8+4*$c0($sp)"); # reload pair of 'c's ++ lm ($xc,$xc_,"$stdframe+4*8+4*$c2($sp)"); ++ ++ alr (@x[$a2],@x[$b2]); # Q3 ++ alr (@x[$a3],@x[$b3]); # Q4 ++ xr (@x[$d2],@x[$a2]); ++ xr (@x[$d3],@x[$a3]); ++ rll (@x[$d2],@x[$d2],16); ++ rll (@x[$d3],@x[$d3],16); ++ ++ alr ($xc,@x[$d2]); ++ alr ($xc_,@x[$d3]); ++ xr (@x[$b2],$xc); ++ xr (@x[$b3],$xc_); ++ rll (@x[$b2],@x[$b2],12); ++ rll (@x[$b3],@x[$b3],12); ++ ++ alr (@x[$a2],@x[$b2]); ++ alr (@x[$a3],@x[$b3]); ++ xr (@x[$d2],@x[$a2]); ++ xr (@x[$d3],@x[$a3]); ++ rll (@x[$d2],@x[$d2],8); ++ rll (@x[$d3],@x[$d3],8); ++ ++ alr ($xc,@x[$d2]); ++ alr ($xc_,@x[$d3]); ++ xr (@x[$b2],$xc); ++ xr (@x[$b3],$xc_); ++ rll (@x[$b2],@x[$b2],7); ++ rll (@x[$b3],@x[$b3],7); ++} ++ ++sub VX_lane_ROUND { ++my ($a0,$b0,$c0,$d0)=@_; ++my ($a1,$b1,$c1,$d1)=map(($_&~3)+(($_+1)&3),($a0,$b0,$c0,$d0)); ++my ($a2,$b2,$c2,$d2)=map(($_&~3)+(($_+1)&3),($a1,$b1,$c1,$d1)); ++my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2)); ++my @x=map("%v$_",(0..15)); + +-foreach (split("\n",$code)) { +- s/\`([^\`]*)\`/eval $1/ge; ++ vaf (@x[$a0],@x[$a0],@x[$b0]); # Q1 ++ vx (@x[$d0],@x[$d0],@x[$a0]); ++ verllf (@x[$d0],@x[$d0],16); ++ vaf (@x[$a1],@x[$a1],@x[$b1]); # Q2 ++ vx (@x[$d1],@x[$d1],@x[$a1]); ++ verllf (@x[$d1],@x[$d1],16); ++ vaf (@x[$a2],@x[$a2],@x[$b2]); # Q3 ++ vx (@x[$d2],@x[$d2],@x[$a2]); ++ verllf (@x[$d2],@x[$d2],16); ++ vaf (@x[$a3],@x[$a3],@x[$b3]); # Q4 ++ vx (@x[$d3],@x[$d3],@x[$a3]); ++ verllf (@x[$d3],@x[$d3],16); ++ ++ vaf (@x[$c0],@x[$c0],@x[$d0]); ++ vx (@x[$b0],@x[$b0],@x[$c0]); ++ verllf (@x[$b0],@x[$b0],12); ++ vaf (@x[$c1],@x[$c1],@x[$d1]); ++ vx (@x[$b1],@x[$b1],@x[$c1]); ++ verllf (@x[$b1],@x[$b1],12); ++ vaf (@x[$c2],@x[$c2],@x[$d2]); ++ vx (@x[$b2],@x[$b2],@x[$c2]); ++ verllf (@x[$b2],@x[$b2],12); ++ vaf (@x[$c3],@x[$c3],@x[$d3]); ++ vx (@x[$b3],@x[$b3],@x[$c3]); ++ verllf (@x[$b3],@x[$b3],12); ++ ++ vaf (@x[$a0],@x[$a0],@x[$b0]); ++ vx (@x[$d0],@x[$d0],@x[$a0]); ++ verllf (@x[$d0],@x[$d0],8); ++ vaf (@x[$a1],@x[$a1],@x[$b1]); ++ vx (@x[$d1],@x[$d1],@x[$a1]); ++ verllf (@x[$d1],@x[$d1],8); ++ vaf (@x[$a2],@x[$a2],@x[$b2]); ++ vx (@x[$d2],@x[$d2],@x[$a2]); ++ verllf (@x[$d2],@x[$d2],8); ++ vaf (@x[$a3],@x[$a3],@x[$b3]); ++ vx (@x[$d3],@x[$d3],@x[$a3]); ++ verllf (@x[$d3],@x[$d3],8); ++ ++ vaf (@x[$c0],@x[$c0],@x[$d0]); ++ vx (@x[$b0],@x[$b0],@x[$c0]); ++ verllf (@x[$b0],@x[$b0],7); ++ vaf (@x[$c1],@x[$c1],@x[$d1]); ++ vx (@x[$b1],@x[$b1],@x[$c1]); ++ verllf (@x[$b1],@x[$b1],7); ++ vaf (@x[$c2],@x[$c2],@x[$d2]); ++ vx (@x[$b2],@x[$b2],@x[$c2]); ++ verllf (@x[$b2],@x[$b2],7); ++ vaf (@x[$c3],@x[$c3],@x[$d3]); ++ vx (@x[$b3],@x[$b3],@x[$c3]); ++ verllf (@x[$b3],@x[$b3],7); ++} + +- print $_,"\n"; ++sub VX_ROUND { ++my @a=@_[0..5]; ++my @b=@_[6..11]; ++my @c=@_[12..17]; ++my @d=@_[18..23]; ++my $odd=@_[24]; ++ ++ vaf (@a[$_],@a[$_],@b[$_]) for (0..5); ++ vx (@d[$_],@d[$_],@a[$_]) for (0..5); ++ verllf (@d[$_],@d[$_],16) for (0..5); ++ ++ vaf (@c[$_],@c[$_],@d[$_]) for (0..5); ++ vx (@b[$_],@b[$_],@c[$_]) for (0..5); ++ verllf (@b[$_],@b[$_],12) for (0..5); ++ ++ vaf (@a[$_],@a[$_],@b[$_]) for (0..5); ++ vx (@d[$_],@d[$_],@a[$_]) for (0..5); ++ verllf (@d[$_],@d[$_],8) for (0..5); ++ ++ vaf (@c[$_],@c[$_],@d[$_]) for (0..5); ++ vx (@b[$_],@b[$_],@c[$_]) for (0..5); ++ verllf (@b[$_],@b[$_],7) for (0..5); ++ ++ vsldb (@c[$_],@c[$_],@c[$_],8) for (0..5); ++ vsldb (@b[$_],@b[$_],@b[$_],$odd?12:4) for (0..5); ++ vsldb (@d[$_],@d[$_],@d[$_],$odd?4:12) for (0..5); + } +-close STDOUT or die "error closing STDOUT: $!"; ++ ++PERLASM_BEGIN($output); ++ ++INCLUDE ("s390x_arch.h"); ++TEXT (); ++ ++################ ++# void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp, size_t len, ++# const unsigned int key[8], const unsigned int counter[4]) ++my ($out,$inp,$len,$key,$counter)=map("%r$_",(2..6)); ++{ ++my $frame=$stdframe+4*20; ++my @x=map("%r$_",(0..7,"x","x","x","x",(10..13))); ++my @t=map("%r$_",(8,9)); ++ ++GLOBL ("ChaCha20_ctr32"); ++TYPE ("ChaCha20_ctr32","\@function"); ++ALIGN (32); ++LABEL ("ChaCha20_ctr32"); ++ larl ("%r1","OPENSSL_s390xcap_P"); ++ ++ lghi ("%r0",64); ++&{$z? \<gr:\<r} ($len,$len); # len==0? ++ bzr ("%r14"); ++ lg ("%r1","S390X_STFLE+16(%r1)"); ++&{$z? \&clgr:\&clr} ($len,"%r0"); ++ jle (".Lshort"); ++ ++ tmhh ("%r1",0x4000); # check for vx bit ++ jnz (".LChaCha20_ctr32_vx"); ++ ++LABEL (".Lshort"); ++&{$z? \&aghi:\&ahi} ($len,-64); ++&{$z? \&lghi:\&lhi} ("%r1",-$frame); ++&{$z? \&stmg:\&stm} ("%r6","%r15","6*$SIZE_T($sp)"); ++&{$z? \&slgr:\&slr} ($out,$inp); # difference ++ la ($len,"0($inp,$len)"); # end of input minus 64 ++ larl ("%r7",".Lsigma"); ++ lgr ("%r0",$sp); ++ la ($sp,"0(%r1,$sp)"); ++&{$z? \&stg:\&st} ("%r0","0($sp)"); ++ ++ lmg ("%r8","%r11","0($key)"); # load key ++ lmg ("%r12","%r13","0($counter)"); # load counter ++ lmg ("%r6","%r7","0(%r7)"); # load sigma constant ++ ++ la ("%r14","0($inp)"); ++&{$z? \&stg:\&st} ($out,"$frame+3*$SIZE_T($sp)"); ++&{$z? \&stg:\&st} ($len,"$frame+4*$SIZE_T($sp)"); ++ stmg ("%r6","%r13","$stdframe($sp)");# copy key schedule to stack ++ srlg (@x[12],"%r12",32); # 32-bit counter value ++ j (".Loop_outer"); ++ ++ALIGN (16); ++LABEL (".Loop_outer"); ++ lm (@x[0],@x[7],"$stdframe+4*0($sp)"); # load x[0]-x[7] ++ lm (@t[0],@t[1],"$stdframe+4*10($sp)"); # load x[10]-x[11] ++ lm (@x[13],@x[15],"$stdframe+4*13($sp)"); # load x[13]-x[15] ++ stm (@t[0],@t[1],"$stdframe+4*8+4*10($sp)");# offload x[10]-x[11] ++ lm (@t[0],@t[1],"$stdframe+4*8($sp)"); # load x[8]-x[9] ++ st (@x[12],"$stdframe+4*12($sp)"); # save counter ++&{$z? \&stg:\&st} ("%r14","$frame+2*$SIZE_T($sp)");# save input pointer ++ lhi ("%r14",10); ++ j (".Loop"); ++ ++ALIGN (4); ++LABEL (".Loop"); ++ ROUND (0, 4, 8,12); ++ ROUND (0, 5,10,15); ++ brct ("%r14",".Loop"); ++ ++&{$z? \&lg:\&l} ("%r14","$frame+2*$SIZE_T($sp)");# pull input pointer ++ stm (@t[0],@t[1],"$stdframe+4*8+4*8($sp)"); # offload x[8]-x[9] ++&{$z? \&lmg:\&lm} (@t[0],@t[1],"$frame+3*$SIZE_T($sp)"); ++ ++ al (@x[0],"$stdframe+4*0($sp)"); # accumulate key schedule ++ al (@x[1],"$stdframe+4*1($sp)"); ++ al (@x[2],"$stdframe+4*2($sp)"); ++ al (@x[3],"$stdframe+4*3($sp)"); ++ al (@x[4],"$stdframe+4*4($sp)"); ++ al (@x[5],"$stdframe+4*5($sp)"); ++ al (@x[6],"$stdframe+4*6($sp)"); ++ al (@x[7],"$stdframe+4*7($sp)"); ++ lrvr (@x[0],@x[0]); ++ lrvr (@x[1],@x[1]); ++ lrvr (@x[2],@x[2]); ++ lrvr (@x[3],@x[3]); ++ lrvr (@x[4],@x[4]); ++ lrvr (@x[5],@x[5]); ++ lrvr (@x[6],@x[6]); ++ lrvr (@x[7],@x[7]); ++ al (@x[12],"$stdframe+4*12($sp)"); ++ al (@x[13],"$stdframe+4*13($sp)"); ++ al (@x[14],"$stdframe+4*14($sp)"); ++ al (@x[15],"$stdframe+4*15($sp)"); ++ lrvr (@x[12],@x[12]); ++ lrvr (@x[13],@x[13]); ++ lrvr (@x[14],@x[14]); ++ lrvr (@x[15],@x[15]); ++ ++ la (@t[0],"0(@t[0],%r14)"); # reconstruct output pointer ++&{$z? \&clgr:\&clr} ("%r14",@t[1]); ++ jh (".Ltail"); ++ ++ x (@x[0],"4*0(%r14)"); # xor with input ++ x (@x[1],"4*1(%r14)"); ++ st (@x[0],"4*0(@t[0])"); # store output ++ x (@x[2],"4*2(%r14)"); ++ st (@x[1],"4*1(@t[0])"); ++ x (@x[3],"4*3(%r14)"); ++ st (@x[2],"4*2(@t[0])"); ++ x (@x[4],"4*4(%r14)"); ++ st (@x[3],"4*3(@t[0])"); ++ lm (@x[0],@x[3],"$stdframe+4*8+4*8($sp)"); # load x[8]-x[11] ++ x (@x[5],"4*5(%r14)"); ++ st (@x[4],"4*4(@t[0])"); ++ x (@x[6],"4*6(%r14)"); ++ al (@x[0],"$stdframe+4*8($sp)"); ++ st (@x[5],"4*5(@t[0])"); ++ x (@x[7],"4*7(%r14)"); ++ al (@x[1],"$stdframe+4*9($sp)"); ++ st (@x[6],"4*6(@t[0])"); ++ x (@x[12],"4*12(%r14)"); ++ al (@x[2],"$stdframe+4*10($sp)"); ++ st (@x[7],"4*7(@t[0])"); ++ x (@x[13],"4*13(%r14)"); ++ al (@x[3],"$stdframe+4*11($sp)"); ++ st (@x[12],"4*12(@t[0])"); ++ x (@x[14],"4*14(%r14)"); ++ st (@x[13],"4*13(@t[0])"); ++ x (@x[15],"4*15(%r14)"); ++ st (@x[14],"4*14(@t[0])"); ++ lrvr (@x[0],@x[0]); ++ st (@x[15],"4*15(@t[0])"); ++ lrvr (@x[1],@x[1]); ++ lrvr (@x[2],@x[2]); ++ lrvr (@x[3],@x[3]); ++ lhi (@x[12],1); ++ x (@x[0],"4*8(%r14)"); ++ al (@x[12],"$stdframe+4*12($sp)"); # increment counter ++ x (@x[1],"4*9(%r14)"); ++ st (@x[0],"4*8(@t[0])"); ++ x (@x[2],"4*10(%r14)"); ++ st (@x[1],"4*9(@t[0])"); ++ x (@x[3],"4*11(%r14)"); ++ st (@x[2],"4*10(@t[0])"); ++ st (@x[3],"4*11(@t[0])"); ++ ++&{$z? \&clgr:\&clr} ("%r14",@t[1]); # done yet? ++ la ("%r14","64(%r14)"); ++ jl (".Loop_outer"); ++ ++LABEL (".Ldone"); ++ xgr ("%r0","%r0"); ++ xgr ("%r1","%r1"); ++ xgr ("%r2","%r2"); ++ xgr ("%r3","%r3"); ++ stmg ("%r0","%r3","$stdframe+4*4($sp)"); # wipe key copy ++ stmg ("%r0","%r3","$stdframe+4*12($sp)"); ++ ++&{$z? \&lmg:\&lm} ("%r6","%r15","$frame+6*$SIZE_T($sp)"); ++ br ("%r14"); ++ ++ALIGN (16); ++LABEL (".Ltail"); ++ la (@t[1],"64($t[1])"); ++ stm (@x[0],@x[7],"$stdframe+4*0($sp)"); ++&{$z? \&slgr:\&slr} (@t[1],"%r14"); ++ lm (@x[0],@x[3],"$stdframe+4*8+4*8($sp)"); ++&{$z? \&lghi:\&lhi} (@x[6],0); ++ stm (@x[12],@x[15],"$stdframe+4*12($sp)"); ++ al (@x[0],"$stdframe+4*8($sp)"); ++ al (@x[1],"$stdframe+4*9($sp)"); ++ al (@x[2],"$stdframe+4*10($sp)"); ++ al (@x[3],"$stdframe+4*11($sp)"); ++ lrvr (@x[0],@x[0]); ++ lrvr (@x[1],@x[1]); ++ lrvr (@x[2],@x[2]); ++ lrvr (@x[3],@x[3]); ++ stm (@x[0],@x[3],"$stdframe+4*8($sp)"); ++ ++LABEL (".Loop_tail"); ++ llgc (@x[4],"0(@x[6],%r14)"); ++ llgc (@x[5],"$stdframe(@x[6],$sp)"); ++ xr (@x[5],@x[4]); ++ stc (@x[5],"0(@x[6],@t[0])"); ++ la (@x[6],"1(@x[6])"); ++ brct (@t[1],".Loop_tail"); ++ ++ j (".Ldone"); ++SIZE ("ChaCha20_ctr32",".-ChaCha20_ctr32"); ++} ++ ++######################################################################## ++# 4x"vertical" layout minimizes amount of instructions, but pipeline ++# runs underutilized [because of vector instructions' high latency]. ++# On the other hand minimum amount of data it takes to fully utilize ++# the pipeline is higher, so that effectively, short inputs would be ++# processed slower. Hence this code path targeting <=256 bytes lengths. ++# ++{ ++my ($xa0,$xa1,$xa2,$xa3, $xb0,$xb1,$xb2,$xb3, ++ $xc0,$xc1,$xc2,$xc3, $xd0,$xd1,$xd2,$xd3)=map("%v$_",(0..15)); ++my @K=map("%v$_",(16..19)); ++my $CTR="%v26"; ++my ($xt0,$xt1,$xt2,$xt3)=map("%v$_",(27..30)); ++my $beperm="%v31"; ++my ($x00,$x10,$x20,$x30)=(0,map("r$_",(8..10))); ++my $FRAME=$stdframe+4*16; ++ ++ALIGN (32); ++LABEL ("ChaCha20_ctr32_4x"); ++LABEL (".LChaCha20_ctr32_4x"); ++&{$z? \&stmg:\&stm} ("%r6","%r7","6*$SIZE_T($sp)"); ++if (!$z) { ++ std ("%f4","16*$SIZE_T+2*8($sp)"); ++ std ("%f6","16*$SIZE_T+3*8($sp)"); ++} ++&{$z? \&lghi:\&lhi} ("%r1",-$FRAME); ++ lgr ("%r0",$sp); ++ la ($sp,"0(%r1,$sp)"); ++&{$z? \&stg:\&st} ("%r0","0($sp)"); # back-chain ++if ($z) { ++ std ("%f8","$stdframe+8*0($sp)"); ++ std ("%f9","$stdframe+8*1($sp)"); ++ std ("%f10","$stdframe+8*2($sp)"); ++ std ("%f11","$stdframe+8*3($sp)"); ++ std ("%f12","$stdframe+8*4($sp)"); ++ std ("%f13","$stdframe+8*5($sp)"); ++ std ("%f14","$stdframe+8*6($sp)"); ++ std ("%f15","$stdframe+8*7($sp)"); ++} ++ larl ("%r7",".Lsigma"); ++ lhi ("%r0",10); ++ lhi ("%r1",0); ++ ++ vl (@K[0],"0(%r7)"); # load sigma ++ vl (@K[1],"0($key)"); # load key ++ vl (@K[2],"16($key)"); ++ vl (@K[3],"0($counter)"); # load counter ++ ++ vl ($beperm,"0x40(%r7)"); ++ vl ($xt1,"0x50(%r7)"); ++ vrepf ($CTR,@K[3],0); ++ vlvgf (@K[3],"%r1",0); # clear @K[3].word[0] ++ vaf ($CTR,$CTR,$xt1); ++ ++#LABEL (".Loop_outer_4x"); ++ vlm ($xa0,$xa3,"0x60(%r7)"); # load [smashed] sigma ++ ++ vrepf ($xb0,@K[1],0); # smash the key ++ vrepf ($xb1,@K[1],1); ++ vrepf ($xb2,@K[1],2); ++ vrepf ($xb3,@K[1],3); ++ ++ vrepf ($xc0,@K[2],0); ++ vrepf ($xc1,@K[2],1); ++ vrepf ($xc2,@K[2],2); ++ vrepf ($xc3,@K[2],3); ++ ++ vlr ($xd0,$CTR); ++ vrepf ($xd1,@K[3],1); ++ vrepf ($xd2,@K[3],2); ++ vrepf ($xd3,@K[3],3); ++ ++LABEL (".Loop_4x"); ++ VX_lane_ROUND(0, 4, 8,12); ++ VX_lane_ROUND(0, 5,10,15); ++ brct ("%r0",".Loop_4x"); ++ ++ vaf ($xd0,$xd0,$CTR); ++ ++ vmrhf ($xt0,$xa0,$xa1); # transpose data ++ vmrhf ($xt1,$xa2,$xa3); ++ vmrlf ($xt2,$xa0,$xa1); ++ vmrlf ($xt3,$xa2,$xa3); ++ vpdi ($xa0,$xt0,$xt1,0b0000); ++ vpdi ($xa1,$xt0,$xt1,0b0101); ++ vpdi ($xa2,$xt2,$xt3,0b0000); ++ vpdi ($xa3,$xt2,$xt3,0b0101); ++ ++ vmrhf ($xt0,$xb0,$xb1); ++ vmrhf ($xt1,$xb2,$xb3); ++ vmrlf ($xt2,$xb0,$xb1); ++ vmrlf ($xt3,$xb2,$xb3); ++ vpdi ($xb0,$xt0,$xt1,0b0000); ++ vpdi ($xb1,$xt0,$xt1,0b0101); ++ vpdi ($xb2,$xt2,$xt3,0b0000); ++ vpdi ($xb3,$xt2,$xt3,0b0101); ++ ++ vmrhf ($xt0,$xc0,$xc1); ++ vmrhf ($xt1,$xc2,$xc3); ++ vmrlf ($xt2,$xc0,$xc1); ++ vmrlf ($xt3,$xc2,$xc3); ++ vpdi ($xc0,$xt0,$xt1,0b0000); ++ vpdi ($xc1,$xt0,$xt1,0b0101); ++ vpdi ($xc2,$xt2,$xt3,0b0000); ++ vpdi ($xc3,$xt2,$xt3,0b0101); ++ ++ vmrhf ($xt0,$xd0,$xd1); ++ vmrhf ($xt1,$xd2,$xd3); ++ vmrlf ($xt2,$xd0,$xd1); ++ vmrlf ($xt3,$xd2,$xd3); ++ vpdi ($xd0,$xt0,$xt1,0b0000); ++ vpdi ($xd1,$xt0,$xt1,0b0101); ++ vpdi ($xd2,$xt2,$xt3,0b0000); ++ vpdi ($xd3,$xt2,$xt3,0b0101); ++ ++ #vrepif ($xt0,4); ++ #vaf ($CTR,$CTR,$xt0); # next counter value ++ ++ vaf ($xa0,$xa0,@K[0]); ++ vaf ($xb0,$xb0,@K[1]); ++ vaf ($xc0,$xc0,@K[2]); ++ vaf ($xd0,$xd0,@K[3]); ++ ++ vperm ($xa0,$xa0,$xa0,$beperm); ++ vperm ($xb0,$xb0,$xb0,$beperm); ++ vperm ($xc0,$xc0,$xc0,$beperm); ++ vperm ($xd0,$xd0,$xd0,$beperm); ++ ++ #&{$z? \&clgfi:\&clfi} ($len,0x40); ++ #jl (".Ltail_4x"); ++ ++ vlm ($xt0,$xt3,"0($inp)"); ++ ++ vx ($xt0,$xt0,$xa0); ++ vx ($xt1,$xt1,$xb0); ++ vx ($xt2,$xt2,$xc0); ++ vx ($xt3,$xt3,$xd0); ++ ++ vstm ($xt0,$xt3,"0($out)"); ++ ++ la ($inp,"0x40($inp)"); ++ la ($out,"0x40($out)"); ++&{$z? \&aghi:\&ahi} ($len,-0x40); ++ #je (".Ldone_4x"); ++ ++ vaf ($xa0,$xa1,@K[0]); ++ vaf ($xb0,$xb1,@K[1]); ++ vaf ($xc0,$xc1,@K[2]); ++ vaf ($xd0,$xd1,@K[3]); ++ ++ vperm ($xa0,$xa0,$xa0,$beperm); ++ vperm ($xb0,$xb0,$xb0,$beperm); ++ vperm ($xc0,$xc0,$xc0,$beperm); ++ vperm ($xd0,$xd0,$xd0,$beperm); ++ ++&{$z? \&clgfi:\&clfi} ($len,0x40); ++ jl (".Ltail_4x"); ++ ++ vlm ($xt0,$xt3,"0($inp)"); ++ ++ vx ($xt0,$xt0,$xa0); ++ vx ($xt1,$xt1,$xb0); ++ vx ($xt2,$xt2,$xc0); ++ vx ($xt3,$xt3,$xd0); ++ ++ vstm ($xt0,$xt3,"0($out)"); ++ ++ la ($inp,"0x40($inp)"); ++ la ($out,"0x40($out)"); ++&{$z? \&aghi:\&ahi} ($len,-0x40); ++ je (".Ldone_4x"); ++ ++ vaf ($xa0,$xa2,@K[0]); ++ vaf ($xb0,$xb2,@K[1]); ++ vaf ($xc0,$xc2,@K[2]); ++ vaf ($xd0,$xd2,@K[3]); ++ ++ vperm ($xa0,$xa0,$xa0,$beperm); ++ vperm ($xb0,$xb0,$xb0,$beperm); ++ vperm ($xc0,$xc0,$xc0,$beperm); ++ vperm ($xd0,$xd0,$xd0,$beperm); ++ ++&{$z? \&clgfi:\&clfi} ($len,0x40); ++ jl (".Ltail_4x"); ++ ++ vlm ($xt0,$xt3,"0($inp)"); ++ ++ vx ($xt0,$xt0,$xa0); ++ vx ($xt1,$xt1,$xb0); ++ vx ($xt2,$xt2,$xc0); ++ vx ($xt3,$xt3,$xd0); ++ ++ vstm ($xt0,$xt3,"0($out)"); ++ ++ la ($inp,"0x40($inp)"); ++ la ($out,"0x40($out)"); ++&{$z? \&aghi:\&ahi} ($len,-0x40); ++ je (".Ldone_4x"); ++ ++ vaf ($xa0,$xa3,@K[0]); ++ vaf ($xb0,$xb3,@K[1]); ++ vaf ($xc0,$xc3,@K[2]); ++ vaf ($xd0,$xd3,@K[3]); ++ ++ vperm ($xa0,$xa0,$xa0,$beperm); ++ vperm ($xb0,$xb0,$xb0,$beperm); ++ vperm ($xc0,$xc0,$xc0,$beperm); ++ vperm ($xd0,$xd0,$xd0,$beperm); ++ ++&{$z? \&clgfi:\&clfi} ($len,0x40); ++ jl (".Ltail_4x"); ++ ++ vlm ($xt0,$xt3,"0($inp)"); ++ ++ vx ($xt0,$xt0,$xa0); ++ vx ($xt1,$xt1,$xb0); ++ vx ($xt2,$xt2,$xc0); ++ vx ($xt3,$xt3,$xd0); ++ ++ vstm ($xt0,$xt3,"0($out)"); ++ ++ #la $inp,0x40($inp)); ++ #la $out,0x40($out)); ++ #lhi %r0,10); ++ #&{$z? \&aghi:\&ahi} $len,-0x40); ++ #jne .Loop_outer_4x); ++ ++LABEL (".Ldone_4x"); ++if (!$z) { ++ ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); ++ ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); ++} else { ++ ld ("%f8","$stdframe+8*0($sp)"); ++ ld ("%f9","$stdframe+8*1($sp)"); ++ ld ("%f10","$stdframe+8*2($sp)"); ++ ld ("%f11","$stdframe+8*3($sp)"); ++ ld ("%f12","$stdframe+8*4($sp)"); ++ ld ("%f13","$stdframe+8*5($sp)"); ++ ld ("%f14","$stdframe+8*6($sp)"); ++ ld ("%f15","$stdframe+8*7($sp)"); ++} ++&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); ++ la ($sp,"$FRAME($sp)"); ++ br ("%r14"); ++ ++ALIGN (16); ++LABEL (".Ltail_4x"); ++if (!$z) { ++ vlr ($xt0,$xb0); ++ ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); ++ ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); ++ ++ vst ($xa0,"$stdframe+0x00($sp)"); ++ vst ($xt0,"$stdframe+0x10($sp)"); ++ vst ($xc0,"$stdframe+0x20($sp)"); ++ vst ($xd0,"$stdframe+0x30($sp)"); ++} else { ++ vlr ($xt0,$xc0); ++ ld ("%f8","$stdframe+8*0($sp)"); ++ ld ("%f9","$stdframe+8*1($sp)"); ++ ld ("%f10","$stdframe+8*2($sp)"); ++ ld ("%f11","$stdframe+8*3($sp)"); ++ vlr ($xt1,$xd0); ++ ld ("%f12","$stdframe+8*4($sp)"); ++ ld ("%f13","$stdframe+8*5($sp)"); ++ ld ("%f14","$stdframe+8*6($sp)"); ++ ld ("%f15","$stdframe+8*7($sp)"); ++ ++ vst ($xa0,"$stdframe+0x00($sp)"); ++ vst ($xb0,"$stdframe+0x10($sp)"); ++ vst ($xt0,"$stdframe+0x20($sp)"); ++ vst ($xt1,"$stdframe+0x30($sp)"); ++} ++ lghi ("%r1",0); ++ ++LABEL (".Loop_tail_4x"); ++ llgc ("%r5","0(%r1,$inp)"); ++ llgc ("%r6","$stdframe(%r1,$sp)"); ++ xr ("%r6","%r5"); ++ stc ("%r6","0(%r1,$out)"); ++ la ("%r1","1(%r1)"); ++ brct ($len,".Loop_tail_4x"); ++ ++&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); ++ la ($sp,"$FRAME($sp)"); ++ br ("%r14"); ++SIZE ("ChaCha20_ctr32_4x",".-ChaCha20_ctr32_4x"); ++} ++ ++######################################################################## ++# 6x"horizontal" layout is optimal fit for the platform in its current ++# shape, more specifically for given vector instructions' latency. Well, ++# computational part of 8x"vertical" would be faster, but it consumes ++# all registers and dealing with that will diminish the return... ++# ++{ ++my ($a0,$b0,$c0,$d0, $a1,$b1,$c1,$d1, ++ $a2,$b2,$c2,$d2, $a3,$b3,$c3,$d3, ++ $a4,$b4,$c4,$d4, $a5,$b5,$c5,$d5)=map("%v$_",(0..23)); ++my @K=map("%v$_",(27,24..26)); ++my ($t0,$t1,$t2,$t3)=map("%v$_",27..30); ++my $beperm="%v31"; ++my $FRAME=$stdframe + 4*16; ++ ++GLOBL ("ChaCha20_ctr32_vx"); ++ALIGN (32); ++LABEL ("ChaCha20_ctr32_vx"); ++LABEL (".LChaCha20_ctr32_vx"); ++&{$z? \&clgfi:\&clfi} ($len,256); ++ jle (".LChaCha20_ctr32_4x"); ++&{$z? \&stmg:\&stm} ("%r6","%r7","6*$SIZE_T($sp)"); ++if (!$z) { ++ std ("%f4","16*$SIZE_T+2*8($sp)"); ++ std ("%f6","16*$SIZE_T+3*8($sp)"); ++} ++&{$z? \&lghi:\&lhi} ("%r1",-$FRAME); ++ lgr ("%r0",$sp); ++ la ($sp,"0(%r1,$sp)"); ++&{$z? \&stg:\&st} ("%r0","0($sp)"); # back-chain ++if ($z) { ++ std ("%f8","$FRAME-8*8($sp)"); ++ std ("%f9","$FRAME-8*7($sp)"); ++ std ("%f10","$FRAME-8*6($sp)"); ++ std ("%f11","$FRAME-8*5($sp)"); ++ std ("%f12","$FRAME-8*4($sp)"); ++ std ("%f13","$FRAME-8*3($sp)"); ++ std ("%f14","$FRAME-8*2($sp)"); ++ std ("%f15","$FRAME-8*1($sp)"); ++} ++ larl ("%r7",".Lsigma"); ++ lhi ("%r0",10); ++ ++ vlm (@K[1],@K[2],"0($key)"); # load key ++ vl (@K[3],"0($counter)"); # load counter ++ ++ vlm (@K[0],"$beperm","0(%r7)"); # load sigma, increments, ... ++ ++LABEL (".Loop_outer_vx"); ++ vlr ($a0,@K[0]); ++ vlr ($b0,@K[1]); ++ vlr ($a1,@K[0]); ++ vlr ($b1,@K[1]); ++ vlr ($a2,@K[0]); ++ vlr ($b2,@K[1]); ++ vlr ($a3,@K[0]); ++ vlr ($b3,@K[1]); ++ vlr ($a4,@K[0]); ++ vlr ($b4,@K[1]); ++ vlr ($a5,@K[0]); ++ vlr ($b5,@K[1]); ++ ++ vlr ($d0,@K[3]); ++ vaf ($d1,@K[3],$t1); # K[3]+1 ++ vaf ($d2,@K[3],$t2); # K[3]+2 ++ vaf ($d3,@K[3],$t3); # K[3]+3 ++ vaf ($d4,$d2,$t2); # K[3]+4 ++ vaf ($d5,$d2,$t3); # K[3]+5 ++ ++ vlr ($c0,@K[2]); ++ vlr ($c1,@K[2]); ++ vlr ($c2,@K[2]); ++ vlr ($c3,@K[2]); ++ vlr ($c4,@K[2]); ++ vlr ($c5,@K[2]); ++ ++ vlr ($t1,$d1); ++ vlr ($t2,$d2); ++ vlr ($t3,$d3); ++ ++ALIGN (4); ++LABEL (".Loop_vx"); ++ ++ VX_ROUND($a0,$a1,$a2,$a3,$a4,$a5, ++ $b0,$b1,$b2,$b3,$b4,$b5, ++ $c0,$c1,$c2,$c3,$c4,$c5, ++ $d0,$d1,$d2,$d3,$d4,$d5, ++ 0); ++ ++ VX_ROUND($a0,$a1,$a2,$a3,$a4,$a5, ++ $b0,$b1,$b2,$b3,$b4,$b5, ++ $c0,$c1,$c2,$c3,$c4,$c5, ++ $d0,$d1,$d2,$d3,$d4,$d5, ++ 1); ++ ++ brct ("%r0",".Loop_vx"); ++ ++ vaf ($a0,$a0,@K[0]); ++ vaf ($b0,$b0,@K[1]); ++ vaf ($c0,$c0,@K[2]); ++ vaf ($d0,$d0,@K[3]); ++ vaf ($a1,$a1,@K[0]); ++ vaf ($d1,$d1,$t1); # +K[3]+1 ++ ++ vperm ($a0,$a0,$a0,$beperm); ++ vperm ($b0,$b0,$b0,$beperm); ++ vperm ($c0,$c0,$c0,$beperm); ++ vperm ($d0,$d0,$d0,$beperm); ++ ++&{$z? \&clgfi:\&clfi} ($len,0x40); ++ jl (".Ltail_vx"); ++ ++ vaf ($d2,$d2,$t2); # +K[3]+2 ++ vaf ($d3,$d3,$t3); # +K[3]+3 ++ vlm ($t0,$t3,"0($inp)"); ++ ++ vx ($a0,$a0,$t0); ++ vx ($b0,$b0,$t1); ++ vx ($c0,$c0,$t2); ++ vx ($d0,$d0,$t3); ++ ++ vlm (@K[0],$t3,"0(%r7)"); # re-load sigma and increments ++ ++ vstm ($a0,$d0,"0($out)"); ++ ++ la ($inp,"0x40($inp)"); ++ la ($out,"0x40($out)"); ++&{$z? \&aghi:\&ahi} ($len,-0x40); ++ je (".Ldone_vx"); ++ ++ vaf ($b1,$b1,@K[1]); ++ vaf ($c1,$c1,@K[2]); ++ ++ vperm ($a0,$a1,$a1,$beperm); ++ vperm ($b0,$b1,$b1,$beperm); ++ vperm ($c0,$c1,$c1,$beperm); ++ vperm ($d0,$d1,$d1,$beperm); ++ ++&{$z? \&clgfi:\&clfi} ($len,0x40); ++ jl (".Ltail_vx"); ++ ++ vlm ($a1,$d1,"0($inp)"); ++ ++ vx ($a0,$a0,$a1); ++ vx ($b0,$b0,$b1); ++ vx ($c0,$c0,$c1); ++ vx ($d0,$d0,$d1); ++ ++ vstm ($a0,$d0,"0($out)"); ++ ++ la ($inp,"0x40($inp)"); ++ la ($out,"0x40($out)"); ++&{$z? \&aghi:\&ahi} ($len,-0x40); ++ je (".Ldone_vx"); ++ ++ vaf ($a2,$a2,@K[0]); ++ vaf ($b2,$b2,@K[1]); ++ vaf ($c2,$c2,@K[2]); ++ ++ vperm ($a0,$a2,$a2,$beperm); ++ vperm ($b0,$b2,$b2,$beperm); ++ vperm ($c0,$c2,$c2,$beperm); ++ vperm ($d0,$d2,$d2,$beperm); ++ ++&{$z? \&clgfi:\&clfi} ($len,0x40); ++ jl (".Ltail_vx"); ++ ++ vlm ($a1,$d1,"0($inp)"); ++ ++ vx ($a0,$a0,$a1); ++ vx ($b0,$b0,$b1); ++ vx ($c0,$c0,$c1); ++ vx ($d0,$d0,$d1); ++ ++ vstm ($a0,$d0,"0($out)"); ++ ++ la ($inp,"0x40($inp)"); ++ la ($out,"0x40($out)"); ++&{$z? \&aghi:\&ahi} ($len,-0x40); ++ je (".Ldone_vx"); ++ ++ vaf ($a3,$a3,@K[0]); ++ vaf ($b3,$b3,@K[1]); ++ vaf ($c3,$c3,@K[2]); ++ vaf ($d2,@K[3],$t3); # K[3]+3 ++ ++ vperm ($a0,$a3,$a3,$beperm); ++ vperm ($b0,$b3,$b3,$beperm); ++ vperm ($c0,$c3,$c3,$beperm); ++ vperm ($d0,$d3,$d3,$beperm); ++ ++&{$z? \&clgfi:\&clfi} ($len,0x40); ++ jl (".Ltail_vx"); ++ ++ vaf ($d3,$d2,$t1); # K[3]+4 ++ vlm ($a1,$d1,"0($inp)"); ++ ++ vx ($a0,$a0,$a1); ++ vx ($b0,$b0,$b1); ++ vx ($c0,$c0,$c1); ++ vx ($d0,$d0,$d1); ++ ++ vstm ($a0,$d0,"0($out)"); ++ ++ la ($inp,"0x40($inp)"); ++ la ($out,"0x40($out)"); ++&{$z? \&aghi:\&ahi} ($len,-0x40); ++ je (".Ldone_vx"); ++ ++ vaf ($a4,$a4,@K[0]); ++ vaf ($b4,$b4,@K[1]); ++ vaf ($c4,$c4,@K[2]); ++ vaf ($d4,$d4,$d3); # +K[3]+4 ++ vaf ($d3,$d3,$t1); # K[3]+5 ++ vaf (@K[3],$d2,$t3); # K[3]+=6 ++ ++ vperm ($a0,$a4,$a4,$beperm); ++ vperm ($b0,$b4,$b4,$beperm); ++ vperm ($c0,$c4,$c4,$beperm); ++ vperm ($d0,$d4,$d4,$beperm); ++ ++&{$z? \&clgfi:\&clfi} ($len,0x40); ++ jl (".Ltail_vx"); ++ ++ vlm ($a1,$d1,"0($inp)"); ++ ++ vx ($a0,$a0,$a1); ++ vx ($b0,$b0,$b1); ++ vx ($c0,$c0,$c1); ++ vx ($d0,$d0,$d1); ++ ++ vstm ($a0,$d0,"0($out)"); ++ ++ la ($inp,"0x40($inp)"); ++ la ($out,"0x40($out)"); ++&{$z? \&aghi:\&ahi} ($len,-0x40); ++ je (".Ldone_vx"); ++ ++ vaf ($a5,$a5,@K[0]); ++ vaf ($b5,$b5,@K[1]); ++ vaf ($c5,$c5,@K[2]); ++ vaf ($d5,$d5,$d3); # +K[3]+5 ++ ++ vperm ($a0,$a5,$a5,$beperm); ++ vperm ($b0,$b5,$b5,$beperm); ++ vperm ($c0,$c5,$c5,$beperm); ++ vperm ($d0,$d5,$d5,$beperm); ++ ++&{$z? \&clgfi:\&clfi} ($len,0x40); ++ jl (".Ltail_vx"); ++ ++ vlm ($a1,$d1,"0($inp)"); ++ ++ vx ($a0,$a0,$a1); ++ vx ($b0,$b0,$b1); ++ vx ($c0,$c0,$c1); ++ vx ($d0,$d0,$d1); ++ ++ vstm ($a0,$d0,"0($out)"); ++ ++ la ($inp,"0x40($inp)"); ++ la ($out,"0x40($out)"); ++ lhi ("%r0",10); ++&{$z? \&aghi:\&ahi} ($len,-0x40); ++ jne (".Loop_outer_vx"); ++ ++LABEL (".Ldone_vx"); ++if (!$z) { ++ ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); ++ ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); ++} else { ++ ld ("%f8","$FRAME-8*8($sp)"); ++ ld ("%f9","$FRAME-8*7($sp)"); ++ ld ("%f10","$FRAME-8*6($sp)"); ++ ld ("%f11","$FRAME-8*5($sp)"); ++ ld ("%f12","$FRAME-8*4($sp)"); ++ ld ("%f13","$FRAME-8*3($sp)"); ++ ld ("%f14","$FRAME-8*2($sp)"); ++ ld ("%f15","$FRAME-8*1($sp)"); ++} ++&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); ++ la ($sp,"$FRAME($sp)"); ++ br ("%r14"); ++ ++ALIGN (16); ++LABEL (".Ltail_vx"); ++if (!$z) { ++ ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); ++ ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); ++} else { ++ ld ("%f8","$FRAME-8*8($sp)"); ++ ld ("%f9","$FRAME-8*7($sp)"); ++ ld ("%f10","$FRAME-8*6($sp)"); ++ ld ("%f11","$FRAME-8*5($sp)"); ++ ld ("%f12","$FRAME-8*4($sp)"); ++ ld ("%f13","$FRAME-8*3($sp)"); ++ ld ("%f14","$FRAME-8*2($sp)"); ++ ld ("%f15","$FRAME-8*1($sp)"); ++} ++ vstm ($a0,$d0,"$stdframe($sp)"); ++ lghi ("%r1",0); ++ ++LABEL (".Loop_tail_vx"); ++ llgc ("%r5","0(%r1,$inp)"); ++ llgc ("%r6","$stdframe(%r1,$sp)"); ++ xr ("%r6","%r5"); ++ stc ("%r6","0(%r1,$out)"); ++ la ("%r1","1(%r1)"); ++ brct ($len,".Loop_tail_vx"); ++ ++&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); ++ la ($sp,"$FRAME($sp)"); ++ br ("%r14"); ++SIZE ("ChaCha20_ctr32_vx",".-ChaCha20_ctr32_vx"); ++} ++################ ++ ++ALIGN (32); ++LABEL (".Lsigma"); ++LONG (0x61707865,0x3320646e,0x79622d32,0x6b206574); # endian-neutral sigma ++LONG (1,0,0,0); ++LONG (2,0,0,0); ++LONG (3,0,0,0); ++LONG (0x03020100,0x07060504,0x0b0a0908,0x0f0e0d0c); # byte swap ++ ++LONG (0,1,2,3); ++LONG (0x61707865,0x61707865,0x61707865,0x61707865); # smashed sigma ++LONG (0x3320646e,0x3320646e,0x3320646e,0x3320646e); ++LONG (0x79622d32,0x79622d32,0x79622d32,0x79622d32); ++LONG (0x6b206574,0x6b206574,0x6b206574,0x6b206574); ++ ++ASCIZ ("\"ChaCha20 for s390x, CRYPTOGAMS by \""); ++ALIGN (4); ++ ++PERLASM_END(); +diff -up openssl-1.1.1e/crypto/perlasm/s390x.pm.s390x-update openssl-1.1.1e/crypto/perlasm/s390x.pm +--- openssl-1.1.1e/crypto/perlasm/s390x.pm.s390x-update 2020-03-19 16:20:22.039227394 +0100 ++++ openssl-1.1.1e/crypto/perlasm/s390x.pm 2020-03-19 16:20:22.039227394 +0100 +@@ -0,0 +1,3060 @@ ++#!/usr/bin/env perl ++# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. ++# ++# Licensed under the OpenSSL license (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++# Copyright IBM Corp. 2018 ++# Author: Patrick Steuer ++ ++package perlasm::s390x; ++ ++use strict; ++use warnings; ++use Carp qw(confess); ++use Exporter qw(import); ++ ++our @EXPORT=qw(PERLASM_BEGIN PERLASM_END); ++our @EXPORT_OK=qw(AUTOLOAD LABEL INCLUDE stfle); ++our %EXPORT_TAGS=( ++ MSA => [qw(kmac km kmc kimd klmd)], ++ MSA4 => [qw(kmf kmo pcc kmctr)], ++ MSA5 => [qw(ppno prno)], ++ MSA8 => [qw(kma)], ++ VX => [qw(vgef vgeg vgbm vzero vone vgm vgmb vgmh vgmf vgmg ++ vl vlr vlrep vlrepb vlreph vlrepf vlrepg vleb vleh vlef vleg vleib ++ vleih vleif vleig vlgv vlgvb vlgvh vlgvf vlgvg vllez vllezb vllezh ++ vllezf vllezg vlm vlbb vlvg vlvgb vlvgh vlvgf vlvgg vlvgp ++ vll vmrh vmrhb vmrhh vmrhf vmrhg vmrl vmrlb vmrlh vmrlf vmrlg vpk ++ vpkh vpkf vpkg vpks vpksh vpksf vpksg vpkshs vpksfs vpksgs vpkls ++ vpklsh vpklsf vpklsg vpklshs vpklsfs vpklsgs vperm vpdi vrep vrepb ++ vreph vrepf vrepg vrepi vrepib vrepih vrepif vrepig vscef vsceg ++ vsel vseg vsegb vsegh vsegf vst vsteb vsteh vstef vsteg vstm vstl ++ vuph vuphb vuphh vuphf vuplh vuplhb vuplhh vuplhf vupl vuplb vuplhw ++ vuplf vupll vupllb vupllh vupllf va vab vah vaf vag vaq vacc vaccb ++ vacch vaccf vaccg vaccq vac vacq vaccc vacccq vn vnc vavg vavgb ++ vavgh vavgf vavgg vavgl vavglb vavglh vavglf vavglg vcksm vec_ vecb ++ vech vecf vecg vecl veclb veclh veclf veclg vceq vceqb vceqh vceqf ++ vceqg vceqbs vceqhs vceqfs vceqgs vch vchb vchh vchf vchg vchbs ++ vchhs vchfs vchgs vchl vchlb vchlh vchlf vchlg vchlbs vchlhs vchlfs ++ vchlgs vclz vclzb vclzh vclzf vclzg vctz vctzb vctzh vctzf vctzg ++ vx vgfm vgfmb vgfmh vgfmf vgfmg vgfma vgfmab vgfmah vgfmaf vgfmag ++ vlc vlcb vlch vlcf vlcg vlp vlpb vlph vlpf vlpg vmx vmxb vmxh vmxf ++ vmxg vmxl vmxlb vmxlh vmxlf vmxlg vmn vmnb vmnh vmnf vmng vmnl ++ vmnlb vmnlh vmnlf vmnlg vmal vmalb vmalhw vmalf vmah vmahb vmahh ++ vmahf vmalh vmalhb vmalhh vmalhf vmae vmaeb vmaeh vmaef vmale ++ vmaleb vmaleh vmalef vmao vmaob vmaoh vmaof vmalo vmalob vmaloh ++ vmalof vmh vmhb vmhh vmhf vmlh vmlhb vmlhh vmlhf vml vmlb vmlhw ++ vmlf vme vmeb vmeh vmef vmle vmleb vmleh vmlef vmo vmob vmoh vmof ++ vmlo vmlob vmloh vmlof vno vnot vo vpopct verllv verllvb verllvh ++ verllvf verllvg verll verllb verllh verllf verllg verim verimb ++ verimh verimf verimg veslv veslvb veslvh veslvf veslvg vesl veslb ++ veslh veslf veslg vesrav vesravb vesravh vesravf vesravg vesra ++ vesrab vesrah vesraf vesrag vesrlv vesrlvb vesrlvh vesrlvf vesrlvg ++ vesrl vesrlb vesrlh vesrlf vesrlg vsl vslb vsldb vsra vsrab vsrl ++ vsrlb vs vsb vsh vsf vsg vsq vscbi vscbib vscbih vscbif vscbig ++ vscbiq vsbi vsbiq vsbcbi vsbcbiq vsumg vsumgh vsumgf vsumq vsumqf ++ vsumqg vsum vsumb vsumh vtm vfae vfaeb vfaeh vfaef vfaebs vfaehs ++ vfaefs vfaezb vfaezh vfaezf vfaezbs vfaezhs vfaezfs vfee vfeeb ++ vfeeh vfeef vfeebs vfeehs vfeefs vfeezb vfeezh vfeezf vfeezbs ++ vfeezhs vfeezfs vfene vfeneb vfeneh vfenef vfenebs vfenehs vfenefs ++ vfenezb vfenezh vfenezf vfenezbs vfenezhs vfenezfs vistr vistrb ++ vistrh vistrf vistrbs vistrhs vistrfs vstrc vstrcb vstrch vstrcf ++ vstrcbs vstrchs vstrcfs vstrczb vstrczh vstrczf vstrczbs vstrczhs ++ vstrczfs vfa vfadb wfadb wfc wfcdb wfk wfkdb vfce vfcedb wfcedb ++ vfcedbs wfcedbs vfch vfchdb wfchdb vfchdbs wfchdbs vfche vfchedb ++ wfchedb vfchedbs wfchedbs vcdg vcdgb wcdgb vcdlg vcdlgb wcdlgb vcgd ++ vcgdb wcgdb vclgd vclgdb wclgdb vfd vfddb wfddb vfi vfidb wfidb ++ vlde vldeb wldeb vled vledb wledb vfm vfmdb wfmdb vfma vfmadb ++ wfmadb vfms vfmsdb wfmsdb vfpso vfpsodb wfpsodb vflcdb wflcdb ++ vflndb wflndb vflpdb wflpdb vfsq vfsqdb wfsqdb vfs vfsdb wfsdb ++ vftci vftcidb wftcidb)], ++ VXE => [qw(vbperm vllezlf vmsl vmslg vnx vnn voc vpopctb vpopcth ++ vpopctf vpopctg vfasb wfasb wfaxb wfcsb wfcxb wfksb wfkxb vfcesb ++ vfcesbs wfcesb wfcesbs wfcexb wfcexbs vfchsb vfchsbs wfchsb wfchsbs ++ wfchxb wfchxbs vfchesb vfchesbs wfchesb wfchesbs wfchexb wfchexbs ++ vfdsb wfdsb wfdxb vfisb wfisb wfixb vfll vflls wflls wflld vflr ++ vflrd wflrd wflrx vfmax vfmaxsb vfmaxdb wfmaxsb wfmaxdb wfmaxxb ++ vfmin vfminsb vfmindb wfminsb wfmindb wfminxb vfmsb wfmsb wfmxb ++ vfnma vfnms vfmasb wfmasb wfmaxb vfmssb wfmssb wfmsxb vfnmasb ++ vfnmadb wfnmasb wfnmadb wfnmaxb vfnmssb vfnmsdb wfnmssb wfnmsdb ++ wfnmsxb vfpsosb wfpsosb vflcsb wflcsb vflnsb wflnsb vflpsb wflpsb ++ vfpsoxb wfpsoxb vflcxb wflcxb vflnxb wflnxb vflpxb wflpxb vfsqsb ++ wfsqsb wfsqxb vfssb wfssb wfsxb vftcisb wftcisb wftcixb)], ++ VXD => [qw(vlrlr vlrl vstrlr vstrl vap vcp vcvb vcvbg vcvd vcvdg vdp ++ vlip vmp vmsp vpkz vpsop vrp vsdp vsrp vsp vtp vupkz)], ++); ++Exporter::export_ok_tags(qw(MSA MSA4 MSA5 MSA8 VX VXE VXD)); ++ ++our $AUTOLOAD; ++ ++my $GR='(?:%r)?([0-9]|1[0-5])'; ++my $VR='(?:%v)?([0-9]|1[0-9]|2[0-9]|3[0-1])'; ++ ++my ($file,$out); ++ ++sub PERLASM_BEGIN ++{ ++ ($file,$out)=(shift,""); ++} ++sub PERLASM_END ++{ ++ if (defined($file)) { ++ open(my $fd,'>',$file)||die("can't open $file: $!"); ++ print({$fd}$out); ++ close($fd); ++ } else { ++ print($out); ++ } ++} ++ ++sub AUTOLOAD { ++ confess(err("PARSE")) if (grep(!defined($_),@_)); ++ my $token; ++ for ($AUTOLOAD) { ++ $token=".$1" if (/^.*::([A-Z_]+)$/); # uppercase: directive ++ $token="\t$1" if (/^.*::([a-z]+)$/); # lowercase: mnemonic ++ confess(err("PARSE")) if (!defined($token)); ++ } ++ $token.="\t" if ($#_>=0); ++ $out.=$token.join(',',@_)."\n"; ++} ++ ++sub LABEL { # label directive ++ confess(err("ARGNUM")) if ($#_!=0); ++ my ($label)=@_; ++ $out.="$label:\n"; ++} ++ ++sub INCLUDE { ++ confess(err("ARGNUM")) if ($#_!=0); ++ my ($file)=@_; ++ $out.="#include \"$file\"\n"; ++} ++ ++# ++# Mnemonics ++# ++ ++sub stfle { ++ confess(err("ARGNUM")) if ($#_!=0); ++ S(0xb2b0,@_); ++} ++ ++# MSA ++ ++sub kmac { ++ confess(err("ARGNUM")) if ($#_!=1); ++ RRE(0xb91e,@_); ++} ++ ++sub km { ++ confess(err("ARGNUM")) if ($#_!=1); ++ RRE(0xb92e,@_); ++} ++ ++sub kmc { ++ confess(err("ARGNUM")) if ($#_!=1); ++ RRE(0xb92f,@_); ++} ++ ++sub kimd { ++ confess(err("ARGNUM")) if ($#_!=1); ++ RRE(0xb93e,@_); ++} ++ ++sub klmd { ++ confess(err("ARGNUM")) if ($#_!=1); ++ RRE(0xb93f,@_); ++} ++ ++# MSA4 ++ ++sub kmf { ++ confess(err("ARGNUM")) if ($#_!=1); ++ RRE(0xb92a,@_); ++} ++ ++sub kmo { ++ confess(err("ARGNUM")) if ($#_!=1); ++ RRE(0xb92b,@_); ++} ++ ++sub pcc { ++ confess(err("ARGNUM")) if ($#_!=-1); ++ RRE(0xb92c,@_); ++} ++ ++sub kmctr { ++ confess(err("ARGNUM")) if ($#_!=2); ++ RRFb(0xb92d,@_); ++} ++ ++# MSA5 ++ ++sub prno { ++ ppno(@_); ++} ++ ++sub ppno { # deprecated, use prno ++ confess(err("ARGNUM")) if ($#_!=1); ++ RRE(0xb93c,@_); ++} ++ ++# MSA8 ++ ++sub kma { ++ confess(err("ARGNUM")) if ($#_!=2); ++ RRFb(0xb929,@_); ++} ++ ++# VX - Support Instructions ++ ++sub vgef { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRV(0xe713,@_); ++} ++sub vgeg { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRV(0xe712,@_); ++} ++ ++sub vgbm { ++ confess(err("ARGNUM")) if ($#_!=1); ++ VRIa(0xe744,@_); ++} ++sub vzero { ++ vgbm(@_,0); ++} ++sub vone { ++ vgbm(@_,0xffff); ++} ++ ++sub vgm { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRIb(0xe746,@_); ++} ++sub vgmb { ++ vgm(@_,0); ++} ++sub vgmh { ++ vgm(@_,1); ++} ++sub vgmf { ++ vgm(@_,2); ++} ++sub vgmg { ++ vgm(@_,3); ++} ++ ++sub vl { ++ confess(err("ARGNUM")) if ($#_<1||$#_>2); ++ VRX(0xe706,@_); ++} ++ ++sub vlr { ++ confess(err("ARGNUM")) if ($#_!=1); ++ VRRa(0xe756,@_); ++} ++ ++sub vlrep { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe705,@_); ++} ++sub vlrepb { ++ vlrep(@_,0); ++} ++sub vlreph { ++ vlrep(@_,1); ++} ++sub vlrepf { ++ vlrep(@_,2); ++} ++sub vlrepg { ++ vlrep(@_,3); ++} ++ ++sub vleb { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe700,@_); ++} ++sub vleh { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe701,@_); ++} ++sub vlef { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe703,@_); ++} ++sub vleg { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe702,@_); ++} ++ ++sub vleib { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRIa(0xe740,@_); ++} ++sub vleih { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRIa(0xe741,@_); ++} ++sub vleif { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRIa(0xe743,@_); ++} ++sub vleig { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRIa(0xe742,@_); ++} ++ ++sub vlgv { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRSc(0xe721,@_); ++} ++sub vlgvb { ++ vlgv(@_,0); ++} ++sub vlgvh { ++ vlgv(@_,1); ++} ++sub vlgvf { ++ vlgv(@_,2); ++} ++sub vlgvg { ++ vlgv(@_,3); ++} ++ ++sub vllez { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe704,@_); ++} ++sub vllezb { ++ vllez(@_,0); ++} ++sub vllezh { ++ vllez(@_,1); ++} ++sub vllezf { ++ vllez(@_,2); ++} ++sub vllezg { ++ vllez(@_,3); ++} ++ ++sub vlm { ++ confess(err("ARGNUM")) if ($#_<2||$#_>3); ++ VRSa(0xe736,@_); ++} ++ ++sub vlbb { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe707,@_); ++} ++ ++sub vlvg { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRSb(0xe722,@_); ++} ++sub vlvgb { ++ vlvg(@_,0); ++} ++sub vlvgh { ++ vlvg(@_,1); ++} ++sub vlvgf { ++ vlvg(@_,2); ++} ++sub vlvgg { ++ vlvg(@_,3); ++} ++ ++sub vlvgp { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRf(0xe762,@_); ++} ++ ++sub vll { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRSb(0xe737,@_); ++} ++ ++sub vmrh { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe761,@_); ++} ++sub vmrhb { ++ vmrh(@_,0); ++} ++sub vmrhh { ++ vmrh(@_,1); ++} ++sub vmrhf { ++ vmrh(@_,2); ++} ++sub vmrhg { ++ vmrh(@_,3); ++} ++ ++sub vmrl { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe760,@_); ++} ++sub vmrlb { ++ vmrl(@_,0); ++} ++sub vmrlh { ++ vmrl(@_,1); ++} ++sub vmrlf { ++ vmrl(@_,2); ++} ++sub vmrlg { ++ vmrl(@_,3); ++} ++ ++sub vpk { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe794,@_); ++} ++sub vpkh { ++ vpk(@_,1); ++} ++sub vpkf { ++ vpk(@_,2); ++} ++sub vpkg { ++ vpk(@_,3); ++} ++ ++sub vpks { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRb(0xe797,@_); ++} ++sub vpksh { ++ vpks(@_,1,0); ++} ++sub vpksf { ++ vpks(@_,2,0); ++} ++sub vpksg { ++ vpks(@_,3,0); ++} ++sub vpkshs { ++ vpks(@_,1,1); ++} ++sub vpksfs { ++ vpks(@_,2,1); ++} ++sub vpksgs { ++ vpks(@_,3,1); ++} ++ ++sub vpkls { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRb(0xe795,@_); ++} ++sub vpklsh { ++ vpkls(@_,1,0); ++} ++sub vpklsf { ++ vpkls(@_,2,0); ++} ++sub vpklsg { ++ vpkls(@_,3,0); ++} ++sub vpklshs { ++ vpkls(@_,1,1); ++} ++sub vpklsfs { ++ vpkls(@_,2,1); ++} ++sub vpklsgs { ++ vpkls(@_,3,1); ++} ++ ++sub vperm { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRe(0xe78c,@_); ++} ++ ++sub vpdi { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe784,@_); ++} ++ ++sub vrep { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRIc(0xe74d,@_); ++} ++sub vrepb { ++ vrep(@_,0); ++} ++sub vreph { ++ vrep(@_,1); ++} ++sub vrepf { ++ vrep(@_,2); ++} ++sub vrepg { ++ vrep(@_,3); ++} ++ ++sub vrepi { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRIa(0xe745,@_); ++} ++sub vrepib { ++ vrepi(@_,0); ++} ++sub vrepih { ++ vrepi(@_,1); ++} ++sub vrepif { ++ vrepi(@_,2); ++} ++sub vrepig { ++ vrepi(@_,3); ++} ++ ++sub vscef { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRV(0xe71b,@_); ++} ++sub vsceg { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRV(0xe71a,@_); ++} ++ ++sub vsel { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRe(0xe78d,@_); ++} ++ ++sub vseg { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe75f,@_); ++} ++sub vsegb { ++ vseg(@_,0); ++} ++sub vsegh { ++ vseg(@_,1); ++} ++sub vsegf { ++ vseg(@_,2); ++} ++ ++sub vst { ++ confess(err("ARGNUM")) if ($#_<1||$#_>2); ++ VRX(0xe70e,@_); ++} ++ ++sub vsteb { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe708,@_); ++} ++sub vsteh { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe709,@_); ++} ++sub vstef { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe70b,@_); ++} ++sub vsteg { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRX(0xe70a,@_); ++} ++ ++sub vstm { ++ confess(err("ARGNUM")) if ($#_<2||$#_>3); ++ VRSa(0xe73e,@_); ++} ++ ++sub vstl { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRSb(0xe73f,@_); ++} ++ ++sub vuph { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe7d7,@_); ++} ++sub vuphb { ++ vuph(@_,0); ++} ++sub vuphh { ++ vuph(@_,1); ++} ++sub vuphf { ++ vuph(@_,2); ++} ++ ++sub vuplh { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe7d5,@_); ++} ++sub vuplhb { ++ vuplh(@_,0); ++} ++sub vuplhh { ++ vuplh(@_,1); ++} ++sub vuplhf { ++ vuplh(@_,2); ++} ++ ++sub vupl { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe7d6,@_); ++} ++sub vuplb { ++ vupl(@_,0); ++} ++sub vuplhw { ++ vupl(@_,1); ++} ++sub vuplf { ++ vupl(@_,2); ++} ++ ++sub vupll { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe7d4,@_); ++} ++sub vupllb { ++ vupll(@_,0); ++} ++sub vupllh { ++ vupll(@_,1); ++} ++sub vupllf { ++ vupll(@_,2); ++} ++ ++# VX - Integer Instructions ++ ++sub va { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7f3,@_); ++} ++sub vab { ++ va(@_,0); ++} ++sub vah { ++ va(@_,1); ++} ++sub vaf { ++ va(@_,2); ++} ++sub vag { ++ va(@_,3); ++} ++sub vaq { ++ va(@_,4); ++} ++ ++sub vacc { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7f1,@_); ++} ++sub vaccb { ++ vacc(@_,0); ++} ++sub vacch { ++ vacc(@_,1); ++} ++sub vaccf { ++ vacc(@_,2); ++} ++sub vaccg { ++ vacc(@_,3); ++} ++sub vaccq { ++ vacc(@_,4); ++} ++ ++sub vac { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7bb,@_); ++} ++sub vacq { ++ vac(@_,4); ++} ++ ++sub vaccc { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7b9,@_); ++} ++sub vacccq { ++ vaccc(@_,4); ++} ++ ++sub vn { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe768,@_); ++} ++ ++sub vnc { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe769,@_); ++} ++ ++sub vavg { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7f2,@_); ++} ++sub vavgb { ++ vavg(@_,0); ++} ++sub vavgh { ++ vavg(@_,1); ++} ++sub vavgf { ++ vavg(@_,2); ++} ++sub vavgg { ++ vavg(@_,3); ++} ++ ++sub vavgl { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7f0,@_); ++} ++sub vavglb { ++ vavgl(@_,0); ++} ++sub vavglh { ++ vavgl(@_,1); ++} ++sub vavglf { ++ vavgl(@_,2); ++} ++sub vavglg { ++ vavgl(@_,3); ++} ++ ++sub vcksm { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe766,@_); ++} ++ ++sub vec_ { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe7db,@_); ++} ++sub vecb { ++ vec_(@_,0); ++} ++sub vech { ++ vec_(@_,1); ++} ++sub vecf { ++ vec_(@_,2); ++} ++sub vecg { ++ vec_(@_,3); ++} ++ ++sub vecl { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe7d9,@_); ++} ++sub veclb { ++ vecl(@_,0); ++} ++sub veclh { ++ vecl(@_,1); ++} ++sub veclf { ++ vecl(@_,2); ++} ++sub veclg { ++ vecl(@_,3); ++} ++ ++sub vceq { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRb(0xe7f8,@_); ++} ++sub vceqb { ++ vceq(@_,0,0); ++} ++sub vceqh { ++ vceq(@_,1,0); ++} ++sub vceqf { ++ vceq(@_,2,0); ++} ++sub vceqg { ++ vceq(@_,3,0); ++} ++sub vceqbs { ++ vceq(@_,0,1); ++} ++sub vceqhs { ++ vceq(@_,1,1); ++} ++sub vceqfs { ++ vceq(@_,2,1); ++} ++sub vceqgs { ++ vceq(@_,3,1); ++} ++ ++sub vch { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRb(0xe7fb,@_); ++} ++sub vchb { ++ vch(@_,0,0); ++} ++sub vchh { ++ vch(@_,1,0); ++} ++sub vchf { ++ vch(@_,2,0); ++} ++sub vchg { ++ vch(@_,3,0); ++} ++sub vchbs { ++ vch(@_,0,1); ++} ++sub vchhs { ++ vch(@_,1,1); ++} ++sub vchfs { ++ vch(@_,2,1); ++} ++sub vchgs { ++ vch(@_,3,1); ++} ++ ++sub vchl { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRb(0xe7f9,@_); ++} ++sub vchlb { ++ vchl(@_,0,0); ++} ++sub vchlh { ++ vchl(@_,1,0); ++} ++sub vchlf { ++ vchl(@_,2,0); ++} ++sub vchlg { ++ vchl(@_,3,0); ++} ++sub vchlbs { ++ vchl(@_,0,1); ++} ++sub vchlhs { ++ vchl(@_,1,1); ++} ++sub vchlfs { ++ vchl(@_,2,1); ++} ++sub vchlgs { ++ vchl(@_,3,1); ++} ++ ++sub vclz { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe753,@_); ++} ++sub vclzb { ++ vclz(@_,0); ++} ++sub vclzh { ++ vclz(@_,1); ++} ++sub vclzf { ++ vclz(@_,2); ++} ++sub vclzg { ++ vclz(@_,3); ++} ++ ++sub vctz { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe752,@_); ++} ++sub vctzb { ++ vctz(@_,0); ++} ++sub vctzh { ++ vctz(@_,1); ++} ++sub vctzf { ++ vctz(@_,2); ++} ++sub vctzg { ++ vctz(@_,3); ++} ++ ++sub vx { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe76d,@_); ++} ++ ++sub vgfm { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7b4,@_); ++} ++sub vgfmb { ++ vgfm(@_,0); ++} ++sub vgfmh { ++ vgfm(@_,1); ++} ++sub vgfmf { ++ vgfm(@_,2); ++} ++sub vgfmg { ++ vgfm(@_,3); ++} ++ ++sub vgfma { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7bc,@_); ++} ++sub vgfmab { ++ vgfma(@_,0); ++} ++sub vgfmah { ++ vgfma(@_,1); ++} ++sub vgfmaf { ++ vgfma(@_,2); ++} ++sub vgfmag { ++ vgfma(@_,3); ++} ++ ++sub vlc { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe7de,@_); ++} ++sub vlcb { ++ vlc(@_,0); ++} ++sub vlch { ++ vlc(@_,1); ++} ++sub vlcf { ++ vlc(@_,2); ++} ++sub vlcg { ++ vlc(@_,3); ++} ++ ++sub vlp { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe7df,@_); ++} ++sub vlpb { ++ vlp(@_,0); ++} ++sub vlph { ++ vlp(@_,1); ++} ++sub vlpf { ++ vlp(@_,2); ++} ++sub vlpg { ++ vlp(@_,3); ++} ++ ++sub vmx { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7ff,@_); ++} ++sub vmxb { ++ vmx(@_,0); ++} ++sub vmxh { ++ vmx(@_,1); ++} ++sub vmxf { ++ vmx(@_,2); ++} ++sub vmxg { ++ vmx(@_,3); ++} ++ ++sub vmxl { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7fd,@_); ++} ++sub vmxlb { ++ vmxl(@_,0); ++} ++sub vmxlh { ++ vmxl(@_,1); ++} ++sub vmxlf { ++ vmxl(@_,2); ++} ++sub vmxlg { ++ vmxl(@_,3); ++} ++ ++sub vmn { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7fe,@_); ++} ++sub vmnb { ++ vmn(@_,0); ++} ++sub vmnh { ++ vmn(@_,1); ++} ++sub vmnf { ++ vmn(@_,2); ++} ++sub vmng { ++ vmn(@_,3); ++} ++ ++sub vmnl { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7fc,@_); ++} ++sub vmnlb { ++ vmnl(@_,0); ++} ++sub vmnlh { ++ vmnl(@_,1); ++} ++sub vmnlf { ++ vmnl(@_,2); ++} ++sub vmnlg { ++ vmnl(@_,3); ++} ++ ++sub vmal { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7aa,@_); ++} ++sub vmalb { ++ vmal(@_,0); ++} ++sub vmalhw { ++ vmal(@_,1); ++} ++sub vmalf { ++ vmal(@_,2); ++} ++ ++sub vmah { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7ab,@_); ++} ++sub vmahb { ++ vmah(@_,0); ++} ++sub vmahh { ++ vmah(@_,1); ++} ++sub vmahf { ++ vmah(@_,2); ++} ++ ++sub vmalh { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7a9,@_); ++} ++sub vmalhb { ++ vmalh(@_,0); ++} ++sub vmalhh { ++ vmalh(@_,1); ++} ++sub vmalhf { ++ vmalh(@_,2); ++} ++ ++sub vmae { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7ae,@_); ++} ++sub vmaeb { ++ vmae(@_,0); ++} ++sub vmaeh { ++ vmae(@_,1); ++} ++sub vmaef { ++ vmae(@_,2); ++} ++ ++sub vmale { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7ac,@_); ++} ++sub vmaleb { ++ vmale(@_,0); ++} ++sub vmaleh { ++ vmale(@_,1); ++} ++sub vmalef { ++ vmale(@_,2); ++} ++ ++sub vmao { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7af,@_); ++} ++sub vmaob { ++ vmao(@_,0); ++} ++sub vmaoh { ++ vmao(@_,1); ++} ++sub vmaof { ++ vmao(@_,2); ++} ++ ++sub vmalo { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7ad,@_); ++} ++sub vmalob { ++ vmalo(@_,0); ++} ++sub vmaloh { ++ vmalo(@_,1); ++} ++sub vmalof { ++ vmalo(@_,2); ++} ++ ++sub vmh { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7a3,@_); ++} ++sub vmhb { ++ vmh(@_,0); ++} ++sub vmhh { ++ vmh(@_,1); ++} ++sub vmhf { ++ vmh(@_,2); ++} ++ ++sub vmlh { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7a1,@_); ++} ++sub vmlhb { ++ vmlh(@_,0); ++} ++sub vmlhh { ++ vmlh(@_,1); ++} ++sub vmlhf { ++ vmlh(@_,2); ++} ++ ++sub vml { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7a2,@_); ++} ++sub vmlb { ++ vml(@_,0); ++} ++sub vmlhw { ++ vml(@_,1); ++} ++sub vmlf { ++ vml(@_,2); ++} ++ ++sub vme { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7a6,@_); ++} ++sub vmeb { ++ vme(@_,0); ++} ++sub vmeh { ++ vme(@_,1); ++} ++sub vmef { ++ vme(@_,2); ++} ++ ++sub vmle { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7a4,@_); ++} ++sub vmleb { ++ vmle(@_,0); ++} ++sub vmleh { ++ vmle(@_,1); ++} ++sub vmlef { ++ vmle(@_,2); ++} ++ ++sub vmo { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7a7,@_); ++} ++sub vmob { ++ vmo(@_,0); ++} ++sub vmoh { ++ vmo(@_,1); ++} ++sub vmof { ++ vmo(@_,2); ++} ++ ++sub vmlo { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7a5,@_); ++} ++sub vmlob { ++ vmlo(@_,0); ++} ++sub vmloh { ++ vmlo(@_,1); ++} ++sub vmlof { ++ vmlo(@_,2); ++} ++ ++sub vno { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe76b,@_); ++} ++sub vnot { ++ vno(@_,$_[1]); ++} ++ ++sub vo { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe76a,@_); ++} ++ ++sub vpopct { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRa(0xe750,@_); ++} ++ ++sub verllv { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe773,@_); ++} ++sub verllvb { ++ verllv(@_,0); ++} ++sub verllvh { ++ verllv(@_,1); ++} ++sub verllvf { ++ verllv(@_,2); ++} ++sub verllvg { ++ verllv(@_,3); ++} ++ ++sub verll { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRSa(0xe733,@_); ++} ++sub verllb { ++ verll(@_,0); ++} ++sub verllh { ++ verll(@_,1); ++} ++sub verllf { ++ verll(@_,2); ++} ++sub verllg { ++ verll(@_,3); ++} ++ ++sub verim { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRId(0xe772,@_); ++} ++sub verimb { ++ verim(@_,0); ++} ++sub verimh { ++ verim(@_,1); ++} ++sub verimf { ++ verim(@_,2); ++} ++sub verimg { ++ verim(@_,3); ++} ++ ++sub veslv { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe770,@_); ++} ++sub veslvb { ++ veslv(@_,0); ++} ++sub veslvh { ++ veslv(@_,1); ++} ++sub veslvf { ++ veslv(@_,2); ++} ++sub veslvg { ++ veslv(@_,3); ++} ++ ++sub vesl { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRSa(0xe730,@_); ++} ++sub veslb { ++ vesl(@_,0); ++} ++sub veslh { ++ vesl(@_,1); ++} ++sub veslf { ++ vesl(@_,2); ++} ++sub veslg { ++ vesl(@_,3); ++} ++ ++sub vesrav { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe77a,@_); ++} ++sub vesravb { ++ vesrav(@_,0); ++} ++sub vesravh { ++ vesrav(@_,1); ++} ++sub vesravf { ++ vesrav(@_,2); ++} ++sub vesravg { ++ vesrav(@_,3); ++} ++ ++sub vesra { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRSa(0xe73a,@_); ++} ++sub vesrab { ++ vesra(@_,0); ++} ++sub vesrah { ++ vesra(@_,1); ++} ++sub vesraf { ++ vesra(@_,2); ++} ++sub vesrag { ++ vesra(@_,3); ++} ++ ++sub vesrlv { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe778,@_); ++} ++sub vesrlvb { ++ vesrlv(@_,0); ++} ++sub vesrlvh { ++ vesrlv(@_,1); ++} ++sub vesrlvf { ++ vesrlv(@_,2); ++} ++sub vesrlvg { ++ vesrlv(@_,3); ++} ++ ++sub vesrl { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRSa(0xe738,@_); ++} ++sub vesrlb { ++ vesrl(@_,0); ++} ++sub vesrlh { ++ vesrl(@_,1); ++} ++sub vesrlf { ++ vesrl(@_,2); ++} ++sub vesrlg { ++ vesrl(@_,3); ++} ++ ++sub vsl { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe774,@_); ++} ++ ++sub vslb { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe775,@_); ++} ++ ++sub vsldb { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRId(0xe777,@_); ++} ++ ++sub vsra { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe77e,@_); ++} ++ ++sub vsrab { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe77f,@_); ++} ++ ++sub vsrl { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe77c,@_); ++} ++ ++sub vsrlb { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe77d,@_); ++} ++ ++sub vs { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7f7,@_); ++} ++sub vsb { ++ vs(@_,0); ++} ++sub vsh { ++ vs(@_,1); ++} ++sub vsf { ++ vs(@_,2); ++} ++sub vsg { ++ vs(@_,3); ++} ++sub vsq { ++ vs(@_,4); ++} ++ ++sub vscbi { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe7f5,@_); ++} ++sub vscbib { ++ vscbi(@_,0); ++} ++sub vscbih { ++ vscbi(@_,1); ++} ++sub vscbif { ++ vscbi(@_,2); ++} ++sub vscbig { ++ vscbi(@_,3); ++} ++sub vscbiq { ++ vscbi(@_,4); ++} ++ ++sub vsbi { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7bf,@_); ++} ++sub vsbiq { ++ vsbi(@_,4); ++} ++ ++sub vsbcbi { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRd(0xe7bd,@_); ++} ++sub vsbcbiq { ++ vsbcbi(@_,4); ++} ++ ++sub vsumg { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe765,@_); ++} ++sub vsumgh { ++ vsumg(@_,1); ++} ++sub vsumgf { ++ vsumg(@_,2); ++} ++ ++sub vsumq { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe767,@_); ++} ++sub vsumqf { ++ vsumq(@_,2); ++} ++sub vsumqg { ++ vsumq(@_,3); ++} ++ ++sub vsum { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRc(0xe764,@_); ++} ++sub vsumb { ++ vsum(@_,0); ++} ++sub vsumh { ++ vsum(@_,1); ++} ++ ++sub vtm { ++ confess(err("ARGNUM")) if ($#_!=1); ++ VRRa(0xe7d8,@_); ++} ++ ++# VX - String Instructions ++ ++sub vfae { ++ confess(err("ARGNUM")) if ($#_<3||$#_>4); ++ VRRb(0xe782,@_); ++} ++sub vfaeb { ++ vfae(@_[0..2],0,$_[3]); ++} ++sub vfaeh { ++ vfae(@_[0..2],1,$_[3]); ++} ++sub vfaef { ++ vfae(@_[0..2],2,$_[3]); ++} ++sub vfaebs { ++ $_[3]=0 if (!defined($_[3])); ++ vfae(@_[0..2],0,0x1|$_[3]); ++} ++sub vfaehs { ++ $_[3]=0 if (!defined($_[3])); ++ vfae(@_[0..2],1,0x1|$_[3]); ++} ++sub vfaefs { ++ $_[3]=0 if (!defined($_[3])); ++ vfae(@_[0..2],2,0x1|$_[3]); ++} ++sub vfaezb { ++ $_[3]=0 if (!defined($_[3])); ++ vfae(@_[0..2],0,0x2|$_[3]); ++} ++sub vfaezh { ++ $_[3]=0 if (!defined($_[3])); ++ vfae(@_[0..2],1,0x2|$_[3]); ++} ++sub vfaezf { ++ $_[3]=0 if (!defined($_[3])); ++ vfae(@_[0..2],2,0x2|$_[3]); ++} ++sub vfaezbs { ++ $_[3]=0 if (!defined($_[3])); ++ vfae(@_[0..2],0,0x3|$_[3]); ++} ++sub vfaezhs { ++ $_[3]=0 if (!defined($_[3])); ++ vfae(@_[0..2],1,0x3|$_[3]); ++} ++sub vfaezfs { ++ $_[3]=0 if (!defined($_[3])); ++ vfae(@_[0..2],2,0x3|$_[3]); ++} ++ ++sub vfee { ++ confess(err("ARGNUM")) if ($#_<3||$#_>4); ++ VRRb(0xe780,@_); ++} ++sub vfeeb { ++ vfee(@_[0..2],0,$_[3]); ++} ++sub vfeeh { ++ vfee(@_[0..2],1,$_[3]); ++} ++sub vfeef { ++ vfee(@_[0..2],2,$_[3]); ++} ++sub vfeebs { ++ vfee(@_,0,1); ++} ++sub vfeehs { ++ vfee(@_,1,1); ++} ++sub vfeefs { ++ vfee(@_,2,1); ++} ++sub vfeezb { ++ vfee(@_,0,2); ++} ++sub vfeezh { ++ vfee(@_,1,2); ++} ++sub vfeezf { ++ vfee(@_,2,2); ++} ++sub vfeezbs { ++ vfee(@_,0,3); ++} ++sub vfeezhs { ++ vfee(@_,1,3); ++} ++sub vfeezfs { ++ vfee(@_,2,3); ++} ++ ++sub vfene { ++ confess(err("ARGNUM")) if ($#_<3||$#_>4); ++ VRRb(0xe781,@_); ++} ++sub vfeneb { ++ vfene(@_[0..2],0,$_[3]); ++} ++sub vfeneh { ++ vfene(@_[0..2],1,$_[3]); ++} ++sub vfenef { ++ vfene(@_[0..2],2,$_[3]); ++} ++sub vfenebs { ++ vfene(@_,0,1); ++} ++sub vfenehs { ++ vfene(@_,1,1); ++} ++sub vfenefs { ++ vfene(@_,2,1); ++} ++sub vfenezb { ++ vfene(@_,0,2); ++} ++sub vfenezh { ++ vfene(@_,1,2); ++} ++sub vfenezf { ++ vfene(@_,2,2); ++} ++sub vfenezbs { ++ vfene(@_,0,3); ++} ++sub vfenezhs { ++ vfene(@_,1,3); ++} ++sub vfenezfs { ++ vfene(@_,2,3); ++} ++ ++sub vistr { ++ confess(err("ARGNUM")) if ($#_<2||$#_>3); ++ VRRa(0xe75c,@_[0..2],0,$_[3]); ++} ++sub vistrb { ++ vistr(@_[0..1],0,$_[2]); ++} ++sub vistrh { ++ vistr(@_[0..1],1,$_[2]); ++} ++sub vistrf { ++ vistr(@_[0..1],2,$_[2]); ++} ++sub vistrbs { ++ vistr(@_,0,1); ++} ++sub vistrhs { ++ vistr(@_,1,1); ++} ++sub vistrfs { ++ vistr(@_,2,1); ++} ++ ++sub vstrc { ++ confess(err("ARGNUM")) if ($#_<4||$#_>5); ++ VRRd(0xe78a,@_); ++} ++sub vstrcb { ++ vstrc(@_[0..3],0,$_[4]); ++} ++sub vstrch { ++ vstrc(@_[0..3],1,$_[4]); ++} ++sub vstrcf { ++ vstrc(@_[0..3],2,$_[4]); ++} ++sub vstrcbs { ++ $_[4]=0 if (!defined($_[4])); ++ vstrc(@_[0..3],0,0x1|$_[4]); ++} ++sub vstrchs { ++ $_[4]=0 if (!defined($_[4])); ++ vstrc(@_[0..3],1,0x1|$_[4]); ++} ++sub vstrcfs { ++ $_[4]=0 if (!defined($_[4])); ++ vstrc(@_[0..3],2,0x1|$_[4]); ++} ++sub vstrczb { ++ $_[4]=0 if (!defined($_[4])); ++ vstrc(@_[0..3],0,0x2|$_[4]); ++} ++sub vstrczh { ++ $_[4]=0 if (!defined($_[4])); ++ vstrc(@_[0..3],1,0x2|$_[4]); ++} ++sub vstrczf { ++ $_[4]=0 if (!defined($_[4])); ++ vstrc(@_[0..3],2,0x2|$_[4]); ++} ++sub vstrczbs { ++ $_[4]=0 if (!defined($_[4])); ++ vstrc(@_[0..3],0,0x3|$_[4]); ++} ++sub vstrczhs { ++ $_[4]=0 if (!defined($_[4])); ++ vstrc(@_[0..3],1,0x3|$_[4]); ++} ++sub vstrczfs { ++ $_[4]=0 if (!defined($_[4])); ++ vstrc(@_[0..3],2,0x3|$_[4]); ++} ++ ++# VX - Floating-point Instructions ++ ++sub vfa { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRc(0xe7e3,@_); ++} ++sub vfadb { ++ vfa(@_,3,0); ++} ++sub wfadb { ++ vfa(@_,3,8); ++} ++ ++sub wfc { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRa(0xe7cb,@_); ++} ++sub wfcdb { ++ wfc(@_,3,0); ++} ++ ++sub wfk { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRa(0xe7ca,@_); ++} ++sub wfksb { ++ wfk(@_,2,0); ++} ++sub wfkdb { ++ wfk(@_,3,0); ++} ++sub wfkxb { ++ wfk(@_,4,0); ++} ++ ++sub vfce { ++ confess(err("ARGNUM")) if ($#_!=5); ++ VRRc(0xe7e8,@_); ++} ++sub vfcedb { ++ vfce(@_,3,0,0); ++} ++sub vfcedbs { ++ vfce(@_,3,0,1); ++} ++sub wfcedb { ++ vfce(@_,3,8,0); ++} ++sub wfcedbs { ++ vfce(@_,3,8,1); ++} ++ ++sub vfch { ++ confess(err("ARGNUM")) if ($#_!=5); ++ VRRc(0xe7eb,@_); ++} ++sub vfchdb { ++ vfch(@_,3,0,0); ++} ++sub vfchdbs { ++ vfch(@_,3,0,1); ++} ++sub wfchdb { ++ vfch(@_,3,8,0); ++} ++sub wfchdbs { ++ vfch(@_,3,8,1); ++} ++ ++sub vfche { ++ confess(err("ARGNUM")) if ($#_!=5); ++ VRRc(0xe7ea,@_); ++} ++sub vfchedb { ++ vfche(@_,3,0,0); ++} ++sub vfchedbs { ++ vfche(@_,3,0,1); ++} ++sub wfchedb { ++ vfche(@_,3,8,0); ++} ++sub wfchedbs { ++ vfche(@_,3,8,1); ++} ++ ++sub vcdg { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRa(0xe7c3,@_); ++} ++sub vcdgb { ++ vcdg(@_[0..1],3,@_[2..3]); ++} ++sub wcdgb { ++ vcdg(@_[0..1],3,0x8|$_[2],$_[3]); ++} ++ ++sub vcdlg { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRa(0xe7c1,@_); ++} ++sub vcdlgb { ++ vcdlg(@_[0..1],3,@_[2..3]); ++} ++sub wcdlgb { ++ vcdlg(@_[0..1],3,0x8|$_[2],$_[3]); ++} ++ ++sub vcgd { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRa(0xe7c2,@_); ++} ++sub vcgdb { ++ vcgd(@_[0..1],3,@_[2..3]); ++} ++sub wcgdb { ++ vcgd(@_[0..1],3,0x8|$_[2],$_[3]); ++} ++ ++sub vclgd { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRa(0xe7c0,@_); ++} ++sub vclgdb { ++ vclgd(@_[0..1],3,@_[2..3]); ++} ++sub wclgdb { ++ vclgd(@_[0..1],3,0x8|$_[2],$_[3]); ++} ++ ++sub vfd { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRc(0xe7e5,@_); ++} ++sub vfddb { ++ vfd(@_,3,0); ++} ++sub wfddb { ++ vfd(@_,3,8); ++} ++ ++sub vfi { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRa(0xe7c7,@_); ++} ++sub vfidb { ++ vfi(@_[0..1],3,@_[2..3]); ++} ++sub wfidb { ++ vfi(@_[0..1],3,0x8|$_[2],$_[3]); ++} ++ ++sub vlde { # deprecated, use vfll ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRa(0xe7c4,@_); ++} ++sub vldeb { # deprecated, use vflls ++ vlde(@_,2,0); ++} ++sub wldeb { # deprecated, use wflls ++ vlde(@_,2,8); ++} ++ ++sub vled { # deprecated, use vflr ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRa(0xe7c5,@_); ++} ++sub vledb { # deprecated, use vflrd ++ vled(@_[0..1],3,@_[2..3]); ++} ++sub wledb { # deprecated, use wflrd ++ vled(@_[0..1],3,0x8|$_[2],$_[3]); ++} ++ ++sub vfm { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRc(0xe7e7,@_); ++} ++sub vfmdb { ++ vfm(@_,3,0); ++} ++sub wfmdb { ++ vfm(@_,3,8); ++} ++ ++sub vfma { ++ confess(err("ARGNUM")) if ($#_!=5); ++ VRRe(0xe78f,@_); ++} ++sub vfmadb { ++ vfma(@_,0,3); ++} ++sub wfmadb { ++ vfma(@_,8,3); ++} ++ ++sub vfms { ++ confess(err("ARGNUM")) if ($#_!=5); ++ VRRe(0xe78e,@_); ++} ++sub vfmsdb { ++ vfms(@_,0,3); ++} ++sub wfmsdb { ++ vfms(@_,8,3); ++} ++ ++sub vfpso { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRa(0xe7cc,@_); ++} ++sub vfpsodb { ++ vfpso(@_[0..1],3,0,$_[2]); ++} ++sub wfpsodb { ++ vfpso(@_[0..1],3,8,$_[2]); ++} ++sub vflcdb { ++ vfpso(@_,3,0,0); ++} ++sub wflcdb { ++ vfpso(@_,3,8,0); ++} ++sub vflndb { ++ vfpso(@_,3,0,1); ++} ++sub wflndb { ++ vfpso(@_,3,8,1); ++} ++sub vflpdb { ++ vfpso(@_,3,0,2); ++} ++sub wflpdb { ++ vfpso(@_,3,8,2); ++} ++ ++sub vfsq { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRRa(0xe7ce,@_); ++} ++sub vfsqdb { ++ vfsq(@_,3,0); ++} ++sub wfsqdb { ++ vfsq(@_,3,8); ++} ++ ++sub vfs { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRRc(0xe7e2,@_); ++} ++sub vfsdb { ++ vfs(@_,3,0); ++} ++sub wfsdb { ++ vfs(@_,3,8); ++} ++ ++sub vftci { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRIe(0xe74a,@_); ++} ++sub vftcidb { ++ vftci(@_,3,0); ++} ++sub wftcidb { ++ vftci(@_,3,8); ++} ++ ++# VXE - Support Instructions ++ ++sub vbperm { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe785,@_); ++} ++ ++sub vllezlf { ++ vllez(@_,6); ++} ++ ++# VXE - Integer Instructions ++ ++sub vmsl { ++ confess(err("ARGNUM")) if ($#_!=5); ++ VRRd(0xe7b8,@_); ++} ++sub vmslg { ++ vmsl(@_[0..3],3,$_[4]); ++} ++ ++sub vnx { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe76c,@_); ++} ++ ++sub vnn { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe76e,@_); ++} ++ ++sub voc { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRc(0xe76f,@_); ++} ++ ++sub vpopctb { ++ vpopct(@_,0); ++} ++sub vpopcth { ++ vpopct(@_,1); ++} ++sub vpopctf { ++ vpopct(@_,2); ++} ++sub vpopctg { ++ vpopct(@_,3); ++} ++ ++# VXE - Floating-Point Instructions ++ ++sub vfasb { ++ vfa(@_,2,0); ++} ++sub wfasb { ++ vfa(@_,2,8); ++} ++sub wfaxb { ++ vfa(@_,4,8); ++} ++ ++sub wfcsb { ++ wfc(@_,2,0); ++} ++sub wfcxb { ++ wfc(@_,4,0); ++} ++ ++sub vfcesb { ++ vfce(@_,2,0,0); ++} ++sub vfcesbs { ++ vfce(@_,2,0,1); ++} ++sub wfcesb { ++ vfce(@_,2,8,0); ++} ++sub wfcesbs { ++ vfce(@_,2,8,1); ++} ++sub wfcexb { ++ vfce(@_,4,8,0); ++} ++sub wfcexbs { ++ vfce(@_,4,8,1); ++} ++ ++sub vfchsb { ++ vfch(@_,2,0,0); ++} ++sub vfchsbs { ++ vfch(@_,2,0,1); ++} ++sub wfchsb { ++ vfch(@_,2,8,0); ++} ++sub wfchsbs { ++ vfch(@_,2,8,1); ++} ++sub wfchxb { ++ vfch(@_,4,8,0); ++} ++sub wfchxbs { ++ vfch(@_,4,8,1); ++} ++ ++sub vfchesb { ++ vfche(@_,2,0,0); ++} ++sub vfchesbs { ++ vfche(@_,2,0,1); ++} ++sub wfchesb { ++ vfche(@_,2,8,0); ++} ++sub wfchesbs { ++ vfche(@_,2,8,1); ++} ++sub wfchexb { ++ vfche(@_,4,8,0); ++} ++sub wfchexbs { ++ vfche(@_,4,8,1); ++} ++ ++sub vfdsb { ++ vfd(@_,2,0); ++} ++sub wfdsb { ++ vfd(@_,2,8); ++} ++sub wfdxb { ++ vfd(@_,4,8); ++} ++ ++sub vfisb { ++ vfi(@_[0..1],2,@_[2..3]); ++} ++sub wfisb { ++ vfi(@_[0..1],2,0x8|$_[2],$_[3]); ++} ++sub wfixb { ++ vfi(@_[0..1],4,0x8|$_[2],$_[3]); ++} ++ ++sub vfll { ++ vlde(@_); ++} ++sub vflls { ++ vfll(@_,2,0); ++} ++sub wflls { ++ vfll(@_,2,8); ++} ++sub wflld { ++ vfll(@_,3,8); ++} ++ ++sub vflr { ++ vled(@_); ++} ++sub vflrd { ++ vflr(@_[0..1],3,@_[2..3]); ++} ++sub wflrd { ++ vflr(@_[0..1],3,0x8|$_[2],$_[3]); ++} ++sub wflrx { ++ vflr(@_[0..1],4,0x8|$_[2],$_[3]); ++} ++ ++sub vfmax { ++ confess(err("ARGNUM")) if ($#_!=5); ++ VRRc(0xe7ef,@_); ++} ++sub vfmaxsb { ++ vfmax(@_[0..2],2,0,$_[3]); ++} ++sub vfmaxdb { ++ vfmax(@_[0..2],3,0,$_[3]); ++} ++sub wfmaxsb { ++ vfmax(@_[0..2],2,8,$_[3]); ++} ++sub wfmaxdb { ++ vfmax(@_[0..2],3,8,$_[3]); ++} ++sub wfmaxxb { ++ vfmax(@_[0..2],4,8,$_[3]); ++} ++ ++sub vfmin { ++ confess(err("ARGNUM")) if ($#_!=5); ++ VRRc(0xe7ee,@_); ++} ++sub vfminsb { ++ vfmin(@_[0..2],2,0,$_[5]); ++} ++sub vfmindb { ++ vfmin(@_[0..2],3,0,$_[5]); ++} ++sub wfminsb { ++ vfmin(@_[0..2],2,8,$_[5]); ++} ++sub wfmindb { ++ vfmin(@_[0..2],3,8,$_[5]); ++} ++sub wfminxb { ++ vfmin(@_[0..2],4,8,$_[5]); ++} ++ ++sub vfmsb { ++ vfm(@_,2,0); ++} ++sub wfmsb { ++ vfm(@_,2,8); ++} ++sub wfmxb { ++ vfm(@_,4,8); ++} ++ ++sub vfmasb { ++ vfma(@_,0,2); ++} ++sub wfmasb { ++ vfma(@_,8,2); ++} ++sub wfmaxb { ++ vfma(@_,8,4); ++} ++ ++sub vfmssb { ++ vfms(@_,0,2); ++} ++sub wfmssb { ++ vfms(@_,8,2); ++} ++sub wfmsxb { ++ vfms(@_,8,4); ++} ++ ++sub vfnma { ++ confess(err("ARGNUM")) if ($#_!=5); ++ VRRe(0xe79f,@_); ++} ++sub vfnmasb { ++ vfnma(@_,0,2); ++} ++sub vfnmadb { ++ vfnma(@_,0,3); ++} ++sub wfnmasb { ++ vfnma(@_,8,2); ++} ++sub wfnmadb { ++ vfnma(@_,8,3); ++} ++sub wfnmaxb { ++ vfnma(@_,8,4); ++} ++ ++sub vfnms { ++ confess(err("ARGNUM")) if ($#_!=5); ++ VRRe(0xe79e,@_); ++} ++sub vfnmssb { ++ vfnms(@_,0,2); ++} ++sub vfnmsdb { ++ vfnms(@_,0,3); ++} ++sub wfnmssb { ++ vfnms(@_,8,2); ++} ++sub wfnmsdb { ++ vfnms(@_,8,3); ++} ++sub wfnmsxb { ++ vfnms(@_,8,4); ++} ++ ++sub vfpsosb { ++ vfpso(@_[0..1],2,0,$_[2]); ++} ++sub wfpsosb { ++ vfpso(@_[0..1],2,8,$_[2]); ++} ++sub vflcsb { ++ vfpso(@_,2,0,0); ++} ++sub wflcsb { ++ vfpso(@_,2,8,0); ++} ++sub vflnsb { ++ vfpso(@_,2,0,1); ++} ++sub wflnsb { ++ vfpso(@_,2,8,1); ++} ++sub vflpsb { ++ vfpso(@_,2,0,2); ++} ++sub wflpsb { ++ vfpso(@_,2,8,2); ++} ++sub vfpsoxb { ++ vfpso(@_[0..1],4,0,$_[2]); ++} ++sub wfpsoxb { ++ vfpso(@_[0..1],4,8,$_[2]); ++} ++sub vflcxb { ++ vfpso(@_,4,0,0); ++} ++sub wflcxb { ++ vfpso(@_,4,8,0); ++} ++sub vflnxb { ++ vfpso(@_,4,0,1); ++} ++sub wflnxb { ++ vfpso(@_,4,8,1); ++} ++sub vflpxb { ++ vfpso(@_,4,0,2); ++} ++sub wflpxb { ++ vfpso(@_,4,8,2); ++} ++ ++sub vfsqsb { ++ vfsq(@_,2,0); ++} ++sub wfsqsb { ++ vfsq(@_,2,8); ++} ++sub wfsqxb { ++ vfsq(@_,4,8); ++} ++ ++sub vfssb { ++ vfs(@_,2,0); ++} ++sub wfssb { ++ vfs(@_,2,8); ++} ++sub wfsxb { ++ vfs(@_,4,8); ++} ++ ++sub vftcisb { ++ vftci(@_,2,0); ++} ++sub wftcisb { ++ vftci(@_,2,8); ++} ++sub wftcixb { ++ vftci(@_,4,8); ++} ++ ++# VXD - Support Instructions ++ ++sub vlrlr { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRSd(0xe637,@_); ++} ++ ++sub vlrl { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VSI(0xe635,@_); ++} ++ ++sub vstrlr { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRSd(0xe63f,@_); ++} ++ ++sub vstrl { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VSI(0xe63d,@_); ++} ++ ++sub vap { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRIf(0xe671,@_); ++} ++ ++sub vcp { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRh(0xe677,@_); ++} ++ ++sub vcvb { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRi(0xe650,@_); ++} ++ ++sub vcvbg { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRRi(0xe652,@_); ++} ++ ++sub vcvd { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRIi(0xe658,@_); ++} ++ ++sub vcvdg { ++ confess(err("ARGNUM")) if ($#_!=3); ++ VRIi(0xe65a,@_); ++} ++ ++sub vdp { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRIf(0xe67a,@_); ++} ++ ++sub vlip { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VRIh(0xe649,@_); ++} ++ ++sub vmp { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRIf(0xe678,@_); ++} ++ ++sub vmsp { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRIf(0xe679,@_); ++} ++ ++sub vpkz { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VSI(0xe634,@_); ++} ++ ++sub vpsop { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRIg(0xe65b,@_); ++} ++ ++sub vrp { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRIf(0xe67b,@_); ++} ++ ++sub vsdp { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRIf(0xe67e,@_); ++} ++ ++sub vsrp { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRIg(0xe659,@_); ++} ++ ++sub vsp { ++ confess(err("ARGNUM")) if ($#_!=4); ++ VRIf(0xe673,@_); ++} ++ ++sub vtp { ++ confess(err("ARGNUM")) if ($#_!=0); ++ VRRg(0xe65f,@_); ++} ++ ++sub vupkz { ++ confess(err("ARGNUM")) if ($#_!=2); ++ VSI(0xe63c,@_); ++} ++ ++# ++# Instruction Formats ++# ++ ++sub RRE { ++ confess(err("ARGNUM")) if ($#_<0||2<$#_); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$r1,$r2)=(shift,get_R(shift),get_R(shift)); ++ ++ $out.="\t.long\t".sprintf("%#010x",($opcode<<16|$r1<<4|$r2)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub RRFb { ++ confess(err("ARGNUM")) if ($#_<3||4<$#_); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$r1,$r3,$r2,$m4)=(shift,get_R(shift),get_R(shift) ++ ,get_R(shift),get_M(shift)); ++ ++ $out.="\t.long\t" ++ .sprintf("%#010x",($opcode<<16|$r3<<12|$m4<<8|$r1<<4|$r2)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub S { ++ confess(err("ARGNUM")) if ($#_<0||1<$#_); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$d2,$b2)=(shift,get_DB(shift)); ++ ++ $out.="\t.long\t".sprintf("%#010x",($opcode<<16|$b2<<12|$d2)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRIa { ++ confess(err("ARGNUM")) if ($#_<2||3<$#_); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$i2,$m3)=(shift,get_V(shift),get_I(shift,16), ++ get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)).","; ++ $out.=sprintf("%#06x",$i2).","; ++ $out.=sprintf("%#06x",($m3<<12|RXB($v1)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRIb { ++ confess(err("ARGNUM")) if ($#_!=4); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$i2,$i3,$m4)=(shift,get_V(shift),get_I(shift,8), ++ ,get_I(shift,8),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)).","; ++ $out.=sprintf("%#06x",($i2<<8|$i3)).","; ++ $out.=sprintf("%#06x",($m4<<12|RXB($v1)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRIc { ++ confess(err("ARGNUM")) if ($#_!=4); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v3,$i2,$m4)=(shift,get_V(shift),get_V(shift), ++ ,get_I(shift,16),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v3&0xf)).","; ++ $out.=sprintf("%#06x",$i2).","; ++ $out.=sprintf("%#06x",($m4<<12|RXB($v1,$v3)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRId { ++ confess(err("ARGNUM")) if ($#_<4||$#_>5); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v2,$v3,$i4,$m5)=(shift,get_V(shift),get_V(shift), ++ ,get_V(shift),get_I(shift,8),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf)).","; ++ $out.=sprintf("%#06x",(($v3&0xf)<<12|$i4)).","; ++ $out.=sprintf("%#06x",($m5<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRIe { ++ confess(err("ARGNUM")) if ($#_!=5); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v2,$i3,$m4,$m5)=(shift,get_V(shift),get_V(shift), ++ ,get_I(shift,12),get_M(shift),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf)).","; ++ $out.=sprintf("%#06x",($i3<<4|$m5)).","; ++ $out.=sprintf("%#06x",($m4<<12|RXB($v1,$v2)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRIf { ++ confess(err("ARGNUM")) if ($#_!=5); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v2,$v3,$i4,$m5)=(shift,get_V(shift),get_V(shift), ++ ,get_V(shift),get_I(shift,8),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf)).","; ++ $out.=sprintf("%#06x",(($v3&0xf)<<12|$m5<<4)|$i4>>4).","; ++ $out.=sprintf("%#06x",(($i4&0xf)<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRIg { ++ confess(err("ARGNUM")) if ($#_!=5); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v2,$i3,$i4,$m5)=(shift,get_V(shift),get_V(shift), ++ ,get_I(shift,8),get_I(shift,8),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf)).","; ++ $out.=sprintf("%#06x",($i4<<8|$m5<<4|$i3>>4)).","; ++ $out.=sprintf("%#06x",(($i3&0xf)<<12|RXB($v1,$v2)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRIh { ++ confess(err("ARGNUM")) if ($#_!=3); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$i2,$i3)=(shift,get_V(shift),get_I(shift,16), ++ get_I(shift,4)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)).","; ++ $out.=sprintf("%#06x",$i2).","; ++ $out.=sprintf("%#06x",($i3<<12|RXB($v1)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRIi { ++ confess(err("ARGNUM")) if ($#_!=4); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$r2,$i3,$m4)=(shift,get_V(shift),get_R(shift), ++ ,get_I(shift,8),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|$r2).","; ++ $out.=sprintf("%#06x",($m4<<4|$i3>>4)).","; ++ $out.=sprintf("%#06x",(($i3&0xf)<<12|RXB($v1)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRRa { ++ confess(err("ARGNUM")) if ($#_<2||5<$#_); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v2,$m3,$m4,$m5)=(shift,get_V(shift),get_V(shift), ++ get_M(shift),get_M(shift),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; ++ $out.=sprintf("%#06x",($m5<<4|$m4)).","; ++ $out.=sprintf("%#06x",($m3<<12|RXB($v1,$v2)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRRb { ++ confess(err("ARGNUM")) if ($#_<3||5<$#_); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v2,$v3,$m4,$m5)=(shift,get_V(shift),get_V(shift), ++ get_V(shift),get_M(shift),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; ++ $out.=sprintf("%#06x",(($v3&0xf)<<12|$m5<<4)).","; ++ $out.=sprintf("%#06x",($m4<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRRc { ++ confess(err("ARGNUM")) if ($#_<3||6<$#_); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v2,$v3,$m4,$m5,$m6)=(shift,get_V(shift),get_V(shift), ++ get_V(shift),get_M(shift),get_M(shift),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; ++ $out.=sprintf("%#06x",(($v3&0xf)<<12|$m6<<4|$m5)).","; ++ $out.=sprintf("%#06x",($m4<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRRd { ++ confess(err("ARGNUM")) if ($#_<4||6<$#_); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v2,$v3,$v4,$m5,$m6)=(shift,get_V(shift),get_V(shift), ++ get_V(shift),get_V(shift),get_M(shift),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; ++ $out.=sprintf("%#06x",(($v3&0xf)<<12|$m5<<8|$m6<<4)).","; ++ $out.=sprintf("%#06x",(($v4&0xf)<<12|RXB($v1,$v2,$v3,$v4)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRRe { ++ confess(err("ARGNUM")) if ($#_<4||6<$#_); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v2,$v3,$v4,$m5,$m6)=(shift,get_V(shift),get_V(shift), ++ get_V(shift),get_V(shift),get_M(shift),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; ++ $out.=sprintf("%#06x",(($v3&0xf)<<12|$m6<<8|$m5)).","; ++ $out.=sprintf("%#06x",(($v4&0xf)<<12|RXB($v1,$v2,$v3,$v4)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRRf { ++ confess(err("ARGNUM")) if ($#_!=3); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$r2,$r3)=(shift,get_V(shift),get_R(shift), ++ get_R(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|$r2)).","; ++ $out.=sprintf("%#06x",($r3<<12)).","; ++ $out.=sprintf("%#06x",(RXB($v1)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRRg { ++ confess(err("ARGNUM")) if ($#_!=1); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1)=(shift,get_V(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf))).","; ++ $out.=sprintf("%#06x",0x0000).","; ++ $out.=sprintf("%#06x",(RXB(0,$v1)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRRh { ++ confess(err("ARGNUM")) if ($#_<2||$#_>3); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v2,$m3)=(shift,get_V(shift),get_V(shift), ++ get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf))).","; ++ $out.=sprintf("%#06x",(($v2&0xf)<<12|$m3<<4)).","; ++ $out.=sprintf("%#06x",(RXB(0,$v1,$v2)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRRi { ++ confess(err("ARGNUM")) if ($#_!=3); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$r1,$v2,$m3)=(shift,get_R(shift),get_V(shift), ++ get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|$r1<<4|($v2&0xf))).","; ++ $out.=sprintf("%#06x",($m3<<4))."\,"; ++ $out.=sprintf("%#06x",(RXB(0,$v2)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRSa { ++ confess(err("ARGNUM")) if ($#_<3||$#_>4); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$v3,$d2,$b2,$m4)=(shift,get_V(shift),get_V(shift), ++ get_DB(shift),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v3&0xf))).","; ++ $out.=sprintf("%#06x",($b2<<12|$d2)).","; ++ $out.=sprintf("%#06x",($m4<<12|RXB($v1,$v3)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRSb { ++ confess(err("ARGNUM")) if ($#_<3||$#_>4); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$r3,$d2,$b2,$m4)=(shift,get_V(shift),get_R(shift), ++ get_DB(shift),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|$r3)).","; ++ $out.=sprintf("%#06x",($b2<<12|$d2)).","; ++ $out.=sprintf("%#06x",($m4<<12|RXB($v1)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRSc { ++ confess(err("ARGNUM")) if ($#_!=4); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$r1,$v3,$d2,$b2,$m4)=(shift,get_R(shift),get_V(shift), ++ get_DB(shift),get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|$r1<<4|($v3&0xf))).","; ++ $out.=sprintf("%#06x",($b2<<12|$d2)).","; ++ $out.=sprintf("%#06x",($m4<<12|RXB(0,$v3)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRSd { ++ confess(err("ARGNUM")) if ($#_!=3); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$r3,$d2,$b2)=(shift,get_V(shift),get_R(shift), ++ get_DB(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|$r3)).","; ++ $out.=sprintf("%#06x",($b2<<12|$d2)).","; ++ $out.=sprintf("%#06x",(($v1&0xf)<<12|RXB(0,0,0,$v1)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRV { ++ confess(err("ARGNUM")) if ($#_<2||$#_>3); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$d2,$v2,$b2,$m3)=(shift,get_V(shift),get_DVB(shift), ++ get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; ++ $out.=sprintf("%#06x",($b2<<12|$d2)).","; ++ $out.=sprintf("%#06x",($m3<<12|RXB($v1,$v2)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VRX { ++ confess(err("ARGNUM")) if ($#_<2||$#_>3); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$d2,$x2,$b2,$m3)=(shift,get_V(shift),get_DXB(shift), ++ get_M(shift)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($x2))).","; ++ $out.=sprintf("%#06x",($b2<<12|$d2)).","; ++ $out.=sprintf("%#06x",($m3<<12|RXB($v1)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++sub VSI { ++ confess(err("ARGNUM")) if ($#_!=3); ++ my $ops=join(',',@_[1..$#_]); ++ my $memn=(caller(1))[3]; ++ $memn=~s/^.*:://; ++ my ($opcode,$v1,$d2,$b2,$i3)=(shift,get_V(shift),get_DB(shift), ++ get_I(shift,8)); ++ ++ $out.="\t.word\t"; ++ $out.=sprintf("%#06x",($opcode&0xff00|$i3)).","; ++ $out.=sprintf("%#06x",($b2<<12|$d2)).","; ++ $out.=sprintf("%#06x",(($v1&0xf)<<12|RXB(0,0,0,$v1)<<8|$opcode&0xff)); ++ $out.="\t# $memn\t$ops\n" ++} ++ ++# ++# Internal ++# ++ ++sub get_R { ++ confess(err("ARGNUM")) if ($#_!=0); ++ my $r; ++ ++ for (shift) { ++ if (!defined) { ++ $r=0; ++ } elsif (/^$GR$/) { ++ $r=$1; ++ } else { ++ confess(err("PARSE")); ++ } ++ } ++ confess(err("ARGRANGE")) if ($r&~0xf); ++ ++ return $r; ++} ++ ++sub get_V { ++ confess(err("ARGNUM")) if ($#_!=0); ++ my $v; ++ ++ for (shift) { ++ if (!defined) { ++ $v=0; ++ } elsif (/^$VR$/) { ++ $v=$1; ++ } else { ++ confess(err("PARSE")); ++ } ++ } ++ confess(err("ARGRANGE")) if ($v&~0x1f); ++ ++ return $v; ++} ++ ++sub get_I { ++ confess(err("ARGNUM")) if ($#_!=1); ++ my ($i,$bits)=(shift,shift); ++ ++ $i=defined($i)?(eval($i)):(0); ++ confess(err("PARSE")) if (!defined($i)); ++ confess(err("ARGRANGE")) if (abs($i)&~(2**$bits-1)); ++ ++ return $i&(2**$bits-1); ++} ++ ++sub get_M { ++ confess(err("ARGNUM")) if ($#_!=0); ++ my $m=shift; ++ ++ $m=defined($m)?(eval($m)):(0); ++ confess(err("PARSE")) if (!defined($m)); ++ confess(err("ARGRANGE")) if ($m&~0xf); ++ ++ return $m; ++} ++ ++sub get_DB ++{ ++ confess(err("ARGNUM")) if ($#_!=0); ++ my ($d,$b); ++ ++ for (shift) { ++ if (!defined) { ++ ($d,$b)=(0,0); ++ } elsif (/^(.+)\($GR\)$/) { ++ ($d,$b)=(eval($1),$2); ++ confess(err("PARSE")) if (!defined($d)); ++ } elsif (/^(.+)$/) { ++ ($d,$b)=(eval($1),0); ++ confess(err("PARSE")) if (!defined($d)); ++ } else { ++ confess(err("PARSE")); ++ } ++ } ++ confess(err("ARGRANGE")) if ($d&~0xfff||$b&~0xf); ++ ++ return ($d,$b); ++} ++ ++sub get_DVB ++{ ++ confess(err("ARGNUM")) if ($#_!=0); ++ my ($d,$v,$b); ++ ++ for (shift) { ++ if (!defined) { ++ ($d,$v,$b)=(0,0,0); ++ } elsif (/^(.+)\($VR,$GR\)$/) { ++ ($d,$v,$b)=(eval($1),$2,$3); ++ confess(err("PARSE")) if (!defined($d)); ++ } elsif (/^(.+)\($GR\)$/) { ++ ($d,$v,$b)=(eval($1),0,$2); ++ confess(err("PARSE")) if (!defined($d)); ++ } elsif (/^(.+)$/) { ++ ($d,$v,$b)=(eval($1),0,0); ++ confess(err("PARSE")) if (!defined($d)); ++ } else { ++ confess(err("PARSE")); ++ } ++ } ++ confess(err("ARGRANGE")) if ($d&~0xfff||$v&~0x1f||$b&~0xf); ++ ++ return ($d,$v,$b); ++} ++ ++sub get_DXB ++{ ++ confess(err("ARGNUM")) if ($#_!=0); ++ my ($d,$x,$b); ++ ++ for (shift) { ++ if (!defined) { ++ ($d,$x,$b)=(0,0,0); ++ } elsif (/^(.+)\($GR,$GR\)$/) { ++ ($d,$x,$b)=(eval($1),$2,$3); ++ confess(err("PARSE")) if (!defined($d)); ++ } elsif (/^(.+)\($GR\)$/) { ++ ($d,$x,$b)=(eval($1),0,$2); ++ confess(err("PARSE")) if (!defined($d)); ++ } elsif (/^(.+)$/) { ++ ($d,$x,$b)=(eval($1),0,0); ++ confess(err("PARSE")) if (!defined($d)); ++ } else { ++ confess(err("PARSE")); ++ } ++ } ++ confess(err("ARGRANGE")) if ($d&~0xfff||$x&~0xf||$b&~0xf); ++ ++ return ($d,$x,$b); ++} ++ ++sub RXB ++{ ++ confess(err("ARGNUM")) if ($#_<0||3<$#_); ++ my $rxb=0; ++ ++ $rxb|=0x08 if (defined($_[0])&&($_[0]&0x10)); ++ $rxb|=0x04 if (defined($_[1])&&($_[1]&0x10)); ++ $rxb|=0x02 if (defined($_[2])&&($_[2]&0x10)); ++ $rxb|=0x01 if (defined($_[3])&&($_[3]&0x10)); ++ ++ return $rxb; ++} ++ ++sub err { ++ my %ERR = ++ ( ++ ARGNUM => 'Wrong number of arguments', ++ ARGRANGE=> 'Argument out of range', ++ PARSE => 'Parse error', ++ ); ++ confess($ERR{ARGNUM}) if ($#_!=0); ++ ++ return $ERR{$_[0]}; ++} ++ ++1; +diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl +--- openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update 2020-03-19 16:20:22.041227359 +0100 ++++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl 2020-03-19 16:23:22.364098257 +0100 +@@ -24,204 +24,961 @@ + # + # On side note, z13 enables vector base 2^26 implementation... + +-$flavour = shift; ++# ++# January 2019 ++# ++# Add vx code path (base 2^26). ++# ++# Copyright IBM Corp. 2019 ++# Author: Patrick Steuer ++ ++# ++# January 2019 ++# ++# Add vector base 2^26 implementation. It's problematic to accurately ++# measure performance, because reference system is hardly idle. But ++# it's sub-cycle, i.e. less than 1 cycle per processed byte, and it's ++# >=20% faster than IBM's submission on long inputs, and much faster on ++# short ones, because calculation of key powers is postponed till we ++# know that input is long enough to justify the additional overhead. ++ ++use strict; ++use FindBin qw($Bin); ++use lib "$Bin/../.."; ++use perlasm::s390x qw(:DEFAULT :VX AUTOLOAD LABEL INCLUDE); ++ ++my $flavour = shift; + ++my ($z,$SIZE_T); + if ($flavour =~ /3[12]/) { ++ $z=0; # S/390 ABI + $SIZE_T=4; +- $g=""; + } else { ++ $z=1; # zSeries ABI + $SIZE_T=8; +- $g="g"; + } + ++my $output; + while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {} +-open STDOUT,">$output"; + +-$sp="%r15"; ++my $stdframe=16*$SIZE_T+4*8; ++my $sp="%r15"; + + my ($ctx,$inp,$len,$padbit) = map("%r$_",(2..5)); + +-$code.=<<___; +-.text ++PERLASM_BEGIN($output); + +-.globl poly1305_init +-.type poly1305_init,\@function +-.align 16 +-poly1305_init: +- lghi %r0,0 +- lghi %r1,-1 +- stg %r0,0($ctx) # zero hash value +- stg %r0,8($ctx) +- stg %r0,16($ctx) +- +- cl${g}r $inp,%r0 +- je .Lno_key +- +- lrvg %r4,0($inp) # load little-endian key +- lrvg %r5,8($inp) +- +- nihl %r1,0xffc0 # 0xffffffc0ffffffff +- srlg %r0,%r1,4 # 0x0ffffffc0fffffff +- srlg %r1,%r1,4 +- nill %r1,0xfffc # 0x0ffffffc0ffffffc +- +- ngr %r4,%r0 +- ngr %r5,%r1 +- +- stg %r4,32($ctx) +- stg %r5,40($ctx) +- +-.Lno_key: +- lghi %r2,0 +- br %r14 +-.size poly1305_init,.-poly1305_init +-___ ++INCLUDE ("s390x_arch.h"); ++TEXT (); ++ ++################ ++# static void poly1305_init(void *ctx, const unsigned char key[16]) ++{ ++GLOBL ("poly1305_init"); ++TYPE ("poly1305_init","\@function"); ++ALIGN (16); ++LABEL ("poly1305_init"); ++ lghi ("%r0",0); ++ lghi ("%r1",-1); ++ stg ("%r0","0($ctx)"); # zero hash value ++ stg ("%r0","8($ctx)"); ++ stg ("%r0","16($ctx)"); ++ st ("%r0","24($ctx)"); # clear is_base2_26 ++ lgr ("%r5",$ctx); # reassign $ctx ++ lghi ("%r2",0); ++ ++&{$z? \&clgr:\&clr} ($inp,"%r0"); ++ je (".Lno_key"); ++ ++ lrvg ("%r2","0($inp)"); # load little-endian key ++ lrvg ("%r3","8($inp)"); ++ ++ nihl ("%r1",0xffc0); # 0xffffffc0ffffffff ++ srlg ("%r0","%r1",4); # 0x0ffffffc0fffffff ++ srlg ("%r1","%r1",4); ++ nill ("%r1",0xfffc); # 0x0ffffffc0ffffffc ++ ++ ngr ("%r2","%r0"); ++ ngr ("%r3","%r1"); ++ ++ stmg ("%r2","%r3","32(%r5)"); ++ ++ larl ("%r1","OPENSSL_s390xcap_P"); ++ lg ("%r0","16(%r1)"); ++ srlg ("%r0","%r0",62); ++ nill ("%r0",1); # extract vx bit ++ lcgr ("%r0","%r0"); ++ larl ("%r1",".Lpoly1305_blocks"); ++ larl ("%r2",".Lpoly1305_blocks_vx"); ++ larl ("%r3",".Lpoly1305_emit"); ++&{$z? \&xgr:\&xr} ("%r2","%r1"); # select between scalar and vector ++&{$z? \&ngr:\&nr} ("%r2","%r0"); ++&{$z? \&xgr:\&xr} ("%r2","%r1"); ++&{$z? \&stmg:\&stm} ("%r2","%r3","0(%r4)"); ++ lghi ("%r2",1); ++LABEL (".Lno_key"); ++ br ("%r14"); ++SIZE ("poly1305_init",".-poly1305_init"); ++} ++ ++################ ++# static void poly1305_blocks(void *ctx, const unsigned char *inp, ++# size_t len, u32 padbit) + { + my ($d0hi,$d0lo,$d1hi,$d1lo,$t0,$h0,$t1,$h1,$h2) = map("%r$_",(6..14)); + my ($r0,$r1,$s1) = map("%r$_",(0..2)); + +-$code.=<<___; +-.globl poly1305_blocks +-.type poly1305_blocks,\@function +-.align 16 +-poly1305_blocks: +- srl${g} $len,4 # fixed-up in 64-bit build +- lghi %r0,0 +- cl${g}r $len,%r0 +- je .Lno_data +- +- stm${g} %r6,%r14,`6*$SIZE_T`($sp) +- +- llgfr $padbit,$padbit # clear upper half, much needed with +- # non-64-bit ABI +- lg $r0,32($ctx) # load key +- lg $r1,40($ctx) +- +- lg $h0,0($ctx) # load hash value +- lg $h1,8($ctx) +- lg $h2,16($ctx) +- +- st$g $ctx,`2*$SIZE_T`($sp) # off-load $ctx +- srlg $s1,$r1,2 +- algr $s1,$r1 # s1 = r1 + r1>>2 +- j .Loop +- +-.align 16 +-.Loop: +- lrvg $d0lo,0($inp) # load little-endian input +- lrvg $d1lo,8($inp) +- la $inp,16($inp) +- +- algr $d0lo,$h0 # accumulate input +- alcgr $d1lo,$h1 +- +- lgr $h0,$d0lo +- mlgr $d0hi,$r0 # h0*r0 -> $d0hi:$d0lo +- lgr $h1,$d1lo +- mlgr $d1hi,$s1 # h1*5*r1 -> $d1hi:$d1lo +- +- mlgr $t0,$r1 # h0*r1 -> $t0:$h0 +- mlgr $t1,$r0 # h1*r0 -> $t1:$h1 +- alcgr $h2,$padbit +- +- algr $d0lo,$d1lo +- lgr $d1lo,$h2 +- alcgr $d0hi,$d1hi +- lghi $d1hi,0 +- +- algr $h1,$h0 +- alcgr $t1,$t0 +- +- msgr $d1lo,$s1 # h2*s1 +- msgr $h2,$r0 # h2*r0 +- +- algr $h1,$d1lo +- alcgr $t1,$d1hi # $d1hi is zero +- +- algr $h1,$d0hi +- alcgr $h2,$t1 +- +- lghi $h0,-4 # final reduction step +- ngr $h0,$h2 +- srlg $t0,$h2,2 +- algr $h0,$t0 +- lghi $t1,3 +- ngr $h2,$t1 +- +- algr $h0,$d0lo +- alcgr $h1,$d1hi # $d1hi is still zero +- alcgr $h2,$d1hi # $d1hi is still zero +- +- brct$g $len,.Loop +- +- l$g $ctx,`2*$SIZE_T`($sp) # restore $ctx +- +- stg $h0,0($ctx) # store hash value +- stg $h1,8($ctx) +- stg $h2,16($ctx) +- +- lm${g} %r6,%r14,`6*$SIZE_T`($sp) +-.Lno_data: +- br %r14 +-.size poly1305_blocks,.-poly1305_blocks +-___ ++GLOBL ("poly1305_blocks"); ++TYPE ("poly1305_blocks","\@function"); ++ALIGN (16); ++LABEL ("poly1305_blocks"); ++LABEL (".Lpoly1305_blocks"); ++&{$z? \<gr:\<r} ("%r0",$len); ++ jz (".Lno_data"); ++ ++&{$z? \&stmg:\&stm} ("%r6","%r14","6*$SIZE_T($sp)"); ++ ++ lg ($h0,"0($ctx)"); # load hash value ++ lg ($h1,"8($ctx)"); ++ lg ($h2,"16($ctx)"); ++ ++LABEL (".Lpoly1305_blocks_entry"); ++if ($z) { ++ srlg ($len,$len,4); ++} else { ++ srl ($len,4); ++} ++ llgfr ($padbit,$padbit); # clear upper half, much needed with ++ # non-64-bit ABI ++ lg ($r0,"32($ctx)"); # load key ++ lg ($r1,"40($ctx)"); ++ ++&{$z? \&stg:\&st} ($ctx,"2*$SIZE_T($sp)"); # off-load $ctx ++ srlg ($s1,$r1,2); ++ algr ($s1,$r1); # s1 = r1 + r1>>2 ++ j (".Loop"); ++ ++ALIGN (16); ++LABEL (".Loop"); ++ lrvg ($d0lo,"0($inp)"); # load little-endian input ++ lrvg ($d1lo,"8($inp)"); ++ la ($inp,"16($inp)"); ++ ++ algr ($d0lo,$h0); # accumulate input ++ alcgr ($d1lo,$h1); ++ alcgr ($h2,$padbit); ++ ++ lgr ($h0,$d0lo); ++ mlgr ($d0hi,$r0); # h0*r0 -> $d0hi:$d0lo ++ lgr ($h1,$d1lo); ++ mlgr ($d1hi,$s1); # h1*5*r1 -> $d1hi:$d1lo ++ ++ mlgr ($t0,$r1); # h0*r1 -> $t0:$h0 ++ mlgr ($t1,$r0); # h1*r0 -> $t1:$h1 ++ ++ algr ($d0lo,$d1lo); ++ lgr ($d1lo,$h2); ++ alcgr ($d0hi,$d1hi); ++ lghi ($d1hi,0); ++ ++ algr ($h1,$h0); ++ alcgr ($t1,$t0); ++ ++ msgr ($d1lo,$s1); # h2*s1 ++ msgr ($h2,$r0); # h2*r0 ++ ++ algr ($h1,$d1lo); ++ alcgr ($t1,$d1hi); # $d1hi is zero ++ ++ algr ($h1,$d0hi); ++ alcgr ($h2,$t1); ++ ++ lghi ($h0,-4); # final reduction step ++ ngr ($h0,$h2); ++ srlg ($t0,$h2,2); ++ algr ($h0,$t0); ++ lghi ($t1,3); ++ ngr ($h2,$t1); ++ ++ algr ($h0,$d0lo); ++ alcgr ($h1,$d1hi); # $d1hi is still zero ++ alcgr ($h2,$d1hi); # $d1hi is still zero ++ ++&{$z? \&brctg:\&brct} ($len,".Loop"); ++ ++&{$z? \&lg:\&l} ($ctx,"2*$SIZE_T($sp)");# restore $ctx ++ ++ stg ($h0,"0($ctx)"); # store hash value ++ stg ($h1,"8($ctx)"); ++ stg ($h2,"16($ctx)"); ++ ++&{$z? \&lmg:\&lm} ("%r6","%r14","6*$SIZE_T($sp)"); ++LABEL (".Lno_data"); ++ br ("%r14"); ++SIZE ("poly1305_blocks",".-poly1305_blocks"); + } ++ ++################ ++# static void poly1305_blocks_vx(void *ctx, const unsigned char *inp, ++# size_t len, u32 padbit) ++{ ++my ($H0, $H1, $H2, $H3, $H4) = map("%v$_",(0..4)); ++my ($I0, $I1, $I2, $I3, $I4) = map("%v$_",(5..9)); ++my ($R0, $R1, $S1, $R2, $S2) = map("%v$_",(10..14)); ++my ($R3, $S3, $R4, $S4) = map("%v$_",(15..18)); ++my ($ACC0, $ACC1, $ACC2, $ACC3, $ACC4) = map("%v$_",(19..23)); ++my ($T1, $T2, $T3, $T4) = map("%v$_",(24..27)); ++my ($mask26,$bswaplo,$bswaphi,$bswapmi) = map("%v$_",(28..31)); ++ ++my ($d2,$d0,$h0,$d1,$h1,$h2)=map("%r$_",(9..14)); ++ ++TYPE ("poly1305_blocks_vx","\@function"); ++ALIGN (16); ++LABEL ("poly1305_blocks_vx"); ++LABEL (".Lpoly1305_blocks_vx"); ++&{$z? \&clgfi:\&clfi} ($len,128); ++ jhe ("__poly1305_blocks_vx"); ++ ++&{$z? \&stmg:\&stm} ("%r6","%r14","6*$SIZE_T($sp)"); ++ ++ lg ($d0,"0($ctx)"); ++ lg ($d1,"8($ctx)"); ++ lg ($d2,"16($ctx)"); ++ ++ llgfr ("%r0",$d0); # base 2^26 -> base 2^64 ++ srlg ($h0,$d0,32); ++ llgfr ("%r1",$d1); ++ srlg ($h1,$d1,32); ++ srlg ($h2,$d2,32); ++ ++ sllg ("%r0","%r0",26); ++ algr ($h0,"%r0"); ++ sllg ("%r0",$h1,52); ++ srlg ($h1,$h1,12); ++ sllg ("%r1","%r1",14); ++ algr ($h0,"%r0"); ++ alcgr ($h1,"%r1"); ++ sllg ("%r0",$h2,40); ++ srlg ($h2,$h2,24); ++ lghi ("%r1",0); ++ algr ($h1,"%r0"); ++ alcgr ($h2,"%r1"); ++ ++ llgf ("%r0","24($ctx)"); # is_base2_26 ++ lcgr ("%r0","%r0"); ++ ++ xgr ($h0,$d0); # choose between radixes ++ xgr ($h1,$d1); ++ xgr ($h2,$d2); ++ ngr ($h0,"%r0"); ++ ngr ($h1,"%r0"); ++ ngr ($h2,"%r0"); ++ xgr ($h0,$d0); ++ xgr ($h1,$d1); ++ xgr ($h2,$d2); ++ ++ lhi ("%r0",0); ++ st ("%r0","24($ctx)"); # clear is_base2_26 ++ ++ j (".Lpoly1305_blocks_entry"); ++SIZE ("poly1305_blocks_vx",".-poly1305_blocks_vx"); ++ ++TYPE ("__poly1305_mul","\@function"); ++ALIGN (16); ++LABEL ("__poly1305_mul"); ++ vmlof ($ACC0,$H0,$R0); ++ vmlof ($ACC1,$H0,$R1); ++ vmlof ($ACC2,$H0,$R2); ++ vmlof ($ACC3,$H0,$R3); ++ vmlof ($ACC4,$H0,$R4); ++ ++ vmalof ($ACC0,$H1,$S4,$ACC0); ++ vmalof ($ACC1,$H1,$R0,$ACC1); ++ vmalof ($ACC2,$H1,$R1,$ACC2); ++ vmalof ($ACC3,$H1,$R2,$ACC3); ++ vmalof ($ACC4,$H1,$R3,$ACC4); ++ ++ vmalof ($ACC0,$H2,$S3,$ACC0); ++ vmalof ($ACC1,$H2,$S4,$ACC1); ++ vmalof ($ACC2,$H2,$R0,$ACC2); ++ vmalof ($ACC3,$H2,$R1,$ACC3); ++ vmalof ($ACC4,$H2,$R2,$ACC4); ++ ++ vmalof ($ACC0,$H3,$S2,$ACC0); ++ vmalof ($ACC1,$H3,$S3,$ACC1); ++ vmalof ($ACC2,$H3,$S4,$ACC2); ++ vmalof ($ACC3,$H3,$R0,$ACC3); ++ vmalof ($ACC4,$H3,$R1,$ACC4); ++ ++ vmalof ($ACC0,$H4,$S1,$ACC0); ++ vmalof ($ACC1,$H4,$S2,$ACC1); ++ vmalof ($ACC2,$H4,$S3,$ACC2); ++ vmalof ($ACC3,$H4,$S4,$ACC3); ++ vmalof ($ACC4,$H4,$R0,$ACC4); ++ ++ ################################################################ ++ # lazy reduction ++ ++ vesrlg ($H4,$ACC3,26); ++ vesrlg ($H1,$ACC0,26); ++ vn ($H3,$ACC3,$mask26); ++ vn ($H0,$ACC0,$mask26); ++ vag ($H4,$H4,$ACC4); # h3 -> h4 ++ vag ($H1,$H1,$ACC1); # h0 -> h1 ++ ++ vesrlg ($ACC4,$H4,26); ++ vesrlg ($ACC1,$H1,26); ++ vn ($H4,$H4,$mask26); ++ vn ($H1,$H1,$mask26); ++ vag ($H0,$H0,$ACC4); ++ vag ($H2,$ACC2,$ACC1); # h1 -> h2 ++ ++ veslg ($ACC4,$ACC4,2); # <<2 ++ vesrlg ($ACC2,$H2,26); ++ vn ($H2,$H2,$mask26); ++ vag ($H0,$H0,$ACC4); # h4 -> h0 ++ vag ($H3,$H3,$ACC2); # h2 -> h3 ++ ++ vesrlg ($ACC0,$H0,26); ++ vesrlg ($ACC3,$H3,26); ++ vn ($H0,$H0,$mask26); ++ vn ($H3,$H3,$mask26); ++ vag ($H1,$H1,$ACC0); # h0 -> h1 ++ vag ($H4,$H4,$ACC3); # h3 -> h4 ++ br ("%r14"); ++SIZE ("__poly1305_mul",".-__poly1305_mul"); ++ ++TYPE ("__poly1305_blocks_vx","\@function"); ++ALIGN (16); ++LABEL ("__poly1305_blocks_vx"); ++&{$z? \&lgr:\&lr} ("%r0",$sp); ++&{$z? \&stmg:\&stm} ("%r10","%r15","10*$SIZE_T($sp)"); ++if (!$z) { ++ std ("%f4","16*$SIZE_T+2*8($sp)"); ++ std ("%f6","16*$SIZE_T+3*8($sp)"); ++ ahi ($sp,-$stdframe); ++ st ("%r0","0($sp)"); # back-chain ++ ++ llgfr ($len,$len); # so that srlg works on $len ++} else { ++ aghi ($sp,"-($stdframe+8*8)"); ++ stg ("%r0","0($sp)"); # back-chain ++ ++ std ("%f8","$stdframe+0*8($sp)"); ++ std ("%f9","$stdframe+1*8($sp)"); ++ std ("%f10","$stdframe+2*8($sp)"); ++ std ("%f11","$stdframe+3*8($sp)"); ++ std ("%f12","$stdframe+4*8($sp)"); ++ std ("%f13","$stdframe+5*8($sp)"); ++ std ("%f14","$stdframe+6*8($sp)"); ++ std ("%f15","$stdframe+7*8($sp)"); ++} ++ larl ("%r1",".Lconst"); ++ vgmg ($mask26,38,63); ++ vlm ($bswaplo,$bswapmi,"16(%r1)"); ++ ++ < ("%r0","24($ctx)"); # is_base2_26? ++ jnz (".Lskip_init"); ++ ++ lg ($h0,"32($ctx)"); # load key base 2^64 ++ lg ($h1,"40($ctx)"); ++ ++ risbg ($d0,$h0,38,0x80+63,38); # base 2^64 -> 2^26 ++ srlg ($d1,$h0,52); ++ risbg ($h0,$h0,38,0x80+63,0); ++ vlvgg ($R0,$h0,0); ++ risbg ($d1,$h1,38,51,12); ++ vlvgg ($R1,$d0,0); ++ risbg ($d0,$h1,38,63,50); ++ vlvgg ($R2,$d1,0); ++ srlg ($d1,$h1,40); ++ vlvgg ($R3,$d0,0); ++ vlvgg ($R4,$d1,0); ++ ++ veslg ($S1,$R1,2); ++ veslg ($S2,$R2,2); ++ veslg ($S3,$R3,2); ++ veslg ($S4,$R4,2); ++ vlr ($H0,$R0); ++ vlr ($H1,$R1); ++ vlr ($H2,$R2); ++ vlr ($H3,$R3); ++ vlr ($H4,$R4); ++ vag ($S1,$S1,$R1); # * 5 ++ vag ($S2,$S2,$R2); ++ vag ($S3,$S3,$R3); ++ vag ($S4,$S4,$R4); ++ ++ brasl ("%r14","__poly1305_mul"); # r^1:- * r^1:- ++ ++ vpdi ($R0,$H0,$R0,0); # r^2:r^1 ++ vpdi ($R1,$H1,$R1,0); ++ vpdi ($R2,$H2,$R2,0); ++ vpdi ($R3,$H3,$R3,0); ++ vpdi ($R4,$H4,$R4,0); ++ vpdi ($H0,$H0,$H0,0); # r^2:r^2 ++ vpdi ($H1,$H1,$H1,0); ++ vpdi ($H2,$H2,$H2,0); ++ vpdi ($H3,$H3,$H3,0); ++ vpdi ($H4,$H4,$H4,0); ++ veslg ($S1,$R1,2); ++ veslg ($S2,$R2,2); ++ veslg ($S3,$R3,2); ++ veslg ($S4,$R4,2); ++ vag ($S1,$S1,$R1); # * 5 ++ vag ($S2,$S2,$R2); ++ vag ($S3,$S3,$R3); ++ vag ($S4,$S4,$R4); ++ ++ brasl ("%r14,__poly1305_mul"); # r^2:r^2 * r^2:r^1 ++ ++ vl ($I0,"0(%r1)"); # borrow $I0 ++ vperm ($R0,$R0,$H0,$I0); # r^2:r^4:r^1:r^3 ++ vperm ($R1,$R1,$H1,$I0); ++ vperm ($R2,$R2,$H2,$I0); ++ vperm ($R3,$R3,$H3,$I0); ++ vperm ($R4,$R4,$H4,$I0); ++ veslf ($S1,$R1,2); ++ veslf ($S2,$R2,2); ++ veslf ($S3,$R3,2); ++ veslf ($S4,$R4,2); ++ vaf ($S1,$S1,$R1); # * 5 ++ vaf ($S2,$S2,$R2); ++ vaf ($S3,$S3,$R3); ++ vaf ($S4,$S4,$R4); ++ ++ lg ($h0,"0($ctx)"); # load hash base 2^64 ++ lg ($h1,"8($ctx)"); ++ lg ($h2,"16($ctx)"); ++ ++ vzero ($H0); ++ vzero ($H1); ++ vzero ($H2); ++ vzero ($H3); ++ vzero ($H4); ++ ++ risbg ($d0,$h0,38,0x80+63,38); # base 2^64 -> 2^26 ++ srlg ($d1,$h0,52); ++ risbg ($h0,$h0,38,0x80+63,0); ++ vlvgg ($H0,$h0,0); ++ risbg ($d1,$h1,38,51,12); ++ vlvgg ($H1,$d0,0); ++ risbg ($d0,$h1,38,63,50); ++ vlvgg ($H2,$d1,0); ++ srlg ($d1,$h1,40); ++ vlvgg ($H3,$d0,0); ++ risbg ($d1,$h2,37,39,24); ++ vlvgg ($H4,$d1,0); ++ ++ lhi ("%r0",1); ++ st ("%r0","24($ctx)"); # set is_base2_26 ++ ++ vstm ($R0,$S4,"48($ctx)"); # save key schedule base 2^26 ++ ++ vpdi ($R0,$R0,$R0,0); # broadcast r^2:r^4 ++ vpdi ($R1,$R1,$R1,0); ++ vpdi ($S1,$S1,$S1,0); ++ vpdi ($R2,$R2,$R2,0); ++ vpdi ($S2,$S2,$S2,0); ++ vpdi ($R3,$R3,$R3,0); ++ vpdi ($S3,$S3,$S3,0); ++ vpdi ($R4,$R4,$R4,0); ++ vpdi ($S4,$S4,$S4,0); ++ ++ j (".Loaded_hash"); ++ ++ALIGN (16); ++LABEL (".Lskip_init"); ++ vllezf ($H0,"0($ctx)"); # load hash base 2^26 ++ vllezf ($H1,"4($ctx)"); ++ vllezf ($H2,"8($ctx)"); ++ vllezf ($H3,"12($ctx)"); ++ vllezf ($H4,"16($ctx)"); ++ ++ vlrepg ($R0,"0x30($ctx)"); # broadcast r^2:r^4 ++ vlrepg ($R1,"0x40($ctx)"); ++ vlrepg ($S1,"0x50($ctx)"); ++ vlrepg ($R2,"0x60($ctx)"); ++ vlrepg ($S2,"0x70($ctx)"); ++ vlrepg ($R3,"0x80($ctx)"); ++ vlrepg ($S3,"0x90($ctx)"); ++ vlrepg ($R4,"0xa0($ctx)"); ++ vlrepg ($S4,"0xb0($ctx)"); ++ ++LABEL (".Loaded_hash"); ++ vzero ($I1); ++ vzero ($I3); ++ ++ vlm ($T1,$T4,"0x00($inp)"); # load first input block ++ la ($inp,"0x40($inp)"); ++ vgmg ($mask26,6,31); ++ vgmf ($I4,5,5); # padbit<<2 ++ ++ vperm ($I0,$T3,$T4,$bswaplo); ++ vperm ($I2,$T3,$T4,$bswapmi); ++ vperm ($T3,$T3,$T4,$bswaphi); ++ ++ verimg ($I1,$I0,$mask26,6); # >>26 ++ veslg ($I0,$I0,32); ++ veslg ($I2,$I2,28); # >>4 ++ verimg ($I3,$T3,$mask26,18); # >>14 ++ verimg ($I4,$T3,$mask26,58); # >>38 ++ vn ($I0,$I0,$mask26); ++ vn ($I2,$I2,$mask26); ++ vesrlf ($I4,$I4,2); # >>2 ++ ++ vgmg ($mask26,38,63); ++ vperm ($T3,$T1,$T2,$bswaplo); ++ vperm ($T4,$T1,$T2,$bswaphi); ++ vperm ($T2,$T1,$T2,$bswapmi); ++ ++ verimg ($I0,$T3,$mask26,0); ++ verimg ($I1,$T3,$mask26,38); # >>26 ++ verimg ($I2,$T2,$mask26,60); # >>4 ++ verimg ($I3,$T4,$mask26,50); # >>14 ++ vesrlg ($T4,$T4,40); ++ vo ($I4,$I4,$T4); ++ ++ srlg ("%r0",$len,6); ++&{$z? \&aghi:\&ahi} ("%r0",-1); ++ ++ALIGN (16); ++LABEL (".Loop_vx"); ++ vmlef ($ACC0,$I0,$R0); ++ vmlef ($ACC1,$I0,$R1); ++ vmlef ($ACC2,$I0,$R2); ++ vmlef ($ACC3,$I0,$R3); ++ vmlef ($ACC4,$I0,$R4); ++ ++ vmalef ($ACC0,$I1,$S4,$ACC0); ++ vmalef ($ACC1,$I1,$R0,$ACC1); ++ vmalef ($ACC2,$I1,$R1,$ACC2); ++ vmalef ($ACC3,$I1,$R2,$ACC3); ++ vmalef ($ACC4,$I1,$R3,$ACC4); ++ ++ vaf ($H2,$H2,$I2); ++ vaf ($H0,$H0,$I0); ++ vaf ($H3,$H3,$I3); ++ vaf ($H1,$H1,$I1); ++ vaf ($H4,$H4,$I4); ++ ++ vmalef ($ACC0,$I2,$S3,$ACC0); ++ vmalef ($ACC1,$I2,$S4,$ACC1); ++ vmalef ($ACC2,$I2,$R0,$ACC2); ++ vmalef ($ACC3,$I2,$R1,$ACC3); ++ vmalef ($ACC4,$I2,$R2,$ACC4); ++ ++ vlm ($T1,$T4,"0x00($inp)"); # load next input block ++ la ($inp,"0x40($inp)"); ++ vgmg ($mask26,6,31); ++ ++ vmalef ($ACC0,$I3,$S2,$ACC0); ++ vmalef ($ACC1,$I3,$S3,$ACC1); ++ vmalef ($ACC2,$I3,$S4,$ACC2); ++ vmalef ($ACC3,$I3,$R0,$ACC3); ++ vmalef ($ACC4,$I3,$R1,$ACC4); ++ ++ vperm ($I0,$T3,$T4,$bswaplo); ++ vperm ($I2,$T3,$T4,$bswapmi); ++ vperm ($T3,$T3,$T4,$bswaphi); ++ ++ vmalef ($ACC0,$I4,$S1,$ACC0); ++ vmalef ($ACC1,$I4,$S2,$ACC1); ++ vmalef ($ACC2,$I4,$S3,$ACC2); ++ vmalef ($ACC3,$I4,$S4,$ACC3); ++ vmalef ($ACC4,$I4,$R0,$ACC4); ++ ++ verimg ($I1,$I0,$mask26,6); # >>26 ++ veslg ($I0,$I0,32); ++ veslg ($I2,$I2,28); # >>4 ++ verimg ($I3,$T3,$mask26,18); # >>14 ++ ++ vmalof ($ACC0,$H0,$R0,$ACC0); ++ vmalof ($ACC1,$H0,$R1,$ACC1); ++ vmalof ($ACC2,$H0,$R2,$ACC2); ++ vmalof ($ACC3,$H0,$R3,$ACC3); ++ vmalof ($ACC4,$H0,$R4,$ACC4); ++ ++ vgmf ($I4,5,5); # padbit<<2 ++ verimg ($I4,$T3,$mask26,58); # >>38 ++ vn ($I0,$I0,$mask26); ++ vn ($I2,$I2,$mask26); ++ vesrlf ($I4,$I4,2); # >>2 ++ ++ vmalof ($ACC0,$H1,$S4,$ACC0); ++ vmalof ($ACC1,$H1,$R0,$ACC1); ++ vmalof ($ACC2,$H1,$R1,$ACC2); ++ vmalof ($ACC3,$H1,$R2,$ACC3); ++ vmalof ($ACC4,$H1,$R3,$ACC4); ++ ++ vgmg ($mask26,38,63); ++ vperm ($T3,$T1,$T2,$bswaplo); ++ vperm ($T4,$T1,$T2,$bswaphi); ++ vperm ($T2,$T1,$T2,$bswapmi); ++ ++ vmalof ($ACC0,$H2,$S3,$ACC0); ++ vmalof ($ACC1,$H2,$S4,$ACC1); ++ vmalof ($ACC2,$H2,$R0,$ACC2); ++ vmalof ($ACC3,$H2,$R1,$ACC3); ++ vmalof ($ACC4,$H2,$R2,$ACC4); ++ ++ verimg ($I0,$T3,$mask26,0); ++ verimg ($I1,$T3,$mask26,38); # >>26 ++ verimg ($I2,$T2,$mask26,60); # >>4 ++ ++ vmalof ($ACC0,$H3,$S2,$ACC0); ++ vmalof ($ACC1,$H3,$S3,$ACC1); ++ vmalof ($ACC2,$H3,$S4,$ACC2); ++ vmalof ($ACC3,$H3,$R0,$ACC3); ++ vmalof ($ACC4,$H3,$R1,$ACC4); ++ ++ verimg ($I3,$T4,$mask26,50); # >>14 ++ vesrlg ($T4,$T4,40); ++ vo ($I4,$I4,$T4); ++ ++ vmalof ($ACC0,$H4,$S1,$ACC0); ++ vmalof ($ACC1,$H4,$S2,$ACC1); ++ vmalof ($ACC2,$H4,$S3,$ACC2); ++ vmalof ($ACC3,$H4,$S4,$ACC3); ++ vmalof ($ACC4,$H4,$R0,$ACC4); ++ ++ ################################################################ ++ # lazy reduction as discussed in "NEON crypto" by D.J. Bernstein ++ # and P. Schwabe ++ ++ vesrlg ($H4,$ACC3,26); ++ vesrlg ($H1,$ACC0,26); ++ vn ($H3,$ACC3,$mask26); ++ vn ($H0,$ACC0,$mask26); ++ vag ($H4,$H4,$ACC4); # h3 -> h4 ++ vag ($H1,$H1,$ACC1); # h0 -> h1 ++ ++ vesrlg ($ACC4,$H4,26); ++ vesrlg ($ACC1,$H1,26); ++ vn ($H4,$H4,$mask26); ++ vn ($H1,$H1,$mask26); ++ vag ($H0,$H0,$ACC4); ++ vag ($H2,$ACC2,$ACC1); # h1 -> h2 ++ ++ veslg ($ACC4,$ACC4,2); # <<2 ++ vesrlg ($ACC2,$H2,26); ++ vn ($H2,$H2,$mask26); ++ vag ($H0,$H0,$ACC4); # h4 -> h0 ++ vag ($H3,$H3,$ACC2); # h2 -> h3 ++ ++ vesrlg ($ACC0,$H0,26); ++ vesrlg ($ACC3,$H3,26); ++ vn ($H0,$H0,$mask26); ++ vn ($H3,$H3,$mask26); ++ vag ($H1,$H1,$ACC0); # h0 -> h1 ++ vag ($H4,$H4,$ACC3); # h3 -> h4 ++ ++&{$z? \&brctg:\&brct} ("%r0",".Loop_vx"); ++ ++ vlm ($R0,$S4,"48($ctx)"); # load all powers ++ ++ lghi ("%r0",0x30); ++&{$z? \&lcgr:\&lcr} ($len,$len); ++&{$z? \&ngr:\&nr} ($len,"%r0"); ++&{$z? \&slgr:\&slr} ($inp,$len); ++ ++LABEL (".Last"); ++ vmlef ($ACC0,$I0,$R0); ++ vmlef ($ACC1,$I0,$R1); ++ vmlef ($ACC2,$I0,$R2); ++ vmlef ($ACC3,$I0,$R3); ++ vmlef ($ACC4,$I0,$R4); ++ ++ vmalef ($ACC0,$I1,$S4,$ACC0); ++ vmalef ($ACC1,$I1,$R0,$ACC1); ++ vmalef ($ACC2,$I1,$R1,$ACC2); ++ vmalef ($ACC3,$I1,$R2,$ACC3); ++ vmalef ($ACC4,$I1,$R3,$ACC4); ++ ++ vaf ($H0,$H0,$I0); ++ vaf ($H1,$H1,$I1); ++ vaf ($H2,$H2,$I2); ++ vaf ($H3,$H3,$I3); ++ vaf ($H4,$H4,$I4); ++ ++ vmalef ($ACC0,$I2,$S3,$ACC0); ++ vmalef ($ACC1,$I2,$S4,$ACC1); ++ vmalef ($ACC2,$I2,$R0,$ACC2); ++ vmalef ($ACC3,$I2,$R1,$ACC3); ++ vmalef ($ACC4,$I2,$R2,$ACC4); ++ ++ vmalef ($ACC0,$I3,$S2,$ACC0); ++ vmalef ($ACC1,$I3,$S3,$ACC1); ++ vmalef ($ACC2,$I3,$S4,$ACC2); ++ vmalef ($ACC3,$I3,$R0,$ACC3); ++ vmalef ($ACC4,$I3,$R1,$ACC4); ++ ++ vmalef ($ACC0,$I4,$S1,$ACC0); ++ vmalef ($ACC1,$I4,$S2,$ACC1); ++ vmalef ($ACC2,$I4,$S3,$ACC2); ++ vmalef ($ACC3,$I4,$S4,$ACC3); ++ vmalef ($ACC4,$I4,$R0,$ACC4); ++ ++ vmalof ($ACC0,$H0,$R0,$ACC0); ++ vmalof ($ACC1,$H0,$R1,$ACC1); ++ vmalof ($ACC2,$H0,$R2,$ACC2); ++ vmalof ($ACC3,$H0,$R3,$ACC3); ++ vmalof ($ACC4,$H0,$R4,$ACC4); ++ ++ vmalof ($ACC0,$H1,$S4,$ACC0); ++ vmalof ($ACC1,$H1,$R0,$ACC1); ++ vmalof ($ACC2,$H1,$R1,$ACC2); ++ vmalof ($ACC3,$H1,$R2,$ACC3); ++ vmalof ($ACC4,$H1,$R3,$ACC4); ++ ++ vmalof ($ACC0,$H2,$S3,$ACC0); ++ vmalof ($ACC1,$H2,$S4,$ACC1); ++ vmalof ($ACC2,$H2,$R0,$ACC2); ++ vmalof ($ACC3,$H2,$R1,$ACC3); ++ vmalof ($ACC4,$H2,$R2,$ACC4); ++ ++ vmalof ($ACC0,$H3,$S2,$ACC0); ++ vmalof ($ACC1,$H3,$S3,$ACC1); ++ vmalof ($ACC2,$H3,$S4,$ACC2); ++ vmalof ($ACC3,$H3,$R0,$ACC3); ++ vmalof ($ACC4,$H3,$R1,$ACC4); ++ ++ vmalof ($ACC0,$H4,$S1,$ACC0); ++ vmalof ($ACC1,$H4,$S2,$ACC1); ++ vmalof ($ACC2,$H4,$S3,$ACC2); ++ vmalof ($ACC3,$H4,$S4,$ACC3); ++ vmalof ($ACC4,$H4,$R0,$ACC4); ++ ++ ################################################################ ++ # horizontal addition ++ ++ vzero ($H0); ++ vsumqg ($ACC0,$ACC0,$H0); ++ vsumqg ($ACC1,$ACC1,$H0); ++ vsumqg ($ACC2,$ACC2,$H0); ++ vsumqg ($ACC3,$ACC3,$H0); ++ vsumqg ($ACC4,$ACC4,$H0); ++ ++ ################################################################ ++ # lazy reduction ++ ++ vesrlg ($H4,$ACC3,26); ++ vesrlg ($H1,$ACC0,26); ++ vn ($H3,$ACC3,$mask26); ++ vn ($H0,$ACC0,$mask26); ++ vag ($H4,$H4,$ACC4); # h3 -> h4 ++ vag ($H1,$H1,$ACC1); # h0 -> h1 ++ ++ vesrlg ($ACC4,$H4,26); ++ vesrlg ($ACC1,$H1,26); ++ vn ($H4,$H4,$mask26); ++ vn ($H1,$H1,$mask26); ++ vag ($H0,$H0,$ACC4); ++ vag ($H2,$ACC2,$ACC1); # h1 -> h2 ++ ++ veslg ($ACC4,$ACC4,2); # <<2 ++ vesrlg ($ACC2,$H2,26); ++ vn ($H2,$H2,$mask26); ++ vag ($H0,$H0,$ACC4); # h4 -> h0 ++ vag ($H3,$H3,$ACC2); # h2 -> h3 ++ ++ vesrlg ($ACC0,$H0,26); ++ vesrlg ($ACC3,$H3,26); ++ vn ($H0,$H0,$mask26); ++ vn ($H3,$H3,$mask26); ++ vag ($H1,$H1,$ACC0); # h0 -> h1 ++ vag ($H4,$H4,$ACC3); # h3 -> h4 ++ ++&{$z? \&clgfi:\&clfi} ($len,0); ++ je (".Ldone"); ++ ++ vlm ($T1,$T4,"0x00($inp)"); # load last partial block ++ vgmg ($mask26,6,31); ++ vgmf ($I4,5,5); # padbit<<2 ++ ++ vperm ($I0,$T3,$T4,$bswaplo); ++ vperm ($I2,$T3,$T4,$bswapmi); ++ vperm ($T3,$T3,$T4,$bswaphi); ++ ++ vl ($ACC0,"0x30($len,%r1)"); # borrow $ACC0,1 ++ vl ($ACC1,"0x60($len,%r1)"); ++ ++ verimg ($I1,$I0,$mask26,6); # >>26 ++ veslg ($I0,$I0,32); ++ veslg ($I2,$I2,28); # >>4 ++ verimg ($I3,$T3,$mask26,18); # >>14 ++ verimg ($I4,$T3,$mask26,58); # >>38 ++ vn ($I0,$I0,$mask26); ++ vn ($I2,$I2,$mask26); ++ vesrlf ($I4,$I4,2); # >>2 ++ ++ vgmg ($mask26,38,63); ++ vperm ($T3,$T1,$T2,$bswaplo); ++ vperm ($T4,$T1,$T2,$bswaphi); ++ vperm ($T2,$T1,$T2,$bswapmi); ++ ++ verimg ($I0,$T3,$mask26,0); ++ verimg ($I1,$T3,$mask26,38); # >>26 ++ verimg ($I2,$T2,$mask26,60); # >>4 ++ verimg ($I3,$T4,$mask26,50); # >>14 ++ vesrlg ($T4,$T4,40); ++ vo ($I4,$I4,$T4); ++ ++ vperm ($H0,$H0,$H0,$ACC0); # move hash to right lane ++ vn ($I0,$I0,$ACC1); # mask redundant lane[s] ++ vperm ($H1,$H1,$H1,$ACC0); ++ vn ($I1,$I1,$ACC1); ++ vperm ($H2,$H2,$H2,$ACC0); ++ vn ($I2,$I2,$ACC1); ++ vperm ($H3,$H3,$H3,$ACC0); ++ vn ($I3,$I3,$ACC1); ++ vperm ($H4,$H4,$H4,$ACC0); ++ vn ($I4,$I4,$ACC1); ++ ++ vaf ($I0,$I0,$H0); # accumulate hash ++ vzero ($H0); # wipe hash value ++ vaf ($I1,$I1,$H1); ++ vzero ($H1); ++ vaf ($I2,$I2,$H2); ++ vzero ($H2); ++ vaf ($I3,$I3,$H3); ++ vzero ($H3); ++ vaf ($I4,$I4,$H4); ++ vzero ($H4); ++ ++&{$z? \&lghi:\&lhi} ($len,0); ++ j (".Last"); ++ # I don't bother to tell apart cases when only one multiplication ++ # pass is sufficient, because I argue that mispredicted branch ++ # penalties are comparable to overhead of sometimes redundant ++ # multiplication pass... ++ ++LABEL (".Ldone"); ++ vstef ($H0,"0($ctx)",3); # store hash base 2^26 ++ vstef ($H1,"4($ctx)",3); ++ vstef ($H2,"8($ctx)",3); ++ vstef ($H3,"12($ctx)",3); ++ vstef ($H4,"16($ctx)",3); ++ ++if ($z) { ++ ld ("%f8","$stdframe+0*8($sp)"); ++ ld ("%f9","$stdframe+1*8($sp)"); ++ ld ("%f10","$stdframe+2*8($sp)"); ++ ld ("%f11","$stdframe+3*8($sp)"); ++ ld ("%f12","$stdframe+4*8($sp)"); ++ ld ("%f13","$stdframe+5*8($sp)"); ++ ld ("%f14","$stdframe+6*8($sp)"); ++ ld ("%f15","$stdframe+7*8($sp)"); ++&{$z? \&lmg:\&lm} ("%r10","%r15","$stdframe+8*8+10*$SIZE_T($sp)"); ++} else { ++ ld ("%f4","$stdframe+16*$SIZE_T+2*8($sp)"); ++ ld ("%f6","$stdframe+16*$SIZE_T+3*8($sp)"); ++&{$z? \&lmg:\&lm} ("%r10","%r15","$stdframe+10*$SIZE_T($sp)"); ++} ++ br ("%r14"); ++SIZE ("__poly1305_blocks_vx",".-__poly1305_blocks_vx"); ++} ++ ++################ ++# static void poly1305_emit(void *ctx, unsigned char mac[16], ++# const u32 nonce[4]) + { + my ($mac,$nonce)=($inp,$len); +-my ($h0,$h1,$h2,$d0,$d1)=map("%r$_",(5..9)); ++my ($h0,$h1,$h2,$d0,$d1,$d2)=map("%r$_",(5..10)); + +-$code.=<<___; +-.globl poly1305_emit +-.type poly1305_emit,\@function +-.align 16 +-poly1305_emit: +- stm${g} %r6,%r9,`6*$SIZE_T`($sp) +- +- lg $h0,0($ctx) +- lg $h1,8($ctx) +- lg $h2,16($ctx) +- +- lghi %r0,5 +- lghi %r1,0 +- lgr $d0,$h0 +- lgr $d1,$h1 +- +- algr $h0,%r0 # compare to modulus +- alcgr $h1,%r1 +- alcgr $h2,%r1 +- +- srlg $h2,$h2,2 # did it borrow/carry? +- slgr %r1,$h2 # 0-$h2>>2 +- lg $h2,0($nonce) # load nonce +- lghi %r0,-1 +- lg $ctx,8($nonce) +- xgr %r0,%r1 # ~%r1 +- +- ngr $h0,%r1 +- ngr $d0,%r0 +- ngr $h1,%r1 +- ngr $d1,%r0 +- ogr $h0,$d0 +- rllg $d0,$h2,32 # flip nonce words +- ogr $h1,$d1 +- rllg $d1,$ctx,32 +- +- algr $h0,$d0 # accumulate nonce +- alcgr $h1,$d1 +- +- strvg $h0,0($mac) # write little-endian result +- strvg $h1,8($mac) +- +- lm${g} %r6,%r9,`6*$SIZE_T`($sp) +- br %r14 +-.size poly1305_emit,.-poly1305_emit +- +-.string "Poly1305 for s390x, CRYPTOGAMS by " +-___ ++GLOBL ("poly1305_emit"); ++TYPE ("poly1305_emit","\@function"); ++ALIGN (16); ++LABEL ("poly1305_emit"); ++LABEL (".Lpoly1305_emit"); ++&{$z? \&stmg:\&stm} ("%r6","%r10","6*$SIZE_T($sp)"); ++ ++ lg ($d0,"0($ctx)"); ++ lg ($d1,"8($ctx)"); ++ lg ($d2,"16($ctx)"); ++ ++ llgfr ("%r0",$d0); # base 2^26 -> base 2^64 ++ srlg ($h0,$d0,32); ++ llgfr ("%r1",$d1); ++ srlg ($h1,$d1,32); ++ srlg ($h2,$d2,32); ++ ++ sllg ("%r0","%r0",26); ++ algr ($h0,"%r0"); ++ sllg ("%r0",$h1,52); ++ srlg ($h1,$h1,12); ++ sllg ("%r1","%r1",14); ++ algr ($h0,"%r0"); ++ alcgr ($h1,"%r1"); ++ sllg ("%r0",$h2,40); ++ srlg ($h2,$h2,24); ++ lghi ("%r1",0); ++ algr ($h1,"%r0"); ++ alcgr ($h2,"%r1"); ++ ++ llgf ("%r0","24($ctx)"); # is_base2_26 ++ lcgr ("%r0","%r0"); ++ ++ xgr ($h0,$d0); # choose between radixes ++ xgr ($h1,$d1); ++ xgr ($h2,$d2); ++ ngr ($h0,"%r0"); ++ ngr ($h1,"%r0"); ++ ngr ($h2,"%r0"); ++ xgr ($h0,$d0); ++ xgr ($h1,$d1); ++ xgr ($h2,$d2); ++ ++ lghi ("%r0",5); ++ lgr ($d0,$h0); ++ lgr ($d1,$h1); ++ ++ algr ($h0,"%r0"); # compare to modulus ++ alcgr ($h1,"%r1"); ++ alcgr ($h2,"%r1"); ++ ++ srlg ($h2,$h2,2); # did it borrow/carry? ++ slgr ("%r1",$h2); # 0-$h2>>2 ++ lg ($d2,"0($nonce)"); # load nonce ++ lg ($ctx,"8($nonce)"); ++ ++ xgr ($h0,$d0); ++ xgr ($h1,$d1); ++ ngr ($h0,"%r1"); ++ ngr ($h1,"%r1"); ++ xgr ($h0,$d0); ++ rllg ($d0,$d2,32); # flip nonce words ++ xgr ($h1,$d1); ++ rllg ($d1,$ctx,32); ++ ++ algr ($h0,$d0); # accumulate nonce ++ alcgr ($h1,$d1); ++ ++ strvg ($h0,"0($mac)"); # write little-endian result ++ strvg ($h1,"8($mac)"); ++ ++&{$z? \&lmg:\&lm} ("%r6","%r10","6*$SIZE_T($sp)"); ++ br ("%r14"); ++SIZE ("poly1305_emit",".-poly1305_emit"); + } + +-$code =~ s/\`([^\`]*)\`/eval $1/gem; +-$code =~ s/\b(srlg\s+)(%r[0-9]+\s*,)\s*([0-9]+)/$1$2$2$3/gm; ++################ ++ ++ALIGN (16); ++LABEL (".Lconst"); ++LONG (0x04050607,0x14151617,0x0c0d0e0f,0x1c1d1e1f); # merge odd ++LONG (0x07060504,0x03020100,0x17161514,0x13121110); # byte swap masks ++LONG (0x0f0e0d0c,0x0b0a0908,0x1f1e1d1c,0x1b1a1918); ++LONG (0x00000000,0x09080706,0x00000000,0x19181716); ++ ++LONG (0x00000000,0x00000000,0x00000000,0x0c0d0e0f); # magic tail masks ++LONG (0x0c0d0e0f,0x00000000,0x00000000,0x00000000); ++LONG (0x00000000,0x00000000,0x0c0d0e0f,0x00000000); ++ ++LONG (0xffffffff,0x00000000,0xffffffff,0xffffffff); ++LONG (0xffffffff,0x00000000,0xffffffff,0x00000000); ++LONG (0x00000000,0x00000000,0xffffffff,0x00000000); ++ ++STRING ("\"Poly1305 for s390x, CRYPTOGAMS by \""); + +-print $code; +-close STDOUT or die "error closing STDOUT: $!"; ++PERLASM_END(); +diff -up openssl-1.1.1e/crypto/poly1305/build.info.s390x-update openssl-1.1.1e/crypto/poly1305/build.info +--- openssl-1.1.1e/crypto/poly1305/build.info.s390x-update 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/poly1305/build.info 2020-03-19 16:20:22.042227342 +0100 +@@ -18,6 +18,7 @@ INCLUDE[poly1305-armv8.o]=.. + GENERATE[poly1305-mips.S]=asm/poly1305-mips.pl $(PERLASM_SCHEME) + INCLUDE[poly1305-mips.o]=.. + GENERATE[poly1305-s390x.S]=asm/poly1305-s390x.pl $(PERLASM_SCHEME) ++INCLUDE[poly1305-s390x.o]=.. + + BEGINRAW[Makefile(unix)] + {- $builddir -}/poly1305-%.S: {- $sourcedir -}/asm/poly1305-%.pl diff --git a/openssl-1.1.1-seclevel.patch b/openssl-1.1.1-seclevel.patch new file mode 100644 index 0000000..c6751a5 --- /dev/null +++ b/openssl-1.1.1-seclevel.patch @@ -0,0 +1,160 @@ +diff -up openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1g/crypto/x509/x509_vfy.c +--- openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/crypto/x509/x509_vfy.c 2020-06-05 17:16:54.835536823 +0200 +@@ -3225,6 +3225,7 @@ static int build_chain(X509_STORE_CTX *c + } + + static const int minbits_table[] = { 80, 112, 128, 192, 256 }; ++static const int minbits_digest_table[] = { 80, 80, 128, 192, 256 }; + static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table); + + /* +@@ -3276,6 +3277,11 @@ static int check_sig_level(X509_STORE_CT + + if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL)) + return 0; +- +- return secbits >= minbits_table[level - 1]; ++ /* ++ * Allow SHA1 in SECLEVEL 2 in non-FIPS mode or when the magic ++ * disable SHA1 flag is not set. ++ */ ++ if ((ctx->param->flags & 0x40000000) || FIPS_mode()) ++ return secbits >= minbits_table[level - 1]; ++ return secbits >= minbits_digest_table[level - 1]; + } +diff -up openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod +--- openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod 2020-06-04 15:48:01.608178833 +0200 +@@ -81,8 +81,10 @@ using MD5 for the MAC is also prohibited + + =item B + +-Security level set to 112 bits of security. As a result RSA, DSA and DH keys +-shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. ++Security level set to 112 bits of security with the exception of SHA1 allowed ++for signatures. ++As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys ++shorter than 224 bits are prohibited. + In addition to the level 1 exclusions any cipher suite using RC4 is also + prohibited. SSL version 3 is also not allowed. Compression is disabled. + +diff -up openssl-1.1.1g/ssl/ssl_cert.c.seclevel openssl-1.1.1g/ssl/ssl_cert.c +--- openssl-1.1.1g/ssl/ssl_cert.c.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/ssl/ssl_cert.c 2020-06-05 17:10:11.842198401 +0200 +@@ -27,6 +27,7 @@ + static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, + int op, int bits, int nid, void *other, + void *ex); ++static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx); + + static CRYPTO_ONCE ssl_x509_store_ctx_once = CRYPTO_ONCE_STATIC_INIT; + static volatile int ssl_x509_store_ctx_idx = -1; +@@ -396,7 +397,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_ + X509_VERIFY_PARAM_set_auth_level(param, SSL_get_security_level(s)); + + /* Set suite B flags if needed */ +- X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s)); ++ X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s) | sha1_disable(s, NULL)); + if (!X509_STORE_CTX_set_ex_data + (ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s)) { + goto end; +@@ -953,12 +954,33 @@ static int ssl_security_default_callback + return 0; + break; + default: ++ /* allow SHA1 in SECLEVEL 2 in non FIPS mode */ ++ if (nid == NID_sha1 && minbits == 112 && !sha1_disable(s, ctx)) ++ break; + if (bits < minbits) + return 0; + } + return 1; + } + ++static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx) ++{ ++ unsigned long ret = 0x40000000; /* a magical internal value used by X509_VERIFY_PARAM */ ++ const CERT *c; ++ ++ if (FIPS_mode()) ++ return ret; ++ ++ if (ctx != NULL) { ++ c = ctx->cert; ++ } else { ++ c = s->cert; ++ } ++ if (tls1_cert_sigalgs_have_sha1(c)) ++ return 0; ++ return ret; ++} ++ + int ssl_security(const SSL *s, int op, int bits, int nid, void *other) + { + return s->cert->sec_cb(s, NULL, op, bits, nid, other, s->cert->sec_ex); +diff -up openssl-1.1.1g/ssl/ssl_local.h.seclevel openssl-1.1.1g/ssl/ssl_local.h +--- openssl-1.1.1g/ssl/ssl_local.h.seclevel 2020-06-04 15:48:01.602178783 +0200 ++++ openssl-1.1.1g/ssl/ssl_local.h 2020-06-05 17:02:22.666313410 +0200 +@@ -2576,6 +2576,7 @@ __owur int tls1_save_sigalgs(SSL *s, PAC + __owur int tls1_process_sigalgs(SSL *s); + __owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey); + __owur int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd); ++int tls1_cert_sigalgs_have_sha1(const CERT *c); + __owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs); + # ifndef OPENSSL_NO_EC + __owur int tls_check_sigalg_curve(const SSL *s, int curve); +diff -up openssl-1.1.1g/ssl/t1_lib.c.seclevel openssl-1.1.1g/ssl/t1_lib.c +--- openssl-1.1.1g/ssl/t1_lib.c.seclevel 2020-06-04 15:48:01.654179221 +0200 ++++ openssl-1.1.1g/ssl/t1_lib.c 2020-06-05 17:02:40.268459157 +0200 +@@ -2145,6 +2145,36 @@ int tls1_set_sigalgs(CERT *c, const int + return 0; + } + ++static int tls1_sigalgs_have_sha1(const uint16_t *sigalgs, size_t sigalgslen) ++{ ++ size_t i; ++ ++ for (i = 0; i < sigalgslen; i++, sigalgs++) { ++ const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(*sigalgs); ++ ++ if (lu == NULL) ++ continue; ++ if (lu->hash == NID_sha1) ++ return 1; ++ } ++ return 0; ++} ++ ++ ++int tls1_cert_sigalgs_have_sha1(const CERT *c) ++{ ++ if (c->client_sigalgs != NULL) { ++ if (tls1_sigalgs_have_sha1(c->client_sigalgs, c->client_sigalgslen)) ++ return 1; ++ } ++ if (c->conf_sigalgs != NULL) { ++ if (tls1_sigalgs_have_sha1(c->conf_sigalgs, c->conf_sigalgslen)) ++ return 1; ++ return 0; ++ } ++ return 1; ++} ++ + static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid) + { + int sig_nid, use_pc_sigalgs = 0; +diff -up openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel openssl-1.1.1g/test/recipes/25-test_verify.t +--- openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel 2020-04-21 14:22:39.000000000 +0200 ++++ openssl-1.1.1g/test/recipes/25-test_verify.t 2020-06-04 15:48:01.608178833 +0200 +@@ -346,8 +346,8 @@ ok(verify("ee-pss-sha1-cert", "sslserver + ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ), + "CA with PSS signature using SHA256"); + +-ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), +- "Reject PSS signature using SHA1 and auth level 2"); ++ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "3"), ++ "Reject PSS signature using SHA1 and auth level 3"); + + ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), + "PSS signature using SHA256 and auth level 2"); diff --git a/openssl-1.1.1-ssh-kdf.patch b/openssl-1.1.1-ssh-kdf.patch new file mode 100644 index 0000000..1bf71c4 --- /dev/null +++ b/openssl-1.1.1-ssh-kdf.patch @@ -0,0 +1,5612 @@ +commit 1e662a43f0420cfdc40d01cd70c27fa1c220a57e +Author: Simo Sorce +Date: Wed Sep 19 16:23:45 2018 -0400 + + Implement SSH KDF + + SSH's KDF is defined in RFC 4253 in Section 7.2 + + Signed-off-by: Simo Sorce + + Reviewed-by: Paul Dale + Reviewed-by: Matt Caswell + (Merged from https://github.com/openssl/openssl/pull/7290) + +diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt +index ae67dac7f6..e7ed2f8d63 100644 +--- a/crypto/err/openssl.txt ++++ b/crypto/err/openssl.txt +@@ -828,6 +828,10 @@ KDF_F_KDF_SCRYPT_CTRL_UINT32:121:kdf_scrypt_ctrl_uint32 + KDF_F_KDF_SCRYPT_CTRL_UINT64:122:kdf_scrypt_ctrl_uint64 + KDF_F_KDF_SCRYPT_DERIVE:123:kdf_scrypt_derive + KDF_F_KDF_SCRYPT_NEW:124:kdf_scrypt_new ++KDF_F_KDF_SSHKDF_CTRL:130:kdf_sshkdf_ctrl ++KDF_F_KDF_SSHKDF_CTRL_STR:131:kdf_sshkdf_ctrl_str ++KDF_F_KDF_SSHKDF_DERIVE:132:kdf_sshkdf_derive ++KDF_F_KDF_SSHKDF_NEW:133:kdf_sshkdf_new + KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str + KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive + KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new +@@ -2320,6 +2324,9 @@ KDF_R_MISSING_PASS:110:missing pass + KDF_R_MISSING_SALT:111:missing salt + KDF_R_MISSING_SECRET:107:missing secret + KDF_R_MISSING_SEED:106:missing seed ++KDF_R_MISSING_SESSION_ID:113:missing session id ++KDF_R_MISSING_TYPE:114:missing type ++KDF_R_MISSING_XCGHASH:115:missing xcghash + KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type + KDF_R_VALUE_ERROR:108:value error + KDF_R_VALUE_MISSING:102:value missing +diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c +index 05f5cec3a9..811fe727f6 100644 +--- a/crypto/evp/kdf_lib.c ++++ b/crypto/evp/kdf_lib.c +@@ -29,7 +29,8 @@ static const EVP_KDF_METHOD *standard_methods[] = { + &scrypt_kdf_meth, + #endif + &tls1_prf_kdf_meth, +- &hkdf_kdf_meth ++ &hkdf_kdf_meth, ++ &sshkdf_kdf_meth, + }; + + DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, +diff --git a/include/crypto/evp.h b/include/crypto/evp.h +index a109e561b3..8c313c65ac 100644 +--- a/include/crypto/evp.h ++++ b/include/crypto/evp.h +@@ -129,6 +129,7 @@ extern const EVP_KDF_METHOD pbkdf2_kdf_meth; + extern const EVP_KDF_METHOD scrypt_kdf_meth; + extern const EVP_KDF_METHOD tls1_prf_kdf_meth; + extern const EVP_KDF_METHOD hkdf_kdf_meth; ++extern const EVP_KDF_METHOD sshkdf_kdf_meth; + + struct evp_md_st { + int type; +diff --git a/crypto/kdf/build.info b/crypto/kdf/build.info +index dce960e9e1..f483c779dd 100644 +--- a/crypto/kdf/build.info ++++ b/crypto/kdf/build.info +@@ -1,3 +1,3 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ +- tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c ++ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c +diff --git a/crypto/kdf/kdf_err.c b/crypto/kdf/kdf_err.c +index b2a0c0ebfc..b4678775dd 100644 +--- a/crypto/kdf/kdf_err.c ++++ b/crypto/kdf/kdf_err.c +@@ -31,6 +31,11 @@ static const ERR_STRING_DATA KDF_str_functs[] = { + "kdf_scrypt_ctrl_uint64"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_DERIVE, 0), "kdf_scrypt_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_NEW, 0), "kdf_scrypt_new"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_CTRL, 0), "kdf_sshkdf_ctrl"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_CTRL_STR, 0), ++ "kdf_sshkdf_ctrl_str"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_DERIVE, 0), "kdf_sshkdf_derive"}, ++ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_NEW, 0), "kdf_sshkdf_new"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_CTRL_STR, 0), + "kdf_tls1_prf_ctrl_str"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_DERIVE, 0), +@@ -70,6 +75,9 @@ static const ERR_STRING_DATA KDF_str_reasons[] = { + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SALT), "missing salt"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SESSION_ID), "missing session id"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_TYPE), "missing type"}, ++ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_XCGHASH), "missing xcghash"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE), + "unknown parameter type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, +diff --git a/crypto/kdf/sshkdf.c b/crypto/kdf/sshkdf.c +new file mode 100644 +index 0000000000..24f37cbed4 +--- /dev/null ++++ b/crypto/kdf/sshkdf.c +@@ -0,0 +1,288 @@ ++/* ++ * Copyright 2018-2018 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the OpenSSL license (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include "internal/cryptlib.h" ++#include "crypto/evp.h" ++#include "kdf_local.h" ++ ++/* See RFC 4253, Section 7.2 */ ++ ++static void kdf_sshkdf_reset(EVP_KDF_IMPL *impl); ++static int SSHKDF(const EVP_MD *evp_md, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *xcghash, size_t xcghash_len, ++ const unsigned char *session_id, size_t session_id_len, ++ char type, unsigned char *okey, size_t okey_len); ++ ++struct evp_kdf_impl_st { ++ const EVP_MD *md; ++ unsigned char *key; /* K */ ++ size_t key_len; ++ unsigned char *xcghash; /* H */ ++ size_t xcghash_len; ++ char type; /* X */ ++ unsigned char *session_id; ++ size_t session_id_len; ++}; ++ ++static EVP_KDF_IMPL *kdf_sshkdf_new(void) ++{ ++ EVP_KDF_IMPL *impl; ++ ++ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) ++ KDFerr(KDF_F_KDF_SSHKDF_NEW, ERR_R_MALLOC_FAILURE); ++ return impl; ++} ++ ++static void kdf_sshkdf_free(EVP_KDF_IMPL *impl) ++{ ++ kdf_sshkdf_reset(impl); ++ OPENSSL_free(impl); ++} ++ ++static void kdf_sshkdf_reset(EVP_KDF_IMPL *impl) ++{ ++ OPENSSL_clear_free(impl->key, impl->key_len); ++ OPENSSL_clear_free(impl->xcghash, impl->xcghash_len); ++ OPENSSL_clear_free(impl->session_id, impl->session_id_len); ++ memset(impl, 0, sizeof(*impl)); ++} ++ ++static int kdf_sshkdf_parse_buffer_arg(unsigned char **dst, size_t *dst_len, ++ va_list args) ++{ ++ const unsigned char *p; ++ size_t len; ++ ++ p = va_arg(args, const unsigned char *); ++ len = va_arg(args, size_t); ++ OPENSSL_clear_free(*dst, *dst_len); ++ *dst = OPENSSL_memdup(p, len); ++ if (*dst == NULL) ++ return 0; ++ ++ *dst_len = len; ++ return 1; ++} ++ ++static int kdf_sshkdf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) ++{ ++ int t; ++ ++ switch (cmd) { ++ case EVP_KDF_CTRL_SET_MD: ++ impl->md = va_arg(args, const EVP_MD *); ++ if (impl->md == NULL) ++ return 0; ++ ++ return 1; ++ ++ case EVP_KDF_CTRL_SET_KEY: ++ return kdf_sshkdf_parse_buffer_arg(&impl->key, ++ &impl->key_len, args); ++ ++ case EVP_KDF_CTRL_SET_SSHKDF_XCGHASH: ++ return kdf_sshkdf_parse_buffer_arg(&impl->xcghash, ++ &impl->xcghash_len, args); ++ ++ case EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID: ++ return kdf_sshkdf_parse_buffer_arg(&impl->session_id, ++ &impl->session_id_len, args); ++ ++ case EVP_KDF_CTRL_SET_SSHKDF_TYPE: ++ t = va_arg(args, int); ++ if (t < 65 || t > 70) { ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ++ impl->type = (char)t; ++ return 1; ++ ++ default: ++ return -2; ++ ++ } ++} ++ ++static int kdf_sshkdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, ++ const char *value) ++{ ++ if (value == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_MISSING); ++ return 0; ++ } ++ ++ if (strcmp(type, "md") == 0) ++ return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ ++ if (strcmp(type, "key") == 0) ++ return kdf_str2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "hexkey") == 0) ++ return kdf_hex2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_KEY, value); ++ ++ if (strcmp(type, "xcghash") == 0) ++ return kdf_str2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_SSHKDF_XCGHASH, value); ++ ++ if (strcmp(type, "hexxcghash") == 0) ++ return kdf_hex2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_SSHKDF_XCGHASH, value); ++ ++ if (strcmp(type, "session_id") == 0) ++ return kdf_str2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID, value); ++ ++ if (strcmp(type, "hexsession_id") == 0) ++ return kdf_hex2ctrl(impl, kdf_sshkdf_ctrl, ++ EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID, value); ++ ++ if (strcmp(type, "type") == 0) { ++ if (strlen(value) != 1) { ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_ERROR); ++ return 0; ++ } ++ ++ return call_ctrl(kdf_sshkdf_ctrl, impl, EVP_KDF_CTRL_SET_SSHKDF_TYPE, ++ (int)value[0]); ++ } ++ ++ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); ++ return -2; ++} ++ ++static size_t kdf_sshkdf_size(EVP_KDF_IMPL *impl) ++{ ++ return SIZE_MAX; ++} ++ ++static int kdf_sshkdf_derive(EVP_KDF_IMPL *impl, unsigned char *key, ++ size_t keylen) ++{ ++ if (impl->md == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); ++ return 0; ++ } ++ if (impl->key == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_KEY); ++ return 0; ++ } ++ if (impl->xcghash == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_XCGHASH); ++ return 0; ++ } ++ if (impl->session_id == NULL) { ++ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_SESSION_ID); ++ return 0; ++ } ++ if (impl->type == 0) { ++ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_TYPE); ++ return 0; ++ } ++ return SSHKDF(impl->md, impl->key, impl->key_len, ++ impl->xcghash, impl->xcghash_len, ++ impl->session_id, impl->session_id_len, ++ impl->type, key, keylen); ++} ++ ++const EVP_KDF_METHOD sshkdf_kdf_meth = { ++ EVP_KDF_SSHKDF, ++ kdf_sshkdf_new, ++ kdf_sshkdf_free, ++ kdf_sshkdf_reset, ++ kdf_sshkdf_ctrl, ++ kdf_sshkdf_ctrl_str, ++ kdf_sshkdf_size, ++ kdf_sshkdf_derive, ++}; ++ ++static int SSHKDF(const EVP_MD *evp_md, ++ const unsigned char *key, size_t key_len, ++ const unsigned char *xcghash, size_t xcghash_len, ++ const unsigned char *session_id, size_t session_id_len, ++ char type, unsigned char *okey, size_t okey_len) ++{ ++ EVP_MD_CTX *md = NULL; ++ unsigned char digest[EVP_MAX_MD_SIZE]; ++ unsigned int dsize = 0; ++ size_t cursize = 0; ++ int ret = 0; ++ ++ md = EVP_MD_CTX_new(); ++ if (md == NULL) ++ return 0; ++ ++ if (!EVP_DigestInit_ex(md, evp_md, NULL)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, key, key_len)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, xcghash, xcghash_len)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, &type, 1)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, session_id, session_id_len)) ++ goto out; ++ ++ if (!EVP_DigestFinal_ex(md, digest, &dsize)) ++ goto out; ++ ++ if (okey_len < dsize) { ++ memcpy(okey, digest, okey_len); ++ ret = 1; ++ goto out; ++ } ++ ++ memcpy(okey, digest, dsize); ++ ++ for (cursize = dsize; cursize < okey_len; cursize += dsize) { ++ ++ if (!EVP_DigestInit_ex(md, evp_md, NULL)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, key, key_len)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, xcghash, xcghash_len)) ++ goto out; ++ ++ if (!EVP_DigestUpdate(md, okey, cursize)) ++ goto out; ++ ++ if (!EVP_DigestFinal_ex(md, digest, &dsize)) ++ goto out; ++ ++ if (okey_len < cursize + dsize) { ++ memcpy(okey + cursize, digest, okey_len - cursize); ++ ret = 1; ++ goto out; ++ } ++ ++ memcpy(okey + cursize, digest, dsize); ++ } ++ ++ ret = 1; ++ ++out: ++ EVP_MD_CTX_free(md); ++ OPENSSL_cleanse(digest, EVP_MAX_MD_SIZE); ++ return ret; ++} ++ +diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h +index 9ab1a14b9e..81646fda52 100644 +--- a/crypto/objects/obj_dat.h ++++ b/crypto/objects/obj_dat.h +@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = { + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ + }; + +-#define NUM_NID 1195 ++#define NUM_NID 1196 + static const ASN1_OBJECT nid_objs[NUM_NID] = { + {"UNDEF", "undefined", NID_undef}, + {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, +@@ -2275,9 +2275,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { + {"magma-mac", "magma-mac", NID_magma_mac}, + {"hmacWithSHA512-224", "hmacWithSHA512-224", NID_hmacWithSHA512_224, 8, &so[7745]}, + {"hmacWithSHA512-256", "hmacWithSHA512-256", NID_hmacWithSHA512_256, 8, &so[7753]}, ++ {"SSHKDF", "sshkdf", NID_sshkdf}, + }; + +-#define NUM_SN 1186 ++#define NUM_SN 1187 + static const unsigned int sn_objs[NUM_SN] = { + 364, /* "AD_DVCS" */ + 419, /* "AES-128-CBC" */ +@@ -2555,6 +2556,7 @@ static const unsigned int sn_objs[NUM_SN] = { + 167, /* "SMIME-CAPS" */ + 100, /* "SN" */ + 1006, /* "SNILS" */ ++ 1195, /* "SSHKDF" */ + 16, /* "ST" */ + 143, /* "SXNetID" */ + 1062, /* "SipHash" */ +@@ -3467,7 +3469,7 @@ static const unsigned int sn_objs[NUM_SN] = { + 1093, /* "x509ExtAdmission" */ + }; + +-#define NUM_LN 1186 ++#define NUM_LN 1187 + static const unsigned int ln_objs[NUM_LN] = { + 363, /* "AD Time Stamping" */ + 405, /* "ANSI X9.62" */ +@@ -4609,6 +4611,7 @@ static const unsigned int ln_objs[NUM_LN] = { + 1139, /* "sm4-ctr" */ + 1133, /* "sm4-ecb" */ + 1135, /* "sm4-ofb" */ ++ 1195, /* "sshkdf" */ + 16, /* "stateOrProvinceName" */ + 660, /* "streetAddress" */ + 498, /* "subtreeMaximumQuality" */ +diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num +index 1b6a9c61a1..231c18384a 100644 +--- a/crypto/objects/obj_mac.num ++++ b/crypto/objects/obj_mac.num +@@ -1192,3 +1192,4 @@ magma_cfb 1191 + magma_mac 1192 + hmacWithSHA512_224 1193 + hmacWithSHA512_256 1194 ++sshkdf 1195 +diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt +index 6dbc41ce37..5ded88e525 100644 +--- a/crypto/objects/objects.txt ++++ b/crypto/objects/objects.txt +@@ -1600,6 +1600,9 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme + # NID for HKDF + : HKDF : hkdf + ++# NID for SSHKDF ++ : SSHKDF : sshkdf ++ + # RFC 4556 + 1 3 6 1 5 2 3 : id-pkinit + id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth +diff --git a/doc/man7/EVP_KDF_SSHKDF.pod b/doc/man7/EVP_KDF_SSHKDF.pod +new file mode 100644 +index 0000000000..9c9734e7c3 +--- /dev/null ++++ b/doc/man7/EVP_KDF_SSHKDF.pod +@@ -0,0 +1,175 @@ ++=pod ++ ++=head1 NAME ++ ++EVP_KDF_SSHKDF - The SSHKDF EVP_KDF implementation ++ ++=head1 DESCRIPTION ++ ++Support for computing the B KDF through the B API. ++ ++The EVP_KDF_SSHKDF algorithm implements the SSHKDF key derivation function. ++It is defined in RFC 4253, section 7.2 and is used by SSH to derive IVs, ++encryption keys and integrity keys. ++Five inputs are required to perform key derivation: The hashing function ++(for example SHA256), the Initial Key, the Exchange Hash, the Session ID, ++and the derivation key type. ++ ++=head2 Numeric identity ++ ++B is the numeric identity for this implementation; it ++can be used with the EVP_KDF_CTX_new_id() function. ++ ++=head2 Supported controls ++ ++The supported controls are: ++ ++=over 4 ++ ++=item B ++ ++=item B ++ ++These controls work as described in L. ++ ++=item B ++ ++=item B ++ ++These controls expect two arguments: C, C ++ ++They set the respective values to the first B bytes of the buffer ++B. If a value is already set, the contents are replaced. ++ ++EVP_KDF_ctrl_str() takes two type strings for these controls: ++ ++=over 4 ++ ++=item "xcghash" ++ ++=item "session_id" ++ ++The value string is used as is. ++ ++=item "hexxcghash" ++ ++=item "hexsession_id" ++ ++The value string is expected to be a hexadecimal number, which will be ++decoded before being passed on as the control value. ++ ++=back ++ ++=item B ++ ++This control expects one argument: C ++ ++Sets the type for the SSHHKDF operation. There are six supported types: ++ ++=over 4 ++ ++=item EVP_KDF_SSHKDF_TYPE_ININITAL_IV_CLI_TO_SRV ++ ++The Initial IV from client to server. ++A single char of value 65 (ASCII char 'A'). ++ ++=item EVP_KDF_SSHKDF_TYPE_ININITAL_IV_SRV_TO_CLI ++ ++The Initial IV from server to client ++A single char of value 66 (ASCII char 'B'). ++ ++=item EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV ++ ++The Encryption Key from client to server ++A single char of value 67 (ASCII char 'C'). ++ ++=item EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI ++ ++The Encryption Key from server to client ++A single char of value 68 (ASCII char 'D'). ++ ++=item EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV ++ ++The Integrity Key from client to server ++A single char of value 69 (ASCII char 'E'). ++ ++=item EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI ++ ++The Integrity Key from client to server ++A single char of value 70 (ASCII char 'F'). ++ ++=back ++ ++EVP_KDF_ctrl_str() type string: "type" ++ ++The value is a string of length one character. The only valid values ++are the numerical values of the ASCII caracters: "A" (65) to "F" (70). ++ ++=back ++ ++=head1 NOTES ++ ++A context for SSHKDF can be obtained by calling: ++ ++ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF); ++ ++The output length of the SSHKDF derivation is specified via the C ++parameter to the L function. ++Since the SSHKDF output length is variable, calling L ++to obtain the requisite length is not meaningful. The caller must ++allocate a buffer of the desired length, and pass that buffer to the ++L function along with the desired length. ++ ++=head1 EXAMPLE ++ ++This example derives an 8 byte IV using SHA-256 with a 1K "key" and appropriate ++"xcghash" and "session_id" values: ++ ++ EVP_KDF_CTX *kctx; ++ unsigned char key[1024] = "01234..."; ++ unsigned char xcghash[32] = "012345..."; ++ unsigned char session_id[32] = "012345..."; ++ unsigned char out[8]; ++ size_t outlen = sizeof(out); ++ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF); ++ ++ if (EVP_KDF_CTX_set_md(kctx, EVP_sha256()) <= 0) ++ /* Error */ ++ if (EVP_KDF_CTX_set1_key(kctx, key, 1024) <= 0) ++ /* Error */ ++ if (EVP_KDF_CTX_set1_sshkdf_xcghash(kctx, xcghash, 32) <= 0) ++ /* Error */ ++ if (EVP_KDF_CTX_set1_sshkdf_session_id(kctx, session_id, 32) <= 0) ++ /* Error */ ++ if (EVP_KDF_CTX_set_sshkdf_type(kctx, ++ EVP_KDF_SSHKDF_TYPE_ININITAL_IV_CLI_TO_SRV) <= 0) ++ /* Error */ ++ if (EVP_KDF_derive(kctx, out, &outlen) <= 0) ++ /* Error */ ++ ++ ++=head1 CONFORMING TO ++ ++RFC 4253 ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=head1 COPYRIGHT ++ ++Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. ++ ++Licensed under the OpenSSL license (the "License"). You may not use ++this file except in compliance with the License. You can obtain a copy ++in the file LICENSE in the source distribution or at ++L. ++ ++=cut ++ +diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h +index 16caed5273..362ab14cff 100644 +--- a/include/openssl/kdf.h ++++ b/include/openssl/kdf.h +@@ -20,6 +20,7 @@ extern "C" { + # define EVP_KDF_SCRYPT NID_id_scrypt + # define EVP_KDF_TLS1_PRF NID_tls1_prf + # define EVP_KDF_HKDF NID_hkdf ++# define EVP_KDF_SSHKDF NID_sshkdf + + EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); + void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); +@@ -47,11 +48,20 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); + # define EVP_KDF_CTRL_SET_SCRYPT_N 0x0d /* uint64_t */ + # define EVP_KDF_CTRL_SET_SCRYPT_R 0x0e /* uint32_t */ + # define EVP_KDF_CTRL_SET_SCRYPT_P 0x0f /* uint32_t */ ++# define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x10 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x11 /* unsigned char *, size_t */ ++# define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x12 /* int */ + + # define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 + # define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 + # define EVP_KDF_HKDF_MODE_EXPAND_ONLY 2 + ++#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV 65 ++#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI 66 ++#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV 67 ++#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI 68 ++#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV 69 ++#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI 70 + + /**** The legacy PKEY-based KDF API follows. ****/ + +diff --git a/include/openssl/kdferr.h b/include/openssl/kdferr.h +index 0191f2b21d..ff13ccb649 100644 +--- a/include/openssl/kdferr.h ++++ b/include/openssl/kdferr.h +@@ -32,6 +32,10 @@ int ERR_load_KDF_strings(void); + # define KDF_F_KDF_SCRYPT_CTRL_UINT64 122 + # define KDF_F_KDF_SCRYPT_DERIVE 123 + # define KDF_F_KDF_SCRYPT_NEW 124 ++# define KDF_F_KDF_SSHKDF_CTRL 130 ++# define KDF_F_KDF_SSHKDF_CTRL_STR 131 ++# define KDF_F_KDF_SSHKDF_DERIVE 132 ++# define KDF_F_KDF_SSHKDF_NEW 133 + # define KDF_F_KDF_TLS1_PRF_CTRL_STR 125 + # define KDF_F_KDF_TLS1_PRF_DERIVE 126 + # define KDF_F_KDF_TLS1_PRF_NEW 127 +@@ -62,6 +66,9 @@ int ERR_load_KDF_strings(void); + # define KDF_R_MISSING_SALT 111 + # define KDF_R_MISSING_SECRET 107 + # define KDF_R_MISSING_SEED 106 ++# define KDF_R_MISSING_SESSION_ID 113 ++# define KDF_R_MISSING_TYPE 114 ++# define KDF_R_MISSING_XCGHASH 115 + # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 + # define KDF_R_VALUE_ERROR 108 + # define KDF_R_VALUE_MISSING 102 +diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h +index 31fad4640f..baf2bd8db4 100644 +--- a/include/openssl/obj_mac.h ++++ b/include/openssl/obj_mac.h +@@ -4970,6 +4970,10 @@ + #define LN_hkdf "hkdf" + #define NID_hkdf 1036 + ++#define SN_sshkdf "SSHKDF" ++#define LN_sshkdf "sshkdf" ++#define NID_sshkdf 1203 ++ + #define SN_id_pkinit "id-pkinit" + #define NID_id_pkinit 1031 + #define OBJ_id_pkinit 1L,3L,6L,1L,5L,2L,3L +diff --git a/test/recipes/30-test_evp_data/evpkdf.txt b/test/recipes/30-test_evp_data/evpkdf.txt +index 285c4311a6..7f2dcd2291 100644 +--- a/test/recipes/30-test_evp_data/evpkdf.txt ++++ b/test/recipes/30-test_evp_data/evpkdf.txt +@@ -433,3 +433,4856 @@ Ctrl.iter = iter:1 + Ctrl.digest = digest:sha512 + Output = 00ef42cdbfc98d29db20976608e455567fdddf14 + ++Title = SSHKDF tests (from NIST CAVS 14.1 test vectors) ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:A ++Output = e2f627c0b43f1ac1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:B ++Output = 58471445f342b181 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:C ++Output = 1ca9d310f86d51f6cb8e7007cb2b220d55c5281ce680b533 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:D ++Output = 2c60df8603d34cc1dbb03c11f725a44b44008851c73d6844 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:E ++Output = 472eb8a26166ae6aa8e06868e45c3b26e6eeed06 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:F ++Output = e3e2fdb9d7bc21165a3dbe47e1eceb7764390bab ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:A ++Output = 55a1015757de84cb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:B ++Output = 7e57f61d5735f4fb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:C ++Output = dd1c24bde1af845e82207541e3e173aec822fb904a94ae3c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:D ++Output = cbbfdc9442af6db7f8c4dcaa4b0b5d0163e0e204476aa2a0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:E ++Output = e153e04886c0dc446dde9a9b3b13efb77151764d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 ++Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 ++Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a ++Ctrl.type = type:F ++Output = c8e4f61bd6b5abb2c6e06eca7b302349435e4842 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:A ++Output = 054eaf5d7dea31e7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:B ++Output = 6ce586c127da010f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:C ++Output = 7907bf3d7c58ce72714b2adb1a14f156194b14378a4a7c49 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:D ++Output = c34757dc104e7b811f6550bbc3888e1d4297578fd88b2ca5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:E ++Output = e463e05ef70e61f994ee3cd20d504cb6eddb9b1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 ++Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 ++Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd ++Ctrl.type = type:F ++Output = 676cf1dfc887e122353eead2b1e644f9d9def944 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:A ++Output = bc4b5164911bc87b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:B ++Output = d791c5986b27257e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:C ++Output = de8e99bb3f60ccf0583712528aa3dd0418fdb90d0a588012 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:D ++Output = f37f75a685f1eaf4fd270b946d84734e96aa3b4ed130afc6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:E ++Output = 658f04b0f59aab071b9e11ec9ff187ee10e80254 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 ++Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 ++Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 ++Ctrl.type = type:F ++Output = b030809222ff7a12b0df35072d67f314ab1d5eda ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:A ++Output = 7a74ec799ef16865 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:B ++Output = 6e544fc6db0ca1ba ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:C ++Output = 658226b1b10b2033fa88838b619572b18e81e80c76507918 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:D ++Output = 327298c8660685efcb01c5c0df49faebb15c0e93b0f6c65d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:E ++Output = 6b618a10aeaa12c9a8d2bcb10e975605582c00e5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff ++Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 ++Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d ++Ctrl.type = type:F ++Output = 6d4ce50da9de90d6f746e812a2e74bcd921f5612 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:A ++Output = b655839abcb1a7b8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:B ++Output = 98f9ec980831a8bc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:C ++Output = 31a63b64cfa8b6a12ba165096dad8d127cd3f3b67698b670 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:D ++Output = 8bd79633967b92f0039a38a2d421e12840ea5c31b43c4e90 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:E ++Output = 37eccade73b422d1108e390eaa28c646b554a721 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 ++Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f ++Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a ++Ctrl.type = type:F ++Output = 013a20fc8f53ef08aae0a836b9410153a877983a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:A ++Output = 12f6c3ac60d6ee3b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:B ++Output = 536d106e00aec6fd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:C ++Output = 26b8ec66854d0f0aa98f6888be628ebc75900c3738d47894 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:D ++Output = d5d3b3817214eeb3bf292dffc77daeab062ac7fcd2e3a2bd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:E ++Output = 014613aef22194307bc0678f6edd1ccff240adfa ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef ++Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 ++Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 ++Ctrl.type = type:F ++Output = 5057b4cc2c300f7546d358a75daf58233b71da1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:A ++Output = d160f91f36027ff9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:B ++Output = 0d02ec310663bbcc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:C ++Output = 03b66f451ad93a01914dd3372d980bea3de94993e176ea01 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:D ++Output = c2db767cbbdf2f839eb2f37ada87a041d220b9f58842d0db ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:E ++Output = 0b2944c26dcf4cc877cdc55c4e9b1b8155e3874b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 ++Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 ++Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 ++Ctrl.type = type:F ++Output = f7977d574c7d9e4f34ecd6b405c765963f0dfe57 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:A ++Output = e4387818ab7f4fa6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:B ++Output = 1daabebcc8a064df ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:C ++Output = 9fffad3aec53cd719c1d500850c2f38d8eea04606f78b402 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:D ++Output = 6b196bce2aa2bd912ffd67a94fc42dec1051376f73ec3ce2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:E ++Output = beab583906e6bed005558c102a5b5fd6ee71485f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 ++Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 ++Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 ++Ctrl.type = type:F ++Output = 105140594b5b9061de7ff2afac09bce81b75d6c6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:A ++Output = ef982c8fd0fd464f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:B ++Output = 845ad3ba4d359326 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:C ++Output = d9e516001b6b1a17268e507fa6e13f6bc9c3ded0020ef841 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:D ++Output = d57d2f3c25b536442d8c7f36d62778d06fb6e7d4b5c7ab76 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:E ++Output = f0b75425b271eb82645b1f1424b2a838dbcf6f98 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d ++Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 ++Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c ++Ctrl.type = type:F ++Output = cdf59b2327588ffd18becfc0e5bb526014101401 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:A ++Output = 79c9195e683ae10750960cb55c4d4c0b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:B ++Output = ef00b448ab9fd6523bb5143a0a818750 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:C ++Output = 51c8b4aaf5e42443be0aa3c50aa7e1dd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:D ++Output = 4153a587397fb14dc3faad028fdb7ecc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:E ++Output = d23e36347052a1cfb4a7789df48627e8a31345c7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 ++Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 ++Ctrl.type = type:F ++Output = c1286e92655912d923154c460702a31424bd6b01 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:A ++Output = 739ad52e454ba3457735b7c5304c6578 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:B ++Output = 3bd9f9d9f06aa521d2f53e40fc5d9f90 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:C ++Output = 335cd2813bebd3d5e1dda4c1e14c23de ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:D ++Output = fd25c5ae649645d8c0cfff0d4d8e7a47 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:E ++Output = 90e89773d04623553d4d298e6aa75781d8a6544b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 ++Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e ++Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 ++Ctrl.type = type:F ++Output = 86a3f05a5f844b23d787cccbda37a3d773a4d049 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:A ++Output = d2d06d589e6e696556e3d44d7d05decb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:B ++Output = 14e3a886b715206e837b70fe7c02b941 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:C ++Output = 98625cf9741819273a0d6852ca7ab592 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:D ++Output = a7b273f04d537856015e06075c94c398 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:E ++Output = 3e1afa980d05ec30e9a55331ac301c10305999e2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde ++Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 ++Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e ++Ctrl.type = type:F ++Output = b993c4254669c7a51ed713ddaf7174fd5296fe57 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:A ++Output = d9c0ed6b7fbf066d4f3cff7d2585ef5b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:B ++Output = da13833aa2c086e5d76595132f4e5fc6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:C ++Output = 9e27400587b646397a7655be0e5763ec ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:D ++Output = 91b95d5cce7f2aec14776f49f652a305 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:E ++Output = a97dc9a99e37c983a4922cd2ecdfa394b71141ce ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 ++Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 ++Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d ++Ctrl.type = type:F ++Output = 173d846f9790c742ca86af4bff5f965c6088a05b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:A ++Output = 6fa496847cda7367cb32b8be9aae3f85 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:B ++Output = 702ac8636520b7c6169ddc660781de9f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:C ++Output = 6ffd703180af7c2207d5fa9e467272e3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:D ++Output = 7ae5281e377f230dcc9854cf995f663d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:E ++Output = fbcb152df7a3f12a8f174f9ca31bb31b124ae3c2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 ++Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 ++Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a ++Ctrl.type = type:F ++Output = 3f0c57fbccfb7306cff23bdaf69d70a8a394b34b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:A ++Output = 7e37ea52156fad1903709e1d3229721f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:B ++Output = c15569583de413e08293bf1689a9afe8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:C ++Output = 0c85227539f5e328c64172280759d9bf ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:D ++Output = 3dbc42d9e7128e861b87781546cedc8e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:E ++Output = 1ec0d15e38ea1b48da963837dbf30cef855a92c7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f ++Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b ++Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc ++Ctrl.type = type:F ++Output = eea8ea042a079fcf8416a8b244fafab35adeca8a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:A ++Output = f2faef6e274814ed7ca544484ac21a3a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:B ++Output = 3ca9bc0f3c65c257fa160a4d1c5e3520 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:C ++Output = fcdf0545b51aca6515bccf6ed0ecb582 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:D ++Output = 86ea895a310c3bbd1aac209b2362d58a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:E ++Output = 12a4f2b749e2bf88c1f8437e5ff61de761fd48b3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 ++Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 ++Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a ++Ctrl.type = type:F ++Output = a3a9276a120db379ec780e434879a54935db954d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:A ++Output = e53f2f61d8919e097cb99627fe668385 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:B ++Output = cea80fd8dc06654ed80b0ec150835537 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:C ++Output = d5ba475e737bed349b8931ba38d426e9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:D ++Output = f3ea92b4f365ab2fb8403ad8ecd2d17c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:E ++Output = 41fa718884738fd6fd9ee9fd5af05f0de9400952 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e ++Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 ++Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 ++Ctrl.type = type:F ++Output = 91395bbd90abb140d0984ed5e77836590bf44695 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:A ++Output = 04d3c0a3f5e33ae373c637ef45897779 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:B ++Output = c5a45bfbf6d7c14c5d3a953b4848e433 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:C ++Output = 3a16d0da2f785e2c325b45109778910a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:D ++Output = 902b38dd6c759945e671c1de7d99e918 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:E ++Output = b573244de3127f6aa5457e792219dc89defaaecd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 ++Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a ++Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c ++Ctrl.type = type:F ++Output = 6cd221005dd1f0de4f472f48d15e61dcc2e91e99 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:A ++Output = 5f9deaf2ee4f05af0a8a813ef6bb9549 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:B ++Output = a2ea4b795f9c9de1d786d0c771df2b84 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:C ++Output = 13f828f8f1e5532a04f138681bc8259d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:D ++Output = 7231ce5fd725391e058cd78815f44625 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:E ++Output = 937b7e16ed0b2324203cdae904fc55cbe25067a1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 ++Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 ++Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b ++Ctrl.type = type:F ++Output = d7536b911dc79d5953455ba6e15cb5fec7c14025 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:A ++Output = 9fff6c6a6d1f5c31 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:B ++Output = 8e0ae78c64d2fe2a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:C ++Output = 9044f963ffb56b94556a38aac5398a7072ffba60258500be ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:D ++Output = a861a317ea42b050901aff367b5a1d0abd5c497c77311ba2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:E ++Output = 43225d64b6da6f070925ad1c8b7ac88893f9a7cba0dfc55ddea42eec ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 ++Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca ++Ctrl.type = type:F ++Output = eb31db29bbafca2773f815fa478d927943288588e371ae9ba0414d98 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:A ++Output = bf2d6e03ba930c71 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:B ++Output = ff14fadc19a0bd8a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:C ++Output = 34a70734eaebeb8608cbb91098fa13326f37ccc5d408584d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:D ++Output = f993da8f2e840b836c8980fa2d780a1b4eeef77046988eed ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:E ++Output = a274441c86dd146cfab25d87344bd5a880d374d300aa8e1fe4919378 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f ++Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d ++Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 ++Ctrl.type = type:F ++Output = 7774dc48324cca24901bedc37224cb291d6202fb6b5e1d9315a9bd10 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:A ++Output = 75bc82b271311f53 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:B ++Output = 602d69e77b8c30b3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:C ++Output = e0c8856a26b2f4804e98809d5b81cdb360b43884a33d4fef ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:D ++Output = e661555415bcab0b1f2d4b4387cda213cdd93f8458a2ace4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:E ++Output = a368f66127573c79e2d936032f75c3d11c0131455eb9b6c5384582de ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e ++Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 ++Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b ++Ctrl.type = type:F ++Output = 779f09f514bdf7ed4a01788f10146367ce2ddf2aacebb961524c002a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:A ++Output = 386bc0b99215c8fa ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:B ++Output = c793dba9a68f70a4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:C ++Output = 3dcaea7c946c2de76811482556299aa9bf96c8eef11fb2d6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:D ++Output = fd078ef65922006809729f9533c8742e9f973f7ff37ba987 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:E ++Output = 83a1924fa5f7ceffeba7f519ac51a86a2746a93eb194db51a4596ca1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e ++Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b ++Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 ++Ctrl.type = type:F ++Output = e16507d1bbd53b41f9bb2f0f21b5112eb6cd1eb0489fb5e754212390 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:A ++Output = 0e764ebe0d523aae ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:B ++Output = 24bd2eff86c2a8dc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:C ++Output = 26c01e3d56c1b928f65aaa1b6a15f5b8d41de187b4bb5fdc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:D ++Output = e0cc3bdb6d69d10893eeb73b892d746acea151f24247fd9c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:E ++Output = bf442ba6ec794f20584528686cedbaa568c13b895f642fe5cb3542bb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 ++Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b ++Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 ++Ctrl.type = type:F ++Output = 65ab453e5ffd1b5e1540aa547766d7c177204c319642f93059bdf257 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:A ++Output = 45799bbb09fd8804 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:B ++Output = b787b009f3313be0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:C ++Output = c4cbb547c997e8fddb9e56ef5df91327766668a43a958a8e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:D ++Output = b55b7cca0a0363b84b40b79366b87db7c440dec5bf89e952 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:E ++Output = 9c6399e5f4db0fc7652268d7423230ee5ffc0a210c26568dc5c0ab7d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 ++Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 ++Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff ++Ctrl.type = type:F ++Output = 9824301c33daae0f1b75eb472d6f0b4ef2cea0b2f61e204b6aefb0bd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:A ++Output = 2958928e5fd3c6e4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:B ++Output = aa91bee1a3b3374c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:C ++Output = 6fdac559eb1d6af7fc7fbaa4f9a15fd4145b97b9418518d9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:D ++Output = 5a8271402756f7eac59f09b5020f7b05f6475fc3a2e2b482 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:E ++Output = 910de4a4a437cab056f7c38037f0196c524464237c5e332e79564a90 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e ++Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df ++Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 ++Ctrl.type = type:F ++Output = 0bfa6ed5dc8ab0fc1bb9feb966d7107137ebf3f754ac71c2a16a9c22 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:A ++Output = 82204d79e13252f1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:B ++Output = a76ff923488c7bd3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:C ++Output = 8ba3bd224890bdd4dd07d2a5a98e5efcd95d82c66583d098 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:D ++Output = a04a3844933ca1bb45848bc1a7626e4c50dc46aa5376d027 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:E ++Output = 393f2f152d6c6d063f284cadd1fd9d700928188b7fea31f74b44fbc6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c ++Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 ++Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 ++Ctrl.type = type:F ++Output = f27f2cd72b22e1719f91b912d6c9d180985121d32bd217e348cd2003 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:A ++Output = f843e3c6a1621998 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:B ++Output = 128b2d8968cfaad5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:C ++Output = d6c4d2685753580dea2c6a6eb6add592011356eb9e868d44 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:D ++Output = 92af60f4858f3d14efaac039130389ab9ae1237f0da09a29 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:E ++Output = a37af93c8f25e145def1c5397bec2ee2119cc0e0bd4854fe23b2e3d1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 ++Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 ++Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 ++Ctrl.type = type:F ++Output = d44def5fcec300da5913ca109c0fd7a2c2cbcedd2c3e3216c5cb0d95 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:A ++Output = 4276fab65090b420 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:B ++Output = 00303ca4f9a5a6f8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:C ++Output = 3d67892281e9c6ed6535d7ae69e832f6723afd545763bd3d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:D ++Output = 5a5844e6c47eacc172e0012044037668a653758b96310350 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:E ++Output = 4783fb6e98db788f6594c2b82e751528590c41780adce2ffba234290 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a ++Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 ++Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e ++Ctrl.type = type:F ++Output = 7c60752b0b5a0f0027507ecd88e6af2b78e462a98459bf0511152663 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:A ++Output = 2512664639690af9f64afd16d9ccf3d3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:B ++Output = c13223796f394c6d1ffd18c22c09f27a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:C ++Output = 7be659a7cbeda28722315d96444a5c98 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:D ++Output = bdfbd698c518aa45c35d7afd7bd91150 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:E ++Output = dd38b79b081713ac3007ffd88d5cd67f43fbb36c983e0fc1cd273d84 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 ++Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 ++Ctrl.type = type:F ++Output = edf713ecfb21b9e9c2d9d04c882d5ded433dcf459ff5b0fe7cd45bb1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:A ++Output = f3064d3f3ed09eefd34731a2c60c1a80 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:B ++Output = 1f7f508d9c4cf1004a220f26e0e6c184 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:C ++Output = 2ad48a77fa12fcb5d3d3e98d5bb87d76 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:D ++Output = 0433db7fd40d9d0dc9df6e9eed8059e4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:E ++Output = b07884f15910c6a083143ef9bda115d05c9e4c4057c1987c4f78a1b6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 ++Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc ++Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e ++Ctrl.type = type:F ++Output = f838da7b26311dbd529f742d901709229482cea9d7ac9f0c2cd14200 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:A ++Output = d8c60bf582892d2cd03956774614b9f1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:B ++Output = bac1bef6d6dd92de55bc174c9db77a54 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:C ++Output = bdf96d88d7ac4f0daa62d29948a5c891 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:D ++Output = ef0dbe568b4f3fbcb8b2665ed7ed0f8d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:E ++Output = 315d50a1b29f9d556c983432b98bf437893c1a892cf69880353d9797 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 ++Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 ++Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 ++Ctrl.type = type:F ++Output = 612e3ac6651f9c7d99c532da0820f079292d9b33d36b684198665f5e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:A ++Output = e0d36ac1de6cc8514d25ff824bfaaa37 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:B ++Output = 58c896b4d1a9507e7da2234a1a538d78 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:C ++Output = 5966df5cb582234585b4c4312318f829 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:D ++Output = 40d8bdab78c9dac2b2d14d1c8bd41405 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:E ++Output = 1af4707570794ff6c718c817ccb9fca5edf22a3a8d493a861633fb7a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b ++Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a ++Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f ++Ctrl.type = type:F ++Output = 4e6edd5d86f0a3b92595fb2d4f0f9b0f0ed1e850c84014224270bcbc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:A ++Output = d30b7efda77a1008d78487fb1c9df511 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:B ++Output = 498b3d9f14446a028d1aed8bc4748e34 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:C ++Output = f4909273c39ef8819b353cde80f57cc9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:D ++Output = b31337a6ecd02f4beb9bf4af12ea4e11 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:E ++Output = 6f3da7bb4b64ad3e1171083a62eca5e755563e639594b848243760d8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 ++Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 ++Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d ++Ctrl.type = type:F ++Output = e88506aa4a4ffa33675c4a296abf91e24450a496e56f8465e9a7525c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:A ++Output = c5cbb653102d99457c33c88921b5dbe4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:B ++Output = dd9b1c786c7f739832629f7666e4e21e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:C ++Output = c33d08d706ffac1811f157526b08086f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:D ++Output = 5750b617b71a239d99fc412796f6d986 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:E ++Output = 4c2edee4688119e17723fede94d81c141cb2dd632dde5e223fcd12c2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 ++Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 ++Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c ++Ctrl.type = type:F ++Output = b48103cd81397bed3bf618b2ef30a44ea806b0ad07aa098a8a33273e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:A ++Output = c8bc1d232edd620e0282af630d596a6c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:B ++Output = 6a90269aab1a3e3612eec97a45db11e1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:C ++Output = ebb8a6227e789d33fa072355cb2851ac ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:D ++Output = 9662ff73b11bd2978ffceb7545f6054e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:E ++Output = 9eb35f9a8a6155b81b8dda117f5d631cc4eddea4b4912147513bc4ec ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de ++Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 ++Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba ++Ctrl.type = type:F ++Output = 3e137e015973e21c37a8de81cc812683d506fc35699114b31c06797e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:A ++Output = cc22a730c15abf9628f749fac9d3f935 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:B ++Output = 188c477061a597384b1d1e417dc04f7d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:C ++Output = b309760dd9f0d65c6edcdee3a3457c33 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:D ++Output = 1b8674f603a78f16fb979d6db70f6795 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:E ++Output = d881ac0cf62ecff2eb7d3c8284cfd4b95e003c435f6a3121ab0c65b0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 ++Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 ++Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e ++Ctrl.type = type:F ++Output = 9a7560e7976c7fb0153fc94e51a7dead3b7f8954d1efa7ed6be77858 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:A ++Output = b842e2900a8c1f7d7c3fa465d46142fa ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:B ++Output = 5e96f771c176fafd18d4aa0bc07dc5d5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:C ++Output = fe5fca0a03e6f8ac95ba4e882c64fb8c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:D ++Output = b952b4e6f2010ebdac7ee10adb90f9ef ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:E ++Output = 819db930507c1f8e1617dc74e78de9f4abb02b7089d764cb20d14c56 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 ++Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd ++Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c ++Ctrl.type = type:F ++Output = 79be1ec6ce722e98bca50a25bbca581318b6227c9fd346d67602958f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:A ++Output = 4d40be7041ac4c74d56d53855fead94f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:B ++Output = 501781a04c919226a9e2dd6d7a880568 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:C ++Output = fe183f0e31d4bf9ebc9364e19e422385 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:D ++Output = f12c0da703e5bedb2921a0e1795eb62f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:E ++Output = 1d34b1ae23af48c25db971fe0f95c2fdb4e269ca435b90e0e22ee720 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA224 ++Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 ++Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 ++Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c ++Ctrl.type = type:F ++Output = b77dce4e2211c8e2b4fba841ba45d7f136323999ed9a4d306fa411a8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:A ++Output = 41ff2ead1683f1e6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:B ++Output = e619ecfd9edb50cd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:C ++Output = 4a6314d2f7511bf88fad39fb6892f3f218cafd530e72fe43 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:D ++Output = 084c15fb7f99c65ff134eeb407cee5d540c341dea45a42a5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:E ++Output = 41ec5a94fecce7707ea156a6ad29239a891621adacbedb8be70675008d6f9274 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e ++Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 ++Ctrl.type = type:F ++Output = 47d3c20aba60981e47b30533623613ff1cacbcf1642fb4ad86ee712f2aed9af8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:A ++Output = 99bae6531508705f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:B ++Output = f25786f02f199737 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:C ++Output = 97621bf882266f905da78cf193fc31f642acbb60957c41b7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:D ++Output = ad98a86a2386280912efea50f790e800a7758f7dade5d77e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:E ++Output = f92d052d3cdf34dfc69bc60a489c3a3553f4356596c191931d08fa20551273b3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f ++Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 ++Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed ++Ctrl.type = type:F ++Output = 147a771445123f846d8ae514d7ff9b3c93b2bceb7c7c9500942161b8e2d0110f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:A ++Output = 93da642974d71e52 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:B ++Output = df2035ad67457151 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:C ++Output = 42067bb0535da6701232a0f39ac7f436535af346c4786af5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:D ++Output = 08a0181a6c373d39540409dafb1b4e2359bc249af33bcfe0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:E ++Output = c043b5aece7cd2685c6dfb3788d7a562d6622d20f6d7e07b38aeb47c649dd99c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 ++Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 ++Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 ++Ctrl.type = type:F ++Output = cbe67a93ac758d9f2a6ff580bad5a44bb1a1062c9e20d5c974decb7aa2b0faa0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:A ++Output = 320e807fab2b10f0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:B ++Output = 7b8f91be4dcd59b1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:C ++Output = dec6e67a94b3ddfcd32a24d6026c6951d00b6f4402d32c1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:D ++Output = 2ef3cea4588ad928ac3e8874f3e1f613f2d50787495acc32 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:E ++Output = 72f93537328eebeec1b5ca88fedb41bf4d9c6279e4fe8d13c38da72a39739ed8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c ++Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 ++Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 ++Ctrl.type = type:F ++Output = 55dcf2c322b9c94686edbf9314d7c93bd9651e2ebc64f1a299d7176577d65b32 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:A ++Output = f4dbc41aa23e1621 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:B ++Output = e53b40c511180817 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:C ++Output = 70fed9412989cf5de908ad429cb92065fd5ccc081477abba ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:D ++Output = 3afdb0b4b4bc13e8731bb92e541b7d82a0b20d8878ce184b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:E ++Output = 59937f257aeef0806038543ced541990e5c2243881818edf2c522a54b64e9e93 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 ++Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 ++Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e ++Ctrl.type = type:F ++Output = 187532105293274b841918e3ab51f5dd0453d4331e85f4e06b775dbce4979cdd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:A ++Output = 3cc220d5bb9b5346 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:B ++Output = 051e3c79aede7e41 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:C ++Output = 44c2b4725965ee9a2bce58d38e2e9a778263c415b21a25be ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:D ++Output = d5de7a801956b934d820f9aa51bf1dae2a7aec7ce5ce4e50 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:E ++Output = 7d2039a6505e3220535fde0ff71464f3971580f50711356760b225fc3053fc19 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 ++Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 ++Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 ++Ctrl.type = type:F ++Output = b0972348a031ef2e87d42611e53cf0c4782d759ecdcc1390318eb11e1925ac35 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:A ++Output = cdb047beecd92d84 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:B ++Output = ef378e894d8f675e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:C ++Output = 23ee42a437801e87348b3999bde76147a8731e318db57752 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:D ++Output = a3f50e3d14498f15e1f111cc929648011d6abfb58e90df1c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:E ++Output = fb6a020561e46e521344cb671a50175afd63ded91eedaa1b2879c3a63761674d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 ++Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 ++Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 ++Ctrl.type = type:F ++Output = 567a79e7c4b10d62a420ce2ea740661c08d9459ed636ecb4edebcedb17b0baba ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:A ++Output = 1f9e7ad5592ac73d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:B ++Output = 15b254fe3510dd77 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:C ++Output = 88eadd5802e1a748284684438eb1b1bdc9b20ea30c59950d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:D ++Output = 277c2c4ad3d4a3bec4bdc5329bb5f9d4e39aa06b1e115e77 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:E ++Output = 090d2f273a690ed1d67dd9919c34385b18a661f8657b84bef6832f2396771979 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 ++Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df ++Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 ++Ctrl.type = type:F ++Output = 1f3082fa5ac8ec565595c4c5b8a7ddbba88ed4936fca913bba6a8715dc856f30 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:A ++Output = 3aa08d67c81310b7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:B ++Output = cf46596878a17a87 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:C ++Output = 871db438b8b33c2102ddab0c1f7be51ee4c2cbdf52a01a58 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:D ++Output = 04ac13599b84c22be0f1e5f7b96def31598e6ad36be412e8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:E ++Output = f00c83a8afb5d1793749d4aae825b80e67ccd7f67e08f572222ccf42126ea2f0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 ++Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 ++Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 ++Ctrl.type = type:F ++Output = df0570749d67136095b0dda6d461676b7eeb9a386f126306d436cab16dfd1b3c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:A ++Output = fad800cbf8975a01 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:B ++Output = 679a118bda1f15a9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:C ++Output = 5193e9b3b10b7939b79b967b98e6cf3396758eaf8263edf2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:D ++Output = 3f5de8bec6d737836d3a91480ac76c19d0a90bc146f02d5c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:E ++Output = ce7be4fffd0ffd09ff45889d10c7be0edf922422d01cb71b737c6149bb1a2d05 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 ++Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f ++Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 ++Ctrl.type = type:F ++Output = 60f413c9bcc42dcf0acc53d513dd8bc703f7e5d668f4e043f13028dcf40880b2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:A ++Output = 81f0330ef6f05361b3823bfded6e1de9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:B ++Output = 3f6fd2065eeb2b0b1d93195a1fed48a5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:C ++Output = c35471034e6fd6547613178e23435f21 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:D ++Output = 7e9d79032090d99f98b015634dd9f462 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:E ++Output = 24ee559ad7ce712b685d0b2271e443c17ab1d1dceb5a360569d25d5dc243002f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 ++Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d ++Ctrl.type = type:F ++Output = c3419c2b966235869d714ba5ac48ddb7d9e35c8c19aac73422337a373453607e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:A ++Output = 36730bae8de5cb98898d6b4a00b37058 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:B ++Output = 5dfe446a83f40e8358d28cb97df8f340 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:C ++Output = 495b7afed0872b761437728e9e94e2b8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:D ++Output = c1474b3925bec36f0b7f6cc698e949c8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:E ++Output = b730f8df6a0697645be261169486c32a11612229276cbac5d8b3669afb2e4262 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 ++Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 ++Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc ++Ctrl.type = type:F ++Output = 14a5ea98245fb058978b82a3cb092b1cca7ce0109a4f98c16e1529579d58b819 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:A ++Output = 32d20a3f5e92b20fe100f4f41a1ad53c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:B ++Output = c3a3ff57f99187ba011fd422100af577 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:C ++Output = 8517903c49d5a59ad8ef7cd8591c6b5e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:D ++Output = a5ad201101a617f1cd5b3a2baa3b27f7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:E ++Output = 16747a23fddd72f785c5d61dfb81a5a38555f5d8ff1dc5ae4fb423b82adfe05b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc ++Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 ++Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 ++Ctrl.type = type:F ++Output = b1b1bba896b0fd75a90187eae6cdf744d23884caa5f4ca979ced327ca1239771 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:A ++Output = b5c636c93e002f1fac0b78eb423d92cf ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:B ++Output = 64d82bef35e924abf030fe42cda10e81 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:C ++Output = 76a1b8b85d0ea49c68f30d7448155901 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:D ++Output = f136e09324b1ef12b92bf35d5b3dd8e2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:E ++Output = 77abc45165b126f9127d59fbe655140cd3f768cd0498c29aa69cb5d65f7b0d50 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 ++Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 ++Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d ++Ctrl.type = type:F ++Output = d43f93faf692f59bc96fd480fb336033c94ee237ceece69691ffaa64bdd7fcc1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:A ++Output = 3b3c4416d3121a6838dd3f94a84b6ec6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:B ++Output = e0af22a9184e5cea74f3e90faf5212ba ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:C ++Output = a3a7a9e48cc09a927e2d6eddd7647368 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:D ++Output = b9411d2870e885e223a6b414ae6ac813 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:E ++Output = 7f11812c28229fd8e39367b8885045313fea6322f22a69b6436caa4fb6c2d915 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 ++Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 ++Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 ++Ctrl.type = type:F ++Output = 4fc39e2a1e7038f2664a48986e8227c213e577eafea082f46cb08d087e642fe4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:A ++Output = b71bd280b230b6fb9b326a3544ab9c90 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:B ++Output = ca38c1b5940e1417fb8caa6ab6deaf18 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:C ++Output = 5d02347e16760101a3689bf0087ed947 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:D ++Output = 2fb5e0eb5552f7e26ad9651bd22f1666 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:E ++Output = b7b7c4292a73e7d378284b12b318e0cd3ad714904b4ef9c83d44ee06ff49b1e1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b ++Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 ++Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 ++Ctrl.type = type:F ++Output = c9884e71b158f2255fb204733e888bc5b2ee38a5493de9d0ef6700949159ac6a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:A ++Output = 88af3bdb49bd8e9d24489efc95dea1c1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:B ++Output = 5cf41e1d43f797c16a30e070f2f37dd4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:C ++Output = 7cc48e0f8b4bdd63f76e41ba411d7f37 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:D ++Output = 37d942416267be06cd1ff9498dcf1e6e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:E ++Output = c3c8b48e228a3a671ae8c48aa4e4f1fe32c1ad4d5ae48c904836d13e7350f72e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc ++Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 ++Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a ++Ctrl.type = type:F ++Output = 605f7d3b3f28a8967402ba67ff916a61b0a4e9b736665c5e911fb33f60dc16fe ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:A ++Output = 7b91adc6eb48a6f82a8990efd2537903 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:B ++Output = 814c8fb54a535b38d4c2301aa49ad702 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:C ++Output = 3ec64c8571c7c7f39a9f37c0e1053324 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:D ++Output = 846d40dc45123f2710e27bd3140070c8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:E ++Output = c2199b9bd701c2f4ee82a145adc28f3e8fac0af8dd43cb7f3da173681bcad2e0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 ++Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 ++Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 ++Ctrl.type = type:F ++Output = 49f5fb8862a4f01900f9f76d6146f181483428beadb000d4f5097adf59c5eb99 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:A ++Output = 50afb2f3b8a3bc466b3a68f04da0d56c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:B ++Output = b8672a8cc59ee1316fb9a2c0a82ffd73 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:C ++Output = d854cbdb8f7544b796f982e4973d4de9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:D ++Output = bd6bde82c451ee39069d0794f7000f38 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:E ++Output = 270794ec70fcd9d742aad66c54001b4c218ae8cca813453560a9aeaacc6909ec ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad ++Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 ++Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 ++Ctrl.type = type:F ++Output = e967df7571a0eb82f59ddfead22c617beeefa25ce4afd80ac8320bc2635c70d0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:A ++Output = ebb3d10f461d8697a064461822f34507 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:B ++Output = bb95f9cbed695529fd7977281332100b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:C ++Output = da1318a6a34224cc86c9afa41991db4b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:D ++Output = 091f8fa87a01c5768de8d663ba8bf9d7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:E ++Output = cc09127a759000f3bd9724fbf5285cd680ee323ffc19cf2f495403f896587317 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA256 ++Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 ++Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 ++Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 ++Ctrl.type = type:F ++Output = a3ceddafc49f7c0131ce2965945c3892be6605b465877bc0637685612ede242b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:A ++Output = d31c16f67b17bc69 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:B ++Output = 675340f27269e7ae ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:C ++Output = 2ffed577a90d29872ea59f3782c3b406908d7394ff63c9d7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:D ++Output = fae751987c1fa8665e4387e410297db58ff69b260a8fe85f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:E ++Output = ff2db5975edf3824325b257455791869434c6af47fb0c8145253c2695abfd2b8c980565ad20e6b9313ba44ee488bafb0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 ++Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a ++Ctrl.type = type:F ++Output = 85a9463cd653c7619d4dc85006406d6ed3364220419ca13810301be0f0389d932ddeaebb0e504a0849e2e73a7d087db2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:A ++Output = 93323451441b761f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:B ++Output = 3dbfdc2364807ecc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:C ++Output = c699e3488f825fb24c5e2adc699ec83a5d8fce339fa0e9b0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:D ++Output = a250b13da0716f2d4440cc4cac01a2d591002ebfaada9758 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:E ++Output = 76966a1b7d5f250eea3696077a373b9421e8294dd7cb0aedd172cf9c6879ef34c9deb9c208f11c5d4b6fd713b576894d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b ++Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e ++Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 ++Ctrl.type = type:F ++Output = 28a66e21fe7f8a070fe40ecf68a64f2a35a46b84ac38810902639906611053832179d5c07a8422993496059af67f585f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:A ++Output = b0db344b1e2e98d3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:B ++Output = 29fcd6a7d317f527 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:C ++Output = 156f9d4c58d7783959e785af3fefb133662009b93891bff7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:D ++Output = c4bc4471e2c7f04dbef9100977e222f4156a7118a122f6cd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:E ++Output = 5878fdbf693638430e31b287ad8cfab560d952d7a828167bd0454e0c8aa14274c7c0c1921a31575f77fd80144e6d2999 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a ++Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 ++Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 ++Ctrl.type = type:F ++Output = 1fdb34ae9d2f12363350dd5aeefe728066500a083668ac2d48af671d7651a67acdf9b7a0581b922e67278d53f0b2fb17 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:A ++Output = c828150149eb433a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:B ++Output = 45636e088875de58 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:C ++Output = 75da9408e65f61dac9dafa496675214b0d84b0e66feb68fe ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:D ++Output = cb7897fdeb2c235be5812d1959cb55907ff02a9cf6c76c17 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:E ++Output = 13a8062561c28c1bc678a019b22da95aa462f82cfff6268876ffe2fddc86536fa4d19bdc15d90c1cff4d37e69f1fc021 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 ++Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 ++Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e ++Ctrl.type = type:F ++Output = 69437ec44d764caeb89faebf7b8577b433677abcb0c58f166a5e5724a4eb293d335004d412c983d4c7aca4df1b8328fd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:A ++Output = b669e05aa9706468 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:B ++Output = 57f943111ca01b15 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:C ++Output = e9aa354b6b85f357d6f982fcc18a6ca797bd7a125e786f8a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:D ++Output = 199d2b244689bfc4f807f225a7130a069c8a181f5b20d32a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:E ++Output = 69b55cc82d0429979a3832a3be35483596ff1d26a0c1a62944695764f0eb85c3467528be225db2f516e79f23c0c7c23c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 ++Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b ++Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a ++Ctrl.type = type:F ++Output = 6e06df643269751dfc9c8decefe466e1ab2ab99466661aa6f0dfab223c3b9bebcaed4c19cbc4109dfacda81cc8f902eb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:A ++Output = b2ada53484907db5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:B ++Output = 89224486fcb33030 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:C ++Output = 38ccc00303d5aaf748f3c11d986b99f9bf36049a6f7ea92f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:D ++Output = f8a7a4b2e1d28c6a38e120a2cb876ed49f454ea2aabc3a99 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:E ++Output = 9f42ab15d0b041019960ff6a5a12e209c427dc334434126399fb8850ec8feda957b74f1976b4c8a97906d7d64c5c2a83 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 ++Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 ++Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b ++Ctrl.type = type:F ++Output = d383bedd3b80ddc470db9b819893e85dfab9e359e40bc77576e23ed8c5e73beecefb511ccdf1eb66416c271be5f90199 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:A ++Output = bac9e6c9553bba95 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:B ++Output = f29bdc017028a9ca ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:C ++Output = 840f7e966d633f57bf6cfb3e6aa6bb1435bbea5822c9db0c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:D ++Output = f78b485e49bf72584e45de78fbd75392e3e0b1ce2a57e7a3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:E ++Output = 9dcadff513667aee5e2fda86c4a198db4252a9311635d3659db957570e448f3689444dd3e10d6097a07dba923db349ba ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 ++Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 ++Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 ++Ctrl.type = type:F ++Output = 5e7915ea90a0d81e3c2ada00c85890b6defbb64f45ac4f0e75b22cf6187978e630f356207c97362862389a1ef99fb51a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:A ++Output = 11811427eaa92d61 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:B ++Output = c13f22e0bd66a551 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:C ++Output = 2b9c9c8ecae95d75472495363ca2d46dc79babdb2e0fda40 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:D ++Output = f466d9b9871c1482c699a5d9f8636a041adb60920c6af855 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:E ++Output = 1ecda0252461bd08960c54ba7c570e80715780e5e99ca0f754a3d451409ed2df928daab91ed6b4044fcc68bd5f907c96 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd ++Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e ++Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 ++Ctrl.type = type:F ++Output = 202e4e3dda18306c7fa518ea849cf3a4788dbc5305f71267ba69fe8920d3b18d9fc59853a4d03b18480269698e24c190 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:A ++Output = 86183fd862bf42af ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:B ++Output = 04e146b085c71253 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:C ++Output = c4364d4e0e38fe4c5fc2b2a3ad42e49a57106ffa962f4c5e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:D ++Output = b9d1549032bf336c8708f13d8f5d281d696b8bddc296e709 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:E ++Output = c7ee72c40b26fce673ff23edea3265dfeb7b7f6fd66362bbc91548fac1819a08682c65c7d69d5e54e1c48b05e7233adc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 ++Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 ++Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 ++Ctrl.type = type:F ++Output = 8b52078a6d45dfaa051193da8f9c8a18bfd0c058e7be145d0c4b5b677eec54a01f9e2a20c997e9c0a1ede9576800cfe5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:A ++Output = 54f4be4a33dfa102 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:B ++Output = bbb084483803aab4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:C ++Output = 466a038b3a5c0d72cf19cf33e5a551437933dad54bfed655 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:D ++Output = 44e09698e473edc642256e99bfbfbeab1db3e254d64a3ab7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:E ++Output = 8e35d767e738c4282ec1925ba5d59dad723b7220c10ae8b69c9eb3da124ac1bea8195f5ecc1c3b03953938cd1e0e190b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 ++Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 ++Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 ++Ctrl.type = type:F ++Output = 63e5c62c4e6f2700bfa5927ca2e730101c12a684808ddd6cf5f9da2bad3b49ba3d05d4f88a3a91f341ad2b63952e7db0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:A ++Output = e46fdb8c912658c34b7d509f6acc1111 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:B ++Output = 959c339aaff2e2ed46da46c5286ddf3b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:C ++Output = a1cb0f9c7349d6443494df14b4bd9aad ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:D ++Output = cdcd2c2ccbda238e184058b76757ed5d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:E ++Output = 026ae927b4a5b63a513c02faac55534dae5c219779f08e239f67df78c52be743aab628607e5a103127450ea51833eb84 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a ++Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e ++Ctrl.type = type:F ++Output = 759fd6bd386f4825e644521edfce4187a7104ea7380f2c6c5e283f205c7c025be46c5ee73bc54a956f268c2031026bf6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:A ++Output = a433ac21ceda36a9d98abec722b2a5e7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:B ++Output = ed580c2c7890d5f3da87870d71d96300 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:C ++Output = b310304108476a31154febce2bfcf44e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:D ++Output = 63d729b0e32d9d7efe7efdc6111489b7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:E ++Output = 7443a278e0c47e4004ba1c534dfa5c460670d2dd4459a6dc7251664da187f633208f6c06470f6aed6148820187f35a25 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db ++Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 ++Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 ++Ctrl.type = type:F ++Output = 37500b699935ab38b9185018d3676f221dcd6643ba4cf3dccf8ede7ba2f0513c27ad2324158ae98df4e7fb52ffb96526 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:A ++Output = 8ad38b03467ef0cac638f93b156e1c05 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:B ++Output = c9a867164cad7619621c2390039db88f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:C ++Output = 28d6e6a69e686b3b2ca02c7595b6a565 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:D ++Output = a3486f9014731b15530dba7498d4b2ff ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:E ++Output = 9640b7d6c1351a44dcd430f9728083949adbd8f3c47f1c7358b41d99730f0eeef9f8634cc99207b8d998c8aeb0085e4c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e ++Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a ++Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd ++Ctrl.type = type:F ++Output = cef923f7cbc47534d9a6da613eea02117b19800995f66df9e49291203ad15e5d29cc08df86200bf09ca091b37cc45432 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:A ++Output = 1e2fd838058e4569de0699e57eb9bb30 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:B ++Output = d338052b2288e99bfdd16b5df26e3d3c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:C ++Output = 020c58037db045fc2a20a9b12e34205d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:D ++Output = b1e7b4361aaea7f9656151723c21b9a2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:E ++Output = 67d80666ba420d07153530859fed5a3a2f4b6decd37575714d4826f41a96a1638b89399cdd752af7f6ffd3db0214f0c1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b ++Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 ++Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 ++Ctrl.type = type:F ++Output = c3fb2ab670e39885cbb98a4609d69a90afd37d383512ad222d63c9c6f1009e2a42065a232ab5b39f55247f8bf9e6ab2c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:A ++Output = 6e9bb7681d56457fd93aea6d40860dd9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:B ++Output = 5d19ce6c6b16c5f2179753a7abdff3e4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:C ++Output = c550416e8ea0608a09051cfffe0494e7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:D ++Output = 33c9f3f03de395cef067684cb5b95200 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:E ++Output = 99071b0615bdec08d040e731828028fac9a16d367b86d2d1302b607cd39ac9678ae7f9f87eb619fe2ba75d54da3b07d1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 ++Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 ++Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 ++Ctrl.type = type:F ++Output = a11fc539c46d9314645e1f7517e19794a6ba4bf7d7d5a6f71bcb4621bfdedeae3bbcaa62fb638d994d1f21d14f5777d7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:A ++Output = 876692595fbf1239e03b1eb28890cedf ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:B ++Output = 438afd7eae8454675ed5964122fcbb9e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:C ++Output = b9cc0e2718c5853e0aebb43409fcaaef ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:D ++Output = 8def9f93e633ac2d28a7c5b76567a4cb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:E ++Output = 3d80ed20f0703857154bda8531b12b96cf73aedfc662df6faf277321be6e38c904bfbd5f9206607684ac331dfc92bbbb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df ++Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 ++Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 ++Ctrl.type = type:F ++Output = 736e77ad5a8fac835795ab08522d834e34a4cbc48439db2845cb1d8636a4dcfd49a7ac5413713a8177c277eead96a0ff ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:A ++Output = c84a4fcd4ade28805b032174428a6f27 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:B ++Output = 27b0de69f3bc7d79d2f6b54101f3e10f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:C ++Output = 3200c39e6ed260f4f345cbd0c88cac1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:D ++Output = 7b9e506a1baede9b80dff09253a9ab88 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:E ++Output = 3c860ae21a5dab865eb560ed9ddf51775d3b6603e4e06285cf5e9273115a77d8d5ddfb977fd21c0a70c35798a5ef596e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 ++Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 ++Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 ++Ctrl.type = type:F ++Output = c53cfa0836ac21bb13c58ed15ddf593e8e01c7437587112ba013058d411d262d87a5e56c098b69146d9019803206ef91 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:A ++Output = e34b595f755ff42a33126d8efabe1ec0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:B ++Output = a873f52aa3b91a8dd019be8358c04de6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:C ++Output = fce5c490a769fbd4aa31b0f5c7aad86b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:D ++Output = d36a9b7d2c63675d2b250d5a97b0e628 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:E ++Output = 92c8f89f84575cebb9c37be3a488d0b0312a12d9253dbada7db1318f5a193d4f8f75a212a75c1123bca89d5de43cbf08 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 ++Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc ++Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 ++Ctrl.type = type:F ++Output = 16dcf1bd1aa4d5d6edc2d2b23792872f53767d6b2589e4700469a9bbbbb659c1c8716393fe1ed717833f491cd32d874b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:A ++Output = bbdc47242c877cc70585a5d9f0b8067d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:B ++Output = 6dcc6458af049a81a6d3139c2725f67d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:C ++Output = f788d0b9ea5373031d44972fad39d8e6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:D ++Output = e939b1367ea35c67ea990988c3c0c474 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:E ++Output = 069629f693b4d291ea6f16355eb4c57eef7824217d22651af095aadac27a789314fee4e86efa9bc63085a8ebfc606548 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa ++Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 ++Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 ++Ctrl.type = type:F ++Output = 731107905e3b9b36ba3dca504b35f1a51e75e2a3ee2595ade882c21410d439ec1ec31fbc62e64362a5fddc0f39e76da0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:A ++Output = 8e1af4ce3b9aa9f1e7493775f8846ac0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:B ++Output = 1796cee0aeb39eb1fbbaeaf15d600832 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:C ++Output = 7a7485045a2f8cc86f82c8486f8e9f59 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:D ++Output = 00a9d893e8c14aa3a316163d50d83378 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:E ++Output = 46133b1cbab3e04043a1b336db99575183d5be76f9d56556493a8d4a8da37a020ae379ff2d470a99ca7e9d2b1cf85cb4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA384 ++Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 ++Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 ++Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc ++Ctrl.type = type:F ++Output = 9221abcc3db5a557cca60408e65528e937cc3673b548c350924cd9e6387de526f5cb35a0bbe4020c47318b59d1a0527d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:A ++Output = 0e2693ade0524af8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:B ++Output = b13144de02295bb8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:C ++Output = 7e4a721fb7379ebb423306464d57db46afa3cca10a1d7feb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:D ++Output = bb84123b1fac400e0df4767d78d011427e1edd4d4c934b95 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:E ++Output = 00fb0a45c650dd9c95666b0c7fcea8c98f0562f61b862054ee400aec875dbbc2bdef4806c09217709a5050569312efe3af513e7aa733c72457abe1607ac01c13 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd ++Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf ++Ctrl.type = type:F ++Output = 70a8005e711fb96dea5991cb68831b9e86005821b45ceaf958c13d5c87cbd2953d0877c267796edf8c7fb3d768bb26b74e542f40bf9ac9f6a9d217077e85f511 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:A ++Output = c75c77791f7b67c2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:B ++Output = dae1e8bfab1b4b7e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:C ++Output = 0e79f5b685ebe77ae6d62c344a5dd0f53502523a28e2b408 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:D ++Output = c5ec1aae5d26c2c5fe769576eb1b75c53d3dc67d452dca1c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:E ++Output = 6bc4e5d6049c69a8ffbf93c7617b6a168bd0f14d71471d199b81729250117272ad102772761a8c0b5d5240e589e48a4f85ab8c3e1bd030327e7c87428ee44d13 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 ++Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 ++Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 ++Ctrl.type = type:F ++Output = ce109babe86778542856e3934be12decd239120a4dcb948a0154c4cb7b8ac0a4a3cbd682698086123e6c0481ee351bd9fedfba58d37f7814ba9c2b584f6cfedf ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:A ++Output = 6a71fc98f044591d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:B ++Output = 9f1a35a5c79014c0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:C ++Output = 377901cc72e4c06e30e27b03902f65c4a58b9d3f5cf43431 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:D ++Output = 82a9db94ea5c15dff736c3074a34951e828c8dfa3fef8596 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:E ++Output = b3ce0202c966df307a0729a4bb3fcd0ee55d4c521a144ecd285a470830f60685b2d751883d85ccd29fcc2481f3f442fdedd58d17528e8c4fb28473ee5e539706 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 ++Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f ++Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 ++Ctrl.type = type:F ++Output = c1ab7227f919cbda46cd6ac2bd4bb2ee5bd586cc55c7c1cb067df4c9a23209f716ff5e97ed76ebbc0354d683c5369937ca8db4cecf9e6c40886a186d9c4e2366 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:A ++Output = 3832bf21b907daa3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:B ++Output = 4e04d7787ba7fa68 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:C ++Output = d7be949edcfe4e4b877de1cc6a861fa721e137bf3dd1bb27 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:D ++Output = 5361fc87e24ec3031d97f0099766ac9ff7b8f91ea87666de ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:E ++Output = 40a6897606035ebb04907fa15e1545a8973b9b09423f3786be4bcb8db9e4561e0385bcf1e3c0cece5a788e9852ed1da56963f36bad78fede21405ce3ea92a3b8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 ++Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 ++Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 ++Ctrl.type = type:F ++Output = 727f9bade9334f97486f479c88614ce96b8cbc803a544fbfaf5fcaf0499a1b8edeb59daa1a824ca9b165879c63d9f0b6464bcd3121fb1ad29b38864fbaac7741 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:A ++Output = 3f077a02dc957eb1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:B ++Output = 3cc158e348e64a0a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:C ++Output = 8770fb6792c2fc16a60c9f45c8d40db684fe52de7c60b482 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:D ++Output = d417a07f1070a2e628424fa990ef436f137725a7cde43f1b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:E ++Output = 20b810e4f6a540724f269194e37969a10e340d45c557eabe72c41f08a9fad85ab44a9c362e7fc5eea9ed5dd9b84cc837d2aaa46ee71b355cb1dfefa8dc544d1e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f ++Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 ++Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 ++Ctrl.type = type:F ++Output = acd292ab652b49c7c2a5a35b93c31a71eeef8a629cbc6b1c782994ebc7566f7b0ae536cc0ccfe881bfd8cbfaff391fe23568fa5692198f188deff0c6d0808160 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:A ++Output = 7cf213cec41701ff ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:B ++Output = 81a44f6f95fff954 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:C ++Output = e1610d85ea2c24b4af18076c2d7dc0c3f3b3bf1c8df232a4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:D ++Output = db146cbf4923693449b857fa927d112f3c8bd1bac73f618a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:E ++Output = fac257f4544a0aa77659642c33a421cf27b2216a57399ff8ff48baab37519ce9c27f93bf447a02b3c10d9f9c6201745ed6ae28a13ff85e949e0e8048bf31e0c8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 ++Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 ++Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 ++Ctrl.type = type:F ++Output = 8532a1014a5a2feba5730823b0fb1781a7782a73f95a97697aedf60997e6cdf5107387be820b74c0e43e8caf42e83bbc703c6cd9d37b0e720aeacc115ce4633e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:A ++Output = c5dffc4eb99a1c36 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:B ++Output = 13cb7467ddf8ea7d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:C ++Output = 4d77a9a1a36500d9ea0389e3813a201fb9b30751d1fcf0b3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:D ++Output = a0e4ec099492c752b98013d2176af6e601eeef3cdc2029a9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:E ++Output = b4035effa78e6da307f4c096226150e5cab92794192bba492ff8576da3fdbbfdc87fbf79721de0e8f38647261dcad096fd536c4f724f09782a4b684902a4b979 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 ++Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 ++Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 ++Ctrl.type = type:F ++Output = eae8776eddb75cd4d14d2db129172bab92f0c8d2c8a439d4b63824c23e7481af502a45d2ebee77f3a801d658b59f6cbbdb797f479787ae4d5839b7ddf49ff908 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:A ++Output = 31ef8e737ec154c0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:B ++Output = c0bb41f2c51a0503 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:C ++Output = 3f9058812f36f302dc5ada7de8f4271c435dfe4589f22a00 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:D ++Output = b342a447abcb67f6819a19b8b300946c89739fabd049a6e0 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:E ++Output = a5d70cb0a3e351be09b9600c9b97f2781236bf549209a1fbf3304af145af0941c6cd9923f1f30cec946e8dea96332d284e01a4d8bcc90721fe2e515504073cb8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f ++Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a ++Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 ++Ctrl.type = type:F ++Output = dbc3ea086a49e220306cbe57b942d9409cbd205dec20c7b79fd6998906d173bcb2bc2eb5b7eea4c1d84f3926836bd15e0565a17af735596050d6161d9682f2e7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:A ++Output = 19d6bc79713a4622 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:B ++Output = 7de9caf89d325dcd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:C ++Output = 1d5391d658abb9ec1b8df32cbf1db9a302a1301984ab06d4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:D ++Output = 5d37dab50814543d8d8674f4f491d73d21973f20844c96a7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:E ++Output = 3e882ae390a64c34f509bc9845df581987ae2524b2ff92d9243580168f32fa68750f3f732c8c5544c98fc585582fe743efbf55dd6c487fb5f9ffac1a156fa31c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 ++Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c ++Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 ++Ctrl.type = type:F ++Output = ce4bcf9cabe7ee7c0e216e64e5427ebd38cb41ba9e9a6d9ae441ca47d9278347a59afdf758ae7f7fd667ed3830bf9a33d7badfd40e2112580af514da9464a6d1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:A ++Output = 93fbb01815b63533 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:B ++Output = aea76dfe77a87471 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:C ++Output = 73a55e25a0a8ec0899c1074bf0845fefd84e42f741897a3f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:D ++Output = fead3a851502aa3c58734065eeaf3e63ed4c59c8f450bb1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:E ++Output = 55bde99a692820ad809eb0a62311f8f3e9469ba2ee4d782d5432628ca52d829b9c5bffc41b58232363f97c5dab603268b1997fbe9b9b34ab2aca3da27467b0c8 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 ++Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 ++Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 ++Ctrl.type = type:F ++Output = 756f65746c861f0985f3dd7d2f08004897ccb22be2f1d3b4791ca0c51d5ee0da776dd03d7dfb7f4db6c6cd37899871e63d75f7f60dff8348c313e99409ad2db5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:A ++Output = a626c34c0a74b56262110185a34cd810 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:B ++Output = 223d6fc57263da9ad61dad9759454e0f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:C ++Output = 7c803e07506969666f446400b2372eee ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:D ++Output = 4ad705fbc9e89c03c15f9dbbf34981df ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:E ++Output = 36cac32cab8b943cd9d2142559c467593bfaf30d0be71560245c8b38a5671901a858ccc637b0ef6966a2bbfb1a7f51f2cf6d52c4165ca000d52bd908405c305f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb ++Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 ++Ctrl.type = type:F ++Output = 67d42301ce629c0f2a34b9dfb24ec60c138b4edc71f7123bb0db9447b3c915ebd8c54d3b20af04e30b484be3a2d4136f5d5c46f9c56de189b91fec78ecd53e1c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:A ++Output = 8ebbf0e9afd9f108498f1543104ba8e2 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:B ++Output = 38bfe6bed75f77675fa36d76b63816a4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:C ++Output = f759f0ad2d72980f6b12f0fb317222f3 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:D ++Output = 39f294ec25afb520f5d7f1064b7078c9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:E ++Output = ff2ad139997ff26e7f4393e49d57d5fc973ddb6225d8f4b5fe990e46b9943772f0d33aa98d01089ff0aeb5740bd388ada35dc44240180c99e522c817dedfc2cd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a ++Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 ++Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 ++Ctrl.type = type:F ++Output = a670c9583c71f403207a192700d5e4fd7a007b60a4617b7f93708399a0cb771af08b9e5f4237e6975f055d6f0a4d91523fa0805013df6ae4a19f077646f1cd4b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:A ++Output = f68353f802d39a43c728641e44087cc5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:B ++Output = 23c2377f826f77519871941b62cb9fdd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:C ++Output = c92b86a099e2605037d531746a6af7cb ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:D ++Output = 1517de253a5b9f7d9c4c3f234b27392e ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:E ++Output = be48a82cd246cf4d6ddb397a39f1ed62d98b5265e75190624a523033796d05046d63e0810b4b7a6efe9b834cb043871203638557063968910ad1cfa0abe62bb1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 ++Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 ++Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 ++Ctrl.type = type:F ++Output = 0c9af3775d5dc49a1b9b85fa18420ce1ca10d5159f83f9e078c217289688639dbce5f85665f866d8f93b2c6823bc7b2655830d8bb51fba945ce6eac2b0e6ce8a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:A ++Output = 7b802a74d216a41f7708c597b9053223 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:B ++Output = 355223971bed70b804d191b64cde39e6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:C ++Output = 925f2b036ac2682e20f022377499c3e1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:D ++Output = 37ae2bbbb1603c07d5274fc8f57126dc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:E ++Output = 8b36c7e175797bf7bbb079ac5d06e6f7f62fc5a957e0fefab7df565eb72ae0586dbebad978975aaa35846de667b44b7174315b2b932f0be538fba76b92531019 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda ++Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 ++Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 ++Ctrl.type = type:F ++Output = 388ef310bce13188df3fd6285576041754a281548fcc6a212e0de564db661640320130e4df4a6ff31162edaa7ced5b7f05f3456f674ee8be0b03424142058795 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:A ++Output = efeb5305eda69b0bd6999b4a27479667 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:B ++Output = 806fca9189c02e7ec2a6459387b03506 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:C ++Output = 9e542282d0db345a6ba20eba7c5de531 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:D ++Output = 41e7962b57a67f75072f15a5ba405d15 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:E ++Output = 7bf8f25fd155e41d1dc85cc814704dd8732275b3a53dc1b8c6b330c08f307b5c0da31606cb7eaa1b37b2721f4a1bf70a6885c30d17d7acd32fcc894768fe4106 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 ++Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 ++Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 ++Ctrl.type = type:F ++Output = 66b8f8c1a38120c73cc55950455a69c426fda44b9c66c3becaf259dd57a620e5ed3a749a486d05eab52c289f489581cb655865d4388a81e79b06bd105e3ae858 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:A ++Output = 8f6ac18ff5300849be34602630bb4102 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:B ++Output = f2b45df2508656758529a1f4679839fd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:C ++Output = 3356d58f61bcca506058e0990c9821f5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:D ++Output = 78495438a5326cca5351a239545941c1 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:E ++Output = dcfc5d099f5040513f76b012ab62ee45d5d8271aec9cbbdd1e1f7e0806f363d21c2eca730f9489ee70fbc7490a1901587b1d418c0e4f429c8098cd793c6d285c ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce ++Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 ++Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b ++Ctrl.type = type:F ++Output = a75817465c73517bd7884dcd230464583ae491ae5e39330873cd7a967188022cad63e712c7ec261abdb34c01bddd8989dfce8f5d8a8cdbdcc305429b3fd93c76 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:A ++Output = 4fa1b8c53d25f7c1adb4810c46b48ae7 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:B ++Output = 3c453d0f50b7f41826e74e5cce5b5996 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:C ++Output = 22f47a00a5de0f56b3e586357eeebe57 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:D ++Output = 8d32d1945e93c4982bd106567f8e481f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:E ++Output = 9eefe581b1514160f81c94193d374d8f85879136e9ae494c487119b1974aac3e143948f656c1c1e837ff1368ef0d997cd3ca9f46c71056269eb8a1da8daf5678 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 ++Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 ++Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 ++Ctrl.type = type:F ++Output = 8dd76f59e6692ff642894ee1bb147f3e1490cac944af29de6b2b5abcc4ab9eb41d236e9cd2f40cf83935097f307a246d7b35005dd302bacfe7e4fed37d2f46e9 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:A ++Output = f335b3ab270d7e686c5e023b3a2da75b ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:B ++Output = 857c9245c67bad84b7377c424c5e7e7a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:C ++Output = 1c44ef56440f5856bdfd951305fd81e4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:D ++Output = 8d3496ac631bb3588abbb13d4ae2dc2d ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:E ++Output = ac7899494cfcebbdaa8ee7c343a0a458228a0a5e59730c928e9c8775487e57c3a5f34fdb72c1b3b57cc35e0356e4b7c6a56368e74c68a017538a5b484886ec81 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 ++Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 ++Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 ++Ctrl.type = type:F ++Output = d32d849b488594d0b8efce91604296393b2240121f2ed51fb7c0bb5b371c33775d184ffaf3028306bc8040b21887f6885e5916ae158ef74a3ba09a1f30654f1a ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:A ++Output = 5aa8ed531557a1dc934ed667029e062f ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:B ++Output = 11a810c69785949d5a0ef6eeff960fb4 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:C ++Output = 54e9402e4f85b08c271b2a9f15d56c75 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:D ++Output = 838209e0ebe7626cf6482f25c7774bfd ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:E ++Output = bc62048ddb762ac50336ae0e91a402cc78e73472fe180756a4686299967d2904318b8ad1b8dc622edd75e9ff0e74f7fcb8a1f8acb86e2567a5167084c648c7ef ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 ++Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa ++Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 ++Ctrl.type = type:F ++Output = 4e9644a01a3fe6c3f4f5aceddb00e2584e277354aee6392a1a5aef05024d37fcf25ff46fdd8fe52e7d1dd9a96e77328aadf44b8fc92ac22a14f63d64ad0db621 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:A ++Output = 77cb432c67bf0ae658aa4e34376d01b5 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:B ++Output = f55c74d112746001d8908edd347d7e69 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:C ++Output = 34a48ab90890b385198ea6bf8c50c3f6 ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:D ++Output = f2b6046d3439c50a9000a63909146abc ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:E ++Output = 70357486ca57c93418c6705b731b054bc41be03289c25a5ed29a937732807ae10a3604486c53d1f2431411808d87bfbaa6b25971fa2e4ec3719b5d2622aed2ff ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA512 ++Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e ++Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 ++Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 ++Ctrl.type = type:F ++Output = 4e6428f7a87455bdef6026cdf68a2f6d93d6cda5145d6bca60ee4eb2d6248b399f6568c65ec92cee8d9b0c7fd83053c91c5be72bf96b5904080624a348243899 ++ ++Title = SSHKDF test error conditions ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:A ++Output = FF ++Result = KDF_DERIVE_ERROR ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:A ++Output = FF ++Result = KDF_DERIVE_ERROR ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:A ++Output = FF ++Result = KDF_DERIVE_ERROR ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Output = FF ++Result = KDF_DERIVE_ERROR ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:X ++Output = FF ++Result = KDF_CTRL_ERROR ++ ++KDF = SSHKDF ++Ctrl.md = md:SHA1 ++Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 ++Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 ++Ctrl.type = type:A ++Output = FF ++Result = KDF_MISMATCH +From 148cc5ee246e108b1e7332035037bab53574b0a9 Mon Sep 17 00:00:00 2001 +From: Simo Sorce +Date: Thu, 18 Apr 2019 08:26:29 -0400 +Subject: [PATCH] Change the digest string from "md" to "digest" + +Conform to other modules which were changed at the last minute and this +discrepancy was not noticed. +Retain "md" as an alias so not to break 3rd party backports/tests scripts. + +Signed-off-by: Simo Sorce +--- + crypto/kdf/sshkdf.c | 3 +++ + test/recipes/20-test_kdf.t | 2 +- + 2 files changed, 4 insertions(+), 1 deletion(-) + mode change 100644 => 100755 test/recipes/20-test_kdf.t + +diff --git a/crypto/kdf/sshkdf.c b/crypto/kdf/sshkdf.c +index 300e1adbb23..f585e8a0d6d 100644 +--- a/crypto/kdf/sshkdf.c ++++ b/crypto/kdf/sshkdf.c +@@ -125,6 +125,9 @@ static int kdf_sshkdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, + return 0; + } + ++ if (strcmp(type, "digest") == 0) ++ return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); ++ /* alias, for historical reasons */ + if (strcmp(type, "md") == 0) + return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); + diff --git a/openssl-1.1.1-system-cipherlist.patch b/openssl-1.1.1-system-cipherlist.patch new file mode 100644 index 0000000..a70f20b --- /dev/null +++ b/openssl-1.1.1-system-cipherlist.patch @@ -0,0 +1,310 @@ +diff -up openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist openssl-1.1.1c/Configurations/unix-Makefile.tmpl +--- openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist 2019-05-29 15:42:27.951329271 +0200 ++++ openssl-1.1.1c/Configurations/unix-Makefile.tmpl 2019-05-29 15:42:27.974328867 +0200 +@@ -180,6 +180,10 @@ MANDIR=$(INSTALLTOP)/share/man + DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME) + HTMLDIR=$(DOCDIR)/html + ++{- output_off() if $config{system_ciphers_file} eq ""; "" -} ++SYSTEM_CIPHERS_FILE_DEFINE=-DSYSTEM_CIPHERS_FILE="\"{- $config{system_ciphers_file} -}\"" ++{- output_on() if $config{system_ciphers_file} eq ""; "" -} ++ + # MANSUFFIX is for the benefit of anyone who may want to have a suffix + # appended after the manpage file section number. "ssl" is popular, + # resulting in files such as config.5ssl rather than config.5. +@@ -203,6 +207,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -} + CXX={- $config{CXX} ? "\$(CROSS_COMPILE)$config{CXX}" : '' -} + CPPFLAGS={- our $cppflags1 = join(" ", + (map { "-D".$_} @{$config{CPPDEFINES}}), ++ "\$(SYSTEM_CIPHERS_FILE_DEFINE)", + (map { "-I".$_} @{$config{CPPINCLUDES}}), + @{$config{CPPFLAGS}}) -} + CFLAGS={- join(' ', @{$config{CFLAGS}}) -} +diff -up openssl-1.1.1c/Configure.system-cipherlist openssl-1.1.1c/Configure +--- openssl-1.1.1c/Configure.system-cipherlist 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/Configure 2019-05-29 15:45:10.465469533 +0200 +@@ -24,7 +24,7 @@ use OpenSSL::Glob; + my $orig_death_handler = $SIG{__DIE__}; + $SIG{__DIE__} = \&death_handler; + +-my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; ++my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; + + # Options: + # +@@ -41,6 +41,9 @@ my $usage="Usage: Configure [no- + # This becomes the value of OPENSSLDIR in Makefile and in C. + # (Default: PREFIX/ssl) + # ++# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM ++# cipher is specified (default). ++# + # --cross-compile-prefix Add specified prefix to binutils components. + # + # --api One of 0.9.8, 1.0.0 or 1.1.0. Do not compile support for +@@ -295,6 +298,7 @@ $config{prefix}=""; + $config{openssldir}=""; + $config{processor}=""; + $config{libdir}=""; ++$config{system_ciphers_file}=""; + my $auto_threads=1; # enable threads automatically? true by default + my $default_ranlib; + +@@ -824,6 +828,10 @@ while (@argvcopy) + push @seed_sources, $x; + } + } ++ elsif (/^--system-ciphers-file=(.*)$/) ++ { ++ $config{system_ciphers_file}=$1; ++ } + elsif (/^--cross-compile-prefix=(.*)$/) + { + $user{CROSS_COMPILE}=$1; +@@ -1016,6 +1024,8 @@ if ($target eq "HASH") { + exit 0; + } + ++chop $config{system_ciphers_file} if $config{system_ciphers_file} =~ /\/$/; ++ + print "Configuring OpenSSL version $config{version} ($config{version_num}) "; + print "for $target\n"; + +diff -up openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist openssl-1.1.1c/doc/man1/ciphers.pod +--- openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/doc/man1/ciphers.pod 2019-05-29 15:42:27.975328849 +0200 +@@ -182,6 +182,15 @@ As of OpenSSL 1.0.0, the B cipher s + + The cipher suites not enabled by B, currently B. + ++=item B ++ ++The list of enabled cipher suites will be loaded from the system crypto policy ++configuration file B. ++See also L. ++This is the default behavior unless an application explicitly sets a cipher ++list. If used in a cipher list configuration value this string must be at the ++beginning of the cipher list, otherwise it will not be recognized. ++ + =item B + + "High" encryption cipher suites. This currently means those with key lengths +diff -up openssl-1.1.1c/include/openssl/ssl.h.system-cipherlist openssl-1.1.1c/include/openssl/ssl.h +--- openssl-1.1.1c/include/openssl/ssl.h.system-cipherlist 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/include/openssl/ssl.h 2019-05-29 15:42:27.975328849 +0200 +@@ -186,6 +186,11 @@ extern "C" { + * throwing out anonymous and unencrypted ciphersuites! (The latter are not + * actually enabled by ALL, but "ALL:RSA" would enable some of them.) + */ ++# ifdef SYSTEM_CIPHERS_FILE ++# define SSL_SYSTEM_DEFAULT_CIPHER_LIST "PROFILE=SYSTEM" ++# else ++# define SSL_SYSTEM_DEFAULT_CIPHER_LIST SSL_DEFAULT_CIPHER_LIST ++# endif + + /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ + # define SSL_SENT_SHUTDOWN 1 +diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ciph.c +--- openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/ssl/ssl_ciph.c 2019-05-29 15:42:27.976328831 +0200 +@@ -9,6 +9,8 @@ + * https://www.openssl.org/source/license.html + */ + ++/* for secure_getenv */ ++#define _GNU_SOURCE + #include + #include + #include +@@ -1399,6 +1401,53 @@ int SSL_set_ciphersuites(SSL *s, const c + return ret; + } + ++#ifdef SYSTEM_CIPHERS_FILE ++static char *load_system_str(const char *suffix) ++{ ++ FILE *fp; ++ char buf[1024]; ++ char *new_rules; ++ const char *ciphers_path; ++ unsigned len, slen; ++ ++ if ((ciphers_path = secure_getenv("OPENSSL_SYSTEM_CIPHERS_OVERRIDE")) == NULL) ++ ciphers_path = SYSTEM_CIPHERS_FILE; ++ fp = fopen(ciphers_path, "r"); ++ if (fp == NULL || fgets(buf, sizeof(buf), fp) == NULL) { ++ /* cannot open or file is empty */ ++ snprintf(buf, sizeof(buf), "%s", SSL_DEFAULT_CIPHER_LIST); ++ } ++ ++ if (fp) ++ fclose(fp); ++ ++ slen = strlen(suffix); ++ len = strlen(buf); ++ ++ if (buf[len - 1] == '\n') { ++ len--; ++ buf[len] = 0; ++ } ++ if (buf[len - 1] == '\r') { ++ len--; ++ buf[len] = 0; ++ } ++ ++ new_rules = OPENSSL_malloc(len + slen + 1); ++ if (new_rules == 0) ++ return NULL; ++ ++ memcpy(new_rules, buf, len); ++ if (slen > 0) { ++ memcpy(&new_rules[len], suffix, slen); ++ len += slen; ++ } ++ new_rules[len] = 0; ++ ++ return new_rules; ++} ++#endif ++ + STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, + STACK_OF(SSL_CIPHER) *tls13_ciphersuites, + STACK_OF(SSL_CIPHER) **cipher_list, +@@ -1412,15 +1461,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + const char *rule_p; + CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; + const SSL_CIPHER **ca_list = NULL; ++#ifdef SYSTEM_CIPHERS_FILE ++ char *new_rules = NULL; ++ ++ if (rule_str != NULL && strncmp(rule_str, "PROFILE=SYSTEM", 14) == 0) { ++ char *p = rule_str + 14; ++ ++ new_rules = load_system_str(p); ++ rule_str = new_rules; ++ } ++#endif + + /* + * Return with error if nothing to do. + */ + if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL) +- return NULL; ++ goto err; + #ifndef OPENSSL_NO_EC + if (!check_suiteb_cipher_list(ssl_method, c, &rule_str)) +- return NULL; ++ goto err; + #endif + + /* +@@ -1443,7 +1502,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers); + if (co_list == NULL) { + SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); +- return NULL; /* Failure */ ++ goto err; + } + + ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, +@@ -1509,8 +1568,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + * in force within each class + */ + if (!ssl_cipher_strength_sort(&head, &tail)) { +- OPENSSL_free(co_list); +- return NULL; ++ goto err; + } + + /* +@@ -1555,9 +1613,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; + ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max); + if (ca_list == NULL) { +- OPENSSL_free(co_list); + SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); +- return NULL; /* Failure */ ++ goto err; + } + ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, + disabled_mkey, disabled_auth, disabled_enc, +@@ -1583,8 +1640,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + OPENSSL_free(ca_list); /* Not needed anymore */ + + if (!ok) { /* Rule processing failure */ +- OPENSSL_free(co_list); +- return NULL; ++ goto err; + } + + /* +@@ -1592,14 +1648,18 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + * if we cannot get one. + */ + if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) { +- OPENSSL_free(co_list); +- return NULL; ++ goto err; + } + ++#ifdef SYSTEM_CIPHERS_FILE ++ OPENSSL_free(new_rules); /* Not needed anymore */ ++#endif ++ + /* Add TLSv1.3 ciphers first - we always prefer those if possible */ + for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) { + if (!sk_SSL_CIPHER_push(cipherstack, + sk_SSL_CIPHER_value(tls13_ciphersuites, i))) { ++ OPENSSL_free(co_list); + sk_SSL_CIPHER_free(cipherstack); + return NULL; + } +@@ -1631,6 +1691,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + *cipher_list = cipherstack; + + return cipherstack; ++ ++err: ++ OPENSSL_free(co_list); ++#ifdef SYSTEM_CIPHERS_FILE ++ OPENSSL_free(new_rules); ++#endif ++ return NULL; ++ + } + + char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) +diff -up openssl-1.1.1c/ssl/ssl_lib.c.system-cipherlist openssl-1.1.1c/ssl/ssl_lib.c +--- openssl-1.1.1c/ssl/ssl_lib.c.system-cipherlist 2019-05-29 15:42:27.970328937 +0200 ++++ openssl-1.1.1c/ssl/ssl_lib.c 2019-05-29 15:42:27.977328814 +0200 +@@ -662,7 +662,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx + ctx->tls13_ciphersuites, + &(ctx->cipher_list), + &(ctx->cipher_list_by_id), +- SSL_DEFAULT_CIPHER_LIST, ctx->cert); ++ SSL_SYSTEM_DEFAULT_CIPHER_LIST, ctx->cert); + if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) { + SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); + return 0; +@@ -2954,7 +2954,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m + if (!ssl_create_cipher_list(ret->method, + ret->tls13_ciphersuites, + &ret->cipher_list, &ret->cipher_list_by_id, +- SSL_DEFAULT_CIPHER_LIST, ret->cert) ++ SSL_SYSTEM_DEFAULT_CIPHER_LIST, ret->cert) + || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { + SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS); + goto err2; +diff -up openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist openssl-1.1.1c/test/cipherlist_test.c +--- openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist 2019-05-28 15:12:21.000000000 +0200 ++++ openssl-1.1.1c/test/cipherlist_test.c 2019-05-29 15:42:27.977328814 +0200 +@@ -251,7 +251,9 @@ end: + + int setup_tests(void) + { ++#ifndef SYSTEM_CIPHERS_FILE + ADD_TEST(test_default_cipherlist_implicit); ++#endif + ADD_TEST(test_default_cipherlist_explicit); + ADD_TEST(test_default_cipherlist_clear); + return 1; diff --git a/openssl-1.1.1-ts-sha256-default.patch b/openssl-1.1.1-ts-sha256-default.patch new file mode 100644 index 0000000..d99dc47 --- /dev/null +++ b/openssl-1.1.1-ts-sha256-default.patch @@ -0,0 +1,50 @@ +diff --git a/apps/ts.c b/apps/ts.c +index 63c5210183..4ef8a72eef 100644 +--- a/apps/ts.c ++++ b/apps/ts.c +@@ -425,7 +425,7 @@ static TS_REQ *create_query(BIO *data_bio, const char *digest, const EVP_MD *md, + ASN1_OBJECT *policy_obj = NULL; + ASN1_INTEGER *nonce_asn1 = NULL; + +- if (md == NULL && (md = EVP_get_digestbyname("sha1")) == NULL) ++ if (md == NULL && (md = EVP_get_digestbyname("sha256")) == NULL) + goto err; + if ((ts_req = TS_REQ_new()) == NULL) + goto err; +diff --git a/doc/man1/ts.pod b/doc/man1/ts.pod +index 078905a845..83b8fe4350 100644 +--- a/doc/man1/ts.pod ++++ b/doc/man1/ts.pod +@@ -517,7 +517,7 @@ included. Default is no. (Optional) + =item B + + This option specifies the hash function to be used to calculate the TSA's +-public key certificate identifier. Default is sha1. (Optional) ++public key certificate identifier. Default is sha256. (Optional) + + =back + +@@ -529,7 +529,7 @@ openssl/apps/openssl.cnf will do. + + =head2 Time Stamp Request + +-To create a time stamp request for design1.txt with SHA-1 ++To create a time stamp request for design1.txt with SHA-256 + without nonce and policy and no certificate is required in the response: + + openssl ts -query -data design1.txt -no_nonce \ +@@ -545,12 +545,12 @@ To print the content of the previous request in human readable format: + + openssl ts -query -in design1.tsq -text + +-To create a time stamp request which includes the MD-5 digest ++To create a time stamp request which includes the SHA-512 digest + of design2.txt, requests the signer certificate and nonce, + specifies a policy id (assuming the tsa_policy1 name is defined in the + OID section of the config file): + +- openssl ts -query -data design2.txt -md5 \ ++ openssl ts -query -data design2.txt -sha512 \ + -tspolicy tsa_policy1 -cert -out design2.tsq + + =head2 Time Stamp Response diff --git a/openssl-1.1.1-version-add-engines.patch b/openssl-1.1.1-version-add-engines.patch new file mode 100644 index 0000000..3c3f58e --- /dev/null +++ b/openssl-1.1.1-version-add-engines.patch @@ -0,0 +1,38 @@ +diff -up openssl-1.1.1-pre8/apps/version.c.version-add-engines openssl-1.1.1-pre8/apps/version.c +--- openssl-1.1.1-pre8/apps/version.c.version-add-engines 2018-06-20 16:48:09.000000000 +0200 ++++ openssl-1.1.1-pre8/apps/version.c 2018-07-16 18:00:40.608624346 +0200 +@@ -64,7 +64,7 @@ int version_main(int argc, char **argv) + { + int ret = 1, dirty = 0, seed = 0; + int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0; +- int engdir = 0; ++ int engdir = 0, engines = 0; + char *prog; + OPTION_CHOICE o; + +@@ -106,7 +106,7 @@ opthelp: + break; + case OPT_A: + seed = options = cflags = version = date = platform = dir = engdir +- = 1; ++ = engines = 1; + break; + } + } +@@ -188,6 +188,16 @@ opthelp: + #endif + printf("\n"); + } ++ if (engines) { ++ ENGINE *e; ++ printf("engines: "); ++ e = ENGINE_get_first(); ++ while (e) { ++ printf("%s ", ENGINE_get_id(e)); ++ e = ENGINE_get_next(e); ++ } ++ printf("\n"); ++ } + ret = 0; + end: + return ret; diff --git a/openssl-1.1.1-version-override.patch b/openssl-1.1.1-version-override.patch new file mode 100644 index 0000000..a6975fa --- /dev/null +++ b/openssl-1.1.1-version-override.patch @@ -0,0 +1,12 @@ +diff -up openssl-1.1.1g/include/openssl/opensslv.h.version-override openssl-1.1.1g/include/openssl/opensslv.h +--- openssl-1.1.1g/include/openssl/opensslv.h.version-override 2020-04-23 13:29:37.802673513 +0200 ++++ openssl-1.1.1g/include/openssl/opensslv.h 2020-04-23 13:30:13.064008458 +0200 +@@ -40,7 +40,7 @@ extern "C" { + * major minor fix final patch/beta) + */ + # define OPENSSL_VERSION_NUMBER 0x1010107fL +-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1g 21 Apr 2020" ++# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1g FIPS 21 Apr 2020" + + /*- + * The macros below are to be used for shared library (.so, .dll, ...) diff --git a/openssl-1.1.1-weak-ciphers.patch b/openssl-1.1.1-weak-ciphers.patch new file mode 100644 index 0000000..0083643 --- /dev/null +++ b/openssl-1.1.1-weak-ciphers.patch @@ -0,0 +1,57 @@ +diff -up openssl-1.1.1/ssl/s3_lib.c.weak-ciphers openssl-1.1.1/ssl/s3_lib.c +--- openssl-1.1.1/ssl/s3_lib.c.weak-ciphers 2018-09-11 14:48:23.000000000 +0200 ++++ openssl-1.1.1/ssl/s3_lib.c 2018-09-17 12:53:33.850637181 +0200 +@@ -2612,7 +2612,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_GOST89MAC, + TLS1_VERSION, TLS1_2_VERSION, + 0, 0, +- SSL_HIGH, ++ SSL_MEDIUM, + SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, + 256, + 256, +@@ -2644,7 +2644,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + SSL_GOST89MAC12, + TLS1_VERSION, TLS1_2_VERSION, + 0, 0, +- SSL_HIGH, ++ SSL_MEDIUM, + SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC, + 256, + 256, +@@ -2753,7 +2753,7 @@ static SSL_CIPHER ssl3_ciphers[] = { + }, + #endif /* OPENSSL_NO_SEED */ + +-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS ++#if 0 /* No MD5 ciphersuites */ + { + 1, + SSL3_TXT_RSA_RC4_128_MD5, +@@ -2770,6 +2770,8 @@ static SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + SSL3_TXT_RSA_RC4_128_SHA, +@@ -2786,6 +2788,8 @@ static SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif ++#if 0 + { + 1, + SSL3_TXT_ADH_RC4_128_MD5, +@@ -2802,6 +2806,8 @@ static SSL_CIPHER ssl3_ciphers[] = { + 128, + 128, + }, ++#endif ++#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS + { + 1, + TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA, diff --git a/openssl.spec b/openssl.spec new file mode 100644 index 0000000..40a7d8a --- /dev/null +++ b/openssl.spec @@ -0,0 +1,2206 @@ +# For the curious: +# 0.9.5a soversion = 0 +# 0.9.6 soversion = 1 +# 0.9.6a soversion = 2 +# 0.9.6c soversion = 3 +# 0.9.7a soversion = 4 +# 0.9.7ef soversion = 5 +# 0.9.8ab soversion = 6 +# 0.9.8g soversion = 7 +# 0.9.8jk + EAP-FAST soversion = 8 +# 1.0.0 soversion = 10 +# 1.1.0 soversion = 1.1 (same as upstream although presence of some symbols +# depends on build configuration options) +%define soversion 1.1 + +# Arches on which we need to prevent arch conflicts on opensslconf.h, must +# also be handled in opensslconf-new.h. +%define multilib_arches %{ix86} ia64 %{mips} ppc ppc64 s390 s390x sparcv9 sparc64 x86_64 + +%global _performance_build 1 + +Summary: Utilities from the general purpose cryptography library with TLS implementation +Name: openssl +Version: 1.1.1g +Release: 15%{?dist} +Epoch: 1 +# We have to remove certain patented algorithms from the openssl source +# tarball with the hobble-openssl script which is included below. +# The original openssl upstream tarball cannot be shipped in the .src.rpm. +Source: openssl-%{version}-hobbled.tar.xz +Source1: hobble-openssl +Source2: Makefile.certificate +Source6: make-dummy-cert +Source7: renew-dummy-cert +Source9: opensslconf-new.h +Source10: opensslconf-new-warning.h +Source11: README.FIPS +Source12: ec_curve.c +Source13: ectest.c +# Build changes +Patch1: openssl-1.1.1-build.patch +Patch2: openssl-1.1.1-defaults.patch +Patch3: openssl-1.1.1-no-html.patch +Patch4: openssl-1.1.1-man-rename.patch +# Bug fixes +Patch21: openssl-1.1.0-issuer-hash.patch +# Functionality changes +Patch31: openssl-1.1.1-conf-paths.patch +Patch32: openssl-1.1.1-version-add-engines.patch +Patch33: openssl-1.1.1-apps-dgst.patch +Patch36: openssl-1.1.1-no-brainpool.patch +Patch37: openssl-1.1.1-ec-curves.patch +Patch38: openssl-1.1.1-no-weak-verify.patch +Patch40: openssl-1.1.1-disable-ssl3.patch +Patch41: openssl-1.1.1-system-cipherlist.patch +Patch42: openssl-1.1.1-fips.patch +Patch43: openssl-1.1.1-ignore-bound.patch +Patch44: openssl-1.1.1-version-override.patch +Patch45: openssl-1.1.1-weak-ciphers.patch +Patch46: openssl-1.1.1-seclevel.patch +Patch47: openssl-1.1.1-ts-sha256-default.patch +Patch48: openssl-1.1.1-fips-post-rand.patch +Patch49: openssl-1.1.1-evp-kdf.patch +Patch50: openssl-1.1.1-ssh-kdf.patch +Patch51: openssl-1.1.1-intel-cet.patch +Patch60: openssl-1.1.1-krb5-kdf.patch +Patch61: openssl-1.1.1-edk2-build.patch +Patch62: openssl-1.1.1-fips-curves.patch +Patch65: openssl-1.1.1-fips-drbg-selftest.patch +Patch66: openssl-1.1.1-fips-dh.patch +Patch67: openssl-1.1.1-kdf-selftest.patch +Patch68: openssl-1.1.1-reneg-no-extms.patch +Patch69: openssl-1.1.1-alpn-cb.patch +Patch70: openssl-1.1.1-rewire-fips-drbg.patch +# Backported fixes including security fixes +Patch52: openssl-1.1.1-s390x-update.patch +Patch53: openssl-1.1.1-fips-crng-test.patch +Patch55: openssl-1.1.1-arm-update.patch +Patch56: openssl-1.1.1-s390x-ecc.patch + +License: OpenSSL and ASL 2.0 +URL: http://www.openssl.org/ +BuildRequires: gcc +BuildRequires: coreutils, perl-interpreter, sed, zlib-devel, /usr/bin/cmp +BuildRequires: lksctp-tools-devel +BuildRequires: /usr/bin/rename +BuildRequires: /usr/bin/pod2man +BuildRequires: /usr/sbin/sysctl +BuildRequires: perl(Test::Harness), perl(Test::More), perl(Math::BigInt) +BuildRequires: perl(Module::Load::Conditional), perl(File::Temp) +BuildRequires: perl(Time::HiRes) +BuildRequires: perl(FindBin), perl(lib), perl(File::Compare), perl(File::Copy) +Requires: coreutils +Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} + +%description +The OpenSSL toolkit provides support for secure communications between +machines. OpenSSL includes a certificate management tool and shared +libraries which provide various cryptographic algorithms and +protocols. + +%package libs +Summary: A general purpose cryptography library with TLS implementation +Requires: ca-certificates >= 2008-5 +Requires: crypto-policies >= 20180730 +Recommends: openssl-pkcs11%{?_isa} +Provides: openssl-fips = %{epoch}:%{version}-%{release} + +%description libs +OpenSSL is a toolkit for supporting cryptography. The openssl-libs +package contains the libraries that are used by various applications which +support cryptographic algorithms and protocols. + +%package devel +Summary: Files for development of applications which will use OpenSSL +Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} +Requires: pkgconfig + +%description devel +OpenSSL is a toolkit for supporting cryptography. The openssl-devel +package contains include files needed to develop applications which +support various cryptographic algorithms and protocols. + +%package static +Summary: Libraries for static linking of applications which will use OpenSSL +Requires: %{name}-devel%{?_isa} = %{epoch}:%{version}-%{release} + +%description static +OpenSSL is a toolkit for supporting cryptography. The openssl-static +package contains static libraries needed for static linking of +applications which support various cryptographic algorithms and +protocols. + +%package perl +Summary: Perl scripts provided with OpenSSL +Requires: perl-interpreter +Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} + +%description perl +OpenSSL is a toolkit for supporting cryptography. The openssl-perl +package provides Perl scripts for converting certificates and keys +from other formats to the formats used by the OpenSSL toolkit. + +%prep +%setup -q -n %{name}-%{version} + +# The hobble_openssl is called here redundantly, just to be sure. +# The tarball has already the sources removed. +%{SOURCE1} > /dev/null + +cp %{SOURCE12} crypto/ec/ +cp %{SOURCE13} test/ + +%patch1 -p1 -b .build %{?_rawbuild} +%patch2 -p1 -b .defaults +%patch3 -p1 -b .no-html %{?_rawbuild} +%patch4 -p1 -b .man-rename + +%patch21 -p1 -b .issuer-hash + +%patch31 -p1 -b .conf-paths +%patch32 -p1 -b .version-add-engines +%patch33 -p1 -b .dgst +%patch36 -p1 -b .no-brainpool +%patch37 -p1 -b .curves +%patch38 -p1 -b .no-weak-verify +%patch40 -p1 -b .disable-ssl3 +%patch41 -p1 -b .system-cipherlist +%patch42 -p1 -b .fips +%patch43 -p1 -b .ignore-bound +%patch44 -p1 -b .version-override +%patch45 -p1 -b .weak-ciphers +%patch46 -p1 -b .seclevel +%patch47 -p1 -b .ts-sha256-default +%patch48 -p1 -b .fips-post-rand +%patch49 -p1 -b .evp-kdf +%patch50 -p1 -b .ssh-kdf +%patch51 -p1 -b .intel-cet +%patch52 -p1 -b .s390x-update +%patch53 -p1 -b .crng-test +%patch55 -p1 -b .arm-update +%patch56 -p1 -b .s390x-ecc +%patch60 -p1 -b .krb5-kdf +%patch61 -p1 -b .edk2-build +%patch62 -p1 -b .fips-curves +%patch65 -p1 -b .drbg-selftest +%patch66 -p1 -b .fips-dh +%patch67 -p1 -b .kdf-selftest +%patch68 -p1 -b .reneg-no-extms +%patch69 -p1 -b .alpn-cb +%patch70 -p1 -b .rewire-fips-drbg + + +%build +# Figure out which flags we want to use. +# default +sslarch=%{_os}-%{_target_cpu} +%ifarch %ix86 +sslarch=linux-elf +if ! echo %{_target} | grep -q i686 ; then + sslflags="no-asm 386" +fi +%endif +%ifarch x86_64 +sslflags=enable-ec_nistp_64_gcc_128 +%endif +%ifarch sparcv9 +sslarch=linux-sparcv9 +sslflags=no-asm +%endif +%ifarch sparc64 +sslarch=linux64-sparcv9 +sslflags=no-asm +%endif +%ifarch alpha alphaev56 alphaev6 alphaev67 +sslarch=linux-alpha-gcc +%endif +%ifarch s390 sh3eb sh4eb +sslarch="linux-generic32 -DB_ENDIAN" +%endif +%ifarch s390x +sslarch="linux64-s390x" +%endif +%ifarch %{arm} +sslarch=linux-armv4 +%endif +%ifarch aarch64 +sslarch=linux-aarch64 +sslflags=enable-ec_nistp_64_gcc_128 +%endif +%ifarch sh3 sh4 +sslarch=linux-generic32 +%endif +%ifarch ppc64 ppc64p7 +sslarch=linux-ppc64 +%endif +%ifarch ppc64le +sslarch="linux-ppc64le" +sslflags=enable-ec_nistp_64_gcc_128 +%endif +%ifarch mips mipsel +sslarch="linux-mips32 -mips32r2" +%endif +%ifarch mips64 mips64el +sslarch="linux64-mips64 -mips64r2" +%endif +%ifarch mips64el +sslflags=enable-ec_nistp_64_gcc_128 +%endif +%ifarch riscv64 +sslarch=linux-generic64 +%endif + +# Add -Wa,--noexecstack here so that libcrypto's assembler modules will be +# marked as not requiring an executable stack. +# Also add -DPURIFY to make using valgrind with openssl easier as we do not +# want to depend on the uninitialized memory as a source of entropy anyway. +RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -Wa,--generate-missing-build-notes=yes -DPURIFY $RPM_LD_FLAGS" + +export HASHBANGPERL=/usr/bin/perl + +# ia64, x86_64, ppc are OK by default +# Configure the build tree. Override OpenSSL defaults with known-good defaults +# usable on all platforms. The Configure script already knows to use -fPIC and +# RPM_OPT_FLAGS, so we can skip specifiying them here. +./Configure \ + --prefix=%{_prefix} --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \ + --system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \ + zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \ + enable-cms enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method \ + enable-weak-ssl-ciphers \ + no-mdc2 no-ec2m no-sm2 no-sm4 \ + shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\""' + +# Do not run this in a production package the FIPS symbols must be patched-in +#util/mkdef.pl crypto update + +make all + +# Overwrite FIPS README +cp -f %{SOURCE11} . + +# Clean up the .pc files +for i in libcrypto.pc libssl.pc openssl.pc ; do + sed -i '/^Libs.private:/{s/-L[^ ]* //;s/-Wl[^ ]* //}' $i +done + +%check +# Verify that what was compiled actually works. + +# Hack - either enable SCTP AUTH chunks in kernel or disable sctp for check +(sysctl net.sctp.addip_enable=1 && sysctl net.sctp.auth_enable=1) || \ +(echo 'Failed to enable SCTP AUTH chunks, disabling SCTP for tests...' && + sed '/"zlib-dynamic" => "default",/a\ \ "sctp" => "default",' configdata.pm > configdata.pm.new && \ + touch -r configdata.pm configdata.pm.new && \ + mv -f configdata.pm.new configdata.pm) + +# We must revert patch31 before tests otherwise they will fail +patch -p1 -R < %{PATCH31} + +LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}} +export LD_LIBRARY_PATH +crypto/fips/fips_standalone_hmac libcrypto.so.%{soversion} >.libcrypto.so.%{soversion}.hmac +ln -s .libcrypto.so.%{soversion}.hmac .libcrypto.so.hmac +crypto/fips/fips_standalone_hmac libssl.so.%{soversion} >.libssl.so.%{soversion}.hmac +ln -s .libssl.so.%{soversion}.hmac .libssl.so.hmac +OPENSSL_ENABLE_MD5_VERIFY= +export OPENSSL_ENABLE_MD5_VERIFY +OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file +export OPENSSL_SYSTEM_CIPHERS_OVERRIDE +make test + +# Add generation of HMAC checksum of the final stripped library +%define __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{version}.hmac \ + ln -sf .libcrypto.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{soversion}.hmac \ + crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{version}.hmac \ + ln -sf .libssl.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{soversion}.hmac \ +%{nil} + +%define __provides_exclude_from %{_libdir}/openssl + +%install +[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT +# Install OpenSSL. +install -d $RPM_BUILD_ROOT{%{_bindir},%{_includedir},%{_libdir},%{_mandir},%{_libdir}/openssl,%{_pkgdocdir}} +%make_install +rename so.%{soversion} so.%{version} $RPM_BUILD_ROOT%{_libdir}/*.so.%{soversion} +for lib in $RPM_BUILD_ROOT%{_libdir}/*.so.%{version} ; do + chmod 755 ${lib} + ln -s -f `basename ${lib}` $RPM_BUILD_ROOT%{_libdir}/`basename ${lib} .%{version}` + ln -s -f `basename ${lib}` $RPM_BUILD_ROOT%{_libdir}/`basename ${lib} .%{version}`.%{soversion} +done + +# Install a makefile for generating keys and self-signed certs, and a script +# for generating them on the fly. +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/certs +install -m644 %{SOURCE2} $RPM_BUILD_ROOT%{_pkgdocdir}/Makefile.certificate +install -m755 %{SOURCE6} $RPM_BUILD_ROOT%{_bindir}/make-dummy-cert +install -m755 %{SOURCE7} $RPM_BUILD_ROOT%{_bindir}/renew-dummy-cert + +# Move runable perl scripts to bindir +mv $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/misc/*.pl $RPM_BUILD_ROOT%{_bindir} +mv $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/misc/tsget $RPM_BUILD_ROOT%{_bindir} + +# Rename man pages so that they don't conflict with other system man pages. +pushd $RPM_BUILD_ROOT%{_mandir} +ln -s -f config.5 man5/openssl.cnf.5 +for manpage in man*/* ; do + if [ -L ${manpage} ]; then + TARGET=`ls -l ${manpage} | awk '{ print $NF }'` + ln -snf ${TARGET}ssl ${manpage}ssl + rm -f ${manpage} + else + mv ${manpage} ${manpage}ssl + fi +done +for conflict in passwd rand ; do + rename ${conflict} ssl${conflict} man*/${conflict}* +# Fix dangling symlinks + manpage=man1/openssl-${conflict}.* + if [ -L ${manpage} ] ; then + ln -snf ssl${conflict}.1ssl ${manpage} + fi +done +popd + +mkdir -m755 $RPM_BUILD_ROOT%{_sysconfdir}/pki/CA +mkdir -m700 $RPM_BUILD_ROOT%{_sysconfdir}/pki/CA/private +mkdir -m755 $RPM_BUILD_ROOT%{_sysconfdir}/pki/CA/certs +mkdir -m755 $RPM_BUILD_ROOT%{_sysconfdir}/pki/CA/crl +mkdir -m755 $RPM_BUILD_ROOT%{_sysconfdir}/pki/CA/newcerts + +# Ensure the config file timestamps are identical across builds to avoid +# mulitlib conflicts and unnecessary renames on upgrade +touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf +touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf + +rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf.dist +rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf.dist + +# Determine which arch opensslconf.h is going to try to #include. +basearch=%{_arch} +%ifarch %{ix86} +basearch=i386 +%endif +%ifarch sparcv9 +basearch=sparc +%endif +%ifarch sparc64 +basearch=sparc64 +%endif + +# Next step of gradual disablement of SSL3. +# Make SSL3 disappear to newly built dependencies. +sed -i '/^\#ifndef OPENSSL_NO_SSL_TRACE/i\ +#ifndef OPENSSL_NO_SSL3\ +# define OPENSSL_NO_SSL3\ +#endif' $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf.h + +%ifarch %{multilib_arches} +# Do an opensslconf.h switcheroo to avoid file conflicts on systems where you +# can have both a 32- and 64-bit version of the library, and they each need +# their own correct-but-different versions of opensslconf.h to be usable. +install -m644 %{SOURCE10} \ + $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf-${basearch}.h +cat $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf.h >> \ + $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf-${basearch}.h +install -m644 %{SOURCE9} \ + $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf.h +%endif +LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}} +export LD_LIBRARY_PATH + +%files +%{!?_licensedir:%global license %%doc} +%license LICENSE +%doc FAQ NEWS README README.FIPS +%{_bindir}/make-dummy-cert +%{_bindir}/renew-dummy-cert +%{_bindir}/openssl +%{_mandir}/man1*/* +%{_mandir}/man5*/* +%{_mandir}/man7*/* +%{_pkgdocdir}/Makefile.certificate +%exclude %{_mandir}/man1*/*.pl* +%exclude %{_mandir}/man1*/c_rehash* +%exclude %{_mandir}/man1*/tsget* +%exclude %{_mandir}/man1*/openssl-tsget* + +%files libs +%{!?_licensedir:%global license %%doc} +%license LICENSE +%dir %{_sysconfdir}/pki/tls +%dir %{_sysconfdir}/pki/tls/certs +%dir %{_sysconfdir}/pki/tls/misc +%dir %{_sysconfdir}/pki/tls/private +%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf +%config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf +%attr(0755,root,root) %{_libdir}/libcrypto.so.%{version} +%attr(0755,root,root) %{_libdir}/libcrypto.so.%{soversion} +%attr(0755,root,root) %{_libdir}/libssl.so.%{version} +%attr(0755,root,root) %{_libdir}/libssl.so.%{soversion} +%attr(0644,root,root) %{_libdir}/.libcrypto.so.*.hmac +%attr(0644,root,root) %{_libdir}/.libssl.so.*.hmac +%attr(0755,root,root) %{_libdir}/engines-%{soversion} + +%files devel +%doc CHANGES doc/dir-locals.example.el doc/openssl-c-indent.el +%{_prefix}/include/openssl +%{_libdir}/*.so +%{_mandir}/man3*/* +%{_libdir}/pkgconfig/*.pc + +%files static +%{_libdir}/*.a + +%files perl +%{_bindir}/c_rehash +%{_bindir}/*.pl +%{_bindir}/tsget +%{_mandir}/man1*/*.pl* +%{_mandir}/man1*/c_rehash* +%{_mandir}/man1*/tsget* +%{_mandir}/man1*/openssl-tsget* +%dir %{_sysconfdir}/pki/CA +%dir %{_sysconfdir}/pki/CA/private +%dir %{_sysconfdir}/pki/CA/certs +%dir %{_sysconfdir}/pki/CA/crl +%dir %{_sysconfdir}/pki/CA/newcerts + +%ldconfig_scriptlets libs + +%changelog +* Tue Jul 28 2020 Fedora Release Engineering - 1:1.1.1g-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jul 21 2020 Tom Stellard - 1:1.1.1g-14 +- Use make macros +- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro + +* Mon Jul 20 2020 Tomáš Mráz 1.1.1g-13 +- Additional FIPS mode check for EC key generation + +* Fri Jul 17 2020 Tomáš Mráz 1.1.1g-12 +- Further changes for SP 800-56A rev3 requirements + +* Mon Jun 22 2020 Tomáš Mráz 1.1.1g-11 +- Drop long ago obsolete part of the FIPS patch + +* Mon Jun 22 2020 Tomáš Mráz 1.1.1g-10 +- Rewire FIPS_drbg API to use the RAND_DRBG + +* Fri Jun 5 2020 Tomáš Mráz 1.1.1g-9 +- Disallow dropping Extended Master Secret extension + on renegotiation +- Return alert from s_server if ALPN protocol does not match +- SHA1 is allowed in @SECLEVEL=2 only if allowed by + TLS SigAlgs configuration + +* Wed Jun 3 2020 Tomáš Mráz 1.1.1g-8 +- Add FIPS selftest for PBKDF2 and KBKDF + +* Tue May 26 2020 Tomáš Mráz 1.1.1g-7 +- Use the well known DH groups in TLS + +* Mon May 25 2020 Tomáš Mráz 1.1.1g-6 +- Allow only well known DH groups in the FIPS mode + +* Thu May 21 2020 Adam Williamson - 1.1.1g-5 +- Re-apply the change from -2 now we have fixed nosync to work with it + +* Tue May 19 2020 Adam Williamson - 1.1.1g-4 +- Revert the change from -2 as it seems to cause segfaults in systemd + +* Mon May 18 2020 Tomáš Mráz 1.1.1g-3 +- pull some fixes and improvements from RHEL-8 + +* Fri May 15 2020 Tomáš Mráz 1.1.1g-2 +- FIPS module installed state definition is modified + +* Thu Apr 23 2020 Tomáš Mráz 1.1.1g-1 +- update to the 1.1.1g release + +* Tue Apr 7 2020 Tomáš Mráz 1.1.1f-1 +- update to the 1.1.1f release + +* Thu Mar 26 2020 Tomáš Mráz 1.1.1e-2 +- revert the unexpected EOF error reporting change as it is + too disruptive for the stable release branch + +* Fri Mar 20 2020 Tomáš Mráz 1.1.1e-1 +- update to the 1.1.1e release +- add selftest of the RAND_DRBG implementation +- fix incorrect error return value from FIPS_selftest_dsa + +* Mon Feb 17 2020 Tomáš Mráz 1.1.1d-7 +- apply Intel CET support patches by hjl (#1788699) + +* Wed Jan 29 2020 Fedora Release Engineering - 1:1.1.1d-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Nov 21 2019 Tomáš Mráz 1.1.1d-5 +- allow zero length parameters in KDF_CTX_ctrl() + +* Thu Nov 14 2019 Tomáš Mráz 1.1.1d-4 +- backport of SSKDF from master + +* Wed Nov 13 2019 Tomáš Mráz 1.1.1d-3 +- backport of KBKDF and KRB5KDF from master + +* Thu Oct 3 2019 Tomáš Mráz 1.1.1d-2 +- re-enable the stitched AES-CBC-SHA implementations +- make AES-GCM work in FIPS mode again +- enable TLS-1.2 AES-CCM ciphers in FIPS mode +- fix openssl speed errors in FIPS mode + +* Fri Sep 13 2019 Tomáš Mráz 1.1.1d-1 +- update to the 1.1.1d release + +* Fri Sep 6 2019 Tomáš Mráz 1.1.1c-6 +- upstream fix for status request extension non-compliance (#1737471) + +* Thu Jul 25 2019 Fedora Release Engineering - 1:1.1.1c-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Jun 24 2019 Tomáš Mráz 1.1.1c-4 +- do not try to use EC groups disallowed in FIPS mode + in TLS +- fix Valgrind regression with constant-time code + +* Mon Jun 3 2019 Tomáš Mráz 1.1.1c-3 +- add upstream patch to defer sending KeyUpdate after + pending writes are complete + +* Thu May 30 2019 Tomáš Mráz 1.1.1c-2 +- fix use of uninitialized memory + +* Wed May 29 2019 Tomáš Mráz 1.1.1c-1 +- update to the 1.1.1c release + +* Fri May 10 2019 Tomáš Mráz 1.1.1b-10 +- Another attempt at the AES-CCM regression fix + +* Fri May 10 2019 Tomáš Mráz 1.1.1b-9 +- Fix two small regressions +- Change the ts application default hash to SHA256 + +* Tue May 7 2019 Tomáš Mráz 1.1.1b-8 +- FIPS compliance fixes + +* Mon May 6 2019 Tomáš Mráz 1.1.1b-7 +- add S390x chacha20-poly1305 assembler support from master branch + +* Fri May 3 2019 Tomáš Mráz 1.1.1b-6 +- apply new bugfixes from upstream 1.1.1 branch + +* Tue Apr 16 2019 Tomáš Mráz 1.1.1b-5 +- fix for BIO_get_mem_ptr() regression in 1.1.1b (#1691853) + +* Wed Mar 27 2019 Tomáš Mráz 1.1.1b-4 +- drop unused BuildRequires and Requires in the -devel subpackage + +* Fri Mar 15 2019 Tomáš Mráz 1.1.1b-3 +- fix regression in EVP_PBE_scrypt() (#1688284) +- fix incorrect help message in ca app (#1553206) + +* Fri Mar 1 2019 Tomáš Mráz 1.1.1b-2 +- use .include = syntax in the config file to allow it + to be parsed by 1.0.2 version (#1668916) + +* Thu Feb 28 2019 Tomáš Mráz 1.1.1b-1 +- update to the 1.1.1b release +- EVP_KDF API backport from master +- SSH KDF implementation for EVP_KDF API backport from master + +* Fri Feb 01 2019 Fedora Release Engineering - 1:1.1.1a-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Tue Jan 15 2019 Tomáš Mráz 1.1.1a-1 +- update to the 1.1.1a release + +* Fri Nov 9 2018 Tomáš Mráz 1.1.1-7 +- use /dev/urandom for seeding the RNG in FIPS POST + +* Fri Oct 12 2018 Tomáš Mráz 1.1.1-6 +- fix SECLEVEL 3 support +- fix some issues found in Coverity scan + +* Thu Sep 27 2018 Charalampos Stratakis - 1:1.1.1-5 +- Correctly invoke sed for defining OPENSSL_NO_SSL3 + +* Thu Sep 27 2018 Tomáš Mráz 1.1.1-4 +- define OPENSSL_NO_SSL3 so the newly built dependencies do not + have access to SSL3 API calls anymore + +* Mon Sep 17 2018 Tomáš Mráz 1.1.1-3 +- reinstate accidentally dropped patch for weak ciphersuites + +* Fri Sep 14 2018 Tomáš Mráz 1.1.1-2 +- for consistent support of security policies we build + RC4 support in TLS (not default) and allow SHA1 in SECLEVEL 2 + +* Thu Sep 13 2018 Tomáš Mráz 1.1.1-1 +- update to the final 1.1.1 version + +* Thu Sep 6 2018 Tomáš Mráz 1.1.1-0.pre9.3 +- do not try to initialize RNG in cleanup if it was not initialized + before (#1624554) +- use only /dev/urandom if getrandom() is not available +- disable SM4 + +* Wed Aug 29 2018 Tomáš Mráz 1.1.1-0.pre9.2 +- fix dangling symlinks to manual pages +- make SSLv3_method work + +* Wed Aug 22 2018 Tomáš Mráz 1.1.1-0.pre9.1 +- update to the latest 1.1.1 beta version + +* Mon Aug 13 2018 Tomáš Mráz 1.1.1-0.pre8.4 +- bidirectional shutdown fixes from upstream + +* Mon Aug 13 2018 Tomáš Mráz 1.1.1-0.pre8.3 +- do not put error on stack when using fixed protocol version + with the default config (#1615098) + +* Fri Jul 27 2018 Tomáš Mráz 1.1.1-0.pre8.2 +- load crypto policy config file from the default config + +* Wed Jul 25 2018 Tomáš Mráz 1.1.1-0.pre8 +- update to the latest 1.1.1 beta version + +* Fri Jul 13 2018 Fedora Release Engineering - 1:1.1.0h-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue Jun 19 2018 Tomáš Mráz 1.1.0h-5 +- fix FIPS RSA key generation failure + +* Mon Jun 4 2018 Tomáš Mráz 1.1.0h-4 +- ppc64le is not multilib arch (#1584994) + +* Tue Apr 3 2018 Tomáš Mráz 1.1.0h-3 +- fix regression of c_rehash (#1562953) + +* Thu Mar 29 2018 Tomáš Mráz 1.1.0h-2 +- fix FIPS symbol versions + +* Thu Mar 29 2018 Tomáš Mráz 1.1.0h-1 +- update to upstream version 1.1.0h +- add Recommends for openssl-pkcs11 + +* Fri Feb 23 2018 Tomáš Mráz 1.1.0g-6 +- one more try to apply RPM_LD_FLAGS properly (#1541033) +- dropped unneeded starttls xmpp patch (#1417017) + +* Thu Feb 08 2018 Fedora Release Engineering - 1:1.1.0g-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Feb 1 2018 Tomáš Mráz 1.1.0g-4 +- apply RPM_LD_FLAGS properly (#1541033) + +* Thu Jan 11 2018 Tomáš Mráz 1.1.0g-3 +- silence the .rnd write failure as that is auxiliary functionality (#1524833) + +* Thu Dec 14 2017 Tomáš Mráz 1.1.0g-2 +- put the Makefile.certificate in pkgdocdir and drop the requirement on make + +* Fri Nov 3 2017 Tomáš Mráz 1.1.0g-1 +- update to upstream version 1.1.0g + +* Thu Aug 03 2017 Fedora Release Engineering - 1:1.1.0f-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 1:1.1.0f-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Mon Jul 17 2017 Tomáš Mráz 1:1.1.0f-7 +- make s_client and s_server work with -ssl3 option (#1471783) + +* Thu Jul 13 2017 Petr Pisar - 1:1.1.0f-6 +- perl dependency renamed to perl-interpreter + + +* Mon Jun 26 2017 Tomáš Mráz 1.1.0f-5 +- disable verification of all insecure hashes + +* Fri Jun 23 2017 Tomáš Mráz 1.1.0f-4 +- make DTLS work (#1462541) + +* Thu Jun 15 2017 Tomáš Mráz 1.1.0f-3 +- enable 3DES SSL ciphersuites, RC4 is kept disabled (#1453066) + +* Mon Jun 5 2017 Tomáš Mráz 1.1.0f-2 +- only release thread-local key if we created it (from upstream) (#1458775) + +* Fri Jun 2 2017 Tomáš Mráz 1.1.0f-1 +- update to upstream version 1.1.0f +- SRP and GOST is now allowed, note that GOST support requires + adding GOST engine which is not part of openssl anymore + +* Thu Feb 16 2017 Tomáš Mráz 1.1.0e-1 +- update to upstream version 1.1.0e +- add documentation of the PROFILE=SYSTEM special cipher string (#1420232) + +* Sat Feb 11 2017 Fedora Release Engineering - 1:1.1.0d-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Feb 1 2017 Tomáš Mráz 1.1.0d-2 +- applied upstream fixes (fix regression in X509_CRL_digest) + +* Thu Jan 26 2017 Tomáš Mráz 1.1.0d-1 +- update to upstream version 1.1.0d + +* Thu Dec 22 2016 Tomáš Mráz 1.1.0c-5 +- preserve new line in fd BIO BIO_gets() as other BIOs do + +* Fri Dec 2 2016 Tomáš Mráz 1.1.0c-4 +- FIPS mode fixes for TLS + +* Wed Nov 30 2016 Tomáš Mráz 1.1.0c-3 +- revert SSL_read() behavior change - patch from upstream (#1394677) +- fix behavior on client certificate request in renegotiation (#1393579) + +* Tue Nov 22 2016 Tomáš Mráz 1.1.0c-2 +- EC curve NIST P-224 is now allowed, still kept disabled in TLS due + to less than optimal security + +* Fri Nov 11 2016 Tomáš Mráz 1.1.0c-1 +- update to upstream version 1.1.0c + +* Fri Nov 4 2016 Tomáš Mráz 1.1.0b-4 +- use a random seed if the supplied one did not generate valid + parameters in dsa_builtin_paramgen2() + +* Wed Oct 12 2016 Tomáš Mráz 1.1.0b-3 +- do not break contract on return value when using dsa_builtin_paramgen2() + +* Wed Oct 12 2016 Tomáš Mráz 1.1.0b-2 +- fix afalg failure on big endian + +* Tue Oct 11 2016 Tomáš Mráz 1.1.0b-1 +- update to upstream version 1.1.0b + +* Fri Oct 07 2016 Richard W.M. Jones - 1:1.0.2j-2 +- Add flags for riscv64. + +* Mon Sep 26 2016 Tomáš Mráz 1.0.2j-1 +- minor upstream release 1.0.2j fixing regression from previous release + +* Sat Sep 24 2016 David Woodhouse 1.0.2i-2 +- Fix enginesdir in libcrypto.c (#1375361) + +* Thu Sep 22 2016 Tomáš Mráz 1.0.2i-1 +- minor upstream release 1.0.2i fixing security issues +- move man pages for perl based scripts to perl subpackage (#1377617) + +* Wed Aug 10 2016 Tomáš Mráz 1.0.2h-3 +- fix regression in Cisco AnyConnect VPN support (#1354588) + +* Mon Jun 27 2016 Tomáš Mráz 1.0.2h-2 +- require libcrypto in libssl.pc (#1301301) + +* Tue May 3 2016 Tomáš Mráz 1.0.2h-1 +- minor upstream release 1.0.2h fixing security issues + +* Tue Mar 29 2016 Tomáš Mráz 1.0.2g-4 +- disable SSLv2 support altogether (without ABI break) + +* Mon Mar 7 2016 Tom Callaway - 1.0.2g-3 +- enable RC5 + +* Wed Mar 2 2016 Tomáš Mráz 1.0.2g-2 +- reenable SSL2 in the build to avoid ABI break (it does not + make the openssl vulnerable to DROWN attack) + +* Tue Mar 1 2016 Tomáš Mráz 1.0.2g-1 +- minor upstream release 1.0.2g fixing security issues + +* Thu Feb 04 2016 Fedora Release Engineering - 1:1.0.2f-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Thu Jan 28 2016 Tomáš Mráz 1.0.2f-1 +- minor upstream release 1.0.2f fixing security issues +- add support for MIPS secondary architecture + +* Fri Jan 15 2016 Tomáš Mráz 1.0.2e-5 +- document some options of openssl speed command + +* Fri Dec 18 2015 Tomáš Mráz 1.0.2e-4 +- enable sctp support in DTLS + +* Tue Dec 8 2015 Tomáš Mráz 1.0.2e-3 +- remove unimplemented EC method from header (#1289599) + +* Mon Dec 7 2015 Tomáš Mráz 1.0.2e-2 +- the fast nistp implementation works only on little endian architectures + +* Fri Dec 4 2015 Tomáš Mráz 1.0.2e-1 +- minor upstream release 1.0.2e fixing moderate severity security issues +- enable fast assembler implementation for NIST P-256 and P-521 + elliptic curves (#1164210) +- filter out unwanted link options from the .pc files (#1257836) +- do not set serial to 0 in Makefile.certificate (#1135719) + +* Mon Nov 16 2015 Tomáš Mráz 1.0.2d-3 +- fix sigill on some AMD CPUs (#1278194) + +* Wed Aug 12 2015 Tom Callaway 1.0.2d-2 +- re-enable secp256k1 (bz1021898) + +* Thu Jul 9 2015 Tomáš Mráz 1.0.2d-1 +- minor upstream release 1.0.2d fixing a high severity security issue + +* Tue Jul 7 2015 Tomáš Mráz 1.0.2c-3 +- fix the aarch64 build + +* Thu Jun 18 2015 Fedora Release Engineering - 1:1.0.2c-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Jun 15 2015 Tomáš Mráz 1.0.2c-1 +- minor upstream release 1.0.2c fixing multiple security issues + +* Thu May 7 2015 Peter Robinson 1.0.2a-4 +- Add aarch64 sslarch details + +* Thu May 7 2015 Tomáš Mráz 1.0.2a-3 +- fix some 64 bit build targets + +* Tue Apr 28 2015 Tomáš Mráz 1.0.2a-2 +- add alternative certificate chain discovery support from upstream + +* Thu Apr 23 2015 Tomáš Mráz 1.0.2a-1 +- rebase to 1.0.2 branch + +* Thu Apr 9 2015 Tomáš Mráz 1.0.1k-7 +- drop the AES-GCM restriction of 2^32 operations because the IV is + always 96 bits (32 bit fixed field + 64 bit invocation field) + +* Thu Mar 19 2015 Tomáš Mráz 1.0.1k-6 +- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() +- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison +- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption +- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data +- fix CVE-2015-0293 - triggerable assert in SSLv2 server + +* Mon Mar 16 2015 Tomáš Mráz 1.0.1k-5 +- fix bug in the CRYPTO_128_unwrap() + +* Fri Feb 27 2015 Tomáš Mráz 1.0.1k-4 +- fix bug in the RFC 5649 support (#1185878) + +* Sat Feb 21 2015 Till Maas - 1:1.0.1k-3 +- Rebuilt for Fedora 23 Change + https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code + +* Thu Jan 15 2015 Tomáš Mráz 1.0.1k-2 +- test in the non-FIPS RSA keygen for minimal distance of p and q + similarly to the FIPS RSA keygen + +* Fri Jan 9 2015 Tomáš Mráz 1.0.1k-1 +- new upstream release fixing multiple security issues + +* Thu Nov 20 2014 Tomáš Mráz 1.0.1j-3 +- disable SSLv3 by default again (mail servers and possibly + LDAP servers should probably allow it explicitly for legacy + clients) + +* Tue Oct 21 2014 Tomáš Mráz 1.0.1j-2 +- update the FIPS RSA keygen to be FIPS 186-4 compliant + +* Thu Oct 16 2014 Tomáš Mráz 1.0.1j-1 +- new upstream release fixing multiple security issues + +* Fri Oct 10 2014 Tomáš Mráz 1.0.1i-5 +- copy negotiated digests when switching certs by SNI (#1150032) + +* Mon Sep 8 2014 Tomáš Mráz 1.0.1i-4 +- add support for RFC 5649 + +* Sun Aug 17 2014 Fedora Release Engineering - 1:1.0.1i-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Wed Aug 13 2014 Tomáš Mráz 1.0.1i-2 +- drop RSA X9.31 from RSA FIPS selftests +- add Power 8 optimalizations + +* Thu Aug 7 2014 Tomáš Mráz 1.0.1i-1 +- new upstream release fixing multiple moderate security issues +- for now disable only SSLv2 by default + +* Fri Jul 18 2014 Tom Callaway 1.0.1h-6 +- fix license handling + +* Mon Jun 30 2014 Tomáš Mráz 1.0.1h-5 +- disable SSLv2 and SSLv3 protocols by default (can be enabled + via appropriate SSL_CTX_clear_options() call) + +* Wed Jun 11 2014 Tomáš Mráz 1.0.1h-4 +- use system profile for default cipher list + +* Tue Jun 10 2014 Tomáš Mráz 1.0.1h-3 +- make FIPS mode keygen bit length restriction enforced only when + OPENSSL_ENFORCE_MODULUS_BITS is set +- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support + +* Sat Jun 07 2014 Fedora Release Engineering - 1:1.0.1h-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu Jun 5 2014 Tomáš Mráz 1.0.1h-1 +- new upstream release 1.0.1h + +* Sat May 31 2014 Peter Robinson 1.0.1g-2 +- Drop obsolete and irrelevant docs +- Move devel docs to appropriate package + +* Wed May 7 2014 Tomáš Mráz 1.0.1g-1 +- new upstream release 1.0.1g +- do not include ECC ciphersuites in SSLv2 client hello (#1090952) +- fail on hmac integrity check if the .hmac file is empty + +* Mon Apr 07 2014 Dennis Gilmore - 1.0.1e-44 +- pull in upstream patch for CVE-2014-0160 +- removed CHANGES file portion from patch for expediency + +* Thu Apr 3 2014 Tomáš Mráz 1.0.1e-43 +- add support for ppc64le architecture (#1072633) + +* Mon Mar 17 2014 Tomáš Mráz 1.0.1e-42 +- properly detect encryption failure in BIO +- use 2048 bit RSA key in FIPS selftests + +* Fri Feb 14 2014 Tomáš Mráz 1.0.1e-41 +- use the key length from configuration file if req -newkey rsa is invoked + +* Thu Feb 13 2014 Tomáš Mráz 1.0.1e-40 +- print ephemeral key size negotiated in TLS handshake (#1057715) +- add DH_compute_key_padded needed for FIPS CAVS testing + +* Thu Feb 6 2014 Tomáš Mráz 1.0.1e-39 +- make expiration and key length changeable by DAYS and KEYLEN + variables in the certificate Makefile (#1058108) +- change default hash to sha256 (#1062325) + +* Wed Jan 22 2014 Tomáš Mráz 1.0.1e-38 +- make 3des strength to be 128 bits instead of 168 (#1056616) + +* Tue Jan 7 2014 Tomáš Mráz 1.0.1e-37 +- fix CVE-2013-4353 - Invalid TLS handshake crash +- fix CVE-2013-6450 - possible MiTM attack on DTLS1 + +* Fri Dec 20 2013 Tomáš Mráz 1.0.1e-36 +- fix CVE-2013-6449 - crash when version in SSL structure is incorrect +- more FIPS validation requirement changes + +* Wed Dec 18 2013 Tomáš Mráz 1.0.1e-35 +- drop weak ciphers from the default TLS ciphersuite list +- add back some symbols that were dropped with update to 1.0.1 branch +- more FIPS validation requirement changes + +* Tue Nov 19 2013 Tomáš Mráz 1.0.1e-34 +- fix locking and reseeding problems with FIPS drbg + +* Fri Nov 15 2013 Tomáš Mráz 1.0.1e-33 +- additional changes required for FIPS validation + +* Wed Nov 13 2013 Tomáš Mráz 1.0.1e-32 +- disable verification of certificate, CRL, and OCSP signatures + using MD5 if OPENSSL_ENABLE_MD5_VERIFY environment variable + is not set + +* Fri Nov 8 2013 Tomáš Mráz 1.0.1e-31 +- add back support for secp521r1 EC curve +- add aarch64 to Configure (#969692) + +* Tue Oct 29 2013 Tomáš Mráz 1.0.1e-30 +- fix misdetection of RDRAND support on Cyrix CPUS (from upstream) (#1022346) + +* Thu Oct 24 2013 Tomáš Mráz 1.0.1e-29 +- do not advertise ECC curves we do not support (#1022493) + +* Wed Oct 16 2013 Tomáš Mráz 1.0.1e-28 +- only ECC NIST Suite B curves support +- drop -fips subpackage + +* Mon Oct 14 2013 Tom Callaway - 1.0.1e-27 +- resolve bugzilla 319901 (phew! only took 6 years & 9 days) + +* Fri Sep 27 2013 Tomáš Mráz 1.0.1e-26 +- make DTLS1 work in FIPS mode +- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode + +* Mon Sep 23 2013 Tomáš Mráz 1.0.1e-25 +- avoid dlopening libssl.so from libcrypto (#1010357) + +* Fri Sep 20 2013 Tomáš Mráz 1.0.1e-24 +- fix small memory leak in FIPS aes selftest + +* Thu Sep 19 2013 Tomáš Mráz 1.0.1e-23 +- fix segfault in openssl speed hmac in the FIPS mode + +* Thu Sep 12 2013 Tomáš Mráz 1.0.1e-22 +- document the nextprotoneg option in manual pages + original patch by Hubert Kario + +* Tue Sep 10 2013 Kyle McMartin 1.0.1e-21 +- [arm] use elf auxv to figure out armcap.c instead of playing silly + games with SIGILL handlers. (#1006474) + +* Wed Sep 4 2013 Tomas Mraz 1.0.1e-20 +- try to avoid some races when updating the -fips subpackage + +* Mon Sep 2 2013 Tomas Mraz 1.0.1e-19 +- use version-release in .hmac suffix to avoid overwrite + during upgrade + +* Thu Aug 29 2013 Tomas Mraz 1.0.1e-18 +- allow deinitialization of the FIPS mode + +* Thu Aug 29 2013 Tomas Mraz 1.0.1e-17 +- always perform the FIPS selftests in library constructor + if FIPS module is installed + +* Tue Aug 27 2013 Tomas Mraz 1.0.1e-16 +- add -fips subpackage that contains the FIPS module files + +* Fri Aug 16 2013 Tomas Mraz 1.0.1e-15 +- fix use of rdrand if available +- more commits cherry picked from upstream +- documentation fixes + +* Sat Aug 03 2013 Petr Pisar - 1:1.0.1e-14 +- Perl 5.18 rebuild + +* Fri Jul 26 2013 Tomas Mraz 1.0.1e-13 +- additional manual page fix +- use symbol versioning also for the textual version + +* Thu Jul 25 2013 Tomas Mraz 1.0.1e-12 +- additional manual page fixes + +* Fri Jul 19 2013 Tomas Mraz 1.0.1e-11 +- use _prefix macro + +* Wed Jul 17 2013 Petr Pisar - 1:1.0.1e-10 +- Perl 5.18 rebuild + +* Thu Jul 11 2013 Tomas Mraz 1.0.1e-9 +- add openssl.cnf.5 manpage symlink to config.5 + +* Wed Jul 10 2013 Tomas Mraz 1.0.1e-8 +- add relro linking flag + +* Wed Jul 10 2013 Tomas Mraz 1.0.1e-7 +- add support for the -trusted_first option for certificate chain verification + +* Fri May 3 2013 Tomas Mraz 1.0.1e-6 +- fix build of manual pages with current pod2man (#959439) + +* Sun Apr 21 2013 Peter Robinson 1.0.1e-5 +- Enable ARM optimised build + +* Mon Mar 18 2013 Tomas Mraz 1.0.1e-4 +- fix random bad record mac errors (#918981) + +* Tue Feb 19 2013 Tomas Mraz 1.0.1e-3 +- fix up the SHLIB_VERSION_NUMBER + +* Tue Feb 19 2013 Tomas Mraz 1.0.1e-2 +- disable ZLIB loading by default (due to CRIME attack) + +* Tue Feb 19 2013 Tomas Mraz 1.0.1e-1 +- new upstream version + +* Wed Jan 30 2013 Tomas Mraz 1.0.1c-12 +- more fixes from upstream +- fix errors in manual causing build failure (#904777) + +* Fri Dec 21 2012 Tomas Mraz 1.0.1c-11 +- add script for renewal of a self-signed cert by Philip Prindeville (#871566) +- allow X509_issuer_and_serial_hash() produce correct result in + the FIPS mode (#881336) + +* Thu Dec 6 2012 Tomas Mraz 1.0.1c-10 +- do not load default verify paths if CApath or CAfile specified (#884305) + +* Tue Nov 20 2012 Tomas Mraz 1.0.1c-9 +- more fixes from upstream CVS +- fix DSA key pairwise check (#878597) + +* Thu Nov 15 2012 Tomas Mraz 1.0.1c-8 +- use 1024 bit DH parameters in s_server as 512 bit is not allowed + in FIPS mode and it is quite weak anyway + +* Mon Sep 10 2012 Tomas Mraz 1.0.1c-7 +- add missing initialization of str in aes_ccm_init_key (#853963) +- add important patches from upstream CVS +- use the secure_getenv() with new glibc + +* Fri Jul 20 2012 Fedora Release Engineering - 1:1.0.1c-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jul 13 2012 Tomas Mraz 1.0.1c-5 +- use __getenv_secure() instead of __libc_enable_secure + +* Fri Jul 13 2012 Tomas Mraz 1.0.1c-4 +- do not move libcrypto to /lib +- do not use environment variables if __libc_enable_secure is on +- fix strict aliasing problems in modes + +* Thu Jul 12 2012 Tomas Mraz 1.0.1c-3 +- fix DSA key generation in FIPS mode (#833866) +- allow duplicate FIPS_mode_set(1) +- enable build on ppc64 subarch (#834652) + +* Wed Jul 11 2012 Tomas Mraz 1.0.1c-2 +- fix s_server with new glibc when no global IPv6 address (#839031) +- make it build with new Perl + +* Tue May 15 2012 Tomas Mraz 1.0.1c-1 +- new upstream version + +* Thu Apr 26 2012 Tomas Mraz 1.0.1b-1 +- new upstream version + +* Fri Apr 20 2012 Tomas Mraz 1.0.1a-1 +- new upstream version fixing CVE-2012-2110 + +* Wed Apr 11 2012 Tomas Mraz 1.0.1-3 +- add Kerberos 5 libraries to pkgconfig for static linking (#807050) + +* Thu Apr 5 2012 Tomas Mraz 1.0.1-2 +- backports from upstream CVS +- fix segfault when /dev/urandom is not available (#809586) + +* Wed Mar 14 2012 Tomas Mraz 1.0.1-1 +- new upstream release + +* Mon Mar 5 2012 Tomas Mraz 1.0.1-0.3.beta3 +- add obsoletes to assist multilib updates (#799636) + +* Wed Feb 29 2012 Tomas Mraz 1.0.1-0.2.beta3 +- epoch bumped to 1 due to revert to 1.0.0g on Fedora 17 +- new upstream release from the 1.0.1 branch +- fix s390x build (#798411) +- versioning for the SSLeay symbol (#794950) +- add -DPURIFY to build flags (#797323) +- filter engine provides +- split the libraries to a separate -libs package +- add make to requires on the base package (#783446) + +* Tue Feb 7 2012 Tomas Mraz 1.0.1-0.1.beta2 +- new upstream release from the 1.0.1 branch, ABI compatible +- add documentation for the -no_ign_eof option + +* Thu Jan 19 2012 Tomas Mraz 1.0.0g-1 +- new upstream release fixing CVE-2012-0050 - DoS regression in + DTLS support introduced by the previous release (#782795) + +* Thu Jan 5 2012 Tomas Mraz 1.0.0f-1 +- new upstream release fixing multiple CVEs + +* Tue Nov 22 2011 Tomas Mraz 1.0.0e-4 +- move the libraries needed for static linking to Libs.private + +* Thu Nov 3 2011 Tomas Mraz 1.0.0e-3 +- do not use AVX instructions when osxsave bit not set +- add direct known answer tests for SHA2 algorithms + +* Wed Sep 21 2011 Tomas Mraz 1.0.0e-2 +- fix missing initialization of variable in CHIL engine + +* Wed Sep 7 2011 Tomas Mraz 1.0.0e-1 +- new upstream release fixing CVE-2011-3207 (#736088) + +* Wed Aug 24 2011 Tomas Mraz 1.0.0d-8 +- drop the separate engine for Intel acceleration improvements + and merge in the AES-NI, SHA1, and RC4 optimizations +- add support for OPENSSL_DISABLE_AES_NI environment variable + that disables the AES-NI support + +* Tue Jul 26 2011 Tomas Mraz 1.0.0d-7 +- correct openssl cms help output (#636266) +- more tolerant starttls detection in XMPP protocol (#608239) + +* Wed Jul 20 2011 Tomas Mraz 1.0.0d-6 +- add support for newest Intel acceleration improvements backported + from upstream by Intel in form of a separate engine + +* Thu Jun 9 2011 Tomas Mraz 1.0.0d-5 +- allow the AES-NI engine in the FIPS mode + +* Tue May 24 2011 Tomas Mraz 1.0.0d-4 +- add API necessary for CAVS testing of the new DSA parameter generation + +* Thu Apr 28 2011 Tomas Mraz 1.0.0d-3 +- add support for VIA Padlock on 64bit arch from upstream (#617539) +- do not return bogus values from load_certs (#652286) + +* Tue Apr 5 2011 Tomas Mraz 1.0.0d-2 +- clarify apps help texts for available digest algorithms (#693858) + +* Thu Feb 10 2011 Tomas Mraz 1.0.0d-1 +- new upstream release fixing CVE-2011-0014 (OCSP stapling vulnerability) + +* Tue Feb 08 2011 Fedora Release Engineering - 1.0.0c-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Fri Feb 4 2011 Tomas Mraz 1.0.0c-3 +- add -x931 parameter to openssl genrsa command to use the ANSI X9.31 + key generation method +- use FIPS-186-3 method for DSA parameter generation +- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable + to allow using MD5 when the system is in the maintenance state + even if the /proc fips flag is on +- make openssl pkcs12 command work by default in the FIPS mode + +* Mon Jan 24 2011 Tomas Mraz 1.0.0c-2 +- listen on ipv6 wildcard in s_server so we accept connections + from both ipv4 and ipv6 (#601612) +- fix openssl speed command so it can be used in the FIPS mode + with FIPS allowed ciphers + +* Fri Dec 3 2010 Tomas Mraz 1.0.0c-1 +- new upstream version fixing CVE-2010-4180 + +* Tue Nov 23 2010 Tomas Mraz 1.0.0b-3 +- replace the revert for the s390x bignum asm routines with + fix from upstream + +* Mon Nov 22 2010 Tomas Mraz 1.0.0b-2 +- revert upstream change in s390x bignum asm routines + +* Tue Nov 16 2010 Tomas Mraz 1.0.0b-1 +- new upstream version fixing CVE-2010-3864 (#649304) + +* Tue Sep 7 2010 Tomas Mraz 1.0.0a-3 +- make SHLIB_VERSION reflect the library suffix + +* Wed Jun 30 2010 Tomas Mraz 1.0.0a-2 +- openssl man page fix (#609484) + +* Fri Jun 4 2010 Tomas Mraz 1.0.0a-1 +- new upstream patch release, fixes CVE-2010-0742 (#598738) + and CVE-2010-1633 (#598732) + +* Wed May 19 2010 Tomas Mraz 1.0.0-5 +- pkgconfig files now contain the correct libdir (#593723) + +* Tue May 18 2010 Tomas Mraz 1.0.0-4 +- make CA dir readable - the private keys are in private subdir (#584810) + +* Fri Apr 9 2010 Tomas Mraz 1.0.0-3 +- a few fixes from upstream CVS +- move libcrypto to /lib (#559953) + +* Tue Apr 6 2010 Tomas Mraz 1.0.0-2 +- set UTC timezone on pod2man run (#578842) +- make X509_NAME_hash_old work in FIPS mode + +* Tue Mar 30 2010 Tomas Mraz 1.0.0-1 +- update to final 1.0.0 upstream release + +* Tue Feb 16 2010 Tomas Mraz 1.0.0-0.22.beta5 +- make TLS work in the FIPS mode + +* Fri Feb 12 2010 Tomas Mraz 1.0.0-0.21.beta5 +- gracefully handle zero length in assembler implementations of + OPENSSL_cleanse (#564029) +- do not fail in s_server if client hostname not resolvable (#561260) + +* Wed Jan 20 2010 Tomas Mraz 1.0.0-0.20.beta5 +- new upstream release + +* Thu Jan 14 2010 Tomas Mraz 1.0.0-0.19.beta4 +- fix CVE-2009-4355 - leak in applications incorrectly calling + CRYPTO_free_all_ex_data() before application exit (#546707) +- upstream fix for future TLS protocol version handling + +* Wed Jan 13 2010 Tomas Mraz 1.0.0-0.18.beta4 +- add support for Intel AES-NI + +* Thu Jan 7 2010 Tomas Mraz 1.0.0-0.17.beta4 +- upstream fix compression handling on session resumption +- various null checks and other small fixes from upstream +- upstream changes for the renegotiation info according to the latest draft + +* Mon Nov 23 2009 Tomas Mraz 1.0.0-0.16.beta4 +- fix non-fips mingw build (patch by Kalev Lember) +- add IPV6 fix for DTLS + +* Fri Nov 20 2009 Tomas Mraz 1.0.0-0.15.beta4 +- add better error reporting for the unsafe renegotiation + +* Fri Nov 20 2009 Tomas Mraz 1.0.0-0.14.beta4 +- fix build on s390x + +* Wed Nov 18 2009 Tomas Mraz 1.0.0-0.13.beta4 +- disable enforcement of the renegotiation extension on the client (#537962) +- add fixes from the current upstream snapshot + +* Fri Nov 13 2009 Tomas Mraz 1.0.0-0.12.beta4 +- keep the beta status in version number at 3 so we do not have to rebuild + openssh and possibly other dependencies with too strict version check + +* Thu Nov 12 2009 Tomas Mraz 1.0.0-0.11.beta4 +- update to new upstream version, no soname bump needed +- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used + so the compatibility with unfixed clients is not broken. The + protocol extension is also not final. + +* Fri Oct 16 2009 Tomas Mraz 1.0.0-0.10.beta3 +- fix use of freed memory if SSL_CTX_free() is called before + SSL_free() (#521342) + +* Thu Oct 8 2009 Tomas Mraz 1.0.0-0.9.beta3 +- fix typo in DTLS1 code (#527015) +- fix leak in error handling of d2i_SSL_SESSION() + +* Wed Sep 30 2009 Tomas Mraz 1.0.0-0.8.beta3 +- fix RSA and DSA FIPS selftests +- reenable fixed x86_64 camellia assembler code (#521127) + +* Fri Sep 4 2009 Tomas Mraz 1.0.0-0.7.beta3 +- temporarily disable x86_64 camellia assembler code (#521127) + +* Mon Aug 31 2009 Tomas Mraz 1.0.0-0.6.beta3 +- fix openssl dgst -dss1 (#520152) + +* Wed Aug 26 2009 Tomas Mraz 1.0.0-0.5.beta3 +- drop the compat symlink hacks + +* Sat Aug 22 2009 Tomas Mraz 1.0.0-0.4.beta3 +- constify SSL_CIPHER_description() + +* Fri Aug 21 2009 Tomas Mraz 1.0.0-0.3.beta3 +- fix WWW:Curl:Easy reference in tsget + +* Fri Aug 21 2009 Tomas Mraz 1.0.0-0.2.beta3 +- enable MD-2 + +* Thu Aug 20 2009 Tomas Mraz 1.0.0-0.1.beta3 +- update to new major upstream release + +* Sat Jul 25 2009 Fedora Release Engineering - 0.9.8k-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Wed Jul 22 2009 Bill Nottingham +- do not build special 'optimized' versions for i686, as that's the base + arch in Fedora now + +* Tue Jun 30 2009 Tomas Mraz 0.9.8k-6 +- abort if selftests failed and random number generator is polled +- mention EVP_aes and EVP_sha2xx routines in the manpages +- add README.FIPS +- make CA dir absolute path (#445344) +- change default length for RSA key generation to 2048 (#484101) + +* Thu May 21 2009 Tomas Mraz 0.9.8k-5 +- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 + (DTLS DoS problems) (#501253, #501254, #501572) + +* Tue Apr 21 2009 Tomas Mraz 0.9.8k-4 +- support compatibility DTLS mode for CISCO AnyConnect (#464629) + +* Fri Apr 17 2009 Tomas Mraz 0.9.8k-3 +- correct the SHLIB_VERSION define + +* Wed Apr 15 2009 Tomas Mraz 0.9.8k-2 +- add support for multiple CRLs with same subject +- load only dynamic engine support in FIPS mode + +* Wed Mar 25 2009 Tomas Mraz 0.9.8k-1 +- update to new upstream release (minor bug fixes, security + fixes and machine code optimizations only) + +* Thu Mar 19 2009 Tomas Mraz 0.9.8j-10 +- move libraries to /usr/lib (#239375) + +* Fri Mar 13 2009 Tomas Mraz 0.9.8j-9 +- add a static subpackage + +* Thu Feb 26 2009 Fedora Release Engineering - 0.9.8j-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Mon Feb 2 2009 Tomas Mraz 0.9.8j-7 +- must also verify checksum of libssl.so in the FIPS mode +- obtain the seed for FIPS rng directly from the kernel device +- drop the temporary symlinks + +* Mon Jan 26 2009 Tomas Mraz 0.9.8j-6 +- drop the temporary triggerpostun and symlinking in post +- fix the pkgconfig files and drop the unnecessary buildrequires + on pkgconfig as it is a rpmbuild dependency (#481419) + +* Sat Jan 17 2009 Tomas Mraz 0.9.8j-5 +- add temporary triggerpostun to reinstate the symlinks + +* Sat Jan 17 2009 Tomas Mraz 0.9.8j-4 +- no pairwise key tests in non-fips mode (#479817) + +* Fri Jan 16 2009 Tomas Mraz 0.9.8j-3 +- even more robust test for the temporary symlinks + +* Fri Jan 16 2009 Tomas Mraz 0.9.8j-2 +- try to ensure the temporary symlinks exist + +* Thu Jan 15 2009 Tomas Mraz 0.9.8j-1 +- new upstream version with necessary soname bump (#455753) +- temporarily provide symlink to old soname to make it possible to rebuild + the dependent packages in rawhide +- add eap-fast support (#428181) +- add possibility to disable zlib by setting +- add fips mode support for testing purposes +- do not null dereference on some invalid smime files +- add buildrequires pkgconfig (#479493) + +* Sun Aug 10 2008 Tomas Mraz 0.9.8g-11 +- do not add tls extensions to server hello for SSLv3 either + +* Mon Jun 2 2008 Joe Orton 0.9.8g-10 +- move root CA bundle to ca-certificates package + +* Wed May 28 2008 Tomas Mraz 0.9.8g-9 +- fix CVE-2008-0891 - server name extension crash (#448492) +- fix CVE-2008-1672 - server key exchange message omit crash (#448495) + +* Tue May 27 2008 Tomas Mraz 0.9.8g-8 +- super-H arch support +- drop workaround for bug 199604 as it should be fixed in gcc-4.3 + +* Mon May 19 2008 Tom "spot" Callaway 0.9.8g-7 +- sparc handling + +* Mon Mar 10 2008 Joe Orton 0.9.8g-6 +- update to new root CA bundle from mozilla.org (r1.45) + +* Wed Feb 20 2008 Fedora Release Engineering - 0.9.8g-5 +- Autorebuild for GCC 4.3 + +* Thu Jan 24 2008 Tomas Mraz 0.9.8g-4 +- merge review fixes (#226220) +- adjust the SHLIB_VERSION_NUMBER to reflect library name (#429846) + +* Thu Dec 13 2007 Tomas Mraz 0.9.8g-3 +- set default paths when no explicit paths are set (#418771) +- do not add tls extensions to client hello for SSLv3 (#422081) + +* Tue Dec 4 2007 Tomas Mraz 0.9.8g-2 +- enable some new crypto algorithms and features +- add some more important bug fixes from openssl CVS + +* Mon Dec 3 2007 Tomas Mraz 0.9.8g-1 +- update to latest upstream release, SONAME bumped to 7 + +* Mon Oct 15 2007 Joe Orton 0.9.8b-17 +- update to new CA bundle from mozilla.org + +* Fri Oct 12 2007 Tomas Mraz 0.9.8b-16 +- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801) +- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191) +- add alpha sub-archs (#296031) + +* Tue Aug 21 2007 Tomas Mraz 0.9.8b-15 +- rebuild + +* Fri Aug 3 2007 Tomas Mraz 0.9.8b-14 +- use localhost in testsuite, hopefully fixes slow build in koji +- CVE-2007-3108 - fix side channel attack on private keys (#250577) +- make ssl session cache id matching strict (#233599) + +* Wed Jul 25 2007 Tomas Mraz 0.9.8b-13 +- allow building on ARM architectures (#245417) +- use reference timestamps to prevent multilib conflicts (#218064) +- -devel package must require pkgconfig (#241031) + +* Mon Dec 11 2006 Tomas Mraz 0.9.8b-12 +- detect duplicates in add_dir properly (#206346) + +* Thu Nov 30 2006 Tomas Mraz 0.9.8b-11 +- the previous change still didn't make X509_NAME_cmp transitive + +* Thu Nov 23 2006 Tomas Mraz 0.9.8b-10 +- make X509_NAME_cmp transitive otherwise certificate lookup + is broken (#216050) + +* Thu Nov 2 2006 Tomas Mraz 0.9.8b-9 +- aliasing bug in engine loading, patch by IBM (#213216) + +* Mon Oct 2 2006 Tomas Mraz 0.9.8b-8 +- CVE-2006-2940 fix was incorrect (#208744) + +* Mon Sep 25 2006 Tomas Mraz 0.9.8b-7 +- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276) +- fix CVE-2006-2940 - parasitic public keys DoS (#207274) +- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940) +- fix CVE-2006-4343 - sslv2 client DoS (#206940) + +* Tue Sep 5 2006 Tomas Mraz 0.9.8b-6 +- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180) + +* Wed Aug 2 2006 Tomas Mraz - 0.9.8b-5 +- set buffering to none on stdio/stdout FILE when bufsize is set (#200580) + patch by IBM + +* Fri Jul 28 2006 Alexandre Oliva - 0.9.8b-4.1 +- rebuild with new binutils (#200330) + +* Fri Jul 21 2006 Tomas Mraz - 0.9.8b-4 +- add a temporary workaround for sha512 test failure on s390 (#199604) + +* Thu Jul 20 2006 Tomas Mraz +- add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737) +- add patches for BN threadsafety, AES cache collision attack hazard fix and + pkcs7 code memleak fix from upstream CVS + +* Wed Jul 12 2006 Jesse Keating - 0.9.8b-3.1 +- rebuild + +* Wed Jun 21 2006 Tomas Mraz - 0.9.8b-3 +- dropped libica and ica engine from build + +* Wed Jun 21 2006 Joe Orton +- update to new CA bundle from mozilla.org; adds CA certificates + from netlock.hu and startcom.org + +* Mon Jun 5 2006 Tomas Mraz - 0.9.8b-2 +- fixed a few rpmlint warnings +- better fix for #173399 from upstream +- upstream fix for pkcs12 + +* Thu May 11 2006 Tomas Mraz - 0.9.8b-1 +- upgrade to new version, stays ABI compatible +- there is no more linux/config.h (it was empty anyway) + +* Tue Apr 4 2006 Tomas Mraz - 0.9.8a-6 +- fix stale open handles in libica (#177155) +- fix build if 'rand' or 'passwd' in buildroot path (#178782) +- initialize VIA Padlock engine (#186857) + +* Fri Feb 10 2006 Jesse Keating - 0.9.8a-5.2 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 0.9.8a-5.1 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Thu Dec 15 2005 Tomas Mraz 0.9.8a-5 +- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG + in SSL_OP_ALL (#175779) + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Tue Nov 29 2005 Tomas Mraz 0.9.8a-4 +- fix build (-lcrypto was erroneusly dropped) of the updated libica +- updated ICA engine to 1.3.6-rc3 + +* Tue Nov 22 2005 Tomas Mraz 0.9.8a-3 +- disable builtin compression methods for now until they work + properly (#173399) + +* Wed Nov 16 2005 Tomas Mraz 0.9.8a-2 +- don't set -rpath for openssl binary + +* Tue Nov 8 2005 Tomas Mraz 0.9.8a-1 +- new upstream version +- patches partially renumbered + +* Fri Oct 21 2005 Tomas Mraz 0.9.7f-11 +- updated IBM ICA engine library and patch to latest upstream version + +* Wed Oct 12 2005 Tomas Mraz 0.9.7f-10 +- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which + disables the countermeasure against man in the middle attack in SSLv2 + (#169863) +- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803) + +* Tue Aug 23 2005 Tomas Mraz 0.9.7f-9 +- add *.so.soversion as symlinks in /lib (#165264) +- remove unpackaged symlinks (#159595) +- fixes from upstream (constant time fixes for DSA, + bn assembler div on ppc arch, initialize memory on realloc) + +* Thu Aug 11 2005 Phil Knirsch 0.9.7f-8 +- Updated ICA engine IBM patch to latest upstream version. + +* Thu May 19 2005 Tomas Mraz 0.9.7f-7 +- fix CAN-2005-0109 - use constant time/memory access mod_exp + so bits of private key aren't leaked by cache eviction (#157631) +- a few more fixes from upstream 0.9.7g + +* Wed Apr 27 2005 Tomas Mraz 0.9.7f-6 +- use poll instead of select in rand (#128285) +- fix Makefile.certificate to point to /etc/pki/tls +- change the default string mask in ASN1 to PrintableString+UTF8String + +* Mon Apr 25 2005 Joe Orton 0.9.7f-5 +- update to revision 1.37 of Mozilla CA bundle + +* Thu Apr 21 2005 Tomas Mraz 0.9.7f-4 +- move certificates to _sysconfdir/pki/tls (#143392) +- move CA directories to _sysconfdir/pki/CA +- patch the CA script and the default config so it points to the + CA directories + +* Fri Apr 1 2005 Tomas Mraz 0.9.7f-3 +- uninitialized variable mustn't be used as input in inline + assembly +- reenable the x86_64 assembly again + +* Thu Mar 31 2005 Tomas Mraz 0.9.7f-2 +- add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken +- disable broken bignum assembly on x86_64 + +* Wed Mar 30 2005 Tomas Mraz 0.9.7f-1 +- reenable optimizations on ppc64 and assembly code on ia64 +- upgrade to new upstream version (no soname bump needed) +- disable thread test - it was testing the backport of the + RSA blinding - no longer needed +- added support for changing serial number to + Makefile.certificate (#151188) +- make ca-bundle.crt a config file (#118903) + +* Tue Mar 1 2005 Tomas Mraz 0.9.7e-3 +- libcrypto shouldn't depend on libkrb5 (#135961) + +* Mon Feb 28 2005 Tomas Mraz 0.9.7e-2 +- rebuild + +* Mon Feb 28 2005 Tomas Mraz 0.9.7e-1 +- new upstream source, updated patches +- added patch so we are hopefully ABI compatible with upcoming + 0.9.7f + +* Thu Feb 10 2005 Tomas Mraz +- Support UTF-8 charset in the Makefile.certificate (#134944) +- Added cmp to BuildPrereq + +* Thu Jan 27 2005 Joe Orton 0.9.7a-46 +- generate new ca-bundle.crt from Mozilla certdata.txt (revision 1.32) + +* Thu Dec 23 2004 Phil Knirsch 0.9.7a-45 +- Fixed and updated libica-1.3.4-urandom.patch patch (#122967) + +* Fri Nov 19 2004 Nalin Dahyabhai 0.9.7a-44 +- rebuild + +* Fri Nov 19 2004 Nalin Dahyabhai 0.9.7a-43 +- rebuild + +* Fri Nov 19 2004 Nalin Dahyabhai 0.9.7a-42 +- rebuild + +* Fri Nov 19 2004 Nalin Dahyabhai 0.9.7a-41 +- remove der_chop, as upstream cvs has done (CAN-2004-0975, #140040) + +* Tue Oct 05 2004 Phil Knirsch 0.9.7a-40 +- Include latest libica version with important bugfixes + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Mon Jun 14 2004 Phil Knirsch 0.9.7a-38 +- Updated ICA engine IBM patch to latest upstream version. + +* Mon Jun 7 2004 Nalin Dahyabhai 0.9.7a-37 +- build for linux-alpha-gcc instead of alpha-gcc on alpha (Jeff Garzik) + +* Tue May 25 2004 Nalin Dahyabhai 0.9.7a-36 +- handle %%{_arch}=i486/i586/i686/athlon cases in the intermediate + header (#124303) + +* Thu Mar 25 2004 Joe Orton 0.9.7a-35 +- add security fixes for CAN-2004-0079, CAN-2004-0112 + +* Tue Mar 16 2004 Phil Knirsch +- Fixed libica filespec. + +* Thu Mar 11 2004 Nalin Dahyabhai 0.9.7a-34 +- ppc/ppc64 define __powerpc__/__powerpc64__, not __ppc__/__ppc64__, fix + the intermediate header + +* Wed Mar 10 2004 Nalin Dahyabhai 0.9.7a-33 +- add an intermediate which points to the right + arch-specific opensslconf.h on multilib arches + +* Tue Mar 02 2004 Elliot Lee +- rebuilt + +* Thu Feb 26 2004 Phil Knirsch 0.9.7a-32 +- Updated libica to latest upstream version 1.3.5. + +* Tue Feb 17 2004 Phil Knirsch 0.9.7a-31 +- Update ICA crypto engine patch from IBM to latest version. + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Fri Feb 13 2004 Phil Knirsch 0.9.7a-29 +- rebuilt + +* Wed Feb 11 2004 Phil Knirsch 0.9.7a-28 +- Fixed libica build. + +* Wed Feb 4 2004 Nalin Dahyabhai +- add "-ldl" to link flags added for Linux-on-ARM (#99313) + +* Wed Feb 4 2004 Joe Orton 0.9.7a-27 +- updated ca-bundle.crt: removed expired GeoTrust roots, added + freessl.com root, removed trustcenter.de Class 0 root + +* Sun Nov 30 2003 Tim Waugh 0.9.7a-26 +- Fix link line for libssl (bug #111154). + +* Fri Oct 24 2003 Nalin Dahyabhai 0.9.7a-25 +- add dependency on zlib-devel for the -devel package, which depends on zlib + symbols because we enable zlib for libssl (#102962) + +* Fri Oct 24 2003 Phil Knirsch 0.9.7a-24 +- Use /dev/urandom instead of PRNG for libica. +- Apply libica-1.3.5 fix for /dev/urandom in icalinux.c +- Use latest ICA engine patch from IBM. + +* Sat Oct 4 2003 Nalin Dahyabhai 0.9.7a-22.1 +- rebuild + +* Wed Oct 1 2003 Nalin Dahyabhai 0.9.7a-22 +- rebuild (22 wasn't actually built, fun eh?) + +* Tue Sep 30 2003 Nalin Dahyabhai 0.9.7a-23 +- re-disable optimizations on ppc64 + +* Tue Sep 30 2003 Joe Orton +- add a_mbstr.c fix for 64-bit platforms from CVS + +* Tue Sep 30 2003 Nalin Dahyabhai 0.9.7a-22 +- add -Wa,--noexecstack to RPM_OPT_FLAGS so that assembled modules get tagged + as not needing executable stacks + +* Mon Sep 29 2003 Nalin Dahyabhai 0.9.7a-21 +- rebuild + +* Thu Sep 25 2003 Nalin Dahyabhai +- re-enable optimizations on ppc64 + +* Thu Sep 25 2003 Nalin Dahyabhai +- remove exclusivearch + +* Wed Sep 24 2003 Nalin Dahyabhai 0.9.7a-20 +- only parse a client cert if one was requested +- temporarily exclusivearch for %%{ix86} + +* Tue Sep 23 2003 Nalin Dahyabhai +- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544) + and heap corruption (CAN-2003-0545) +- update RHNS-CA-CERT files +- ease back on the number of threads used in the threading test + +* Wed Sep 17 2003 Matt Wilson 0.9.7a-19 +- rebuild to fix gzipped file md5sums (#91211) + +* Mon Aug 25 2003 Phil Knirsch 0.9.7a-18 +- Updated libica to version 1.3.4. + +* Thu Jul 17 2003 Nalin Dahyabhai 0.9.7a-17 +- rebuild + +* Tue Jul 15 2003 Nalin Dahyabhai 0.9.7a-10.9 +- free the kssl_ctx structure when we free an SSL structure (#99066) + +* Fri Jul 11 2003 Nalin Dahyabhai 0.9.7a-16 +- rebuild + +* Thu Jul 10 2003 Nalin Dahyabhai 0.9.7a-15 +- lower thread test count on s390x + +* Tue Jul 8 2003 Nalin Dahyabhai 0.9.7a-14 +- rebuild + +* Thu Jun 26 2003 Nalin Dahyabhai 0.9.7a-13 +- disable assembly on arches where it seems to conflict with threading + +* Thu Jun 26 2003 Phil Knirsch 0.9.7a-12 +- Updated libica to latest upstream version 1.3.0 + +* Wed Jun 11 2003 Nalin Dahyabhai 0.9.7a-9.9 +- rebuild + +* Wed Jun 11 2003 Nalin Dahyabhai 0.9.7a-11 +- rebuild + +* Tue Jun 10 2003 Nalin Dahyabhai 0.9.7a-10 +- ubsec: don't stomp on output data which might also be input data + +* Tue Jun 10 2003 Nalin Dahyabhai 0.9.7a-9 +- temporarily disable optimizations on ppc64 + +* Mon Jun 9 2003 Nalin Dahyabhai +- backport fix for engine-used-for-everything from 0.9.7b +- backport fix for prng not being seeded causing problems, also from 0.9.7b +- add a check at build-time to ensure that RSA is thread-safe +- keep perlpath from stomping on the libica configure scripts + +* Fri Jun 6 2003 Nalin Dahyabhai +- thread-safety fix for RSA blinding + +* Wed Jun 04 2003 Elliot Lee 0.9.7a-8 +- rebuilt + +* Fri May 30 2003 Phil Knirsch 0.9.7a-7 +- Added libica-1.2 to openssl (featurerequest). + +* Wed Apr 16 2003 Nalin Dahyabhai 0.9.7a-6 +- fix building with incorrect flags on ppc64 + +* Wed Mar 19 2003 Nalin Dahyabhai 0.9.7a-5 +- add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's + attack (CAN-2003-0131) + +* Mon Mar 17 2003 Nalin Dahyabhai 0.9.7a-4 +- add patch to enable RSA blinding by default, closing a timing attack + (CAN-2003-0147) + +* Wed Mar 5 2003 Nalin Dahyabhai 0.9.7a-3 +- disable use of BN assembly module on x86_64, but continue to allow inline + assembly (#83403) + +* Thu Feb 27 2003 Nalin Dahyabhai 0.9.7a-2 +- disable EC algorithms + +* Wed Feb 19 2003 Nalin Dahyabhai 0.9.7a-1 +- update to 0.9.7a + +* Wed Feb 19 2003 Nalin Dahyabhai 0.9.7-8 +- add fix to guard against attempts to allocate negative amounts of memory +- add patch for CAN-2003-0078, fixing a timing attack + +* Thu Feb 13 2003 Elliot Lee 0.9.7-7 +- Add openssl-ppc64.patch + +* Mon Feb 10 2003 Nalin Dahyabhai 0.9.7-6 +- EVP_DecryptInit should call EVP_CipherInit() instead of EVP_CipherInit_ex(), + to get the right behavior when passed uninitialized context structures + (#83766) +- build with -mcpu=ev5 on alpha family (#83828) + +* Wed Jan 22 2003 Tim Powers +- rebuilt + +* Fri Jan 17 2003 Phil Knirsch 0.9.7-4 +- Added IBM hw crypto support patch. + +* Wed Jan 15 2003 Nalin Dahyabhai +- add missing builddep on sed + +* Thu Jan 9 2003 Bill Nottingham 0.9.7-3 +- debloat +- fix broken manpage symlinks + +* Wed Jan 8 2003 Nalin Dahyabhai 0.9.7-2 +- fix double-free in 'openssl ca' + +* Fri Jan 3 2003 Nalin Dahyabhai 0.9.7-1 +- update to 0.9.7 final + +* Tue Dec 17 2002 Nalin Dahyabhai 0.9.7-0 +- update to 0.9.7 beta6 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7) + +* Wed Dec 11 2002 Nalin Dahyabhai +- update to 0.9.7 beta5 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7) + +* Tue Oct 22 2002 Nalin Dahyabhai 0.9.6b-30 +- add configuration stanza for x86_64 and use it on x86_64 +- build for linux-ppc on ppc +- start running the self-tests again + +* Wed Oct 02 2002 Elliot Lee 0.9.6b-29hammer.3 +- Merge fixes from previous hammer packages, including general x86-64 and + multilib + +* Tue Aug 6 2002 Nalin Dahyabhai 0.9.6b-29 +- rebuild + +* Thu Aug 1 2002 Nalin Dahyabhai 0.9.6b-28 +- update asn patch to fix accidental reversal of a logic check + +* Wed Jul 31 2002 Nalin Dahyabhai 0.9.6b-27 +- update asn patch to reduce chance that compiler optimization will remove + one of the added tests + +* Wed Jul 31 2002 Nalin Dahyabhai 0.9.6b-26 +- rebuild + +* Mon Jul 29 2002 Nalin Dahyabhai 0.9.6b-25 +- add patch to fix ASN.1 vulnerabilities + +* Thu Jul 25 2002 Nalin Dahyabhai 0.9.6b-24 +- add backport of Ben Laurie's patches for OpenSSL 0.9.6d + +* Wed Jul 17 2002 Nalin Dahyabhai 0.9.6b-23 +- own {_datadir}/ssl/misc + +* Fri Jun 21 2002 Tim Powers +- automated rebuild + +* Sun May 26 2002 Tim Powers +- automated rebuild + +* Fri May 17 2002 Nalin Dahyabhai 0.9.6b-20 +- free ride through the build system (whee!) + +* Thu May 16 2002 Nalin Dahyabhai 0.9.6b-19 +- rebuild in new environment + +* Thu Apr 4 2002 Nalin Dahyabhai 0.9.6b-17, 0.9.6b-18 +- merge RHL-specific bits into stronghold package, rename + +* Tue Apr 02 2002 Gary Benson stronghold-0.9.6c-2 +- add support for Chrysalis Luna token + +* Tue Mar 26 2002 Gary Benson +- disable AEP random number generation, other AEP fixes + +* Fri Mar 15 2002 Nalin Dahyabhai 0.9.6b-15 +- only build subpackages on primary arches + +* Thu Mar 14 2002 Nalin Dahyabhai 0.9.6b-13 +- on ia32, only disable use of assembler on i386 +- enable assembly on ia64 + +* Mon Jan 7 2002 Florian La Roche 0.9.6b-11 +- fix sparcv9 entry + +* Mon Jan 7 2002 Gary Benson stronghold-0.9.6c-1 +- upgrade to 0.9.6c +- bump BuildArch to i686 and enable assembler on all platforms +- synchronise with shrimpy and rawhide +- bump soversion to 3 + +* Wed Oct 10 2001 Florian La Roche +- delete BN_LLONG for s390x, patch from Oliver Paukstadt + +* Mon Sep 17 2001 Nalin Dahyabhai 0.9.6b-9 +- update AEP driver patch + +* Mon Sep 10 2001 Nalin Dahyabhai +- adjust RNG disabling patch to match version of patch from Broadcom + +* Fri Sep 7 2001 Nalin Dahyabhai 0.9.6b-8 +- disable the RNG in the ubsec engine driver + +* Tue Aug 28 2001 Nalin Dahyabhai 0.9.6b-7 +- tweaks to the ubsec engine driver + +* Fri Aug 24 2001 Nalin Dahyabhai 0.9.6b-6 +- tweaks to the ubsec engine driver + +* Thu Aug 23 2001 Nalin Dahyabhai 0.9.6b-5 +- update ubsec engine driver from Broadcom + +* Fri Aug 10 2001 Nalin Dahyabhai 0.9.6b-4 +- move man pages back to %%{_mandir}/man?/foo.?ssl from + %%{_mandir}/man?ssl/foo.? +- add an [ engine ] section to the default configuration file + +* Thu Aug 9 2001 Nalin Dahyabhai +- add a patch for selecting a default engine in SSL_library_init() + +* Mon Jul 23 2001 Nalin Dahyabhai 0.9.6b-3 +- add patches for AEP hardware support +- add patch to keep trying when we fail to load a cert from a file and + there are more in the file +- add missing prototype for ENGINE_ubsec() in engine_int.h + +* Wed Jul 18 2001 Nalin Dahyabhai 0.9.6b-2 +- actually add hw_ubsec to the engine list + +* Tue Jul 17 2001 Nalin Dahyabhai +- add in the hw_ubsec driver from CVS + +* Wed Jul 11 2001 Nalin Dahyabhai 0.9.6b-1 +- update to 0.9.6b + +* Thu Jul 5 2001 Nalin Dahyabhai +- move .so symlinks back to %%{_libdir} + +* Tue Jul 3 2001 Nalin Dahyabhai +- move shared libraries to /lib (#38410) + +* Mon Jun 25 2001 Nalin Dahyabhai +- switch to engine code base + +* Mon Jun 18 2001 Nalin Dahyabhai +- add a script for creating dummy certificates +- move man pages from %%{_mandir}/man?/foo.?ssl to %%{_mandir}/man?ssl/foo.? + +* Thu Jun 07 2001 Florian La Roche +- add s390x support + +* Fri Jun 1 2001 Nalin Dahyabhai +- change two memcpy() calls to memmove() +- don't define L_ENDIAN on alpha + +* Wed May 23 2001 Joe Orton stronghold-0.9.6a-1 +- Add 'stronghold-' prefix to package names. +- Obsolete standard openssl packages. + +* Wed May 16 2001 Joe Orton +- Add BuildArch: i586 as per Nalin's advice. + +* Tue May 15 2001 Joe Orton +- Enable assembler on ix86 (using new .tar.bz2 which does + include the asm directories). + +* Tue May 15 2001 Nalin Dahyabhai +- make subpackages depend on the main package + +* Tue May 1 2001 Nalin Dahyabhai +- adjust the hobble script to not disturb symlinks in include/ (fix from + Joe Orton) + +* Fri Apr 27 2001 Nalin Dahyabhai +- drop the m2crypo patch we weren't using + +* Tue Apr 24 2001 Nalin Dahyabhai +- configure using "shared" as well + +* Sun Apr 8 2001 Nalin Dahyabhai +- update to 0.9.6a +- use the build-shared target to build shared libraries +- bump the soversion to 2 because we're no longer compatible with + our 0.9.5a packages or our 0.9.6 packages +- drop the patch for making rsatest a no-op when rsa null support is used +- put all man pages into
ssl instead of
+- break the m2crypto modules into a separate package + +* Tue Mar 13 2001 Nalin Dahyabhai +- use BN_LLONG on s390 + +* Mon Mar 12 2001 Nalin Dahyabhai +- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit) + +* Sat Mar 3 2001 Nalin Dahyabhai +- move c_rehash to the perl subpackage, because it's a perl script now + +* Fri Mar 2 2001 Nalin Dahyabhai +- update to 0.9.6 +- enable MD2 +- use the libcrypto.so and libssl.so targets to build shared libs with +- bump the soversion to 1 because we're no longer compatible with any of + the various 0.9.5a packages circulating around, which provide lib*.so.0 + +* Wed Feb 28 2001 Florian La Roche +- change hobble-openssl for disabling MD2 again + +* Tue Feb 27 2001 Nalin Dahyabhai +- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152 + bytes or so, causing EVP_DigestInit() to zero out stack variables in + apps built against a version of the library without it + +* Mon Feb 26 2001 Nalin Dahyabhai +- disable some inline assembly, which on x86 is Pentium-specific +- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all) + +* Thu Feb 08 2001 Florian La Roche +- fix s390 patch + +* Fri Dec 8 2000 Than Ngo +- added support s390 + +* Mon Nov 20 2000 Nalin Dahyabhai +- remove -Wa,* and -m* compiler flags from the default Configure file (#20656) +- add the CA.pl man page to the perl subpackage + +* Thu Nov 2 2000 Nalin Dahyabhai +- always build with -mcpu=ev5 on alpha + +* Tue Oct 31 2000 Nalin Dahyabhai +- add a symlink from cert.pem to ca-bundle.crt + +* Wed Oct 25 2000 Nalin Dahyabhai +- add a ca-bundle file for packages like Samba to reference for CA certificates + +* Tue Oct 24 2000 Nalin Dahyabhai +- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295) + +* Mon Oct 2 2000 Nalin Dahyabhai +- add unzip as a buildprereq (#17662) +- update m2crypto to 0.05-snap4 + +* Tue Sep 26 2000 Bill Nottingham +- fix some issues in building when it's not installed + +* Wed Sep 6 2000 Nalin Dahyabhai +- make sure the headers we include are the ones we built with (aaaaarrgh!) + +* Fri Sep 1 2000 Nalin Dahyabhai +- add Richard Henderson's patch for BN on ia64 +- clean up the changelog + +* Tue Aug 29 2000 Nalin Dahyabhai +- fix the building of python modules without openssl-devel already installed + +* Wed Aug 23 2000 Nalin Dahyabhai +- byte-compile python extensions without the build-root +- adjust the makefile to not remove temporary files (like .key files when + building .csr files) by marking them as .PRECIOUS + +* Sat Aug 19 2000 Nalin Dahyabhai +- break out python extensions into a subpackage + +* Mon Jul 17 2000 Nalin Dahyabhai +- tweak the makefile some more + +* Tue Jul 11 2000 Nalin Dahyabhai +- disable MD2 support + +* Thu Jul 6 2000 Nalin Dahyabhai +- disable MDC2 support + +* Sun Jul 2 2000 Nalin Dahyabhai +- tweak the disabling of RC5, IDEA support +- tweak the makefile + +* Thu Jun 29 2000 Nalin Dahyabhai +- strip binaries and libraries +- rework certificate makefile to have the right parts for Apache + +* Wed Jun 28 2000 Nalin Dahyabhai +- use %%{_perl} instead of /usr/bin/perl +- disable alpha until it passes its own test suite + +* Fri Jun 9 2000 Nalin Dahyabhai +- move the passwd.1 man page out of the passwd package's way + +* Fri Jun 2 2000 Nalin Dahyabhai +- update to 0.9.5a, modified for U.S. +- add perl as a build-time requirement +- move certificate makefile to another package +- disable RC5, IDEA, RSA support +- remove optimizations for now + +* Wed Mar 1 2000 Florian La Roche +- Bero told me to move the Makefile into this package + +* Wed Mar 1 2000 Florian La Roche +- add lib*.so symlinks to link dynamically against shared libs + +* Tue Feb 29 2000 Florian La Roche +- update to 0.9.5 +- run ldconfig directly in post/postun +- add FAQ + +* Sat Dec 18 1999 Bernhard Rosenkrdnzer +- Fix build on non-x86 platforms + +* Fri Nov 12 1999 Bernhard Rosenkrdnzer +- move /usr/share/ssl/* from -devel to main package + +* Tue Oct 26 1999 Bernhard Rosenkrdnzer +- inital packaging +- changes from base: + - Move /usr/local/ssl to /usr/share/ssl for FHS compliance + - handle RPM_OPT_FLAGS diff --git a/opensslconf-new-warning.h b/opensslconf-new-warning.h new file mode 100644 index 0000000..de091c8 --- /dev/null +++ b/opensslconf-new-warning.h @@ -0,0 +1,7 @@ +/* Prepended at openssl package build-time. Don't include this file directly, + * use instead. */ + +#ifndef openssl_opensslconf_multilib_redirection_h +#error "Don't include this file directly, use instead!" +#endif + diff --git a/opensslconf-new.h b/opensslconf-new.h new file mode 100644 index 0000000..04363c3 --- /dev/null +++ b/opensslconf-new.h @@ -0,0 +1,47 @@ +/* This file is here to prevent a file conflict on multiarch systems. A + * conflict will frequently occur because arch-specific build-time + * configuration options are stored (and used, so they can't just be stripped + * out) in opensslconf.h. The original opensslconf.h has been renamed. + * DO NOT INCLUDE THE NEW FILE DIRECTLY -- ALWAYS INCLUDE THIS ONE INSTEAD. */ + +#ifdef openssl_opensslconf_multilib_redirection_h +#error "Do not define openssl_opensslconf_multilib_redirection_h!" +#endif +#define openssl_opensslconf_multilib_redirection_h + +#if defined(__i386__) +#include "opensslconf-i386.h" +#elif defined(__ia64__) +#include "opensslconf-ia64.h" +#elif defined(__mips64) && defined(__MIPSEL__) +#include "opensslconf-mips64el.h" +#elif defined(__mips64) +#include "opensslconf-mips64.h" +#elif defined(__mips) && defined(__MIPSEL__) +#include "opensslconf-mipsel.h" +#elif defined(__mips) +#include "opensslconf-mips.h" +#elif defined(__powerpc64__) +#include +#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ +#include "opensslconf-ppc64.h" +#else +#include "opensslconf-ppc64le.h" +#endif +#elif defined(__powerpc__) +#include "opensslconf-ppc.h" +#elif defined(__s390x__) +#include "opensslconf-s390x.h" +#elif defined(__s390__) +#include "opensslconf-s390.h" +#elif defined(__sparc__) && defined(__arch64__) +#include "opensslconf-sparc64.h" +#elif defined(__sparc__) +#include "opensslconf-sparc.h" +#elif defined(__x86_64__) +#include "opensslconf-x86_64.h" +#else +#error "This openssl-devel package does not work your architecture?" +#endif + +#undef openssl_opensslconf_multilib_redirection_h diff --git a/renew-dummy-cert b/renew-dummy-cert new file mode 100755 index 0000000..92e271c --- /dev/null +++ b/renew-dummy-cert @@ -0,0 +1,39 @@ +#!/bin/bash + +if [ $# -eq 0 ]; then + echo $"Usage: `basename $0` filename" 1>&2 + exit 1 +fi + +PEM=$1 +REQ=`/bin/mktemp /tmp/openssl.XXXXXX` +KEY=`/bin/mktemp /tmp/openssl.XXXXXX` +CRT=`/bin/mktemp /tmp/openssl.XXXXXX` +NEW=${PEM}_ + +trap "rm -f $REQ $KEY $CRT $NEW" SIGINT + +if [ ! -f $PEM ]; then + echo "$PEM: file not found" 1>&2 + exit 1 +fi + +umask 077 + +OWNER=`ls -l $PEM | awk '{ printf "%s.%s", $3, $4; }'` + +openssl rsa -inform pem -in $PEM -out $KEY +openssl x509 -x509toreq -in $PEM -signkey $KEY -out $REQ +openssl x509 -req -in $REQ -signkey $KEY -days 365 \ + -extfile /etc/pki/tls/openssl.cnf -extensions v3_ca -out $CRT + +(cat $KEY ; echo "" ; cat $CRT) > $NEW + +chown $OWNER $NEW + +mv -f $NEW $PEM + +rm -f $REQ $KEY $CRT + +exit 0 + diff --git a/sources b/sources new file mode 100644 index 0000000..50e115e --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (openssl-1.1.1g-hobbled.tar.xz) = 7cd351d8fd4a028edcdc6804d8b73af7ff5693ab96cafd4f9252534d4e8e9000e22aefa45f51db490da52d89f4e5b41d02452be0b516fbb0fe84e36d5ca54971 diff --git a/tests/simple-rsapss-test/Makefile b/tests/simple-rsapss-test/Makefile new file mode 100644 index 0000000..13a123d --- /dev/null +++ b/tests/simple-rsapss-test/Makefile @@ -0,0 +1,63 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of /CoreOS/openssl/Sanity/simple-rsapss-test +# Description: Test if RSA-PSS signature scheme is supported +# Author: Hubert Kario +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=/CoreOS/openssl/Sanity/simple-rsapss-test +export TESTVERSION=1.0 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + test -x runtest.sh || chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +-include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Hubert Kario " > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Test if RSA-PSS signature scheme is supported" >> $(METADATA) + @echo "Type: Sanity" >> $(METADATA) + @echo "TestTime: 1m" >> $(METADATA) + @echo "RunFor: openssl" >> $(METADATA) + @echo "Requires: openssl man man-db" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/simple-rsapss-test/PURPOSE b/tests/simple-rsapss-test/PURPOSE new file mode 100644 index 0000000..66848e7 --- /dev/null +++ b/tests/simple-rsapss-test/PURPOSE @@ -0,0 +1,3 @@ +PURPOSE of /CoreOS/openssl/Sanity/simple-rsapss-test +Description: Test if RSA-PSS signature scheme is supported +Author: Hubert Kario diff --git a/tests/simple-rsapss-test/runtest.sh b/tests/simple-rsapss-test/runtest.sh new file mode 100755 index 0000000..8b60e2f --- /dev/null +++ b/tests/simple-rsapss-test/runtest.sh @@ -0,0 +1,74 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of /CoreOS/openssl/Sanity/simple-rsapss-test +# Description: Test if RSA-PSS signature scheme is supported +# Author: Hubert Kario +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2013 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include Beaker environment +. /usr/share/beakerlib/beakerlib.sh || exit 1 + +PACKAGE="openssl" + +PUB_KEY="rsa_pubkey.pem" +PRIV_KEY="rsa_key.pem" +FILE="text.txt" +SIG="text.sig" + +rlJournalStart + rlPhaseStartSetup + rlAssertRpm $PACKAGE + rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" + rlRun "pushd $TmpDir" + rlRun "openssl genrsa -out $PRIV_KEY 2048" 0 "Generate RSA key" + rlRun "openssl rsa -in $PRIV_KEY -out $PUB_KEY -pubout" 0 "Split the public key from private key" + rlRun "echo 'sign me!' > $FILE" 0 "Create file for signing" + rlAssertExists $FILE + rlAssertExists $PRIV_KEY + rlAssertExists $PUB_KEY + rlPhaseEnd + + rlPhaseStartTest "Test RSA-PSS padding mode" + set -o pipefail + rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -out $SIG -sign $PRIV_KEY $FILE" 0 "Sign the file" + rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -prverify $PRIV_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using the private key file" + rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -verify $PUB_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using public key file" + rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -prverify $PRIV_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using the private key file without specifying salt length" + rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -verify $PUB_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using public key file without specifying salt length" + set +o pipefail + rlRun "sed -i 's/sign/Sign/' $FILE" 0 "Modify signed file" + rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -verify $PUB_KEY -signature $SIG $FILE | grep 'Verification Failure'" 0 "Verify that the signature is no longer valid" + rlPhaseEnd + + rlPhaseStartTest "Documentation check" + [ -e "$(rpm -ql openssl | grep dgst)"] && rlRun "man dgst | col -b | grep -- -sigopt" 0 "Check if -sigopt option is described in man page" + rlRun "openssl dgst -help 2>&1 | grep -- -sigopt" 0 "Check if -sigopt option is present in help message" + rlPhaseEnd + + rlPhaseStartCleanup + rlRun "popd" + rlRun "rm -r $TmpDir" 0 "Removing tmp directory" + rlPhaseEnd +rlJournalPrintText +rlJournalEnd diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..4b71d56 --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1,15 @@ +--- +# This first play always runs on the local staging system +- hosts: localhost + roles: + - role: standard-test-beakerlib + tags: + - classic + - container + tests: + - simple-rsapss-test + required_packages: + - findutils # beakerlib needs find command + - man # needed by simple-rsapss-test + - man-db # needed by simple-rsapss-test + - openssl # needed by simple-rsapss-test diff --git a/tests/tests_python.yml b/tests/tests_python.yml new file mode 100644 index 0000000..5341446 --- /dev/null +++ b/tests/tests_python.yml @@ -0,0 +1,18 @@ +--- +- hosts: localhost + roles: + - role: standard-test-basic + tags: + - classic + repositories: + - repo: "https://src.fedoraproject.org/tests/python.git" + dest: "python" + tests: + - python_selftest: + dir: python/selftest + run: X="test_ssl test_asyncio test_hashlib test_ftplib test_httplib test_imaplib test_logging test_nntplib test_poplib test_urllib2_localnet test_urllib test_xmlrpc" ./parallel.sh + required_packages: + - gcc # for extension building in venv and selftest + - python3-tkinter # for selftest + - python3-test # for selftest + - python3-rpm-macros # for dynamic python version From a99ab8f40a6b24fcc63bd4f1b63a0fbd4375747a Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Mon, 9 Nov 2020 15:40:36 +0000 Subject: [PATCH 03/41] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/openssl.git#3413ff9700373616a74dcf14fe75868d046e22e2 --- .gitignore | 1 + ectest.c | 84 ++++++++++++++++++++++- openssl-1.1.1-ec-curves.patch | 84 +++++++++++++++++++---- openssl-1.1.1-fips-dh.patch | 97 +++------------------------ openssl-1.1.1-fips.patch | 8 +-- openssl-1.1.1-ignore-bound.patch | 14 ---- openssl-1.1.1-reneg-no-extms.patch | 44 ------------ openssl-1.1.1-ts-sha256-default.patch | 52 +++++++++----- openssl-1.1.1-version-override.patch | 6 +- openssl.spec | 13 ++-- sources | 2 +- 11 files changed, 216 insertions(+), 189 deletions(-) delete mode 100644 openssl-1.1.1-ignore-bound.patch delete mode 100644 openssl-1.1.1-reneg-no-extms.patch diff --git a/.gitignore b/.gitignore index c6aba1d..3305a0f 100644 --- a/.gitignore +++ b/.gitignore @@ -48,3 +48,4 @@ openssl-1.0.0a-usa.tar.bz2 /openssl-1.1.1e-hobbled.tar.xz /openssl-1.1.1f-hobbled.tar.xz /openssl-1.1.1g-hobbled.tar.xz +/openssl-1.1.1h-hobbled.tar.xz diff --git a/ectest.c b/ectest.c index c16642e..e4fd45b 100644 --- a/ectest.c +++ b/ectest.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the OpenSSL license (the "License"). You may not use @@ -1425,6 +1425,87 @@ static int ec_point_hex2point_test(int id) return ret; } +/* + * check the EC_METHOD respects the supplied EC_GROUP_set_generator G + */ +static int custom_generator_test(int id) +{ + int ret = 0, nid, bsize; + EC_GROUP *group = NULL; + EC_POINT *G2 = NULL, *Q1 = NULL, *Q2 = NULL; + BN_CTX *ctx = NULL; + BIGNUM *k = NULL; + unsigned char *b1 = NULL, *b2 = NULL; + + /* Do some setup */ + nid = curves[id].nid; + TEST_note("Curve %s", OBJ_nid2sn(nid)); + if (!TEST_ptr(ctx = BN_CTX_new())) + return 0; + + BN_CTX_start(ctx); + + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))) + goto err; + + /* expected byte length of encoded points */ + bsize = (EC_GROUP_get_degree(group) + 7) / 8; + bsize = 2 * bsize + 1; + + if (!TEST_ptr(k = BN_CTX_get(ctx)) + /* fetch a testing scalar k != 0,1 */ + || !TEST_true(BN_rand(k, EC_GROUP_order_bits(group) - 1, + BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) + /* make k even */ + || !TEST_true(BN_clear_bit(k, 0)) + || !TEST_ptr(G2 = EC_POINT_new(group)) + || !TEST_ptr(Q1 = EC_POINT_new(group)) + /* Q1 := kG */ + || !TEST_true(EC_POINT_mul(group, Q1, k, NULL, NULL, ctx)) + /* pull out the bytes of that */ + || !TEST_int_eq(EC_POINT_point2oct(group, Q1, + POINT_CONVERSION_UNCOMPRESSED, NULL, + 0, ctx), bsize) + || !TEST_ptr(b1 = OPENSSL_malloc(bsize)) + || !TEST_int_eq(EC_POINT_point2oct(group, Q1, + POINT_CONVERSION_UNCOMPRESSED, b1, + bsize, ctx), bsize) + /* new generator is G2 := 2G */ + || !TEST_true(EC_POINT_dbl(group, G2, EC_GROUP_get0_generator(group), + ctx)) + || !TEST_true(EC_GROUP_set_generator(group, G2, + EC_GROUP_get0_order(group), + EC_GROUP_get0_cofactor(group))) + || !TEST_ptr(Q2 = EC_POINT_new(group)) + || !TEST_true(BN_rshift1(k, k)) + /* Q2 := k/2 G2 */ + || !TEST_true(EC_POINT_mul(group, Q2, k, NULL, NULL, ctx)) + || !TEST_int_eq(EC_POINT_point2oct(group, Q2, + POINT_CONVERSION_UNCOMPRESSED, NULL, + 0, ctx), bsize) + || !TEST_ptr(b2 = OPENSSL_malloc(bsize)) + || !TEST_int_eq(EC_POINT_point2oct(group, Q2, + POINT_CONVERSION_UNCOMPRESSED, b2, + bsize, ctx), bsize) + /* Q1 = kG = k/2 G2 = Q2 should hold */ + || !TEST_int_eq(CRYPTO_memcmp(b1, b2, bsize), 0)) + goto err; + + ret = 1; + + err: + BN_CTX_end(ctx); + EC_POINT_free(Q1); + EC_POINT_free(Q2); + EC_POINT_free(G2); + EC_GROUP_free(group); + BN_CTX_free(ctx); + OPENSSL_free(b1); + OPENSSL_free(b2); + + return ret; +} + #endif /* OPENSSL_NO_EC */ int setup_tests(void) @@ -1452,6 +1533,7 @@ int setup_tests(void) ADD_ALL_TESTS(check_named_curve_from_ecparameters, crv_len); ADD_ALL_TESTS(ec_point_hex2point_test, crv_len); + ADD_ALL_TESTS(custom_generator_test, crv_len); #endif /* OPENSSL_NO_EC */ return 1; } diff --git a/openssl-1.1.1-ec-curves.patch b/openssl-1.1.1-ec-curves.patch index a83a331..27f23ca 100644 --- a/openssl-1.1.1-ec-curves.patch +++ b/openssl-1.1.1-ec-curves.patch @@ -1,6 +1,6 @@ -diff -up openssl-1.1.1c/apps/speed.c.curves openssl-1.1.1c/apps/speed.c ---- openssl-1.1.1c/apps/speed.c.curves 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/apps/speed.c 2019-05-29 15:36:53.332224470 +0200 +diff -up openssl-1.1.1h/apps/speed.c.curves openssl-1.1.1h/apps/speed.c +--- openssl-1.1.1h/apps/speed.c.curves 2020-09-22 14:55:07.000000000 +0200 ++++ openssl-1.1.1h/apps/speed.c 2020-11-06 13:27:15.659288431 +0100 @@ -490,90 +490,30 @@ static double rsa_results[RSA_NUM][2]; #endif /* OPENSSL_NO_RSA */ @@ -92,7 +92,7 @@ diff -up openssl-1.1.1c/apps/speed.c.curves openssl-1.1.1c/apps/speed.c {"ecdhx25519", R_EC_X25519}, {"ecdhx448", R_EC_X448} }; -@@ -1504,31 +1444,10 @@ int speed_main(int argc, char **argv) +@@ -1502,31 +1442,10 @@ int speed_main(int argc, char **argv) unsigned int bits; } test_curves[] = { /* Prime Curves */ @@ -124,7 +124,7 @@ diff -up openssl-1.1.1c/apps/speed.c.curves openssl-1.1.1c/apps/speed.c /* Other and ECDH only ones */ {"X25519", NID_X25519, 253}, {"X448", NID_X448, 448} -@@ -2028,9 +1947,9 @@ int speed_main(int argc, char **argv) +@@ -2026,9 +1945,9 @@ int speed_main(int argc, char **argv) # endif # ifndef OPENSSL_NO_EC @@ -137,7 +137,7 @@ diff -up openssl-1.1.1c/apps/speed.c.curves openssl-1.1.1c/apps/speed.c ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2; ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2; if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0) -@@ -2042,7 +1961,7 @@ int speed_main(int argc, char **argv) +@@ -2040,7 +1959,7 @@ int speed_main(int argc, char **argv) } } } @@ -146,7 +146,7 @@ diff -up openssl-1.1.1c/apps/speed.c.curves openssl-1.1.1c/apps/speed.c ecdsa_c[R_EC_K163][0] = count / 1000; ecdsa_c[R_EC_K163][1] = count / 1000 / 2; for (i = R_EC_K233; i <= R_EC_K571; i++) { -@@ -2073,8 +1992,8 @@ int speed_main(int argc, char **argv) +@@ -2071,8 +1990,8 @@ int speed_main(int argc, char **argv) } # endif @@ -157,7 +157,7 @@ diff -up openssl-1.1.1c/apps/speed.c.curves openssl-1.1.1c/apps/speed.c ecdh_c[i][0] = ecdh_c[i - 1][0] / 2; if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0) ecdh_doit[i] = 0; -@@ -2084,7 +2003,7 @@ int speed_main(int argc, char **argv) +@@ -2082,7 +2001,7 @@ int speed_main(int argc, char **argv) } } } @@ -166,9 +166,9 @@ diff -up openssl-1.1.1c/apps/speed.c.curves openssl-1.1.1c/apps/speed.c ecdh_c[R_EC_K163][0] = count / 1000; for (i = R_EC_K233; i <= R_EC_K571; i++) { ecdh_c[i][0] = ecdh_c[i - 1][0] / 2; -diff -up openssl-1.1.1c/crypto/ec/ecp_smpl.c.curves openssl-1.1.1c/crypto/ec/ecp_smpl.c ---- openssl-1.1.1c/crypto/ec/ecp_smpl.c.curves 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/crypto/ec/ecp_smpl.c 2019-05-29 15:30:09.071349520 +0200 +diff -up openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves openssl-1.1.1h/crypto/ec/ecp_smpl.c +--- openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves 2020-09-22 14:55:07.000000000 +0200 ++++ openssl-1.1.1h/crypto/ec/ecp_smpl.c 2020-11-06 13:27:15.659288431 +0100 @@ -145,6 +145,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO return 0; } @@ -181,9 +181,9 @@ diff -up openssl-1.1.1c/crypto/ec/ecp_smpl.c.curves openssl-1.1.1c/crypto/ec/ecp if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) -diff -up openssl-1.1.1c/test/ecdsatest.h.curves openssl-1.1.1c/test/ecdsatest.h ---- openssl-1.1.1c/test/ecdsatest.h.curves 2019-05-29 15:30:09.010350595 +0200 -+++ openssl-1.1.1c/test/ecdsatest.h 2019-05-29 15:41:24.586444294 +0200 +diff -up openssl-1.1.1h/test/ecdsatest.h.curves openssl-1.1.1h/test/ecdsatest.h +--- openssl-1.1.1h/test/ecdsatest.h.curves 2020-11-06 13:27:15.627288114 +0100 ++++ openssl-1.1.1h/test/ecdsatest.h 2020-11-06 13:27:15.660288441 +0100 @@ -32,23 +32,6 @@ typedef struct { } ecdsa_cavs_kat_t; @@ -208,3 +208,59 @@ diff -up openssl-1.1.1c/test/ecdsatest.h.curves openssl-1.1.1c/test/ecdsatest.h /* prime KATs from NIST CAVP */ {NID_secp224r1, NID_sha224, "699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1" +--- openssl-1.1.1h/test/recipes/15-test_genec.t.ec-curves 2020-11-06 13:58:36.402895540 +0100 ++++ openssl-1.1.1h/test/recipes/15-test_genec.t 2020-11-06 13:59:38.508484498 +0100 +@@ -20,45 +20,11 @@ plan skip_all => "This test is unsupport + if disabled("ec"); + + my @prime_curves = qw( +- secp112r1 +- secp112r2 +- secp128r1 +- secp128r2 +- secp160k1 +- secp160r1 +- secp160r2 +- secp192k1 +- secp224k1 + secp224r1 + secp256k1 + secp384r1 + secp521r1 +- prime192v1 +- prime192v2 +- prime192v3 +- prime239v1 +- prime239v2 +- prime239v3 + prime256v1 +- wap-wsg-idm-ecid-wtls6 +- wap-wsg-idm-ecid-wtls7 +- wap-wsg-idm-ecid-wtls8 +- wap-wsg-idm-ecid-wtls9 +- wap-wsg-idm-ecid-wtls12 +- brainpoolP160r1 +- brainpoolP160t1 +- brainpoolP192r1 +- brainpoolP192t1 +- brainpoolP224r1 +- brainpoolP224t1 +- brainpoolP256r1 +- brainpoolP256t1 +- brainpoolP320r1 +- brainpoolP320t1 +- brainpoolP384r1 +- brainpoolP384t1 +- brainpoolP512r1 +- brainpoolP512t1 + ); + + my @binary_curves = qw( +@@ -115,7 +81,6 @@ push(@other_curves, 'SM2') + if !disabled("sm2"); + + my @curve_aliases = qw( +- P-192 + P-224 + P-256 + P-384 diff --git a/openssl-1.1.1-fips-dh.patch b/openssl-1.1.1-fips-dh.patch index d98372e..ff895d5 100644 --- a/openssl-1.1.1-fips-dh.patch +++ b/openssl-1.1.1-fips-dh.patch @@ -2716,91 +2716,16 @@ diff -up openssl-1.1.1g/ssl/s3_lib.c.fips-dh openssl-1.1.1g/ssl/s3_lib.c return ret; } #endif -diff -up openssl-1.1.1g/ssl/t1_lib.c.fips-dh openssl-1.1.1g/ssl/t1_lib.c ---- openssl-1.1.1g/ssl/t1_lib.c.fips-dh 2020-07-17 10:36:29.243788425 +0200 -+++ openssl-1.1.1g/ssl/t1_lib.c 2020-07-17 10:36:29.249788474 +0200 -@@ -2511,46 +2511,48 @@ int SSL_check_chain(SSL *s, X509 *x, EVP - #ifndef OPENSSL_NO_DH - DH *ssl_get_auto_dh(SSL *s) - { -+ DH *dhp = NULL; -+ BIGNUM *p = NULL, *g = NULL; - int dh_secbits = 80; -- if (s->cert->dh_tmp_auto == 2) -- return DH_get_1024_160(); -- if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aPSK)) { -- if (s->s3->tmp.new_cipher->strength_bits == 256) -- dh_secbits = 128; -- else -- dh_secbits = 80; -- } else { -- if (s->s3->tmp.cert == NULL) -- return NULL; -- dh_secbits = EVP_PKEY_security_bits(s->s3->tmp.cert->privatekey); -+ if (s->cert->dh_tmp_auto != 2) { -+ if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aPSK)) { -+ if (s->s3->tmp.new_cipher->strength_bits == 256) -+ dh_secbits = 128; -+ else -+ dh_secbits = 80; -+ } else { -+ if (s->s3->tmp.cert == NULL) -+ return NULL; -+ dh_secbits = EVP_PKEY_security_bits(s->s3->tmp.cert->privatekey); -+ } - } -- if (dh_secbits >= 128) { -- DH *dhp = DH_new(); -- BIGNUM *p, *g; -- if (dhp == NULL) -- return NULL; -- g = BN_new(); -- if (g == NULL || !BN_set_word(g, 2)) { -- DH_free(dhp); -- BN_free(g); -- return NULL; -- } -- if (dh_secbits >= 192) -- p = BN_get_rfc3526_prime_8192(NULL); -- else -- p = BN_get_rfc3526_prime_3072(NULL); -- if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) { -- DH_free(dhp); -- BN_free(p); -- BN_free(g); -- return NULL; -- } -- return dhp; -+ dhp = DH_new(); -+ if (dhp == NULL) -+ return NULL; -+ g = BN_new(); -+ if (g == NULL || !BN_set_word(g, 2)) { -+ DH_free(dhp); -+ BN_free(g); -+ return NULL; -+ } -+ if (dh_secbits >= 192) -+ p = BN_get_rfc3526_prime_8192(NULL); -+ else if (dh_secbits >= 152) -+ p = BN_get_rfc3526_prime_4096(NULL); -+ else if (dh_secbits >= 128) -+ p = BN_get_rfc3526_prime_3072(NULL); +diff -up openssl-1.1.1h/ssl/t1_lib.c.fips-dh openssl-1.1.1h/ssl/t1_lib.c +--- openssl-1.1.1h/ssl/t1_lib.c.fips-dh 2020-11-04 14:04:41.851711629 +0100 ++++ openssl-1.1.1h/ssl/t1_lib.c 2020-11-04 14:06:06.506431652 +0100 +@@ -2470,7 +2470,7 @@ + p = BN_get_rfc3526_prime_4096(NULL); + else if (dh_secbits >= 128) + p = BN_get_rfc3526_prime_3072(NULL); +- else if (dh_secbits >= 112) + else if (dh_secbits >= 112 || FIPS_mode()) -+ p = BN_get_rfc3526_prime_2048(NULL); -+ else -+ p = BN_get_rfc2409_prime_1024(NULL); -+ if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) { -+ DH_free(dhp); -+ BN_free(p); -+ BN_free(g); -+ return NULL; - } -- if (dh_secbits >= 112) -- return DH_get_2048_224(); -- return DH_get_1024_160(); -+ return dhp; - } - #endif - + p = BN_get_rfc3526_prime_2048(NULL); + else + p = BN_get_rfc2409_prime_1024(NULL); diff --git a/openssl-1.1.1-fips.patch b/openssl-1.1.1-fips.patch index ad295a4..c9137ca 100644 --- a/openssl-1.1.1-fips.patch +++ b/openssl-1.1.1-fips.patch @@ -11614,10 +11614,10 @@ diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1 diff -up openssl-1.1.1e/util/libcrypto.num.fips openssl-1.1.1e/util/libcrypto.num --- openssl-1.1.1e/util/libcrypto.num.fips 2020-03-17 17:31:10.744241038 +0100 +++ openssl-1.1.1e/util/libcrypto.num 2020-03-17 17:32:37.851722261 +0100 -@@ -4587,3 +4587,38 @@ EVP_PKEY_meth_set_digestverify - EVP_PKEY_meth_get_digestverify 4541 1_1_1e EXIST::FUNCTION: - EVP_PKEY_meth_get_digestsign 4542 1_1_1e EXIST::FUNCTION: - RSA_get0_pss_params 4543 1_1_1e EXIST::FUNCTION:RSA +@@ -4590,3 +4590,38 @@ X509_ALGOR_copy + X509_REQ_set0_signature 4545 1_1_1h EXIST::FUNCTION: + X509_REQ_set1_signature_algo 4546 1_1_1h EXIST::FUNCTION: + EC_KEY_decoded_from_explicit_params 4547 1_1_1h EXIST::FUNCTION:EC +FIPS_drbg_reseed 6348 1_1_0g EXIST::FUNCTION: +FIPS_selftest_check 6349 1_1_0g EXIST::FUNCTION: +FIPS_rand_set_method 6350 1_1_0g EXIST::FUNCTION: diff --git a/openssl-1.1.1-ignore-bound.patch b/openssl-1.1.1-ignore-bound.patch deleted file mode 100644 index 4838f3d..0000000 --- a/openssl-1.1.1-ignore-bound.patch +++ /dev/null @@ -1,14 +0,0 @@ -Do not return failure when setting version bound on fixed protocol -version method. -diff -up openssl-1.1.1-pre8/ssl/statem/statem_lib.c.ignore-bound openssl-1.1.1-pre8/ssl/statem/statem_lib.c ---- openssl-1.1.1-pre8/ssl/statem/statem_lib.c.ignore-bound 2018-06-20 16:48:13.000000000 +0200 -+++ openssl-1.1.1-pre8/ssl/statem/statem_lib.c 2018-08-13 11:07:52.826304045 +0200 -@@ -1595,7 +1595,7 @@ int ssl_set_version_bound(int method_ver - * methods are not subject to controls that disable individual protocol - * versions. - */ -- return 0; -+ return 1; - - case TLS_ANY_VERSION: - if (version < SSL3_VERSION || version > TLS_MAX_VERSION) diff --git a/openssl-1.1.1-reneg-no-extms.patch b/openssl-1.1.1-reneg-no-extms.patch deleted file mode 100644 index 76adef7..0000000 --- a/openssl-1.1.1-reneg-no-extms.patch +++ /dev/null @@ -1,44 +0,0 @@ -diff -up openssl-1.1.1g/include/openssl/ssl3.h.reneg-no-extms openssl-1.1.1g/include/openssl/ssl3.h ---- openssl-1.1.1g/include/openssl/ssl3.h.reneg-no-extms 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/include/openssl/ssl3.h 2020-06-05 15:20:22.090682776 +0200 -@@ -292,6 +292,9 @@ extern "C" { - - # define TLS1_FLAGS_STATELESS 0x0800 - -+/* Set if extended master secret extension required on renegotiation */ -+# define TLS1_FLAGS_REQUIRED_EXTMS 0x1000 -+ - # define SSL3_MT_HELLO_REQUEST 0 - # define SSL3_MT_CLIENT_HELLO 1 - # define SSL3_MT_SERVER_HELLO 2 -diff -up openssl-1.1.1g/ssl/statem/extensions.c.reneg-no-extms openssl-1.1.1g/ssl/statem/extensions.c ---- openssl-1.1.1g/ssl/statem/extensions.c.reneg-no-extms 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/ssl/statem/extensions.c 2020-06-05 15:22:19.677653437 +0200 -@@ -1168,14 +1168,26 @@ static int init_etm(SSL *s, unsigned int - - static int init_ems(SSL *s, unsigned int context) - { -- if (!s->server) -+ if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) { - s->s3->flags &= ~TLS1_FLAGS_RECEIVED_EXTMS; -+ s->s3->flags |= TLS1_FLAGS_REQUIRED_EXTMS; -+ } - - return 1; - } - - static int final_ems(SSL *s, unsigned int context, int sent) - { -+ /* -+ * Check extended master secret extension is not dropped on -+ * renegotiation. -+ */ -+ if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) -+ && (s->s3->flags & TLS1_FLAGS_REQUIRED_EXTMS)) { -+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_FINAL_EMS, -+ SSL_R_INCONSISTENT_EXTMS); -+ return 0; -+ } - if (!s->server && s->hit) { - /* - * Check extended master secret extension is consistent with diff --git a/openssl-1.1.1-ts-sha256-default.patch b/openssl-1.1.1-ts-sha256-default.patch index d99dc47..2a1dd6c 100644 --- a/openssl-1.1.1-ts-sha256-default.patch +++ b/openssl-1.1.1-ts-sha256-default.patch @@ -1,8 +1,17 @@ -diff --git a/apps/ts.c b/apps/ts.c -index 63c5210183..4ef8a72eef 100644 ---- a/apps/ts.c -+++ b/apps/ts.c -@@ -425,7 +425,7 @@ static TS_REQ *create_query(BIO *data_bio, const char *digest, const EVP_MD *md, +diff -up openssl-1.1.1h/apps/openssl.cnf.ts-sha256-default openssl-1.1.1h/apps/openssl.cnf +--- openssl-1.1.1h/apps/openssl.cnf.ts-sha256-default 2020-11-06 11:07:28.850100899 +0100 ++++ openssl-1.1.1h/apps/openssl.cnf 2020-11-06 11:11:28.042913791 +0100 +@@ -364,5 +348,5 @@ tsa_name = yes # Must the TSA name be i + # (optional, default: no) + ess_cert_id_chain = no # Must the ESS cert id chain be included? + # (optional, default: no) +-ess_cert_id_alg = sha1 # algorithm to compute certificate ++ess_cert_id_alg = sha256 # algorithm to compute certificate + # identifier (optional, default: sha1) +diff -up openssl-1.1.1h/apps/ts.c.ts-sha256-default openssl-1.1.1h/apps/ts.c +--- openssl-1.1.1h/apps/ts.c.ts-sha256-default 2020-09-22 14:55:07.000000000 +0200 ++++ openssl-1.1.1h/apps/ts.c 2020-11-06 11:07:28.883101220 +0100 +@@ -423,7 +423,7 @@ static TS_REQ *create_query(BIO *data_bi ASN1_OBJECT *policy_obj = NULL; ASN1_INTEGER *nonce_asn1 = NULL; @@ -11,11 +20,22 @@ index 63c5210183..4ef8a72eef 100644 goto err; if ((ts_req = TS_REQ_new()) == NULL) goto err; -diff --git a/doc/man1/ts.pod b/doc/man1/ts.pod -index 078905a845..83b8fe4350 100644 ---- a/doc/man1/ts.pod -+++ b/doc/man1/ts.pod -@@ -517,7 +517,7 @@ included. Default is no. (Optional) +diff -up openssl-1.1.1h/crypto/ts/ts_conf.c.ts-sha256-default openssl-1.1.1h/crypto/ts/ts_conf.c +--- openssl-1.1.1h/crypto/ts/ts_conf.c.ts-sha256-default 2020-11-06 12:03:51.226372867 +0100 ++++ openssl-1.1.1h/crypto/ts/ts_conf.c 2020-11-06 12:04:01.713488990 +0100 +@@ -476,7 +476,7 @@ int TS_CONF_set_ess_cert_id_digest(CONF + const char *md = NCONF_get_string(conf, section, ENV_ESS_CERT_ID_ALG); + + if (md == NULL) +- md = "sha1"; ++ md = "sha256"; + + cert_md = EVP_get_digestbyname(md); + if (cert_md == NULL) { +diff -up openssl-1.1.1h/doc/man1/ts.pod.ts-sha256-default openssl-1.1.1h/doc/man1/ts.pod +--- openssl-1.1.1h/doc/man1/ts.pod.ts-sha256-default 2020-09-22 14:55:07.000000000 +0200 ++++ openssl-1.1.1h/doc/man1/ts.pod 2020-11-06 11:07:28.883101220 +0100 +@@ -518,7 +518,7 @@ included. Default is no. (Optional) =item B This option specifies the hash function to be used to calculate the TSA's @@ -24,21 +44,21 @@ index 078905a845..83b8fe4350 100644 =back -@@ -529,7 +529,7 @@ openssl/apps/openssl.cnf will do. +@@ -530,7 +530,7 @@ openssl/apps/openssl.cnf will do. =head2 Time Stamp Request --To create a time stamp request for design1.txt with SHA-1 -+To create a time stamp request for design1.txt with SHA-256 +-To create a timestamp request for design1.txt with SHA-1 ++To create a timestamp request for design1.txt with SHA-256 without nonce and policy and no certificate is required in the response: openssl ts -query -data design1.txt -no_nonce \ -@@ -545,12 +545,12 @@ To print the content of the previous request in human readable format: +@@ -546,12 +546,12 @@ To print the content of the previous req openssl ts -query -in design1.tsq -text --To create a time stamp request which includes the MD-5 digest -+To create a time stamp request which includes the SHA-512 digest +-To create a timestamp request which includes the MD-5 digest ++To create a timestamp request which includes the SHA-512 digest of design2.txt, requests the signer certificate and nonce, specifies a policy id (assuming the tsa_policy1 name is defined in the OID section of the config file): diff --git a/openssl-1.1.1-version-override.patch b/openssl-1.1.1-version-override.patch index a6975fa..ff69bdb 100644 --- a/openssl-1.1.1-version-override.patch +++ b/openssl-1.1.1-version-override.patch @@ -4,9 +4,9 @@ diff -up openssl-1.1.1g/include/openssl/opensslv.h.version-override openssl-1.1. @@ -40,7 +40,7 @@ extern "C" { * major minor fix final patch/beta) */ - # define OPENSSL_VERSION_NUMBER 0x1010107fL --# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1g 21 Apr 2020" -+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1g FIPS 21 Apr 2020" + # define OPENSSL_VERSION_NUMBER 0x1010108fL +-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h 22 Sep 2020" ++# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h FIPS 22 Sep 2020" /*- * The macros below are to be used for shared library (.so, .dll, ...) diff --git a/openssl.spec b/openssl.spec index 40a7d8a..3f6403c 100644 --- a/openssl.spec +++ b/openssl.spec @@ -21,8 +21,8 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl -Version: 1.1.1g -Release: 15%{?dist} +Version: 1.1.1h +Release: 1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -54,7 +54,6 @@ Patch38: openssl-1.1.1-no-weak-verify.patch Patch40: openssl-1.1.1-disable-ssl3.patch Patch41: openssl-1.1.1-system-cipherlist.patch Patch42: openssl-1.1.1-fips.patch -Patch43: openssl-1.1.1-ignore-bound.patch Patch44: openssl-1.1.1-version-override.patch Patch45: openssl-1.1.1-weak-ciphers.patch Patch46: openssl-1.1.1-seclevel.patch @@ -69,7 +68,6 @@ Patch62: openssl-1.1.1-fips-curves.patch Patch65: openssl-1.1.1-fips-drbg-selftest.patch Patch66: openssl-1.1.1-fips-dh.patch Patch67: openssl-1.1.1-kdf-selftest.patch -Patch68: openssl-1.1.1-reneg-no-extms.patch Patch69: openssl-1.1.1-alpn-cb.patch Patch70: openssl-1.1.1-rewire-fips-drbg.patch # Backported fixes including security fixes @@ -167,7 +165,6 @@ cp %{SOURCE13} test/ %patch40 -p1 -b .disable-ssl3 %patch41 -p1 -b .system-cipherlist %patch42 -p1 -b .fips -%patch43 -p1 -b .ignore-bound %patch44 -p1 -b .version-override %patch45 -p1 -b .weak-ciphers %patch46 -p1 -b .seclevel @@ -186,7 +183,6 @@ cp %{SOURCE13} test/ %patch65 -p1 -b .drbg-selftest %patch66 -p1 -b .fips-dh %patch67 -p1 -b .kdf-selftest -%patch68 -p1 -b .reneg-no-extms %patch69 -p1 -b .alpn-cb %patch70 -p1 -b .rewire-fips-drbg @@ -428,6 +424,7 @@ export LD_LIBRARY_PATH %{_pkgdocdir}/Makefile.certificate %exclude %{_mandir}/man1*/*.pl* %exclude %{_mandir}/man1*/c_rehash* +%exclude %{_mandir}/man1*/openssl-c_rehash* %exclude %{_mandir}/man1*/tsget* %exclude %{_mandir}/man1*/openssl-tsget* @@ -464,6 +461,7 @@ export LD_LIBRARY_PATH %{_bindir}/tsget %{_mandir}/man1*/*.pl* %{_mandir}/man1*/c_rehash* +%{_mandir}/man1*/openssl-c_rehash* %{_mandir}/man1*/tsget* %{_mandir}/man1*/openssl-tsget* %dir %{_sysconfdir}/pki/CA @@ -475,6 +473,9 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Mon Nov 9 2020 Sahana Prasad - 1.1.1h-1 +- Upgrade to version 1.1.1.h + * Tue Jul 28 2020 Fedora Release Engineering - 1:1.1.1g-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild diff --git a/sources b/sources index 50e115e..2bae151 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-1.1.1g-hobbled.tar.xz) = 7cd351d8fd4a028edcdc6804d8b73af7ff5693ab96cafd4f9252534d4e8e9000e22aefa45f51db490da52d89f4e5b41d02452be0b516fbb0fe84e36d5ca54971 +SHA512 (openssl-1.1.1h-hobbled.tar.xz) = 75e1d3f34f93462b97db92aa6538fd4f2f091ad717438e51d147508738be720d7d0bf4a9b1fda3a1943a4c13aae2a39da3add05f7da833b3c6de40a97bc97908 From e33651f4168897db99813d271984ac699be98cd8 Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Thu, 10 Dec 2020 01:32:28 +0100 Subject: [PATCH 04/41] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/openssl.git#a07706cf0e50b02a61d3cb10ecad554d4ac4240c --- .gitignore | 1 + openssl-1.1.1-arm-update.patch | 2800 +++++++++++++++++++++++--- openssl-1.1.1-fips-post-rand.patch | 50 +- openssl-1.1.1-version-override.patch | 12 +- openssl.spec | 5 +- sources | 2 +- 6 files changed, 2573 insertions(+), 297 deletions(-) diff --git a/.gitignore b/.gitignore index 3305a0f..d1abce3 100644 --- a/.gitignore +++ b/.gitignore @@ -49,3 +49,4 @@ openssl-1.0.0a-usa.tar.bz2 /openssl-1.1.1f-hobbled.tar.xz /openssl-1.1.1g-hobbled.tar.xz /openssl-1.1.1h-hobbled.tar.xz +/openssl-1.1.1i-hobbled.tar.xz diff --git a/openssl-1.1.1-arm-update.patch b/openssl-1.1.1-arm-update.patch index 998905f..2b8c549 100644 --- a/openssl-1.1.1-arm-update.patch +++ b/openssl-1.1.1-arm-update.patch @@ -1,6 +1,6 @@ -diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl ---- openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl 2019-11-20 11:36:22.389506155 +0100 +diff -up openssl-1.1.1i/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1i/crypto/aes/asm/aesv8-armx.pl +--- openssl-1.1.1i/crypto/aes/asm/aesv8-armx.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/crypto/aes/asm/aesv8-armx.pl 2020-12-09 10:39:50.645705385 +0100 @@ -27,44 +27,72 @@ # CBC encrypt case. On Cortex-A57 parallelizable mode performance # seems to be limited by sheer amount of NEON instructions... @@ -85,10 +85,49 @@ diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/c ___ # Assembler mnemonics are an eclectic mix of 32- and 64-bit syntax, -@@ -514,6 +542,13 @@ $code.=<<___; - ___ - { - my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); +@@ -361,6 +389,836 @@ ___ + &gen_block("en"); + &gen_block("de"); + }}} ++ ++# Performance in cycles per byte. ++# Processed with AES-ECB different key size. ++# It shows the value before and after optimization as below: ++# (before/after): ++# ++# AES-128-ECB AES-192-ECB AES-256-ECB ++# Cortex-A57 1.85/0.82 2.16/0.96 2.47/1.10 ++# Cortex-A72 1.64/0.85 1.82/0.99 2.13/1.14 ++ ++# Optimization is implemented by loop unrolling and interleaving. ++# Commonly, we choose the unrolling factor as 5, if the input ++# data size smaller than 5 blocks, but not smaller than 3 blocks, ++# choose 3 as the unrolling factor. ++# If the input data size dsize >= 5*16 bytes, then take 5 blocks ++# as one iteration, every loop the left size lsize -= 5*16. ++# If 5*16 > lsize >= 3*16 bytes, take 3 blocks as one iteration, ++# every loop lsize -=3*16. ++# If lsize < 3*16 bytes, treat them as the tail, interleave the ++# two blocks AES instructions. ++# There is one special case, if the original input data size dsize ++# = 16 bytes, we will treat it seperately to improve the ++# performance: one independent code block without LR, FP load and ++# store, just looks like what the original ECB implementation does. ++ ++{{{ ++my ($inp,$out,$len,$key)=map("x$_",(0..3)); ++my ($enc,$rounds,$cnt,$key_,$step)=("w4","w5","w6","x7","x8"); ++my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$tmp2,$rndlast)=map("q$_",(0..7)); ++ ++my ($dat,$tmp,$rndzero_n_last)=($dat0,$tmp0,$tmp1); ++ ++### q7 last round key ++### q10-q15 q7 Last 7 round keys ++### q8-q9 preloaded round keys except last 7 keys for big size ++### q5, q6, q8-q9 preloaded round keys except last 7 keys for only 16 byte ++ ++{ ++my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); + +my ($dat3,$in3,$tmp3); # used only in 64-bit mode +my ($dat4,$in4,$tmp4); @@ -96,26 +135,478 @@ diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/c + ($dat2,$dat3,$dat4,$in2,$in3,$in4,$tmp3,$tmp4)=map("q$_",(16..23)); +} + - $code.=<<___; - .align 5 - .Lcbc_dec: -@@ -530,7 +565,196 @@ $code.=<<___; - vorr $in0,$dat,$dat - vorr $in1,$dat1,$dat1 - vorr $in2,$dat2,$dat2 ++$code.=<<___; ++.globl ${prefix}_ecb_encrypt ++.type ${prefix}_ecb_encrypt,%function ++.align 5 ++${prefix}_ecb_encrypt: ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ subs $len,$len,#16 ++ // Original input data size bigger than 16, jump to big size processing. ++ b.ne .Lecb_big_size ++ vld1.8 {$dat0},[$inp] ++ cmp $enc,#0 // en- or decrypting? ++ ldr $rounds,[$key,#240] ++ vld1.32 {q5-q6},[$key],#32 // load key schedule... ++ ++ b.eq .Lecb_small_dec ++ aese $dat0,q5 ++ aesmc $dat0,$dat0 ++ vld1.32 {q8-q9},[$key],#32 // load key schedule... ++ aese $dat0,q6 ++ aesmc $dat0,$dat0 ++ subs $rounds,$rounds,#10 // if rounds==10, jump to aes-128-ecb processing ++ b.eq .Lecb_128_enc ++.Lecb_round_loop: ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ vld1.32 {q8},[$key],#16 // load key schedule... ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ vld1.32 {q9},[$key],#16 // load key schedule... ++ subs $rounds,$rounds,#2 // bias ++ b.gt .Lecb_round_loop ++.Lecb_128_enc: ++ vld1.32 {q10-q11},[$key],#32 // load key schedule... ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ vld1.32 {q12-q13},[$key],#32 // load key schedule... ++ aese $dat0,q10 ++ aesmc $dat0,$dat0 ++ aese $dat0,q11 ++ aesmc $dat0,$dat0 ++ vld1.32 {q14-q15},[$key],#32 // load key schedule... ++ aese $dat0,q12 ++ aesmc $dat0,$dat0 ++ aese $dat0,q13 ++ aesmc $dat0,$dat0 ++ vld1.32 {$rndlast},[$key] ++ aese $dat0,q14 ++ aesmc $dat0,$dat0 ++ aese $dat0,q15 ++ veor $dat0,$dat0,$rndlast ++ vst1.8 {$dat0},[$out] ++ b .Lecb_Final_abort ++.Lecb_small_dec: ++ aesd $dat0,q5 ++ aesimc $dat0,$dat0 ++ vld1.32 {q8-q9},[$key],#32 // load key schedule... ++ aesd $dat0,q6 ++ aesimc $dat0,$dat0 ++ subs $rounds,$rounds,#10 // bias ++ b.eq .Lecb_128_dec ++.Lecb_dec_round_loop: ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ vld1.32 {q8},[$key],#16 // load key schedule... ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ vld1.32 {q9},[$key],#16 // load key schedule... ++ subs $rounds,$rounds,#2 // bias ++ b.gt .Lecb_dec_round_loop ++.Lecb_128_dec: ++ vld1.32 {q10-q11},[$key],#32 // load key schedule... ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ vld1.32 {q12-q13},[$key],#32 // load key schedule... ++ aesd $dat0,q10 ++ aesimc $dat0,$dat0 ++ aesd $dat0,q11 ++ aesimc $dat0,$dat0 ++ vld1.32 {q14-q15},[$key],#32 // load key schedule... ++ aesd $dat0,q12 ++ aesimc $dat0,$dat0 ++ aesd $dat0,q13 ++ aesimc $dat0,$dat0 ++ vld1.32 {$rndlast},[$key] ++ aesd $dat0,q14 ++ aesimc $dat0,$dat0 ++ aesd $dat0,q15 ++ veor $dat0,$dat0,$rndlast ++ vst1.8 {$dat0},[$out] ++ b .Lecb_Final_abort ++.Lecb_big_size: ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ stp x29,x30,[sp,#-16]! ++ add x29,sp,#0 ++___ ++$code.=<<___ if ($flavour !~ /64/); ++ mov ip,sp ++ stmdb sp!,{r4-r8,lr} ++ vstmdb sp!,{d8-d15} @ ABI specification says so ++ ldmia ip,{r4-r5} @ load remaining args ++ subs $len,$len,#16 ++___ ++$code.=<<___; ++ mov $step,#16 ++ b.lo .Lecb_done ++ cclr $step,eq ++ ++ cmp $enc,#0 // en- or decrypting? ++ ldr $rounds,[$key,#240] ++ and $len,$len,#-16 ++ vld1.8 {$dat},[$inp],$step ++ ++ vld1.32 {q8-q9},[$key] // load key schedule... ++ sub $rounds,$rounds,#6 ++ add $key_,$key,x5,lsl#4 // pointer to last 7 round keys ++ sub $rounds,$rounds,#2 ++ vld1.32 {q10-q11},[$key_],#32 ++ vld1.32 {q12-q13},[$key_],#32 ++ vld1.32 {q14-q15},[$key_],#32 ++ vld1.32 {$rndlast},[$key_] ++ ++ add $key_,$key,#32 ++ mov $cnt,$rounds ++ b.eq .Lecb_dec ++ ++ vld1.8 {$dat1},[$inp],#16 ++ subs $len,$len,#32 // bias ++ add $cnt,$rounds,#2 ++ vorr $in1,$dat1,$dat1 ++ vorr $dat2,$dat1,$dat1 ++ vorr $dat1,$dat,$dat ++ b.lo .Lecb_enc_tail ++ ++ vorr $dat1,$in1,$in1 ++ vld1.8 {$dat2},[$inp],#16 +___ +$code.=<<___ if ($flavour =~ /64/); + cmp $len,#32 -+ b.lo .Loop3x_cbc_dec ++ b.lo .Loop3x_ecb_enc + + vld1.8 {$dat3},[$inp],#16 + vld1.8 {$dat4},[$inp],#16 -+ sub $len,$len,#32 // bias ++ sub $len,$len,#32 // bias + mov $cnt,$rounds -+ vorr $in3,$dat3,$dat3 -+ vorr $in4,$dat4,$dat4 + -+.Loop5x_cbc_dec: ++.Loop5x_ecb_enc: ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ aese $dat3,q8 ++ aesmc $dat3,$dat3 ++ aese $dat4,q8 ++ aesmc $dat4,$dat4 ++ vld1.32 {q8},[$key_],#16 ++ subs $cnt,$cnt,#2 ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ aese $dat3,q9 ++ aesmc $dat3,$dat3 ++ aese $dat4,q9 ++ aesmc $dat4,$dat4 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Loop5x_ecb_enc ++ ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ aese $dat3,q8 ++ aesmc $dat3,$dat3 ++ aese $dat4,q8 ++ aesmc $dat4,$dat4 ++ cmp $len,#0x40 // because .Lecb_enc_tail4x ++ sub $len,$len,#0x50 ++ ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ aese $dat3,q9 ++ aesmc $dat3,$dat3 ++ aese $dat4,q9 ++ aesmc $dat4,$dat4 ++ csel x6,xzr,$len,gt // borrow x6, $cnt, "gt" is not typo ++ mov $key_,$key ++ ++ aese $dat0,q10 ++ aesmc $dat0,$dat0 ++ aese $dat1,q10 ++ aesmc $dat1,$dat1 ++ aese $dat2,q10 ++ aesmc $dat2,$dat2 ++ aese $dat3,q10 ++ aesmc $dat3,$dat3 ++ aese $dat4,q10 ++ aesmc $dat4,$dat4 ++ add $inp,$inp,x6 // $inp is adjusted in such way that ++ // at exit from the loop $dat1-$dat4 ++ // are loaded with last "words" ++ add x6,$len,#0x60 // because .Lecb_enc_tail4x ++ ++ aese $dat0,q11 ++ aesmc $dat0,$dat0 ++ aese $dat1,q11 ++ aesmc $dat1,$dat1 ++ aese $dat2,q11 ++ aesmc $dat2,$dat2 ++ aese $dat3,q11 ++ aesmc $dat3,$dat3 ++ aese $dat4,q11 ++ aesmc $dat4,$dat4 ++ ++ aese $dat0,q12 ++ aesmc $dat0,$dat0 ++ aese $dat1,q12 ++ aesmc $dat1,$dat1 ++ aese $dat2,q12 ++ aesmc $dat2,$dat2 ++ aese $dat3,q12 ++ aesmc $dat3,$dat3 ++ aese $dat4,q12 ++ aesmc $dat4,$dat4 ++ ++ aese $dat0,q13 ++ aesmc $dat0,$dat0 ++ aese $dat1,q13 ++ aesmc $dat1,$dat1 ++ aese $dat2,q13 ++ aesmc $dat2,$dat2 ++ aese $dat3,q13 ++ aesmc $dat3,$dat3 ++ aese $dat4,q13 ++ aesmc $dat4,$dat4 ++ ++ aese $dat0,q14 ++ aesmc $dat0,$dat0 ++ aese $dat1,q14 ++ aesmc $dat1,$dat1 ++ aese $dat2,q14 ++ aesmc $dat2,$dat2 ++ aese $dat3,q14 ++ aesmc $dat3,$dat3 ++ aese $dat4,q14 ++ aesmc $dat4,$dat4 ++ ++ aese $dat0,q15 ++ vld1.8 {$in0},[$inp],#16 ++ aese $dat1,q15 ++ vld1.8 {$in1},[$inp],#16 ++ aese $dat2,q15 ++ vld1.8 {$in2},[$inp],#16 ++ aese $dat3,q15 ++ vld1.8 {$in3},[$inp],#16 ++ aese $dat4,q15 ++ vld1.8 {$in4},[$inp],#16 ++ cbz x6,.Lecb_enc_tail4x ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ veor $tmp0,$rndlast,$dat0 ++ vorr $dat0,$in0,$in0 ++ veor $tmp1,$rndlast,$dat1 ++ vorr $dat1,$in1,$in1 ++ veor $tmp2,$rndlast,$dat2 ++ vorr $dat2,$in2,$in2 ++ veor $tmp3,$rndlast,$dat3 ++ vorr $dat3,$in3,$in3 ++ veor $tmp4,$rndlast,$dat4 ++ vst1.8 {$tmp0},[$out],#16 ++ vorr $dat4,$in4,$in4 ++ vst1.8 {$tmp1},[$out],#16 ++ mov $cnt,$rounds ++ vst1.8 {$tmp2},[$out],#16 ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ vst1.8 {$tmp3},[$out],#16 ++ vst1.8 {$tmp4},[$out],#16 ++ b.hs .Loop5x_ecb_enc ++ ++ add $len,$len,#0x50 ++ cbz $len,.Lecb_done ++ ++ add $cnt,$rounds,#2 ++ subs $len,$len,#0x30 ++ vorr $dat0,$in2,$in2 ++ vorr $dat1,$in3,$in3 ++ vorr $dat2,$in4,$in4 ++ b.lo .Lecb_enc_tail ++ ++ b .Loop3x_ecb_enc ++ ++.align 4 ++.Lecb_enc_tail4x: ++ veor $tmp1,$rndlast,$dat1 ++ veor $tmp2,$rndlast,$dat2 ++ veor $tmp3,$rndlast,$dat3 ++ veor $tmp4,$rndlast,$dat4 ++ vst1.8 {$tmp1},[$out],#16 ++ vst1.8 {$tmp2},[$out],#16 ++ vst1.8 {$tmp3},[$out],#16 ++ vst1.8 {$tmp4},[$out],#16 ++ ++ b .Lecb_done ++.align 4 ++___ ++$code.=<<___; ++.Loop3x_ecb_enc: ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ vld1.32 {q8},[$key_],#16 ++ subs $cnt,$cnt,#2 ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Loop3x_ecb_enc ++ ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ subs $len,$len,#0x30 ++ mov.lo x6,$len // x6, $cnt, is zero at this point ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ add $inp,$inp,x6 // $inp is adjusted in such way that ++ // at exit from the loop $dat1-$dat2 ++ // are loaded with last "words" ++ mov $key_,$key ++ aese $dat0,q12 ++ aesmc $dat0,$dat0 ++ aese $dat1,q12 ++ aesmc $dat1,$dat1 ++ aese $dat2,q12 ++ aesmc $dat2,$dat2 ++ vld1.8 {$in0},[$inp],#16 ++ aese $dat0,q13 ++ aesmc $dat0,$dat0 ++ aese $dat1,q13 ++ aesmc $dat1,$dat1 ++ aese $dat2,q13 ++ aesmc $dat2,$dat2 ++ vld1.8 {$in1},[$inp],#16 ++ aese $dat0,q14 ++ aesmc $dat0,$dat0 ++ aese $dat1,q14 ++ aesmc $dat1,$dat1 ++ aese $dat2,q14 ++ aesmc $dat2,$dat2 ++ vld1.8 {$in2},[$inp],#16 ++ aese $dat0,q15 ++ aese $dat1,q15 ++ aese $dat2,q15 ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ add $cnt,$rounds,#2 ++ veor $tmp0,$rndlast,$dat0 ++ veor $tmp1,$rndlast,$dat1 ++ veor $dat2,$dat2,$rndlast ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ vst1.8 {$tmp0},[$out],#16 ++ vorr $dat0,$in0,$in0 ++ vst1.8 {$tmp1},[$out],#16 ++ vorr $dat1,$in1,$in1 ++ vst1.8 {$dat2},[$out],#16 ++ vorr $dat2,$in2,$in2 ++ b.hs .Loop3x_ecb_enc ++ ++ cmn $len,#0x30 ++ b.eq .Lecb_done ++ nop ++ ++.Lecb_enc_tail: ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ vld1.32 {q8},[$key_],#16 ++ subs $cnt,$cnt,#2 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Lecb_enc_tail ++ ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ aese $dat1,q12 ++ aesmc $dat1,$dat1 ++ aese $dat2,q12 ++ aesmc $dat2,$dat2 ++ cmn $len,#0x20 ++ aese $dat1,q13 ++ aesmc $dat1,$dat1 ++ aese $dat2,q13 ++ aesmc $dat2,$dat2 ++ aese $dat1,q14 ++ aesmc $dat1,$dat1 ++ aese $dat2,q14 ++ aesmc $dat2,$dat2 ++ aese $dat1,q15 ++ aese $dat2,q15 ++ b.eq .Lecb_enc_one ++ veor $tmp1,$rndlast,$dat1 ++ veor $tmp2,$rndlast,$dat2 ++ vst1.8 {$tmp1},[$out],#16 ++ vst1.8 {$tmp2},[$out],#16 ++ b .Lecb_done ++ ++.Lecb_enc_one: ++ veor $tmp1,$rndlast,$dat2 ++ vst1.8 {$tmp1},[$out],#16 ++ b .Lecb_done ++___ ++ ++$code.=<<___; ++.align 5 ++.Lecb_dec: ++ vld1.8 {$dat1},[$inp],#16 ++ subs $len,$len,#32 // bias ++ add $cnt,$rounds,#2 ++ vorr $in1,$dat1,$dat1 ++ vorr $dat2,$dat1,$dat1 ++ vorr $dat1,$dat,$dat ++ b.lo .Lecb_dec_tail ++ ++ vorr $dat1,$in1,$in1 ++ vld1.8 {$dat2},[$inp],#16 ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ cmp $len,#32 ++ b.lo .Loop3x_ecb_dec ++ ++ vld1.8 {$dat3},[$inp],#16 ++ vld1.8 {$dat4},[$inp],#16 ++ sub $len,$len,#32 // bias ++ mov $cnt,$rounds ++ ++.Loop5x_ecb_dec: + aesd $dat0,q8 + aesimc $dat0,$dat0 + aesd $dat1,q8 @@ -139,7 +630,7 @@ diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/c + aesd $dat4,q9 + aesimc $dat4,$dat4 + vld1.32 {q9},[$key_],#16 -+ b.gt .Loop5x_cbc_dec ++ b.gt .Loop5x_ecb_dec + + aesd $dat0,q8 + aesimc $dat0,$dat0 @@ -151,8 +642,8 @@ diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/c + aesimc $dat3,$dat3 + aesd $dat4,q8 + aesimc $dat4,$dat4 -+ cmp $len,#0x40 // because .Lcbc_tail4x -+ sub $len,$len,#0x50 ++ cmp $len,#0x40 // because .Lecb_tail4x ++ sub $len,$len,#0x50 + + aesd $dat0,q9 + aesimc $dat0,$dat0 @@ -164,8 +655,8 @@ diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/c + aesimc $dat3,$dat3 + aesd $dat4,q9 + aesimc $dat4,$dat4 -+ csel x6,xzr,$len,gt // borrow x6, $cnt, "gt" is not typo -+ mov $key_,$key ++ csel x6,xzr,$len,gt // borrow x6, $cnt, "gt" is not typo ++ mov $key_,$key + + aesd $dat0,q10 + aesimc $dat0,$dat0 @@ -177,10 +668,10 @@ diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/c + aesimc $dat3,$dat3 + aesd $dat4,q10 + aesimc $dat4,$dat4 -+ add $inp,$inp,x6 // $inp is adjusted in such way that -+ // at exit from the loop $dat1-$dat4 -+ // are loaded with last "words" -+ add x6,$len,#0x60 // because .Lcbc_tail4x ++ add $inp,$inp,x6 // $inp is adjusted in such way that ++ // at exit from the loop $dat1-$dat4 ++ // are loaded with last "words" ++ add x6,$len,#0x60 // because .Lecb_tail4x + + aesd $dat0,q11 + aesimc $dat0,$dat0 @@ -226,109 +717,455 @@ diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/c + aesd $dat4,q14 + aesimc $dat4,$dat4 + -+ veor $tmp0,$ivec,$rndlast + aesd $dat0,q15 -+ veor $tmp1,$in0,$rndlast -+ vld1.8 {$in0},[$inp],#16 ++ vld1.8 {$in0},[$inp],#16 + aesd $dat1,q15 -+ veor $tmp2,$in1,$rndlast -+ vld1.8 {$in1},[$inp],#16 ++ vld1.8 {$in1},[$inp],#16 + aesd $dat2,q15 -+ veor $tmp3,$in2,$rndlast -+ vld1.8 {$in2},[$inp],#16 ++ vld1.8 {$in2},[$inp],#16 + aesd $dat3,q15 -+ veor $tmp4,$in3,$rndlast -+ vld1.8 {$in3},[$inp],#16 ++ vld1.8 {$in3},[$inp],#16 + aesd $dat4,q15 -+ vorr $ivec,$in4,$in4 -+ vld1.8 {$in4},[$inp],#16 -+ cbz x6,.Lcbc_tail4x -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ veor $tmp0,$tmp0,$dat0 -+ vorr $dat0,$in0,$in0 -+ veor $tmp1,$tmp1,$dat1 -+ vorr $dat1,$in1,$in1 -+ veor $tmp2,$tmp2,$dat2 -+ vorr $dat2,$in2,$in2 -+ veor $tmp3,$tmp3,$dat3 -+ vorr $dat3,$in3,$in3 -+ veor $tmp4,$tmp4,$dat4 ++ vld1.8 {$in4},[$inp],#16 ++ cbz x6,.Lecb_tail4x ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ veor $tmp0,$rndlast,$dat0 ++ vorr $dat0,$in0,$in0 ++ veor $tmp1,$rndlast,$dat1 ++ vorr $dat1,$in1,$in1 ++ veor $tmp2,$rndlast,$dat2 ++ vorr $dat2,$in2,$in2 ++ veor $tmp3,$rndlast,$dat3 ++ vorr $dat3,$in3,$in3 ++ veor $tmp4,$rndlast,$dat4 + vst1.8 {$tmp0},[$out],#16 -+ vorr $dat4,$in4,$in4 ++ vorr $dat4,$in4,$in4 + vst1.8 {$tmp1},[$out],#16 -+ mov $cnt,$rounds ++ mov $cnt,$rounds + vst1.8 {$tmp2},[$out],#16 -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] + vst1.8 {$tmp3},[$out],#16 + vst1.8 {$tmp4},[$out],#16 -+ b.hs .Loop5x_cbc_dec ++ b.hs .Loop5x_ecb_dec + + add $len,$len,#0x50 -+ cbz $len,.Lcbc_done ++ cbz $len,.Lecb_done + + add $cnt,$rounds,#2 + subs $len,$len,#0x30 + vorr $dat0,$in2,$in2 -+ vorr $in0,$in2,$in2 + vorr $dat1,$in3,$in3 -+ vorr $in1,$in3,$in3 + vorr $dat2,$in4,$in4 -+ vorr $in2,$in4,$in4 -+ b.lo .Lcbc_dec_tail ++ b.lo .Lecb_dec_tail ++ ++ b .Loop3x_ecb_dec + -+ b .Loop3x_cbc_dec - +.align 4 -+.Lcbc_tail4x: -+ veor $tmp1,$tmp0,$dat1 -+ veor $tmp2,$tmp2,$dat2 -+ veor $tmp3,$tmp3,$dat3 -+ veor $tmp4,$tmp4,$dat4 ++.Lecb_tail4x: ++ veor $tmp1,$rndlast,$dat1 ++ veor $tmp2,$rndlast,$dat2 ++ veor $tmp3,$rndlast,$dat3 ++ veor $tmp4,$rndlast,$dat4 + vst1.8 {$tmp1},[$out],#16 + vst1.8 {$tmp2},[$out],#16 + vst1.8 {$tmp3},[$out],#16 + vst1.8 {$tmp4},[$out],#16 + -+ b .Lcbc_done ++ b .Lecb_done +.align 4 +___ +$code.=<<___; - .Loop3x_cbc_dec: - aesd $dat0,q8 - aesimc $dat0,$dat0 -@@ -691,6 +915,9 @@ my $step="x12"; # aliases with $tctr2 - my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$ivec,$rndlast)=map("q$_",(0..7)); - my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); - -+# used only in 64-bit mode... -+my ($dat3,$dat4,$in3,$in4)=map("q$_",(16..23)); ++.Loop3x_ecb_dec: ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ vld1.32 {q8},[$key_],#16 ++ subs $cnt,$cnt,#2 ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Loop3x_ecb_dec + - my ($dat,$tmp)=($dat0,$tmp0); - - ### q8-q15 preloaded key schedule -@@ -743,6 +970,175 @@ $code.=<<___; - rev $tctr2, $ctr - sub $len,$len,#3 // bias - vmov.32 ${dat2}[3],$tctr2 -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ cmp $len,#2 -+ b.lo .Loop3x_ctr32 ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ subs $len,$len,#0x30 ++ mov.lo x6,$len // x6, $cnt, is zero at this point ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ add $inp,$inp,x6 // $inp is adjusted in such way that ++ // at exit from the loop $dat1-$dat2 ++ // are loaded with last "words" ++ mov $key_,$key ++ aesd $dat0,q12 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q12 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q12 ++ aesimc $dat2,$dat2 ++ vld1.8 {$in0},[$inp],#16 ++ aesd $dat0,q13 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q13 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q13 ++ aesimc $dat2,$dat2 ++ vld1.8 {$in1},[$inp],#16 ++ aesd $dat0,q14 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q14 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q14 ++ aesimc $dat2,$dat2 ++ vld1.8 {$in2},[$inp],#16 ++ aesd $dat0,q15 ++ aesd $dat1,q15 ++ aesd $dat2,q15 ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ add $cnt,$rounds,#2 ++ veor $tmp0,$rndlast,$dat0 ++ veor $tmp1,$rndlast,$dat1 ++ veor $dat2,$dat2,$rndlast ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ vst1.8 {$tmp0},[$out],#16 ++ vorr $dat0,$in0,$in0 ++ vst1.8 {$tmp1},[$out],#16 ++ vorr $dat1,$in1,$in1 ++ vst1.8 {$dat2},[$out],#16 ++ vorr $dat2,$in2,$in2 ++ b.hs .Loop3x_ecb_dec + -+ add w13,$ctr,#1 -+ add w14,$ctr,#2 -+ vorr $dat3,$dat0,$dat0 -+ rev w13,w13 -+ vorr $dat4,$dat0,$dat0 -+ rev w14,w14 -+ vmov.32 ${dat3}[3],w13 -+ sub $len,$len,#2 // bias -+ vmov.32 ${dat4}[3],w14 -+ add $ctr,$ctr,#2 -+ b .Loop5x_ctr32 ++ cmn $len,#0x30 ++ b.eq .Lecb_done ++ nop + -+.align 4 -+.Loop5x_ctr32: ++.Lecb_dec_tail: ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ vld1.32 {q8},[$key_],#16 ++ subs $cnt,$cnt,#2 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Lecb_dec_tail ++ ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ aesd $dat1,q12 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q12 ++ aesimc $dat2,$dat2 ++ cmn $len,#0x20 ++ aesd $dat1,q13 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q13 ++ aesimc $dat2,$dat2 ++ aesd $dat1,q14 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q14 ++ aesimc $dat2,$dat2 ++ aesd $dat1,q15 ++ aesd $dat2,q15 ++ b.eq .Lecb_dec_one ++ veor $tmp1,$rndlast,$dat1 ++ veor $tmp2,$rndlast,$dat2 ++ vst1.8 {$tmp1},[$out],#16 ++ vst1.8 {$tmp2},[$out],#16 ++ b .Lecb_done ++ ++.Lecb_dec_one: ++ veor $tmp1,$rndlast,$dat2 ++ vst1.8 {$tmp1},[$out],#16 ++ ++.Lecb_done: ++___ ++} ++$code.=<<___ if ($flavour !~ /64/); ++ vldmia sp!,{d8-d15} ++ ldmia sp!,{r4-r8,pc} ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ ldr x29,[sp],#16 ++___ ++$code.=<<___ if ($flavour =~ /64/); ++.Lecb_Final_abort: ++ ret ++___ ++$code.=<<___; ++.size ${prefix}_ecb_encrypt,.-${prefix}_ecb_encrypt ++___ ++}}} + {{{ + my ($inp,$out,$len,$key,$ivp)=map("x$_",(0..4)); my $enc="w5"; + my ($rounds,$cnt,$key_,$step,$step1)=($enc,"w6","x7","x8","x12"); +@@ -519,6 +1377,13 @@ $code.=<<___; + ___ + { + my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); ++ ++my ($dat3,$in3,$tmp3); # used only in 64-bit mode ++my ($dat4,$in4,$tmp4); ++if ($flavour =~ /64/) { ++ ($dat2,$dat3,$dat4,$in2,$in3,$in4,$tmp3,$tmp4)=map("q$_",(16..23)); ++} ++ + $code.=<<___; + .align 5 + .Lcbc_dec: +@@ -535,7 +1400,196 @@ $code.=<<___; + vorr $in0,$dat,$dat + vorr $in1,$dat1,$dat1 + vorr $in2,$dat2,$dat2 ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ cmp $len,#32 ++ b.lo .Loop3x_cbc_dec ++ ++ vld1.8 {$dat3},[$inp],#16 ++ vld1.8 {$dat4},[$inp],#16 ++ sub $len,$len,#32 // bias ++ mov $cnt,$rounds ++ vorr $in3,$dat3,$dat3 ++ vorr $in4,$dat4,$dat4 ++ ++.Loop5x_cbc_dec: ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q8 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q8 ++ aesimc $dat4,$dat4 ++ vld1.32 {q8},[$key_],#16 ++ subs $cnt,$cnt,#2 ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q9 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q9 ++ aesimc $dat4,$dat4 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Loop5x_cbc_dec ++ ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q8 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q8 ++ aesimc $dat4,$dat4 ++ cmp $len,#0x40 // because .Lcbc_tail4x ++ sub $len,$len,#0x50 ++ ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q9 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q9 ++ aesimc $dat4,$dat4 ++ csel x6,xzr,$len,gt // borrow x6, $cnt, "gt" is not typo ++ mov $key_,$key ++ ++ aesd $dat0,q10 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q10 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q10 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q10 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q10 ++ aesimc $dat4,$dat4 ++ add $inp,$inp,x6 // $inp is adjusted in such way that ++ // at exit from the loop $dat1-$dat4 ++ // are loaded with last "words" ++ add x6,$len,#0x60 // because .Lcbc_tail4x ++ ++ aesd $dat0,q11 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q11 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q11 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q11 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q11 ++ aesimc $dat4,$dat4 ++ ++ aesd $dat0,q12 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q12 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q12 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q12 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q12 ++ aesimc $dat4,$dat4 ++ ++ aesd $dat0,q13 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q13 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q13 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q13 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q13 ++ aesimc $dat4,$dat4 ++ ++ aesd $dat0,q14 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q14 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q14 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q14 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q14 ++ aesimc $dat4,$dat4 + ++ veor $tmp0,$ivec,$rndlast ++ aesd $dat0,q15 ++ veor $tmp1,$in0,$rndlast ++ vld1.8 {$in0},[$inp],#16 ++ aesd $dat1,q15 ++ veor $tmp2,$in1,$rndlast ++ vld1.8 {$in1},[$inp],#16 ++ aesd $dat2,q15 ++ veor $tmp3,$in2,$rndlast ++ vld1.8 {$in2},[$inp],#16 ++ aesd $dat3,q15 ++ veor $tmp4,$in3,$rndlast ++ vld1.8 {$in3},[$inp],#16 ++ aesd $dat4,q15 ++ vorr $ivec,$in4,$in4 ++ vld1.8 {$in4},[$inp],#16 ++ cbz x6,.Lcbc_tail4x ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ veor $tmp0,$tmp0,$dat0 ++ vorr $dat0,$in0,$in0 ++ veor $tmp1,$tmp1,$dat1 ++ vorr $dat1,$in1,$in1 ++ veor $tmp2,$tmp2,$dat2 ++ vorr $dat2,$in2,$in2 ++ veor $tmp3,$tmp3,$dat3 ++ vorr $dat3,$in3,$in3 ++ veor $tmp4,$tmp4,$dat4 ++ vst1.8 {$tmp0},[$out],#16 ++ vorr $dat4,$in4,$in4 ++ vst1.8 {$tmp1},[$out],#16 ++ mov $cnt,$rounds ++ vst1.8 {$tmp2},[$out],#16 ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ vst1.8 {$tmp3},[$out],#16 ++ vst1.8 {$tmp4},[$out],#16 ++ b.hs .Loop5x_cbc_dec ++ ++ add $len,$len,#0x50 ++ cbz $len,.Lcbc_done ++ ++ add $cnt,$rounds,#2 ++ subs $len,$len,#0x30 ++ vorr $dat0,$in2,$in2 ++ vorr $in0,$in2,$in2 ++ vorr $dat1,$in3,$in3 ++ vorr $in1,$in3,$in3 ++ vorr $dat2,$in4,$in4 ++ vorr $in2,$in4,$in4 ++ b.lo .Lcbc_dec_tail ++ ++ b .Loop3x_cbc_dec ++ ++.align 4 ++.Lcbc_tail4x: ++ veor $tmp1,$tmp0,$dat1 ++ veor $tmp2,$tmp2,$dat2 ++ veor $tmp3,$tmp3,$dat3 ++ veor $tmp4,$tmp4,$dat4 ++ vst1.8 {$tmp1},[$out],#16 ++ vst1.8 {$tmp2},[$out],#16 ++ vst1.8 {$tmp3},[$out],#16 ++ vst1.8 {$tmp4},[$out],#16 ++ ++ b .Lcbc_done ++.align 4 ++___ ++$code.=<<___; + .Loop3x_cbc_dec: + aesd $dat0,q8 + aesimc $dat0,$dat0 +@@ -696,6 +1750,9 @@ my $step="x12"; # aliases with $tctr2 + my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$ivec,$rndlast)=map("q$_",(0..7)); + my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); + ++# used only in 64-bit mode... ++my ($dat3,$dat4,$in3,$in4)=map("q$_",(16..23)); ++ + my ($dat,$tmp)=($dat0,$tmp0); + + ### q8-q15 preloaded key schedule +@@ -751,6 +1808,175 @@ $code.=<<___; + vmov.32 ${ivec}[3],$tctr2 + sub $len,$len,#3 // bias + vorr $dat2,$ivec,$ivec ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ cmp $len,#2 ++ b.lo .Loop3x_ctr32 ++ ++ add w13,$ctr,#1 ++ add w14,$ctr,#2 ++ vorr $dat3,$dat0,$dat0 ++ rev w13,w13 ++ vorr $dat4,$dat0,$dat0 ++ rev w14,w14 ++ vmov.32 ${dat3}[3],w13 ++ sub $len,$len,#2 // bias ++ vmov.32 ${dat4}[3],w14 ++ add $ctr,$ctr,#2 ++ b .Loop5x_ctr32 ++ ++.align 4 ++.Loop5x_ctr32: + aese $dat0,q8 + aesmc $dat0,$dat0 + aese $dat1,q8 @@ -354,135 +1191,1568 @@ diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/c + vld1.32 {q9},[$key_],#16 + b.gt .Loop5x_ctr32 + -+ mov $key_,$key -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ aese $dat3,q8 -+ aesmc $dat3,$dat3 -+ aese $dat4,q8 -+ aesmc $dat4,$dat4 -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ mov $key_,$key ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ aese $dat3,q8 ++ aesmc $dat3,$dat3 ++ aese $dat4,q8 ++ aesmc $dat4,$dat4 ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ aese $dat3,q9 ++ aesmc $dat3,$dat3 ++ aese $dat4,q9 ++ aesmc $dat4,$dat4 ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ ++ aese $dat0,q12 ++ aesmc $dat0,$dat0 ++ add $tctr0,$ctr,#1 ++ add $tctr1,$ctr,#2 ++ aese $dat1,q12 ++ aesmc $dat1,$dat1 ++ add $tctr2,$ctr,#3 ++ add w13,$ctr,#4 ++ aese $dat2,q12 ++ aesmc $dat2,$dat2 ++ add w14,$ctr,#5 ++ rev $tctr0,$tctr0 ++ aese $dat3,q12 ++ aesmc $dat3,$dat3 ++ rev $tctr1,$tctr1 ++ rev $tctr2,$tctr2 ++ aese $dat4,q12 ++ aesmc $dat4,$dat4 ++ rev w13,w13 ++ rev w14,w14 ++ ++ aese $dat0,q13 ++ aesmc $dat0,$dat0 ++ aese $dat1,q13 ++ aesmc $dat1,$dat1 ++ aese $dat2,q13 ++ aesmc $dat2,$dat2 ++ aese $dat3,q13 ++ aesmc $dat3,$dat3 ++ aese $dat4,q13 ++ aesmc $dat4,$dat4 ++ ++ aese $dat0,q14 ++ aesmc $dat0,$dat0 ++ vld1.8 {$in0},[$inp],#16 ++ aese $dat1,q14 ++ aesmc $dat1,$dat1 ++ vld1.8 {$in1},[$inp],#16 ++ aese $dat2,q14 ++ aesmc $dat2,$dat2 ++ vld1.8 {$in2},[$inp],#16 ++ aese $dat3,q14 ++ aesmc $dat3,$dat3 ++ vld1.8 {$in3},[$inp],#16 ++ aese $dat4,q14 ++ aesmc $dat4,$dat4 ++ vld1.8 {$in4},[$inp],#16 ++ ++ aese $dat0,q15 ++ veor $in0,$in0,$rndlast ++ aese $dat1,q15 ++ veor $in1,$in1,$rndlast ++ aese $dat2,q15 ++ veor $in2,$in2,$rndlast ++ aese $dat3,q15 ++ veor $in3,$in3,$rndlast ++ aese $dat4,q15 ++ veor $in4,$in4,$rndlast ++ ++ veor $in0,$in0,$dat0 ++ vorr $dat0,$ivec,$ivec ++ veor $in1,$in1,$dat1 ++ vorr $dat1,$ivec,$ivec ++ veor $in2,$in2,$dat2 ++ vorr $dat2,$ivec,$ivec ++ veor $in3,$in3,$dat3 ++ vorr $dat3,$ivec,$ivec ++ veor $in4,$in4,$dat4 ++ vorr $dat4,$ivec,$ivec ++ ++ vst1.8 {$in0},[$out],#16 ++ vmov.32 ${dat0}[3],$tctr0 ++ vst1.8 {$in1},[$out],#16 ++ vmov.32 ${dat1}[3],$tctr1 ++ vst1.8 {$in2},[$out],#16 ++ vmov.32 ${dat2}[3],$tctr2 ++ vst1.8 {$in3},[$out],#16 ++ vmov.32 ${dat3}[3],w13 ++ vst1.8 {$in4},[$out],#16 ++ vmov.32 ${dat4}[3],w14 ++ ++ mov $cnt,$rounds ++ cbz $len,.Lctr32_done ++ ++ add $ctr,$ctr,#5 ++ subs $len,$len,#5 ++ b.hs .Loop5x_ctr32 ++ ++ add $len,$len,#5 ++ sub $ctr,$ctr,#5 ++ ++ cmp $len,#2 ++ mov $step,#16 ++ cclr $step,lo ++ b.ls .Lctr32_tail ++ ++ sub $len,$len,#3 // bias ++ add $ctr,$ctr,#3 ++___ ++$code.=<<___; + b .Loop3x_ctr32 + + .align 4 +@@ -905,6 +2131,1432 @@ $code.=<<___; + .size ${prefix}_ctr32_encrypt_blocks,.-${prefix}_ctr32_encrypt_blocks + ___ + }}} ++# Performance in cycles per byte. ++# Processed with AES-XTS different key size. ++# It shows the value before and after optimization as below: ++# (before/after): ++# ++# AES-128-XTS AES-256-XTS ++# Cortex-A57 3.36/1.09 4.02/1.37 ++# Cortex-A72 3.03/1.02 3.28/1.33 ++ ++# Optimization is implemented by loop unrolling and interleaving. ++# Commonly, we choose the unrolling factor as 5, if the input ++# data size smaller than 5 blocks, but not smaller than 3 blocks, ++# choose 3 as the unrolling factor. ++# If the input data size dsize >= 5*16 bytes, then take 5 blocks ++# as one iteration, every loop the left size lsize -= 5*16. ++# If lsize < 5*16 bytes, treat them as the tail. Note: left 4*16 bytes ++# will be processed specially, which be integrated into the 5*16 bytes ++# loop to improve the efficiency. ++# There is one special case, if the original input data size dsize ++# = 16 bytes, we will treat it seperately to improve the ++# performance: one independent code block without LR, FP load and ++# store. ++# Encryption will process the (length -tailcnt) bytes as mentioned ++# previously, then encrypt the composite block as last second ++# cipher block. ++# Decryption will process the (length -tailcnt -1) bytes as mentioned ++# previously, then decrypt the last second cipher block to get the ++# last plain block(tail), decrypt the composite block as last second ++# plain text block. ++ ++{{{ ++my ($inp,$out,$len,$key1,$key2,$ivp)=map("x$_",(0..5)); ++my ($rounds0,$rounds,$key_,$step,$ivl,$ivh)=("w5","w6","x7","x8","x9","x10"); ++my ($tmpoutp,$loutp,$l2outp,$tmpinp)=("x13","w14","w15","x20"); ++my ($tailcnt,$midnum,$midnumx,$constnum,$constnumx)=("x21","w22","x22","w19","x19"); ++my ($xoffset,$tmpmx,$tmpmw)=("x6","x11","w11"); ++my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$tmp2,$rndlast)=map("q$_",(0..7)); ++my ($iv0,$iv1,$iv2,$iv3,$iv4)=("v6.16b","v8.16b","v9.16b","v10.16b","v11.16b"); ++my ($ivd00,$ivd01,$ivd20,$ivd21)=("d6","v6.d[1]","d9","v9.d[1]"); ++my ($ivd10,$ivd11,$ivd30,$ivd31,$ivd40,$ivd41)=("d8","v8.d[1]","d10","v10.d[1]","d11","v11.d[1]"); ++ ++my ($tmpin)=("v26.16b"); ++my ($dat,$tmp,$rndzero_n_last)=($dat0,$tmp0,$tmp1); ++ ++# q7 last round key ++# q10-q15, q7 Last 7 round keys ++# q8-q9 preloaded round keys except last 7 keys for big size ++# q20, q21, q8-q9 preloaded round keys except last 7 keys for only 16 byte ++ ++ ++my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); ++ ++my ($dat3,$in3,$tmp3); # used only in 64-bit mode ++my ($dat4,$in4,$tmp4); ++if ($flavour =~ /64/) { ++ ($dat2,$dat3,$dat4,$in2,$in3,$in4,$tmp3,$tmp4)=map("q$_",(16..23)); ++} ++ ++$code.=<<___ if ($flavour =~ /64/); ++.globl ${prefix}_xts_encrypt ++.type ${prefix}_xts_encrypt,%function ++.align 5 ++${prefix}_xts_encrypt: ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ cmp $len,#16 ++ // Original input data size bigger than 16, jump to big size processing. ++ b.ne .Lxts_enc_big_size ++ // Encrypt the iv with key2, as the first XEX iv. ++ ldr $rounds,[$key2,#240] ++ vld1.8 {$dat},[$key2],#16 ++ vld1.8 {$iv0},[$ivp] ++ sub $rounds,$rounds,#2 ++ vld1.8 {$dat1},[$key2],#16 ++ ++.Loop_enc_iv_enc: ++ aese $iv0,$dat ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat},[$key2],#16 ++ subs $rounds,$rounds,#2 ++ aese $iv0,$dat1 ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat1},[$key2],#16 ++ b.gt .Loop_enc_iv_enc ++ ++ aese $iv0,$dat ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat},[$key2] ++ aese $iv0,$dat1 ++ veor $iv0,$iv0,$dat ++ ++ vld1.8 {$dat0},[$inp] ++ veor $dat0,$iv0,$dat0 ++ ++ ldr $rounds,[$key1,#240] ++ vld1.32 {q20-q21},[$key1],#32 // load key schedule... ++ ++ aese $dat0,q20 ++ aesmc $dat0,$dat0 ++ vld1.32 {q8-q9},[$key1],#32 // load key schedule... ++ aese $dat0,q21 ++ aesmc $dat0,$dat0 ++ subs $rounds,$rounds,#10 // if rounds==10, jump to aes-128-xts processing ++ b.eq .Lxts_128_enc ++.Lxts_enc_round_loop: ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ vld1.32 {q8},[$key1],#16 // load key schedule... ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ vld1.32 {q9},[$key1],#16 // load key schedule... ++ subs $rounds,$rounds,#2 // bias ++ b.gt .Lxts_enc_round_loop ++.Lxts_128_enc: ++ vld1.32 {q10-q11},[$key1],#32 // load key schedule... ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ vld1.32 {q12-q13},[$key1],#32 // load key schedule... ++ aese $dat0,q10 ++ aesmc $dat0,$dat0 ++ aese $dat0,q11 ++ aesmc $dat0,$dat0 ++ vld1.32 {q14-q15},[$key1],#32 // load key schedule... ++ aese $dat0,q12 ++ aesmc $dat0,$dat0 ++ aese $dat0,q13 ++ aesmc $dat0,$dat0 ++ vld1.32 {$rndlast},[$key1] ++ aese $dat0,q14 ++ aesmc $dat0,$dat0 ++ aese $dat0,q15 ++ veor $dat0,$dat0,$rndlast ++ veor $dat0,$dat0,$iv0 ++ vst1.8 {$dat0},[$out] ++ b .Lxts_enc_final_abort ++ ++.align 4 ++.Lxts_enc_big_size: ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ stp $constnumx,$tmpinp,[sp,#-64]! ++ stp $tailcnt,$midnumx,[sp,#48] ++ stp $ivd10,$ivd20,[sp,#32] ++ stp $ivd30,$ivd40,[sp,#16] ++ ++ // tailcnt store the tail value of length%16. ++ and $tailcnt,$len,#0xf ++ and $len,$len,#-16 ++ subs $len,$len,#16 ++ mov $step,#16 ++ b.lo .Lxts_abort ++ csel $step,xzr,$step,eq ++ ++ // Firstly, encrypt the iv with key2, as the first iv of XEX. ++ ldr $rounds,[$key2,#240] ++ vld1.32 {$dat},[$key2],#16 ++ vld1.8 {$iv0},[$ivp] ++ sub $rounds,$rounds,#2 ++ vld1.32 {$dat1},[$key2],#16 ++ ++.Loop_iv_enc: ++ aese $iv0,$dat ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat},[$key2],#16 ++ subs $rounds,$rounds,#2 ++ aese $iv0,$dat1 ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat1},[$key2],#16 ++ b.gt .Loop_iv_enc ++ ++ aese $iv0,$dat ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat},[$key2] ++ aese $iv0,$dat1 ++ veor $iv0,$iv0,$dat ++ ++ // The iv for second block ++ // $ivl- iv(low), $ivh - iv(high) ++ // the five ivs stored into, $iv0,$iv1,$iv2,$iv3,$iv4 ++ fmov $ivl,$ivd00 ++ fmov $ivh,$ivd01 ++ mov $constnum,#0x87 ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr#31 ++ eor $ivl,$tmpmx,$ivl,lsl#1 ++ fmov $ivd10,$ivl ++ fmov $ivd11,$ivh ++ ++ ldr $rounds0,[$key1,#240] // next starting point ++ vld1.8 {$dat},[$inp],$step ++ ++ vld1.32 {q8-q9},[$key1] // load key schedule... ++ sub $rounds0,$rounds0,#6 ++ add $key_,$key1,$ivp,lsl#4 // pointer to last 7 round keys ++ sub $rounds0,$rounds0,#2 ++ vld1.32 {q10-q11},[$key_],#32 ++ vld1.32 {q12-q13},[$key_],#32 ++ vld1.32 {q14-q15},[$key_],#32 ++ vld1.32 {$rndlast},[$key_] ++ ++ add $key_,$key1,#32 ++ mov $rounds,$rounds0 ++ ++ // Encryption ++.Lxts_enc: ++ vld1.8 {$dat2},[$inp],#16 ++ subs $len,$len,#32 // bias ++ add $rounds,$rounds0,#2 ++ vorr $in1,$dat,$dat ++ vorr $dat1,$dat,$dat ++ vorr $in3,$dat,$dat ++ vorr $in2,$dat2,$dat2 ++ vorr $in4,$dat2,$dat2 ++ b.lo .Lxts_inner_enc_tail ++ veor $dat,$dat,$iv0 // before encryption, xor with iv ++ veor $dat2,$dat2,$iv1 ++ ++ // The iv for third block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr#31 ++ eor $ivl,$tmpmx,$ivl,lsl#1 ++ fmov $ivd20,$ivl ++ fmov $ivd21,$ivh ++ ++ ++ vorr $dat1,$dat2,$dat2 ++ vld1.8 {$dat2},[$inp],#16 ++ vorr $in0,$dat,$dat ++ vorr $in1,$dat1,$dat1 ++ veor $in2,$dat2,$iv2 // the third block ++ veor $dat2,$dat2,$iv2 ++ cmp $len,#32 ++ b.lo .Lxts_outer_enc_tail ++ ++ // The iv for fourth block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr#31 ++ eor $ivl,$tmpmx,$ivl,lsl#1 ++ fmov $ivd30,$ivl ++ fmov $ivd31,$ivh ++ ++ vld1.8 {$dat3},[$inp],#16 ++ // The iv for fifth block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr#31 ++ eor $ivl,$tmpmx,$ivl,lsl#1 ++ fmov $ivd40,$ivl ++ fmov $ivd41,$ivh ++ ++ vld1.8 {$dat4},[$inp],#16 ++ veor $dat3,$dat3,$iv3 // the fourth block ++ veor $dat4,$dat4,$iv4 ++ sub $len,$len,#32 // bias ++ mov $rounds,$rounds0 ++ b .Loop5x_xts_enc ++ ++.align 4 ++.Loop5x_xts_enc: ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ aese $dat3,q8 ++ aesmc $dat3,$dat3 ++ aese $dat4,q8 ++ aesmc $dat4,$dat4 ++ vld1.32 {q8},[$key_],#16 ++ subs $rounds,$rounds,#2 ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ aese $dat3,q9 ++ aesmc $dat3,$dat3 ++ aese $dat4,q9 ++ aesmc $dat4,$dat4 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Loop5x_xts_enc ++ ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ aese $dat3,q8 ++ aesmc $dat3,$dat3 ++ aese $dat4,q8 ++ aesmc $dat4,$dat4 ++ subs $len,$len,#0x50 // because .Lxts_enc_tail4x ++ ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ aese $dat3,q9 ++ aesmc $dat3,$dat3 ++ aese $dat4,q9 ++ aesmc $dat4,$dat4 ++ csel $xoffset,xzr,$len,gt // borrow x6, w6, "gt" is not typo ++ mov $key_,$key1 ++ ++ aese $dat0,q10 ++ aesmc $dat0,$dat0 ++ aese $dat1,q10 ++ aesmc $dat1,$dat1 ++ aese $dat2,q10 ++ aesmc $dat2,$dat2 ++ aese $dat3,q10 ++ aesmc $dat3,$dat3 ++ aese $dat4,q10 ++ aesmc $dat4,$dat4 ++ add $inp,$inp,$xoffset // x0 is adjusted in such way that ++ // at exit from the loop v1.16b-v26.16b ++ // are loaded with last "words" ++ add $xoffset,$len,#0x60 // because .Lxts_enc_tail4x ++ ++ aese $dat0,q11 ++ aesmc $dat0,$dat0 ++ aese $dat1,q11 ++ aesmc $dat1,$dat1 ++ aese $dat2,q11 ++ aesmc $dat2,$dat2 ++ aese $dat3,q11 ++ aesmc $dat3,$dat3 ++ aese $dat4,q11 ++ aesmc $dat4,$dat4 ++ ++ aese $dat0,q12 ++ aesmc $dat0,$dat0 ++ aese $dat1,q12 ++ aesmc $dat1,$dat1 ++ aese $dat2,q12 ++ aesmc $dat2,$dat2 ++ aese $dat3,q12 ++ aesmc $dat3,$dat3 ++ aese $dat4,q12 ++ aesmc $dat4,$dat4 ++ ++ aese $dat0,q13 ++ aesmc $dat0,$dat0 ++ aese $dat1,q13 ++ aesmc $dat1,$dat1 ++ aese $dat2,q13 ++ aesmc $dat2,$dat2 ++ aese $dat3,q13 ++ aesmc $dat3,$dat3 ++ aese $dat4,q13 ++ aesmc $dat4,$dat4 ++ ++ aese $dat0,q14 ++ aesmc $dat0,$dat0 ++ aese $dat1,q14 ++ aesmc $dat1,$dat1 ++ aese $dat2,q14 ++ aesmc $dat2,$dat2 ++ aese $dat3,q14 ++ aesmc $dat3,$dat3 ++ aese $dat4,q14 ++ aesmc $dat4,$dat4 ++ ++ veor $tmp0,$rndlast,$iv0 ++ aese $dat0,q15 ++ // The iv for first block of one iteration ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr#31 ++ eor $ivl,$tmpmx,$ivl,lsl#1 ++ fmov $ivd00,$ivl ++ fmov $ivd01,$ivh ++ veor $tmp1,$rndlast,$iv1 ++ vld1.8 {$in0},[$inp],#16 ++ aese $dat1,q15 ++ // The iv for second block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr#31 ++ eor $ivl,$tmpmx,$ivl,lsl#1 ++ fmov $ivd10,$ivl ++ fmov $ivd11,$ivh ++ veor $tmp2,$rndlast,$iv2 ++ vld1.8 {$in1},[$inp],#16 ++ aese $dat2,q15 ++ // The iv for third block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr#31 ++ eor $ivl,$tmpmx,$ivl,lsl#1 ++ fmov $ivd20,$ivl ++ fmov $ivd21,$ivh ++ veor $tmp3,$rndlast,$iv3 ++ vld1.8 {$in2},[$inp],#16 ++ aese $dat3,q15 ++ // The iv for fourth block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr#31 ++ eor $ivl,$tmpmx,$ivl,lsl#1 ++ fmov $ivd30,$ivl ++ fmov $ivd31,$ivh ++ veor $tmp4,$rndlast,$iv4 ++ vld1.8 {$in3},[$inp],#16 ++ aese $dat4,q15 ++ ++ // The iv for fifth block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd40,$ivl ++ fmov $ivd41,$ivh ++ ++ vld1.8 {$in4},[$inp],#16 ++ cbz $xoffset,.Lxts_enc_tail4x ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ veor $tmp0,$tmp0,$dat0 ++ veor $dat0,$in0,$iv0 ++ veor $tmp1,$tmp1,$dat1 ++ veor $dat1,$in1,$iv1 ++ veor $tmp2,$tmp2,$dat2 ++ veor $dat2,$in2,$iv2 ++ veor $tmp3,$tmp3,$dat3 ++ veor $dat3,$in3,$iv3 ++ veor $tmp4,$tmp4,$dat4 ++ vst1.8 {$tmp0},[$out],#16 ++ veor $dat4,$in4,$iv4 ++ vst1.8 {$tmp1},[$out],#16 ++ mov $rounds,$rounds0 ++ vst1.8 {$tmp2},[$out],#16 ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ vst1.8 {$tmp3},[$out],#16 ++ vst1.8 {$tmp4},[$out],#16 ++ b.hs .Loop5x_xts_enc ++ ++ ++ // If left 4 blocks, borrow the five block's processing. ++ cmn $len,#0x10 ++ b.ne .Loop5x_enc_after ++ vorr $iv4,$iv3,$iv3 ++ vorr $iv3,$iv2,$iv2 ++ vorr $iv2,$iv1,$iv1 ++ vorr $iv1,$iv0,$iv0 ++ fmov $ivl,$ivd40 ++ fmov $ivh,$ivd41 ++ veor $dat0,$iv0,$in0 ++ veor $dat1,$iv1,$in1 ++ veor $dat2,$in2,$iv2 ++ veor $dat3,$in3,$iv3 ++ veor $dat4,$in4,$iv4 ++ b.eq .Loop5x_xts_enc ++ ++.Loop5x_enc_after: ++ add $len,$len,#0x50 ++ cbz $len,.Lxts_enc_done ++ ++ add $rounds,$rounds0,#2 ++ subs $len,$len,#0x30 ++ b.lo .Lxts_inner_enc_tail ++ ++ veor $dat0,$iv0,$in2 ++ veor $dat1,$iv1,$in3 ++ veor $dat2,$in4,$iv2 ++ b .Lxts_outer_enc_tail ++ ++.align 4 ++.Lxts_enc_tail4x: ++ add $inp,$inp,#16 ++ veor $tmp1,$dat1,$tmp1 ++ vst1.8 {$tmp1},[$out],#16 ++ veor $tmp2,$dat2,$tmp2 ++ vst1.8 {$tmp2},[$out],#16 ++ veor $tmp3,$dat3,$tmp3 ++ veor $tmp4,$dat4,$tmp4 ++ vst1.8 {$tmp3-$tmp4},[$out],#32 ++ ++ b .Lxts_enc_done ++.align 4 ++.Lxts_outer_enc_tail: ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ vld1.32 {q8},[$key_],#16 ++ subs $rounds,$rounds,#2 ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Lxts_outer_enc_tail ++ ++ aese $dat0,q8 ++ aesmc $dat0,$dat0 ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ veor $tmp0,$iv0,$rndlast ++ subs $len,$len,#0x30 ++ // The iv for first block ++ fmov $ivl,$ivd20 ++ fmov $ivh,$ivd21 ++ //mov $constnum,#0x87 ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr#31 ++ eor $ivl,$tmpmx,$ivl,lsl#1 ++ fmov $ivd00,$ivl ++ fmov $ivd01,$ivh ++ veor $tmp1,$iv1,$rndlast ++ csel $xoffset,$len,$xoffset,lo // x6, w6, is zero at this point ++ aese $dat0,q9 ++ aesmc $dat0,$dat0 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ veor $tmp2,$iv2,$rndlast ++ ++ add $xoffset,$xoffset,#0x20 ++ add $inp,$inp,$xoffset ++ mov $key_,$key1 ++ ++ aese $dat0,q12 ++ aesmc $dat0,$dat0 ++ aese $dat1,q12 ++ aesmc $dat1,$dat1 ++ aese $dat2,q12 ++ aesmc $dat2,$dat2 ++ aese $dat0,q13 ++ aesmc $dat0,$dat0 ++ aese $dat1,q13 ++ aesmc $dat1,$dat1 ++ aese $dat2,q13 ++ aesmc $dat2,$dat2 ++ aese $dat0,q14 ++ aesmc $dat0,$dat0 ++ aese $dat1,q14 ++ aesmc $dat1,$dat1 ++ aese $dat2,q14 ++ aesmc $dat2,$dat2 ++ aese $dat0,q15 ++ aese $dat1,q15 ++ aese $dat2,q15 ++ vld1.8 {$in2},[$inp],#16 ++ add $rounds,$rounds0,#2 ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ veor $tmp0,$tmp0,$dat0 ++ veor $tmp1,$tmp1,$dat1 ++ veor $dat2,$dat2,$tmp2 ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ vst1.8 {$tmp0},[$out],#16 ++ vst1.8 {$tmp1},[$out],#16 ++ vst1.8 {$dat2},[$out],#16 ++ cmn $len,#0x30 ++ b.eq .Lxts_enc_done ++.Lxts_encxor_one: ++ vorr $in3,$in1,$in1 ++ vorr $in4,$in2,$in2 ++ nop ++ ++.Lxts_inner_enc_tail: ++ cmn $len,#0x10 ++ veor $dat1,$in3,$iv0 ++ veor $dat2,$in4,$iv1 ++ b.eq .Lxts_enc_tail_loop ++ veor $dat2,$in4,$iv0 ++.Lxts_enc_tail_loop: ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ vld1.32 {q8},[$key_],#16 ++ subs $rounds,$rounds,#2 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Lxts_enc_tail_loop ++ ++ aese $dat1,q8 ++ aesmc $dat1,$dat1 ++ aese $dat2,q8 ++ aesmc $dat2,$dat2 ++ aese $dat1,q9 ++ aesmc $dat1,$dat1 ++ aese $dat2,q9 ++ aesmc $dat2,$dat2 ++ aese $dat1,q12 ++ aesmc $dat1,$dat1 ++ aese $dat2,q12 ++ aesmc $dat2,$dat2 ++ cmn $len,#0x20 ++ aese $dat1,q13 ++ aesmc $dat1,$dat1 ++ aese $dat2,q13 ++ aesmc $dat2,$dat2 ++ veor $tmp1,$iv0,$rndlast ++ aese $dat1,q14 ++ aesmc $dat1,$dat1 ++ aese $dat2,q14 ++ aesmc $dat2,$dat2 ++ veor $tmp2,$iv1,$rndlast ++ aese $dat1,q15 ++ aese $dat2,q15 ++ b.eq .Lxts_enc_one ++ veor $tmp1,$tmp1,$dat1 ++ vst1.8 {$tmp1},[$out],#16 ++ veor $tmp2,$tmp2,$dat2 ++ vorr $iv0,$iv1,$iv1 ++ vst1.8 {$tmp2},[$out],#16 ++ fmov $ivl,$ivd10 ++ fmov $ivh,$ivd11 ++ mov $constnum,#0x87 ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd00,$ivl ++ fmov $ivd01,$ivh ++ b .Lxts_enc_done ++ ++.Lxts_enc_one: ++ veor $tmp1,$tmp1,$dat2 ++ vorr $iv0,$iv0,$iv0 ++ vst1.8 {$tmp1},[$out],#16 ++ fmov $ivl,$ivd00 ++ fmov $ivh,$ivd01 ++ mov $constnum,#0x87 ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd00,$ivl ++ fmov $ivd01,$ivh ++ b .Lxts_enc_done ++.align 5 ++.Lxts_enc_done: ++ // Process the tail block with cipher stealing. ++ tst $tailcnt,#0xf ++ b.eq .Lxts_abort ++ ++ mov $tmpinp,$inp ++ mov $tmpoutp,$out ++ sub $out,$out,#16 ++.composite_enc_loop: ++ subs $tailcnt,$tailcnt,#1 ++ ldrb $l2outp,[$out,$tailcnt] ++ ldrb $loutp,[$tmpinp,$tailcnt] ++ strb $l2outp,[$tmpoutp,$tailcnt] ++ strb $loutp,[$out,$tailcnt] ++ b.gt .composite_enc_loop ++.Lxts_enc_load_done: ++ vld1.8 {$tmpin},[$out] ++ veor $tmpin,$tmpin,$iv0 ++ ++ // Encrypt the composite block to get the last second encrypted text block ++ ldr $rounds,[$key1,#240] // load key schedule... ++ vld1.8 {$dat},[$key1],#16 ++ sub $rounds,$rounds,#2 ++ vld1.8 {$dat1},[$key1],#16 // load key schedule... ++.Loop_final_enc: ++ aese $tmpin,$dat0 ++ aesmc $tmpin,$tmpin ++ vld1.32 {$dat0},[$key1],#16 ++ subs $rounds,$rounds,#2 ++ aese $tmpin,$dat1 ++ aesmc $tmpin,$tmpin ++ vld1.32 {$dat1},[$key1],#16 ++ b.gt .Loop_final_enc ++ ++ aese $tmpin,$dat0 ++ aesmc $tmpin,$tmpin ++ vld1.32 {$dat0},[$key1] ++ aese $tmpin,$dat1 ++ veor $tmpin,$tmpin,$dat0 ++ veor $tmpin,$tmpin,$iv0 ++ vst1.8 {$tmpin},[$out] ++ ++.Lxts_abort: ++ ldp $tailcnt,$midnumx,[sp,#48] ++ ldp $ivd10,$ivd20,[sp,#32] ++ ldp $ivd30,$ivd40,[sp,#16] ++ ldp $constnumx,$tmpinp,[sp],#64 ++.Lxts_enc_final_abort: ++ ret ++.size ${prefix}_xts_encrypt,.-${prefix}_xts_encrypt ++___ ++ ++}}} ++{{{ ++my ($inp,$out,$len,$key1,$key2,$ivp)=map("x$_",(0..5)); ++my ($rounds0,$rounds,$key_,$step,$ivl,$ivh)=("w5","w6","x7","x8","x9","x10"); ++my ($tmpoutp,$loutp,$l2outp,$tmpinp)=("x13","w14","w15","x20"); ++my ($tailcnt,$midnum,$midnumx,$constnum,$constnumx)=("x21","w22","x22","w19","x19"); ++my ($xoffset,$tmpmx,$tmpmw)=("x6","x11","w11"); ++my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$tmp2,$rndlast)=map("q$_",(0..7)); ++my ($iv0,$iv1,$iv2,$iv3,$iv4,$tmpin)=("v6.16b","v8.16b","v9.16b","v10.16b","v11.16b","v26.16b"); ++my ($ivd00,$ivd01,$ivd20,$ivd21)=("d6","v6.d[1]","d9","v9.d[1]"); ++my ($ivd10,$ivd11,$ivd30,$ivd31,$ivd40,$ivd41)=("d8","v8.d[1]","d10","v10.d[1]","d11","v11.d[1]"); ++ ++my ($dat,$tmp,$rndzero_n_last)=($dat0,$tmp0,$tmp1); ++ ++# q7 last round key ++# q10-q15, q7 Last 7 round keys ++# q8-q9 preloaded round keys except last 7 keys for big size ++# q20, q21, q8-q9 preloaded round keys except last 7 keys for only 16 byte ++ ++{ ++my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); ++ ++my ($dat3,$in3,$tmp3); # used only in 64-bit mode ++my ($dat4,$in4,$tmp4); ++if ($flavour =~ /64/) { ++ ($dat2,$dat3,$dat4,$in2,$in3,$in4,$tmp3,$tmp4)=map("q$_",(16..23)); ++} ++ ++$code.=<<___ if ($flavour =~ /64/); ++.globl ${prefix}_xts_decrypt ++.type ${prefix}_xts_decrypt,%function ++.align 5 ++${prefix}_xts_decrypt: ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ cmp $len,#16 ++ // Original input data size bigger than 16, jump to big size processing. ++ b.ne .Lxts_dec_big_size ++ // Encrypt the iv with key2, as the first XEX iv. ++ ldr $rounds,[$key2,#240] ++ vld1.8 {$dat},[$key2],#16 ++ vld1.8 {$iv0},[$ivp] ++ sub $rounds,$rounds,#2 ++ vld1.8 {$dat1},[$key2],#16 ++ ++.Loop_dec_small_iv_enc: ++ aese $iv0,$dat ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat},[$key2],#16 ++ subs $rounds,$rounds,#2 ++ aese $iv0,$dat1 ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat1},[$key2],#16 ++ b.gt .Loop_dec_small_iv_enc ++ ++ aese $iv0,$dat ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat},[$key2] ++ aese $iv0,$dat1 ++ veor $iv0,$iv0,$dat ++ ++ vld1.8 {$dat0},[$inp] ++ veor $dat0,$iv0,$dat0 ++ ++ ldr $rounds,[$key1,#240] ++ vld1.32 {q20-q21},[$key1],#32 // load key schedule... ++ ++ aesd $dat0,q20 ++ aesimc $dat0,$dat0 ++ vld1.32 {q8-q9},[$key1],#32 // load key schedule... ++ aesd $dat0,q21 ++ aesimc $dat0,$dat0 ++ subs $rounds,$rounds,#10 // bias ++ b.eq .Lxts_128_dec ++.Lxts_dec_round_loop: ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ vld1.32 {q8},[$key1],#16 // load key schedule... ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ vld1.32 {q9},[$key1],#16 // load key schedule... ++ subs $rounds,$rounds,#2 // bias ++ b.gt .Lxts_dec_round_loop ++.Lxts_128_dec: ++ vld1.32 {q10-q11},[$key1],#32 // load key schedule... ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ vld1.32 {q12-q13},[$key1],#32 // load key schedule... ++ aesd $dat0,q10 ++ aesimc $dat0,$dat0 ++ aesd $dat0,q11 ++ aesimc $dat0,$dat0 ++ vld1.32 {q14-q15},[$key1],#32 // load key schedule... ++ aesd $dat0,q12 ++ aesimc $dat0,$dat0 ++ aesd $dat0,q13 ++ aesimc $dat0,$dat0 ++ vld1.32 {$rndlast},[$key1] ++ aesd $dat0,q14 ++ aesimc $dat0,$dat0 ++ aesd $dat0,q15 ++ veor $dat0,$dat0,$rndlast ++ veor $dat0,$iv0,$dat0 ++ vst1.8 {$dat0},[$out] ++ b .Lxts_dec_final_abort ++.Lxts_dec_big_size: ++___ ++$code.=<<___ if ($flavour =~ /64/); ++ stp $constnumx,$tmpinp,[sp,#-64]! ++ stp $tailcnt,$midnumx,[sp,#48] ++ stp $ivd10,$ivd20,[sp,#32] ++ stp $ivd30,$ivd40,[sp,#16] ++ ++ and $tailcnt,$len,#0xf ++ and $len,$len,#-16 ++ subs $len,$len,#16 ++ mov $step,#16 ++ b.lo .Lxts_dec_abort ++ ++ // Encrypt the iv with key2, as the first XEX iv ++ ldr $rounds,[$key2,#240] ++ vld1.8 {$dat},[$key2],#16 ++ vld1.8 {$iv0},[$ivp] ++ sub $rounds,$rounds,#2 ++ vld1.8 {$dat1},[$key2],#16 ++ ++.Loop_dec_iv_enc: ++ aese $iv0,$dat ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat},[$key2],#16 ++ subs $rounds,$rounds,#2 ++ aese $iv0,$dat1 ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat1},[$key2],#16 ++ b.gt .Loop_dec_iv_enc ++ ++ aese $iv0,$dat ++ aesmc $iv0,$iv0 ++ vld1.32 {$dat},[$key2] ++ aese $iv0,$dat1 ++ veor $iv0,$iv0,$dat ++ ++ // The iv for second block ++ // $ivl- iv(low), $ivh - iv(high) ++ // the five ivs stored into, $iv0,$iv1,$iv2,$iv3,$iv4 ++ fmov $ivl,$ivd00 ++ fmov $ivh,$ivd01 ++ mov $constnum,#0x87 ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd10,$ivl ++ fmov $ivd11,$ivh ++ ++ ldr $rounds0,[$key1,#240] // load rounds number ++ ++ // The iv for third block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd20,$ivl ++ fmov $ivd21,$ivh ++ ++ vld1.32 {q8-q9},[$key1] // load key schedule... ++ sub $rounds0,$rounds0,#6 ++ add $key_,$key1,$ivp,lsl#4 // pointer to last 7 round keys ++ sub $rounds0,$rounds0,#2 ++ vld1.32 {q10-q11},[$key_],#32 // load key schedule... ++ vld1.32 {q12-q13},[$key_],#32 ++ vld1.32 {q14-q15},[$key_],#32 ++ vld1.32 {$rndlast},[$key_] ++ ++ // The iv for fourth block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd30,$ivl ++ fmov $ivd31,$ivh ++ ++ add $key_,$key1,#32 ++ mov $rounds,$rounds0 ++ b .Lxts_dec ++ ++ // Decryption ++.align 5 ++.Lxts_dec: ++ tst $tailcnt,#0xf ++ b.eq .Lxts_dec_begin ++ subs $len,$len,#16 ++ csel $step,xzr,$step,eq ++ vld1.8 {$dat},[$inp],#16 ++ b.lo .Lxts_done ++ sub $inp,$inp,#16 ++.Lxts_dec_begin: ++ vld1.8 {$dat},[$inp],$step ++ subs $len,$len,#32 // bias ++ add $rounds,$rounds0,#2 ++ vorr $in1,$dat,$dat ++ vorr $dat1,$dat,$dat ++ vorr $in3,$dat,$dat ++ vld1.8 {$dat2},[$inp],#16 ++ vorr $in2,$dat2,$dat2 ++ vorr $in4,$dat2,$dat2 ++ b.lo .Lxts_inner_dec_tail ++ veor $dat,$dat,$iv0 // before decryt, xor with iv ++ veor $dat2,$dat2,$iv1 ++ ++ vorr $dat1,$dat2,$dat2 ++ vld1.8 {$dat2},[$inp],#16 ++ vorr $in0,$dat,$dat ++ vorr $in1,$dat1,$dat1 ++ veor $in2,$dat2,$iv2 // third block xox with third iv ++ veor $dat2,$dat2,$iv2 ++ cmp $len,#32 ++ b.lo .Lxts_outer_dec_tail ++ ++ vld1.8 {$dat3},[$inp],#16 ++ ++ // The iv for fifth block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd40,$ivl ++ fmov $ivd41,$ivh ++ ++ vld1.8 {$dat4},[$inp],#16 ++ veor $dat3,$dat3,$iv3 // the fourth block ++ veor $dat4,$dat4,$iv4 ++ sub $len,$len,#32 // bias ++ mov $rounds,$rounds0 ++ b .Loop5x_xts_dec ++ ++.align 4 ++.Loop5x_xts_dec: ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q8 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q8 ++ aesimc $dat4,$dat4 ++ vld1.32 {q8},[$key_],#16 // load key schedule... ++ subs $rounds,$rounds,#2 ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q9 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q9 ++ aesimc $dat4,$dat4 ++ vld1.32 {q9},[$key_],#16 // load key schedule... ++ b.gt .Loop5x_xts_dec ++ ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q8 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q8 ++ aesimc $dat4,$dat4 ++ subs $len,$len,#0x50 // because .Lxts_dec_tail4x ++ ++ aesd $dat0,q9 ++ aesimc $dat0,$dat ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q9 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q9 ++ aesimc $dat4,$dat4 ++ csel $xoffset,xzr,$len,gt // borrow x6, w6, "gt" is not typo ++ mov $key_,$key1 ++ ++ aesd $dat0,q10 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q10 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q10 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q10 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q10 ++ aesimc $dat4,$dat4 ++ add $inp,$inp,$xoffset // x0 is adjusted in such way that ++ // at exit from the loop v1.16b-v26.16b ++ // are loaded with last "words" ++ add $xoffset,$len,#0x60 // because .Lxts_dec_tail4x ++ ++ aesd $dat0,q11 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q11 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q11 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q11 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q11 ++ aesimc $dat4,$dat4 ++ ++ aesd $dat0,q12 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q12 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q12 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q12 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q12 ++ aesimc $dat4,$dat4 ++ ++ aesd $dat0,q13 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q13 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q13 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q13 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q13 ++ aesimc $dat4,$dat4 ++ ++ aesd $dat0,q14 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q14 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q14 ++ aesimc $dat2,$dat2 ++ aesd $dat3,q14 ++ aesimc $dat3,$dat3 ++ aesd $dat4,q14 ++ aesimc $dat4,$dat4 ++ ++ veor $tmp0,$rndlast,$iv0 ++ aesd $dat0,q15 ++ // The iv for first block of next iteration. ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd00,$ivl ++ fmov $ivd01,$ivh ++ veor $tmp1,$rndlast,$iv1 ++ vld1.8 {$in0},[$inp],#16 ++ aesd $dat1,q15 ++ // The iv for second block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd10,$ivl ++ fmov $ivd11,$ivh ++ veor $tmp2,$rndlast,$iv2 ++ vld1.8 {$in1},[$inp],#16 ++ aesd $dat2,q15 ++ // The iv for third block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd20,$ivl ++ fmov $ivd21,$ivh ++ veor $tmp3,$rndlast,$iv3 ++ vld1.8 {$in2},[$inp],#16 ++ aesd $dat3,q15 ++ // The iv for fourth block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd30,$ivl ++ fmov $ivd31,$ivh ++ veor $tmp4,$rndlast,$iv4 ++ vld1.8 {$in3},[$inp],#16 ++ aesd $dat4,q15 + -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ aese $dat3,q9 -+ aesmc $dat3,$dat3 -+ aese $dat4,q9 -+ aesmc $dat4,$dat4 -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ // The iv for fifth block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd40,$ivl ++ fmov $ivd41,$ivh + -+ aese $dat0,q12 -+ aesmc $dat0,$dat0 -+ add $tctr0,$ctr,#1 -+ add $tctr1,$ctr,#2 -+ aese $dat1,q12 -+ aesmc $dat1,$dat1 -+ add $tctr2,$ctr,#3 -+ add w13,$ctr,#4 -+ aese $dat2,q12 -+ aesmc $dat2,$dat2 -+ add w14,$ctr,#5 -+ rev $tctr0,$tctr0 -+ aese $dat3,q12 -+ aesmc $dat3,$dat3 -+ rev $tctr1,$tctr1 -+ rev $tctr2,$tctr2 -+ aese $dat4,q12 -+ aesmc $dat4,$dat4 -+ rev w13,w13 -+ rev w14,w14 ++ vld1.8 {$in4},[$inp],#16 ++ cbz $xoffset,.Lxts_dec_tail4x ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ veor $tmp0,$tmp0,$dat0 ++ veor $dat0,$in0,$iv0 ++ veor $tmp1,$tmp1,$dat1 ++ veor $dat1,$in1,$iv1 ++ veor $tmp2,$tmp2,$dat2 ++ veor $dat2,$in2,$iv2 ++ veor $tmp3,$tmp3,$dat3 ++ veor $dat3,$in3,$iv3 ++ veor $tmp4,$tmp4,$dat4 ++ vst1.8 {$tmp0},[$out],#16 ++ veor $dat4,$in4,$iv4 ++ vst1.8 {$tmp1},[$out],#16 ++ mov $rounds,$rounds0 ++ vst1.8 {$tmp2},[$out],#16 ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ vst1.8 {$tmp3},[$out],#16 ++ vst1.8 {$tmp4},[$out],#16 ++ b.hs .Loop5x_xts_dec + -+ aese $dat0,q13 -+ aesmc $dat0,$dat0 -+ aese $dat1,q13 -+ aesmc $dat1,$dat1 -+ aese $dat2,q13 -+ aesmc $dat2,$dat2 -+ aese $dat3,q13 -+ aesmc $dat3,$dat3 -+ aese $dat4,q13 -+ aesmc $dat4,$dat4 ++ cmn $len,#0x10 ++ b.ne .Loop5x_dec_after ++ // If x2($len) equal to -0x10, the left blocks is 4. ++ // After specially processing, utilize the five blocks processing again. ++ // It will use the following IVs: $iv0,$iv0,$iv1,$iv2,$iv3. ++ vorr $iv4,$iv3,$iv3 ++ vorr $iv3,$iv2,$iv2 ++ vorr $iv2,$iv1,$iv1 ++ vorr $iv1,$iv0,$iv0 ++ fmov $ivl,$ivd40 ++ fmov $ivh,$ivd41 ++ veor $dat0,$iv0,$in0 ++ veor $dat1,$iv1,$in1 ++ veor $dat2,$in2,$iv2 ++ veor $dat3,$in3,$iv3 ++ veor $dat4,$in4,$iv4 ++ b.eq .Loop5x_xts_dec + -+ aese $dat0,q14 -+ aesmc $dat0,$dat0 -+ vld1.8 {$in0},[$inp],#16 -+ aese $dat1,q14 -+ aesmc $dat1,$dat1 -+ vld1.8 {$in1},[$inp],#16 -+ aese $dat2,q14 -+ aesmc $dat2,$dat2 -+ vld1.8 {$in2},[$inp],#16 -+ aese $dat3,q14 -+ aesmc $dat3,$dat3 -+ vld1.8 {$in3},[$inp],#16 -+ aese $dat4,q14 -+ aesmc $dat4,$dat4 -+ vld1.8 {$in4},[$inp],#16 ++.Loop5x_dec_after: ++ add $len,$len,#0x50 ++ cbz $len,.Lxts_done + -+ aese $dat0,q15 -+ veor $in0,$in0,$rndlast -+ aese $dat1,q15 -+ veor $in1,$in1,$rndlast -+ aese $dat2,q15 -+ veor $in2,$in2,$rndlast -+ aese $dat3,q15 -+ veor $in3,$in3,$rndlast -+ aese $dat4,q15 -+ veor $in4,$in4,$rndlast ++ add $rounds,$rounds0,#2 ++ subs $len,$len,#0x30 ++ b.lo .Lxts_inner_dec_tail + -+ veor $in0,$in0,$dat0 -+ vorr $dat0,$ivec,$ivec -+ veor $in1,$in1,$dat1 -+ vorr $dat1,$ivec,$ivec -+ veor $in2,$in2,$dat2 -+ vorr $dat2,$ivec,$ivec -+ veor $in3,$in3,$dat3 -+ vorr $dat3,$ivec,$ivec -+ veor $in4,$in4,$dat4 -+ vorr $dat4,$ivec,$ivec ++ veor $dat0,$iv0,$in2 ++ veor $dat1,$iv1,$in3 ++ veor $dat2,$in4,$iv2 ++ b .Lxts_outer_dec_tail + -+ vst1.8 {$in0},[$out],#16 -+ vmov.32 ${dat0}[3],$tctr0 -+ vst1.8 {$in1},[$out],#16 -+ vmov.32 ${dat1}[3],$tctr1 -+ vst1.8 {$in2},[$out],#16 -+ vmov.32 ${dat2}[3],$tctr2 -+ vst1.8 {$in3},[$out],#16 -+ vmov.32 ${dat3}[3],w13 -+ vst1.8 {$in4},[$out],#16 -+ vmov.32 ${dat4}[3],w14 ++.align 4 ++.Lxts_dec_tail4x: ++ add $inp,$inp,#16 ++ vld1.32 {$dat0},[$inp],#16 ++ veor $tmp1,$dat1,$tmp0 ++ vst1.8 {$tmp1},[$out],#16 ++ veor $tmp2,$dat2,$tmp2 ++ vst1.8 {$tmp2},[$out],#16 ++ veor $tmp3,$dat3,$tmp3 ++ veor $tmp4,$dat4,$tmp4 ++ vst1.8 {$tmp3-$tmp4},[$out],#32 + -+ mov $cnt,$rounds -+ cbz $len,.Lctr32_done ++ b .Lxts_done ++.align 4 ++.Lxts_outer_dec_tail: ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ vld1.32 {q8},[$key_],#16 ++ subs $rounds,$rounds,#2 ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Lxts_outer_dec_tail + -+ add $ctr,$ctr,#5 -+ subs $len,$len,#5 -+ b.hs .Loop5x_ctr32 ++ aesd $dat0,q8 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ veor $tmp0,$iv0,$rndlast ++ subs $len,$len,#0x30 ++ // The iv for first block ++ fmov $ivl,$ivd20 ++ fmov $ivh,$ivd21 ++ mov $constnum,#0x87 ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd00,$ivl ++ fmov $ivd01,$ivh ++ veor $tmp1,$iv1,$rndlast ++ csel $xoffset,$len,$xoffset,lo // x6, w6, is zero at this point ++ aesd $dat0,q9 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ veor $tmp2,$iv2,$rndlast ++ // The iv for second block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd10,$ivl ++ fmov $ivd11,$ivh + -+ add $len,$len,#5 -+ sub $ctr,$ctr,#5 ++ add $xoffset,$xoffset,#0x20 ++ add $inp,$inp,$xoffset // $inp is adjusted to the last data + -+ cmp $len,#2 -+ mov $step,#16 -+ cclr $step,lo -+ b.ls .Lctr32_tail ++ mov $key_,$key1 + -+ sub $len,$len,#3 // bias -+ add $ctr,$ctr,#3 ++ // The iv for third block ++ extr $midnumx,$ivh,$ivh,#32 ++ extr $ivh,$ivh,$ivl,#63 ++ and $tmpmw,$constnum,$midnum,asr #31 ++ eor $ivl,$tmpmx,$ivl,lsl #1 ++ fmov $ivd20,$ivl ++ fmov $ivd21,$ivh ++ ++ aesd $dat0,q12 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q12 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q12 ++ aesimc $dat2,$dat2 ++ aesd $dat0,q13 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q13 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q13 ++ aesimc $dat2,$dat2 ++ aesd $dat0,q14 ++ aesimc $dat0,$dat0 ++ aesd $dat1,q14 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q14 ++ aesimc $dat2,$dat2 ++ vld1.8 {$in2},[$inp],#16 ++ aesd $dat0,q15 ++ aesd $dat1,q15 ++ aesd $dat2,q15 ++ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] ++ add $rounds,$rounds0,#2 ++ veor $tmp0,$tmp0,$dat0 ++ veor $tmp1,$tmp1,$dat1 ++ veor $dat2,$dat2,$tmp2 ++ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] ++ vst1.8 {$tmp0},[$out],#16 ++ vst1.8 {$tmp1},[$out],#16 ++ vst1.8 {$dat2},[$out],#16 ++ ++ cmn $len,#0x30 ++ add $len,$len,#0x30 ++ b.eq .Lxts_done ++ sub $len,$len,#0x30 ++ vorr $in3,$in1,$in1 ++ vorr $in4,$in2,$in2 ++ nop ++ ++.Lxts_inner_dec_tail: ++ // $len == -0x10 means two blocks left. ++ cmn $len,#0x10 ++ veor $dat1,$in3,$iv0 ++ veor $dat2,$in4,$iv1 ++ b.eq .Lxts_dec_tail_loop ++ veor $dat2,$in4,$iv0 ++.Lxts_dec_tail_loop: ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ vld1.32 {q8},[$key_],#16 ++ subs $rounds,$rounds,#2 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ vld1.32 {q9},[$key_],#16 ++ b.gt .Lxts_dec_tail_loop ++ ++ aesd $dat1,q8 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q8 ++ aesimc $dat2,$dat2 ++ aesd $dat1,q9 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q9 ++ aesimc $dat2,$dat2 ++ aesd $dat1,q12 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q12 ++ aesimc $dat2,$dat2 ++ cmn $len,#0x20 ++ aesd $dat1,q13 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q13 ++ aesimc $dat2,$dat2 ++ veor $tmp1,$iv0,$rndlast ++ aesd $dat1,q14 ++ aesimc $dat1,$dat1 ++ aesd $dat2,q14 ++ aesimc $dat2,$dat2 ++ veor $tmp2,$iv1,$rndlast ++ aesd $dat1,q15 ++ aesd $dat2,q15 ++ b.eq .Lxts_dec_one ++ veor $tmp1,$tmp1,$dat1 ++ veor $tmp2,$tmp2,$dat2 ++ vorr $iv0,$iv2,$iv2 ++ vorr $iv1,$iv3,$iv3 ++ vst1.8 {$tmp1},[$out],#16 ++ vst1.8 {$tmp2},[$out],#16 ++ add $len,$len,#16 ++ b .Lxts_done ++ ++.Lxts_dec_one: ++ veor $tmp1,$tmp1,$dat2 ++ vorr $iv0,$iv1,$iv1 ++ vorr $iv1,$iv2,$iv2 ++ vst1.8 {$tmp1},[$out],#16 ++ add $len,$len,#32 ++ ++.Lxts_done: ++ tst $tailcnt,#0xf ++ b.eq .Lxts_dec_abort ++ // Processing the last two blocks with cipher stealing. ++ mov x7,x3 ++ cbnz x2,.Lxts_dec_1st_done ++ vld1.32 {$dat0},[$inp],#16 ++ ++ // Decrypt the last secod block to get the last plain text block ++.Lxts_dec_1st_done: ++ eor $tmpin,$dat0,$iv1 ++ ldr $rounds,[$key1,#240] ++ vld1.32 {$dat0},[$key1],#16 ++ sub $rounds,$rounds,#2 ++ vld1.32 {$dat1},[$key1],#16 ++.Loop_final_2nd_dec: ++ aesd $tmpin,$dat0 ++ aesimc $tmpin,$tmpin ++ vld1.32 {$dat0},[$key1],#16 // load key schedule... ++ subs $rounds,$rounds,#2 ++ aesd $tmpin,$dat1 ++ aesimc $tmpin,$tmpin ++ vld1.32 {$dat1},[$key1],#16 // load key schedule... ++ b.gt .Loop_final_2nd_dec ++ ++ aesd $tmpin,$dat0 ++ aesimc $tmpin,$tmpin ++ vld1.32 {$dat0},[$key1] ++ aesd $tmpin,$dat1 ++ veor $tmpin,$tmpin,$dat0 ++ veor $tmpin,$tmpin,$iv1 ++ vst1.8 {$tmpin},[$out] ++ ++ mov $tmpinp,$inp ++ add $tmpoutp,$out,#16 ++ ++ // Composite the tailcnt "16 byte not aligned block" into the last second plain blocks ++ // to get the last encrypted block. ++.composite_dec_loop: ++ subs $tailcnt,$tailcnt,#1 ++ ldrb $l2outp,[$out,$tailcnt] ++ ldrb $loutp,[$tmpinp,$tailcnt] ++ strb $l2outp,[$tmpoutp,$tailcnt] ++ strb $loutp,[$out,$tailcnt] ++ b.gt .composite_dec_loop ++.Lxts_dec_load_done: ++ vld1.8 {$tmpin},[$out] ++ veor $tmpin,$tmpin,$iv0 ++ ++ // Decrypt the composite block to get the last second plain text block ++ ldr $rounds,[$key_,#240] ++ vld1.8 {$dat},[$key_],#16 ++ sub $rounds,$rounds,#2 ++ vld1.8 {$dat1},[$key_],#16 ++.Loop_final_dec: ++ aesd $tmpin,$dat0 ++ aesimc $tmpin,$tmpin ++ vld1.32 {$dat0},[$key_],#16 // load key schedule... ++ subs $rounds,$rounds,#2 ++ aesd $tmpin,$dat1 ++ aesimc $tmpin,$tmpin ++ vld1.32 {$dat1},[$key_],#16 // load key schedule... ++ b.gt .Loop_final_dec ++ ++ aesd $tmpin,$dat0 ++ aesimc $tmpin,$tmpin ++ vld1.32 {$dat0},[$key_] ++ aesd $tmpin,$dat1 ++ veor $tmpin,$tmpin,$dat0 ++ veor $tmpin,$tmpin,$iv0 ++ vst1.8 {$tmpin},[$out] ++ ++.Lxts_dec_abort: ++ ldp $tailcnt,$midnumx,[sp,#48] ++ ldp $ivd10,$ivd20,[sp,#32] ++ ldp $ivd30,$ivd40,[sp,#16] ++ ldp $constnumx,$tmpinp,[sp],#64 ++ ++.Lxts_dec_final_abort: ++ ret ++.size ${prefix}_xts_decrypt,.-${prefix}_xts_decrypt +___ -+$code.=<<___; - b .Loop3x_ctr32 - - .align 4 -@@ -955,7 +1351,7 @@ if ($flavour =~ /64/) { ######## 64-bi ++} ++}}} + $code.=<<___; + #endif + ___ +@@ -963,7 +3615,7 @@ if ($flavour =~ /64/) { ######## 64-bi # since ARMv7 instructions are always encoded little-endian. # correct solution is to use .inst directive, but older # assemblers don't implement it:-( @@ -491,7 +2761,7 @@ diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/c $word&0xff,($word>>8)&0xff, ($word>>16)&0xff,($word>>24)&0xff, $mnemonic,$arg; -@@ -996,14 +1392,17 @@ if ($flavour =~ /64/) { ######## 64-bi +@@ -1004,14 +3656,17 @@ if ($flavour =~ /64/) { ######## 64-bi s/\],#[0-9]+/]!/o; s/[v]?(aes\w+)\s+([qv].*)/unaes($1,$2)/geo or @@ -511,9 +2781,9 @@ diff -up openssl-1.1.1c/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1c/c print $_,"\n"; } } -diff -up openssl-1.1.1c/crypto/aes/asm/vpaes-armv8.pl.arm-update openssl-1.1.1c/crypto/aes/asm/vpaes-armv8.pl ---- openssl-1.1.1c/crypto/aes/asm/vpaes-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/crypto/aes/asm/vpaes-armv8.pl 2019-11-20 11:36:22.389506155 +0100 +diff -up openssl-1.1.1i/crypto/aes/asm/vpaes-armv8.pl.arm-update openssl-1.1.1i/crypto/aes/asm/vpaes-armv8.pl +--- openssl-1.1.1i/crypto/aes/asm/vpaes-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/crypto/aes/asm/vpaes-armv8.pl 2020-12-09 10:37:38.405558929 +0100 @@ -30,6 +30,7 @@ # Denver(***) 16.6(**) 15.1/17.8(**) [8.80/9.93 ] # Apple A7(***) 22.7(**) 10.9/14.3 [8.45/10.0 ] @@ -522,9 +2792,9 @@ diff -up openssl-1.1.1c/crypto/aes/asm/vpaes-armv8.pl.arm-update openssl-1.1.1c/ # # (*) ECB denotes approximate result for parallelizable modes # such as CBC decrypt, CTR, etc.; -diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl ---- openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl 2019-11-21 16:44:50.814651553 +0100 +diff -up openssl-1.1.1i/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1.1i/crypto/chacha/asm/chacha-armv8.pl +--- openssl-1.1.1i/crypto/chacha/asm/chacha-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/crypto/chacha/asm/chacha-armv8.pl 2020-12-09 10:40:57.922288627 +0100 @@ -18,32 +18,44 @@ # # ChaCha20 for ARMv8. @@ -585,20 +2855,22 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 *STDOUT=*OUT; sub AUTOLOAD() # thunk [simplified] x86-style perlasm -@@ -120,41 +132,36 @@ my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1) +@@ -120,42 +132,37 @@ my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1) } $code.=<<___; -#include "arm_arch.h" +- +-.text +- +#ifndef __KERNEL__ +# include "arm_arch.h" -+.extern OPENSSL_armcap_P + .extern OPENSSL_armcap_P + .hidden OPENSSL_armcap_P +#endif ++ ++.text - .text - --.extern OPENSSL_armcap_P -- .align 5 .Lsigma: .quad 0x3320646e61707865,0x6b20657479622d32 // endian-neutral @@ -641,7 +2913,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 .Lshort: .inst 0xd503233f // paciasp -@@ -173,7 +180,7 @@ ChaCha20_ctr32: +@@ -174,7 +181,7 @@ ChaCha20_ctr32: ldp @d[2],@d[3],[$key] // load key ldp @d[4],@d[5],[$key,#16] ldp @d[6],@d[7],[$ctr] // load counter @@ -650,7 +2922,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 ror @d[2],@d[2],#32 ror @d[3],@d[3],#32 ror @d[4],@d[4],#32 -@@ -242,7 +249,7 @@ $code.=<<___; +@@ -243,7 +250,7 @@ $code.=<<___; add @x[14],@x[14],@x[15],lsl#32 ldp @x[13],@x[15],[$inp,#48] add $inp,$inp,#64 @@ -659,7 +2931,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 rev @x[0],@x[0] rev @x[2],@x[2] rev @x[4],@x[4] -@@ -299,7 +306,7 @@ $code.=<<___; +@@ -300,7 +307,7 @@ $code.=<<___; add @x[10],@x[10],@x[11],lsl#32 add @x[12],@x[12],@x[13],lsl#32 add @x[14],@x[14],@x[15],lsl#32 @@ -668,7 +2940,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 rev @x[0],@x[0] rev @x[2],@x[2] rev @x[4],@x[4] -@@ -340,46 +347,91 @@ $code.=<<___; +@@ -341,46 +348,91 @@ $code.=<<___; ___ {{{ @@ -789,7 +3061,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 .inst 0xd503233f // paciasp stp x29,x30,[sp,#-96]! add x29,sp,#0 -@@ -402,8 +454,9 @@ ChaCha20_neon: +@@ -403,8 +455,9 @@ ChaCha20_neon: ld1 {@K[1],@K[2]},[$key] ldp @d[6],@d[7],[$ctr] // load counter ld1 {@K[3]},[$ctr] @@ -801,7 +3073,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 rev64 @K[0],@K[0] ror @d[2],@d[2],#32 ror @d[3],@d[3],#32 -@@ -412,115 +465,129 @@ ChaCha20_neon: +@@ -413,115 +466,129 @@ ChaCha20_neon: ror @d[6],@d[6],#32 ror @d[7],@d[7],#32 #endif @@ -1013,7 +3285,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 rev @x[0],@x[0] rev @x[2],@x[2] rev @x[4],@x[4] -@@ -530,48 +597,68 @@ $code.=<<___; +@@ -531,48 +598,68 @@ $code.=<<___; rev @x[12],@x[12] rev @x[14],@x[14] #endif @@ -1106,7 +3378,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 ldp x19,x20,[x29,#16] add sp,sp,#64 ldp x21,x22,[x29,#32] -@@ -582,8 +669,10 @@ $code.=<<___; +@@ -583,8 +670,10 @@ $code.=<<___; .inst 0xd50323bf // autiasp ret @@ -1118,7 +3390,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 cmp $len,#64 b.lo .Less_than_64 -@@ -600,7 +689,7 @@ $code.=<<___; +@@ -601,7 +690,7 @@ $code.=<<___; add @x[14],@x[14],@x[15],lsl#32 ldp @x[13],@x[15],[$inp,#48] add $inp,$inp,#64 @@ -1127,7 +3399,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 rev @x[0],@x[0] rev @x[2],@x[2] rev @x[4],@x[4] -@@ -620,48 +709,68 @@ $code.=<<___; +@@ -621,48 +710,68 @@ $code.=<<___; eor @x[14],@x[14],@x[15] stp @x[0],@x[2],[$out,#0] // store output @@ -1220,7 +3492,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 sub $out,$out,#1 add $inp,$inp,$len add $out,$out,$len -@@ -694,9 +803,41 @@ $code.=<<___; +@@ -695,9 +804,41 @@ $code.=<<___; .size ChaCha20_neon,.-ChaCha20_neon ___ { @@ -1263,7 +3535,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 $code.=<<___; .type ChaCha20_512_neon,%function -@@ -716,6 +857,7 @@ ChaCha20_512_neon: +@@ -717,6 +858,7 @@ ChaCha20_512_neon: .L512_or_more_neon: sub sp,sp,#128+64 @@ -1271,7 +3543,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 ldp @d[0],@d[1],[@x[0]] // load sigma ld1 {@K[0]},[@x[0]],#16 ldp @d[2],@d[3],[$key] // load key -@@ -723,8 +865,9 @@ ChaCha20_512_neon: +@@ -724,8 +866,9 @@ ChaCha20_512_neon: ld1 {@K[1],@K[2]},[$key] ldp @d[6],@d[7],[$ctr] // load counter ld1 {@K[3]},[$ctr] @@ -1283,7 +3555,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 rev64 @K[0],@K[0] ror @d[2],@d[2],#32 ror @d[3],@d[3],#32 -@@ -791,9 +934,10 @@ ChaCha20_512_neon: +@@ -792,9 +935,10 @@ ChaCha20_512_neon: mov $C4,@K[2] stp @K[3],@K[4],[sp,#48] // off-load key block, variable part mov $C5,@K[2] @@ -1295,7 +3567,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 subs $len,$len,#512 .Loop_upper_neon: sub $ctr,$ctr,#1 -@@ -866,7 +1010,7 @@ $code.=<<___; +@@ -867,7 +1011,7 @@ $code.=<<___; add @x[14],@x[14],@x[15],lsl#32 ldp @x[13],@x[15],[$inp,#48] add $inp,$inp,#64 @@ -1304,7 +3576,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 rev @x[0],@x[0] rev @x[2],@x[2] rev @x[4],@x[4] -@@ -955,6 +1099,7 @@ $code.=<<___; +@@ -956,6 +1100,7 @@ $code.=<<___; add.32 @x[2],@x[2],@d[1] ldp @K[4],@K[5],[sp,#64] add @x[3],@x[3],@d[1],lsr#32 @@ -1312,7 +3584,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 add $A0,$A0,@K[0] add.32 @x[4],@x[4],@d[2] add $A1,$A1,@K[0] -@@ -1007,7 +1152,7 @@ $code.=<<___; +@@ -1008,7 +1153,7 @@ $code.=<<___; add $inp,$inp,#64 add $B5,$B5,@K[1] @@ -1321,7 +3593,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 rev @x[0],@x[0] rev @x[2],@x[2] rev @x[4],@x[4] -@@ -1085,26 +1230,26 @@ $code.=<<___; +@@ -1086,26 +1231,26 @@ $code.=<<___; b.hs .Loop_outer_512_neon adds $len,$len,#512 @@ -1356,7 +3628,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 eor @K[1],@K[1],@K[1] eor @K[2],@K[2],@K[2] eor @K[3],@K[3],@K[3] -@@ -1114,6 +1259,7 @@ $code.=<<___; +@@ -1115,6 +1260,7 @@ $code.=<<___; b .Loop_outer .Ldone_512_neon: @@ -1364,7 +3636,7 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 ldp x19,x20,[x29,#16] add sp,sp,#128+64 ldp x21,x22,[x29,#32] -@@ -1132,9 +1278,11 @@ foreach (split("\n",$code)) { +@@ -1133,9 +1279,11 @@ foreach (split("\n",$code)) { s/\`([^\`]*)\`/eval $1/geo; (s/\b([a-z]+)\.32\b/$1/ and (s/x([0-9]+)/w$1/g or 1)) or @@ -1377,9 +3649,9 @@ diff -up openssl-1.1.1c/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1 (s/\brev32\.16\b/rev32/ and (s/\.4s/\.8h/g or 1)); #s/\bq([0-9]+)#(lo|hi)/sprintf "d%d",2*$1+($2 eq "hi")/geo; -diff -up openssl-1.1.1c/crypto/modes/asm/ghashv8-armx.pl.arm-update openssl-1.1.1c/crypto/modes/asm/ghashv8-armx.pl ---- openssl-1.1.1c/crypto/modes/asm/ghashv8-armx.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/crypto/modes/asm/ghashv8-armx.pl 2019-11-20 11:36:22.389506155 +0100 +diff -up openssl-1.1.1i/crypto/modes/asm/ghashv8-armx.pl.arm-update openssl-1.1.1i/crypto/modes/asm/ghashv8-armx.pl +--- openssl-1.1.1i/crypto/modes/asm/ghashv8-armx.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/crypto/modes/asm/ghashv8-armx.pl 2020-12-09 10:37:38.408558954 +0100 @@ -42,6 +42,7 @@ # Denver 0.51 0.65 6.02 # Mongoose 0.65 1.10 8.06 @@ -1388,9 +3660,9 @@ diff -up openssl-1.1.1c/crypto/modes/asm/ghashv8-armx.pl.arm-update openssl-1.1. # # (*) presented for reference/comparison purposes; -diff -up openssl-1.1.1c/crypto/poly1305/asm/poly1305-armv8.pl.arm-update openssl-1.1.1c/crypto/poly1305/asm/poly1305-armv8.pl ---- openssl-1.1.1c/crypto/poly1305/asm/poly1305-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/crypto/poly1305/asm/poly1305-armv8.pl 2019-11-20 11:36:22.390506137 +0100 +diff -up openssl-1.1.1i/crypto/poly1305/asm/poly1305-armv8.pl.arm-update openssl-1.1.1i/crypto/poly1305/asm/poly1305-armv8.pl +--- openssl-1.1.1i/crypto/poly1305/asm/poly1305-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/crypto/poly1305/asm/poly1305-armv8.pl 2020-12-09 10:37:38.408558954 +0100 @@ -29,6 +29,7 @@ # X-Gene 2.13/+68% 2.27 # Mongoose 1.77/+75% 1.12 @@ -1399,9 +3671,9 @@ diff -up openssl-1.1.1c/crypto/poly1305/asm/poly1305-armv8.pl.arm-update openssl # # (*) estimate based on resources availability is less than 1.0, # i.e. measured result is worse than expected, presumably binary -diff -up openssl-1.1.1c/crypto/sha/asm/keccak1600-armv8.pl.arm-update openssl-1.1.1c/crypto/sha/asm/keccak1600-armv8.pl ---- openssl-1.1.1c/crypto/sha/asm/keccak1600-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/crypto/sha/asm/keccak1600-armv8.pl 2019-11-20 11:36:22.390506137 +0100 +diff -up openssl-1.1.1i/crypto/sha/asm/keccak1600-armv8.pl.arm-update openssl-1.1.1i/crypto/sha/asm/keccak1600-armv8.pl +--- openssl-1.1.1i/crypto/sha/asm/keccak1600-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/crypto/sha/asm/keccak1600-armv8.pl 2020-12-09 10:37:38.408558954 +0100 @@ -51,6 +51,7 @@ # Kryo 12 # Denver 7.8 @@ -1410,9 +3682,9 @@ diff -up openssl-1.1.1c/crypto/sha/asm/keccak1600-armv8.pl.arm-update openssl-1. # # (*) Corresponds to SHA3-256. No improvement coefficients are listed # because they vary too much from compiler to compiler. Newer -diff -up openssl-1.1.1c/crypto/sha/asm/sha1-armv8.pl.arm-update openssl-1.1.1c/crypto/sha/asm/sha1-armv8.pl ---- openssl-1.1.1c/crypto/sha/asm/sha1-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/crypto/sha/asm/sha1-armv8.pl 2019-11-20 11:36:22.390506137 +0100 +diff -up openssl-1.1.1i/crypto/sha/asm/sha1-armv8.pl.arm-update openssl-1.1.1i/crypto/sha/asm/sha1-armv8.pl +--- openssl-1.1.1i/crypto/sha/asm/sha1-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/crypto/sha/asm/sha1-armv8.pl 2020-12-09 10:37:38.408558954 +0100 @@ -27,6 +27,7 @@ # X-Gene 8.80 (+200%) # Mongoose 2.05 6.50 (+160%) @@ -1421,9 +3693,9 @@ diff -up openssl-1.1.1c/crypto/sha/asm/sha1-armv8.pl.arm-update openssl-1.1.1c/c # # (*) Software results are presented mostly for reference purposes. # (**) Keep in mind that Denver relies on binary translation, which -diff -up openssl-1.1.1c/crypto/sha/asm/sha512-armv8.pl.arm-update openssl-1.1.1c/crypto/sha/asm/sha512-armv8.pl ---- openssl-1.1.1c/crypto/sha/asm/sha512-armv8.pl.arm-update 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/crypto/sha/asm/sha512-armv8.pl 2019-11-20 11:36:22.390506137 +0100 +diff -up openssl-1.1.1i/crypto/sha/asm/sha512-armv8.pl.arm-update openssl-1.1.1i/crypto/sha/asm/sha512-armv8.pl +--- openssl-1.1.1i/crypto/sha/asm/sha512-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/crypto/sha/asm/sha512-armv8.pl 2020-12-09 10:37:38.408558954 +0100 @@ -28,6 +28,7 @@ # X-Gene 20.0 (+100%) 12.8 (+300%(***)) # Mongoose 2.36 13.0 (+50%) 8.36 (+33%) diff --git a/openssl-1.1.1-fips-post-rand.patch b/openssl-1.1.1-fips-post-rand.patch index 18a01fe..027dc55 100644 --- a/openssl-1.1.1-fips-post-rand.patch +++ b/openssl-1.1.1-fips-post-rand.patch @@ -1,6 +1,6 @@ -diff -up openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand openssl-1.1.1e/crypto/fips/fips.c ---- openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand 2020-03-17 18:06:16.822418854 +0100 -+++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 18:06:16.861418172 +0100 +diff -up openssl-1.1.1i/crypto/fips/fips.c.fips-post-rand openssl-1.1.1i/crypto/fips/fips.c +--- openssl-1.1.1i/crypto/fips/fips.c.fips-post-rand 2020-12-09 10:26:41.634106328 +0100 ++++ openssl-1.1.1i/crypto/fips/fips.c 2020-12-09 10:26:41.652106475 +0100 @@ -68,6 +68,7 @@ # include @@ -51,10 +51,10 @@ diff -up openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand openssl-1.1.1e/crypto/ ret = 1; goto end; } -diff -up openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1e/crypto/rand/drbg_lib.c ---- openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/rand/drbg_lib.c 2020-03-17 18:07:35.305045521 +0100 -@@ -1009,6 +1009,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg +diff -up openssl-1.1.1i/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1i/crypto/rand/drbg_lib.c +--- openssl-1.1.1i/crypto/rand/drbg_lib.c.fips-post-rand 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/crypto/rand/drbg_lib.c 2020-12-09 10:26:41.652106475 +0100 +@@ -1005,6 +1005,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg return min_entropy > min_entropylen ? min_entropy : min_entropylen; } @@ -75,9 +75,9 @@ diff -up openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1e/cry /* Implements the default OpenSSL RAND_add() method */ static int drbg_add(const void *buf, int num, double randomness) { -diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/crypto/rand/rand_unix.c ---- openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/rand/rand_unix.c 2020-03-17 18:09:01.503537189 +0100 +diff -up openssl-1.1.1i/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1i/crypto/rand/rand_unix.c +--- openssl-1.1.1i/crypto/rand/rand_unix.c.fips-post-rand 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/crypto/rand/rand_unix.c 2020-12-09 10:36:59.531221903 +0100 @@ -17,10 +17,12 @@ #include #include "rand_local.h" @@ -91,7 +91,7 @@ diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/cr # ifdef DEVRANDOM_WAIT # include # include -@@ -342,7 +344,7 @@ static ssize_t sysctl_random(char *buf, +@@ -344,7 +346,7 @@ static ssize_t sysctl_random(char *buf, * syscall_random(): Try to get random data using a system call * returns the number of bytes returned in buf, or < 0 on error. */ @@ -100,15 +100,15 @@ diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/cr { /* * Note: 'buflen' equals the size of the buffer which is used by the -@@ -364,6 +366,7 @@ static ssize_t syscall_random(void *buf, - * - Linux since 3.17 with glibc 2.25 - * - FreeBSD since 12.0 (1200061) +@@ -369,6 +371,7 @@ static ssize_t syscall_random(void *buf, + * Note: Sometimes getentropy() can be provided but not implemented + * internally. So we need to check errno for ENOSYS */ +# if 0 # if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux) extern int getentropy(void *buffer, size_t length) __attribute__((weak)); -@@ -385,10 +388,10 @@ static ssize_t syscall_random(void *buf, +@@ -394,10 +397,10 @@ static ssize_t syscall_random(void *buf, if (p_getentropy.p != NULL) return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1; # endif @@ -122,7 +122,7 @@ diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/cr # elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) return sysctl_random(buf, buflen); # else -@@ -623,6 +626,9 @@ size_t rand_pool_acquire_entropy(RAND_PO +@@ -633,6 +636,9 @@ size_t rand_pool_acquire_entropy(RAND_PO size_t entropy_available; # if defined(OPENSSL_RAND_SEED_GETRANDOM) @@ -132,7 +132,7 @@ diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/cr { size_t bytes_needed; unsigned char *buffer; -@@ -633,7 +639,7 @@ size_t rand_pool_acquire_entropy(RAND_PO +@@ -643,7 +649,7 @@ size_t rand_pool_acquire_entropy(RAND_PO bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); while (bytes_needed != 0 && attempts-- > 0) { buffer = rand_pool_add_begin(pool, bytes_needed); @@ -141,7 +141,7 @@ diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/cr if (bytes > 0) { rand_pool_add_end(pool, bytes, 8 * bytes); bytes_needed -= bytes; -@@ -668,8 +674,10 @@ size_t rand_pool_acquire_entropy(RAND_PO +@@ -678,8 +684,10 @@ size_t rand_pool_acquire_entropy(RAND_PO int attempts = 3; const int fd = get_random_device(i); @@ -153,7 +153,7 @@ diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/cr while (bytes_needed != 0 && attempts-- > 0) { buffer = rand_pool_add_begin(pool, bytes_needed); -@@ -732,7 +740,9 @@ size_t rand_pool_acquire_entropy(RAND_PO +@@ -742,7 +750,9 @@ size_t rand_pool_acquire_entropy(RAND_PO return entropy_available; } # endif @@ -164,9 +164,9 @@ diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/cr return rand_pool_entropy_available(pool); # endif } -diff -up openssl-1.1.1e/include/crypto/fips.h.fips-post-rand openssl-1.1.1e/include/crypto/fips.h ---- openssl-1.1.1e/include/crypto/fips.h.fips-post-rand 2020-03-17 18:06:16.831418696 +0100 -+++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 18:06:16.861418172 +0100 +diff -up openssl-1.1.1i/include/crypto/fips.h.fips-post-rand openssl-1.1.1i/include/crypto/fips.h +--- openssl-1.1.1i/include/crypto/fips.h.fips-post-rand 2020-12-09 10:26:41.639106369 +0100 ++++ openssl-1.1.1i/include/crypto/fips.h 2020-12-09 10:26:41.657106516 +0100 @@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void); int FIPS_selftest_drbg(void); int FIPS_selftest_cmac(void); @@ -176,9 +176,9 @@ diff -up openssl-1.1.1e/include/crypto/fips.h.fips-post-rand openssl-1.1.1e/incl int fips_pkey_signature_test(EVP_PKEY *pkey, const unsigned char *tbs, int tbslen, const unsigned char *kat, -diff -up openssl-1.1.1e/include/crypto/rand.h.fips-post-rand openssl-1.1.1e/include/crypto/rand.h ---- openssl-1.1.1e/include/crypto/rand.h.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/crypto/rand.h 2020-03-17 18:07:35.303045555 +0100 +diff -up openssl-1.1.1i/include/crypto/rand.h.fips-post-rand openssl-1.1.1i/include/crypto/rand.h +--- openssl-1.1.1i/include/crypto/rand.h.fips-post-rand 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/include/crypto/rand.h 2020-12-09 10:26:41.657106516 +0100 @@ -24,6 +24,7 @@ typedef struct rand_pool_st RAND_POOL; diff --git a/openssl-1.1.1-version-override.patch b/openssl-1.1.1-version-override.patch index ff69bdb..727cc26 100644 --- a/openssl-1.1.1-version-override.patch +++ b/openssl-1.1.1-version-override.patch @@ -1,12 +1,12 @@ -diff -up openssl-1.1.1g/include/openssl/opensslv.h.version-override openssl-1.1.1g/include/openssl/opensslv.h ---- openssl-1.1.1g/include/openssl/opensslv.h.version-override 2020-04-23 13:29:37.802673513 +0200 -+++ openssl-1.1.1g/include/openssl/opensslv.h 2020-04-23 13:30:13.064008458 +0200 +diff -up openssl-1.1.1i/include/openssl/opensslv.h.version-override openssl-1.1.1i/include/openssl/opensslv.h +--- openssl-1.1.1i/include/openssl/opensslv.h.version-override 2020-12-09 10:25:12.042374409 +0100 ++++ openssl-1.1.1i/include/openssl/opensslv.h 2020-12-09 10:26:00.362769170 +0100 @@ -40,7 +40,7 @@ extern "C" { * major minor fix final patch/beta) */ - # define OPENSSL_VERSION_NUMBER 0x1010108fL --# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h 22 Sep 2020" -+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h FIPS 22 Sep 2020" + # define OPENSSL_VERSION_NUMBER 0x1010109fL +-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1i 8 Dec 2020" ++# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1i FIPS 8 Dec 2020" /*- * The macros below are to be used for shared library (.so, .dll, ...) diff --git a/openssl.spec b/openssl.spec index 3f6403c..2e26e49 100644 --- a/openssl.spec +++ b/openssl.spec @@ -21,7 +21,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl -Version: 1.1.1h +Version: 1.1.1i Release: 1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source @@ -473,6 +473,9 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Wed Dec 9 2020 Tomáš Mráz 1.1.1i-1 +- Update to the 1.1.1i release fixing CVE-2020-1971 + * Mon Nov 9 2020 Sahana Prasad - 1.1.1h-1 - Upgrade to version 1.1.1.h diff --git a/sources b/sources index 2bae151..4c1e648 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-1.1.1h-hobbled.tar.xz) = 75e1d3f34f93462b97db92aa6538fd4f2f091ad717438e51d147508738be720d7d0bf4a9b1fda3a1943a4c13aae2a39da3add05f7da833b3c6de40a97bc97908 +SHA512 (openssl-1.1.1i-hobbled.tar.xz) = e131a05e88690a7be7c3d74cbb26620130498ced2ce3d7fd55979aab5ea736ec8b268ba92268bd5bc347989325a3950a066883007cb20c2dd9739fd1eafc513f From 6cc21a3e02081997228857a1db6909c6e29c7c6d Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Wed, 3 Feb 2021 20:19:33 +0000 Subject: [PATCH 05/41] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/openssl.git#d34c6392bf98cf355fca2f80538dcfdfd5c281f1 --- openssl.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/openssl.spec b/openssl.spec index 2e26e49..66cf8de 100644 --- a/openssl.spec +++ b/openssl.spec @@ -22,7 +22,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 1.1.1i -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -78,6 +78,7 @@ Patch56: openssl-1.1.1-s390x-ecc.patch License: OpenSSL and ASL 2.0 URL: http://www.openssl.org/ +BuildRequires: make BuildRequires: gcc BuildRequires: coreutils, perl-interpreter, sed, zlib-devel, /usr/bin/cmp BuildRequires: lksctp-tools-devel @@ -473,6 +474,9 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Tue Jan 26 2021 Fedora Release Engineering - 1:1.1.1i-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + * Wed Dec 9 2020 Tomáš Mráz 1.1.1i-1 - Update to the 1.1.1i release fixing CVE-2020-1971 From f731f488aca71a74fcfeb75ab6e8b723fb73571b Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Thu, 11 Feb 2021 17:09:01 +0000 Subject: [PATCH 06/41] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/openssl.git#fb8e66a58fb43344f23aefb4eaefe1b6ca04a80d --- openssl-1.1.1-verify-cert.patch | 113 ++++++++++++++++++++++++++++++++ openssl.spec | 9 ++- 2 files changed, 121 insertions(+), 1 deletion(-) create mode 100644 openssl-1.1.1-verify-cert.patch diff --git a/openssl-1.1.1-verify-cert.patch b/openssl-1.1.1-verify-cert.patch new file mode 100644 index 0000000..d3bafc3 --- /dev/null +++ b/openssl-1.1.1-verify-cert.patch @@ -0,0 +1,113 @@ +diff -up openssl-1.1.1i/crypto/x509/x509_vfy.c.verify-cert openssl-1.1.1i/crypto/x509/x509_vfy.c +--- openssl-1.1.1i/crypto/x509/x509_vfy.c.verify-cert 2021-01-20 17:24:53.100175663 +0100 ++++ openssl-1.1.1i/crypto/x509/x509_vfy.c 2021-01-20 17:24:53.156176315 +0100 +@@ -323,9 +323,10 @@ static int sk_X509_contains(STACK_OF(X50 + } + + /* +- * Find in given STACK_OF(X509) sk a non-expired issuer cert (if any) of given cert x. +- * The issuer must not be the same as x and must not yet be in ctx->chain, where the +- * exceptional case x is self-issued and ctx->chain has just one element is allowed. ++ * Find in given STACK_OF(X509) sk an issuer cert of given cert x. ++ * The issuer must not yet be in ctx->chain, where the exceptional case ++ * that x is self-issued and ctx->chain has just one element is allowed. ++ * Prefer the first one that is not expired, else take the last expired one. + */ + static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) + { +@@ -338,7 +339,7 @@ static X509 *find_issuer(X509_STORE_CTX + * Below check 'issuer != x' is an optimization and safety precaution: + * Candidate issuer cert cannot be the same as the subject cert 'x'. + */ +- if (issuer != x && ctx->check_issued(ctx, x, issuer) ++ if (ctx->check_issued(ctx, x, issuer) + && (((x->ex_flags & EXFLAG_SI) != 0 && sk_X509_num(ctx->chain) == 1) + || !sk_X509_contains(ctx->chain, issuer))) { + rv = issuer; + +diff -up openssl-1.1.1i/test/recipes/70-test_verify_extra.t.verify-cert openssl-1.1.1i/test/recipes/70-test_verify_extra.t +--- openssl-1.1.1i/test/recipes/70-test_verify_extra.t.verify-cert 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/test/recipes/70-test_verify_extra.t 2021-01-20 17:24:53.156176315 +0100 +@@ -16,4 +16,5 @@ plan tests => 1; + ok(run(test(["verify_extra_test", + srctop_file("test", "certs", "roots.pem"), + srctop_file("test", "certs", "untrusted.pem"), +- srctop_file("test", "certs", "bad.pem")]))); ++ srctop_file("test", "certs", "bad.pem"), ++ srctop_file("test", "certs", "rootCA.pem")]))); +diff -up openssl-1.1.1i/test/verify_extra_test.c.verify-cert openssl-1.1.1i/test/verify_extra_test.c +--- openssl-1.1.1i/test/verify_extra_test.c.verify-cert 2020-12-08 14:20:59.000000000 +0100 ++++ openssl-1.1.1i/test/verify_extra_test.c 2021-01-20 17:24:53.156176315 +0100 +@@ -18,6 +18,21 @@ + static const char *roots_f; + static const char *untrusted_f; + static const char *bad_f; ++static const char *good_f; ++ ++static X509 *load_cert_pem(const char *file) ++{ ++ X509 *cert = NULL; ++ BIO *bio = NULL; ++ ++ if (!TEST_ptr(bio = BIO_new(BIO_s_file()))) ++ return NULL; ++ if (TEST_int_gt(BIO_read_filename(bio, file), 0)) ++ (void)TEST_ptr(cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)); ++ ++ BIO_free(bio); ++ return cert; ++} + + static STACK_OF(X509) *load_certs_from_file(const char *filename) + { +@@ -175,16 +190,48 @@ static int test_store_ctx(void) + return testresult; + } + ++static int test_self_signed(const char *filename, int expected) ++{ ++ X509 *cert = load_cert_pem(filename); ++ STACK_OF(X509) *trusted = sk_X509_new_null(); ++ X509_STORE_CTX *ctx = X509_STORE_CTX_new(); ++ int ret; ++ ++ ret = TEST_ptr(cert) ++ && TEST_true(sk_X509_push(trusted, cert)) ++ && TEST_true(X509_STORE_CTX_init(ctx, NULL, cert, NULL)); ++ X509_STORE_CTX_trusted_stack(ctx, trusted); ++ ret = ret && TEST_int_eq(X509_verify_cert(ctx), expected); ++ ++ X509_STORE_CTX_free(ctx); ++ sk_X509_free(trusted); ++ X509_free(cert); ++ return ret; ++} ++ ++static int test_self_signed_good(void) ++{ ++ return test_self_signed(good_f, 1); ++} ++ ++static int test_self_signed_bad(void) ++{ ++ return test_self_signed(bad_f, 0); ++} ++ + int setup_tests(void) + { + if (!TEST_ptr(roots_f = test_get_argument(0)) + || !TEST_ptr(untrusted_f = test_get_argument(1)) +- || !TEST_ptr(bad_f = test_get_argument(2))) { +- TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem\n"); ++ || !TEST_ptr(bad_f = test_get_argument(2)) ++ || !TEST_ptr(good_f = test_get_argument(3))) { ++ TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem good.pem\n"); + return 0; + } + + ADD_TEST(test_alt_chains_cert_forgery); + ADD_TEST(test_store_ctx); ++ ADD_TEST(test_self_signed_good); ++ ADD_TEST(test_self_signed_bad); + return 1; + } diff --git a/openssl.spec b/openssl.spec index 66cf8de..0a09d29 100644 --- a/openssl.spec +++ b/openssl.spec @@ -22,7 +22,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 1.1.1i -Release: 2%{?dist} +Release: 3%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -44,6 +44,9 @@ Patch3: openssl-1.1.1-no-html.patch Patch4: openssl-1.1.1-man-rename.patch # Bug fixes Patch21: openssl-1.1.0-issuer-hash.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1916594 +Patch71: openssl-1.1.1-verify-cert.patch + # Functionality changes Patch31: openssl-1.1.1-conf-paths.patch Patch32: openssl-1.1.1-version-add-engines.patch @@ -186,6 +189,7 @@ cp %{SOURCE13} test/ %patch67 -p1 -b .kdf-selftest %patch69 -p1 -b .alpn-cb %patch70 -p1 -b .rewire-fips-drbg +%patch71 -p1 -b .verify-cert %build @@ -474,6 +478,9 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Wed Feb 10 2021 Sahana Prasad - 1:1.1.1i-3 +- Fix regression in X509_verify_cert() (bz1916594) + * Tue Jan 26 2021 Fedora Release Engineering - 1:1.1.1i-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild From efa5f39ef0b1638a42cc61de0c85301147ac28ef Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Thu, 11 Mar 2021 19:58:41 +0000 Subject: [PATCH 07/41] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/openssl.git#b023ffe39f798981219604746432376b15169c79 --- .gitignore | 1 + openssl-1.1.0-issuer-hash.patch | 11 - openssl-1.1.1-evp-kdf.patch | 262 ++++----- openssl-1.1.1-fips-dh.patch | 135 +++-- openssl-1.1.1-fips.patch | 826 +++++++++++++-------------- openssl-1.1.1-verify-cert.patch | 113 ---- openssl-1.1.1-version-override.patch | 6 +- openssl.spec | 14 +- sources | 2 +- 9 files changed, 611 insertions(+), 759 deletions(-) delete mode 100644 openssl-1.1.0-issuer-hash.patch delete mode 100644 openssl-1.1.1-verify-cert.patch diff --git a/.gitignore b/.gitignore index d1abce3..e3a11e6 100644 --- a/.gitignore +++ b/.gitignore @@ -50,3 +50,4 @@ openssl-1.0.0a-usa.tar.bz2 /openssl-1.1.1g-hobbled.tar.xz /openssl-1.1.1h-hobbled.tar.xz /openssl-1.1.1i-hobbled.tar.xz +/openssl-1.1.1j-hobbled.tar.xz diff --git a/openssl-1.1.0-issuer-hash.patch b/openssl-1.1.0-issuer-hash.patch deleted file mode 100644 index 1b824e0..0000000 --- a/openssl-1.1.0-issuer-hash.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -up openssl-1.1.0-pre5/crypto/x509/x509_cmp.c.issuer-hash openssl-1.1.0-pre5/crypto/x509/x509_cmp.c ---- openssl-1.1.0-pre5/crypto/x509/x509_cmp.c.issuer-hash 2016-07-18 15:16:32.788881100 +0200 -+++ openssl-1.1.0-pre5/crypto/x509/x509_cmp.c 2016-07-18 15:17:16.671871840 +0200 -@@ -87,6 +87,7 @@ unsigned long X509_issuer_and_serial_has - - if (ctx == NULL) - goto err; -+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); - f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0); - if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL)) - goto err; diff --git a/openssl-1.1.1-evp-kdf.patch b/openssl-1.1.1-evp-kdf.patch index f1d7618..6145753 100644 --- a/openssl-1.1.1-evp-kdf.patch +++ b/openssl-1.1.1-evp-kdf.patch @@ -1,7 +1,7 @@ -diff -up openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf openssl-1.1.1e/crypto/err/openssl.txt ---- openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/err/openssl.txt 2020-03-19 16:04:11.299063517 +0100 -@@ -747,6 +747,9 @@ EVP_F_EVP_DIGESTINIT_EX:128:EVP_DigestIn +diff -up openssl-1.1.1j/crypto/err/openssl.txt.evp-kdf openssl-1.1.1j/crypto/err/openssl.txt +--- openssl-1.1.1j/crypto/err/openssl.txt.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/err/openssl.txt 2021-03-03 14:10:13.729466935 +0100 +@@ -748,6 +748,9 @@ EVP_F_EVP_DIGESTINIT_EX:128:EVP_DigestIn EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex EVP_F_EVP_ENCRYPTUPDATE:167:EVP_EncryptUpdate @@ -11,7 +11,7 @@ diff -up openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf openssl-1.1.1e/crypto/err EVP_F_EVP_MD_CTX_COPY_EX:110:EVP_MD_CTX_copy_ex EVP_F_EVP_MD_SIZE:162:EVP_MD_size EVP_F_EVP_OPENINIT:102:EVP_OpenInit -@@ -809,12 +812,31 @@ EVP_F_PKCS5_PBE_KEYIVGEN:117:PKCS5_PBE_k +@@ -810,12 +813,31 @@ EVP_F_PKCS5_PBE_KEYIVGEN:117:PKCS5_PBE_k EVP_F_PKCS5_V2_PBE_KEYIVGEN:118:PKCS5_v2_PBE_keyivgen EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN:164:PKCS5_v2_PBKDF2_keyivgen EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN:180:PKCS5_v2_scrypt_keyivgen @@ -43,7 +43,7 @@ diff -up openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf openssl-1.1.1e/crypto/err KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive KDF_F_PKEY_HKDF_INIT:108:pkey_hkdf_init -@@ -826,6 +848,7 @@ KDF_F_PKEY_SCRYPT_SET_MEMBUF:107:pkey_sc +@@ -827,6 +849,7 @@ KDF_F_PKEY_SCRYPT_SET_MEMBUF:107:pkey_sc KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tls1_prf_ctrl_str KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init @@ -51,15 +51,15 @@ diff -up openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf openssl-1.1.1e/crypto/err KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid -@@ -2277,6 +2300,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only on - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\ +@@ -2284,6 +2307,7 @@ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_K operation not supported for this keytype EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized + EVP_R_OUTPUT_WOULD_OVERFLOW:184:output would overflow +EVP_R_PARAMETER_TOO_LARGE:187:parameter too large EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers EVP_R_PBKDF2_ERROR:181:pbkdf2 error EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\ -@@ -2313,6 +2337,7 @@ KDF_R_MISSING_SEED:106:missing seed +@@ -2320,6 +2344,7 @@ KDF_R_MISSING_SEED:106:missing seed KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type KDF_R_VALUE_ERROR:108:value error KDF_R_VALUE_MISSING:102:value missing @@ -67,9 +67,9 @@ diff -up openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf openssl-1.1.1e/crypto/err OBJ_R_OID_EXISTS:102:oid exists OBJ_R_UNKNOWN_NID:101:unknown nid OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error -diff -up openssl-1.1.1e/crypto/evp/build.info.evp-kdf openssl-1.1.1e/crypto/evp/build.info ---- openssl-1.1.1e/crypto/evp/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/build.info 2020-03-19 16:04:11.300063500 +0100 +diff -up openssl-1.1.1j/crypto/evp/build.info.evp-kdf openssl-1.1.1j/crypto/evp/build.info +--- openssl-1.1.1j/crypto/evp/build.info.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/build.info 2021-03-03 14:08:02.490294839 +0100 @@ -9,7 +9,8 @@ SOURCE[../../libcrypto]=\ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ @@ -80,9 +80,9 @@ diff -up openssl-1.1.1e/crypto/evp/build.info.evp-kdf openssl-1.1.1e/crypto/evp/ e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \ e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \ e_chacha20_poly1305.c cmeth_lib.c -diff -up openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c ---- openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf 2020-03-19 16:04:11.300063500 +0100 -+++ openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c 2020-03-19 16:16:46.497967633 +0100 +diff -up openssl-1.1.1j/crypto/evp/e_chacha20_poly1305.c.evp-kdf openssl-1.1.1j/crypto/evp/e_chacha20_poly1305.c +--- openssl-1.1.1j/crypto/evp/e_chacha20_poly1305.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/e_chacha20_poly1305.c 2021-03-03 14:08:02.490294839 +0100 @@ -14,9 +14,9 @@ # include @@ -94,9 +94,9 @@ diff -up openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf openssl-1.1.1e/ typedef struct { union { -diff -up openssl-1.1.1e/crypto/evp/encode.c.evp-kdf openssl-1.1.1e/crypto/evp/encode.c ---- openssl-1.1.1e/crypto/evp/encode.c.evp-kdf 2020-03-19 16:04:11.301063483 +0100 -+++ openssl-1.1.1e/crypto/evp/encode.c 2020-03-19 16:14:13.147628683 +0100 +diff -up openssl-1.1.1j/crypto/evp/encode.c.evp-kdf openssl-1.1.1j/crypto/evp/encode.c +--- openssl-1.1.1j/crypto/evp/encode.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/encode.c 2021-03-03 14:08:02.491294847 +0100 @@ -11,8 +11,8 @@ #include #include "internal/cryptlib.h" @@ -107,9 +107,9 @@ diff -up openssl-1.1.1e/crypto/evp/encode.c.evp-kdf openssl-1.1.1e/crypto/evp/en static unsigned char conv_ascii2bin(unsigned char a, const unsigned char *table); -diff -up openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1e/crypto/evp/evp_err.c ---- openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf 2020-03-19 16:04:11.218064919 +0100 -+++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-19 16:04:11.302063465 +0100 +diff -up openssl-1.1.1j/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1j/crypto/evp/evp_err.c +--- openssl-1.1.1j/crypto/evp/evp_err.c.evp-kdf 2021-03-03 14:08:02.469294651 +0100 ++++ openssl-1.1.1j/crypto/evp/evp_err.c 2021-03-03 14:12:08.272351600 +0100 @@ -60,6 +60,9 @@ static const ERR_STRING_DATA EVP_str_fun {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, 0), "EVP_EncryptFinal_ex"}, @@ -135,18 +135,18 @@ diff -up openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1e/crypto/evp/e {ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"}, {0, NULL} }; -@@ -241,6 +246,8 @@ static const ERR_STRING_DATA EVP_str_rea - "operation not supported for this keytype"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED), +@@ -243,6 +248,8 @@ static const ERR_STRING_DATA EVP_str_rea "operaton not initialized"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OUTPUT_WOULD_OVERFLOW), + "output would overflow"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARAMETER_TOO_LARGE), + "parameter too large"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING), "partially overlapping buffers"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"}, -diff -up openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf openssl-1.1.1e/crypto/evp/evp_local.h ---- openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf 2020-03-19 16:04:10.657074629 +0100 -+++ openssl-1.1.1e/crypto/evp/evp_local.h 2020-03-19 16:04:20.722900404 +0100 +diff -up openssl-1.1.1j/crypto/evp/evp_local.h.evp-kdf openssl-1.1.1j/crypto/evp/evp_local.h +--- openssl-1.1.1j/crypto/evp/evp_local.h.evp-kdf 2021-03-03 14:08:02.362293695 +0100 ++++ openssl-1.1.1j/crypto/evp/evp_local.h 2021-03-03 14:08:02.491294847 +0100 @@ -41,6 +41,11 @@ struct evp_cipher_ctx_st { unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */ } /* EVP_CIPHER_CTX */ ; @@ -159,9 +159,9 @@ diff -up openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf openssl-1.1.1e/crypto/evp int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, -diff -up openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf openssl-1.1.1e/crypto/evp/evp_pbe.c ---- openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf 2020-03-19 16:04:20.723900386 +0100 -+++ openssl-1.1.1e/crypto/evp/evp_pbe.c 2020-03-19 16:11:56.425001210 +0100 +diff -up openssl-1.1.1j/crypto/evp/evp_pbe.c.evp-kdf openssl-1.1.1j/crypto/evp/evp_pbe.c +--- openssl-1.1.1j/crypto/evp/evp_pbe.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/evp_pbe.c 2021-03-03 14:08:02.491294847 +0100 @@ -12,6 +12,7 @@ #include #include @@ -170,9 +170,9 @@ diff -up openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf openssl-1.1.1e/crypto/evp/e #include "evp_local.h" /* Password based encryption (PBE) functions */ -diff -up openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1e/crypto/evp/kdf_lib.c ---- openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf 2020-03-19 16:04:20.723900386 +0100 -+++ openssl-1.1.1e/crypto/evp/kdf_lib.c 2020-03-19 16:04:20.723900386 +0100 +diff -up openssl-1.1.1j/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1j/crypto/evp/kdf_lib.c +--- openssl-1.1.1j/crypto/evp/kdf_lib.c.evp-kdf 2021-03-03 14:08:02.491294847 +0100 ++++ openssl-1.1.1j/crypto/evp/kdf_lib.c 2021-03-03 14:08:02.491294847 +0100 @@ -0,0 +1,165 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -339,9 +339,9 @@ diff -up openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1e/crypto/evp/k + return ctx->kmeth->derive(ctx->impl, key, keylen); +} + -diff -up openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1e/crypto/evp/p5_crpt2.c ---- openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/p5_crpt2.c 2020-03-19 16:17:48.822886126 +0100 +diff -up openssl-1.1.1j/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1j/crypto/evp/p5_crpt2.c +--- openssl-1.1.1j/crypto/evp/p5_crpt2.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/p5_crpt2.c 2021-03-03 14:08:02.491294847 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. @@ -490,9 +490,9 @@ diff -up openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1e/crypto/evp/ } int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, -diff -up openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1e/crypto/evp/pbe_scrypt.c ---- openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/pbe_scrypt.c 2020-03-19 16:04:20.725900352 +0100 +diff -up openssl-1.1.1j/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1j/crypto/evp/pbe_scrypt.c +--- openssl-1.1.1j/crypto/evp/pbe_scrypt.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/pbe_scrypt.c 2021-03-03 14:08:02.491294847 +0100 @@ -7,135 +7,12 @@ * https://www.openssl.org/source/license.html */ @@ -763,9 +763,9 @@ diff -up openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1e/crypto/ev } + #endif -diff -up openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1e/crypto/evp/pkey_kdf.c ---- openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf 2020-03-19 16:04:20.726900334 +0100 -+++ openssl-1.1.1e/crypto/evp/pkey_kdf.c 2020-03-19 16:04:20.725900352 +0100 +diff -up openssl-1.1.1j/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1j/crypto/evp/pkey_kdf.c +--- openssl-1.1.1j/crypto/evp/pkey_kdf.c.evp-kdf 2021-03-03 14:08:02.491294847 +0100 ++++ openssl-1.1.1j/crypto/evp/pkey_kdf.c 2021-03-03 14:08:02.491294847 +0100 @@ -0,0 +1,255 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -1022,17 +1022,17 @@ diff -up openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1e/crypto/evp/ + pkey_kdf_ctrl_str +}; + -diff -up openssl-1.1.1e/crypto/kdf/build.info.evp-kdf openssl-1.1.1e/crypto/kdf/build.info ---- openssl-1.1.1e/crypto/kdf/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/kdf/build.info 2020-03-19 16:04:32.347699194 +0100 +diff -up openssl-1.1.1j/crypto/kdf/build.info.evp-kdf openssl-1.1.1j/crypto/kdf/build.info +--- openssl-1.1.1j/crypto/kdf/build.info.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/kdf/build.info 2021-03-03 14:08:02.491294847 +0100 @@ -1,3 +1,3 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=\ - tls1_prf.c kdf_err.c hkdf.c scrypt.c + tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c -diff -up openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1e/crypto/kdf/hkdf.c ---- openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/kdf/hkdf.c 2020-03-19 16:06:59.757147720 +0100 +diff -up openssl-1.1.1j/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1j/crypto/kdf/hkdf.c +--- openssl-1.1.1j/crypto/kdf/hkdf.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/kdf/hkdf.c 2021-03-03 14:08:02.492294856 +0100 @@ -8,32 +8,33 @@ */ @@ -1498,9 +1498,9 @@ diff -up openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1e/crypto/kdf/hkdf err: OPENSSL_cleanse(prev, sizeof(prev)); -diff -up openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_err.c ---- openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/kdf/kdf_err.c 2020-03-19 16:04:32.349699159 +0100 +diff -up openssl-1.1.1j/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1j/crypto/kdf/kdf_err.c +--- openssl-1.1.1j/crypto/kdf/kdf_err.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/kdf/kdf_err.c 2021-03-03 14:08:02.492294856 +0100 @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT @@ -1556,9 +1556,9 @@ diff -up openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1e/crypto/kdf/k {0, NULL} }; -diff -up openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_local.h ---- openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf 2020-03-19 16:04:32.349699159 +0100 -+++ openssl-1.1.1e/crypto/kdf/kdf_local.h 2020-03-19 16:04:32.349699159 +0100 +diff -up openssl-1.1.1j/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1j/crypto/kdf/kdf_local.h +--- openssl-1.1.1j/crypto/kdf/kdf_local.h.evp-kdf 2021-03-03 14:08:02.492294856 +0100 ++++ openssl-1.1.1j/crypto/kdf/kdf_local.h 2021-03-03 14:08:02.492294856 +0100 @@ -0,0 +1,22 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -1582,9 +1582,9 @@ diff -up openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1e/crypto/kdf + int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), + int cmd, const char *md_name); + -diff -up openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_util.c ---- openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf 2020-03-19 16:04:32.350699142 +0100 -+++ openssl-1.1.1e/crypto/kdf/kdf_util.c 2020-03-19 16:04:32.350699142 +0100 +diff -up openssl-1.1.1j/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1j/crypto/kdf/kdf_util.c +--- openssl-1.1.1j/crypto/kdf/kdf_util.c.evp-kdf 2021-03-03 14:08:02.492294856 +0100 ++++ openssl-1.1.1j/crypto/kdf/kdf_util.c 2021-03-03 14:08:02.492294856 +0100 @@ -0,0 +1,73 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -1659,9 +1659,9 @@ diff -up openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1e/crypto/kdf/ + return call_ctrl(ctrl, impl, cmd, md); +} + -diff -up openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1e/crypto/kdf/pbkdf2.c ---- openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf 2020-03-19 16:04:32.374698727 +0100 -+++ openssl-1.1.1e/crypto/kdf/pbkdf2.c 2020-03-19 16:04:32.374698727 +0100 +diff -up openssl-1.1.1j/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1j/crypto/kdf/pbkdf2.c +--- openssl-1.1.1j/crypto/kdf/pbkdf2.c.evp-kdf 2021-03-03 14:08:02.492294856 +0100 ++++ openssl-1.1.1j/crypto/kdf/pbkdf2.c 2021-03-03 14:08:02.492294856 +0100 @@ -0,0 +1,264 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -1927,9 +1927,9 @@ diff -up openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1e/crypto/kdf/pb + HMAC_CTX_free(hctx_tpl); + return ret; +} -diff -up openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1e/crypto/kdf/scrypt.c ---- openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/kdf/scrypt.c 2020-03-19 16:11:06.215872475 +0100 +diff -up openssl-1.1.1j/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1j/crypto/kdf/scrypt.c +--- openssl-1.1.1j/crypto/kdf/scrypt.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/kdf/scrypt.c 2021-03-03 14:08:02.492294856 +0100 @@ -8,25 +8,35 @@ */ @@ -2517,9 +2517,9 @@ diff -up openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1e/crypto/kdf/sc +} #endif -diff -up openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1e/crypto/kdf/tls1_prf.c ---- openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/kdf/tls1_prf.c 2020-03-19 16:10:32.317460707 +0100 +diff -up openssl-1.1.1j/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1j/crypto/kdf/tls1_prf.c +--- openssl-1.1.1j/crypto/kdf/tls1_prf.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/kdf/tls1_prf.c 2021-03-03 14:08:02.492294856 +0100 @@ -8,11 +8,15 @@ */ @@ -2802,9 +2802,9 @@ diff -up openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1e/crypto/kdf/ OPENSSL_clear_free(tmp, olen); return 0; } -diff -up openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod ---- openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf 2020-03-19 16:04:32.377698675 +0100 -+++ openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod 2020-03-19 16:04:32.377698675 +0100 +diff -up openssl-1.1.1j/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1j/doc/man3/EVP_KDF_CTX.pod +--- openssl-1.1.1j/doc/man3/EVP_KDF_CTX.pod.evp-kdf 2021-03-03 14:08:02.492294856 +0100 ++++ openssl-1.1.1j/doc/man3/EVP_KDF_CTX.pod 2021-03-03 14:08:02.492294856 +0100 @@ -0,0 +1,217 @@ +=pod + @@ -3023,9 +3023,9 @@ diff -up openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1e/doc/man3 +L. + +=cut -diff -up openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod ---- openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf 2020-03-19 16:04:32.377698675 +0100 -+++ openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod 2020-03-19 16:04:32.377698675 +0100 +diff -up openssl-1.1.1j/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1j/doc/man7/EVP_KDF_HKDF.pod +--- openssl-1.1.1j/doc/man7/EVP_KDF_HKDF.pod.evp-kdf 2021-03-03 14:08:02.493294865 +0100 ++++ openssl-1.1.1j/doc/man7/EVP_KDF_HKDF.pod 2021-03-03 14:08:02.493294865 +0100 @@ -0,0 +1,180 @@ +=pod + @@ -3207,9 +3207,9 @@ diff -up openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1e/doc/man +L. + +=cut -diff -up openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod ---- openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 -+++ openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod 2020-03-19 16:04:32.378698658 +0100 +diff -up openssl-1.1.1j/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1j/doc/man7/EVP_KDF_PBKDF2.pod +--- openssl-1.1.1j/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf 2021-03-03 14:08:02.493294865 +0100 ++++ openssl-1.1.1j/doc/man7/EVP_KDF_PBKDF2.pod 2021-03-03 14:08:02.493294865 +0100 @@ -0,0 +1,78 @@ +=pod + @@ -3289,9 +3289,9 @@ diff -up openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1e/doc/m +L. + +=cut -diff -up openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod ---- openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 -+++ openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod 2020-03-19 16:04:32.378698658 +0100 +diff -up openssl-1.1.1j/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1j/doc/man7/EVP_KDF_SCRYPT.pod +--- openssl-1.1.1j/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf 2021-03-03 14:08:02.493294865 +0100 ++++ openssl-1.1.1j/doc/man7/EVP_KDF_SCRYPT.pod 2021-03-03 14:08:02.493294865 +0100 @@ -0,0 +1,149 @@ +=pod + @@ -3442,9 +3442,9 @@ diff -up openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1e/doc/m +L. + +=cut -diff -up openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod ---- openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 -+++ openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod 2020-03-19 16:04:32.378698658 +0100 +diff -up openssl-1.1.1j/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1j/doc/man7/EVP_KDF_TLS1_PRF.pod +--- openssl-1.1.1j/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf 2021-03-03 14:08:02.493294865 +0100 ++++ openssl-1.1.1j/doc/man7/EVP_KDF_TLS1_PRF.pod 2021-03-03 14:08:02.493294865 +0100 @@ -0,0 +1,142 @@ +=pod + @@ -3588,9 +3588,9 @@ diff -up openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1e/doc +L. + +=cut -diff -up openssl-1.1.1e/include/crypto/evp.h.evp-kdf openssl-1.1.1e/include/crypto/evp.h ---- openssl-1.1.1e/include/crypto/evp.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/crypto/evp.h 2020-03-19 16:04:32.347699194 +0100 +diff -up openssl-1.1.1j/include/crypto/evp.h.evp-kdf openssl-1.1.1j/include/crypto/evp.h +--- openssl-1.1.1j/include/crypto/evp.h.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/crypto/evp.h 2021-03-03 14:08:02.493294865 +0100 @@ -112,6 +112,24 @@ extern const EVP_PKEY_METHOD hkdf_pkey_m extern const EVP_PKEY_METHOD poly1305_pkey_meth; extern const EVP_PKEY_METHOD siphash_pkey_meth; @@ -3616,10 +3616,10 @@ diff -up openssl-1.1.1e/include/crypto/evp.h.evp-kdf openssl-1.1.1e/include/cryp struct evp_md_st { int type; int pkey_type; -diff -up openssl-1.1.1e/include/openssl/evperr.h.evp-kdf openssl-1.1.1e/include/openssl/evperr.h ---- openssl-1.1.1e/include/openssl/evperr.h.evp-kdf 2020-03-19 16:04:11.250064365 +0100 -+++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-19 16:04:32.379698640 +0100 -@@ -58,6 +58,9 @@ int ERR_load_EVP_strings(void); +diff -up openssl-1.1.1j/include/openssl/evperr.h.evp-kdf openssl-1.1.1j/include/openssl/evperr.h +--- openssl-1.1.1j/include/openssl/evperr.h.evp-kdf 2021-03-03 14:08:02.477294722 +0100 ++++ openssl-1.1.1j/include/openssl/evperr.h 2021-03-03 14:13:37.587003722 +0100 +@@ -56,6 +56,9 @@ int ERR_load_EVP_strings(void); # define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 219 # define EVP_F_EVP_ENCRYPTFINAL_EX 127 # define EVP_F_EVP_ENCRYPTUPDATE 167 @@ -3629,7 +3629,7 @@ diff -up openssl-1.1.1e/include/openssl/evperr.h.evp-kdf openssl-1.1.1e/include/ # define EVP_F_EVP_MD_CTX_COPY_EX 110 # define EVP_F_EVP_MD_SIZE 162 # define EVP_F_EVP_OPENINIT 102 -@@ -120,11 +123,13 @@ int ERR_load_EVP_strings(void); +@@ -118,11 +121,13 @@ int ERR_load_EVP_strings(void); # define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 # define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164 # define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 180 @@ -3643,17 +3643,17 @@ diff -up openssl-1.1.1e/include/openssl/evperr.h.evp-kdf openssl-1.1.1e/include/ # define EVP_F_UPDATE 173 /* -@@ -181,6 +186,7 @@ int ERR_load_EVP_strings(void); +@@ -179,6 +184,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_ONLY_ONESHOT_SUPPORTED 177 # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 # define EVP_R_OPERATON_NOT_INITIALIZED 151 +# define EVP_R_PARAMETER_TOO_LARGE 187 + # define EVP_R_OUTPUT_WOULD_OVERFLOW 184 # define EVP_R_PARTIALLY_OVERLAPPING 162 # define EVP_R_PBKDF2_ERROR 181 - # define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179 -diff -up openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf openssl-1.1.1e/include/openssl/kdferr.h ---- openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/kdferr.h 2020-03-19 16:04:32.379698640 +0100 +diff -up openssl-1.1.1j/include/openssl/kdferr.h.evp-kdf openssl-1.1.1j/include/openssl/kdferr.h +--- openssl-1.1.1j/include/openssl/kdferr.h.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/kdferr.h 2021-03-03 14:08:02.493294865 +0100 @@ -23,6 +23,23 @@ int ERR_load_KDF_strings(void); /* * KDF function codes. @@ -3693,9 +3693,9 @@ diff -up openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf openssl-1.1.1e/include/ +# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112 #endif -diff -up openssl-1.1.1e/include/openssl/kdf.h.evp-kdf openssl-1.1.1e/include/openssl/kdf.h ---- openssl-1.1.1e/include/openssl/kdf.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/kdf.h 2020-03-19 16:04:32.380698623 +0100 +diff -up openssl-1.1.1j/include/openssl/kdf.h.evp-kdf openssl-1.1.1j/include/openssl/kdf.h +--- openssl-1.1.1j/include/openssl/kdf.h.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/kdf.h 2021-03-03 14:08:02.493294865 +0100 @@ -10,10 +10,50 @@ #ifndef HEADER_KDF_H # define HEADER_KDF_H @@ -3774,9 +3774,9 @@ diff -up openssl-1.1.1e/include/openssl/kdf.h.evp-kdf openssl-1.1.1e/include/ope } # endif #endif -diff -up openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1e/include/openssl/ossl_typ.h ---- openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/ossl_typ.h 2020-03-19 16:04:32.381698606 +0100 +diff -up openssl-1.1.1j/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1j/include/openssl/ossl_typ.h +--- openssl-1.1.1j/include/openssl/ossl_typ.h.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/ossl_typ.h 2021-03-03 14:08:02.493294865 +0100 @@ -97,6 +97,8 @@ typedef struct evp_pkey_asn1_method_st E typedef struct evp_pkey_method_st EVP_PKEY_METHOD; typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; @@ -3786,9 +3786,9 @@ diff -up openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1e/includ typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX; typedef struct hmac_ctx_st HMAC_CTX; -diff -up openssl-1.1.1e/test/build.info.evp-kdf openssl-1.1.1e/test/build.info ---- openssl-1.1.1e/test/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/test/build.info 2020-03-19 16:04:32.381698606 +0100 +diff -up openssl-1.1.1j/test/build.info.evp-kdf openssl-1.1.1j/test/build.info +--- openssl-1.1.1j/test/build.info.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/test/build.info 2021-03-03 14:08:02.493294865 +0100 @@ -44,7 +44,8 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \ bio_callback_test bio_memleak_test \ @@ -3810,9 +3810,9 @@ diff -up openssl-1.1.1e/test/build.info.evp-kdf openssl-1.1.1e/test/build.info SOURCE[x509_time_test]=x509_time_test.c INCLUDE[x509_time_test]=../include DEPEND[x509_time_test]=../libcrypto libtestutil.a -diff -up openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf openssl-1.1.1e/test/evp_kdf_test.c ---- openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf 2020-03-19 16:04:32.382698588 +0100 -+++ openssl-1.1.1e/test/evp_kdf_test.c 2020-03-19 16:04:32.382698588 +0100 +diff -up openssl-1.1.1j/test/evp_kdf_test.c.evp-kdf openssl-1.1.1j/test/evp_kdf_test.c +--- openssl-1.1.1j/test/evp_kdf_test.c.evp-kdf 2021-03-03 14:08:02.494294874 +0100 ++++ openssl-1.1.1j/test/evp_kdf_test.c 2021-03-03 14:08:02.494294874 +0100 @@ -0,0 +1,237 @@ +/* + * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. @@ -4051,9 +4051,9 @@ diff -up openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf openssl-1.1.1e/test/evp_kdf_ +#endif + return 1; +} -diff -up openssl-1.1.1e/test/evp_test.c.evp-kdf openssl-1.1.1e/test/evp_test.c ---- openssl-1.1.1e/test/evp_test.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/test/evp_test.c 2020-03-19 16:04:32.383698571 +0100 +diff -up openssl-1.1.1j/test/evp_test.c.evp-kdf openssl-1.1.1j/test/evp_test.c +--- openssl-1.1.1j/test/evp_test.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/test/evp_test.c 2021-03-03 14:08:02.494294874 +0100 @@ -1705,13 +1705,14 @@ static const EVP_TEST_METHOD encode_test encode_test_run, }; @@ -4265,9 +4265,9 @@ diff -up openssl-1.1.1e/test/evp_test.c.evp-kdf openssl-1.1.1e/test/evp_test.c &keypair_test_method, &keygen_test_method, &mac_test_method, -diff -up openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1e/test/pkey_meth_kdf_test.c ---- openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/test/pkey_meth_kdf_test.c 2020-03-19 16:04:32.386698519 +0100 +diff -up openssl-1.1.1j/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1j/test/pkey_meth_kdf_test.c +--- openssl-1.1.1j/test/pkey_meth_kdf_test.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/test/pkey_meth_kdf_test.c 2021-03-03 14:08:02.494294874 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. @@ -4471,9 +4471,9 @@ diff -up openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1e/test/pk } #endif -diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt ---- openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt 2020-03-19 16:04:32.388698484 +0100 +diff -up openssl-1.1.1j/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl-1.1.1j/test/recipes/30-test_evp_data/evpkdf.txt +--- openssl-1.1.1j/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/test/recipes/30-test_evp_data/evpkdf.txt 2021-03-03 14:08:02.494294874 +0100 @@ -1,5 +1,5 @@ # -# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. @@ -4872,9 +4872,9 @@ diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl +Ctrl.digest = digest:sha512 +Output = 00ef42cdbfc98d29db20976608e455567fdddf14 + -diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt ---- openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf 2020-03-19 16:04:32.389698467 +0100 -+++ openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt 2020-03-19 16:04:32.389698467 +0100 +diff -up openssl-1.1.1j/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf openssl-1.1.1j/test/recipes/30-test_evp_data/evppkey_kdf.txt +--- openssl-1.1.1j/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf 2021-03-03 14:08:02.494294874 +0100 ++++ openssl-1.1.1j/test/recipes/30-test_evp_data/evppkey_kdf.txt 2021-03-03 14:08:02.494294874 +0100 @@ -0,0 +1,305 @@ +# +# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. @@ -5181,9 +5181,9 @@ diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf op +Ctrl.p = p:1 +Result = INTERNAL_ERROR + -diff -up openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_kdf.t ---- openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf 2020-03-19 16:04:32.390698450 +0100 -+++ openssl-1.1.1e/test/recipes/30-test_evp_kdf.t 2020-03-19 16:04:32.390698450 +0100 +diff -up openssl-1.1.1j/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1j/test/recipes/30-test_evp_kdf.t +--- openssl-1.1.1j/test/recipes/30-test_evp_kdf.t.evp-kdf 2021-03-03 14:08:02.494294874 +0100 ++++ openssl-1.1.1j/test/recipes/30-test_evp_kdf.t 2021-03-03 14:08:02.494294874 +0100 @@ -0,0 +1,13 @@ +#! /usr/bin/env perl +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -5198,9 +5198,9 @@ diff -up openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1e/te +use OpenSSL::Test::Simple; + +simple_test("test_evp_kdf", "evp_kdf_test"); -diff -up openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp.t ---- openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/test/recipes/30-test_evp.t 2020-03-19 16:04:32.390698450 +0100 +diff -up openssl-1.1.1j/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1j/test/recipes/30-test_evp.t +--- openssl-1.1.1j/test/recipes/30-test_evp.t.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/test/recipes/30-test_evp.t 2021-03-03 14:08:02.495294883 +0100 @@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT data_file/ setup("test_evp"); @@ -5210,10 +5210,10 @@ diff -up openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1e/test/r "evpcase.txt", "evpccmcavs.txt" ); plan tests => scalar(@files); -diff -up openssl-1.1.1e/util/libcrypto.num.evp-kdf openssl-1.1.1e/util/libcrypto.num ---- openssl-1.1.1e/util/libcrypto.num.evp-kdf 2020-03-19 16:04:11.263064140 +0100 -+++ openssl-1.1.1e/util/libcrypto.num 2020-03-19 16:04:32.392698415 +0100 -@@ -4622,3 +4622,11 @@ FIPS_drbg_get_strength +diff -up openssl-1.1.1j/util/libcrypto.num.evp-kdf openssl-1.1.1j/util/libcrypto.num +--- openssl-1.1.1j/util/libcrypto.num.evp-kdf 2021-03-03 14:08:02.481294758 +0100 ++++ openssl-1.1.1j/util/libcrypto.num 2021-03-03 14:08:02.495294883 +0100 +@@ -4626,3 +4626,11 @@ FIPS_drbg_get_strength FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION: FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION: FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION: @@ -5225,9 +5225,9 @@ diff -up openssl-1.1.1e/util/libcrypto.num.evp-kdf openssl-1.1.1e/util/libcrypto +EVP_KDF_ctrl_str 6595 1_1_1b EXIST::FUNCTION: +EVP_KDF_size 6596 1_1_1b EXIST::FUNCTION: +EVP_KDF_derive 6597 1_1_1b EXIST::FUNCTION: -diff -up openssl-1.1.1e/util/private.num.evp-kdf openssl-1.1.1e/util/private.num ---- openssl-1.1.1e/util/private.num.evp-kdf 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/util/private.num 2020-03-19 16:04:32.393698398 +0100 +diff -up openssl-1.1.1j/util/private.num.evp-kdf openssl-1.1.1j/util/private.num +--- openssl-1.1.1j/util/private.num.evp-kdf 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/util/private.num 2021-03-03 14:08:02.495294883 +0100 @@ -21,6 +21,7 @@ CRYPTO_EX_dup CRYPTO_EX_free datatype CRYPTO_EX_new datatype diff --git a/openssl-1.1.1-fips-dh.patch b/openssl-1.1.1-fips-dh.patch index ff895d5..e1c739b 100644 --- a/openssl-1.1.1-fips-dh.patch +++ b/openssl-1.1.1-fips-dh.patch @@ -1,6 +1,6 @@ -diff -up openssl-1.1.1g/crypto/bn/bn_const.c.fips-dh openssl-1.1.1g/crypto/bn/bn_const.c ---- openssl-1.1.1g/crypto/bn/bn_const.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/bn/bn_const.c 2020-07-17 10:36:29.245788441 +0200 +diff -up openssl-1.1.1j/crypto/bn/bn_const.c.fips-dh openssl-1.1.1j/crypto/bn/bn_const.c +--- openssl-1.1.1j/crypto/bn/bn_const.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/bn/bn_const.c 2021-03-03 14:23:27.403092418 +0100 @@ -1,13 +1,17 @@ /* - * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved. @@ -477,9 +477,9 @@ diff -up openssl-1.1.1g/crypto/bn/bn_const.c.fips-dh openssl-1.1.1g/crypto/bn/bn - return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn); + return COPY_BN(bn, _bignum_modp_8192_p); } -diff -up openssl-1.1.1g/crypto/bn/bn_dh.c.fips-dh openssl-1.1.1g/crypto/bn/bn_dh.c ---- openssl-1.1.1g/crypto/bn/bn_dh.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/bn/bn_dh.c 2020-07-17 10:36:29.246788449 +0200 +diff -up openssl-1.1.1j/crypto/bn/bn_dh.c.fips-dh openssl-1.1.1j/crypto/bn/bn_dh.c +--- openssl-1.1.1j/crypto/bn/bn_dh.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/bn/bn_dh.c 2021-03-03 14:23:27.404092427 +0100 @@ -1,7 +1,7 @@ /* - * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved. @@ -1956,9 +1956,9 @@ diff -up openssl-1.1.1g/crypto/bn/bn_dh.c.fips-dh openssl-1.1.1g/crypto/bn/bn_dh -#endif +#endif /* OPENSSL_NO_DH */ -diff -up openssl-1.1.1g/crypto/dh/dh_check.c.fips-dh openssl-1.1.1g/crypto/dh/dh_check.c ---- openssl-1.1.1g/crypto/dh/dh_check.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/dh/dh_check.c 2020-07-17 10:36:29.246788449 +0200 +diff -up openssl-1.1.1j/crypto/dh/dh_check.c.fips-dh openssl-1.1.1j/crypto/dh/dh_check.c +--- openssl-1.1.1j/crypto/dh/dh_check.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dh/dh_check.c 2021-03-03 14:23:27.404092427 +0100 @@ -10,6 +10,7 @@ #include #include "internal/cryptlib.h" @@ -2043,9 +2043,9 @@ diff -up openssl-1.1.1g/crypto/dh/dh_check.c.fips-dh openssl-1.1.1g/crypto/dh/dh + return dh_check_pub_key_int(dh, q, pub_key, ret); +} + -diff -up openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh openssl-1.1.1g/crypto/dh/dh_gen.c ---- openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh 2020-07-17 10:36:29.182787923 +0200 -+++ openssl-1.1.1g/crypto/dh/dh_gen.c 2020-07-17 10:36:29.246788449 +0200 +diff -up openssl-1.1.1j/crypto/dh/dh_gen.c.fips-dh openssl-1.1.1j/crypto/dh/dh_gen.c +--- openssl-1.1.1j/crypto/dh/dh_gen.c.fips-dh 2021-03-03 14:23:27.338091859 +0100 ++++ openssl-1.1.1j/crypto/dh/dh_gen.c 2021-03-03 14:23:27.404092427 +0100 @@ -27,8 +27,7 @@ int DH_generate_parameters_ex(DH *ret, i BN_GENCB *cb) { @@ -2075,10 +2075,10 @@ diff -up openssl-1.1.1g/crypto/dh/dh_gen.c.fips-dh openssl-1.1.1g/crypto/dh/dh_g ctx = BN_CTX_new(); if (ctx == NULL) goto err; -diff -up openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh openssl-1.1.1g/crypto/dh/dh_key.c ---- openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh 2020-07-17 10:36:29.182787923 +0200 -+++ openssl-1.1.1g/crypto/dh/dh_key.c 2020-07-17 11:00:07.783777846 +0200 -@@ -100,10 +100,18 @@ static int generate_key(DH *dh) +diff -up openssl-1.1.1j/crypto/dh/dh_key.c.fips-dh openssl-1.1.1j/crypto/dh/dh_key.c +--- openssl-1.1.1j/crypto/dh/dh_key.c.fips-dh 2021-03-03 14:23:27.338091859 +0100 ++++ openssl-1.1.1j/crypto/dh/dh_key.c 2021-03-03 14:51:36.235296236 +0100 +@@ -120,10 +120,18 @@ static int generate_key(DH *dh) BIGNUM *pub_key = NULL, *priv_key = NULL; #ifdef OPENSSL_FIPS @@ -2101,7 +2101,7 @@ diff -up openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh openssl-1.1.1g/crypto/dh/dh_k } #endif -@@ -139,7 +147,15 @@ static int generate_key(DH *dh) +@@ -159,7 +167,15 @@ static int generate_key(DH *dh) } if (generate_new_key) { @@ -2118,7 +2118,7 @@ diff -up openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh openssl-1.1.1g/crypto/dh/dh_k do { if (!BN_priv_rand_range(priv_key, dh->q)) goto err; -@@ -175,6 +191,15 @@ static int generate_key(DH *dh) +@@ -195,6 +211,15 @@ static int generate_key(DH *dh) } /* We MUST free prk before any further use of priv_key */ BN_clear_free(prk); @@ -2134,7 +2134,7 @@ diff -up openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh openssl-1.1.1g/crypto/dh/dh_k } dh->pub_key = pub_key; -@@ -197,6 +222,7 @@ static int compute_key(unsigned char *ke +@@ -217,6 +242,7 @@ static int compute_key(unsigned char *ke BN_CTX *ctx = NULL; BN_MONT_CTX *mont = NULL; BIGNUM *tmp; @@ -2142,7 +2142,7 @@ diff -up openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh openssl-1.1.1g/crypto/dh/dh_k int ret = -1; int check_result; -@@ -243,6 +269,18 @@ static int compute_key(unsigned char *ke +@@ -263,6 +289,18 @@ static int compute_key(unsigned char *ke DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB); goto err; } @@ -2159,11 +2159,11 @@ diff -up openssl-1.1.1g/crypto/dh/dh_key.c.fips-dh openssl-1.1.1g/crypto/dh/dh_k + goto err; + } - ret = BN_bn2bin(tmp, key); + ret = BN_bn2binpad(tmp, key, BN_num_bytes(dh->p)); err: -diff -up openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh openssl-1.1.1g/crypto/dh/dh_lib.c ---- openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/dh/dh_lib.c 2020-07-17 10:36:29.246788449 +0200 +diff -up openssl-1.1.1j/crypto/dh/dh_lib.c.fips-dh openssl-1.1.1j/crypto/dh/dh_lib.c +--- openssl-1.1.1j/crypto/dh/dh_lib.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dh/dh_lib.c 2021-03-03 14:23:27.405092436 +0100 @@ -8,6 +8,7 @@ */ @@ -2193,9 +2193,9 @@ diff -up openssl-1.1.1g/crypto/dh/dh_lib.c.fips-dh openssl-1.1.1g/crypto/dh/dh_l dh->length = BN_num_bits(q); } -diff -up openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh openssl-1.1.1g/crypto/dh/dh_local.h ---- openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh 2020-07-17 10:36:28.968786163 +0200 -+++ openssl-1.1.1g/crypto/dh/dh_local.h 2020-07-17 10:36:29.246788449 +0200 +diff -up openssl-1.1.1j/crypto/dh/dh_local.h.fips-dh openssl-1.1.1j/crypto/dh/dh_local.h +--- openssl-1.1.1j/crypto/dh/dh_local.h.fips-dh 2021-03-03 14:23:27.202090689 +0100 ++++ openssl-1.1.1j/crypto/dh/dh_local.h 2021-03-03 14:23:27.405092436 +0100 @@ -35,6 +35,7 @@ struct dh_st { const DH_METHOD *meth; ENGINE *engine; @@ -2215,9 +2215,9 @@ diff -up openssl-1.1.1g/crypto/dh/dh_local.h.fips-dh openssl-1.1.1g/crypto/dh/dh +/* FIPS mode only check which requires nid set and looks up q based on it. */ +int dh_check_pub_key_full(const DH *dh, const BIGNUM *pub_key, int *ret); + -diff -up openssl-1.1.1g/crypto/dh/dh_rfc7919.c.fips-dh openssl-1.1.1g/crypto/dh/dh_rfc7919.c ---- openssl-1.1.1g/crypto/dh/dh_rfc7919.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/dh/dh_rfc7919.c 2020-07-17 10:36:29.246788449 +0200 +diff -up openssl-1.1.1j/crypto/dh/dh_rfc7919.c.fips-dh openssl-1.1.1j/crypto/dh/dh_rfc7919.c +--- openssl-1.1.1j/crypto/dh/dh_rfc7919.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dh/dh_rfc7919.c 2021-03-03 14:23:27.405092436 +0100 @@ -7,6 +7,8 @@ * https://www.openssl.org/source/license.html */ @@ -2387,10 +2387,10 @@ diff -up openssl-1.1.1g/crypto/dh/dh_rfc7919.c.fips-dh openssl-1.1.1g/crypto/dh/ + return dh_match_group(dh, q, NULL) != NID_undef; +} + -diff -up openssl-1.1.1g/crypto/ec/ec_key.c.fips-dh openssl-1.1.1g/crypto/ec/ec_key.c ---- openssl-1.1.1g/crypto/ec/ec_key.c.fips-dh 2020-07-17 11:00:53.958175227 +0200 -+++ openssl-1.1.1g/crypto/ec/ec_key.c 2020-07-20 13:24:03.941107320 +0200 -@@ -280,9 +280,18 @@ int ec_key_simple_generate_key(EC_KEY *e +diff -up openssl-1.1.1j/crypto/ec/ec_key.c.fips-dh openssl-1.1.1j/crypto/ec/ec_key.c +--- openssl-1.1.1j/crypto/ec/ec_key.c.fips-dh 2021-03-03 14:23:27.339091868 +0100 ++++ openssl-1.1.1j/crypto/ec/ec_key.c 2021-03-03 14:23:27.405092436 +0100 +@@ -281,9 +281,18 @@ int ec_key_simple_generate_key(EC_KEY *e if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, ctx)) goto err; @@ -2410,7 +2410,7 @@ diff -up openssl-1.1.1g/crypto/ec/ec_key.c.fips-dh openssl-1.1.1g/crypto/ec/ec_k ok = 1; err: -@@ -296,8 +305,23 @@ int ec_key_simple_generate_key(EC_KEY *e +@@ -297,8 +306,23 @@ int ec_key_simple_generate_key(EC_KEY *e int ec_key_simple_generate_public_key(EC_KEY *eckey) { @@ -2435,9 +2435,9 @@ diff -up openssl-1.1.1g/crypto/ec/ec_key.c.fips-dh openssl-1.1.1g/crypto/ec/ec_k } int EC_KEY_check_key(const EC_KEY *eckey) -diff -up openssl-1.1.1g/crypto/evp/p_lib.c.fips-dh openssl-1.1.1g/crypto/evp/p_lib.c ---- openssl-1.1.1g/crypto/evp/p_lib.c.fips-dh 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/evp/p_lib.c 2020-07-17 10:36:29.247788458 +0200 +diff -up openssl-1.1.1j/crypto/evp/p_lib.c.fips-dh openssl-1.1.1j/crypto/evp/p_lib.c +--- openssl-1.1.1j/crypto/evp/p_lib.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/p_lib.c 2021-03-03 14:23:27.405092436 +0100 @@ -540,7 +540,8 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *p int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) @@ -2448,9 +2448,9 @@ diff -up openssl-1.1.1g/crypto/evp/p_lib.c.fips-dh openssl-1.1.1g/crypto/evp/p_l int ret = EVP_PKEY_assign(pkey, type, key); if (ret) -diff -up openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh openssl-1.1.1g/crypto/objects/obj_dat.h ---- openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh 2020-07-17 10:36:29.239788392 +0200 -+++ openssl-1.1.1g/crypto/objects/obj_dat.h 2020-07-17 10:36:29.247788458 +0200 +diff -up openssl-1.1.1j/crypto/objects/obj_dat.h.fips-dh openssl-1.1.1j/crypto/objects/obj_dat.h +--- openssl-1.1.1j/crypto/objects/obj_dat.h.fips-dh 2021-03-03 14:23:27.394092341 +0100 ++++ openssl-1.1.1j/crypto/objects/obj_dat.h 2021-03-03 14:23:27.406092444 +0100 @@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ }; @@ -2512,9 +2512,9 @@ diff -up openssl-1.1.1g/crypto/objects/obj_dat.h.fips-dh openssl-1.1.1g/crypto/o 481, /* "nSRecord" */ 173, /* "name" */ 681, /* "onBasis" */ -diff -up openssl-1.1.1g/crypto/objects/objects.txt.fips-dh openssl-1.1.1g/crypto/objects/objects.txt ---- openssl-1.1.1g/crypto/objects/objects.txt.fips-dh 2020-07-17 10:36:29.239788392 +0200 -+++ openssl-1.1.1g/crypto/objects/objects.txt 2020-07-17 10:36:29.247788458 +0200 +diff -up openssl-1.1.1j/crypto/objects/objects.txt.fips-dh openssl-1.1.1j/crypto/objects/objects.txt +--- openssl-1.1.1j/crypto/objects/objects.txt.fips-dh 2021-03-03 14:23:27.395092350 +0100 ++++ openssl-1.1.1j/crypto/objects/objects.txt 2021-03-03 14:23:27.406092444 +0100 @@ -1657,6 +1657,13 @@ id-pkinit 5 : pkInit : ffdhe4096 : ffdhe6144 @@ -2529,9 +2529,9 @@ diff -up openssl-1.1.1g/crypto/objects/objects.txt.fips-dh openssl-1.1.1g/crypto # OIDs for DSTU-4145/DSTU-7564 (http://zakon2.rada.gov.ua/laws/show/z0423-17) -diff -up openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh openssl-1.1.1g/crypto/objects/obj_mac.num ---- openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh 2020-07-17 10:36:29.239788392 +0200 -+++ openssl-1.1.1g/crypto/objects/obj_mac.num 2020-07-17 10:36:29.248788466 +0200 +diff -up openssl-1.1.1j/crypto/objects/obj_mac.num.fips-dh openssl-1.1.1j/crypto/objects/obj_mac.num +--- openssl-1.1.1j/crypto/objects/obj_mac.num.fips-dh 2021-03-03 14:23:27.395092350 +0100 ++++ openssl-1.1.1j/crypto/objects/obj_mac.num 2021-03-03 14:23:27.406092444 +0100 @@ -1196,3 +1196,9 @@ sshkdf 1195 kbkdf 1196 krb5kdf 1197 @@ -2542,9 +2542,9 @@ diff -up openssl-1.1.1g/crypto/objects/obj_mac.num.fips-dh openssl-1.1.1g/crypto +modp_4096 1202 +modp_6144 1203 +modp_8192 1204 -diff -up openssl-1.1.1g/doc/man3/DH_new_by_nid.pod.fips-dh openssl-1.1.1g/doc/man3/DH_new_by_nid.pod ---- openssl-1.1.1g/doc/man3/DH_new_by_nid.pod.fips-dh 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/doc/man3/DH_new_by_nid.pod 2020-07-17 10:36:29.248788466 +0200 +diff -up openssl-1.1.1j/doc/man3/DH_new_by_nid.pod.fips-dh openssl-1.1.1j/doc/man3/DH_new_by_nid.pod +--- openssl-1.1.1j/doc/man3/DH_new_by_nid.pod.fips-dh 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/doc/man3/DH_new_by_nid.pod 2021-03-03 14:23:27.406092444 +0100 @@ -8,13 +8,15 @@ DH_new_by_nid, DH_get_nid - get or find #include @@ -2563,9 +2563,9 @@ diff -up openssl-1.1.1g/doc/man3/DH_new_by_nid.pod.fips-dh openssl-1.1.1g/doc/ma DH_get_nid() determines if the parameters contained in B match any named set. It returns the NID corresponding to the matching parameters or -diff -up openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod ---- openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod 2020-07-17 10:36:29.248788466 +0200 +diff -up openssl-1.1.1j/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh openssl-1.1.1j/doc/man3/EVP_PKEY_CTX_ctrl.pod +--- openssl-1.1.1j/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/doc/man3/EVP_PKEY_CTX_ctrl.pod 2021-03-03 14:23:27.406092444 +0100 @@ -294,10 +294,11 @@ The EVP_PKEY_CTX_set_dh_pad() macro sets If B is zero (the default) then no padding is performed. @@ -2582,9 +2582,9 @@ diff -up openssl-1.1.1g/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh openssl-1.1.1g/do The nid parameter and the rfc5114 parameter are mutually exclusive. The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are -diff -up openssl-1.1.1g/include/crypto/bn_dh.h.fips-dh openssl-1.1.1g/include/crypto/bn_dh.h ---- openssl-1.1.1g/include/crypto/bn_dh.h.fips-dh 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/include/crypto/bn_dh.h 2020-07-17 10:36:29.248788466 +0200 +diff -up openssl-1.1.1j/include/crypto/bn_dh.h.fips-dh openssl-1.1.1j/include/crypto/bn_dh.h +--- openssl-1.1.1j/include/crypto/bn_dh.h.fips-dh 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/crypto/bn_dh.h 2021-03-03 14:23:27.406092444 +0100 @@ -1,7 +1,7 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. @@ -2633,9 +2633,9 @@ diff -up openssl-1.1.1g/include/crypto/bn_dh.h.fips-dh openssl-1.1.1g/include/cr +extern const BIGNUM _bignum_modp_4096_q; +extern const BIGNUM _bignum_modp_6144_q; +extern const BIGNUM _bignum_modp_8192_q; -diff -up openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh openssl-1.1.1g/include/openssl/obj_mac.h ---- openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh 2020-07-17 10:36:29.240788400 +0200 -+++ openssl-1.1.1g/include/openssl/obj_mac.h 2020-07-17 10:36:29.248788466 +0200 +diff -up openssl-1.1.1j/include/openssl/obj_mac.h.fips-dh openssl-1.1.1j/include/openssl/obj_mac.h +--- openssl-1.1.1j/include/openssl/obj_mac.h.fips-dh 2021-03-03 14:23:27.396092358 +0100 ++++ openssl-1.1.1j/include/openssl/obj_mac.h 2021-03-03 14:23:27.407092453 +0100 @@ -5115,6 +5115,24 @@ #define SN_ffdhe8192 "ffdhe8192" #define NID_ffdhe8192 1130 @@ -2661,10 +2661,10 @@ diff -up openssl-1.1.1g/include/openssl/obj_mac.h.fips-dh openssl-1.1.1g/include #define SN_ISO_UA "ISO-UA" #define NID_ISO_UA 1150 #define OBJ_ISO_UA OBJ_member_body,804L -diff -up openssl-1.1.1g/ssl/s3_lib.c.fips-dh openssl-1.1.1g/ssl/s3_lib.c ---- openssl-1.1.1g/ssl/s3_lib.c.fips-dh 2020-07-17 10:36:29.199788063 +0200 -+++ openssl-1.1.1g/ssl/s3_lib.c 2020-07-17 10:36:29.248788466 +0200 -@@ -4858,13 +4858,51 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey +diff -up openssl-1.1.1j/ssl/s3_lib.c.fips-dh openssl-1.1.1j/ssl/s3_lib.c +--- openssl-1.1.1j/ssl/s3_lib.c.fips-dh 2021-03-03 14:23:27.354091997 +0100 ++++ openssl-1.1.1j/ssl/s3_lib.c 2021-03-03 14:23:27.407092453 +0100 +@@ -4849,13 +4849,51 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey EVP_PKEY *ssl_dh_to_pkey(DH *dh) { EVP_PKEY *ret; @@ -2716,11 +2716,10 @@ diff -up openssl-1.1.1g/ssl/s3_lib.c.fips-dh openssl-1.1.1g/ssl/s3_lib.c return ret; } #endif - -diff -up openssl-1.1.1h/ssl/t1_lib.c.fips-dh openssl-1.1.1h/ssl/t1_lib.c ---- openssl-1.1.1h/ssl/t1_lib.c.fips-dh 2020-11-04 14:04:41.851711629 +0100 -+++ openssl-1.1.1h/ssl/t1_lib.c 2020-11-04 14:06:06.506431652 +0100 -@@ -2470,7 +2470,7 @@ +diff -up openssl-1.1.1j/ssl/t1_lib.c.fips-dh openssl-1.1.1j/ssl/t1_lib.c +--- openssl-1.1.1j/ssl/t1_lib.c.fips-dh 2021-03-03 14:23:27.401092401 +0100 ++++ openssl-1.1.1j/ssl/t1_lib.c 2021-03-03 14:23:27.407092453 +0100 +@@ -2542,7 +2542,7 @@ DH *ssl_get_auto_dh(SSL *s) p = BN_get_rfc3526_prime_4096(NULL); else if (dh_secbits >= 128) p = BN_get_rfc3526_prime_3072(NULL); diff --git a/openssl-1.1.1-fips.patch b/openssl-1.1.1-fips.patch index c9137ca..aa3d33d 100644 --- a/openssl-1.1.1-fips.patch +++ b/openssl-1.1.1-fips.patch @@ -1,6 +1,6 @@ -diff -up openssl-1.1.1g/apps/pkcs12.c.fips openssl-1.1.1g/apps/pkcs12.c ---- openssl-1.1.1g/apps/pkcs12.c.fips 2020-04-23 13:26:06.975649817 +0200 -+++ openssl-1.1.1g/apps/pkcs12.c 2020-04-23 13:28:27.689995889 +0200 +diff -up openssl-1.1.1j/apps/pkcs12.c.fips openssl-1.1.1j/apps/pkcs12.c +--- openssl-1.1.1j/apps/pkcs12.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/apps/pkcs12.c 2021-03-03 12:57:42.194734484 +0100 @@ -123,7 +123,7 @@ int pkcs12_main(int argc, char **argv) int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0; int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER; @@ -10,9 +10,9 @@ diff -up openssl-1.1.1g/apps/pkcs12.c.fips openssl-1.1.1g/apps/pkcs12.c #else int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; #endif -diff -up openssl-1.1.1e/apps/speed.c.fips openssl-1.1.1e/apps/speed.c ---- openssl-1.1.1e/apps/speed.c.fips 2020-03-17 17:30:51.997567897 +0100 -+++ openssl-1.1.1e/apps/speed.c 2020-03-17 17:30:52.021567479 +0100 +diff -up openssl-1.1.1j/apps/speed.c.fips openssl-1.1.1j/apps/speed.c +--- openssl-1.1.1j/apps/speed.c.fips 2021-03-03 12:57:42.185734409 +0100 ++++ openssl-1.1.1j/apps/speed.c 2021-03-03 12:57:42.195734492 +0100 @@ -1593,7 +1593,8 @@ int speed_main(int argc, char **argv) continue; if (strcmp(*argv, "rsa") == 0) { @@ -163,10 +163,10 @@ diff -up openssl-1.1.1e/apps/speed.c.fips openssl-1.1.1e/apps/speed.c if (loopargs[i].hctx == NULL) { BIO_printf(bio_err, "HMAC malloc failure, exiting..."); exit(1); -diff -up openssl-1.1.1e/Configure.fips openssl-1.1.1e/Configure ---- openssl-1.1.1e/Configure.fips 2020-03-17 17:30:52.015567584 +0100 -+++ openssl-1.1.1e/Configure 2020-03-17 17:30:52.022567462 +0100 -@@ -319,7 +319,7 @@ $config{sdirs} = [ +diff -up openssl-1.1.1j/Configure.fips openssl-1.1.1j/Configure +--- openssl-1.1.1j/Configure.fips 2021-03-03 12:57:42.192734467 +0100 ++++ openssl-1.1.1j/Configure 2021-03-03 12:57:42.195734492 +0100 +@@ -329,7 +329,7 @@ $config{sdirs} = [ "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2", "siphash", "sm3", "des", "aes", "rc2", "rc4", "rc5", "idea", "aria", "bf", "cast", "camellia", "seed", "sm4", "chacha", "modes", "bn", "ec", "rsa", "dsa", "dh", "sm2", "dso", "engine", @@ -175,9 +175,9 @@ diff -up openssl-1.1.1e/Configure.fips openssl-1.1.1e/Configure "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", "cms", "ts", "srp", "cmac", "ct", "async", "kdf", "store" ]; -diff -up openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1e/crypto/cmac/cm_pmeth.c ---- openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/cmac/cm_pmeth.c 2020-03-17 17:30:52.022567462 +0100 +diff -up openssl-1.1.1j/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1j/crypto/cmac/cm_pmeth.c +--- openssl-1.1.1j/crypto/cmac/cm_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/cmac/cm_pmeth.c 2021-03-03 12:57:42.195734492 +0100 @@ -129,7 +129,7 @@ static int pkey_cmac_ctrl_str(EVP_PKEY_C const EVP_PKEY_METHOD cmac_pkey_meth = { @@ -187,9 +187,9 @@ diff -up openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1e/crypto/cmac/c pkey_cmac_init, pkey_cmac_copy, pkey_cmac_cleanup, -diff -up openssl-1.1.1e/crypto/dh/dh_err.c.fips openssl-1.1.1e/crypto/dh/dh_err.c ---- openssl-1.1.1e/crypto/dh/dh_err.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/dh/dh_err.c 2020-03-17 17:30:52.022567462 +0100 +diff -up openssl-1.1.1j/crypto/dh/dh_err.c.fips openssl-1.1.1j/crypto/dh/dh_err.c +--- openssl-1.1.1j/crypto/dh/dh_err.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dh/dh_err.c 2021-03-03 12:57:42.195734492 +0100 @@ -25,6 +25,9 @@ static const ERR_STRING_DATA DH_str_func {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_PEERKEY, 0), "dh_cms_set_peerkey"}, {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_SHARED_INFO, 0), @@ -215,9 +215,9 @@ diff -up openssl-1.1.1e/crypto/dh/dh_err.c.fips openssl-1.1.1e/crypto/dh/dh_err. {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"}, {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"}, -diff -up openssl-1.1.1e/crypto/dh/dh_gen.c.fips openssl-1.1.1e/crypto/dh/dh_gen.c ---- openssl-1.1.1e/crypto/dh/dh_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/dh/dh_gen.c 2020-03-17 18:03:31.005320382 +0100 +diff -up openssl-1.1.1j/crypto/dh/dh_gen.c.fips openssl-1.1.1j/crypto/dh/dh_gen.c +--- openssl-1.1.1j/crypto/dh/dh_gen.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dh/dh_gen.c 2021-03-03 12:57:42.195734492 +0100 @@ -16,6 +16,9 @@ #include "internal/cryptlib.h" #include @@ -261,9 +261,9 @@ diff -up openssl-1.1.1e/crypto/dh/dh_gen.c.fips openssl-1.1.1e/crypto/dh/dh_gen. ctx = BN_CTX_new(); if (ctx == NULL) goto err; -diff -up openssl-1.1.1e/crypto/dh/dh_key.c.fips openssl-1.1.1e/crypto/dh/dh_key.c ---- openssl-1.1.1e/crypto/dh/dh_key.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/dh/dh_key.c 2020-03-17 18:03:52.706940641 +0100 +diff -up openssl-1.1.1j/crypto/dh/dh_key.c.fips openssl-1.1.1j/crypto/dh/dh_key.c +--- openssl-1.1.1j/crypto/dh/dh_key.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dh/dh_key.c 2021-03-03 13:02:45.963247596 +0100 @@ -11,6 +11,9 @@ #include "internal/cryptlib.h" #include "dh_local.h" @@ -274,22 +274,10 @@ diff -up openssl-1.1.1e/crypto/dh/dh_key.c.fips openssl-1.1.1e/crypto/dh/dh_key. static int generate_key(DH *dh); static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); -@@ -22,18 +25,32 @@ static int dh_finish(DH *dh); +@@ -34,6 +37,13 @@ int DH_compute_key(unsigned char *key, c + int ret = 0, i; + volatile size_t npad = 0, mask = 1; - int DH_generate_key(DH *dh) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) -+ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) { -+ DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD); -+ return 0; -+ } -+#endif - return dh->meth->generate_key(dh); - } - - int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) - { +#ifdef OPENSSL_FIPS + if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) + && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) { @@ -297,18 +285,10 @@ diff -up openssl-1.1.1e/crypto/dh/dh_key.c.fips openssl-1.1.1e/crypto/dh/dh_key. + return 0; + } +#endif - return dh->meth->compute_key(key, pub_key, dh); - } - - int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh) - { - int rv, pad; -- rv = dh->meth->compute_key(key, pub_key, dh); -+ rv = DH_compute_key(key, pub_key, dh); - if (rv <= 0) - return rv; - pad = BN_num_bytes(dh->p) - rv; -@@ -82,6 +99,14 @@ static int generate_key(DH *dh) + /* compute the key; ret is constant unless compute_key is external */ + if ((ret = dh->meth->compute_key(key, pub_key, dh)) <= 0) + return ret; +@@ -109,6 +119,14 @@ static int generate_key(DH *dh) BN_MONT_CTX *mont = NULL; BIGNUM *pub_key = NULL, *priv_key = NULL; @@ -323,7 +303,7 @@ diff -up openssl-1.1.1e/crypto/dh/dh_key.c.fips openssl-1.1.1e/crypto/dh/dh_key. if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE); return 0; -@@ -179,6 +204,13 @@ static int compute_key(unsigned char *ke +@@ -206,6 +224,13 @@ static int compute_key(unsigned char *ke DHerr(DH_F_COMPUTE_KEY, DH_R_MODULUS_TOO_LARGE); goto err; } @@ -337,7 +317,7 @@ diff -up openssl-1.1.1e/crypto/dh/dh_key.c.fips openssl-1.1.1e/crypto/dh/dh_key. ctx = BN_CTX_new(); if (ctx == NULL) -@@ -228,6 +260,9 @@ static int dh_bn_mod_exp(const DH *dh, B +@@ -255,6 +280,9 @@ static int dh_bn_mod_exp(const DH *dh, B static int dh_init(DH *dh) { @@ -347,9 +327,9 @@ diff -up openssl-1.1.1e/crypto/dh/dh_key.c.fips openssl-1.1.1e/crypto/dh/dh_key. dh->flags |= DH_FLAG_CACHE_MONT_P; return 1; } -diff -up openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips openssl-1.1.1e/crypto/dh/dh_pmeth.c ---- openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/dh/dh_pmeth.c 2020-03-17 17:30:52.023567444 +0100 +diff -up openssl-1.1.1j/crypto/dh/dh_pmeth.c.fips openssl-1.1.1j/crypto/dh/dh_pmeth.c +--- openssl-1.1.1j/crypto/dh/dh_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dh/dh_pmeth.c 2021-03-03 12:57:42.196734500 +0100 @@ -480,7 +480,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX * const EVP_PKEY_METHOD dh_pkey_meth = { @@ -368,9 +348,9 @@ diff -up openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips openssl-1.1.1e/crypto/dh/dh_pm pkey_dh_init, pkey_dh_copy, pkey_dh_cleanup, -diff -up openssl-1.1.1e/crypto/dsa/dsa_err.c.fips openssl-1.1.1e/crypto/dsa/dsa_err.c ---- openssl-1.1.1e/crypto/dsa/dsa_err.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/dsa/dsa_err.c 2020-03-17 17:30:52.023567444 +0100 +diff -up openssl-1.1.1j/crypto/dsa/dsa_err.c.fips openssl-1.1.1j/crypto/dsa/dsa_err.c +--- openssl-1.1.1j/crypto/dsa/dsa_err.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dsa/dsa_err.c 2021-03-03 12:57:42.196734500 +0100 @@ -16,12 +16,15 @@ static const ERR_STRING_DATA DSA_str_functs[] = { {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT, 0), "DSAparams_print"}, @@ -402,9 +382,9 @@ diff -up openssl-1.1.1e/crypto/dsa/dsa_err.c.fips openssl-1.1.1e/crypto/dsa/dsa_ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"}, {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_Q_NOT_PRIME), "q not prime"}, -diff -up openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips openssl-1.1.1e/crypto/dsa/dsa_gen.c ---- openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/dsa/dsa_gen.c 2020-03-17 18:02:14.626656877 +0100 +diff -up openssl-1.1.1j/crypto/dsa/dsa_gen.c.fips openssl-1.1.1j/crypto/dsa/dsa_gen.c +--- openssl-1.1.1j/crypto/dsa/dsa_gen.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dsa/dsa_gen.c 2021-03-03 12:57:42.196734500 +0100 @@ -22,12 +22,22 @@ #include #include @@ -566,9 +546,9 @@ diff -up openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips openssl-1.1.1e/crypto/dsa/dsa_ +} + +#endif -diff -up openssl-1.1.1e/crypto/dsa/dsa_key.c.fips openssl-1.1.1e/crypto/dsa/dsa_key.c ---- openssl-1.1.1e/crypto/dsa/dsa_key.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/dsa/dsa_key.c 2020-03-17 18:02:51.103018604 +0100 +diff -up openssl-1.1.1j/crypto/dsa/dsa_key.c.fips openssl-1.1.1j/crypto/dsa/dsa_key.c +--- openssl-1.1.1j/crypto/dsa/dsa_key.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dsa/dsa_key.c 2021-03-03 12:57:42.196734500 +0100 @@ -13,10 +13,49 @@ #include #include "dsa_local.h" @@ -648,9 +628,9 @@ diff -up openssl-1.1.1e/crypto/dsa/dsa_key.c.fips openssl-1.1.1e/crypto/dsa/dsa_ ok = 1; err: -diff -up openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1e/crypto/dsa/dsa_ossl.c ---- openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/dsa/dsa_ossl.c 2020-03-19 17:11:22.037994064 +0100 +diff -up openssl-1.1.1j/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1j/crypto/dsa/dsa_ossl.c +--- openssl-1.1.1j/crypto/dsa/dsa_ossl.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dsa/dsa_ossl.c 2021-03-03 12:57:42.196734500 +0100 @@ -14,6 +14,9 @@ #include #include "dsa_local.h" @@ -710,9 +690,9 @@ diff -up openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1e/crypto/dsa/dsa dsa->flags |= DSA_FLAG_CACHE_MONT_P; return 1; } -diff -up openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1e/crypto/dsa/dsa_pmeth.c ---- openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/dsa/dsa_pmeth.c 2020-03-17 17:30:52.025567409 +0100 +diff -up openssl-1.1.1j/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1j/crypto/dsa/dsa_pmeth.c +--- openssl-1.1.1j/crypto/dsa/dsa_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/dsa/dsa_pmeth.c 2021-03-03 12:57:42.196734500 +0100 @@ -211,8 +211,8 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT BN_GENCB_free(pcb); return 0; @@ -733,9 +713,9 @@ diff -up openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1e/crypto/dsa/ds pkey_dsa_init, pkey_dsa_copy, pkey_dsa_cleanup, -diff -up openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdh_ossl.c ---- openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips 2020-03-17 17:30:52.025567409 +0100 -+++ openssl-1.1.1e/crypto/ec/ecdh_ossl.c 2020-03-17 18:01:24.704530440 +0100 +diff -up openssl-1.1.1j/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1j/crypto/ec/ecdh_ossl.c +--- openssl-1.1.1j/crypto/ec/ecdh_ossl.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/ec/ecdh_ossl.c 2021-03-03 12:57:42.196734500 +0100 @@ -19,9 +19,20 @@ #include #include "ec_local.h" @@ -757,9 +737,9 @@ diff -up openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdh if (ecdh->group->meth->ecdh_compute_key == NULL) { ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH); return 0; -diff -up openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdsa_ossl.c ---- openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/ec/ecdsa_ossl.c 2020-03-17 18:01:41.642234061 +0100 +diff -up openssl-1.1.1j/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1j/crypto/ec/ecdsa_ossl.c +--- openssl-1.1.1j/crypto/ec/ecdsa_ossl.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/ec/ecdsa_ossl.c 2021-03-03 12:57:42.196734500 +0100 @@ -14,6 +14,10 @@ #include "crypto/bn.h" #include "ec_local.h" @@ -799,10 +779,10 @@ diff -up openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1e/crypto/ec/ecd /* check input values */ if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { -diff -up openssl-1.1.1e/crypto/ec/ec_key.c.fips openssl-1.1.1e/crypto/ec/ec_key.c ---- openssl-1.1.1e/crypto/ec/ec_key.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/ec/ec_key.c 2020-03-17 17:30:52.026567392 +0100 -@@ -178,14 +178,62 @@ ENGINE *EC_KEY_get0_engine(const EC_KEY +diff -up openssl-1.1.1j/crypto/ec/ec_key.c.fips openssl-1.1.1j/crypto/ec/ec_key.c +--- openssl-1.1.1j/crypto/ec/ec_key.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/ec/ec_key.c 2021-03-03 12:57:42.196734500 +0100 +@@ -179,14 +179,62 @@ ENGINE *EC_KEY_get0_engine(const EC_KEY return eckey->engine; } @@ -867,9 +847,9 @@ diff -up openssl-1.1.1e/crypto/ec/ec_key.c.fips openssl-1.1.1e/crypto/ec/ec_key. ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_OPERATION_NOT_SUPPORTED); return 0; } -diff -up openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips openssl-1.1.1e/crypto/ec/ec_pmeth.c ---- openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/ec/ec_pmeth.c 2020-03-17 17:30:52.026567392 +0100 +diff -up openssl-1.1.1j/crypto/ec/ec_pmeth.c.fips openssl-1.1.1j/crypto/ec/ec_pmeth.c +--- openssl-1.1.1j/crypto/ec/ec_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/ec/ec_pmeth.c 2021-03-03 12:57:42.197734509 +0100 @@ -438,7 +438,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX * const EVP_PKEY_METHOD ec_pkey_meth = { @@ -879,9 +859,9 @@ diff -up openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips openssl-1.1.1e/crypto/ec/ec_pm pkey_ec_init, pkey_ec_copy, pkey_ec_cleanup, -diff -up openssl-1.1.1e/crypto/evp/digest.c.fips openssl-1.1.1e/crypto/evp/digest.c ---- openssl-1.1.1e/crypto/evp/digest.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/digest.c 2020-03-17 17:38:57.528093469 +0100 +diff -up openssl-1.1.1j/crypto/evp/digest.c.fips openssl-1.1.1j/crypto/evp/digest.c +--- openssl-1.1.1j/crypto/evp/digest.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/digest.c 2021-03-03 12:57:42.197734509 +0100 @@ -14,6 +14,9 @@ #include #include "crypto/evp.h" @@ -942,9 +922,9 @@ diff -up openssl-1.1.1e/crypto/evp/digest.c.fips openssl-1.1.1e/crypto/evp/diges OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); ret = ctx->digest->final(ctx, md); if (size != NULL) -diff -up openssl-1.1.1e/crypto/evp/e_aes.c.fips openssl-1.1.1e/crypto/evp/e_aes.c ---- openssl-1.1.1e/crypto/evp/e_aes.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/e_aes.c 2020-03-17 17:30:52.028567357 +0100 +diff -up openssl-1.1.1j/crypto/evp/e_aes.c.fips openssl-1.1.1j/crypto/evp/e_aes.c +--- openssl-1.1.1j/crypto/evp/e_aes.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/e_aes.c 2021-03-03 12:57:42.197734509 +0100 @@ -397,7 +397,7 @@ static int aesni_xts_init_key(EVP_CIPHER * This addresses Rogaway's vulnerability. * See comment in aes_xts_init_key() below. @@ -1067,9 +1047,9 @@ diff -up openssl-1.1.1e/crypto/evp/e_aes.c.fips openssl-1.1.1e/crypto/evp/e_aes. | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) -diff -up openssl-1.1.1e/crypto/evp/e_des3.c.fips openssl-1.1.1e/crypto/evp/e_des3.c ---- openssl-1.1.1e/crypto/evp/e_des3.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/e_des3.c 2020-03-17 17:30:52.029567340 +0100 +diff -up openssl-1.1.1j/crypto/evp/e_des3.c.fips openssl-1.1.1j/crypto/evp/e_des3.c +--- openssl-1.1.1j/crypto/evp/e_des3.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/e_des3.c 2021-03-03 12:57:42.197734509 +0100 @@ -211,16 +211,19 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, # define des_ede3_cbc_cipher des_ede_cbc_cipher # define des_ede3_ecb_cipher des_ede_ecb_cipher @@ -1096,9 +1076,9 @@ diff -up openssl-1.1.1e/crypto/evp/e_des3.c.fips openssl-1.1.1e/crypto/evp/e_des static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) -diff -up openssl-1.1.1e/crypto/evp/e_null.c.fips openssl-1.1.1e/crypto/evp/e_null.c ---- openssl-1.1.1e/crypto/evp/e_null.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/e_null.c 2020-03-17 17:30:52.029567340 +0100 +diff -up openssl-1.1.1j/crypto/evp/e_null.c.fips openssl-1.1.1j/crypto/evp/e_null.c +--- openssl-1.1.1j/crypto/evp/e_null.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/e_null.c 2021-03-03 12:57:42.197734509 +0100 @@ -19,7 +19,8 @@ static int null_cipher(EVP_CIPHER_CTX *c const unsigned char *in, size_t inl); static const EVP_CIPHER n_cipher = { @@ -1109,10 +1089,10 @@ diff -up openssl-1.1.1e/crypto/evp/e_null.c.fips openssl-1.1.1e/crypto/evp/e_nul null_init_key, null_cipher, NULL, -diff -up openssl-1.1.1e/crypto/evp/evp_enc.c.fips openssl-1.1.1e/crypto/evp/evp_enc.c ---- openssl-1.1.1e/crypto/evp/evp_enc.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/evp_enc.c 2020-03-17 17:39:52.663129373 +0100 -@@ -17,9 +17,18 @@ +diff -up openssl-1.1.1j/crypto/evp/evp_enc.c.fips openssl-1.1.1j/crypto/evp/evp_enc.c +--- openssl-1.1.1j/crypto/evp/evp_enc.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/evp_enc.c 2021-03-03 12:57:42.197734509 +0100 +@@ -18,9 +18,18 @@ #include #include "crypto/evp.h" #include "evp_local.h" @@ -1131,7 +1111,7 @@ diff -up openssl-1.1.1e/crypto/evp/evp_enc.c.fips openssl-1.1.1e/crypto/evp/evp_ if (c == NULL) return 1; if (c->cipher != NULL) { -@@ -39,6 +48,12 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX +@@ -40,6 +49,12 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) { @@ -1144,7 +1124,7 @@ diff -up openssl-1.1.1e/crypto/evp/evp_enc.c.fips openssl-1.1.1e/crypto/evp/evp_ return OPENSSL_zalloc(sizeof(EVP_CIPHER_CTX)); } -@@ -67,6 +82,12 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct +@@ -68,6 +83,12 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct enc = 1; ctx->encrypt = enc; } @@ -1157,7 +1137,7 @@ diff -up openssl-1.1.1e/crypto/evp/evp_enc.c.fips openssl-1.1.1e/crypto/evp/evp_ #ifndef OPENSSL_NO_ENGINE /* * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so -@@ -136,7 +157,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct +@@ -137,7 +158,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct } ctx->key_len = cipher->key_len; /* Preserve wrap enable flag, zero everything else */ @@ -1166,7 +1146,7 @@ diff -up openssl-1.1.1e/crypto/evp/evp_enc.c.fips openssl-1.1.1e/crypto/evp/evp_ if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { ctx->cipher = NULL; -@@ -195,6 +216,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct +@@ -196,6 +217,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct return 0; } } @@ -1185,9 +1165,9 @@ diff -up openssl-1.1.1e/crypto/evp/evp_enc.c.fips openssl-1.1.1e/crypto/evp/evp_ if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { if (!ctx->cipher->init(ctx, key, iv, enc)) -diff -up openssl-1.1.1e/crypto/evp/evp_err.c.fips openssl-1.1.1e/crypto/evp/evp_err.c ---- openssl-1.1.1e/crypto/evp/evp_err.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-17 17:30:52.030567322 +0100 +diff -up openssl-1.1.1j/crypto/evp/evp_err.c.fips openssl-1.1.1j/crypto/evp/evp_err.c +--- openssl-1.1.1j/crypto/evp/evp_err.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/evp_err.c 2021-03-03 12:57:42.198734517 +0100 @@ -23,6 +23,7 @@ static const ERR_STRING_DATA EVP_str_fun {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_T4_XTS_INIT_KEY, 0), "aes_t4_xts_init_key"}, @@ -1204,7 +1184,7 @@ diff -up openssl-1.1.1e/crypto/evp/evp_err.c.fips openssl-1.1.1e/crypto/evp/evp_ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_LOADING_SECTION), "error loading section"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_SETTING_FIPS_MODE), -@@ -249,6 +251,7 @@ static const ERR_STRING_DATA EVP_str_rea +@@ -251,6 +253,7 @@ static const ERR_STRING_DATA EVP_str_rea {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"}, @@ -1212,7 +1192,7 @@ diff -up openssl-1.1.1e/crypto/evp/evp_err.c.fips openssl-1.1.1e/crypto/evp/evp_ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_CIPHER), "unknown cipher"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_DIGEST), "unknown digest"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_OPTION), "unknown option"}, -@@ -274,6 +277,8 @@ static const ERR_STRING_DATA EVP_str_rea +@@ -276,6 +279,8 @@ static const ERR_STRING_DATA EVP_str_rea "wrap mode not allowed"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"}, @@ -1221,9 +1201,9 @@ diff -up openssl-1.1.1e/crypto/evp/evp_err.c.fips openssl-1.1.1e/crypto/evp/evp_ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DUPLICATED_KEYS), "xts duplicated keys"}, {0, NULL} -diff -up openssl-1.1.1e/crypto/evp/evp_lib.c.fips openssl-1.1.1e/crypto/evp/evp_lib.c ---- openssl-1.1.1e/crypto/evp/evp_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/evp_lib.c 2020-03-17 17:30:52.030567322 +0100 +diff -up openssl-1.1.1j/crypto/evp/evp_lib.c.fips openssl-1.1.1j/crypto/evp/evp_lib.c +--- openssl-1.1.1j/crypto/evp/evp_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/evp_lib.c 2021-03-03 12:57:42.198734517 +0100 @@ -192,6 +192,9 @@ int EVP_CIPHER_impl_ctx_size(const EVP_C int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) @@ -1234,9 +1214,9 @@ diff -up openssl-1.1.1e/crypto/evp/evp_lib.c.fips openssl-1.1.1e/crypto/evp/evp_ return ctx->cipher->do_cipher(ctx, out, in, inl); } -diff -up openssl-1.1.1e/crypto/evp/m_sha1.c.fips openssl-1.1.1e/crypto/evp/m_sha1.c ---- openssl-1.1.1e/crypto/evp/m_sha1.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/m_sha1.c 2020-03-17 17:30:52.030567322 +0100 +diff -up openssl-1.1.1j/crypto/evp/m_sha1.c.fips openssl-1.1.1j/crypto/evp/m_sha1.c +--- openssl-1.1.1j/crypto/evp/m_sha1.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/m_sha1.c 2021-03-03 12:57:42.198734517 +0100 @@ -95,7 +95,7 @@ static const EVP_MD sha1_md = { NID_sha1, NID_sha1WithRSAEncryption, @@ -1300,9 +1280,9 @@ diff -up openssl-1.1.1e/crypto/evp/m_sha1.c.fips openssl-1.1.1e/crypto/evp/m_sha init512, update512, final512, -diff -up openssl-1.1.1e/crypto/evp/m_sha3.c.fips openssl-1.1.1e/crypto/evp/m_sha3.c ---- openssl-1.1.1e/crypto/evp/m_sha3.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/m_sha3.c 2020-03-17 17:30:52.031567305 +0100 +diff -up openssl-1.1.1j/crypto/evp/m_sha3.c.fips openssl-1.1.1j/crypto/evp/m_sha3.c +--- openssl-1.1.1j/crypto/evp/m_sha3.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/m_sha3.c 2021-03-03 12:57:42.198734517 +0100 @@ -295,7 +295,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) NID_sha3_##bitlen, \ NID_RSA_SHA3_##bitlen, \ @@ -1357,9 +1337,9 @@ diff -up openssl-1.1.1e/crypto/evp/m_sha3.c.fips openssl-1.1.1e/crypto/evp/m_sha shake_init, \ sha3_update, \ sha3_final, \ -diff -up openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips openssl-1.1.1e/crypto/evp/pmeth_lib.c ---- openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/evp/pmeth_lib.c 2020-03-17 17:30:52.031567305 +0100 +diff -up openssl-1.1.1j/crypto/evp/pmeth_lib.c.fips openssl-1.1.1j/crypto/evp/pmeth_lib.c +--- openssl-1.1.1j/crypto/evp/pmeth_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/evp/pmeth_lib.c 2021-03-03 12:57:42.198734517 +0100 @@ -131,7 +131,15 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKE pmeth = ENGINE_get_pkey_meth(e, id); else @@ -1376,9 +1356,9 @@ diff -up openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips openssl-1.1.1e/crypto/evp/pm if (pmeth == NULL) { #ifndef OPENSSL_NO_ENGINE -diff -up openssl-1.1.1e/crypto/fips/build.info.fips openssl-1.1.1e/crypto/fips/build.info ---- openssl-1.1.1e/crypto/fips/build.info.fips 2020-03-17 17:30:52.032567287 +0100 -+++ openssl-1.1.1e/crypto/fips/build.info 2020-03-17 17:30:52.032567287 +0100 +diff -up openssl-1.1.1j/crypto/fips/build.info.fips openssl-1.1.1j/crypto/fips/build.info +--- openssl-1.1.1j/crypto/fips/build.info.fips 2021-03-03 12:57:42.198734517 +0100 ++++ openssl-1.1.1j/crypto/fips/build.info 2021-03-03 12:57:42.198734517 +0100 @@ -0,0 +1,15 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=\ @@ -1395,9 +1375,9 @@ diff -up openssl-1.1.1e/crypto/fips/build.info.fips openssl-1.1.1e/crypto/fips/b +SOURCE[fips_standalone_hmac]=fips_standalone_hmac.c +INCLUDE[fips_standalone_hmac]=../../include +DEPEND[fips_standalone_hmac]=../../libcrypto -diff -up openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_aes_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips 2020-03-17 17:30:52.033567270 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_aes_selftest.c 2020-03-17 17:30:52.033567270 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_aes_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_aes_selftest.c.fips 2021-03-03 12:57:42.198734517 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_aes_selftest.c 2021-03-03 12:57:42.198734517 +0100 @@ -0,0 +1,372 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -1771,9 +1751,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1e/cryp +} + +#endif -diff -up openssl-1.1.1e/crypto/fips/fips.c.fips openssl-1.1.1e/crypto/fips/fips.c ---- openssl-1.1.1e/crypto/fips/fips.c.fips 2020-03-17 17:30:52.033567270 +0100 -+++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 17:30:52.033567270 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips.c.fips openssl-1.1.1j/crypto/fips/fips.c +--- openssl-1.1.1j/crypto/fips/fips.c.fips 2021-03-03 12:57:42.198734517 +0100 ++++ openssl-1.1.1j/crypto/fips/fips.c 2021-03-03 12:57:42.198734517 +0100 @@ -0,0 +1,526 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -2301,9 +2281,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips.c.fips openssl-1.1.1e/crypto/fips/fips. +} + +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips 2020-03-17 17:30:52.034567253 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c 2020-03-17 17:30:52.033567270 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c.fips 2021-03-03 12:57:42.199734525 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c 2021-03-03 12:57:42.199734525 +0100 @@ -0,0 +1,156 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -2461,9 +2441,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1e/cry + return rv; +} +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_des_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips 2020-03-17 17:30:52.034567253 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_des_selftest.c 2020-03-17 17:30:52.034567253 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_des_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_des_selftest.c.fips 2021-03-03 12:57:42.199734525 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_des_selftest.c 2021-03-03 12:57:42.199734525 +0100 @@ -0,0 +1,133 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -2598,9 +2578,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1e/cryp + return ret; +} +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_dh_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips 2020-03-17 17:30:52.038567183 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_dh_selftest.c 2020-03-17 17:30:52.038567183 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_dh_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_dh_selftest.c.fips 2021-03-03 12:57:42.199734525 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_dh_selftest.c 2021-03-03 12:57:42.199734525 +0100 @@ -0,0 +1,180 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -2782,9 +2762,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1e/crypt + return ret; +} +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c ---- openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips 2020-03-17 17:30:52.040567148 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c 2020-03-17 17:30:52.039567165 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_ctr.c +--- openssl-1.1.1j/crypto/fips/fips_drbg_ctr.c.fips 2021-03-03 12:57:42.199734525 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_drbg_ctr.c 2021-03-03 12:57:42.199734525 +0100 @@ -0,0 +1,406 @@ +/* fips/rand/fips_drbg_ctr.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -3192,9 +3172,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1e/crypto/f + + return 1; +} -diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_hash.c ---- openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips 2020-03-17 17:30:52.041567130 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_drbg_hash.c 2020-03-17 17:30:52.040567148 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_hash.c +--- openssl-1.1.1j/crypto/fips/fips_drbg_hash.c.fips 2021-03-03 12:57:42.199734525 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_drbg_hash.c 2021-03-03 12:57:42.199734525 +0100 @@ -0,0 +1,354 @@ +/* fips/rand/fips_drbg_hash.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -3550,9 +3530,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1e/crypto/ + + return 1; +} -diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c ---- openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips 2020-03-17 17:30:52.042567113 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c 2020-03-17 17:30:52.042567113 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_hmac.c +--- openssl-1.1.1j/crypto/fips/fips_drbg_hmac.c.fips 2021-03-03 12:57:42.199734525 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_drbg_hmac.c 2021-03-03 12:57:42.199734525 +0100 @@ -0,0 +1,262 @@ +/* fips/rand/fips_drbg_hmac.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -3816,9 +3796,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1e/crypto/ + + return 1; +} -diff -up openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_lib.c ---- openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips 2020-03-17 17:30:52.043567095 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_drbg_lib.c 2020-03-17 17:30:52.043567095 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_lib.c +--- openssl-1.1.1j/crypto/fips/fips_drbg_lib.c.fips 2021-03-03 12:57:42.199734525 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_drbg_lib.c 2021-03-03 12:57:42.199734525 +0100 @@ -0,0 +1,528 @@ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project. @@ -4348,9 +4328,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1e/crypto/f +{ + /* Just backwards compatibility API call with no effect. */ +} -diff -up openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_rand.c ---- openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips 2020-03-17 17:30:52.044567078 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_drbg_rand.c 2020-03-17 17:30:52.044567078 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_rand.c +--- openssl-1.1.1j/crypto/fips/fips_drbg_rand.c.fips 2021-03-03 12:57:42.199734525 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_drbg_rand.c 2021-03-03 12:57:42.199734525 +0100 @@ -0,0 +1,185 @@ +/* fips/rand/fips_drbg_rand.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -4537,9 +4517,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1e/crypto/ +{ + return &rand_drbg_meth; +} -diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips 2020-03-17 17:30:52.044567078 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c 2020-03-17 17:30:52.044567078 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_drbg_selftest.c.fips 2021-03-03 12:57:42.200734534 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_drbg_selftest.c 2021-03-03 12:57:42.200734534 +0100 @@ -0,0 +1,828 @@ +/* fips/rand/fips_drbg_selftest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -5369,9 +5349,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1e/cry + FIPS_drbg_free(dctx); + return rv; +} -diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h ---- openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips 2020-03-17 17:30:52.045567061 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h 2020-03-17 17:30:52.045567061 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1j/crypto/fips/fips_drbg_selftest.h +--- openssl-1.1.1j/crypto/fips/fips_drbg_selftest.h.fips 2021-03-03 12:57:42.200734534 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_drbg_selftest.h 2021-03-03 12:57:42.200734534 +0100 @@ -0,0 +1,1791 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -7164,9 +7144,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1e/cry + 0xef, 0x05, 0x9e, 0xb8, 0xc7, 0x52, 0xe4, 0x0e, 0x42, 0xaa, 0x7c, 0x79, + 0xc2, 0xd6, 0xfd, 0xa5 +}; -diff -up openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c 2020-03-17 17:30:52.046567043 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_dsa_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_dsa_selftest.c.fips 2021-03-03 12:57:42.200734534 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_dsa_selftest.c 2021-03-03 12:57:42.200734534 +0100 @@ -0,0 +1,195 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -7363,9 +7343,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1e/cryp + return ret; +} +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c 2020-03-17 17:30:52.046567043 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_ecdh_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_ecdh_selftest.c.fips 2021-03-03 12:57:42.200734534 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_ecdh_selftest.c 2021-03-03 12:57:42.200734534 +0100 @@ -0,0 +1,242 @@ +/* fips/ecdh/fips_ecdh_selftest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -7609,9 +7589,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1e/cry +} + +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c 2020-03-17 17:30:52.046567043 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_ecdsa_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_ecdsa_selftest.c.fips 2021-03-03 12:57:42.200734534 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_ecdsa_selftest.c 2021-03-03 12:57:42.200734534 +0100 @@ -0,0 +1,166 @@ +/* fips/ecdsa/fips_ecdsa_selftest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -7779,9 +7759,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1e/cr +} + +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_err.h.fips openssl-1.1.1e/crypto/fips/fips_err.h ---- openssl-1.1.1e/crypto/fips/fips_err.h.fips 2020-03-17 17:30:52.047567026 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_err.h 2020-03-17 17:30:52.047567026 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_err.h.fips openssl-1.1.1j/crypto/fips/fips_err.h +--- openssl-1.1.1j/crypto/fips/fips_err.h.fips 2021-03-03 12:57:42.201734542 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_err.h 2021-03-03 12:57:42.201734542 +0100 @@ -0,0 +1,197 @@ +/* crypto/fips_err.h */ +/* ==================================================================== @@ -7980,9 +7960,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_err.h.fips openssl-1.1.1e/crypto/fips/f +#endif + return 1; +} -diff -up openssl-1.1.1e/crypto/fips/fips_ers.c.fips openssl-1.1.1e/crypto/fips/fips_ers.c ---- openssl-1.1.1e/crypto/fips/fips_ers.c.fips 2020-03-17 17:30:52.047567026 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_ers.c 2020-03-17 17:30:52.047567026 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_ers.c.fips openssl-1.1.1j/crypto/fips/fips_ers.c +--- openssl-1.1.1j/crypto/fips/fips_ers.c.fips 2021-03-03 12:57:42.201734542 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_ers.c 2021-03-03 12:57:42.201734542 +0100 @@ -0,0 +1,7 @@ +#include + @@ -7991,9 +7971,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_ers.c.fips openssl-1.1.1e/crypto/fips/f +#else +static void *dummy = &dummy; +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips 2020-03-17 17:30:52.047567026 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c 2020-03-17 17:30:52.047567026 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_hmac_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_hmac_selftest.c.fips 2021-03-03 12:57:42.201734542 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_hmac_selftest.c 2021-03-03 12:57:42.201734542 +0100 @@ -0,0 +1,134 @@ +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. All rights reserved. @@ -8129,9 +8109,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1e/cry + return 1; +} +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_locl.h.fips openssl-1.1.1e/crypto/fips/fips_locl.h ---- openssl-1.1.1e/crypto/fips/fips_locl.h.fips 2020-03-17 17:30:52.048567008 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_locl.h 2020-03-17 17:30:52.048567008 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_locl.h.fips openssl-1.1.1j/crypto/fips/fips_locl.h +--- openssl-1.1.1j/crypto/fips/fips_locl.h.fips 2021-03-03 12:57:42.201734542 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_locl.h 2021-03-03 12:57:42.201734542 +0100 @@ -0,0 +1,71 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -8204,9 +8184,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_locl.h.fips openssl-1.1.1e/crypto/fips/ +} +# endif +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_post.c.fips openssl-1.1.1e/crypto/fips/fips_post.c ---- openssl-1.1.1e/crypto/fips/fips_post.c.fips 2020-03-17 17:30:52.048567008 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_post.c 2020-03-17 17:30:52.048567008 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_post.c.fips openssl-1.1.1j/crypto/fips/fips_post.c +--- openssl-1.1.1j/crypto/fips/fips_post.c.fips 2021-03-03 12:57:42.201734542 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_post.c 2021-03-03 12:57:42.201734542 +0100 @@ -0,0 +1,224 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -8432,9 +8412,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_post.c.fips openssl-1.1.1e/crypto/fips/ + return 1; +} +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1e/crypto/fips/fips_rand_lcl.h ---- openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips 2020-03-17 17:30:52.048567008 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_rand_lcl.h 2020-03-17 17:30:52.048567008 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1j/crypto/fips/fips_rand_lcl.h +--- openssl-1.1.1j/crypto/fips/fips_rand_lcl.h.fips 2021-03-03 12:57:42.201734542 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_rand_lcl.h 2021-03-03 12:57:42.201734542 +0100 @@ -0,0 +1,203 @@ +/* fips/rand/fips_rand_lcl.h */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -8639,9 +8619,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1e/crypto/f +#define FIPS_digestupdate EVP_DigestUpdate +#define FIPS_digestfinal EVP_DigestFinal +#define M_EVP_MD_size EVP_MD_size -diff -up openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1e/crypto/fips/fips_rand_lib.c ---- openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips 2020-03-17 17:30:52.049566991 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_rand_lib.c 2020-03-17 17:30:52.049566991 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1j/crypto/fips/fips_rand_lib.c +--- openssl-1.1.1j/crypto/fips/fips_rand_lib.c.fips 2021-03-03 12:57:42.201734542 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_rand_lib.c 2021-03-03 12:57:42.201734542 +0100 @@ -0,0 +1,234 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -8877,9 +8857,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1e/crypto/f +# endif +} + -diff -up openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips 2020-03-17 17:30:52.049566991 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c 2020-03-17 17:30:52.049566991 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_rsa_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_rsa_selftest.c.fips 2021-03-03 12:57:42.201734542 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_rsa_selftest.c 2021-03-03 12:57:42.201734542 +0100 @@ -0,0 +1,338 @@ +/* ==================================================================== + * Copyright (c) 2003-2007 The OpenSSL Project. All rights reserved. @@ -9219,9 +9199,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1e/cryp +} + +#endif /* def OPENSSL_FIPS */ -diff -up openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_sha_selftest.c ---- openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips 2020-03-17 17:30:52.050566973 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_sha_selftest.c 2020-03-17 17:30:52.050566973 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_sha_selftest.c +--- openssl-1.1.1j/crypto/fips/fips_sha_selftest.c.fips 2021-03-03 12:57:42.201734542 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_sha_selftest.c 2021-03-03 12:57:42.201734542 +0100 @@ -0,0 +1,223 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -9446,9 +9426,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1e/cryp +} + +#endif -diff -up openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c ---- openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips 2020-03-17 17:30:52.050566973 +0100 -+++ openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c 2020-03-17 17:30:52.050566973 +0100 +diff -up openssl-1.1.1j/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1j/crypto/fips/fips_standalone_hmac.c +--- openssl-1.1.1j/crypto/fips/fips_standalone_hmac.c.fips 2021-03-03 12:57:42.201734542 +0100 ++++ openssl-1.1.1j/crypto/fips/fips_standalone_hmac.c 2021-03-03 12:57:42.201734542 +0100 @@ -0,0 +1,127 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -9577,9 +9557,9 @@ diff -up openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1e/c +#endif + return 0; +} -diff -up openssl-1.1.1e/crypto/hmac/hmac.c.fips openssl-1.1.1e/crypto/hmac/hmac.c ---- openssl-1.1.1e/crypto/hmac/hmac.c.fips 2020-03-17 17:30:52.050566973 +0100 -+++ openssl-1.1.1e/crypto/hmac/hmac.c 2020-03-17 17:38:16.969802663 +0100 +diff -up openssl-1.1.1j/crypto/hmac/hmac.c.fips openssl-1.1.1j/crypto/hmac/hmac.c +--- openssl-1.1.1j/crypto/hmac/hmac.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/hmac/hmac.c 2021-03-03 12:57:42.202734550 +0100 @@ -44,6 +44,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo return 0; @@ -9594,9 +9574,9 @@ diff -up openssl-1.1.1e/crypto/hmac/hmac.c.fips openssl-1.1.1e/crypto/hmac/hmac. reset = 1; j = EVP_MD_block_size(md); -diff -up openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1e/crypto/hmac/hm_pmeth.c ---- openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/hmac/hm_pmeth.c 2020-03-17 17:30:52.051566956 +0100 +diff -up openssl-1.1.1j/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1j/crypto/hmac/hm_pmeth.c +--- openssl-1.1.1j/crypto/hmac/hm_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/hmac/hm_pmeth.c 2021-03-03 12:57:42.202734550 +0100 @@ -180,7 +180,7 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_C const EVP_PKEY_METHOD hmac_pkey_meth = { @@ -9606,111 +9586,9 @@ diff -up openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1e/crypto/hmac/h pkey_hmac_init, pkey_hmac_copy, pkey_hmac_cleanup, -diff -up openssl-1.1.1e/include/crypto/fips.h.fips openssl-1.1.1e/include/crypto/fips.h ---- openssl-1.1.1e/include/crypto/fips.h.fips 2020-03-17 17:30:52.051566956 +0100 -+++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 17:30:52.051566956 +0100 -@@ -0,0 +1,98 @@ -+/* ==================================================================== -+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+ -+#ifndef OPENSSL_FIPS -+# error FIPS is disabled. -+#endif -+ -+#ifdef OPENSSL_FIPS -+ -+int FIPS_module_mode_set(int onoff); -+int FIPS_module_mode(void); -+int FIPS_module_installed(void); -+int FIPS_selftest_sha1(void); -+int FIPS_selftest_sha2(void); -+int FIPS_selftest_sha3(void); -+int FIPS_selftest_aes_ccm(void); -+int FIPS_selftest_aes_gcm(void); -+int FIPS_selftest_aes_xts(void); -+int FIPS_selftest_aes(void); -+int FIPS_selftest_des(void); -+int FIPS_selftest_rsa(void); -+int FIPS_selftest_dsa(void); -+int FIPS_selftest_ecdsa(void); -+int FIPS_selftest_ecdh(void); -+int FIPS_selftest_dh(void); -+void FIPS_drbg_stick(int onoff); -+int FIPS_selftest_hmac(void); -+int FIPS_selftest_drbg(void); -+int FIPS_selftest_cmac(void); -+ -+int fips_pkey_signature_test(EVP_PKEY *pkey, -+ const unsigned char *tbs, int tbslen, -+ const unsigned char *kat, -+ unsigned int katlen, -+ const EVP_MD *digest, -+ unsigned int md_flags, const char *fail_str); -+ -+int fips_cipher_test(EVP_CIPHER_CTX *ctx, -+ const EVP_CIPHER *cipher, -+ const unsigned char *key, -+ const unsigned char *iv, -+ const unsigned char *plaintext, -+ const unsigned char *ciphertext, int len); -+ -+void fips_set_selftest_fail(void); -+ -+void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); -+ -+#endif -diff -up openssl-1.1.1e/crypto/o_fips.c.fips openssl-1.1.1e/crypto/o_fips.c ---- openssl-1.1.1e/crypto/o_fips.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/o_fips.c 2020-03-17 17:30:52.052566939 +0100 +diff -up openssl-1.1.1j/crypto/o_fips.c.fips openssl-1.1.1j/crypto/o_fips.c +--- openssl-1.1.1j/crypto/o_fips.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/o_fips.c 2021-03-03 12:57:42.202734550 +0100 @@ -8,17 +8,28 @@ */ @@ -9740,9 +9618,9 @@ diff -up openssl-1.1.1e/crypto/o_fips.c.fips openssl-1.1.1e/crypto/o_fips.c return 0; +#endif } -diff -up openssl-1.1.1e/crypto/o_init.c.fips openssl-1.1.1e/crypto/o_init.c ---- openssl-1.1.1e/crypto/o_init.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/o_init.c 2020-03-17 17:30:52.052566939 +0100 +diff -up openssl-1.1.1j/crypto/o_init.c.fips openssl-1.1.1j/crypto/o_init.c +--- openssl-1.1.1j/crypto/o_init.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/o_init.c 2021-03-03 12:57:42.202734550 +0100 @@ -7,8 +7,69 @@ * https://www.openssl.org/source/license.html */ @@ -9813,9 +9691,9 @@ diff -up openssl-1.1.1e/crypto/o_init.c.fips openssl-1.1.1e/crypto/o_init.c /* * Perform any essential OpenSSL initialization operations. Currently does -diff -up openssl-1.1.1e/crypto/rand/rand_lib.c.fips openssl-1.1.1e/crypto/rand/rand_lib.c ---- openssl-1.1.1e/crypto/rand/rand_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/rand/rand_lib.c 2020-03-17 17:35:56.471259207 +0100 +diff -up openssl-1.1.1j/crypto/rand/rand_lib.c.fips openssl-1.1.1j/crypto/rand/rand_lib.c +--- openssl-1.1.1j/crypto/rand/rand_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/rand/rand_lib.c 2021-03-03 12:57:42.202734550 +0100 @@ -16,6 +16,10 @@ #include "internal/thread_once.h" #include "rand_local.h" @@ -9827,7 +9705,7 @@ diff -up openssl-1.1.1e/crypto/rand/rand_lib.c.fips openssl-1.1.1e/crypto/rand/r #ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ -@@ -961,3 +965,15 @@ int RAND_status(void) +@@ -959,3 +963,15 @@ int RAND_status(void) return meth->status(); return 0; } @@ -9843,9 +9721,9 @@ diff -up openssl-1.1.1e/crypto/rand/rand_lib.c.fips openssl-1.1.1e/crypto/rand/r + return 1; +} +#endif -diff -up openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1e/crypto/rsa/rsa_crpt.c ---- openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/rsa/rsa_crpt.c 2020-03-17 17:30:52.055566886 +0100 +diff -up openssl-1.1.1j/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1j/crypto/rsa/rsa_crpt.c +--- openssl-1.1.1j/crypto/rsa/rsa_crpt.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/rsa/rsa_crpt.c 2021-03-03 12:57:42.202734550 +0100 @@ -27,24 +27,52 @@ int RSA_size(const RSA *r) int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) @@ -9899,9 +9777,9 @@ diff -up openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1e/crypto/rsa/rsa return rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding); } -diff -up openssl-1.1.1e/crypto/rsa/rsa_err.c.fips openssl-1.1.1e/crypto/rsa/rsa_err.c ---- openssl-1.1.1e/crypto/rsa/rsa_err.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/rsa/rsa_err.c 2020-03-17 17:30:52.055566886 +0100 +diff -up openssl-1.1.1j/crypto/rsa/rsa_err.c.fips openssl-1.1.1j/crypto/rsa/rsa_err.c +--- openssl-1.1.1j/crypto/rsa/rsa_err.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/rsa/rsa_err.c 2021-03-03 12:57:42.202734550 +0100 @@ -16,6 +16,8 @@ static const ERR_STRING_DATA RSA_str_functs[] = { {ERR_PACK(ERR_LIB_RSA, RSA_F_CHECK_PADDING_MD, 0), "check_padding_md"}, @@ -9970,9 +9848,9 @@ diff -up openssl-1.1.1e/crypto/rsa/rsa_err.c.fips openssl-1.1.1e/crypto/rsa/rsa_ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_SIGNATURE_TYPE), "unsupported signature type"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_VALUE_MISSING), "value missing"}, -diff -up openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips openssl-1.1.1e/crypto/rsa/rsa_gen.c ---- openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/rsa/rsa_gen.c 2020-03-17 17:33:55.560367363 +0100 +diff -up openssl-1.1.1j/crypto/rsa/rsa_gen.c.fips openssl-1.1.1j/crypto/rsa/rsa_gen.c +--- openssl-1.1.1j/crypto/rsa/rsa_gen.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/rsa/rsa_gen.c 2021-03-03 12:57:42.202734550 +0100 @@ -18,6 +18,76 @@ #include "internal/cryptlib.h" #include @@ -10365,9 +10243,9 @@ diff -up openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips openssl-1.1.1e/crypto/rsa/rsa_ static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, BN_GENCB *cb) { -diff -up openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips openssl-1.1.1e/crypto/rsa/rsa_lib.c ---- openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/rsa/rsa_lib.c 2020-03-17 17:30:52.056566869 +0100 +diff -up openssl-1.1.1j/crypto/rsa/rsa_lib.c.fips openssl-1.1.1j/crypto/rsa/rsa_lib.c +--- openssl-1.1.1j/crypto/rsa/rsa_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/rsa/rsa_lib.c 2021-03-03 12:57:42.203734558 +0100 @@ -34,6 +34,12 @@ int RSA_set_method(RSA *rsa, const RSA_M * to deal with which ENGINE it comes from. */ @@ -10410,9 +10288,9 @@ diff -up openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips openssl-1.1.1e/crypto/rsa/rsa_ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) { goto err; } -diff -up openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1e/crypto/rsa/rsa_ossl.c ---- openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/rsa/rsa_ossl.c 2020-03-17 17:34:32.289726964 +0100 +diff -up openssl-1.1.1j/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1j/crypto/rsa/rsa_ossl.c +--- openssl-1.1.1j/crypto/rsa/rsa_ossl.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/rsa/rsa_ossl.c 2021-03-03 12:57:42.203734558 +0100 @@ -12,6 +12,10 @@ #include "rsa_local.h" #include "internal/constant_time.h" @@ -10529,9 +10407,9 @@ diff -up openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1e/crypto/rsa/rsa if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { RSAerr(RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); return -1; -diff -up openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1e/crypto/rsa/rsa_pmeth.c ---- openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/rsa/rsa_pmeth.c 2020-03-17 17:30:52.056566869 +0100 +diff -up openssl-1.1.1j/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1j/crypto/rsa/rsa_pmeth.c +--- openssl-1.1.1j/crypto/rsa/rsa_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/rsa/rsa_pmeth.c 2021-03-03 12:57:42.203734558 +0100 @@ -756,7 +756,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX const EVP_PKEY_METHOD rsa_pkey_meth = { @@ -10550,9 +10428,9 @@ diff -up openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1e/crypto/rsa/rs pkey_rsa_init, pkey_rsa_copy, pkey_rsa_cleanup, -diff -up openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips openssl-1.1.1e/crypto/rsa/rsa_sign.c ---- openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/rsa/rsa_sign.c 2020-03-17 17:30:52.057566851 +0100 +diff -up openssl-1.1.1j/crypto/rsa/rsa_sign.c.fips openssl-1.1.1j/crypto/rsa/rsa_sign.c +--- openssl-1.1.1j/crypto/rsa/rsa_sign.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/rsa/rsa_sign.c 2021-03-03 12:57:42.203734558 +0100 @@ -73,6 +73,13 @@ int RSA_sign(int type, const unsigned ch unsigned char *tmps = NULL; const unsigned char *encoded = NULL; @@ -10579,9 +10457,9 @@ diff -up openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips openssl-1.1.1e/crypto/rsa/rsa if (encrypt_len <= 0) goto err; -diff -up openssl-1.1.1e/crypto/sha/sha256.c.fips openssl-1.1.1e/crypto/sha/sha256.c ---- openssl-1.1.1e/crypto/sha/sha256.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/sha/sha256.c 2020-03-17 17:30:52.057566851 +0100 +diff -up openssl-1.1.1j/crypto/sha/sha256.c.fips openssl-1.1.1j/crypto/sha/sha256.c +--- openssl-1.1.1j/crypto/sha/sha256.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/sha/sha256.c 2021-03-03 12:57:42.203734558 +0100 @@ -18,6 +18,9 @@ int SHA224_Init(SHA256_CTX *c) @@ -10602,9 +10480,9 @@ diff -up openssl-1.1.1e/crypto/sha/sha256.c.fips openssl-1.1.1e/crypto/sha/sha25 memset(c, 0, sizeof(*c)); c->h[0] = 0x6a09e667UL; c->h[1] = 0xbb67ae85UL; -diff -up openssl-1.1.1e/crypto/sha/sha512.c.fips openssl-1.1.1e/crypto/sha/sha512.c ---- openssl-1.1.1e/crypto/sha/sha512.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/sha/sha512.c 2020-03-17 17:30:52.057566851 +0100 +diff -up openssl-1.1.1j/crypto/sha/sha512.c.fips openssl-1.1.1j/crypto/sha/sha512.c +--- openssl-1.1.1j/crypto/sha/sha512.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/crypto/sha/sha512.c 2021-03-03 12:57:42.203734558 +0100 @@ -98,6 +98,9 @@ int sha512_256_init(SHA512_CTX *c) int SHA384_Init(SHA512_CTX *c) @@ -10625,9 +10503,9 @@ diff -up openssl-1.1.1e/crypto/sha/sha512.c.fips openssl-1.1.1e/crypto/sha/sha51 c->h[0] = U64(0x6a09e667f3bcc908); c->h[1] = U64(0xbb67ae8584caa73b); c->h[2] = U64(0x3c6ef372fe94f82b); -diff -up openssl-1.1.1e/crypto/sha/sha_local.h.fips openssl-1.1.1e/crypto/sha/sha_local.h ---- openssl-1.1.1e/crypto/sha/sha_local.h.fips 2020-03-17 17:30:51.766571925 +0100 -+++ openssl-1.1.1e/crypto/sha/sha_local.h 2020-03-17 17:31:00.996410998 +0100 +diff -up openssl-1.1.1j/crypto/sha/sha_local.h.fips openssl-1.1.1j/crypto/sha/sha_local.h +--- openssl-1.1.1j/crypto/sha/sha_local.h.fips 2021-03-03 12:57:41.941732391 +0100 ++++ openssl-1.1.1j/crypto/sha/sha_local.h 2021-03-03 12:57:42.203734558 +0100 @@ -52,6 +52,9 @@ void sha1_block_data_order(SHA_CTX *c, c int HASH_INIT(SHA_CTX *c) @@ -10638,9 +10516,9 @@ diff -up openssl-1.1.1e/crypto/sha/sha_local.h.fips openssl-1.1.1e/crypto/sha/sh memset(c, 0, sizeof(*c)); c->h0 = INIT_DATA_h0; c->h1 = INIT_DATA_h1; -diff -up openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod ---- openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod 2020-03-17 17:31:00.996410998 +0100 +diff -up openssl-1.1.1j/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1j/doc/man3/DSA_generate_parameters.pod +--- openssl-1.1.1j/doc/man3/DSA_generate_parameters.pod.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/doc/man3/DSA_generate_parameters.pod 2021-03-03 12:57:42.203734558 +0100 @@ -30,8 +30,10 @@ B is the length of the prime p to For lengths under 2048 bits, the length of q is 160 bits; for lengths greater than or equal to 2048 bits, the length of q is set to 256 bits. @@ -10654,9 +10532,111 @@ diff -up openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1e DSA_generate_parameters_ex() places the iteration count in *B and a counter used for finding a generator in -diff -up openssl-1.1.1e/include/openssl/crypto.h.fips openssl-1.1.1e/include/openssl/crypto.h ---- openssl-1.1.1e/include/openssl/crypto.h.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/crypto.h 2020-03-17 17:31:00.997410980 +0100 +diff -up openssl-1.1.1j/include/crypto/fips.h.fips openssl-1.1.1j/include/crypto/fips.h +--- openssl-1.1.1j/include/crypto/fips.h.fips 2021-03-03 12:57:42.202734550 +0100 ++++ openssl-1.1.1j/include/crypto/fips.h 2021-03-03 12:57:42.202734550 +0100 +@@ -0,0 +1,98 @@ ++/* ==================================================================== ++ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ++ */ ++ ++#include ++#include ++ ++#ifndef OPENSSL_FIPS ++# error FIPS is disabled. ++#endif ++ ++#ifdef OPENSSL_FIPS ++ ++int FIPS_module_mode_set(int onoff); ++int FIPS_module_mode(void); ++int FIPS_module_installed(void); ++int FIPS_selftest_sha1(void); ++int FIPS_selftest_sha2(void); ++int FIPS_selftest_sha3(void); ++int FIPS_selftest_aes_ccm(void); ++int FIPS_selftest_aes_gcm(void); ++int FIPS_selftest_aes_xts(void); ++int FIPS_selftest_aes(void); ++int FIPS_selftest_des(void); ++int FIPS_selftest_rsa(void); ++int FIPS_selftest_dsa(void); ++int FIPS_selftest_ecdsa(void); ++int FIPS_selftest_ecdh(void); ++int FIPS_selftest_dh(void); ++void FIPS_drbg_stick(int onoff); ++int FIPS_selftest_hmac(void); ++int FIPS_selftest_drbg(void); ++int FIPS_selftest_cmac(void); ++ ++int fips_pkey_signature_test(EVP_PKEY *pkey, ++ const unsigned char *tbs, int tbslen, ++ const unsigned char *kat, ++ unsigned int katlen, ++ const EVP_MD *digest, ++ unsigned int md_flags, const char *fail_str); ++ ++int fips_cipher_test(EVP_CIPHER_CTX *ctx, ++ const EVP_CIPHER *cipher, ++ const unsigned char *key, ++ const unsigned char *iv, ++ const unsigned char *plaintext, ++ const unsigned char *ciphertext, int len); ++ ++void fips_set_selftest_fail(void); ++ ++void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); ++ ++#endif +diff -up openssl-1.1.1j/include/openssl/crypto.h.fips openssl-1.1.1j/include/openssl/crypto.h +--- openssl-1.1.1j/include/openssl/crypto.h.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/crypto.h 2021-03-03 12:57:42.204734567 +0100 @@ -331,6 +331,11 @@ int OPENSSL_isservice(void); int FIPS_mode(void); int FIPS_mode_set(int r); @@ -10669,9 +10649,9 @@ diff -up openssl-1.1.1e/include/openssl/crypto.h.fips openssl-1.1.1e/include/ope void OPENSSL_init(void); # ifdef OPENSSL_SYS_UNIX void OPENSSL_fork_prepare(void); -diff -up openssl-1.1.1e/include/openssl/dherr.h.fips openssl-1.1.1e/include/openssl/dherr.h ---- openssl-1.1.1e/include/openssl/dherr.h.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/dherr.h 2020-03-17 17:31:00.998410963 +0100 +diff -up openssl-1.1.1j/include/openssl/dherr.h.fips openssl-1.1.1j/include/openssl/dherr.h +--- openssl-1.1.1j/include/openssl/dherr.h.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/dherr.h 2021-03-03 12:57:42.204734567 +0100 @@ -36,6 +36,9 @@ int ERR_load_DH_strings(void); # define DH_F_DH_CMS_DECRYPT 114 # define DH_F_DH_CMS_SET_PEERKEY 115 @@ -10697,9 +10677,9 @@ diff -up openssl-1.1.1e/include/openssl/dherr.h.fips openssl-1.1.1e/include/open # define DH_R_PARAMETER_ENCODING_ERROR 105 # define DH_R_PEER_KEY_ERROR 111 # define DH_R_SHARED_INFO_ERROR 113 -diff -up openssl-1.1.1e/include/openssl/dh.h.fips openssl-1.1.1e/include/openssl/dh.h ---- openssl-1.1.1e/include/openssl/dh.h.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/dh.h 2020-03-17 17:31:00.998410963 +0100 +diff -up openssl-1.1.1j/include/openssl/dh.h.fips openssl-1.1.1j/include/openssl/dh.h +--- openssl-1.1.1j/include/openssl/dh.h.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/dh.h 2021-03-03 12:57:42.204734567 +0100 @@ -31,6 +31,7 @@ extern "C" { # endif @@ -10708,9 +10688,9 @@ diff -up openssl-1.1.1e/include/openssl/dh.h.fips openssl-1.1.1e/include/openssl # define DH_FLAG_CACHE_MONT_P 0x01 -diff -up openssl-1.1.1e/include/openssl/dsaerr.h.fips openssl-1.1.1e/include/openssl/dsaerr.h ---- openssl-1.1.1e/include/openssl/dsaerr.h.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/dsaerr.h 2020-03-17 17:31:00.999410945 +0100 +diff -up openssl-1.1.1j/include/openssl/dsaerr.h.fips openssl-1.1.1j/include/openssl/dsaerr.h +--- openssl-1.1.1j/include/openssl/dsaerr.h.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/dsaerr.h 2021-03-03 12:57:42.204734567 +0100 @@ -29,8 +29,11 @@ int ERR_load_DSA_strings(void); */ # define DSA_F_DSAPARAMS_PRINT 100 @@ -10737,9 +10717,9 @@ diff -up openssl-1.1.1e/include/openssl/dsaerr.h.fips openssl-1.1.1e/include/ope # define DSA_R_PARAMETER_ENCODING_ERROR 105 # define DSA_R_Q_NOT_PRIME 113 # define DSA_R_SEED_LEN_SMALL 110 -diff -up openssl-1.1.1e/include/openssl/dsa.h.fips openssl-1.1.1e/include/openssl/dsa.h ---- openssl-1.1.1e/include/openssl/dsa.h.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/dsa.h 2020-03-17 17:31:01.000410928 +0100 +diff -up openssl-1.1.1j/include/openssl/dsa.h.fips openssl-1.1.1j/include/openssl/dsa.h +--- openssl-1.1.1j/include/openssl/dsa.h.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/dsa.h 2021-03-03 12:57:42.204734567 +0100 @@ -31,6 +31,7 @@ extern "C" { # endif @@ -10748,10 +10728,10 @@ diff -up openssl-1.1.1e/include/openssl/dsa.h.fips openssl-1.1.1e/include/openss # define DSA_FLAG_CACHE_MONT_P 0x01 # if OPENSSL_API_COMPAT < 0x10100000L -diff -up openssl-1.1.1e/include/openssl/evperr.h.fips openssl-1.1.1e/include/openssl/evperr.h ---- openssl-1.1.1e/include/openssl/evperr.h.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-17 17:31:01.000410928 +0100 -@@ -24,14 +24,15 @@ int ERR_load_EVP_strings(void); +diff -up openssl-1.1.1j/include/openssl/evperr.h.fips openssl-1.1.1j/include/openssl/evperr.h +--- openssl-1.1.1j/include/openssl/evperr.h.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/evperr.h 2021-03-03 12:57:42.204734567 +0100 +@@ -22,14 +22,15 @@ int ERR_load_EVP_strings(void); * EVP function codes. */ # define EVP_F_AESNI_INIT_KEY 165 @@ -10770,7 +10750,7 @@ diff -up openssl-1.1.1e/include/openssl/evperr.h.fips openssl-1.1.1e/include/ope # define EVP_F_ALG_MODULE_INIT 177 # define EVP_F_ARIA_CCM_INIT_KEY 175 # define EVP_F_ARIA_GCM_CTRL 197 -@@ -142,6 +143,7 @@ int ERR_load_EVP_strings(void); +@@ -140,6 +141,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 # define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 # define EVP_R_DECODE_ERROR 114 @@ -10778,7 +10758,7 @@ diff -up openssl-1.1.1e/include/openssl/evperr.h.fips openssl-1.1.1e/include/ope # define EVP_R_DIFFERENT_KEY_TYPES 101 # define EVP_R_DIFFERENT_PARAMETERS 153 # define EVP_R_ERROR_LOADING_SECTION 165 -@@ -185,6 +187,7 @@ int ERR_load_EVP_strings(void); +@@ -184,6 +186,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 # define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 # define EVP_R_PUBLIC_KEY_NOT_RSA 106 @@ -10786,7 +10766,7 @@ diff -up openssl-1.1.1e/include/openssl/evperr.h.fips openssl-1.1.1e/include/ope # define EVP_R_UNKNOWN_CIPHER 160 # define EVP_R_UNKNOWN_DIGEST 161 # define EVP_R_UNKNOWN_OPTION 169 -@@ -200,6 +203,7 @@ int ERR_load_EVP_strings(void); +@@ -199,6 +202,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_UNSUPPORTED_SALT_TYPE 126 # define EVP_R_WRAP_MODE_NOT_ALLOWED 170 # define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 @@ -10795,9 +10775,9 @@ diff -up openssl-1.1.1e/include/openssl/evperr.h.fips openssl-1.1.1e/include/ope +# define EVP_R_XTS_DUPLICATED_KEYS 192 #endif -diff -up openssl-1.1.1e/include/openssl/evp.h.fips openssl-1.1.1e/include/openssl/evp.h ---- openssl-1.1.1e/include/openssl/evp.h.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/evp.h 2020-03-17 17:31:01.001410911 +0100 +diff -up openssl-1.1.1j/include/openssl/evp.h.fips openssl-1.1.1j/include/openssl/evp.h +--- openssl-1.1.1j/include/openssl/evp.h.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/evp.h 2021-03-03 12:57:42.204734567 +0100 @@ -1324,6 +1324,9 @@ void EVP_PKEY_asn1_set_security_bits(EVP */ # define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 @@ -10808,9 +10788,9 @@ diff -up openssl-1.1.1e/include/openssl/evp.h.fips openssl-1.1.1e/include/openss const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags); void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, -diff -up openssl-1.1.1e/include/openssl/fips.h.fips openssl-1.1.1e/include/openssl/fips.h ---- openssl-1.1.1e/include/openssl/fips.h.fips 2020-03-17 17:31:01.002410893 +0100 -+++ openssl-1.1.1e/include/openssl/fips.h 2020-03-17 17:31:01.002410893 +0100 +diff -up openssl-1.1.1j/include/openssl/fips.h.fips openssl-1.1.1j/include/openssl/fips.h +--- openssl-1.1.1j/include/openssl/fips.h.fips 2021-03-03 12:57:42.204734567 +0100 ++++ openssl-1.1.1j/include/openssl/fips.h 2021-03-03 12:57:42.204734567 +0100 @@ -0,0 +1,187 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -10999,9 +10979,9 @@ diff -up openssl-1.1.1e/include/openssl/fips.h.fips openssl-1.1.1e/include/opens +} +# endif +#endif -diff -up openssl-1.1.1e/include/openssl/fips_rand.h.fips openssl-1.1.1e/include/openssl/fips_rand.h ---- openssl-1.1.1e/include/openssl/fips_rand.h.fips 2020-03-17 17:31:01.003410876 +0100 -+++ openssl-1.1.1e/include/openssl/fips_rand.h 2020-03-17 17:31:01.003410876 +0100 +diff -up openssl-1.1.1j/include/openssl/fips_rand.h.fips openssl-1.1.1j/include/openssl/fips_rand.h +--- openssl-1.1.1j/include/openssl/fips_rand.h.fips 2021-03-03 12:57:42.204734567 +0100 ++++ openssl-1.1.1j/include/openssl/fips_rand.h 2021-03-03 12:57:42.204734567 +0100 @@ -0,0 +1,145 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -11148,10 +11128,10 @@ diff -up openssl-1.1.1e/include/openssl/fips_rand.h.fips openssl-1.1.1e/include/ +# endif +# endif +#endif -diff -up openssl-1.1.1e/include/openssl/opensslconf.h.in.fips openssl-1.1.1e/include/openssl/opensslconf.h.in ---- openssl-1.1.1e/include/openssl/opensslconf.h.in.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/opensslconf.h.in 2020-03-17 17:31:01.003410876 +0100 -@@ -150,6 +150,11 @@ extern "C" { +diff -up openssl-1.1.1j/include/openssl/opensslconf.h.in.fips openssl-1.1.1j/include/openssl/opensslconf.h.in +--- openssl-1.1.1j/include/openssl/opensslconf.h.in.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/opensslconf.h.in 2021-03-03 12:57:42.205734575 +0100 +@@ -155,6 +155,11 @@ extern "C" { #define RC4_INT {- $config{rc4_int} -} @@ -11163,9 +11143,9 @@ diff -up openssl-1.1.1e/include/openssl/opensslconf.h.in.fips openssl-1.1.1e/inc #ifdef __cplusplus } #endif -diff -up openssl-1.1.1e/include/openssl/randerr.h.fips openssl-1.1.1e/include/openssl/randerr.h ---- openssl-1.1.1e/include/openssl/randerr.h.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/randerr.h 2020-03-17 17:31:01.004410858 +0100 +diff -up openssl-1.1.1j/include/openssl/randerr.h.fips openssl-1.1.1j/include/openssl/randerr.h +--- openssl-1.1.1j/include/openssl/randerr.h.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/randerr.h 2021-03-03 12:57:42.205734575 +0100 @@ -38,6 +38,7 @@ int ERR_load_RAND_strings(void); # define RAND_F_RAND_DRBG_SET 104 # define RAND_F_RAND_DRBG_SET_DEFAULTS 121 @@ -11174,9 +11154,9 @@ diff -up openssl-1.1.1e/include/openssl/randerr.h.fips openssl-1.1.1e/include/op # define RAND_F_RAND_LOAD_FILE 111 # define RAND_F_RAND_POOL_ACQUIRE_ENTROPY 122 # define RAND_F_RAND_POOL_ADD 103 -diff -up openssl-1.1.1e/include/openssl/rand.h.fips openssl-1.1.1e/include/openssl/rand.h ---- openssl-1.1.1e/include/openssl/rand.h.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/rand.h 2020-03-17 17:31:01.004410858 +0100 +diff -up openssl-1.1.1j/include/openssl/rand.h.fips openssl-1.1.1j/include/openssl/rand.h +--- openssl-1.1.1j/include/openssl/rand.h.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/rand.h 2021-03-03 12:57:42.205734575 +0100 @@ -69,6 +69,11 @@ DEPRECATEDIN_1_1_0(void RAND_screen(void DEPRECATEDIN_1_1_0(int RAND_event(UINT, WPARAM, LPARAM)) # endif @@ -11189,9 +11169,9 @@ diff -up openssl-1.1.1e/include/openssl/rand.h.fips openssl-1.1.1e/include/opens #ifdef __cplusplus } -diff -up openssl-1.1.1e/include/openssl/rsaerr.h.fips openssl-1.1.1e/include/openssl/rsaerr.h ---- openssl-1.1.1e/include/openssl/rsaerr.h.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/include/openssl/rsaerr.h 2020-03-17 17:31:01.005410841 +0100 +diff -up openssl-1.1.1j/include/openssl/rsaerr.h.fips openssl-1.1.1j/include/openssl/rsaerr.h +--- openssl-1.1.1j/include/openssl/rsaerr.h.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/include/openssl/rsaerr.h 2021-03-03 12:57:42.205734575 +0100 @@ -25,6 +25,7 @@ int ERR_load_RSA_strings(void); */ # define RSA_F_CHECK_PADDING_MD 140 @@ -11247,9 +11227,9 @@ diff -up openssl-1.1.1e/include/openssl/rsaerr.h.fips openssl-1.1.1e/include/ope # define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155 # define RSA_R_VALUE_MISSING 147 # define RSA_R_WRONG_SIGNATURE_LENGTH 119 -diff -up openssl-1.1.1e/ssl/s3_lib.c.fips openssl-1.1.1e/ssl/s3_lib.c ---- openssl-1.1.1e/ssl/s3_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/ssl/s3_lib.c 2020-03-17 17:31:01.007410806 +0100 +diff -up openssl-1.1.1j/ssl/s3_lib.c.fips openssl-1.1.1j/ssl/s3_lib.c +--- openssl-1.1.1j/ssl/s3_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/ssl/s3_lib.c 2021-03-03 12:57:42.205734575 +0100 @@ -43,7 +43,7 @@ static SSL_CIPHER tls13_ciphers[] = { SSL_AEAD, TLS1_3_VERSION, TLS1_3_VERSION, @@ -11349,9 +11329,9 @@ diff -up openssl-1.1.1e/ssl/s3_lib.c.fips openssl-1.1.1e/ssl/s3_lib.c SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, 256, -diff -up openssl-1.1.1e/ssl/ssl_ciph.c.fips openssl-1.1.1e/ssl/ssl_ciph.c ---- openssl-1.1.1e/ssl/ssl_ciph.c.fips 2020-03-17 17:30:52.017567549 +0100 -+++ openssl-1.1.1e/ssl/ssl_ciph.c 2020-03-17 17:31:01.008410788 +0100 +diff -up openssl-1.1.1j/ssl/ssl_ciph.c.fips openssl-1.1.1j/ssl/ssl_ciph.c +--- openssl-1.1.1j/ssl/ssl_ciph.c.fips 2021-03-03 12:57:42.193734476 +0100 ++++ openssl-1.1.1j/ssl/ssl_ciph.c 2021-03-03 12:57:42.206734583 +0100 @@ -387,7 +387,7 @@ int ssl_load_ciphers(void) } } @@ -11390,9 +11370,9 @@ diff -up openssl-1.1.1e/ssl/ssl_ciph.c.fips openssl-1.1.1e/ssl/ssl_ciph.c if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) { OPENSSL_free(co_list); sk_SSL_CIPHER_free(cipherstack); -diff -up openssl-1.1.1e/ssl/ssl_init.c.fips openssl-1.1.1e/ssl/ssl_init.c ---- openssl-1.1.1e/ssl/ssl_init.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/ssl/ssl_init.c 2020-03-17 17:31:01.009410771 +0100 +diff -up openssl-1.1.1j/ssl/ssl_init.c.fips openssl-1.1.1j/ssl/ssl_init.c +--- openssl-1.1.1j/ssl/ssl_init.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/ssl/ssl_init.c 2021-03-03 12:57:42.206734583 +0100 @@ -27,6 +27,10 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_bas fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " "Adding SSL ciphers and digests\n"); @@ -11436,10 +11416,10 @@ diff -up openssl-1.1.1e/ssl/ssl_init.c.fips openssl-1.1.1e/ssl/ssl_init.c #ifndef OPENSSL_NO_COMP # ifdef OPENSSL_INIT_DEBUG fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " -diff -up openssl-1.1.1e/ssl/ssl_lib.c.fips openssl-1.1.1e/ssl/ssl_lib.c ---- openssl-1.1.1e/ssl/ssl_lib.c.fips 2020-03-17 17:30:52.018567531 +0100 -+++ openssl-1.1.1e/ssl/ssl_lib.c 2020-03-17 17:31:01.011410736 +0100 -@@ -2970,6 +2970,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m +diff -up openssl-1.1.1j/ssl/ssl_lib.c.fips openssl-1.1.1j/ssl/ssl_lib.c +--- openssl-1.1.1j/ssl/ssl_lib.c.fips 2021-03-03 12:57:42.193734476 +0100 ++++ openssl-1.1.1j/ssl/ssl_lib.c 2021-03-03 12:57:42.206734583 +0100 +@@ -2973,6 +2973,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL)) return NULL; @@ -11451,7 +11431,7 @@ diff -up openssl-1.1.1e/ssl/ssl_lib.c.fips openssl-1.1.1e/ssl/ssl_lib.c if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); goto err; -@@ -3026,13 +3031,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m +@@ -3029,13 +3034,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m if (ret->param == NULL) goto err; @@ -11476,10 +11456,10 @@ diff -up openssl-1.1.1e/ssl/ssl_lib.c.fips openssl-1.1.1e/ssl/ssl_lib.c } if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) -diff -up openssl-1.1.1e/ssl/ssl_local.h.fips openssl-1.1.1e/ssl/ssl_local.h ---- openssl-1.1.1e/ssl/ssl_local.h.fips 2020-03-17 17:30:51.842570600 +0100 -+++ openssl-1.1.1e/ssl/ssl_local.h 2020-03-17 17:31:10.740241108 +0100 -@@ -1516,6 +1516,7 @@ typedef struct tls_group_info_st { +diff -up openssl-1.1.1j/ssl/ssl_local.h.fips openssl-1.1.1j/ssl/ssl_local.h +--- openssl-1.1.1j/ssl/ssl_local.h.fips 2021-03-03 12:57:42.100733706 +0100 ++++ openssl-1.1.1j/ssl/ssl_local.h 2021-03-03 12:57:42.206734583 +0100 +@@ -1515,6 +1515,7 @@ typedef struct tls_group_info_st { # define TLS_CURVE_PRIME 0x0 # define TLS_CURVE_CHAR2 0x1 # define TLS_CURVE_CUSTOM 0x2 @@ -11487,9 +11467,9 @@ diff -up openssl-1.1.1e/ssl/ssl_local.h.fips openssl-1.1.1e/ssl/ssl_local.h typedef struct cert_pkey_st CERT_PKEY; -diff -up openssl-1.1.1e/ssl/t1_lib.c.fips openssl-1.1.1e/ssl/t1_lib.c ---- openssl-1.1.1e/ssl/t1_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/ssl/t1_lib.c 2020-03-17 17:31:10.741241091 +0100 +diff -up openssl-1.1.1j/ssl/t1_lib.c.fips openssl-1.1.1j/ssl/t1_lib.c +--- openssl-1.1.1j/ssl/t1_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/ssl/t1_lib.c 2021-03-03 12:57:42.207734591 +0100 @@ -159,11 +159,11 @@ static const TLS_GROUP_INFO nid_list[] = {NID_secp192k1, 80, TLS_CURVE_PRIME}, /* secp192k1 (18) */ {NID_X9_62_prime192v1, 80, TLS_CURVE_PRIME}, /* secp192r1 (19) */ @@ -11515,9 +11495,9 @@ diff -up openssl-1.1.1e/ssl/t1_lib.c.fips openssl-1.1.1e/ssl/t1_lib.c ctmp[0] = curve >> 8; ctmp[1] = curve & 0xff; return ssl_security(s, op, cinfo->secbits, cinfo->nid, (void *)ctmp); -diff -up openssl-1.1.1e/test/dsatest.c.fips openssl-1.1.1e/test/dsatest.c ---- openssl-1.1.1e/test/dsatest.c.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/test/dsatest.c 2020-03-17 17:31:10.741241091 +0100 +diff -up openssl-1.1.1j/test/dsatest.c.fips openssl-1.1.1j/test/dsatest.c +--- openssl-1.1.1j/test/dsatest.c.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/test/dsatest.c 2021-03-03 12:57:42.207734591 +0100 @@ -24,41 +24,42 @@ #ifndef OPENSSL_NO_DSA static int dsa_cb(int p, int n, BN_GENCB *arg); @@ -11600,9 +11580,9 @@ diff -up openssl-1.1.1e/test/dsatest.c.fips openssl-1.1.1e/test/dsatest.c goto end; if (!TEST_int_eq(h, 2)) goto end; -diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt ---- openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt 2020-03-17 17:31:10.742241073 +0100 +diff -up openssl-1.1.1j/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1.1.1j/test/recipes/30-test_evp_data/evpciph.txt +--- openssl-1.1.1j/test/recipes/30-test_evp_data/evpciph.txt.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/test/recipes/30-test_evp_data/evpciph.txt 2021-03-03 12:57:42.207734591 +0100 @@ -1206,6 +1206,7 @@ Key = 0000000000000000000000000000000000 IV = 00000000000000000000000000000000 Plaintext = 0000000000000000000000000000000000000000000000000000000000000000 @@ -11611,10 +11591,10 @@ diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1 Cipher = aes-128-xts Key = 1111111111111111111111111111111122222222222222222222222222222222 -diff -up openssl-1.1.1e/util/libcrypto.num.fips openssl-1.1.1e/util/libcrypto.num ---- openssl-1.1.1e/util/libcrypto.num.fips 2020-03-17 17:31:10.744241038 +0100 -+++ openssl-1.1.1e/util/libcrypto.num 2020-03-17 17:32:37.851722261 +0100 -@@ -4590,3 +4590,38 @@ X509_ALGOR_copy +diff -up openssl-1.1.1j/util/libcrypto.num.fips openssl-1.1.1j/util/libcrypto.num +--- openssl-1.1.1j/util/libcrypto.num.fips 2021-02-16 16:24:01.000000000 +0100 ++++ openssl-1.1.1j/util/libcrypto.num 2021-03-03 12:57:42.208734600 +0100 +@@ -4591,3 +4591,38 @@ X509_ALGOR_copy X509_REQ_set0_signature 4545 1_1_1h EXIST::FUNCTION: X509_REQ_set1_signature_algo 4546 1_1_1h EXIST::FUNCTION: EC_KEY_decoded_from_explicit_params 4547 1_1_1h EXIST::FUNCTION:EC diff --git a/openssl-1.1.1-verify-cert.patch b/openssl-1.1.1-verify-cert.patch deleted file mode 100644 index d3bafc3..0000000 --- a/openssl-1.1.1-verify-cert.patch +++ /dev/null @@ -1,113 +0,0 @@ -diff -up openssl-1.1.1i/crypto/x509/x509_vfy.c.verify-cert openssl-1.1.1i/crypto/x509/x509_vfy.c ---- openssl-1.1.1i/crypto/x509/x509_vfy.c.verify-cert 2021-01-20 17:24:53.100175663 +0100 -+++ openssl-1.1.1i/crypto/x509/x509_vfy.c 2021-01-20 17:24:53.156176315 +0100 -@@ -323,9 +323,10 @@ static int sk_X509_contains(STACK_OF(X50 - } - - /* -- * Find in given STACK_OF(X509) sk a non-expired issuer cert (if any) of given cert x. -- * The issuer must not be the same as x and must not yet be in ctx->chain, where the -- * exceptional case x is self-issued and ctx->chain has just one element is allowed. -+ * Find in given STACK_OF(X509) sk an issuer cert of given cert x. -+ * The issuer must not yet be in ctx->chain, where the exceptional case -+ * that x is self-issued and ctx->chain has just one element is allowed. -+ * Prefer the first one that is not expired, else take the last expired one. - */ - static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) - { -@@ -338,7 +339,7 @@ static X509 *find_issuer(X509_STORE_CTX - * Below check 'issuer != x' is an optimization and safety precaution: - * Candidate issuer cert cannot be the same as the subject cert 'x'. - */ -- if (issuer != x && ctx->check_issued(ctx, x, issuer) -+ if (ctx->check_issued(ctx, x, issuer) - && (((x->ex_flags & EXFLAG_SI) != 0 && sk_X509_num(ctx->chain) == 1) - || !sk_X509_contains(ctx->chain, issuer))) { - rv = issuer; - -diff -up openssl-1.1.1i/test/recipes/70-test_verify_extra.t.verify-cert openssl-1.1.1i/test/recipes/70-test_verify_extra.t ---- openssl-1.1.1i/test/recipes/70-test_verify_extra.t.verify-cert 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/test/recipes/70-test_verify_extra.t 2021-01-20 17:24:53.156176315 +0100 -@@ -16,4 +16,5 @@ plan tests => 1; - ok(run(test(["verify_extra_test", - srctop_file("test", "certs", "roots.pem"), - srctop_file("test", "certs", "untrusted.pem"), -- srctop_file("test", "certs", "bad.pem")]))); -+ srctop_file("test", "certs", "bad.pem"), -+ srctop_file("test", "certs", "rootCA.pem")]))); -diff -up openssl-1.1.1i/test/verify_extra_test.c.verify-cert openssl-1.1.1i/test/verify_extra_test.c ---- openssl-1.1.1i/test/verify_extra_test.c.verify-cert 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/test/verify_extra_test.c 2021-01-20 17:24:53.156176315 +0100 -@@ -18,6 +18,21 @@ - static const char *roots_f; - static const char *untrusted_f; - static const char *bad_f; -+static const char *good_f; -+ -+static X509 *load_cert_pem(const char *file) -+{ -+ X509 *cert = NULL; -+ BIO *bio = NULL; -+ -+ if (!TEST_ptr(bio = BIO_new(BIO_s_file()))) -+ return NULL; -+ if (TEST_int_gt(BIO_read_filename(bio, file), 0)) -+ (void)TEST_ptr(cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)); -+ -+ BIO_free(bio); -+ return cert; -+} - - static STACK_OF(X509) *load_certs_from_file(const char *filename) - { -@@ -175,16 +190,48 @@ static int test_store_ctx(void) - return testresult; - } - -+static int test_self_signed(const char *filename, int expected) -+{ -+ X509 *cert = load_cert_pem(filename); -+ STACK_OF(X509) *trusted = sk_X509_new_null(); -+ X509_STORE_CTX *ctx = X509_STORE_CTX_new(); -+ int ret; -+ -+ ret = TEST_ptr(cert) -+ && TEST_true(sk_X509_push(trusted, cert)) -+ && TEST_true(X509_STORE_CTX_init(ctx, NULL, cert, NULL)); -+ X509_STORE_CTX_trusted_stack(ctx, trusted); -+ ret = ret && TEST_int_eq(X509_verify_cert(ctx), expected); -+ -+ X509_STORE_CTX_free(ctx); -+ sk_X509_free(trusted); -+ X509_free(cert); -+ return ret; -+} -+ -+static int test_self_signed_good(void) -+{ -+ return test_self_signed(good_f, 1); -+} -+ -+static int test_self_signed_bad(void) -+{ -+ return test_self_signed(bad_f, 0); -+} -+ - int setup_tests(void) - { - if (!TEST_ptr(roots_f = test_get_argument(0)) - || !TEST_ptr(untrusted_f = test_get_argument(1)) -- || !TEST_ptr(bad_f = test_get_argument(2))) { -- TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem\n"); -+ || !TEST_ptr(bad_f = test_get_argument(2)) -+ || !TEST_ptr(good_f = test_get_argument(3))) { -+ TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem good.pem\n"); - return 0; - } - - ADD_TEST(test_alt_chains_cert_forgery); - ADD_TEST(test_store_ctx); -+ ADD_TEST(test_self_signed_good); -+ ADD_TEST(test_self_signed_bad); - return 1; - } diff --git a/openssl-1.1.1-version-override.patch b/openssl-1.1.1-version-override.patch index 727cc26..939bcb3 100644 --- a/openssl-1.1.1-version-override.patch +++ b/openssl-1.1.1-version-override.patch @@ -4,9 +4,9 @@ diff -up openssl-1.1.1i/include/openssl/opensslv.h.version-override openssl-1.1. @@ -40,7 +40,7 @@ extern "C" { * major minor fix final patch/beta) */ - # define OPENSSL_VERSION_NUMBER 0x1010109fL --# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1i 8 Dec 2020" -+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1i FIPS 8 Dec 2020" + # define OPENSSL_VERSION_NUMBER 0x101010afL +-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1j 16 Feb 2021" ++# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1j FIPS 16 Feb 2021" /*- * The macros below are to be used for shared library (.so, .dll, ...) diff --git a/openssl.spec b/openssl.spec index 0a09d29..2a6f725 100644 --- a/openssl.spec +++ b/openssl.spec @@ -21,8 +21,8 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl -Version: 1.1.1i -Release: 3%{?dist} +Version: 1.1.1j +Release: 1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -42,10 +42,6 @@ Patch1: openssl-1.1.1-build.patch Patch2: openssl-1.1.1-defaults.patch Patch3: openssl-1.1.1-no-html.patch Patch4: openssl-1.1.1-man-rename.patch -# Bug fixes -Patch21: openssl-1.1.0-issuer-hash.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=1916594 -Patch71: openssl-1.1.1-verify-cert.patch # Functionality changes Patch31: openssl-1.1.1-conf-paths.patch @@ -158,8 +154,6 @@ cp %{SOURCE13} test/ %patch3 -p1 -b .no-html %{?_rawbuild} %patch4 -p1 -b .man-rename -%patch21 -p1 -b .issuer-hash - %patch31 -p1 -b .conf-paths %patch32 -p1 -b .version-add-engines %patch33 -p1 -b .dgst @@ -189,7 +183,6 @@ cp %{SOURCE13} test/ %patch67 -p1 -b .kdf-selftest %patch69 -p1 -b .alpn-cb %patch70 -p1 -b .rewire-fips-drbg -%patch71 -p1 -b .verify-cert %build @@ -478,6 +471,9 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Tue Feb 23 2021 Sahana Prasad - 1:1.1.1j-1 +- Upgrade to version 1.1.1.j + * Wed Feb 10 2021 Sahana Prasad - 1:1.1.1i-3 - Fix regression in X509_verify_cert() (bz1916594) diff --git a/sources b/sources index 4c1e648..07f21a5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-1.1.1i-hobbled.tar.xz) = e131a05e88690a7be7c3d74cbb26620130498ced2ce3d7fd55979aab5ea736ec8b268ba92268bd5bc347989325a3950a066883007cb20c2dd9739fd1eafc513f +SHA512 (openssl-1.1.1j-hobbled.tar.xz) = ad7387f11043b46873f5cb484a83822a1e11aae3fd09cab699192034be7f6e7a8fcaa1960df8bf96871e6268b63cf7046ebb75c4df72de67bb4b3d2aa94f77e7 From 098f88f0082b782fa8e714eda67921849a7e1afb Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Wed, 31 Mar 2021 15:25:23 +0000 Subject: [PATCH 09/41] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/openssl.git#0f5f931f9a64a3fe3221c75ed799914cfd90b0db --- .gitignore | 1 + openssl-1.1.1-version-override.patch | 6 +++--- openssl.spec | 5 ++++- sources | 2 +- 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index e3a11e6..6209f99 100644 --- a/.gitignore +++ b/.gitignore @@ -51,3 +51,4 @@ openssl-1.0.0a-usa.tar.bz2 /openssl-1.1.1h-hobbled.tar.xz /openssl-1.1.1i-hobbled.tar.xz /openssl-1.1.1j-hobbled.tar.xz +/openssl-1.1.1k-hobbled.tar.xz diff --git a/openssl-1.1.1-version-override.patch b/openssl-1.1.1-version-override.patch index 939bcb3..b89ebc6 100644 --- a/openssl-1.1.1-version-override.patch +++ b/openssl-1.1.1-version-override.patch @@ -4,9 +4,9 @@ diff -up openssl-1.1.1i/include/openssl/opensslv.h.version-override openssl-1.1. @@ -40,7 +40,7 @@ extern "C" { * major minor fix final patch/beta) */ - # define OPENSSL_VERSION_NUMBER 0x101010afL --# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1j 16 Feb 2021" -+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1j FIPS 16 Feb 2021" + # define OPENSSL_VERSION_NUMBER 0x101010bfL +-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1k 25 Mar 2021" ++# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1k FIPS 25 Mar 2021" /*- * The macros below are to be used for shared library (.so, .dll, ...) diff --git a/openssl.spec b/openssl.spec index 2a6f725..03638aa 100644 --- a/openssl.spec +++ b/openssl.spec @@ -21,7 +21,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl -Version: 1.1.1j +Version: 1.1.1k Release: 1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source @@ -471,6 +471,9 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Fri Mar 26 2021 Sahana Prasad - 1:1.1.1k-1 +- Upgrade to version 1.1.1.k + * Tue Feb 23 2021 Sahana Prasad - 1:1.1.1j-1 - Upgrade to version 1.1.1.j diff --git a/sources b/sources index 07f21a5..cc9f962 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-1.1.1j-hobbled.tar.xz) = ad7387f11043b46873f5cb484a83822a1e11aae3fd09cab699192034be7f6e7a8fcaa1960df8bf96871e6268b63cf7046ebb75c4df72de67bb4b3d2aa94f77e7 +SHA512 (openssl-1.1.1k-hobbled.tar.xz) = b5282e40af8f28f7a859dfddeb269f3a4b0f4fb535de330dfd3ad14a123b57fe66e3880c6c9aacf49865175b1f7f6c88cae31451a99d4ac2b2cb1c5135d4ada9 From ec7ef62793add2c53a21210f21660665a467631e Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Fri, 9 Apr 2021 22:24:41 +0200 Subject: [PATCH 10/41] Rebase to OpenSSL version 3.0.0 Note: This is a W.I.P as this is a huge rebase. Resolves: rhbz#1903209 Signed-off-by: Sahana Prasad --- .gitignore | 1 + 0001-Aarch64-and-ppc64le-use-lib64.patch | 33 + ...eneral-default-values-in-openssl.cnf.patch | 31 +- 0003-Do-not-install-html-docs.patch | 26 + ...ault-paths-for-the-CA-directory-tree.patch | 45 +- 0005-apps-ca-fix-md-option-help-text.patch | 28 + ...e-verification-with-totally-unsafe-h.patch | 29 + ...PROFILE-SYSTEM-system-default-cipher.patch | 177 +- 0008-Add-FIPS_mode-compatibility-macro.patch | 90 + 0009-Add-Kernel-FIPS-mode-flag-support.patch | 79 + ...-EVP-extra-test-with-OPENSSL_NO_EC2M.patch | 16 + 0011-Remove-EC-curves.patch | 621 + README.FIPS | 72 - ...nf-new-warning.h => configuration-prefix.h | 2 +- configuration-switch.h | 47 + ec_curve.c | 220 +- ectest.c | 1091 +- fixpatch | 15 - genpatches | 26 + openssl-1.1.1-alpn-cb.patch | 27 - openssl-1.1.1-apps-dgst.patch | 12 - openssl-1.1.1-arm-update.patch | 3706 ----- openssl-1.1.1-build.patch | 40 - openssl-1.1.1-disable-ssl3.patch | 91 - openssl-1.1.1-ec-curves.patch | 266 - openssl-1.1.1-edk2-build.patch | 57 - openssl-1.1.1-evp-kdf.patch | 5238 ------- openssl-1.1.1-fips-crng-test.patch | 408 - openssl-1.1.1-fips-curves.patch | 200 - openssl-1.1.1-fips-dh.patch | 2730 ---- openssl-1.1.1-fips-drbg-selftest.patch | 587 - openssl-1.1.1-fips-post-rand.patch | 189 - openssl-1.1.1-fips.patch | 11635 ---------------- openssl-1.1.1-intel-cet.patch | 500 - openssl-1.1.1-kdf-selftest.patch | 170 - openssl-1.1.1-krb5-kdf.patch | 3030 ---- openssl-1.1.1-man-rename.patch | 19 - openssl-1.1.1-no-brainpool.patch | 112 - openssl-1.1.1-no-html.patch | 12 - openssl-1.1.1-no-weak-verify.patch | 26 - openssl-1.1.1-rewire-fips-drbg.patch | 170 - openssl-1.1.1-s390x-ecc.patch | 2306 --- openssl-1.1.1-s390x-update.patch | 5502 -------- openssl-1.1.1-seclevel.patch | 160 - openssl-1.1.1-ssh-kdf.patch | 5612 -------- openssl-1.1.1-ts-sha256-default.patch | 70 - openssl-1.1.1-version-add-engines.patch | 38 - openssl-1.1.1-version-override.patch | 12 - openssl-1.1.1-weak-ciphers.patch | 57 - openssl.spec | 2001 +-- opensslconf-new.h | 47 - sources | 2 +- tests/simple-rsapss-test/Makefile | 63 - tests/simple-rsapss-test/PURPOSE | 3 - tests/simple-rsapss-test/runtest.sh | 74 - tests/tests.yml | 15 - tests/tests_python.yml | 18 - 57 files changed, 2294 insertions(+), 45560 deletions(-) create mode 100644 0001-Aarch64-and-ppc64le-use-lib64.patch rename openssl-1.1.1-defaults.patch => 0002-Use-more-general-default-values-in-openssl.cnf.patch (66%) create mode 100644 0003-Do-not-install-html-docs.patch rename openssl-1.1.1-conf-paths.patch => 0004-Override-default-paths-for-the-CA-directory-tree.patch (55%) create mode 100644 0005-apps-ca-fix-md-option-help-text.patch create mode 100644 0006-Disable-signature-verification-with-totally-unsafe-h.patch rename openssl-1.1.1-system-cipherlist.patch => 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch (62%) create mode 100644 0008-Add-FIPS_mode-compatibility-macro.patch create mode 100644 0009-Add-Kernel-FIPS-mode-flag-support.patch create mode 100644 0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch create mode 100644 0011-Remove-EC-curves.patch delete mode 100644 README.FIPS rename opensslconf-new-warning.h => configuration-prefix.h (80%) create mode 100644 configuration-switch.h delete mode 100755 fixpatch create mode 100755 genpatches delete mode 100644 openssl-1.1.1-alpn-cb.patch delete mode 100644 openssl-1.1.1-apps-dgst.patch delete mode 100644 openssl-1.1.1-arm-update.patch delete mode 100644 openssl-1.1.1-build.patch delete mode 100644 openssl-1.1.1-disable-ssl3.patch delete mode 100644 openssl-1.1.1-ec-curves.patch delete mode 100644 openssl-1.1.1-edk2-build.patch delete mode 100644 openssl-1.1.1-evp-kdf.patch delete mode 100644 openssl-1.1.1-fips-crng-test.patch delete mode 100644 openssl-1.1.1-fips-curves.patch delete mode 100644 openssl-1.1.1-fips-dh.patch delete mode 100644 openssl-1.1.1-fips-drbg-selftest.patch delete mode 100644 openssl-1.1.1-fips-post-rand.patch delete mode 100644 openssl-1.1.1-fips.patch delete mode 100644 openssl-1.1.1-intel-cet.patch delete mode 100644 openssl-1.1.1-kdf-selftest.patch delete mode 100644 openssl-1.1.1-krb5-kdf.patch delete mode 100644 openssl-1.1.1-man-rename.patch delete mode 100644 openssl-1.1.1-no-brainpool.patch delete mode 100644 openssl-1.1.1-no-html.patch delete mode 100644 openssl-1.1.1-no-weak-verify.patch delete mode 100644 openssl-1.1.1-rewire-fips-drbg.patch delete mode 100644 openssl-1.1.1-s390x-ecc.patch delete mode 100644 openssl-1.1.1-s390x-update.patch delete mode 100644 openssl-1.1.1-seclevel.patch delete mode 100644 openssl-1.1.1-ssh-kdf.patch delete mode 100644 openssl-1.1.1-ts-sha256-default.patch delete mode 100644 openssl-1.1.1-version-add-engines.patch delete mode 100644 openssl-1.1.1-version-override.patch delete mode 100644 openssl-1.1.1-weak-ciphers.patch delete mode 100644 opensslconf-new.h delete mode 100644 tests/simple-rsapss-test/Makefile delete mode 100644 tests/simple-rsapss-test/PURPOSE delete mode 100755 tests/simple-rsapss-test/runtest.sh delete mode 100644 tests/tests.yml delete mode 100644 tests/tests_python.yml diff --git a/.gitignore b/.gitignore index 6209f99..7cdad35 100644 --- a/.gitignore +++ b/.gitignore @@ -52,3 +52,4 @@ openssl-1.0.0a-usa.tar.bz2 /openssl-1.1.1i-hobbled.tar.xz /openssl-1.1.1j-hobbled.tar.xz /openssl-1.1.1k-hobbled.tar.xz +/openssl-3.0.0-hobbled.tar.xz diff --git a/0001-Aarch64-and-ppc64le-use-lib64.patch b/0001-Aarch64-and-ppc64le-use-lib64.patch new file mode 100644 index 0000000..e5d23ba --- /dev/null +++ b/0001-Aarch64-and-ppc64le-use-lib64.patch @@ -0,0 +1,33 @@ +From 603a35802319c0459737e3f067369ceb990fe2e6 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 24 Sep 2020 09:01:41 +0200 +Subject: Aarch64 and ppc64le use lib64 + +(Was openssl-1.1.1-build.patch) +--- + Configurations/10-main.conf | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf +index d7580bf3e1..a7dbfd7f40 100644 +--- a/Configurations/10-main.conf ++++ b/Configurations/10-main.conf +@@ -723,6 +723,7 @@ my %targets = ( + lib_cppflags => add("-DL_ENDIAN"), + asm_arch => 'ppc64', + perlasm_scheme => "linux64le", ++ multilib => "64", + }, + + "linux-armv4" => { +@@ -765,6 +766,7 @@ my %targets = ( + inherit_from => [ "linux-generic64" ], + asm_arch => 'aarch64', + perlasm_scheme => "linux64", ++ multilib => "64", + }, + "linux-arm64ilp32" => { # https://wiki.linaro.org/Platform/arm64-ilp32 + inherit_from => [ "linux-generic32" ], +-- +2.26.2 + diff --git a/openssl-1.1.1-defaults.patch b/0002-Use-more-general-default-values-in-openssl.cnf.patch similarity index 66% rename from openssl-1.1.1-defaults.patch rename to 0002-Use-more-general-default-values-in-openssl.cnf.patch index 291ed88..83ed599 100644 --- a/openssl-1.1.1-defaults.patch +++ b/0002-Use-more-general-default-values-in-openssl.cnf.patch @@ -1,7 +1,21 @@ -diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cnf ---- openssl-1.1.1a/apps/openssl.cnf.defaults 2018-11-20 14:35:37.000000000 +0100 -+++ openssl-1.1.1a/apps/openssl.cnf 2019-01-15 13:56:50.841719776 +0100 -@@ -74,7 +74,7 @@ cert_opt = ca_default # Certificate fi +From 41df9ae215cee9574e17e6f887c96a7c97d588f5 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 24 Sep 2020 09:03:40 +0200 +Subject: Use more general default values in openssl.cnf + +Also set sha256 as default hash, although that should not be +necessary anymore. + +(was openssl-1.1.1-defaults.patch) +--- + apps/openssl.cnf | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/apps/openssl.cnf b/apps/openssl.cnf +index 97567a67be..eb25a0ac48 100644 +--- a/apps/openssl.cnf ++++ b/apps/openssl.cnf +@@ -104,7 +104,7 @@ cert_opt = ca_default # Certificate field options default_days = 365 # how long to certify for default_crl_days= 30 # how long before next CRL @@ -10,7 +24,7 @@ diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cn preserve = no # keep passed DN ordering # A few difference way of specifying how similar the request should look -@@ -106,6 +106,7 @@ emailAddress = optional +@@ -136,6 +136,7 @@ emailAddress = optional #################################################################### [ req ] default_bits = 2048 @@ -18,7 +32,7 @@ diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cn default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes -@@ -128,17 +129,18 @@ string_mask = utf8only +@@ -158,17 +159,18 @@ string_mask = utf8only [ req_distinguished_name ] countryName = Country Name (2 letter code) @@ -40,7 +54,7 @@ diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cn # we can do this but it is not needed normally :-) #1.organizationName = Second Organization Name (eg, company) -@@ -147,7 +149,7 @@ localityName = Locality Name (eg, city +@@ -177,7 +179,7 @@ localityName = Locality Name (eg, city) organizationalUnitName = Organizational Unit Name (eg, section) #organizationalUnitName_default = @@ -49,3 +63,6 @@ diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cn commonName_max = 64 emailAddress = Email Address +-- +2.26.2 + diff --git a/0003-Do-not-install-html-docs.patch b/0003-Do-not-install-html-docs.patch new file mode 100644 index 0000000..66d62e0 --- /dev/null +++ b/0003-Do-not-install-html-docs.patch @@ -0,0 +1,26 @@ +From 3d5755df8d09ca841c0aca2d7344db060f6cc97f Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 24 Sep 2020 09:05:55 +0200 +Subject: Do not install html docs + +(was openssl-1.1.1-no-html.patch) +--- + Configurations/unix-Makefile.tmpl | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl +index 342e46d24d..9f369edf0e 100644 +--- a/Configurations/unix-Makefile.tmpl ++++ b/Configurations/unix-Makefile.tmpl +@@ -554,7 +554,7 @@ install_sw: install_dev install_engines install_modules install_runtime + + uninstall_sw: uninstall_runtime uninstall_modules uninstall_engines uninstall_dev + +-install_docs: install_man_docs install_html_docs ++install_docs: install_man_docs + + uninstall_docs: uninstall_man_docs uninstall_html_docs + $(RM) -r $(DESTDIR)$(DOCDIR) +-- +2.26.2 + diff --git a/openssl-1.1.1-conf-paths.patch b/0004-Override-default-paths-for-the-CA-directory-tree.patch similarity index 55% rename from openssl-1.1.1-conf-paths.patch rename to 0004-Override-default-paths-for-the-CA-directory-tree.patch index 819007b..88832a2 100644 --- a/openssl-1.1.1-conf-paths.patch +++ b/0004-Override-default-paths-for-the-CA-directory-tree.patch @@ -1,19 +1,37 @@ -diff -up openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths openssl-1.1.1-pre8/apps/CA.pl.in ---- openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths 2018-06-20 16:48:09.000000000 +0200 -+++ openssl-1.1.1-pre8/apps/CA.pl.in 2018-07-25 17:26:58.388624296 +0200 -@@ -33,7 +33,7 @@ my $X509 = "$openssl x509"; +From 6790960076742a9053c624e26fbb87fcd5789e27 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 24 Sep 2020 09:17:26 +0200 +Subject: Override default paths for the CA directory tree + +Also add default section to load crypto-policies configuration +for TLS. + +It needs to be reverted before running tests. + +(was openssl-1.1.1-conf-paths.patch) +--- + apps/CA.pl.in | 2 +- + apps/openssl.cnf | 20 ++++++++++++++++++-- + 2 files changed, 19 insertions(+), 3 deletions(-) + +diff --git a/apps/CA.pl.in b/apps/CA.pl.in +index c0afb96716..d6a5fabd16 100644 +--- a/apps/CA.pl.in ++++ b/apps/CA.pl.in +@@ -29,7 +29,7 @@ my $X509 = "$openssl x509"; my $PKCS12 = "$openssl pkcs12"; - # default openssl.cnf file has setup as per the following + # Default values for various configuration settings. -my $CATOP = "./demoCA"; +my $CATOP = "/etc/pki/CA"; my $CAKEY = "cakey.pem"; my $CAREQ = "careq.pem"; my $CACERT = "cacert.pem"; -diff -up openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths openssl-1.1.1-pre8/apps/openssl.cnf ---- openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths 2018-07-25 17:26:58.378624057 +0200 -+++ openssl-1.1.1-pre8/apps/openssl.cnf 2018-07-27 13:20:08.198513471 +0200 -@@ -23,6 +23,22 @@ oid_section = new_oids +diff --git a/apps/openssl.cnf b/apps/openssl.cnf +index eb25a0ac48..2479943fde 100644 +--- a/apps/openssl.cnf ++++ b/apps/openssl.cnf +@@ -31,6 +31,22 @@ oid_section = new_oids # (Alternatively, use a configuration file that has only # X.509v3 extensions in its main [= default] section.) @@ -34,9 +52,9 @@ diff -up openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths openssl-1.1.1-pre8/apps/ +.include = /etc/crypto-policies/back-ends/opensslcnf.config + [ new_oids ] - # We can add new OIDs in here for use by 'ca', 'req' and 'ts'. -@@ -43,7 +59,7 @@ default_ca = CA_default # The default c + # Add a simple OID like this: +@@ -72,7 +88,7 @@ default_ca = CA_default # The default ca section #################################################################### [ CA_default ] @@ -45,7 +63,7 @@ diff -up openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths openssl-1.1.1-pre8/apps/ certs = $dir/certs # Where the issued certs are kept crl_dir = $dir/crl # Where the issued crl are kept database = $dir/index.txt # database index file. -@@ -329,7 +345,7 @@ default_tsa = tsa_config1 # the default +@@ -304,7 +320,7 @@ default_tsa = tsa_config1 # the default TSA section [ tsa_config1 ] # These are used by the TSA reply generation only. @@ -54,3 +72,6 @@ diff -up openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths openssl-1.1.1-pre8/apps/ serial = $dir/tsaserial # The current serial number (mandatory) crypto_device = builtin # OpenSSL engine to use for signing signer_cert = $dir/tsacert.pem # The TSA signing certificate +-- +2.26.2 + diff --git a/0005-apps-ca-fix-md-option-help-text.patch b/0005-apps-ca-fix-md-option-help-text.patch new file mode 100644 index 0000000..1fed4c4 --- /dev/null +++ b/0005-apps-ca-fix-md-option-help-text.patch @@ -0,0 +1,28 @@ +From 3d8fa9859501b07e02b76b5577e2915d5851e927 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 24 Sep 2020 09:27:18 +0200 +Subject: apps/ca: fix md option help text + +upstreamable + +(was openssl-1.1.1-apps-dgst.patch) +--- + apps/ca.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/apps/ca.c b/apps/ca.c +index 0f21b4fa1c..3d4b2c1673 100755 +--- a/apps/ca.c ++++ b/apps/ca.c +@@ -209,7 +209,7 @@ const OPTIONS ca_options[] = { + {"noemailDN", OPT_NOEMAILDN, '-', "Don't add the EMAIL field to the DN"}, + + OPT_SECTION("Signing"), +- {"md", OPT_MD, 's', "Digest to use, such as sha256"}, ++ {"md", OPT_MD, 's', "Digest to use, such as sha256; see openssl help for list"}, + {"keyfile", OPT_KEYFILE, 's', "The CA private key"}, + {"keyform", OPT_KEYFORM, 'f', + "Private key file format (ENGINE, other values ignored)"}, +-- +2.26.2 + diff --git a/0006-Disable-signature-verification-with-totally-unsafe-h.patch b/0006-Disable-signature-verification-with-totally-unsafe-h.patch new file mode 100644 index 0000000..467a8e7 --- /dev/null +++ b/0006-Disable-signature-verification-with-totally-unsafe-h.patch @@ -0,0 +1,29 @@ +From 3f9deff30ae6efbfe979043b00cdf649b39793c0 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 24 Sep 2020 09:51:34 +0200 +Subject: Disable signature verification with totally unsafe hash algorithms + +(was openssl-1.1.1-no-weak-verify.patch) +--- + crypto/asn1/a_verify.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c +index b7eed914b0..af62f0ef08 100644 +--- a/crypto/asn1/a_verify.c ++++ b/crypto/asn1/a_verify.c +@@ -152,6 +152,11 @@ int ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg, + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); + if (ret <= 1) + goto err; ++ } else if ((mdnid == NID_md5 ++ && ossl_safe_getenv("OPENSSL_ENABLE_MD5_VERIFY") == NULL) || ++ mdnid == NID_md4 || mdnid == NID_md2 || mdnid == NID_sha) { ++ ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); ++ goto err; + } else { + const EVP_MD *type = EVP_get_digestbynid(mdnid); + +-- +2.26.2 + diff --git a/openssl-1.1.1-system-cipherlist.patch b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch similarity index 62% rename from openssl-1.1.1-system-cipherlist.patch rename to 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch index a70f20b..6b8117e 100644 --- a/openssl-1.1.1-system-cipherlist.patch +++ b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch @@ -1,7 +1,25 @@ -diff -up openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist openssl-1.1.1c/Configurations/unix-Makefile.tmpl ---- openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist 2019-05-29 15:42:27.951329271 +0200 -+++ openssl-1.1.1c/Configurations/unix-Makefile.tmpl 2019-05-29 15:42:27.974328867 +0200 -@@ -180,6 +180,10 @@ MANDIR=$(INSTALLTOP)/share/man +From 736d709ec194b3a763e004696df22792c62a11fc Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 24 Sep 2020 10:16:46 +0200 +Subject: Add support for PROFILE=SYSTEM system default cipherlist + +(was openssl-1.1.1-system-cipherlist.patch) +--- + Configurations/unix-Makefile.tmpl | 5 ++ + Configure | 10 +++- + doc/man1/openssl-ciphers.pod.in | 9 ++++ + include/openssl/ssl.h.in | 5 ++ + ssl/ssl_ciph.c | 88 +++++++++++++++++++++++++++---- + ssl/ssl_lib.c | 4 +- + test/cipherlist_test.c | 2 + + util/libcrypto.num | 1 + + 8 files changed, 110 insertions(+), 14 deletions(-) + +diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl +index 9f369edf0e..c52389f831 100644 +--- a/Configurations/unix-Makefile.tmpl ++++ b/Configurations/unix-Makefile.tmpl +@@ -269,6 +269,10 @@ MANDIR=$(INSTALLTOP)/share/man DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME) HTMLDIR=$(DOCDIR)/html @@ -12,7 +30,7 @@ diff -up openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist open # MANSUFFIX is for the benefit of anyone who may want to have a suffix # appended after the manpage file section number. "ssl" is popular, # resulting in files such as config.5ssl rather than config.5. -@@ -203,6 +207,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -} +@@ -292,6 +296,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -} CXX={- $config{CXX} ? "\$(CROSS_COMPILE)$config{CXX}" : '' -} CPPFLAGS={- our $cppflags1 = join(" ", (map { "-D".$_} @{$config{CPPDEFINES}}), @@ -20,10 +38,11 @@ diff -up openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist open (map { "-I".$_} @{$config{CPPINCLUDES}}), @{$config{CPPFLAGS}}) -} CFLAGS={- join(' ', @{$config{CFLAGS}}) -} -diff -up openssl-1.1.1c/Configure.system-cipherlist openssl-1.1.1c/Configure ---- openssl-1.1.1c/Configure.system-cipherlist 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/Configure 2019-05-29 15:45:10.465469533 +0200 -@@ -24,7 +24,7 @@ use OpenSSL::Glob; +diff --git a/Configure b/Configure +index dfad3fe7a5..dc6d5d4d73 100755 +--- a/Configure ++++ b/Configure +@@ -27,7 +27,7 @@ use OpenSSL::config; my $orig_death_handler = $SIG{__DIE__}; $SIG{__DIE__} = \&death_handler; @@ -32,7 +51,7 @@ diff -up openssl-1.1.1c/Configure.system-cipherlist openssl-1.1.1c/Configure # Options: # -@@ -41,6 +41,9 @@ my $usage="Usage: Configure [no- +@@ -44,6 +44,9 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lx # This becomes the value of OPENSSLDIR in Makefile and in C. # (Default: PREFIX/ssl) # @@ -41,8 +60,8 @@ diff -up openssl-1.1.1c/Configure.system-cipherlist openssl-1.1.1c/Configure +# # --cross-compile-prefix Add specified prefix to binutils components. # - # --api One of 0.9.8, 1.0.0 or 1.1.0. Do not compile support for -@@ -295,6 +298,7 @@ $config{prefix}=""; + # --api One of 0.9.8, 1.0.0, 1.0.1, 1.0.2, 1.1.0, 1.1.1, or 3.0 +@@ -367,6 +370,7 @@ $config{prefix}=""; $config{openssldir}=""; $config{processor}=""; $config{libdir}=""; @@ -50,9 +69,9 @@ diff -up openssl-1.1.1c/Configure.system-cipherlist openssl-1.1.1c/Configure my $auto_threads=1; # enable threads automatically? true by default my $default_ranlib; -@@ -824,6 +828,10 @@ while (@argvcopy) - push @seed_sources, $x; - } +@@ -957,6 +961,10 @@ while (@argvcopy) + die "FIPS key too long (64 bytes max)\n" + if length $1 > 64; } + elsif (/^--system-ciphers-file=(.*)$/) + { @@ -61,19 +80,11 @@ diff -up openssl-1.1.1c/Configure.system-cipherlist openssl-1.1.1c/Configure elsif (/^--cross-compile-prefix=(.*)$/) { $user{CROSS_COMPILE}=$1; -@@ -1016,6 +1024,8 @@ if ($target eq "HASH") { - exit 0; - } - -+chop $config{system_ciphers_file} if $config{system_ciphers_file} =~ /\/$/; -+ - print "Configuring OpenSSL version $config{version} ($config{version_num}) "; - print "for $target\n"; - -diff -up openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist openssl-1.1.1c/doc/man1/ciphers.pod ---- openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/doc/man1/ciphers.pod 2019-05-29 15:42:27.975328849 +0200 -@@ -182,6 +182,15 @@ As of OpenSSL 1.0.0, the B cipher s +diff --git a/doc/man1/openssl-ciphers.pod.in b/doc/man1/openssl-ciphers.pod.in +index b4ed3e51d5..2122e6bdfd 100644 +--- a/doc/man1/openssl-ciphers.pod.in ++++ b/doc/man1/openssl-ciphers.pod.in +@@ -187,6 +187,15 @@ As of OpenSSL 1.0.0, the B cipher suites are sensibly ordered by default. The cipher suites not enabled by B, currently B. @@ -89,34 +100,27 @@ diff -up openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist openssl-1.1.1c/do =item B "High" encryption cipher suites. This currently means those with key lengths -diff -up openssl-1.1.1c/include/openssl/ssl.h.system-cipherlist openssl-1.1.1c/include/openssl/ssl.h ---- openssl-1.1.1c/include/openssl/ssl.h.system-cipherlist 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/include/openssl/ssl.h 2019-05-29 15:42:27.975328849 +0200 -@@ -186,6 +186,11 @@ extern "C" { +diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in +index f9a61609e4..c6f95fed3f 100644 +--- a/include/openssl/ssl.h.in ++++ b/include/openssl/ssl.h.in +@@ -209,6 +209,11 @@ extern "C" { * throwing out anonymous and unencrypted ciphersuites! (The latter are not * actually enabled by ALL, but "ALL:RSA" would enable some of them.) */ +# ifdef SYSTEM_CIPHERS_FILE +# define SSL_SYSTEM_DEFAULT_CIPHER_LIST "PROFILE=SYSTEM" +# else -+# define SSL_SYSTEM_DEFAULT_CIPHER_LIST SSL_DEFAULT_CIPHER_LIST ++# define SSL_SYSTEM_DEFAULT_CIPHER_LIST OSSL_default_cipher_list() +# endif /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ # define SSL_SENT_SHUTDOWN 1 -diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ciph.c ---- openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/ssl/ssl_ciph.c 2019-05-29 15:42:27.976328831 +0200 -@@ -9,6 +9,8 @@ - * https://www.openssl.org/source/license.html - */ - -+/* for secure_getenv */ -+#define _GNU_SOURCE - #include - #include - #include -@@ -1399,6 +1401,53 @@ int SSL_set_ciphersuites(SSL *s, const c +diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c +index b1d3f7919e..f7cc7fed48 100644 +--- a/ssl/ssl_ciph.c ++++ b/ssl/ssl_ciph.c +@@ -1411,6 +1411,53 @@ int SSL_set_ciphersuites(SSL *s, const char *str) return ret; } @@ -129,7 +133,7 @@ diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ + const char *ciphers_path; + unsigned len, slen; + -+ if ((ciphers_path = secure_getenv("OPENSSL_SYSTEM_CIPHERS_OVERRIDE")) == NULL) ++ if ((ciphers_path = ossl_safe_getenv("OPENSSL_SYSTEM_CIPHERS_OVERRIDE")) == NULL) + ciphers_path = SYSTEM_CIPHERS_FILE; + fp = fopen(ciphers_path, "r"); + if (fp == NULL || fgets(buf, sizeof(buf), fp) == NULL) { @@ -167,19 +171,19 @@ diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ +} +#endif + - STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, + STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, STACK_OF(SSL_CIPHER) *tls13_ciphersuites, STACK_OF(SSL_CIPHER) **cipher_list, -@@ -1412,15 +1461,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ - const char *rule_p; +@@ -1425,15 +1472,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; const SSL_CIPHER **ca_list = NULL; + const SSL_METHOD *ssl_method = ctx->method; +#ifdef SYSTEM_CIPHERS_FILE + char *new_rules = NULL; + + if (rule_str != NULL && strncmp(rule_str, "PROFILE=SYSTEM", 14) == 0) { + char *p = rule_str + 14; -+ ++ + new_rules = load_system_str(p); + rule_str = new_rules; + } @@ -191,23 +195,23 @@ diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL) - return NULL; + goto err; - #ifndef OPENSSL_NO_EC + if (!check_suiteb_cipher_list(ssl_method, c, &rule_str)) - return NULL; + goto err; - #endif /* -@@ -1443,7 +1502,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + * To reduce the work to do we only want to process the compiled +@@ -1456,7 +1513,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers); if (co_list == NULL) { - SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); - return NULL; /* Failure */ + goto err; } ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, -@@ -1509,8 +1568,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ +@@ -1522,8 +1579,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, * in force within each class */ if (!ssl_cipher_strength_sort(&head, &tail)) { @@ -217,18 +221,18 @@ diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ } /* -@@ -1555,9 +1613,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ +@@ -1568,9 +1624,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max); if (ca_list == NULL) { - OPENSSL_free(co_list); - SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); - return NULL; /* Failure */ + goto err; } ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mkey, disabled_auth, disabled_enc, -@@ -1583,8 +1640,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ +@@ -1596,8 +1651,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, OPENSSL_free(ca_list); /* Not needed anymore */ if (!ok) { /* Rule processing failure */ @@ -238,7 +242,7 @@ diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ } /* -@@ -1592,14 +1648,18 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ +@@ -1605,10 +1659,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, * if we cannot get one. */ if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) { @@ -253,13 +257,16 @@ diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ + /* Add TLSv1.3 ciphers first - we always prefer those if possible */ for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) { - if (!sk_SSL_CIPHER_push(cipherstack, - sk_SSL_CIPHER_value(tls13_ciphersuites, i))) { -+ OPENSSL_free(co_list); + const SSL_CIPHER *sslc = sk_SSL_CIPHER_value(tls13_ciphersuites, i); +@@ -1622,6 +1679,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, + + if (!sk_SSL_CIPHER_push(cipherstack, sslc)) { sk_SSL_CIPHER_free(cipherstack); ++ OPENSSL_free(co_list); return NULL; } -@@ -1631,6 +1691,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + } +@@ -1656,6 +1714,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, *cipher_list = cipherstack; return cipherstack; @@ -274,31 +281,33 @@ diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ } char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) -diff -up openssl-1.1.1c/ssl/ssl_lib.c.system-cipherlist openssl-1.1.1c/ssl/ssl_lib.c ---- openssl-1.1.1c/ssl/ssl_lib.c.system-cipherlist 2019-05-29 15:42:27.970328937 +0200 -+++ openssl-1.1.1c/ssl/ssl_lib.c 2019-05-29 15:42:27.977328814 +0200 -@@ -662,7 +662,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx +diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c +index d14d5819ba..48d491219a 100644 +--- a/ssl/ssl_lib.c ++++ b/ssl/ssl_lib.c +@@ -660,7 +660,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth) ctx->tls13_ciphersuites, &(ctx->cipher_list), &(ctx->cipher_list_by_id), -- SSL_DEFAULT_CIPHER_LIST, ctx->cert); +- OSSL_default_cipher_list(), ctx->cert); + SSL_SYSTEM_DEFAULT_CIPHER_LIST, ctx->cert); if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) { - SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); return 0; -@@ -2954,7 +2954,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m - if (!ssl_create_cipher_list(ret->method, +@@ -3193,7 +3193,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, + if (!ssl_create_cipher_list(ret, ret->tls13_ciphersuites, &ret->cipher_list, &ret->cipher_list_by_id, -- SSL_DEFAULT_CIPHER_LIST, ret->cert) +- OSSL_default_cipher_list(), ret->cert) + SSL_SYSTEM_DEFAULT_CIPHER_LIST, ret->cert) || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { - SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS); + ERR_raise(ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS); goto err2; -diff -up openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist openssl-1.1.1c/test/cipherlist_test.c ---- openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist 2019-05-28 15:12:21.000000000 +0200 -+++ openssl-1.1.1c/test/cipherlist_test.c 2019-05-29 15:42:27.977328814 +0200 -@@ -251,7 +251,9 @@ end: +diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c +index 380f0727fc..6922a87c30 100644 +--- a/test/cipherlist_test.c ++++ b/test/cipherlist_test.c +@@ -244,7 +244,9 @@ end: int setup_tests(void) { @@ -308,3 +317,15 @@ diff -up openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist openssl-1.1.1c/ ADD_TEST(test_default_cipherlist_explicit); ADD_TEST(test_default_cipherlist_clear); return 1; +diff --git a/util/libcrypto.num b/util/libcrypto.num +index 404a706fab..e81fa9ec3e 100644 +--- a/util/libcrypto.num ++++ b/util/libcrypto.num +@@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION: + RAND_set_DRBG_type ? 3_0_0 EXIST::FUNCTION: + RAND_set_seed_source_type ? 3_0_0 EXIST::FUNCTION: + BIO_f_readbuffer ? 3_0_0 EXIST::FUNCTION: ++ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: +-- +2.26.2 + diff --git a/0008-Add-FIPS_mode-compatibility-macro.patch b/0008-Add-FIPS_mode-compatibility-macro.patch new file mode 100644 index 0000000..5f953d2 --- /dev/null +++ b/0008-Add-FIPS_mode-compatibility-macro.patch @@ -0,0 +1,90 @@ +From 5b2ec9a54037d7b007324bf53e067e73511cdfe4 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 26 Nov 2020 14:00:16 +0100 +Subject: Add FIPS_mode() compatibility macro + +The macro calls EVP_default_properties_is_fips_enabled() on the +default context. +--- + include/openssl/crypto.h.in | 1 + + include/openssl/fips.h | 25 +++++++++++++++++++++++++ + test/property_test.c | 13 +++++++++++++ + 3 files changed, 39 insertions(+) + create mode 100644 include/openssl/fips.h + +diff --git a/include/openssl/crypto.h.in b/include/openssl/crypto.h.in +index 1036da9a2b..9d4896fcaf 100644 +--- a/include/openssl/crypto.h.in ++++ b/include/openssl/crypto.h.in +@@ -38,6 +38,7 @@ use OpenSSL::stackhash qw(generate_stack_macros); + # include + # include + # include ++# include + + # ifdef CHARSET_EBCDIC + # include +diff --git a/include/openssl/fips.h b/include/openssl/fips.h +new file mode 100644 +index 0000000000..c64f0f8e8f +--- /dev/null ++++ b/include/openssl/fips.h +@@ -0,0 +1,25 @@ ++/* ++ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the Apache License 2.0 (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#ifndef OPENSSL_FIPS_H ++# define OPENSSL_FIPS_H ++# pragma once ++ ++# include ++ ++# ifdef __cplusplus ++extern "C" { ++# endif ++ ++# define FIPS_mode() EVP_default_properties_is_fips_enabled(NULL) ++ ++# ifdef __cplusplus ++} ++# endif ++#endif +diff --git a/test/property_test.c b/test/property_test.c +index ab61d01107..1cedc85f78 100644 +--- a/test/property_test.c ++++ b/test/property_test.c +@@ -412,6 +412,18 @@ err: + return ret; + } + ++static int test_downstream_FIPS_mode(void) ++{ ++ int ret = 0; ++ ++ ret = TEST_true(EVP_set_default_properties(NULL, "fips=yes")) ++ && TEST_true(FIPS_mode()) ++ && TEST_true(EVP_set_default_properties(NULL, "fips=no")) ++ && TEST_false(FIPS_mode()); ++ ++ return ret; ++} ++ + + int setup_tests(void) + { +@@ -424,5 +436,6 @@ int setup_tests(void) + ADD_TEST(test_property); + ADD_TEST(test_query_cache_stochastic); + ADD_TEST(test_fips_mode); ++ ADD_TEST(test_downstream_FIPS_mode); + return 1; + } +-- +2.26.2 + diff --git a/0009-Add-Kernel-FIPS-mode-flag-support.patch b/0009-Add-Kernel-FIPS-mode-flag-support.patch new file mode 100644 index 0000000..c05febf --- /dev/null +++ b/0009-Add-Kernel-FIPS-mode-flag-support.patch @@ -0,0 +1,79 @@ +diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha13/crypto/context.c +--- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100 ++++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100 +@@ -12,11 +12,54 @@ + #include "internal/thread_once.h" + #include "internal/property.h" + ++#ifndef FIPS_MODULE ++# include ++# include ++# include ++# include ++# include ++#endif ++ + struct ossl_lib_ctx_onfree_list_st { + ossl_lib_ctx_onfree_fn *fn; + struct ossl_lib_ctx_onfree_list_st *next; + }; + ++# ifndef FIPS_MODULE ++# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" ++ ++static int kernel_fips_flag; ++ ++static void read_kernel_fips_flag(void) ++{ ++ char buf[2] = "0"; ++ int fd; ++ ++ if (ossl_safe_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) { ++ buf[0] = '1'; ++ } else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) { ++ while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR) ; ++ close(fd); ++ } ++ ++ if (buf[0] == '1') { ++ kernel_fips_flag = 1; ++ } ++ ++ return; ++} ++ ++static int apply_kernel_fips_flag(OSSL_LIB_CTX *ctx) ++{ ++ if (kernel_fips_flag) { ++ return EVP_default_properties_enable_fips(ctx, 1); ++ } ++ ++ return 1; ++} ++# endif ++ ++ + struct ossl_lib_ctx_st { + CRYPTO_RWLOCK *lock; + CRYPTO_EX_DATA data; +@@ -74,6 +117,12 @@ static int context_init(OSSL_LIB_CTX *ct + if (!ossl_property_parse_init(ctx)) + goto err; + ++# ifndef FIPS_MODULE ++ /* Preset the fips=yes default property with kernel FIPS mode */ ++ if (!apply_kernel_fips_flag(ctx)) ++ goto err; ++# endif ++ + return 1; + err: + if (exdata_done) +@@ -121,6 +170,7 @@ static CRYPTO_THREAD_LOCAL default_conte + + DEFINE_RUN_ONCE_STATIC(default_context_do_init) + { ++ read_kernel_fips_flag(); + return CRYPTO_THREAD_init_local(&default_context_thread_local, NULL) + && context_init(&default_context_int); + } diff --git a/0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch b/0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch new file mode 100644 index 0000000..d82d757 --- /dev/null +++ b/0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch @@ -0,0 +1,16 @@ +diff -up openssl-3.0.0-alpha13/test/evp_extra_test.c.diff openssl-3.0.0-alpha13/test/evp_extra_test.c +--- openssl-3.0.0-alpha13/test/evp_extra_test.c.diff 2021-04-01 17:59:42.096566581 +0200 ++++ openssl-3.0.0-alpha13/test/evp_extra_test.c 2021-04-01 18:21:38.433182330 +0200 +@@ -2415,8 +2415,11 @@ err: + + #ifndef OPENSSL_NO_EC + static int ecpub_nids[] = { NID_brainpoolP256r1, NID_X9_62_prime256v1, +- NID_secp384r1, NID_secp521r1, NID_sect233k1, NID_sect233r1, NID_sect283r1, ++ NID_secp384r1, NID_secp521r1, ++#ifndef OPENSSL_NO_EC2M ++ NID_sect233k1, NID_sect233r1, NID_sect283r1, + NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, ++#endif + NID_brainpoolP384r1, NID_brainpoolP512r1}; + + static int test_ecpub(int idx) diff --git a/0011-Remove-EC-curves.patch b/0011-Remove-EC-curves.patch new file mode 100644 index 0000000..ba86314 --- /dev/null +++ b/0011-Remove-EC-curves.patch @@ -0,0 +1,621 @@ +diff -up openssl-3.0.0-alpha13/apps/speed.c.ec-curves openssl-3.0.0-alpha13/apps/speed.c +--- openssl-3.0.0-alpha13/apps/speed.c.ec-curves 2021-04-10 12:12:00.620129302 +0200 ++++ openssl-3.0.0-alpha13/apps/speed.c 2021-04-10 12:18:11.872369417 +0200 +@@ -364,68 +364,23 @@ static double ffdh_results[FFDH_NUM][1]; + #endif /* OPENSSL_NO_DH */ + + enum ec_curves_t { +- R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521, +-#ifndef OPENSSL_NO_EC2M +- R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571, +- R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571, +-#endif +- R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1, +- R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM ++ R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521, ++ ECDSA_NUM + }; + /* list of ecdsa curves */ + static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = { +- {"ecdsap160", R_EC_P160}, +- {"ecdsap192", R_EC_P192}, + {"ecdsap224", R_EC_P224}, + {"ecdsap256", R_EC_P256}, + {"ecdsap384", R_EC_P384}, + {"ecdsap521", R_EC_P521}, +-#ifndef OPENSSL_NO_EC2M +- {"ecdsak163", R_EC_K163}, +- {"ecdsak233", R_EC_K233}, +- {"ecdsak283", R_EC_K283}, +- {"ecdsak409", R_EC_K409}, +- {"ecdsak571", R_EC_K571}, +- {"ecdsab163", R_EC_B163}, +- {"ecdsab233", R_EC_B233}, +- {"ecdsab283", R_EC_B283}, +- {"ecdsab409", R_EC_B409}, +- {"ecdsab571", R_EC_B571}, +-#endif +- {"ecdsabrp256r1", R_EC_BRP256R1}, +- {"ecdsabrp256t1", R_EC_BRP256T1}, +- {"ecdsabrp384r1", R_EC_BRP384R1}, +- {"ecdsabrp384t1", R_EC_BRP384T1}, +- {"ecdsabrp512r1", R_EC_BRP512R1}, +- {"ecdsabrp512t1", R_EC_BRP512T1} + }; + enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM }; + /* list of ecdh curves, extension of |ecdsa_choices| list above */ + static const OPT_PAIR ecdh_choices[EC_NUM] = { +- {"ecdhp160", R_EC_P160}, +- {"ecdhp192", R_EC_P192}, + {"ecdhp224", R_EC_P224}, + {"ecdhp256", R_EC_P256}, + {"ecdhp384", R_EC_P384}, + {"ecdhp521", R_EC_P521}, +-#ifndef OPENSSL_NO_EC2M +- {"ecdhk163", R_EC_K163}, +- {"ecdhk233", R_EC_K233}, +- {"ecdhk283", R_EC_K283}, +- {"ecdhk409", R_EC_K409}, +- {"ecdhk571", R_EC_K571}, +- {"ecdhb163", R_EC_B163}, +- {"ecdhb233", R_EC_B233}, +- {"ecdhb283", R_EC_B283}, +- {"ecdhb409", R_EC_B409}, +- {"ecdhb571", R_EC_B571}, +-#endif +- {"ecdhbrp256r1", R_EC_BRP256R1}, +- {"ecdhbrp256t1", R_EC_BRP256T1}, +- {"ecdhbrp384r1", R_EC_BRP384R1}, +- {"ecdhbrp384t1", R_EC_BRP384T1}, +- {"ecdhbrp512r1", R_EC_BRP512R1}, +- {"ecdhbrp512t1", R_EC_BRP512T1}, + {"ecdhx25519", R_EC_X25519}, + {"ecdhx448", R_EC_X448} + }; +@@ -1449,31 +1404,10 @@ int speed_main(int argc, char **argv) + */ + static const EC_CURVE ec_curves[EC_NUM] = { + /* Prime Curves */ +- {"secp160r1", NID_secp160r1, 160}, +- {"nistp192", NID_X9_62_prime192v1, 192}, + {"nistp224", NID_secp224r1, 224}, + {"nistp256", NID_X9_62_prime256v1, 256}, + {"nistp384", NID_secp384r1, 384}, + {"nistp521", NID_secp521r1, 521}, +-#ifndef OPENSSL_NO_EC2M +- /* Binary Curves */ +- {"nistk163", NID_sect163k1, 163}, +- {"nistk233", NID_sect233k1, 233}, +- {"nistk283", NID_sect283k1, 283}, +- {"nistk409", NID_sect409k1, 409}, +- {"nistk571", NID_sect571k1, 571}, +- {"nistb163", NID_sect163r2, 163}, +- {"nistb233", NID_sect233r1, 233}, +- {"nistb283", NID_sect283r1, 283}, +- {"nistb409", NID_sect409r1, 409}, +- {"nistb571", NID_sect571r1, 571}, +-#endif +- {"brainpoolP256r1", NID_brainpoolP256r1, 256}, +- {"brainpoolP256t1", NID_brainpoolP256t1, 256}, +- {"brainpoolP384r1", NID_brainpoolP384r1, 384}, +- {"brainpoolP384t1", NID_brainpoolP384t1, 384}, +- {"brainpoolP512r1", NID_brainpoolP512r1, 512}, +- {"brainpoolP512t1", NID_brainpoolP512t1, 512}, + /* Other and ECDH only ones */ + {"X25519", NID_X25519, 253}, + {"X448", NID_X448, 448} +diff -up openssl-3.0.0-alpha13/test/ecdsatest.h.ec-curves openssl-3.0.0-alpha13/test/ecdsatest.h +--- openssl-3.0.0-alpha13/test/ecdsatest.h.ec-curves 2021-04-10 12:07:43.158013028 +0200 ++++ openssl-3.0.0-alpha13/test/ecdsatest.h 2021-04-10 12:11:21.601828737 +0200 +@@ -32,23 +32,6 @@ typedef struct { + } ecdsa_cavs_kat_t; + + static const ecdsa_cavs_kat_t ecdsa_cavs_kats[] = { +- /* prime KATs from X9.62 */ +- {NID_X9_62_prime192v1, NID_sha1, +- "616263", /* "abc" */ +- "1a8d598fc15bf0fd89030b5cb1111aeb92ae8baf5ea475fb", +- "0462b12d60690cdcf330babab6e69763b471f994dd702d16a563bf5ec08069705ffff65e" +- "5ca5c0d69716dfcb3474373902", +- "fa6de29746bbeb7f8bb1e761f85f7dfb2983169d82fa2f4e", +- "885052380ff147b734c330c43d39b2c4a89f29b0f749fead", +- "e9ecc78106def82bf1070cf1d4d804c3cb390046951df686"}, +- {NID_X9_62_prime239v1, NID_sha1, +- "616263", /* "abc" */ +- "7ef7c6fabefffdea864206e80b0b08a9331ed93e698561b64ca0f7777f3d", +- "045b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c707fd9f1ed2e" +- "65f09f6ce0893baf5e8e31e6ae82ea8c3592335be906d38dee", +- "656c7196bf87dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", +- "2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0", +- "2eeae988104e9c2234a3c2beb1f53bfa5dc11ff36a875d1e3ccb1f7e45cf"}, + /* prime KATs from NIST CAVP */ + {NID_secp224r1, NID_sha224, + "699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1" +diff -up openssl-3.0.0-alpha13/test/recipes/15-test_genec.t.ec-curves openssl-3.0.0-alpha13/test/recipes/15-test_genec.t +--- openssl-3.0.0-alpha13/test/recipes/15-test_genec.t.ec-curves 2021-04-10 11:59:37.453332668 +0200 ++++ openssl-3.0.0-alpha13/test/recipes/15-test_genec.t 2021-04-10 12:03:43.363538976 +0200 +@@ -41,45 +41,11 @@ plan skip_all => "This test is unsupport + if disabled("ec"); + + my @prime_curves = qw( +- secp112r1 +- secp112r2 +- secp128r1 +- secp128r2 +- secp160k1 +- secp160r1 +- secp160r2 +- secp192k1 +- secp224k1 + secp224r1 + secp256k1 + secp384r1 + secp521r1 +- prime192v1 +- prime192v2 +- prime192v3 +- prime239v1 +- prime239v2 +- prime239v3 + prime256v1 +- wap-wsg-idm-ecid-wtls6 +- wap-wsg-idm-ecid-wtls7 +- wap-wsg-idm-ecid-wtls8 +- wap-wsg-idm-ecid-wtls9 +- wap-wsg-idm-ecid-wtls12 +- brainpoolP160r1 +- brainpoolP160t1 +- brainpoolP192r1 +- brainpoolP192t1 +- brainpoolP224r1 +- brainpoolP224t1 +- brainpoolP256r1 +- brainpoolP256t1 +- brainpoolP320r1 +- brainpoolP320t1 +- brainpoolP384r1 +- brainpoolP384t1 +- brainpoolP512r1 +- brainpoolP512t1 + ); + + my @binary_curves = qw( +@@ -136,7 +102,6 @@ push(@other_curves, 'SM2') + if !disabled("sm2"); + + my @curve_aliases = qw( +- P-192 + P-224 + P-256 + P-384 +diff -up openssl-3.0.0-alpha13/test/recipes/06-test_algorithmid.t.ec-curves openssl-3.0.0-alpha13/test/recipes/06-test_algorithmid.t +--- openssl-3.0.0-alpha13/test/recipes/06-test_algorithmid.t.ec-curves 2021-04-10 12:40:59.871858764 +0200 ++++ openssl-3.0.0-alpha13/test/recipes/06-test_algorithmid.t 2021-04-10 12:41:41.140455070 +0200 +@@ -33,7 +33,7 @@ my %certs_info = + 'ee-cert-ec-named-explicit' => 'ca-cert-ec-explicit', + 'ee-cert-ec-named-named' => 'ca-cert-ec-named', + # 'server-ed448-cert' => 'root-ed448-cert' +- 'server-ecdsa-brainpoolP256r1-cert' => 'rootcert', ++ # 'server-ecdsa-brainpoolP256r1-cert' => 'rootcert', + ) + ) + ); +diff -up openssl-3.0.0-alpha13/test/recipes/15-test_ec.t.ec-curves openssl-3.0.0-alpha13/test/recipes/15-test_ec.t +diff -up openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t +diff -up openssl-3.0.0-alpha13/test/recipes/30-test_acvp.t.ec-curves openssl-3.0.0-alpha13/test/recipes/30-test_acvp.t +diff -up openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.ec-curves openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf +--- openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.ec-curves 2021-04-10 13:21:52.123040226 +0200 ++++ openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf 2021-04-10 13:28:20.856023985 +0200 +@@ -776,14 +776,12 @@ server = 22-ECDSA with brainpool-server + client = 22-ECDSA with brainpool-client + + [22-ECDSA with brainpool-server] +-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem ++Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem + CipherString = DEFAULT +-Groups = brainpoolP256r1 +-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem ++PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem + + [22-ECDSA with brainpool-client] + CipherString = aECDSA +-Groups = brainpoolP256r1 + MaxProtocol = TLSv1.2 + RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +@@ -791,9 +789,6 @@ VerifyMode = Peer + + [test-22] + ExpectedResult = Success +-ExpectedServerCANames = empty +-ExpectedServerCertType = brainpoolP256r1 +-ExpectedServerSignType = EC + + + # =========================================================== +@@ -1741,9 +1736,9 @@ server = 53-TLS 1.3 ECDSA with brainpool + client = 53-TLS 1.3 ECDSA with brainpool-client + + [53-TLS 1.3 ECDSA with brainpool-server] +-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem ++Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem + CipherString = DEFAULT +-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem ++PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem + + [53-TLS 1.3 ECDSA with brainpool-client] + CipherString = DEFAULT +@@ -1754,7 +1749,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro + VerifyMode = Peer + + [test-53] +-ExpectedResult = ServerFail ++ExpectedResult = Success + + + # =========================================================== +diff -up openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in.ec-curves openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in +--- openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in.ec-curves 2021-04-10 13:22:06.275221662 +0200 ++++ openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in 2021-04-10 13:35:18.774623319 +0200 +@@ -428,21 +428,21 @@ my @tests_non_fips = ( + { + name => "ECDSA with brainpool", + server => { +- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), +- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), +- "Groups" => "brainpoolP256r1", ++ "Certificate" => test_pem("server-ecdsa-cert.pem"), ++ "PrivateKey" => test_pem("server-ecdsa-key.pem"), ++ #"Groups" => "brainpoolP256r1", + }, + client => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "aECDSA", + "RequestCAFile" => test_pem("root-cert.pem"), +- "Groups" => "brainpoolP256r1", ++ #"Groups" => "brainpoolP256r1", + }, + test => { +- "ExpectedServerCertType" =>, "brainpoolP256r1", +- "ExpectedServerSignType" =>, "EC", ++ #"ExpectedServerCertType" =>, "brainpoolP256r1", ++ #"ExpectedServerSignType" =>, "EC", + # Note: certificate_authorities not sent for TLS < 1.3 +- "ExpectedServerCANames" =>, "empty", ++ #"ExpectedServerCANames" =>, "empty", + "ExpectedResult" => "Success" + }, + }, +@@ -915,8 +915,8 @@ my @tests_tls_1_3_non_fips = ( + { + name => "TLS 1.3 ECDSA with brainpool", + server => { +- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), +- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), ++ "Certificate" => test_pem("server-ecdsa-cert.pem"), ++ "PrivateKey" => test_pem("server-ecdsa-key.pem"), + }, + client => { + "RequestCAFile" => test_pem("root-cert.pem"), +@@ -924,7 +924,7 @@ my @tests_tls_1_3_non_fips = ( + "MaxProtocol" => "TLSv1.3" + }, + test => { +- "ExpectedResult" => "ServerFail" ++ "ExpectedResult" => "Success" + }, + }, + ); +diff -up openssl-3.0.0-alpha13/test/evp_extra_test.c.ec-curves openssl-3.0.0-alpha13/test/evp_extra_test.c +--- openssl-3.0.0-alpha13/test/evp_extra_test.c.ec-curves 2021-04-10 13:49:53.381742691 +0200 ++++ openssl-3.0.0-alpha13/test/evp_extra_test.c 2021-04-10 13:56:11.742776705 +0200 +@@ -2414,13 +2414,13 @@ err: + } + + #ifndef OPENSSL_NO_EC +-static int ecpub_nids[] = { NID_brainpoolP256r1, NID_X9_62_prime256v1, ++static int ecpub_nids[] = {NID_X9_62_prime256v1, + NID_secp384r1, NID_secp521r1, + #ifndef OPENSSL_NO_EC2M + NID_sect233k1, NID_sect233r1, NID_sect283r1, + NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, + #endif +- NID_brainpoolP384r1, NID_brainpoolP512r1}; ++ }; + + static int test_ecpub(int idx) + { +diff -up openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t +--- openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves 2021-04-10 14:00:22.482782216 +0200 ++++ openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t 2021-04-10 14:08:50.769727651 +0200 +@@ -158,60 +158,6 @@ sub tsignverify { + $testtext); + } + +-SKIP : { +- skip "FIPS EC tests because of no ec in this build", 1 +- if disabled("ec"); +- +- subtest EC => sub { +- my $testtext_prefix = 'EC'; +- my $a_fips_curve = 'prime256v1'; +- my $fips_key = $testtext_prefix.'.fips.priv.pem'; +- my $fips_pub_key = $testtext_prefix.'.fips.pub.pem'; +- my $a_nonfips_curve = 'brainpoolP256r1'; +- my $nonfips_key = $testtext_prefix.'.nonfips.priv.pem'; +- my $nonfips_pub_key = $testtext_prefix.'.nonfips.pub.pem'; +- my $testtext = ''; +- my $curvename = ''; +- +- plan tests => 5 + $tsignverify_count; +- +- $ENV{OPENSSL_CONF} = $defaultconf; +- $curvename = $a_nonfips_curve; +- $testtext = $testtext_prefix.': '. +- 'Generate a key with a non-FIPS algorithm with the default provider'; +- ok(run(app(['openssl', 'genpkey', '-algorithm', 'EC', +- '-pkeyopt', 'ec_paramgen_curve:'.$curvename, +- '-out', $nonfips_key])), +- $testtext); +- +- pubfrompriv($testtext_prefix, $nonfips_key, $nonfips_pub_key, "non-FIPS"); +- +- $ENV{OPENSSL_CONF} = $fipsconf; +- +- $curvename = $a_fips_curve; +- $testtext = $testtext_prefix.': '. +- 'Generate a key with a FIPS algorithm'; +- ok(run(app(['openssl', 'genpkey', '-algorithm', 'EC', +- '-pkeyopt', 'ec_paramgen_curve:'.$curvename, +- '-out', $fips_key])), +- $testtext); +- +- pubfrompriv($testtext_prefix, $fips_key, $fips_pub_key, "FIPS"); +- +- $curvename = $a_nonfips_curve; +- $testtext = $testtext_prefix.': '. +- 'Generate a key with a non-FIPS algorithm'. +- ' (should fail)'; +- ok(!run(app(['openssl', 'genpkey', '-algorithm', 'EC', +- '-pkeyopt', 'ec_paramgen_curve:'.$curvename, +- '-out', $testtext_prefix.'.'.$curvename.'.priv.pem'])), +- $testtext); +- +- tsignverify($testtext_prefix, $fips_key, $fips_pub_key, $nonfips_key, +- $nonfips_pub_key); +- }; +-} +- + SKIP: { + skip "FIPS RSA tests because of no rsa in this build", 1 + if disabled("rsa"); +diff -up openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t +--- openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves 2021-04-10 14:23:09.805468483 +0200 ++++ openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t 2021-04-10 14:23:33.002784265 +0200 +@@ -26,7 +26,7 @@ use platform; + my $no_check = disabled("fips") || disabled('fips-securitychecks'); + plan skip_all => "Test only supported in a fips build with security checks" + if $no_check; +-plan tests => 11; ++plan tests => 10; + + my $fipsmodule = bldtop_file('providers', platform->dso('fips')); + my $fipsconf = srctop_file("test", "fips-and-base.cnf"); +diff -up openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.ec-curves openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf +--- openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.ec-curves 2021-04-10 17:52:46.478721611 +0200 ++++ openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf 2021-04-10 17:54:11.371688446 +0200 +@@ -1710,20 +1710,18 @@ server = 52-TLS 1.3 ECDSA with brainpool + client = 52-TLS 1.3 ECDSA with brainpool but no suitable groups-client + + [52-TLS 1.3 ECDSA with brainpool but no suitable groups-server] +-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem ++Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem + CipherString = DEFAULT +-Groups = brainpoolP256r1 +-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem ++PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem + + [52-TLS 1.3 ECDSA with brainpool but no suitable groups-client] + CipherString = aECDSA +-Groups = brainpoolP256r1 + RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem + VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem + VerifyMode = Peer + + [test-52] +-ExpectedResult = ClientFail ++ExpectedResult = Success + + + # =========================================================== +diff -up openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in.ec-curves openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in +--- openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in.ec-curves 2021-04-10 17:53:03.317913390 +0200 ++++ openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in 2021-04-10 17:55:22.507498606 +0200 +@@ -896,20 +896,20 @@ my @tests_tls_1_3_non_fips = ( + { + name => "TLS 1.3 ECDSA with brainpool but no suitable groups", + server => { +- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), +- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), +- "Groups" => "brainpoolP256r1", ++ "Certificate" => test_pem("server-ecdsa-cert.pem"), ++ "PrivateKey" => test_pem("server-ecdsa-key.pem"), ++ #"Groups" => "brainpoolP256r1", + }, + client => { + "CipherString" => "aECDSA", + "RequestCAFile" => test_pem("root-cert.pem"), +- "Groups" => "brainpoolP256r1", ++ #"Groups" => "brainpoolP256r1", + }, + test => { + #We only configured brainpoolP256r1 on the client side, but TLSv1.3 + #is enabled and this group is not allowed in TLSv1.3. Therefore this + #should fail +- "ExpectedResult" => "ClientFail" ++ "ExpectedResult" => "Success" + }, + }, + { +diff -up openssl-3.0.0-alpha13/crypto/evp/ec_support.c.ec-curves openssl-3.0.0-alpha13/crypto/evp/ec_support.c +--- openssl-3.0.0-alpha13/crypto/evp/ec_support.c.ec-curves 2021-04-11 11:13:14.236891844 +0200 ++++ openssl-3.0.0-alpha13/crypto/evp/ec_support.c 2021-04-11 11:12:05.128098714 +0200 +@@ -20,99 +20,13 @@ typedef struct ec_name2nid_st { + static const EC_NAME2NID curve_list[] = { + /* prime field curves */ + /* secg curves */ +- {"secp112r1", NID_secp112r1 }, +- {"secp112r2", NID_secp112r2 }, +- {"secp128r1", NID_secp128r1 }, +- {"secp128r2", NID_secp128r2 }, +- {"secp160k1", NID_secp160k1 }, +- {"secp160r1", NID_secp160r1 }, +- {"secp160r2", NID_secp160r2 }, +- {"secp192k1", NID_secp192k1 }, + {"secp224k1", NID_secp224k1 }, + {"secp224r1", NID_secp224r1 }, + {"secp256k1", NID_secp256k1 }, + {"secp384r1", NID_secp384r1 }, + {"secp521r1", NID_secp521r1 }, + /* X9.62 curves */ +- {"prime192v1", NID_X9_62_prime192v1 }, +- {"prime192v2", NID_X9_62_prime192v2 }, +- {"prime192v3", NID_X9_62_prime192v3 }, +- {"prime239v1", NID_X9_62_prime239v1 }, +- {"prime239v2", NID_X9_62_prime239v2 }, +- {"prime239v3", NID_X9_62_prime239v3 }, + {"prime256v1", NID_X9_62_prime256v1 }, +- /* characteristic two field curves */ +- /* NIST/SECG curves */ +- {"sect113r1", NID_sect113r1 }, +- {"sect113r2", NID_sect113r2 }, +- {"sect131r1", NID_sect131r1 }, +- {"sect131r2", NID_sect131r2 }, +- {"sect163k1", NID_sect163k1 }, +- {"sect163r1", NID_sect163r1 }, +- {"sect163r2", NID_sect163r2 }, +- {"sect193r1", NID_sect193r1 }, +- {"sect193r2", NID_sect193r2 }, +- {"sect233k1", NID_sect233k1 }, +- {"sect233r1", NID_sect233r1 }, +- {"sect239k1", NID_sect239k1 }, +- {"sect283k1", NID_sect283k1 }, +- {"sect283r1", NID_sect283r1 }, +- {"sect409k1", NID_sect409k1 }, +- {"sect409r1", NID_sect409r1 }, +- {"sect571k1", NID_sect571k1 }, +- {"sect571r1", NID_sect571r1 }, +- /* X9.62 curves */ +- {"c2pnb163v1", NID_X9_62_c2pnb163v1 }, +- {"c2pnb163v2", NID_X9_62_c2pnb163v2 }, +- {"c2pnb163v3", NID_X9_62_c2pnb163v3 }, +- {"c2pnb176v1", NID_X9_62_c2pnb176v1 }, +- {"c2tnb191v1", NID_X9_62_c2tnb191v1 }, +- {"c2tnb191v2", NID_X9_62_c2tnb191v2 }, +- {"c2tnb191v3", NID_X9_62_c2tnb191v3 }, +- {"c2pnb208w1", NID_X9_62_c2pnb208w1 }, +- {"c2tnb239v1", NID_X9_62_c2tnb239v1 }, +- {"c2tnb239v2", NID_X9_62_c2tnb239v2 }, +- {"c2tnb239v3", NID_X9_62_c2tnb239v3 }, +- {"c2pnb272w1", NID_X9_62_c2pnb272w1 }, +- {"c2pnb304w1", NID_X9_62_c2pnb304w1 }, +- {"c2tnb359v1", NID_X9_62_c2tnb359v1 }, +- {"c2pnb368w1", NID_X9_62_c2pnb368w1 }, +- {"c2tnb431r1", NID_X9_62_c2tnb431r1 }, +- /* +- * the WAP/WTLS curves [unlike SECG, spec has its own OIDs for curves +- * from X9.62] +- */ +- {"wap-wsg-idm-ecid-wtls1", NID_wap_wsg_idm_ecid_wtls1 }, +- {"wap-wsg-idm-ecid-wtls3", NID_wap_wsg_idm_ecid_wtls3 }, +- {"wap-wsg-idm-ecid-wtls4", NID_wap_wsg_idm_ecid_wtls4 }, +- {"wap-wsg-idm-ecid-wtls5", NID_wap_wsg_idm_ecid_wtls5 }, +- {"wap-wsg-idm-ecid-wtls6", NID_wap_wsg_idm_ecid_wtls6 }, +- {"wap-wsg-idm-ecid-wtls7", NID_wap_wsg_idm_ecid_wtls7 }, +- {"wap-wsg-idm-ecid-wtls8", NID_wap_wsg_idm_ecid_wtls8 }, +- {"wap-wsg-idm-ecid-wtls9", NID_wap_wsg_idm_ecid_wtls9 }, +- {"wap-wsg-idm-ecid-wtls10", NID_wap_wsg_idm_ecid_wtls10 }, +- {"wap-wsg-idm-ecid-wtls11", NID_wap_wsg_idm_ecid_wtls11 }, +- {"wap-wsg-idm-ecid-wtls12", NID_wap_wsg_idm_ecid_wtls12 }, +- /* IPSec curves */ +- {"Oakley-EC2N-3", NID_ipsec3 }, +- {"Oakley-EC2N-4", NID_ipsec4 }, +- /* brainpool curves */ +- {"brainpoolP160r1", NID_brainpoolP160r1 }, +- {"brainpoolP160t1", NID_brainpoolP160t1 }, +- {"brainpoolP192r1", NID_brainpoolP192r1 }, +- {"brainpoolP192t1", NID_brainpoolP192t1 }, +- {"brainpoolP224r1", NID_brainpoolP224r1 }, +- {"brainpoolP224t1", NID_brainpoolP224t1 }, +- {"brainpoolP256r1", NID_brainpoolP256r1 }, +- {"brainpoolP256t1", NID_brainpoolP256t1 }, +- {"brainpoolP320r1", NID_brainpoolP320r1 }, +- {"brainpoolP320t1", NID_brainpoolP320t1 }, +- {"brainpoolP384r1", NID_brainpoolP384r1 }, +- {"brainpoolP384t1", NID_brainpoolP384t1 }, +- {"brainpoolP512r1", NID_brainpoolP512r1 }, +- {"brainpoolP512t1", NID_brainpoolP512t1 }, +- /* SM2 curve */ +- {"SM2", NID_sm2 }, + }; + + const char *ossl_ec_curve_nid2name(int nid) +diff -up openssl-3.0.0-alpha13/test/acvp_test.inc.ec-curves openssl-3.0.0-alpha13/test/acvp_test.inc +--- openssl-3.0.0-alpha13/test/acvp_test.inc.ec-curves 2021-04-11 13:46:57.286828933 +0200 ++++ openssl-3.0.0-alpha13/test/acvp_test.inc 2021-04-11 13:48:01.356704526 +0200 +@@ -212,15 +212,6 @@ static const unsigned char ecdsa_sigver_ + }; + static const struct ecdsa_sigver_st ecdsa_sigver_data[] = { + { +- "SHA-1", +- "P-192", +- ITM(ecdsa_sigver_msg0), +- ITM(ecdsa_sigver_pub0), +- ITM(ecdsa_sigver_r0), +- ITM(ecdsa_sigver_s0), +- PASS, +- }, +- { + "SHA2-512", + "P-521", + ITM(ecdsa_sigver_msg1), +diff -up openssl-3.0.0-alpha13/test/recipes/65-test_cmp_protect.t.ec-curves openssl-3.0.0-alpha13/test/recipes/65-test_cmp_protect.t +--- openssl-3.0.0-alpha13/test/recipes/65-test_cmp_protect.t.ec-curves 2021-04-11 21:45:04.949948725 +0200 ++++ openssl-3.0.0-alpha13/test/recipes/65-test_cmp_protect.t 2021-04-11 21:44:09.585283604 +0200 +@@ -7,7 +7,6 @@ + # this file except in compliance with the License. You can obtain a copy + # in the file LICENSE in the source distribution or at + # https://www.openssl.org/source/license.html +- + use strict; + use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/; + use OpenSSL::Test::Utils; +@@ -27,7 +26,7 @@ plan skip_all => "This test is not suppo + plan skip_all => "This test is not supported in a shared library build on Windows" + if $^O eq 'MSWin32' && !disabled("shared"); + +-plan tests => 2 + ($no_fips ? 0 : 1); #fips test ++plan skip_all => 2 + ($no_fips ? 0 : 1); #fips test + + my @basic_cmd = ("cmp_protect_test", + data_file("server.pem"), +diff -up openssl-3.0.0-alpha13/test/recipes/65-test_cmp_vfy.t.ec-curves openssl-3.0.0-alpha13/test/recipes/65-test_cmp_vfy.t +--- openssl-3.0.0-alpha13/test/recipes/65-test_cmp_vfy.t.ec-curves 2021-04-11 21:45:25.414194574 +0200 ++++ openssl-3.0.0-alpha13/test/recipes/65-test_cmp_vfy.t 2021-04-11 21:44:40.786658440 +0200 +@@ -7,7 +7,6 @@ + # this file except in compliance with the License. You can obtain a copy + # in the file LICENSE in the source distribution or at + # https://www.openssl.org/source/license.html +- + use strict; + use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/; + use OpenSSL::Test::Utils; +@@ -27,7 +26,7 @@ plan skip_all => "This test is not suppo + plan skip_all => "This test is not supported in a no-ec build" + if disabled("ec"); + +-plan tests => 2 + ($no_fips ? 0 : 1); #fips test ++plan skip_all => 2 + ($no_fips ? 0 : 1); #fips test + + my @basic_cmd = ("cmp_vfy_test", + data_file("server.crt"), data_file("client.crt"), diff --git a/README.FIPS b/README.FIPS deleted file mode 100644 index a36c547..0000000 --- a/README.FIPS +++ /dev/null @@ -1,72 +0,0 @@ -User guide for the FIPS Red Hat Enterprise Linux - OpenSSL Module -================================================================= - -This package contains libraries which comprise the FIPS 140-2 -Red Hat Enterprise Linux - OPENSSL Module. - -The module files -================ -/usr/lib[64]/libcrypto.so.1.1.0 -/usr/lib[64]/libssl.so.1.1.0 -/usr/lib[64]/.libcrypto.so.1.1.0.hmac -/usr/lib[64]/.libssl.so.1.1.0.hmac - -Dependencies -============ - -The approved mode of operation requires kernel with /dev/urandom RNG running -with properties as defined in the security policy of the module. This is -provided by kernel packages with validated Red Hat Enterprise Linux Kernel -Crytographic Module. - -Installation -============ - -The RPM package of the module can be installed by standard tools recommended -for installation of RPM packages on the Red Hat Enterprise Linux system (yum, -rpm, RHN remote management tool). - -The RPM package dracut-fips must be installed for the approved mode of -operation. - -Usage and API -============= - -The module respects kernel command line FIPS setting. If the kernel command -line contains option fips=1 the module will initialize in the FIPS approved -mode of operation automatically. To allow for the automatic initialization the -application using the module has to call one of the following API calls: - -- void OPENSSL_init_library(void) - this will do only a basic initialization -of the library and does initialization of the FIPS approved mode without setting -up EVP API with supported algorithms. - -- void OPENSSL_add_all_algorithms(void) - this API function calls -OPENSSL_init() implicitly and also adds all approved algorithms to the EVP API -in the approved mode - -- void SSL_library_init(void) - it calls OPENSSL_init() implicitly and also -adds algorithms which are necessary for TLS protocol support and initializes -the SSL library. - -To explicitely put the library to the approved mode the application can call -the following function: - -- int FIPS_mode_set(int on) - if called with 1 as a parameter it will switch -the library from the non-approved to the approved mode. If any of the selftests -and integrity verification tests fail, the library is put into the error state -and 0 is returned. If they succeed the return value is 1. - -To query the module whether it is in the approved mode or not: - -- int FIPS_mode(void) - returns 1 if the module is in the approved mode, -0 otherwise. - -To query whether the module is in the error state: - -- int FIPS_selftest_failed(void) - returns 1 if the module is in the error -state, 0 otherwise. - -To zeroize the FIPS RNG key and internal state the application calls: - -- void RAND_cleanup(void) diff --git a/opensslconf-new-warning.h b/configuration-prefix.h similarity index 80% rename from opensslconf-new-warning.h rename to configuration-prefix.h index de091c8..13b6e23 100644 --- a/opensslconf-new-warning.h +++ b/configuration-prefix.h @@ -1,7 +1,7 @@ /* Prepended at openssl package build-time. Don't include this file directly, * use instead. */ -#ifndef openssl_opensslconf_multilib_redirection_h +#ifndef openssl_conf_multilib_redirection_h #error "Don't include this file directly, use instead!" #endif diff --git a/configuration-switch.h b/configuration-switch.h new file mode 100644 index 0000000..1c4d238 --- /dev/null +++ b/configuration-switch.h @@ -0,0 +1,47 @@ +/* This file is here to prevent a file conflict on multiarch systems. A + * conflict will frequently occur because arch-specific build-time + * configuration options are stored (and used, so they can't just be stripped + * out) in configuration.h. The original configuration.h has been renamed. + * DO NOT INCLUDE THE NEW FILE DIRECTLY -- ALWAYS INCLUDE THIS ONE INSTEAD. */ + +#ifdef openssl_conf_multilib_redirection_h +#error "Do not define openssl_conf_multilib_redirection_h!" +#endif +#define openssl_conf_multilib_redirection_h + +#if defined(__i386__) +#include "configuration-i386.h" +#elif defined(__ia64__) +#include "configuration-ia64.h" +#elif defined(__mips64) && defined(__MIPSEL__) +#include "configuration-mips64el.h" +#elif defined(__mips64) +#include "configuration-mips64.h" +#elif defined(__mips) && defined(__MIPSEL__) +#include "configuration-mipsel.h" +#elif defined(__mips) +#include "configuration-mips.h" +#elif defined(__powerpc64__) +#include +#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ +#include "configuration-ppc64.h" +#else +#include "configuration-ppc64le.h" +#endif +#elif defined(__powerpc__) +#include "configuration-ppc.h" +#elif defined(__s390x__) +#include "configuration-s390x.h" +#elif defined(__s390__) +#include "configuration-s390.h" +#elif defined(__sparc__) && defined(__arch64__) +#include "configuration-sparc64.h" +#elif defined(__sparc__) +#include "configuration-sparc.h" +#elif defined(__x86_64__) +#include "configuration-x86_64.h" +#else +#error "The openssl-devel package does not work your architecture?" +#endif + +#undef openssl_conf_multilib_redirection_h diff --git a/ec_curve.c b/ec_curve.c index 9171ed4..64ac40b 100644 --- a/ec_curve.c +++ b/ec_curve.c @@ -1,17 +1,24 @@ /* - * Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * - * Licensed under the OpenSSL license (the "License"). You may not use + * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +/* + * ECDSA low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include #include "ec_local.h" #include #include +#include #include #include "internal/nelem.h" @@ -242,43 +249,115 @@ typedef struct _ec_list_element_st { const char *comment; } ec_list_element; +#ifdef FIPS_MODULE static const ec_list_element curve_list[] = { /* prime field curves */ /* secg curves */ -#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 - {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, + {NID_secp224r1, &_EC_NIST_PRIME_224.h, +# if !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) + EC_GFp_nistp224_method, +# else + 0, +# endif "NIST/SECG curve over a 224 bit prime field"}, + /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ + {NID_secp384r1, &_EC_NIST_PRIME_384.h, +# if defined(S390X_EC_ASM) + EC_GFp_s390x_nistp384_method, +# else + 0, +# endif + "NIST/SECG curve over a 384 bit prime field"}, + + {NID_secp521r1, &_EC_NIST_PRIME_521.h, +# if defined(S390X_EC_ASM) + EC_GFp_s390x_nistp521_method, +# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) + EC_GFp_nistp521_method, +# else + 0, +# endif + "NIST/SECG curve over a 521 bit prime field"}, + + /* X9.62 curves */ + {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, +# if defined(ECP_NISTZ256_ASM) + EC_GFp_nistz256_method, +# elif defined(S390X_EC_ASM) + EC_GFp_s390x_nistp256_method, +# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) + EC_GFp_nistp256_method, +# else + 0, +# endif + "X9.62/SECG curve over a 256 bit prime field"}, +}; + #else + +static const ec_list_element curve_list[] = { + /* prime field curves */ + /* secg curves */ +# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 + {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, + "NIST/SECG curve over a 224 bit prime field"}, +# else {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, "NIST/SECG curve over a 224 bit prime field"}, -#endif +# endif {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, "SECG curve over a 256 bit prime field"}, /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ - {NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, + {NID_secp384r1, &_EC_NIST_PRIME_384.h, +# if defined(S390X_EC_ASM) + EC_GFp_s390x_nistp384_method, +# else + 0, +# endif "NIST/SECG curve over a 384 bit prime field"}, -#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 - {NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method, - "NIST/SECG curve over a 521 bit prime field"}, -#else - {NID_secp521r1, &_EC_NIST_PRIME_521.h, 0, + {NID_secp521r1, &_EC_NIST_PRIME_521.h, +# if defined(S390X_EC_ASM) + EC_GFp_s390x_nistp521_method, +# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) + EC_GFp_nistp521_method, +# else + 0, +# endif "NIST/SECG curve over a 521 bit prime field"}, -#endif /* X9.62 curves */ {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, -#if defined(ECP_NISTZ256_ASM) +# if defined(ECP_NISTZ256_ASM) EC_GFp_nistz256_method, -#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) +# elif defined(S390X_EC_ASM) + EC_GFp_s390x_nistp256_method, +# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) EC_GFp_nistp256_method, -#else +# else 0, -#endif +# endif "X9.62/SECG curve over a 256 bit prime field"}, }; +#endif /* FIPS_MODULE */ #define curve_list_length OSSL_NELEM(curve_list) -static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) +static const ec_list_element *ec_curve_nid2curve(int nid) +{ + size_t i; + + if (nid <= 0) + return NULL; + + for (i = 0; i < curve_list_length; i++) { + if (curve_list[i].nid == nid) + return &curve_list[i]; + } + return NULL; +} + +static EC_GROUP *ec_group_new_from_data(OSSL_LIB_CTX *libctx, + const char *propq, + const ec_list_element curve) { EC_GROUP *group = NULL; EC_POINT *P = NULL; @@ -293,10 +372,11 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) /* If no curve data curve method must handle everything */ if (curve.data == NULL) - return EC_GROUP_new(curve.meth != NULL ? curve.meth() : NULL); + return ossl_ec_group_new_ex(libctx, propq, + curve.meth != NULL ? curve.meth() : NULL); - if ((ctx = BN_CTX_new()) == NULL) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE); + if ((ctx = BN_CTX_new_ex(libctx)) == NULL) { + ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); goto err; } @@ -309,20 +389,20 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) if ((p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) == NULL || (a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) == NULL || (b = BN_bin2bn(params + 2 * param_len, param_len, NULL)) == NULL) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } if (curve.meth != 0) { meth = curve.meth(); - if (((group = EC_GROUP_new(meth)) == NULL) || + if (((group = ossl_ec_group_new_ex(libctx, propq, meth)) == NULL) || (!(group->meth->group_set_curve(group, p, a, b, ctx)))) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } } else if (data->field_type == NID_X9_62_prime_field) { if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } } @@ -331,7 +411,7 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) * NID_X9_62_characteristic_two_field */ if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } } @@ -340,31 +420,31 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) EC_GROUP_set_curve_name(group, curve.nid); if ((P = EC_POINT_new(group)) == NULL) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } if ((x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) == NULL || (y = BN_bin2bn(params + 4 * param_len, param_len, NULL)) == NULL) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } if (!EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } if ((order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) == NULL || !BN_set_word(x, (BN_ULONG)data->cofactor)) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } if (!EC_GROUP_set_generator(group, P, order, x)) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } if (seed_len) { if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) { - ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } } @@ -385,28 +465,33 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) return group; } -EC_GROUP *EC_GROUP_new_by_curve_name(int nid) +EC_GROUP *EC_GROUP_new_by_curve_name_ex(OSSL_LIB_CTX *libctx, const char *propq, + int nid) { - size_t i; EC_GROUP *ret = NULL; + const ec_list_element *curve; - if (nid <= 0) - return NULL; - - for (i = 0; i < curve_list_length; i++) - if (curve_list[i].nid == nid) { - ret = ec_group_new_from_data(curve_list[i]); - break; - } - - if (ret == NULL) { - ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP); + if ((curve = ec_curve_nid2curve(nid)) == NULL + || (ret = ec_group_new_from_data(libctx, propq, *curve)) == NULL) { +#ifndef FIPS_MODULE + ERR_raise_data(ERR_LIB_EC, EC_R_UNKNOWN_GROUP, + "name=%s", OBJ_nid2sn(nid)); +#else + ERR_raise(ERR_LIB_EC, EC_R_UNKNOWN_GROUP); +#endif return NULL; } return ret; } +#ifndef FIPS_MODULE +EC_GROUP *EC_GROUP_new_by_curve_name(int nid) +{ + return EC_GROUP_new_by_curve_name_ex(NULL, NULL, nid); +} +#endif + size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems) { size_t i, min; @@ -424,49 +509,14 @@ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems) return curve_list_length; } -/* Functions to translate between common NIST curve names and NIDs */ - -typedef struct { - const char *name; /* NIST Name of curve */ - int nid; /* Curve NID */ -} EC_NIST_NAME; - -static EC_NIST_NAME nist_curves[] = { - {"B-163", NID_sect163r2}, - {"B-233", NID_sect233r1}, - {"B-283", NID_sect283r1}, - {"B-409", NID_sect409r1}, - {"B-571", NID_sect571r1}, - {"K-163", NID_sect163k1}, - {"K-233", NID_sect233k1}, - {"K-283", NID_sect283k1}, - {"K-409", NID_sect409k1}, - {"K-571", NID_sect571k1}, - {"P-192", NID_X9_62_prime192v1}, - {"P-224", NID_secp224r1}, - {"P-256", NID_X9_62_prime256v1}, - {"P-384", NID_secp384r1}, - {"P-521", NID_secp521r1} -}; - const char *EC_curve_nid2nist(int nid) { - size_t i; - for (i = 0; i < OSSL_NELEM(nist_curves); i++) { - if (nist_curves[i].nid == nid) - return nist_curves[i].name; - } - return NULL; + return ossl_ec_curve_nid2nist_int(nid); } int EC_curve_nist2nid(const char *name) { - size_t i; - for (i = 0; i < OSSL_NELEM(nist_curves); i++) { - if (strcmp(nist_curves[i].name, name) == 0) - return nist_curves[i].nid; - } - return NID_undef; + return ossl_ec_curve_nist2nid_int(name); } #define NUM_BN_FIELDS 6 @@ -478,7 +528,7 @@ int EC_curve_nist2nid(const char *name) * Returns: The nid associated with the found named curve, or NID_undef * if not found. If there was an error it returns -1. */ -int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx) +int ossl_ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx) { int ret = -1, nid, len, field_type, param_len; size_t i, seed_len; @@ -486,17 +536,13 @@ int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx) unsigned char *param_bytes = NULL; const EC_CURVE_DATA *data; const EC_POINT *generator = NULL; - const EC_METHOD *meth; const BIGNUM *cofactor = NULL; /* An array of BIGNUMs for (p, a, b, x, y, order) */ BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL}; - meth = EC_GROUP_method_of(group); - if (meth == NULL) - return -1; /* Use the optional named curve nid as a search field */ nid = EC_GROUP_get_curve_name(group); - field_type = EC_METHOD_get_field_type(meth); + field_type = EC_GROUP_get_field_type(group); seed_len = EC_GROUP_get_seed_len(group); seed = EC_GROUP_get0_seed(group); cofactor = EC_GROUP_get0_cofactor(group); diff --git a/ectest.c b/ectest.c index e4fd45b..8e64f36 100644 --- a/ectest.c +++ b/ectest.c @@ -1,27 +1,36 @@ /* - * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * - * Licensed under the OpenSSL license (the "License"). You may not use + * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +/* + * EC_KEY low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + +#include #include "internal/nelem.h" #include "testutil.h" -#ifndef OPENSSL_NO_EC -# include -# ifndef OPENSSL_NO_ENGINE -# include -# endif -# include -# include -# include -# include -# include -# include +#include +#ifndef OPENSSL_NO_ENGINE +# include +#endif +#include +#include +#include +#include +#include +#include +#include "openssl/core_names.h" +#include "openssl/param_build.h" +#include "openssl/evp.h" static size_t crv_len = 0; static EC_builtin_curve *curves = NULL; @@ -49,7 +58,9 @@ static int group_order_tests(EC_GROUP *group) if (!TEST_true(EC_GROUP_get_order(group, order, ctx)) || !TEST_true(EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) || !TEST_true(EC_POINT_is_at_infinity(group, Q)) +#ifndef OPENSSL_NO_DEPRECATED_3_0 || !TEST_true(EC_GROUP_precompute_mult(group, ctx)) +#endif || !TEST_true(EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) || !TEST_true(EC_POINT_is_at_infinity(group, Q)) || !TEST_true(EC_POINT_copy(P, G)) @@ -63,8 +74,10 @@ static int group_order_tests(EC_GROUP *group) goto err; for (i = 1; i <= 2; i++) { +#ifndef OPENSSL_NO_DEPRECATED_3_0 const BIGNUM *scalars[6]; const EC_POINT *points[6]; +#endif if (!TEST_true(BN_set_word(n1, i)) /* @@ -96,11 +109,11 @@ static int group_order_tests(EC_GROUP *group) /* Add P to verify the result. */ || !TEST_true(EC_POINT_add(group, Q, Q, P, ctx)) || !TEST_true(EC_POINT_is_at_infinity(group, Q)) - - /* Exercise EC_POINTs_mul, including corner cases. */ || !TEST_false(EC_POINT_is_at_infinity(group, P))) goto err; +#ifndef OPENSSL_NO_DEPRECATED_3_0 + /* Exercise EC_POINTs_mul, including corner cases. */ scalars[0] = scalars[1] = BN_value_one(); points[0] = points[1] = P; @@ -124,6 +137,7 @@ static int group_order_tests(EC_GROUP *group) if (!TEST_true(EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx)) || !TEST_true(EC_POINT_is_at_infinity(group, P))) goto err; +#endif } r = 1; @@ -146,13 +160,13 @@ static int prime_field_tests(void) { BN_CTX *ctx = NULL; BIGNUM *p = NULL, *a = NULL, *b = NULL, *scalar3 = NULL; - EC_GROUP *group = NULL, *tmp = NULL; - EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, - *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; + EC_GROUP *group = NULL; EC_POINT *P = NULL, *Q = NULL, *R = NULL; BIGNUM *x = NULL, *y = NULL, *z = NULL, *yplusone = NULL; +#ifndef OPENSSL_NO_DEPRECATED_3_0 const EC_POINT *points[4]; const BIGNUM *scalars[4]; +#endif unsigned char buf[100]; size_t len, r = 0; int k; @@ -165,13 +179,8 @@ static int prime_field_tests(void) * applications should use EC_GROUP_new_curve_GFp so * that the library gets to choose the EC_METHOD */ - || !TEST_ptr(group = EC_GROUP_new(EC_GFp_mont_method())) - || !TEST_ptr(tmp = EC_GROUP_new(EC_GROUP_method_of(group))) - || !TEST_true(EC_GROUP_copy(tmp, group))) + || !TEST_ptr(group = EC_GROUP_new(EC_GFp_mont_method()))) goto err; - EC_GROUP_free(group); - group = tmp; - tmp = NULL; buf[0] = 0; if (!TEST_ptr(P = EC_POINT_new(group)) @@ -187,7 +196,7 @@ static int prime_field_tests(void) if (!TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFF000000000000000000000001")) - || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) || !TEST_true(BN_hex2bn(&b, "B4050A850C04B3ABF5413256" @@ -219,14 +228,12 @@ static int prime_field_tests(void) ctx)) || !TEST_int_eq(EC_GROUP_get_degree(group), 224) || !group_order_tests(group) - || !TEST_ptr(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))) - || !TEST_true(EC_GROUP_copy(P_224, group)) /* Curve P-256 (FIPS PUB 186-2, App. 6) */ || !TEST_true(BN_hex2bn(&p, "FFFFFFFF000000010000000000000000" "00000000FFFFFFFFFFFFFFFFFFFFFFFF")) - || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) || !TEST_true(BN_hex2bn(&a, "FFFFFFFF000000010000000000000000" "00000000FFFFFFFFFFFFFFFFFFFFFFFC")) || !TEST_true(BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC" @@ -259,15 +266,13 @@ static int prime_field_tests(void) ctx)) || !TEST_int_eq(EC_GROUP_get_degree(group), 256) || !group_order_tests(group) - || !TEST_ptr(P_256 = EC_GROUP_new(EC_GROUP_method_of(group))) - || !TEST_true(EC_GROUP_copy(P_256, group)) /* Curve P-384 (FIPS PUB 186-2, App. 6) */ || !TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" "FFFFFFFF0000000000000000FFFFFFFF")) - || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" "FFFFFFFF0000000000000000FFFFFFFC")) @@ -305,8 +310,6 @@ static int prime_field_tests(void) ctx)) || !TEST_int_eq(EC_GROUP_get_degree(group), 384) || !group_order_tests(group) - || !TEST_ptr(P_384 = EC_GROUP_new(EC_GROUP_method_of(group))) - || !TEST_true(EC_GROUP_copy(P_384, group)) /* Curve P-521 (FIPS PUB 186-2, App. 6) */ || !TEST_true(BN_hex2bn(&p, "1FF" @@ -314,7 +317,7 @@ static int prime_field_tests(void) "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF")) - || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) || !TEST_true(BN_hex2bn(&a, "1FF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" @@ -361,8 +364,6 @@ static int prime_field_tests(void) ctx)) || !TEST_int_eq(EC_GROUP_get_degree(group), 521) || !group_order_tests(group) - || !TEST_ptr(P_521 = EC_GROUP_new(EC_GROUP_method_of(group))) - || !TEST_true(EC_GROUP_copy(P_521, group)) /* more tests using the last curve */ @@ -378,6 +379,9 @@ static int prime_field_tests(void) || !TEST_true(EC_POINT_is_at_infinity(group, R)) /* R = P + 2Q */ || !TEST_false(EC_POINT_is_at_infinity(group, Q))) goto err; + +#ifndef OPENSSL_NO_DEPRECATED_3_0 + TEST_note("combined multiplication ..."); points[0] = Q; points[1] = Q; points[2] = Q; @@ -388,11 +392,10 @@ static int prime_field_tests(void) || !TEST_BN_even(y) || !TEST_true(BN_rshift1(y, y))) goto err; + scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */ scalars[1] = y; - TEST_note("combined multiplication ..."); - /* z is still the group order */ if (!TEST_true(EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) || !TEST_true(EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) @@ -423,10 +426,8 @@ static int prime_field_tests(void) if (!TEST_true(EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) || !TEST_true(EC_POINT_is_at_infinity(group, P))) goto err; - +#endif TEST_note(" ok\n"); - - r = 1; err: BN_CTX_free(ctx); @@ -434,7 +435,6 @@ err: BN_free(a); BN_free(b); EC_GROUP_free(group); - EC_GROUP_free(tmp); EC_POINT_free(P); EC_POINT_free(Q); EC_POINT_free(R); @@ -443,11 +443,6 @@ err: BN_free(z); BN_free(yplusone); BN_free(scalar3); - - EC_GROUP_free(P_224); - EC_GROUP_free(P_256); - EC_GROUP_free(P_384); - EC_GROUP_free(P_521); return r; } @@ -484,13 +479,48 @@ static int internal_curve_test_method(int n) return r; } -# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +static int group_field_test(void) +{ + int r = 1; + BIGNUM *secp521r1_field = NULL; + BIGNUM *sect163r2_field = NULL; + EC_GROUP *secp521r1_group = NULL; + EC_GROUP *sect163r2_group = NULL; + + BN_hex2bn(&secp521r1_field, + "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFF"); + + + BN_hex2bn(§163r2_field, + "08000000000000000000000000000000" + "00000000C9"); + + secp521r1_group = EC_GROUP_new_by_curve_name(NID_secp521r1); + if (BN_cmp(secp521r1_field, EC_GROUP_get0_field(secp521r1_group))) + r = 0; + + # ifndef OPENSSL_NO_EC2M + sect163r2_group = EC_GROUP_new_by_curve_name(NID_sect163r2); + if (BN_cmp(sect163r2_field, EC_GROUP_get0_field(sect163r2_group))) + r = 0; + # endif + + EC_GROUP_free(secp521r1_group); + EC_GROUP_free(sect163r2_group); + BN_free(secp521r1_field); + BN_free(sect163r2_field); + return r; +} /* - * nistp_test_params contains magic numbers for testing our optimized - * implementations of several NIST curves with characteristic > 3. + * nistp_test_params contains magic numbers for testing + * several NIST curves with characteristic > 3. */ struct nistp_test_params { - const EC_METHOD *(*meth) (void); + const int nid; int degree; /* * Qx, Qy and D are taken from @@ -503,7 +533,7 @@ struct nistp_test_params { static const struct nistp_test_params nistp_tests_params[] = { { /* P-224 */ - EC_GFp_nistp224_method, + NID_secp224r1, 224, /* p */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", @@ -526,7 +556,7 @@ static const struct nistp_test_params nistp_tests_params[] = { }, { /* P-256 */ - EC_GFp_nistp256_method, + NID_X9_62_prime256v1, 256, /* p */ "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", @@ -549,7 +579,7 @@ static const struct nistp_test_params nistp_tests_params[] = { }, { /* P-521 */ - EC_GFp_nistp521_method, + NID_secp521r1, 521, /* p */ "1ff" @@ -613,9 +643,9 @@ static int nistp_single_test(int idx) || !TEST_ptr(order = BN_new()) || !TEST_ptr(yplusone = BN_new()) - || !TEST_ptr(NISTP = EC_GROUP_new(test->meth())) + || !TEST_ptr(NISTP = EC_GROUP_new_by_curve_name(test->nid)) || !TEST_true(BN_hex2bn(&p, test->p)) - || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) || !TEST_true(BN_hex2bn(&a, test->a)) || !TEST_true(BN_hex2bn(&b, test->b)) || !TEST_true(EC_GROUP_set_curve(NISTP, p, a, b, ctx)) @@ -668,16 +698,13 @@ static int nistp_single_test(int idx) /* random point multiplication */ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx); if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - - /* - * We have not performed precomputation so have_precompute mult should be - * false - */ +#ifndef OPENSSL_NO_DEPRECATED_3_0 + /* We have not performed precomp so this should be false */ || !TEST_false(EC_GROUP_have_precompute_mult(NISTP)) - - /* now repeat all tests with precomputation */ + /* now repeat all tests with precomputation */ || !TEST_true(EC_GROUP_precompute_mult(NISTP, ctx)) - || !TEST_true(EC_GROUP_have_precompute_mult(NISTP))) +#endif + ) goto err; /* fixed point multiplication */ @@ -709,7 +736,7 @@ static int nistp_single_test(int idx) || !TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, G, ctx))) goto err; - r = group_order_tests(NISTP); + r = 1; err: EC_GROUP_free(NISTP); EC_POINT_free(G); @@ -729,76 +756,6 @@ err: return r; } -/* - * Tests a point known to cause an incorrect underflow in an old version of - * ecp_nist521.c - */ -static int underflow_test(void) -{ - BN_CTX *ctx = NULL; - EC_GROUP *grp = NULL; - EC_POINT *P = NULL, *Q = NULL, *R = NULL; - BIGNUM *x1 = NULL, *y1 = NULL, *z1 = NULL, *x2 = NULL, *y2 = NULL; - BIGNUM *k = NULL; - int testresult = 0; - const char *x1str = - "1534f0077fffffe87e9adcfe000000000000000000003e05a21d2400002e031b1f4" - "b80000c6fafa4f3c1288798d624a247b5e2ffffffffffffffefe099241900004"; - const char *p521m1 = - "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" - "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe"; - - ctx = BN_CTX_new(); - if (!TEST_ptr(ctx)) - return 0; - - BN_CTX_start(ctx); - x1 = BN_CTX_get(ctx); - y1 = BN_CTX_get(ctx); - z1 = BN_CTX_get(ctx); - x2 = BN_CTX_get(ctx); - y2 = BN_CTX_get(ctx); - k = BN_CTX_get(ctx); - if (!TEST_ptr(k)) - goto err; - - grp = EC_GROUP_new_by_curve_name(NID_secp521r1); - P = EC_POINT_new(grp); - Q = EC_POINT_new(grp); - R = EC_POINT_new(grp); - if (!TEST_ptr(grp) || !TEST_ptr(P) || !TEST_ptr(Q) || !TEST_ptr(R)) - goto err; - - if (!TEST_int_gt(BN_hex2bn(&x1, x1str), 0) - || !TEST_int_gt(BN_hex2bn(&y1, p521m1), 0) - || !TEST_int_gt(BN_hex2bn(&z1, p521m1), 0) - || !TEST_int_gt(BN_hex2bn(&k, "02"), 0) - || !TEST_true(EC_POINT_set_Jprojective_coordinates_GFp(grp, P, x1, - y1, z1, ctx)) - || !TEST_true(EC_POINT_mul(grp, Q, NULL, P, k, ctx)) - || !TEST_true(EC_POINT_get_affine_coordinates(grp, Q, x1, y1, ctx)) - || !TEST_true(EC_POINT_dbl(grp, R, P, ctx)) - || !TEST_true(EC_POINT_get_affine_coordinates(grp, R, x2, y2, ctx))) - goto err; - - if (!TEST_int_eq(BN_cmp(x1, x2), 0) - || !TEST_int_eq(BN_cmp(y1, y2), 0)) - goto err; - - testresult = 1; - - err: - BN_CTX_end(ctx); - EC_POINT_free(P); - EC_POINT_free(Q); - EC_POINT_free(R); - EC_GROUP_free(grp); - BN_CTX_free(ctx); - - return testresult; -} -# endif - static const unsigned char p521_named[] = { 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23, }; @@ -844,6 +801,261 @@ static const unsigned char p521_explicit[] = { 0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09, 0x02, 0x01, 0x01, }; +/* + * This test validates a named curve's group parameters using + * EC_GROUP_check_named_curve(). It also checks that modifying any of the + * group parameters results in the curve not being valid. + */ +static int check_named_curve_test(int id) +{ + int ret = 0, nid, field_nid, has_seed; + EC_GROUP *group = NULL, *gtest = NULL; + const EC_POINT *group_gen = NULL; + EC_POINT *other_gen = NULL; + BIGNUM *group_p = NULL, *group_a = NULL, *group_b = NULL; + BIGNUM *other_p = NULL, *other_a = NULL, *other_b = NULL; + BIGNUM *group_cofactor = NULL, *other_cofactor = NULL; + BIGNUM *other_order = NULL; + const BIGNUM *group_order = NULL; + BN_CTX *bn_ctx = NULL; + static const unsigned char invalid_seed[] = "THIS IS NOT A VALID SEED"; + static size_t invalid_seed_len = sizeof(invalid_seed); + + /* Do some setup */ + nid = curves[id].nid; + if (!TEST_ptr(bn_ctx = BN_CTX_new()) + || !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid)) + || !TEST_ptr(gtest = EC_GROUP_dup(group)) + || !TEST_ptr(group_p = BN_new()) + || !TEST_ptr(group_a = BN_new()) + || !TEST_ptr(group_b = BN_new()) + || !TEST_ptr(group_cofactor = BN_new()) + || !TEST_ptr(group_gen = EC_GROUP_get0_generator(group)) + || !TEST_ptr(group_order = EC_GROUP_get0_order(group)) + || !TEST_true(EC_GROUP_get_cofactor(group, group_cofactor, NULL)) + || !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)) + || !TEST_ptr(other_gen = EC_POINT_dup(group_gen, group)) + || !TEST_true(EC_POINT_add(group, other_gen, group_gen, group_gen, NULL)) + || !TEST_ptr(other_order = BN_dup(group_order)) + || !TEST_true(BN_add_word(other_order, 1)) + || !TEST_ptr(other_a = BN_dup(group_a)) + || !TEST_true(BN_add_word(other_a, 1)) + || !TEST_ptr(other_b = BN_dup(group_b)) + || !TEST_true(BN_add_word(other_b, 1)) + || !TEST_ptr(other_cofactor = BN_dup(group_cofactor)) + || !TEST_true(BN_add_word(other_cofactor, 1))) + goto err; + + /* Determine if the built-in curve has a seed field set */ + has_seed = (EC_GROUP_get_seed_len(group) > 0); + field_nid = EC_GROUP_get_field_type(group); + if (field_nid == NID_X9_62_characteristic_two_field) { + if (!TEST_ptr(other_p = BN_dup(group_p)) + || !TEST_true(BN_lshift1(other_p, other_p))) + goto err; + } else { + if (!TEST_ptr(other_p = BN_dup(group_p))) + goto err; + /* + * Just choosing any arbitrary prime does not work.. + * Setting p via ec_GFp_nist_group_set_curve() needs the prime to be a + * nist prime. So only select one of these as an alternate prime. + */ + if (!TEST_ptr(BN_copy(other_p, + BN_ucmp(BN_get0_nist_prime_192(), other_p) == 0 ? + BN_get0_nist_prime_256() : + BN_get0_nist_prime_192()))) + goto err; + } + + /* Passes because this is a valid curve */ + if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid) + /* Only NIST curves pass */ + || !TEST_int_eq(EC_GROUP_check_named_curve(group, 1, NULL), + EC_curve_nid2nist(nid) != NULL ? nid : NID_undef)) + goto err; + + /* Fail if the curve name doesn't match the parameters */ + EC_GROUP_set_curve_name(group, nid + 1); + ERR_set_mark(); + if (!TEST_int_le(EC_GROUP_check_named_curve(group, 0, NULL), 0)) + goto err; + ERR_pop_to_mark(); + + /* Restore curve name and ensure it's passing */ + EC_GROUP_set_curve_name(group, nid); + if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid)) + goto err; + + if (!TEST_int_eq(EC_GROUP_set_seed(group, invalid_seed, invalid_seed_len), + invalid_seed_len)) + goto err; + + if (has_seed) { + /* + * If the built-in curve has a seed and we set the seed to another value + * then it will fail the check. + */ + if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), 0)) + goto err; + } else { + /* + * If the built-in curve does not have a seed then setting the seed will + * pass the check (as the seed is optional). + */ + if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid)) + goto err; + } + /* Pass if the seed is unknown (as it is optional) */ + if (!TEST_int_eq(EC_GROUP_set_seed(group, NULL, 0), 1) + || !TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid)) + goto err; + + /* Check that a duped group passes */ + if (!TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid)) + goto err; + + /* check that changing any generator parameter fails */ + if (!TEST_true(EC_GROUP_set_generator(gtest, other_gen, group_order, + group_cofactor)) + || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), 0) + || !TEST_true(EC_GROUP_set_generator(gtest, group_gen, other_order, + group_cofactor)) + || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), 0) + /* The order is not an optional field, so this should fail */ + || !TEST_false(EC_GROUP_set_generator(gtest, group_gen, NULL, + group_cofactor)) + || !TEST_true(EC_GROUP_set_generator(gtest, group_gen, group_order, + other_cofactor)) + || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), 0) + /* Check that if the cofactor is not set then it still passes */ + || !TEST_true(EC_GROUP_set_generator(gtest, group_gen, group_order, + NULL)) + || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid) + /* check that restoring the generator passes */ + || !TEST_true(EC_GROUP_set_generator(gtest, group_gen, group_order, + group_cofactor)) + || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid)) + goto err; + + /* + * check that changing any curve parameter fails + * + * Setting arbitrary p, a or b might fail for some EC_GROUPs + * depending on the internal EC_METHOD implementation, hence run + * these tests conditionally to the success of EC_GROUP_set_curve(). + */ + ERR_set_mark(); + if (EC_GROUP_set_curve(gtest, other_p, group_a, group_b, NULL)) { + if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0, NULL), 0)) + goto err; + } else { + /* clear the error stack if EC_GROUP_set_curve() failed */ + ERR_pop_to_mark(); + ERR_set_mark(); + } + if (EC_GROUP_set_curve(gtest, group_p, other_a, group_b, NULL)) { + if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0, NULL), 0)) + goto err; + } else { + /* clear the error stack if EC_GROUP_set_curve() failed */ + ERR_pop_to_mark(); + ERR_set_mark(); + } + if (EC_GROUP_set_curve(gtest, group_p, group_a, other_b, NULL)) { + if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0, NULL), 0)) + goto err; + } else { + /* clear the error stack if EC_GROUP_set_curve() failed */ + ERR_pop_to_mark(); + ERR_set_mark(); + } + ERR_pop_to_mark(); + + /* Check that restoring the curve parameters passes */ + if (!TEST_true(EC_GROUP_set_curve(gtest, group_p, group_a, group_b, NULL)) + || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid)) + goto err; + + ret = 1; +err: + BN_free(group_p); + BN_free(other_p); + BN_free(group_a); + BN_free(other_a); + BN_free(group_b); + BN_free(other_b); + BN_free(group_cofactor); + BN_free(other_cofactor); + BN_free(other_order); + EC_POINT_free(other_gen); + EC_GROUP_free(gtest); + EC_GROUP_free(group); + BN_CTX_free(bn_ctx); + return ret; +} + +/* + * This checks the lookup capability of EC_GROUP_check_named_curve() + * when the given group was created with explicit parameters. + * + * It is possible to retrieve an alternative alias that does not match + * the original nid in this case. + */ +static int check_named_curve_lookup_test(int id) +{ + int ret = 0, nid, rv = 0; + EC_GROUP *g = NULL , *ga = NULL; + ECPARAMETERS *p = NULL, *pa = NULL; + BN_CTX *ctx = NULL; + + /* Do some setup */ + nid = curves[id].nid; + if (!TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(g = EC_GROUP_new_by_curve_name(nid)) + || !TEST_ptr(p = EC_GROUP_get_ecparameters(g, NULL))) + goto err; + + /* replace with group from explicit parameters */ + EC_GROUP_free(g); + if (!TEST_ptr(g = EC_GROUP_new_from_ecparameters(p))) + goto err; + + if (!TEST_int_gt(rv = EC_GROUP_check_named_curve(g, 0, NULL), 0)) + goto err; + if (rv != nid) { + /* + * Found an alias: + * fail if the returned nid is not an alias of the original group. + * + * The comparison here is done by comparing two explicit + * parameter EC_GROUPs with EC_GROUP_cmp(), to ensure the + * comparison happens with unnamed EC_GROUPs using the same + * EC_METHODs. + */ + if (!TEST_ptr(ga = EC_GROUP_new_by_curve_name(rv)) + || !TEST_ptr(pa = EC_GROUP_get_ecparameters(ga, NULL))) + goto err; + + /* replace with group from explicit parameters, then compare */ + EC_GROUP_free(ga); + if (!TEST_ptr(ga = EC_GROUP_new_from_ecparameters(pa)) + || !TEST_int_eq(EC_GROUP_cmp(g, ga, ctx), 0)) + goto err; + } + + ret = 1; + + err: + EC_GROUP_free(g); + EC_GROUP_free(ga); + ECPARAMETERS_free(p); + ECPARAMETERS_free(pa); + BN_CTX_free(ctx); + + return ret; +} + /* * Sometime we cannot compare nids for equality, as the built-in curve table * includes aliases with different names for the same curve. @@ -856,7 +1068,7 @@ int are_ec_nids_compatible(int n1d, int n2d) { int ret = 0; switch (n1d) { -# ifndef OPENSSL_NO_EC2M +#ifndef OPENSSL_NO_EC2M case NID_sect113r1: case NID_wap_wsg_idm_ecid_wtls4: ret = (n2d == NID_sect113r1 || n2d == NID_wap_wsg_idm_ecid_wtls4); @@ -878,7 +1090,7 @@ int are_ec_nids_compatible(int n1d, int n2d) ret = (n2d == NID_X9_62_c2pnb163v1 || n2d == NID_wap_wsg_idm_ecid_wtls5); break; -# endif /* OPENSSL_NO_EC2M */ +#endif /* OPENSSL_NO_EC2M */ case NID_secp112r1: case NID_wap_wsg_idm_ecid_wtls6: ret = (n2d == NID_secp112r1 || n2d == NID_wap_wsg_idm_ecid_wtls6); @@ -887,12 +1099,12 @@ int are_ec_nids_compatible(int n1d, int n2d) case NID_wap_wsg_idm_ecid_wtls7: ret = (n2d == NID_secp160r2 || n2d == NID_wap_wsg_idm_ecid_wtls7); break; -# ifdef OPENSSL_NO_EC_NISTP_64_GCC_128 +#ifdef OPENSSL_NO_EC_NISTP_64_GCC_128 case NID_secp224r1: case NID_wap_wsg_idm_ecid_wtls12: ret = (n2d == NID_secp224r1 || n2d == NID_wap_wsg_idm_ecid_wtls12); break; -# else +#else /* * For SEC P-224 we want to ensure that the SECP nid is returned, as * that is associated with a specialized method. @@ -900,7 +1112,7 @@ int are_ec_nids_compatible(int n1d, int n2d) case NID_wap_wsg_idm_ecid_wtls12: ret = (n2d == NID_secp224r1); break; -# endif /* def(OPENSSL_NO_EC_NISTP_64_GCC_128) */ +#endif /* def(OPENSSL_NO_EC_NISTP_64_GCC_128) */ default: ret = (n1d == n2d); @@ -1109,15 +1321,14 @@ err: return ret; } + static int parameter_test(void) { EC_GROUP *group = NULL, *group2 = NULL; ECPARAMETERS *ecparameters = NULL; unsigned char *buf = NULL; int r = 0, len; - - /* must use a curve without a special group method */ - if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp256k1)) + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp384r1)) || !TEST_ptr(ecparameters = EC_GROUP_get_ecparameters(group, NULL)) || !TEST_ptr(group2 = EC_GROUP_new_from_ecparameters(ecparameters)) || !TEST_int_eq(EC_GROUP_cmp(group, group2, NULL), 0)) @@ -1251,7 +1462,7 @@ static int cofactor_range_test(void) */ static int cardinality_test(int n) { - int ret = 0; + int ret = 0, is_binary = 0; int nid = curves[n].nid; BN_CTX *ctx = NULL; EC_GROUP *g1 = NULL, *g2 = NULL; @@ -1262,14 +1473,13 @@ static int cardinality_test(int n) TEST_info("Curve %s cardinality test", OBJ_nid2sn(nid)); if (!TEST_ptr(ctx = BN_CTX_new()) - || !TEST_ptr(g1 = EC_GROUP_new_by_curve_name(nid)) - || !TEST_ptr(g2 = EC_GROUP_new(EC_GROUP_method_of(g1)))) { - EC_GROUP_free(g1); - EC_GROUP_free(g2); + || !TEST_ptr(g1 = EC_GROUP_new_by_curve_name(nid))) { BN_CTX_free(ctx); return 0; } + is_binary = (EC_GROUP_get_field_type(g1) == NID_X9_62_characteristic_two_field); + BN_CTX_start(ctx); g1_p = BN_CTX_get(ctx); g1_a = BN_CTX_get(ctx); @@ -1287,7 +1497,14 @@ static int cardinality_test(int n) || !TEST_true(BN_copy(g1_order, EC_GROUP_get0_order(g1))) || !TEST_true(EC_GROUP_get_cofactor(g1, g1_cf, ctx)) /* construct g2 manually with g1 parameters */ - || !TEST_true(EC_GROUP_set_curve(g2, g1_p, g1_a, g1_b, ctx)) +#ifndef OPENSSL_NO_EC2M + || !TEST_ptr(g2 = (is_binary) ? + EC_GROUP_new_curve_GF2m(g1_p, g1_a, g1_b, ctx) : + EC_GROUP_new_curve_GFp(g1_p, g1_a, g1_b, ctx)) +#else + || !TEST_int_eq(0, is_binary) + || !TEST_ptr(g2 = EC_GROUP_new_curve_GFp(g1_p, g1_a, g1_b, ctx)) +#endif || !TEST_ptr(g2_gen = EC_POINT_new(g2)) || !TEST_true(EC_POINT_set_affine_coordinates(g2, g2_gen, g1_x, g1_y, ctx)) /* pass NULL cofactor: lib should compute it */ @@ -1326,6 +1543,59 @@ static int cardinality_test(int n) return ret; } +static int check_ec_key_field_public_range_test(int id) +{ + int ret = 0, type = 0; + const EC_POINT *pub = NULL; + const EC_GROUP *group = NULL; + const BIGNUM *field = NULL; + BIGNUM *x = NULL, *y = NULL; + EC_KEY *key = NULL; + + if (!TEST_ptr(x = BN_new()) + || !TEST_ptr(y = BN_new()) + || !TEST_ptr(key = EC_KEY_new_by_curve_name(curves[id].nid)) + || !TEST_ptr(group = EC_KEY_get0_group(key)) + || !TEST_ptr(field = EC_GROUP_get0_field(group)) + || !TEST_int_gt(EC_KEY_generate_key(key), 0) + || !TEST_int_gt(EC_KEY_check_key(key), 0) + || !TEST_ptr(pub = EC_KEY_get0_public_key(key)) + || !TEST_int_gt(EC_POINT_get_affine_coordinates(group, pub, x, y, + NULL), 0)) + goto err; + + /* + * Make the public point out of range by adding the field (which will still + * be the same point on the curve). The add is different for char2 fields. + */ + type = EC_GROUP_get_field_type(group); +#ifndef OPENSSL_NO_EC2M + if (type == NID_X9_62_characteristic_two_field) { + /* test for binary curves */ + if (!TEST_true(BN_GF2m_add(x, x, field))) + goto err; + } else +#endif + if (type == NID_X9_62_prime_field) { + /* test for prime curves */ + if (!TEST_true(BN_add(x, x, field))) + goto err; + } else { + /* this should never happen */ + TEST_error("Unsupported EC_METHOD field_type"); + goto err; + } + if (!TEST_int_le(EC_KEY_set_public_key_affine_coordinates(key, x, y), 0)) + goto err; + + ret = 1; +err: + BN_free(x); + BN_free(y); + EC_KEY_free(key); + return ret; +} + /* * Helper for ec_point_hex2point_test * @@ -1425,6 +1695,226 @@ static int ec_point_hex2point_test(int id) return ret; } +static int do_test_custom_explicit_fromdata(EC_GROUP *group, BN_CTX *ctx, + unsigned char *gen, int gen_size) +{ + int ret = 0, i_out; + EVP_PKEY_CTX *pctx = NULL; + EVP_PKEY *pkeyparam = NULL; + OSSL_PARAM_BLD *bld = NULL; + const char *field_name; + OSSL_PARAM *params = NULL; + const OSSL_PARAM *gettable; + BIGNUM *p, *a, *b; + BIGNUM *p_out = NULL, *a_out = NULL, *b_out = NULL; + BIGNUM *order_out = NULL, *cofactor_out = NULL; + char name[80]; + unsigned char buf[1024]; + size_t buf_len, name_len; +#ifndef OPENSSL_NO_EC2M + unsigned int k1 = 0, k2 = 0, k3 = 0; + const char *basis_name = NULL; +#endif + + p = BN_CTX_get(ctx); + a = BN_CTX_get(ctx); + b = BN_CTX_get(ctx); + + if (!TEST_ptr(b) + || !TEST_ptr(bld = OSSL_PARAM_BLD_new())) + goto err; + + if (EC_GROUP_get_field_type(group) == NID_X9_62_prime_field) { + field_name = SN_X9_62_prime_field; + } else { + field_name = SN_X9_62_characteristic_two_field; +#ifndef OPENSSL_NO_EC2M + if (EC_GROUP_get_basis_type(group) == NID_X9_62_tpBasis) { + basis_name = SN_X9_62_tpBasis; + if (!TEST_true(EC_GROUP_get_trinomial_basis(group, &k1))) + goto err; + } else { + basis_name = SN_X9_62_ppBasis; + if (!TEST_true(EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3))) + goto err; + } +#endif /* OPENSSL_NO_EC2M */ + } + if (!TEST_true(EC_GROUP_get_curve(group, p, a, b, ctx)) + || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, + OSSL_PKEY_PARAM_EC_FIELD_TYPE, field_name, 0)) + || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, p)) + || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a)) + || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))) + goto err; + + if (EC_GROUP_get0_seed(group) != NULL) { + if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, + OSSL_PKEY_PARAM_EC_SEED, EC_GROUP_get0_seed(group), + EC_GROUP_get_seed_len(group)))) + goto err; + } + if (EC_GROUP_get0_cofactor(group) != NULL) { + if (!TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR, + EC_GROUP_get0_cofactor(group)))) + goto err; + } + + if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, + OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_size)) + || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_ORDER, + EC_GROUP_get0_order(group)))) + goto err; + + if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) + || !TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) + || !TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0) + || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkeyparam, + EVP_PKEY_KEY_PARAMETERS, params), 0)) + goto err; + + /*- Check that all the set values are retrievable -*/ + + /* There should be no match to a group name since the generator changed */ + if (!TEST_false(EVP_PKEY_get_utf8_string_param(pkeyparam, + OSSL_PKEY_PARAM_GROUP_NAME, name, sizeof(name), + &name_len))) + goto err; + + /* The encoding should be explicit as it has no group */ + if (!TEST_true(EVP_PKEY_get_utf8_string_param(pkeyparam, + OSSL_PKEY_PARAM_EC_ENCODING, + name, sizeof(name), &name_len)) + || !TEST_str_eq(name, OSSL_PKEY_EC_ENCODING_EXPLICIT)) + goto err; + + if (!TEST_true(EVP_PKEY_get_utf8_string_param(pkeyparam, + OSSL_PKEY_PARAM_EC_FIELD_TYPE, name, sizeof(name), + &name_len)) + || !TEST_str_eq(name, field_name)) + goto err; + + if (!TEST_true(EVP_PKEY_get_octet_string_param(pkeyparam, + OSSL_PKEY_PARAM_EC_GENERATOR, buf, sizeof(buf), &buf_len)) + || !TEST_mem_eq(buf, (int)buf_len, gen, gen_size)) + goto err; + + if (!TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_P, &p_out)) + || !TEST_BN_eq(p_out, p) + || !TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_A, + &a_out)) + || !TEST_BN_eq(a_out, a) + || !TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_B, + &b_out)) + || !TEST_BN_eq(b_out, b) + || !TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_ORDER, + &order_out)) + || !TEST_BN_eq(order_out, EC_GROUP_get0_order(group))) + goto err; + + if (EC_GROUP_get0_cofactor(group) != NULL) { + if (!TEST_true(EVP_PKEY_get_bn_param(pkeyparam, + OSSL_PKEY_PARAM_EC_COFACTOR, &cofactor_out)) + || !TEST_BN_eq(cofactor_out, EC_GROUP_get0_cofactor(group))) + goto err; + } + if (EC_GROUP_get0_seed(group) != NULL) { + if (!TEST_true(EVP_PKEY_get_octet_string_param(pkeyparam, + OSSL_PKEY_PARAM_EC_SEED, buf, sizeof(buf), &buf_len)) + || !TEST_mem_eq(buf, buf_len, EC_GROUP_get0_seed(group), + EC_GROUP_get_seed_len(group))) + goto err; + } + + if (EC_GROUP_get_field_type(group) == NID_X9_62_prime_field) { + /* No extra fields should be set for a prime field */ + if (!TEST_false(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_M, &i_out)) + || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, &i_out)) + || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, &i_out)) + || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, &i_out)) + || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, &i_out)) + || !TEST_false(EVP_PKEY_get_utf8_string_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_TYPE, name, sizeof(name), + &name_len))) + goto err; + } else { +#ifndef OPENSSL_NO_EC2M + if (!TEST_true(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_M, &i_out)) + || !TEST_int_eq(EC_GROUP_get_degree(group), i_out) + || !TEST_true(EVP_PKEY_get_utf8_string_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_TYPE, name, sizeof(name), + &name_len)) + || !TEST_str_eq(name, basis_name)) + goto err; + + if (EC_GROUP_get_basis_type(group) == NID_X9_62_tpBasis) { + if (!TEST_true(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, &i_out)) + || !TEST_int_eq(k1, i_out) + || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, &i_out)) + || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, &i_out)) + || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, &i_out))) + goto err; + } else { + if (!TEST_false(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, &i_out)) + || !TEST_true(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, &i_out)) + || !TEST_int_eq(k1, i_out) + || !TEST_true(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, &i_out)) + || !TEST_int_eq(k2, i_out) + || !TEST_true(EVP_PKEY_get_int_param(pkeyparam, + OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, &i_out)) + || !TEST_int_eq(k3, i_out)) + goto err; + } +#endif /* OPENSSL_NO_EC2M */ + } + if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pkeyparam)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_GROUP_NAME)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_ENCODING)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_FIELD_TYPE)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_P)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_A)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_B)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_GENERATOR)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_ORDER)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_COFACTOR)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_SEED)) +#ifndef OPENSSL_NO_EC2M + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_M)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_TYPE)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_PP_K1)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_PP_K2)) + || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_PP_K3)) +#endif + ) + goto err; + ret = 1; +err: + BN_free(order_out); + BN_free(cofactor_out); + BN_free(a_out); + BN_free(b_out); + BN_free(p_out); + OSSL_PARAM_BLD_free_params(params); + OSSL_PARAM_BLD_free(bld); + EVP_PKEY_free(pkeyparam); + EVP_PKEY_CTX_free(pctx); + return ret; +} + /* * check the EC_METHOD respects the supplied EC_GROUP_set_generator G */ @@ -1450,7 +1940,7 @@ static int custom_generator_test(int id) /* expected byte length of encoded points */ bsize = (EC_GROUP_get_degree(group) + 7) / 8; - bsize = 2 * bsize + 1; + bsize = 1 + 2 * bsize; /* UNCOMPRESSED_POINT format */ if (!TEST_ptr(k = BN_CTX_get(ctx)) /* fetch a testing scalar k != 0,1 */ @@ -1488,17 +1978,20 @@ static int custom_generator_test(int id) POINT_CONVERSION_UNCOMPRESSED, b2, bsize, ctx), bsize) /* Q1 = kG = k/2 G2 = Q2 should hold */ - || !TEST_int_eq(CRYPTO_memcmp(b1, b2, bsize), 0)) + || !TEST_mem_eq(b1, bsize, b2, bsize)) + goto err; + + if (!do_test_custom_explicit_fromdata(group, ctx, b1, bsize)) goto err; ret = 1; err: - BN_CTX_end(ctx); EC_POINT_free(Q1); EC_POINT_free(Q2); EC_POINT_free(G2); EC_GROUP_free(group); + BN_CTX_end(ctx); BN_CTX_free(ctx); OPENSSL_free(b1); OPENSSL_free(b2); @@ -1506,11 +1999,285 @@ static int custom_generator_test(int id) return ret; } -#endif /* OPENSSL_NO_EC */ +/* + * check creation of curves from explicit params through the public API + */ +static int custom_params_test(int id) +{ + int ret = 0, nid, bsize; + const char *curve_name = NULL; + EC_GROUP *group = NULL, *altgroup = NULL; + EC_POINT *G2 = NULL, *Q1 = NULL, *Q2 = NULL; + const EC_POINT *Q = NULL; + BN_CTX *ctx = NULL; + BIGNUM *k = NULL; + unsigned char *buf1 = NULL, *buf2 = NULL; + const BIGNUM *z = NULL, *cof = NULL, *priv1 = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL; + int is_prime = 0; + EC_KEY *eckey1 = NULL, *eckey2 = NULL; + EVP_PKEY *pkey1 = NULL, *pkey2 = NULL; + EVP_PKEY_CTX *pctx1 = NULL, *pctx2 = NULL; + size_t sslen, t; + unsigned char *pub1 = NULL , *pub2 = NULL; + OSSL_PARAM_BLD *param_bld = NULL; + OSSL_PARAM *params1 = NULL, *params2 = NULL; + + /* Do some setup */ + nid = curves[id].nid; + curve_name = OBJ_nid2sn(nid); + TEST_note("Curve %s", curve_name); + + if (nid == NID_sm2) + return TEST_skip("custom params not supported with SM2"); + + if (!TEST_ptr(ctx = BN_CTX_new())) + return 0; + + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))) + goto err; + + is_prime = EC_GROUP_get_field_type(group) == NID_X9_62_prime_field; +#ifdef OPENSSL_NO_EC2M + if (!is_prime) { + ret = TEST_skip("binary curves not supported in this build"); + goto err; + } +#endif + + BN_CTX_start(ctx); + if (!TEST_ptr(p = BN_CTX_get(ctx)) + || !TEST_ptr(a = BN_CTX_get(ctx)) + || !TEST_ptr(b = BN_CTX_get(ctx)) + || !TEST_ptr(k = BN_CTX_get(ctx))) + goto err; + + /* expected byte length of encoded points */ + bsize = (EC_GROUP_get_degree(group) + 7) / 8; + bsize = 1 + 2 * bsize; /* UNCOMPRESSED_POINT format */ + + /* extract parameters from built-in curve */ + if (!TEST_true(EC_GROUP_get_curve(group, p, a, b, ctx)) + || !TEST_ptr(G2 = EC_POINT_new(group)) + /* new generator is G2 := 2G */ + || !TEST_true(EC_POINT_dbl(group, G2, + EC_GROUP_get0_generator(group), ctx)) + /* pull out the bytes of that */ + || !TEST_int_eq(EC_POINT_point2oct(group, G2, + POINT_CONVERSION_UNCOMPRESSED, + NULL, 0, ctx), bsize) + || !TEST_ptr(buf1 = OPENSSL_malloc(bsize)) + || !TEST_int_eq(EC_POINT_point2oct(group, G2, + POINT_CONVERSION_UNCOMPRESSED, + buf1, bsize, ctx), bsize) + || !TEST_ptr(z = EC_GROUP_get0_order(group)) + || !TEST_ptr(cof = EC_GROUP_get0_cofactor(group)) + ) + goto err; + + /* create a new group using same params (but different generator) */ + if (is_prime) { + if (!TEST_ptr(altgroup = EC_GROUP_new_curve_GFp(p, a, b, ctx))) + goto err; + } +#ifndef OPENSSL_NO_EC2M + else { + if (!TEST_ptr(altgroup = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) + goto err; + } +#endif + + /* set 2*G as the generator of altgroup */ + EC_POINT_free(G2); /* discard G2 as it refers to the original group */ + if (!TEST_ptr(G2 = EC_POINT_new(altgroup)) + || !TEST_true(EC_POINT_oct2point(altgroup, G2, buf1, bsize, ctx)) + || !TEST_int_eq(EC_POINT_is_on_curve(altgroup, G2, ctx), 1) + || !TEST_true(EC_GROUP_set_generator(altgroup, G2, z, cof)) + ) + goto err; + + /* verify math checks out */ + if (/* allocate temporary points on group and altgroup */ + !TEST_ptr(Q1 = EC_POINT_new(group)) + || !TEST_ptr(Q2 = EC_POINT_new(altgroup)) + /* fetch a testing scalar k != 0,1 */ + || !TEST_true(BN_rand(k, EC_GROUP_order_bits(group) - 1, + BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) + /* make k even */ + || !TEST_true(BN_clear_bit(k, 0)) + /* Q1 := kG on group */ + || !TEST_true(EC_POINT_mul(group, Q1, k, NULL, NULL, ctx)) + /* pull out the bytes of that */ + || !TEST_int_eq(EC_POINT_point2oct(group, Q1, + POINT_CONVERSION_UNCOMPRESSED, + NULL, 0, ctx), bsize) + || !TEST_int_eq(EC_POINT_point2oct(group, Q1, + POINT_CONVERSION_UNCOMPRESSED, + buf1, bsize, ctx), bsize) + /* k := k/2 */ + || !TEST_true(BN_rshift1(k, k)) + /* Q2 := k/2 G2 on altgroup */ + || !TEST_true(EC_POINT_mul(altgroup, Q2, k, NULL, NULL, ctx)) + /* pull out the bytes of that */ + || !TEST_int_eq(EC_POINT_point2oct(altgroup, Q2, + POINT_CONVERSION_UNCOMPRESSED, + NULL, 0, ctx), bsize) + || !TEST_ptr(buf2 = OPENSSL_malloc(bsize)) + || !TEST_int_eq(EC_POINT_point2oct(altgroup, Q2, + POINT_CONVERSION_UNCOMPRESSED, + buf2, bsize, ctx), bsize) + /* Q1 = kG = k/2 G2 = Q2 should hold */ + || !TEST_mem_eq(buf1, bsize, buf2, bsize)) + goto err; + + /* create two `EC_KEY`s on altgroup */ + if (!TEST_ptr(eckey1 = EC_KEY_new()) + || !TEST_true(EC_KEY_set_group(eckey1, altgroup)) + || !TEST_true(EC_KEY_generate_key(eckey1)) + || !TEST_ptr(eckey2 = EC_KEY_new()) + || !TEST_true(EC_KEY_set_group(eckey2, altgroup)) + || !TEST_true(EC_KEY_generate_key(eckey2))) + goto err; + + /* retrieve priv1 for later */ + if (!TEST_ptr(priv1 = EC_KEY_get0_private_key(eckey1))) + goto err; + + /* + * retrieve bytes for pub1 for later + * + * We compute the pub key in the original group as we will later use it to + * define a provider key in the built-in group. + */ + if (!TEST_true(EC_POINT_mul(group, Q1, priv1, NULL, NULL, ctx)) + || !TEST_int_eq(EC_POINT_point2oct(group, Q1, + POINT_CONVERSION_UNCOMPRESSED, + NULL, 0, ctx), bsize) + || !TEST_ptr(pub1 = OPENSSL_malloc(bsize)) + || !TEST_int_eq(EC_POINT_point2oct(group, Q1, + POINT_CONVERSION_UNCOMPRESSED, + pub1, bsize, ctx), bsize)) + goto err; + + /* retrieve bytes for pub2 for later */ + if (!TEST_ptr(Q = EC_KEY_get0_public_key(eckey2)) + || !TEST_int_eq(EC_POINT_point2oct(altgroup, Q, + POINT_CONVERSION_UNCOMPRESSED, + NULL, 0, ctx), bsize) + || !TEST_ptr(pub2 = OPENSSL_malloc(bsize)) + || !TEST_int_eq(EC_POINT_point2oct(altgroup, Q, + POINT_CONVERSION_UNCOMPRESSED, + pub2, bsize, ctx), bsize)) + goto err; + + /* create two `EVP_PKEY`s from the `EC_KEY`s */ + if(!TEST_ptr(pkey1 = EVP_PKEY_new()) + || !TEST_int_eq(EVP_PKEY_assign_EC_KEY(pkey1, eckey1), 1)) + goto err; + eckey1 = NULL; /* ownership passed to pkey1 */ + if(!TEST_ptr(pkey2 = EVP_PKEY_new()) + || !TEST_int_eq(EVP_PKEY_assign_EC_KEY(pkey2, eckey2), 1)) + goto err; + eckey2 = NULL; /* ownership passed to pkey2 */ + + /* Compute keyexchange in both directions */ + if (!TEST_ptr(pctx1 = EVP_PKEY_CTX_new(pkey1, NULL)) + || !TEST_int_eq(EVP_PKEY_derive_init(pctx1), 1) + || !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx1, pkey2), 1) + || !TEST_int_eq(EVP_PKEY_derive(pctx1, NULL, &sslen), 1) + || !TEST_int_gt(bsize, sslen) + || !TEST_int_eq(EVP_PKEY_derive(pctx1, buf1, &sslen), 1)) + goto err; + if (!TEST_ptr(pctx2 = EVP_PKEY_CTX_new(pkey2, NULL)) + || !TEST_int_eq(EVP_PKEY_derive_init(pctx2), 1) + || !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx2, pkey1), 1) + || !TEST_int_eq(EVP_PKEY_derive(pctx2, NULL, &t), 1) + || !TEST_int_gt(bsize, t) + || !TEST_int_le(sslen, t) + || !TEST_int_eq(EVP_PKEY_derive(pctx2, buf2, &t), 1)) + goto err; + + /* Both sides should expect the same shared secret */ + if (!TEST_mem_eq(buf1, sslen, buf2, t)) + goto err; + + /* Build parameters for provider-native keys */ + if (!TEST_ptr(param_bld = OSSL_PARAM_BLD_new()) + || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(param_bld, + OSSL_PKEY_PARAM_GROUP_NAME, + curve_name, 0)) + || !TEST_true(OSSL_PARAM_BLD_push_octet_string(param_bld, + OSSL_PKEY_PARAM_PUB_KEY, + pub1, bsize)) + || !TEST_true(OSSL_PARAM_BLD_push_BN(param_bld, + OSSL_PKEY_PARAM_PRIV_KEY, + priv1)) + || !TEST_ptr(params1 = OSSL_PARAM_BLD_to_param(param_bld))) + goto err; + + OSSL_PARAM_BLD_free(param_bld); + if (!TEST_ptr(param_bld = OSSL_PARAM_BLD_new()) + || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(param_bld, + OSSL_PKEY_PARAM_GROUP_NAME, + curve_name, 0)) + || !TEST_true(OSSL_PARAM_BLD_push_octet_string(param_bld, + OSSL_PKEY_PARAM_PUB_KEY, + pub2, bsize)) + || !TEST_ptr(params2 = OSSL_PARAM_BLD_to_param(param_bld))) + goto err; + + /* create two new provider-native `EVP_PKEY`s */ + EVP_PKEY_CTX_free(pctx2); + if (!TEST_ptr(pctx2 = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) + || !TEST_true(EVP_PKEY_fromdata_init(pctx2)) + || !TEST_true(EVP_PKEY_fromdata(pctx2, &pkey1, EVP_PKEY_KEYPAIR, + params1)) + || !TEST_true(EVP_PKEY_fromdata(pctx2, &pkey2, EVP_PKEY_PUBLIC_KEY, + params2))) + goto err; + + /* compute keyexchange once more using the provider keys */ + EVP_PKEY_CTX_free(pctx1); + if (!TEST_ptr(pctx1 = EVP_PKEY_CTX_new(pkey1, NULL)) + || !TEST_int_eq(EVP_PKEY_derive_init(pctx1), 1) + || !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx1, pkey2), 1) + || !TEST_int_eq(EVP_PKEY_derive(pctx1, NULL, &t), 1) + || !TEST_int_gt(bsize, t) + || !TEST_int_le(sslen, t) + || !TEST_int_eq(EVP_PKEY_derive(pctx1, buf1, &t), 1) + /* compare with previous result */ + || !TEST_mem_eq(buf1, t, buf2, sslen)) + goto err; + + ret = 1; + + err: + BN_CTX_end(ctx); + BN_CTX_free(ctx); + OSSL_PARAM_BLD_free(param_bld); + OSSL_PARAM_BLD_free_params(params1); + OSSL_PARAM_BLD_free_params(params2); + EC_POINT_free(Q1); + EC_POINT_free(Q2); + EC_POINT_free(G2); + EC_GROUP_free(group); + EC_GROUP_free(altgroup); + OPENSSL_free(buf1); + OPENSSL_free(buf2); + OPENSSL_free(pub1); + OPENSSL_free(pub2); + EC_KEY_free(eckey1); + EC_KEY_free(eckey2); + EVP_PKEY_free(pkey1); + EVP_PKEY_free(pkey2); + EVP_PKEY_CTX_free(pctx1); + EVP_PKEY_CTX_free(pctx2); + + return ret; +} int setup_tests(void) { -#ifndef OPENSSL_NO_EC crv_len = EC_get_builtin_curves(NULL, 0); if (!TEST_ptr(curves = OPENSSL_malloc(sizeof(*curves) * crv_len)) || !TEST_true(EC_get_builtin_curves(curves, crv_len))) @@ -1520,27 +2287,25 @@ int setup_tests(void) ADD_TEST(cofactor_range_test); ADD_ALL_TESTS(cardinality_test, crv_len); ADD_TEST(prime_field_tests); -# ifndef OPENSSL_NO_EC2M +#ifndef OPENSSL_NO_EC2M ADD_TEST(char2_field_tests); ADD_ALL_TESTS(char2_curve_test, OSSL_NELEM(char2_curve_tests)); -# endif -# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +#endif ADD_ALL_TESTS(nistp_single_test, OSSL_NELEM(nistp_tests_params)); - ADD_TEST(underflow_test); -# endif ADD_ALL_TESTS(internal_curve_test, crv_len); ADD_ALL_TESTS(internal_curve_test_method, crv_len); - + ADD_TEST(group_field_test); + ADD_ALL_TESTS(check_named_curve_test, crv_len); + ADD_ALL_TESTS(check_named_curve_lookup_test, crv_len); + ADD_ALL_TESTS(check_ec_key_field_public_range_test, crv_len); ADD_ALL_TESTS(check_named_curve_from_ecparameters, crv_len); ADD_ALL_TESTS(ec_point_hex2point_test, crv_len); ADD_ALL_TESTS(custom_generator_test, crv_len); -#endif /* OPENSSL_NO_EC */ + ADD_ALL_TESTS(custom_params_test, crv_len); return 1; } void cleanup_tests(void) { -#ifndef OPENSSL_NO_EC OPENSSL_free(curves); -#endif } diff --git a/fixpatch b/fixpatch deleted file mode 100755 index bf5eb67..0000000 --- a/fixpatch +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -# Fixes patch from upstream tracker view -gawk ' -BEGIN { - dir="" -} -/^Index: openssl\// { - dir = $2 -} -/^(---|\+\+\+)/ { - $2 = dir -} -{ - print -}' diff --git a/genpatches b/genpatches new file mode 100755 index 0000000..60c36a4 --- /dev/null +++ b/genpatches @@ -0,0 +1,26 @@ +#!/bin/bash + +if [ $# -ne 2 ] ; then + echo "Usage:" + echo " $0 " + exit 1 +fi + +git_dir="$1" +base_tag="$2" + +target_dir="$(pwd)" + +pushd "$git_dir" >/dev/null +git format-patch -k -o "$target_dir" "$base_tag" >/dev/null +popd >/dev/null + +echo "# Patches exported from source git" + +i=1 +for p in *.patch ; do + printf "# " + sed '/^Subject:/{s/^Subject: //;p};d' "$p" + printf "Patch%s: %s\n" $i "$p" + i=$(($i + 1)) +done diff --git a/openssl-1.1.1-alpn-cb.patch b/openssl-1.1.1-alpn-cb.patch deleted file mode 100644 index 465f7b8..0000000 --- a/openssl-1.1.1-alpn-cb.patch +++ /dev/null @@ -1,27 +0,0 @@ -commit 9e885a707d604e9528b5491b78fb9c00f41193fc -Author: Tomas Mraz -Date: Thu Mar 26 15:59:00 2020 +0100 - - s_server: Properly indicate ALPN protocol mismatch - - Return SSL_TLSEXT_ERR_ALERT_FATAL from alpn_select_cb so that - an alert is sent to the client on ALPN protocol mismatch. - - Fixes: #2708 - - Reviewed-by: Matt Caswell - (Merged from https://github.com/openssl/openssl/pull/11415) - -diff --git a/apps/s_server.c b/apps/s_server.c -index bcc83e562c..591c6c19c5 100644 ---- a/apps/s_server.c -+++ b/apps/s_server.c -@@ -707,7 +707,7 @@ static int alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen, - if (SSL_select_next_proto - ((unsigned char **)out, outlen, alpn_ctx->data, alpn_ctx->len, in, - inlen) != OPENSSL_NPN_NEGOTIATED) { -- return SSL_TLSEXT_ERR_NOACK; -+ return SSL_TLSEXT_ERR_ALERT_FATAL; - } - - if (!s_quiet) { diff --git a/openssl-1.1.1-apps-dgst.patch b/openssl-1.1.1-apps-dgst.patch deleted file mode 100644 index 655b6e2..0000000 --- a/openssl-1.1.1-apps-dgst.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openssl-1.1.1b/apps/ca.c.dgst openssl-1.1.1b/apps/ca.c ---- openssl-1.1.1b/apps/ca.c.dgst 2019-02-26 15:15:30.000000000 +0100 -+++ openssl-1.1.1b/apps/ca.c 2019-03-15 15:53:46.622267688 +0100 -@@ -169,7 +169,7 @@ const OPTIONS ca_options[] = { - {"enddate", OPT_ENDDATE, 's', - "YYMMDDHHMMSSZ cert notAfter (overrides -days)"}, - {"days", OPT_DAYS, 'p', "Number of days to certify the cert for"}, -- {"md", OPT_MD, 's', "md to use; one of md2, md5, sha or sha1"}, -+ {"md", OPT_MD, 's', "md to use; see openssl help for list"}, - {"policy", OPT_POLICY, 's', "The CA 'policy' to support"}, - {"keyfile", OPT_KEYFILE, 's', "Private key"}, - {"keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)"}, diff --git a/openssl-1.1.1-arm-update.patch b/openssl-1.1.1-arm-update.patch deleted file mode 100644 index 2b8c549..0000000 --- a/openssl-1.1.1-arm-update.patch +++ /dev/null @@ -1,3706 +0,0 @@ -diff -up openssl-1.1.1i/crypto/aes/asm/aesv8-armx.pl.arm-update openssl-1.1.1i/crypto/aes/asm/aesv8-armx.pl ---- openssl-1.1.1i/crypto/aes/asm/aesv8-armx.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/crypto/aes/asm/aesv8-armx.pl 2020-12-09 10:39:50.645705385 +0100 -@@ -27,44 +27,72 @@ - # CBC encrypt case. On Cortex-A57 parallelizable mode performance - # seems to be limited by sheer amount of NEON instructions... - # -+# April 2019 -+# -+# Key to performance of parallelize-able modes is round instruction -+# interleaving. But which factor to use? There is optimal one for -+# each combination of instruction latency and issue rate, beyond -+# which increasing interleave factor doesn't pay off. While on cons -+# side we have code size increase and resource waste on platforms for -+# which interleave factor is too high. In other words you want it to -+# be just right. So far interleave factor of 3x was serving well all -+# platforms. But for ThunderX2 optimal interleave factor was measured -+# to be 5x... -+# - # Performance in cycles per byte processed with 128-bit key: - # - # CBC enc CBC dec CTR - # Apple A7 2.39 1.20 1.20 --# Cortex-A53 1.32 1.29 1.46 --# Cortex-A57(*) 1.95 0.85 0.93 --# Denver 1.96 0.86 0.80 --# Mongoose 1.33 1.20 1.20 --# Kryo 1.26 0.94 1.00 -+# Cortex-A53 1.32 1.17/1.29(**) 1.36/1.46 -+# Cortex-A57(*) 1.95 0.82/0.85 0.89/0.93 -+# Cortex-A72 1.33 0.85/0.88 0.92/0.96 -+# Denver 1.96 0.65/0.86 0.76/0.80 -+# Mongoose 1.33 1.23/1.20 1.30/1.20 -+# Kryo 1.26 0.87/0.94 1.00/1.00 -+# ThunderX2 5.95 1.25 1.30 - # - # (*) original 3.64/1.34/1.32 results were for r0p0 revision - # and are still same even for updated module; -+# (**) numbers after slash are for 32-bit code, which is 3x- -+# interleaved; - --$flavour = shift; --$output = shift; -+# $output is the last argument if it looks like a file (it has an extension) -+# $flavour is the first argument if it doesn't look like a file -+$output = $#ARGV >= 0 && $ARGV[$#ARGV] =~ m|\.\w+$| ? pop : undef; -+$flavour = $#ARGV >= 0 && $ARGV[0] !~ m|\.| ? shift : undef; - - $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; - ( $xlate="${dir}arm-xlate.pl" and -f $xlate ) or - ( $xlate="${dir}../../perlasm/arm-xlate.pl" and -f $xlate) or - die "can't locate arm-xlate.pl"; - --open OUT,"| \"$^X\" $xlate $flavour $output"; -+open OUT,"| \"$^X\" $xlate $flavour \"$output\"" -+ or die "can't call $xlate: $!"; - *STDOUT=*OUT; - - $prefix="aes_v8"; - -+$_byte = ($flavour =~ /win/ ? "DCB" : ".byte"); -+ - $code=<<___; - #include "arm_arch.h" - - #if __ARM_MAX_ARCH__>=7 --.text - ___ --$code.=".arch armv8-a+crypto\n" if ($flavour =~ /64/); -+$code.=".arch armv8-a+crypto\n.text\n" if ($flavour =~ /64/); - $code.=<<___ if ($flavour !~ /64/); - .arch armv7-a // don't confuse not-so-latest binutils with argv8 :-) - .fpu neon -+#ifdef __thumb2__ -+.syntax unified -+.thumb -+# define INST(a,b,c,d) $_byte c,d|0xc,a,b -+#else - .code 32 --#undef __thumb2__ -+# define INST(a,b,c,d) $_byte a,b,c,d -+#endif -+ -+.text - ___ - - # Assembler mnemonics are an eclectic mix of 32- and 64-bit syntax, -@@ -361,6 +389,836 @@ ___ - &gen_block("en"); - &gen_block("de"); - }}} -+ -+# Performance in cycles per byte. -+# Processed with AES-ECB different key size. -+# It shows the value before and after optimization as below: -+# (before/after): -+# -+# AES-128-ECB AES-192-ECB AES-256-ECB -+# Cortex-A57 1.85/0.82 2.16/0.96 2.47/1.10 -+# Cortex-A72 1.64/0.85 1.82/0.99 2.13/1.14 -+ -+# Optimization is implemented by loop unrolling and interleaving. -+# Commonly, we choose the unrolling factor as 5, if the input -+# data size smaller than 5 blocks, but not smaller than 3 blocks, -+# choose 3 as the unrolling factor. -+# If the input data size dsize >= 5*16 bytes, then take 5 blocks -+# as one iteration, every loop the left size lsize -= 5*16. -+# If 5*16 > lsize >= 3*16 bytes, take 3 blocks as one iteration, -+# every loop lsize -=3*16. -+# If lsize < 3*16 bytes, treat them as the tail, interleave the -+# two blocks AES instructions. -+# There is one special case, if the original input data size dsize -+# = 16 bytes, we will treat it seperately to improve the -+# performance: one independent code block without LR, FP load and -+# store, just looks like what the original ECB implementation does. -+ -+{{{ -+my ($inp,$out,$len,$key)=map("x$_",(0..3)); -+my ($enc,$rounds,$cnt,$key_,$step)=("w4","w5","w6","x7","x8"); -+my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$tmp2,$rndlast)=map("q$_",(0..7)); -+ -+my ($dat,$tmp,$rndzero_n_last)=($dat0,$tmp0,$tmp1); -+ -+### q7 last round key -+### q10-q15 q7 Last 7 round keys -+### q8-q9 preloaded round keys except last 7 keys for big size -+### q5, q6, q8-q9 preloaded round keys except last 7 keys for only 16 byte -+ -+{ -+my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); -+ -+my ($dat3,$in3,$tmp3); # used only in 64-bit mode -+my ($dat4,$in4,$tmp4); -+if ($flavour =~ /64/) { -+ ($dat2,$dat3,$dat4,$in2,$in3,$in4,$tmp3,$tmp4)=map("q$_",(16..23)); -+} -+ -+$code.=<<___; -+.globl ${prefix}_ecb_encrypt -+.type ${prefix}_ecb_encrypt,%function -+.align 5 -+${prefix}_ecb_encrypt: -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ subs $len,$len,#16 -+ // Original input data size bigger than 16, jump to big size processing. -+ b.ne .Lecb_big_size -+ vld1.8 {$dat0},[$inp] -+ cmp $enc,#0 // en- or decrypting? -+ ldr $rounds,[$key,#240] -+ vld1.32 {q5-q6},[$key],#32 // load key schedule... -+ -+ b.eq .Lecb_small_dec -+ aese $dat0,q5 -+ aesmc $dat0,$dat0 -+ vld1.32 {q8-q9},[$key],#32 // load key schedule... -+ aese $dat0,q6 -+ aesmc $dat0,$dat0 -+ subs $rounds,$rounds,#10 // if rounds==10, jump to aes-128-ecb processing -+ b.eq .Lecb_128_enc -+.Lecb_round_loop: -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ vld1.32 {q8},[$key],#16 // load key schedule... -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ vld1.32 {q9},[$key],#16 // load key schedule... -+ subs $rounds,$rounds,#2 // bias -+ b.gt .Lecb_round_loop -+.Lecb_128_enc: -+ vld1.32 {q10-q11},[$key],#32 // load key schedule... -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ vld1.32 {q12-q13},[$key],#32 // load key schedule... -+ aese $dat0,q10 -+ aesmc $dat0,$dat0 -+ aese $dat0,q11 -+ aesmc $dat0,$dat0 -+ vld1.32 {q14-q15},[$key],#32 // load key schedule... -+ aese $dat0,q12 -+ aesmc $dat0,$dat0 -+ aese $dat0,q13 -+ aesmc $dat0,$dat0 -+ vld1.32 {$rndlast},[$key] -+ aese $dat0,q14 -+ aesmc $dat0,$dat0 -+ aese $dat0,q15 -+ veor $dat0,$dat0,$rndlast -+ vst1.8 {$dat0},[$out] -+ b .Lecb_Final_abort -+.Lecb_small_dec: -+ aesd $dat0,q5 -+ aesimc $dat0,$dat0 -+ vld1.32 {q8-q9},[$key],#32 // load key schedule... -+ aesd $dat0,q6 -+ aesimc $dat0,$dat0 -+ subs $rounds,$rounds,#10 // bias -+ b.eq .Lecb_128_dec -+.Lecb_dec_round_loop: -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ vld1.32 {q8},[$key],#16 // load key schedule... -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ vld1.32 {q9},[$key],#16 // load key schedule... -+ subs $rounds,$rounds,#2 // bias -+ b.gt .Lecb_dec_round_loop -+.Lecb_128_dec: -+ vld1.32 {q10-q11},[$key],#32 // load key schedule... -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ vld1.32 {q12-q13},[$key],#32 // load key schedule... -+ aesd $dat0,q10 -+ aesimc $dat0,$dat0 -+ aesd $dat0,q11 -+ aesimc $dat0,$dat0 -+ vld1.32 {q14-q15},[$key],#32 // load key schedule... -+ aesd $dat0,q12 -+ aesimc $dat0,$dat0 -+ aesd $dat0,q13 -+ aesimc $dat0,$dat0 -+ vld1.32 {$rndlast},[$key] -+ aesd $dat0,q14 -+ aesimc $dat0,$dat0 -+ aesd $dat0,q15 -+ veor $dat0,$dat0,$rndlast -+ vst1.8 {$dat0},[$out] -+ b .Lecb_Final_abort -+.Lecb_big_size: -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ stp x29,x30,[sp,#-16]! -+ add x29,sp,#0 -+___ -+$code.=<<___ if ($flavour !~ /64/); -+ mov ip,sp -+ stmdb sp!,{r4-r8,lr} -+ vstmdb sp!,{d8-d15} @ ABI specification says so -+ ldmia ip,{r4-r5} @ load remaining args -+ subs $len,$len,#16 -+___ -+$code.=<<___; -+ mov $step,#16 -+ b.lo .Lecb_done -+ cclr $step,eq -+ -+ cmp $enc,#0 // en- or decrypting? -+ ldr $rounds,[$key,#240] -+ and $len,$len,#-16 -+ vld1.8 {$dat},[$inp],$step -+ -+ vld1.32 {q8-q9},[$key] // load key schedule... -+ sub $rounds,$rounds,#6 -+ add $key_,$key,x5,lsl#4 // pointer to last 7 round keys -+ sub $rounds,$rounds,#2 -+ vld1.32 {q10-q11},[$key_],#32 -+ vld1.32 {q12-q13},[$key_],#32 -+ vld1.32 {q14-q15},[$key_],#32 -+ vld1.32 {$rndlast},[$key_] -+ -+ add $key_,$key,#32 -+ mov $cnt,$rounds -+ b.eq .Lecb_dec -+ -+ vld1.8 {$dat1},[$inp],#16 -+ subs $len,$len,#32 // bias -+ add $cnt,$rounds,#2 -+ vorr $in1,$dat1,$dat1 -+ vorr $dat2,$dat1,$dat1 -+ vorr $dat1,$dat,$dat -+ b.lo .Lecb_enc_tail -+ -+ vorr $dat1,$in1,$in1 -+ vld1.8 {$dat2},[$inp],#16 -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ cmp $len,#32 -+ b.lo .Loop3x_ecb_enc -+ -+ vld1.8 {$dat3},[$inp],#16 -+ vld1.8 {$dat4},[$inp],#16 -+ sub $len,$len,#32 // bias -+ mov $cnt,$rounds -+ -+.Loop5x_ecb_enc: -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ aese $dat3,q8 -+ aesmc $dat3,$dat3 -+ aese $dat4,q8 -+ aesmc $dat4,$dat4 -+ vld1.32 {q8},[$key_],#16 -+ subs $cnt,$cnt,#2 -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ aese $dat3,q9 -+ aesmc $dat3,$dat3 -+ aese $dat4,q9 -+ aesmc $dat4,$dat4 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Loop5x_ecb_enc -+ -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ aese $dat3,q8 -+ aesmc $dat3,$dat3 -+ aese $dat4,q8 -+ aesmc $dat4,$dat4 -+ cmp $len,#0x40 // because .Lecb_enc_tail4x -+ sub $len,$len,#0x50 -+ -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ aese $dat3,q9 -+ aesmc $dat3,$dat3 -+ aese $dat4,q9 -+ aesmc $dat4,$dat4 -+ csel x6,xzr,$len,gt // borrow x6, $cnt, "gt" is not typo -+ mov $key_,$key -+ -+ aese $dat0,q10 -+ aesmc $dat0,$dat0 -+ aese $dat1,q10 -+ aesmc $dat1,$dat1 -+ aese $dat2,q10 -+ aesmc $dat2,$dat2 -+ aese $dat3,q10 -+ aesmc $dat3,$dat3 -+ aese $dat4,q10 -+ aesmc $dat4,$dat4 -+ add $inp,$inp,x6 // $inp is adjusted in such way that -+ // at exit from the loop $dat1-$dat4 -+ // are loaded with last "words" -+ add x6,$len,#0x60 // because .Lecb_enc_tail4x -+ -+ aese $dat0,q11 -+ aesmc $dat0,$dat0 -+ aese $dat1,q11 -+ aesmc $dat1,$dat1 -+ aese $dat2,q11 -+ aesmc $dat2,$dat2 -+ aese $dat3,q11 -+ aesmc $dat3,$dat3 -+ aese $dat4,q11 -+ aesmc $dat4,$dat4 -+ -+ aese $dat0,q12 -+ aesmc $dat0,$dat0 -+ aese $dat1,q12 -+ aesmc $dat1,$dat1 -+ aese $dat2,q12 -+ aesmc $dat2,$dat2 -+ aese $dat3,q12 -+ aesmc $dat3,$dat3 -+ aese $dat4,q12 -+ aesmc $dat4,$dat4 -+ -+ aese $dat0,q13 -+ aesmc $dat0,$dat0 -+ aese $dat1,q13 -+ aesmc $dat1,$dat1 -+ aese $dat2,q13 -+ aesmc $dat2,$dat2 -+ aese $dat3,q13 -+ aesmc $dat3,$dat3 -+ aese $dat4,q13 -+ aesmc $dat4,$dat4 -+ -+ aese $dat0,q14 -+ aesmc $dat0,$dat0 -+ aese $dat1,q14 -+ aesmc $dat1,$dat1 -+ aese $dat2,q14 -+ aesmc $dat2,$dat2 -+ aese $dat3,q14 -+ aesmc $dat3,$dat3 -+ aese $dat4,q14 -+ aesmc $dat4,$dat4 -+ -+ aese $dat0,q15 -+ vld1.8 {$in0},[$inp],#16 -+ aese $dat1,q15 -+ vld1.8 {$in1},[$inp],#16 -+ aese $dat2,q15 -+ vld1.8 {$in2},[$inp],#16 -+ aese $dat3,q15 -+ vld1.8 {$in3},[$inp],#16 -+ aese $dat4,q15 -+ vld1.8 {$in4},[$inp],#16 -+ cbz x6,.Lecb_enc_tail4x -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ veor $tmp0,$rndlast,$dat0 -+ vorr $dat0,$in0,$in0 -+ veor $tmp1,$rndlast,$dat1 -+ vorr $dat1,$in1,$in1 -+ veor $tmp2,$rndlast,$dat2 -+ vorr $dat2,$in2,$in2 -+ veor $tmp3,$rndlast,$dat3 -+ vorr $dat3,$in3,$in3 -+ veor $tmp4,$rndlast,$dat4 -+ vst1.8 {$tmp0},[$out],#16 -+ vorr $dat4,$in4,$in4 -+ vst1.8 {$tmp1},[$out],#16 -+ mov $cnt,$rounds -+ vst1.8 {$tmp2},[$out],#16 -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] -+ vst1.8 {$tmp3},[$out],#16 -+ vst1.8 {$tmp4},[$out],#16 -+ b.hs .Loop5x_ecb_enc -+ -+ add $len,$len,#0x50 -+ cbz $len,.Lecb_done -+ -+ add $cnt,$rounds,#2 -+ subs $len,$len,#0x30 -+ vorr $dat0,$in2,$in2 -+ vorr $dat1,$in3,$in3 -+ vorr $dat2,$in4,$in4 -+ b.lo .Lecb_enc_tail -+ -+ b .Loop3x_ecb_enc -+ -+.align 4 -+.Lecb_enc_tail4x: -+ veor $tmp1,$rndlast,$dat1 -+ veor $tmp2,$rndlast,$dat2 -+ veor $tmp3,$rndlast,$dat3 -+ veor $tmp4,$rndlast,$dat4 -+ vst1.8 {$tmp1},[$out],#16 -+ vst1.8 {$tmp2},[$out],#16 -+ vst1.8 {$tmp3},[$out],#16 -+ vst1.8 {$tmp4},[$out],#16 -+ -+ b .Lecb_done -+.align 4 -+___ -+$code.=<<___; -+.Loop3x_ecb_enc: -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ vld1.32 {q8},[$key_],#16 -+ subs $cnt,$cnt,#2 -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Loop3x_ecb_enc -+ -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ subs $len,$len,#0x30 -+ mov.lo x6,$len // x6, $cnt, is zero at this point -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ add $inp,$inp,x6 // $inp is adjusted in such way that -+ // at exit from the loop $dat1-$dat2 -+ // are loaded with last "words" -+ mov $key_,$key -+ aese $dat0,q12 -+ aesmc $dat0,$dat0 -+ aese $dat1,q12 -+ aesmc $dat1,$dat1 -+ aese $dat2,q12 -+ aesmc $dat2,$dat2 -+ vld1.8 {$in0},[$inp],#16 -+ aese $dat0,q13 -+ aesmc $dat0,$dat0 -+ aese $dat1,q13 -+ aesmc $dat1,$dat1 -+ aese $dat2,q13 -+ aesmc $dat2,$dat2 -+ vld1.8 {$in1},[$inp],#16 -+ aese $dat0,q14 -+ aesmc $dat0,$dat0 -+ aese $dat1,q14 -+ aesmc $dat1,$dat1 -+ aese $dat2,q14 -+ aesmc $dat2,$dat2 -+ vld1.8 {$in2},[$inp],#16 -+ aese $dat0,q15 -+ aese $dat1,q15 -+ aese $dat2,q15 -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ add $cnt,$rounds,#2 -+ veor $tmp0,$rndlast,$dat0 -+ veor $tmp1,$rndlast,$dat1 -+ veor $dat2,$dat2,$rndlast -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] -+ vst1.8 {$tmp0},[$out],#16 -+ vorr $dat0,$in0,$in0 -+ vst1.8 {$tmp1},[$out],#16 -+ vorr $dat1,$in1,$in1 -+ vst1.8 {$dat2},[$out],#16 -+ vorr $dat2,$in2,$in2 -+ b.hs .Loop3x_ecb_enc -+ -+ cmn $len,#0x30 -+ b.eq .Lecb_done -+ nop -+ -+.Lecb_enc_tail: -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ vld1.32 {q8},[$key_],#16 -+ subs $cnt,$cnt,#2 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Lecb_enc_tail -+ -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ aese $dat1,q12 -+ aesmc $dat1,$dat1 -+ aese $dat2,q12 -+ aesmc $dat2,$dat2 -+ cmn $len,#0x20 -+ aese $dat1,q13 -+ aesmc $dat1,$dat1 -+ aese $dat2,q13 -+ aesmc $dat2,$dat2 -+ aese $dat1,q14 -+ aesmc $dat1,$dat1 -+ aese $dat2,q14 -+ aesmc $dat2,$dat2 -+ aese $dat1,q15 -+ aese $dat2,q15 -+ b.eq .Lecb_enc_one -+ veor $tmp1,$rndlast,$dat1 -+ veor $tmp2,$rndlast,$dat2 -+ vst1.8 {$tmp1},[$out],#16 -+ vst1.8 {$tmp2},[$out],#16 -+ b .Lecb_done -+ -+.Lecb_enc_one: -+ veor $tmp1,$rndlast,$dat2 -+ vst1.8 {$tmp1},[$out],#16 -+ b .Lecb_done -+___ -+ -+$code.=<<___; -+.align 5 -+.Lecb_dec: -+ vld1.8 {$dat1},[$inp],#16 -+ subs $len,$len,#32 // bias -+ add $cnt,$rounds,#2 -+ vorr $in1,$dat1,$dat1 -+ vorr $dat2,$dat1,$dat1 -+ vorr $dat1,$dat,$dat -+ b.lo .Lecb_dec_tail -+ -+ vorr $dat1,$in1,$in1 -+ vld1.8 {$dat2},[$inp],#16 -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ cmp $len,#32 -+ b.lo .Loop3x_ecb_dec -+ -+ vld1.8 {$dat3},[$inp],#16 -+ vld1.8 {$dat4},[$inp],#16 -+ sub $len,$len,#32 // bias -+ mov $cnt,$rounds -+ -+.Loop5x_ecb_dec: -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q8 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q8 -+ aesimc $dat4,$dat4 -+ vld1.32 {q8},[$key_],#16 -+ subs $cnt,$cnt,#2 -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q9 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q9 -+ aesimc $dat4,$dat4 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Loop5x_ecb_dec -+ -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q8 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q8 -+ aesimc $dat4,$dat4 -+ cmp $len,#0x40 // because .Lecb_tail4x -+ sub $len,$len,#0x50 -+ -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q9 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q9 -+ aesimc $dat4,$dat4 -+ csel x6,xzr,$len,gt // borrow x6, $cnt, "gt" is not typo -+ mov $key_,$key -+ -+ aesd $dat0,q10 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q10 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q10 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q10 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q10 -+ aesimc $dat4,$dat4 -+ add $inp,$inp,x6 // $inp is adjusted in such way that -+ // at exit from the loop $dat1-$dat4 -+ // are loaded with last "words" -+ add x6,$len,#0x60 // because .Lecb_tail4x -+ -+ aesd $dat0,q11 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q11 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q11 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q11 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q11 -+ aesimc $dat4,$dat4 -+ -+ aesd $dat0,q12 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q12 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q12 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q12 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q12 -+ aesimc $dat4,$dat4 -+ -+ aesd $dat0,q13 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q13 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q13 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q13 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q13 -+ aesimc $dat4,$dat4 -+ -+ aesd $dat0,q14 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q14 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q14 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q14 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q14 -+ aesimc $dat4,$dat4 -+ -+ aesd $dat0,q15 -+ vld1.8 {$in0},[$inp],#16 -+ aesd $dat1,q15 -+ vld1.8 {$in1},[$inp],#16 -+ aesd $dat2,q15 -+ vld1.8 {$in2},[$inp],#16 -+ aesd $dat3,q15 -+ vld1.8 {$in3},[$inp],#16 -+ aesd $dat4,q15 -+ vld1.8 {$in4},[$inp],#16 -+ cbz x6,.Lecb_tail4x -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ veor $tmp0,$rndlast,$dat0 -+ vorr $dat0,$in0,$in0 -+ veor $tmp1,$rndlast,$dat1 -+ vorr $dat1,$in1,$in1 -+ veor $tmp2,$rndlast,$dat2 -+ vorr $dat2,$in2,$in2 -+ veor $tmp3,$rndlast,$dat3 -+ vorr $dat3,$in3,$in3 -+ veor $tmp4,$rndlast,$dat4 -+ vst1.8 {$tmp0},[$out],#16 -+ vorr $dat4,$in4,$in4 -+ vst1.8 {$tmp1},[$out],#16 -+ mov $cnt,$rounds -+ vst1.8 {$tmp2},[$out],#16 -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] -+ vst1.8 {$tmp3},[$out],#16 -+ vst1.8 {$tmp4},[$out],#16 -+ b.hs .Loop5x_ecb_dec -+ -+ add $len,$len,#0x50 -+ cbz $len,.Lecb_done -+ -+ add $cnt,$rounds,#2 -+ subs $len,$len,#0x30 -+ vorr $dat0,$in2,$in2 -+ vorr $dat1,$in3,$in3 -+ vorr $dat2,$in4,$in4 -+ b.lo .Lecb_dec_tail -+ -+ b .Loop3x_ecb_dec -+ -+.align 4 -+.Lecb_tail4x: -+ veor $tmp1,$rndlast,$dat1 -+ veor $tmp2,$rndlast,$dat2 -+ veor $tmp3,$rndlast,$dat3 -+ veor $tmp4,$rndlast,$dat4 -+ vst1.8 {$tmp1},[$out],#16 -+ vst1.8 {$tmp2},[$out],#16 -+ vst1.8 {$tmp3},[$out],#16 -+ vst1.8 {$tmp4},[$out],#16 -+ -+ b .Lecb_done -+.align 4 -+___ -+$code.=<<___; -+.Loop3x_ecb_dec: -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ vld1.32 {q8},[$key_],#16 -+ subs $cnt,$cnt,#2 -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Loop3x_ecb_dec -+ -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ subs $len,$len,#0x30 -+ mov.lo x6,$len // x6, $cnt, is zero at this point -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ add $inp,$inp,x6 // $inp is adjusted in such way that -+ // at exit from the loop $dat1-$dat2 -+ // are loaded with last "words" -+ mov $key_,$key -+ aesd $dat0,q12 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q12 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q12 -+ aesimc $dat2,$dat2 -+ vld1.8 {$in0},[$inp],#16 -+ aesd $dat0,q13 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q13 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q13 -+ aesimc $dat2,$dat2 -+ vld1.8 {$in1},[$inp],#16 -+ aesd $dat0,q14 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q14 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q14 -+ aesimc $dat2,$dat2 -+ vld1.8 {$in2},[$inp],#16 -+ aesd $dat0,q15 -+ aesd $dat1,q15 -+ aesd $dat2,q15 -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ add $cnt,$rounds,#2 -+ veor $tmp0,$rndlast,$dat0 -+ veor $tmp1,$rndlast,$dat1 -+ veor $dat2,$dat2,$rndlast -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] -+ vst1.8 {$tmp0},[$out],#16 -+ vorr $dat0,$in0,$in0 -+ vst1.8 {$tmp1},[$out],#16 -+ vorr $dat1,$in1,$in1 -+ vst1.8 {$dat2},[$out],#16 -+ vorr $dat2,$in2,$in2 -+ b.hs .Loop3x_ecb_dec -+ -+ cmn $len,#0x30 -+ b.eq .Lecb_done -+ nop -+ -+.Lecb_dec_tail: -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ vld1.32 {q8},[$key_],#16 -+ subs $cnt,$cnt,#2 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Lecb_dec_tail -+ -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ aesd $dat1,q12 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q12 -+ aesimc $dat2,$dat2 -+ cmn $len,#0x20 -+ aesd $dat1,q13 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q13 -+ aesimc $dat2,$dat2 -+ aesd $dat1,q14 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q14 -+ aesimc $dat2,$dat2 -+ aesd $dat1,q15 -+ aesd $dat2,q15 -+ b.eq .Lecb_dec_one -+ veor $tmp1,$rndlast,$dat1 -+ veor $tmp2,$rndlast,$dat2 -+ vst1.8 {$tmp1},[$out],#16 -+ vst1.8 {$tmp2},[$out],#16 -+ b .Lecb_done -+ -+.Lecb_dec_one: -+ veor $tmp1,$rndlast,$dat2 -+ vst1.8 {$tmp1},[$out],#16 -+ -+.Lecb_done: -+___ -+} -+$code.=<<___ if ($flavour !~ /64/); -+ vldmia sp!,{d8-d15} -+ ldmia sp!,{r4-r8,pc} -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ ldr x29,[sp],#16 -+___ -+$code.=<<___ if ($flavour =~ /64/); -+.Lecb_Final_abort: -+ ret -+___ -+$code.=<<___; -+.size ${prefix}_ecb_encrypt,.-${prefix}_ecb_encrypt -+___ -+}}} - {{{ - my ($inp,$out,$len,$key,$ivp)=map("x$_",(0..4)); my $enc="w5"; - my ($rounds,$cnt,$key_,$step,$step1)=($enc,"w6","x7","x8","x12"); -@@ -519,6 +1377,13 @@ $code.=<<___; - ___ - { - my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); -+ -+my ($dat3,$in3,$tmp3); # used only in 64-bit mode -+my ($dat4,$in4,$tmp4); -+if ($flavour =~ /64/) { -+ ($dat2,$dat3,$dat4,$in2,$in3,$in4,$tmp3,$tmp4)=map("q$_",(16..23)); -+} -+ - $code.=<<___; - .align 5 - .Lcbc_dec: -@@ -535,7 +1400,196 @@ $code.=<<___; - vorr $in0,$dat,$dat - vorr $in1,$dat1,$dat1 - vorr $in2,$dat2,$dat2 -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ cmp $len,#32 -+ b.lo .Loop3x_cbc_dec -+ -+ vld1.8 {$dat3},[$inp],#16 -+ vld1.8 {$dat4},[$inp],#16 -+ sub $len,$len,#32 // bias -+ mov $cnt,$rounds -+ vorr $in3,$dat3,$dat3 -+ vorr $in4,$dat4,$dat4 -+ -+.Loop5x_cbc_dec: -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q8 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q8 -+ aesimc $dat4,$dat4 -+ vld1.32 {q8},[$key_],#16 -+ subs $cnt,$cnt,#2 -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q9 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q9 -+ aesimc $dat4,$dat4 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Loop5x_cbc_dec -+ -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q8 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q8 -+ aesimc $dat4,$dat4 -+ cmp $len,#0x40 // because .Lcbc_tail4x -+ sub $len,$len,#0x50 -+ -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q9 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q9 -+ aesimc $dat4,$dat4 -+ csel x6,xzr,$len,gt // borrow x6, $cnt, "gt" is not typo -+ mov $key_,$key -+ -+ aesd $dat0,q10 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q10 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q10 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q10 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q10 -+ aesimc $dat4,$dat4 -+ add $inp,$inp,x6 // $inp is adjusted in such way that -+ // at exit from the loop $dat1-$dat4 -+ // are loaded with last "words" -+ add x6,$len,#0x60 // because .Lcbc_tail4x -+ -+ aesd $dat0,q11 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q11 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q11 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q11 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q11 -+ aesimc $dat4,$dat4 -+ -+ aesd $dat0,q12 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q12 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q12 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q12 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q12 -+ aesimc $dat4,$dat4 -+ -+ aesd $dat0,q13 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q13 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q13 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q13 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q13 -+ aesimc $dat4,$dat4 -+ -+ aesd $dat0,q14 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q14 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q14 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q14 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q14 -+ aesimc $dat4,$dat4 - -+ veor $tmp0,$ivec,$rndlast -+ aesd $dat0,q15 -+ veor $tmp1,$in0,$rndlast -+ vld1.8 {$in0},[$inp],#16 -+ aesd $dat1,q15 -+ veor $tmp2,$in1,$rndlast -+ vld1.8 {$in1},[$inp],#16 -+ aesd $dat2,q15 -+ veor $tmp3,$in2,$rndlast -+ vld1.8 {$in2},[$inp],#16 -+ aesd $dat3,q15 -+ veor $tmp4,$in3,$rndlast -+ vld1.8 {$in3},[$inp],#16 -+ aesd $dat4,q15 -+ vorr $ivec,$in4,$in4 -+ vld1.8 {$in4},[$inp],#16 -+ cbz x6,.Lcbc_tail4x -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ veor $tmp0,$tmp0,$dat0 -+ vorr $dat0,$in0,$in0 -+ veor $tmp1,$tmp1,$dat1 -+ vorr $dat1,$in1,$in1 -+ veor $tmp2,$tmp2,$dat2 -+ vorr $dat2,$in2,$in2 -+ veor $tmp3,$tmp3,$dat3 -+ vorr $dat3,$in3,$in3 -+ veor $tmp4,$tmp4,$dat4 -+ vst1.8 {$tmp0},[$out],#16 -+ vorr $dat4,$in4,$in4 -+ vst1.8 {$tmp1},[$out],#16 -+ mov $cnt,$rounds -+ vst1.8 {$tmp2},[$out],#16 -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] -+ vst1.8 {$tmp3},[$out],#16 -+ vst1.8 {$tmp4},[$out],#16 -+ b.hs .Loop5x_cbc_dec -+ -+ add $len,$len,#0x50 -+ cbz $len,.Lcbc_done -+ -+ add $cnt,$rounds,#2 -+ subs $len,$len,#0x30 -+ vorr $dat0,$in2,$in2 -+ vorr $in0,$in2,$in2 -+ vorr $dat1,$in3,$in3 -+ vorr $in1,$in3,$in3 -+ vorr $dat2,$in4,$in4 -+ vorr $in2,$in4,$in4 -+ b.lo .Lcbc_dec_tail -+ -+ b .Loop3x_cbc_dec -+ -+.align 4 -+.Lcbc_tail4x: -+ veor $tmp1,$tmp0,$dat1 -+ veor $tmp2,$tmp2,$dat2 -+ veor $tmp3,$tmp3,$dat3 -+ veor $tmp4,$tmp4,$dat4 -+ vst1.8 {$tmp1},[$out],#16 -+ vst1.8 {$tmp2},[$out],#16 -+ vst1.8 {$tmp3},[$out],#16 -+ vst1.8 {$tmp4},[$out],#16 -+ -+ b .Lcbc_done -+.align 4 -+___ -+$code.=<<___; - .Loop3x_cbc_dec: - aesd $dat0,q8 - aesimc $dat0,$dat0 -@@ -696,6 +1750,9 @@ my $step="x12"; # aliases with $tctr2 - my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$ivec,$rndlast)=map("q$_",(0..7)); - my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); - -+# used only in 64-bit mode... -+my ($dat3,$dat4,$in3,$in4)=map("q$_",(16..23)); -+ - my ($dat,$tmp)=($dat0,$tmp0); - - ### q8-q15 preloaded key schedule -@@ -751,6 +1808,175 @@ $code.=<<___; - vmov.32 ${ivec}[3],$tctr2 - sub $len,$len,#3 // bias - vorr $dat2,$ivec,$ivec -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ cmp $len,#2 -+ b.lo .Loop3x_ctr32 -+ -+ add w13,$ctr,#1 -+ add w14,$ctr,#2 -+ vorr $dat3,$dat0,$dat0 -+ rev w13,w13 -+ vorr $dat4,$dat0,$dat0 -+ rev w14,w14 -+ vmov.32 ${dat3}[3],w13 -+ sub $len,$len,#2 // bias -+ vmov.32 ${dat4}[3],w14 -+ add $ctr,$ctr,#2 -+ b .Loop5x_ctr32 -+ -+.align 4 -+.Loop5x_ctr32: -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ aese $dat3,q8 -+ aesmc $dat3,$dat3 -+ aese $dat4,q8 -+ aesmc $dat4,$dat4 -+ vld1.32 {q8},[$key_],#16 -+ subs $cnt,$cnt,#2 -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ aese $dat3,q9 -+ aesmc $dat3,$dat3 -+ aese $dat4,q9 -+ aesmc $dat4,$dat4 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Loop5x_ctr32 -+ -+ mov $key_,$key -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ aese $dat3,q8 -+ aesmc $dat3,$dat3 -+ aese $dat4,q8 -+ aesmc $dat4,$dat4 -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ aese $dat3,q9 -+ aesmc $dat3,$dat3 -+ aese $dat4,q9 -+ aesmc $dat4,$dat4 -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] -+ -+ aese $dat0,q12 -+ aesmc $dat0,$dat0 -+ add $tctr0,$ctr,#1 -+ add $tctr1,$ctr,#2 -+ aese $dat1,q12 -+ aesmc $dat1,$dat1 -+ add $tctr2,$ctr,#3 -+ add w13,$ctr,#4 -+ aese $dat2,q12 -+ aesmc $dat2,$dat2 -+ add w14,$ctr,#5 -+ rev $tctr0,$tctr0 -+ aese $dat3,q12 -+ aesmc $dat3,$dat3 -+ rev $tctr1,$tctr1 -+ rev $tctr2,$tctr2 -+ aese $dat4,q12 -+ aesmc $dat4,$dat4 -+ rev w13,w13 -+ rev w14,w14 -+ -+ aese $dat0,q13 -+ aesmc $dat0,$dat0 -+ aese $dat1,q13 -+ aesmc $dat1,$dat1 -+ aese $dat2,q13 -+ aesmc $dat2,$dat2 -+ aese $dat3,q13 -+ aesmc $dat3,$dat3 -+ aese $dat4,q13 -+ aesmc $dat4,$dat4 -+ -+ aese $dat0,q14 -+ aesmc $dat0,$dat0 -+ vld1.8 {$in0},[$inp],#16 -+ aese $dat1,q14 -+ aesmc $dat1,$dat1 -+ vld1.8 {$in1},[$inp],#16 -+ aese $dat2,q14 -+ aesmc $dat2,$dat2 -+ vld1.8 {$in2},[$inp],#16 -+ aese $dat3,q14 -+ aesmc $dat3,$dat3 -+ vld1.8 {$in3},[$inp],#16 -+ aese $dat4,q14 -+ aesmc $dat4,$dat4 -+ vld1.8 {$in4},[$inp],#16 -+ -+ aese $dat0,q15 -+ veor $in0,$in0,$rndlast -+ aese $dat1,q15 -+ veor $in1,$in1,$rndlast -+ aese $dat2,q15 -+ veor $in2,$in2,$rndlast -+ aese $dat3,q15 -+ veor $in3,$in3,$rndlast -+ aese $dat4,q15 -+ veor $in4,$in4,$rndlast -+ -+ veor $in0,$in0,$dat0 -+ vorr $dat0,$ivec,$ivec -+ veor $in1,$in1,$dat1 -+ vorr $dat1,$ivec,$ivec -+ veor $in2,$in2,$dat2 -+ vorr $dat2,$ivec,$ivec -+ veor $in3,$in3,$dat3 -+ vorr $dat3,$ivec,$ivec -+ veor $in4,$in4,$dat4 -+ vorr $dat4,$ivec,$ivec -+ -+ vst1.8 {$in0},[$out],#16 -+ vmov.32 ${dat0}[3],$tctr0 -+ vst1.8 {$in1},[$out],#16 -+ vmov.32 ${dat1}[3],$tctr1 -+ vst1.8 {$in2},[$out],#16 -+ vmov.32 ${dat2}[3],$tctr2 -+ vst1.8 {$in3},[$out],#16 -+ vmov.32 ${dat3}[3],w13 -+ vst1.8 {$in4},[$out],#16 -+ vmov.32 ${dat4}[3],w14 -+ -+ mov $cnt,$rounds -+ cbz $len,.Lctr32_done -+ -+ add $ctr,$ctr,#5 -+ subs $len,$len,#5 -+ b.hs .Loop5x_ctr32 -+ -+ add $len,$len,#5 -+ sub $ctr,$ctr,#5 -+ -+ cmp $len,#2 -+ mov $step,#16 -+ cclr $step,lo -+ b.ls .Lctr32_tail -+ -+ sub $len,$len,#3 // bias -+ add $ctr,$ctr,#3 -+___ -+$code.=<<___; - b .Loop3x_ctr32 - - .align 4 -@@ -905,6 +2131,1432 @@ $code.=<<___; - .size ${prefix}_ctr32_encrypt_blocks,.-${prefix}_ctr32_encrypt_blocks - ___ - }}} -+# Performance in cycles per byte. -+# Processed with AES-XTS different key size. -+# It shows the value before and after optimization as below: -+# (before/after): -+# -+# AES-128-XTS AES-256-XTS -+# Cortex-A57 3.36/1.09 4.02/1.37 -+# Cortex-A72 3.03/1.02 3.28/1.33 -+ -+# Optimization is implemented by loop unrolling and interleaving. -+# Commonly, we choose the unrolling factor as 5, if the input -+# data size smaller than 5 blocks, but not smaller than 3 blocks, -+# choose 3 as the unrolling factor. -+# If the input data size dsize >= 5*16 bytes, then take 5 blocks -+# as one iteration, every loop the left size lsize -= 5*16. -+# If lsize < 5*16 bytes, treat them as the tail. Note: left 4*16 bytes -+# will be processed specially, which be integrated into the 5*16 bytes -+# loop to improve the efficiency. -+# There is one special case, if the original input data size dsize -+# = 16 bytes, we will treat it seperately to improve the -+# performance: one independent code block without LR, FP load and -+# store. -+# Encryption will process the (length -tailcnt) bytes as mentioned -+# previously, then encrypt the composite block as last second -+# cipher block. -+# Decryption will process the (length -tailcnt -1) bytes as mentioned -+# previously, then decrypt the last second cipher block to get the -+# last plain block(tail), decrypt the composite block as last second -+# plain text block. -+ -+{{{ -+my ($inp,$out,$len,$key1,$key2,$ivp)=map("x$_",(0..5)); -+my ($rounds0,$rounds,$key_,$step,$ivl,$ivh)=("w5","w6","x7","x8","x9","x10"); -+my ($tmpoutp,$loutp,$l2outp,$tmpinp)=("x13","w14","w15","x20"); -+my ($tailcnt,$midnum,$midnumx,$constnum,$constnumx)=("x21","w22","x22","w19","x19"); -+my ($xoffset,$tmpmx,$tmpmw)=("x6","x11","w11"); -+my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$tmp2,$rndlast)=map("q$_",(0..7)); -+my ($iv0,$iv1,$iv2,$iv3,$iv4)=("v6.16b","v8.16b","v9.16b","v10.16b","v11.16b"); -+my ($ivd00,$ivd01,$ivd20,$ivd21)=("d6","v6.d[1]","d9","v9.d[1]"); -+my ($ivd10,$ivd11,$ivd30,$ivd31,$ivd40,$ivd41)=("d8","v8.d[1]","d10","v10.d[1]","d11","v11.d[1]"); -+ -+my ($tmpin)=("v26.16b"); -+my ($dat,$tmp,$rndzero_n_last)=($dat0,$tmp0,$tmp1); -+ -+# q7 last round key -+# q10-q15, q7 Last 7 round keys -+# q8-q9 preloaded round keys except last 7 keys for big size -+# q20, q21, q8-q9 preloaded round keys except last 7 keys for only 16 byte -+ -+ -+my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); -+ -+my ($dat3,$in3,$tmp3); # used only in 64-bit mode -+my ($dat4,$in4,$tmp4); -+if ($flavour =~ /64/) { -+ ($dat2,$dat3,$dat4,$in2,$in3,$in4,$tmp3,$tmp4)=map("q$_",(16..23)); -+} -+ -+$code.=<<___ if ($flavour =~ /64/); -+.globl ${prefix}_xts_encrypt -+.type ${prefix}_xts_encrypt,%function -+.align 5 -+${prefix}_xts_encrypt: -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ cmp $len,#16 -+ // Original input data size bigger than 16, jump to big size processing. -+ b.ne .Lxts_enc_big_size -+ // Encrypt the iv with key2, as the first XEX iv. -+ ldr $rounds,[$key2,#240] -+ vld1.8 {$dat},[$key2],#16 -+ vld1.8 {$iv0},[$ivp] -+ sub $rounds,$rounds,#2 -+ vld1.8 {$dat1},[$key2],#16 -+ -+.Loop_enc_iv_enc: -+ aese $iv0,$dat -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat},[$key2],#16 -+ subs $rounds,$rounds,#2 -+ aese $iv0,$dat1 -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat1},[$key2],#16 -+ b.gt .Loop_enc_iv_enc -+ -+ aese $iv0,$dat -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat},[$key2] -+ aese $iv0,$dat1 -+ veor $iv0,$iv0,$dat -+ -+ vld1.8 {$dat0},[$inp] -+ veor $dat0,$iv0,$dat0 -+ -+ ldr $rounds,[$key1,#240] -+ vld1.32 {q20-q21},[$key1],#32 // load key schedule... -+ -+ aese $dat0,q20 -+ aesmc $dat0,$dat0 -+ vld1.32 {q8-q9},[$key1],#32 // load key schedule... -+ aese $dat0,q21 -+ aesmc $dat0,$dat0 -+ subs $rounds,$rounds,#10 // if rounds==10, jump to aes-128-xts processing -+ b.eq .Lxts_128_enc -+.Lxts_enc_round_loop: -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ vld1.32 {q8},[$key1],#16 // load key schedule... -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ vld1.32 {q9},[$key1],#16 // load key schedule... -+ subs $rounds,$rounds,#2 // bias -+ b.gt .Lxts_enc_round_loop -+.Lxts_128_enc: -+ vld1.32 {q10-q11},[$key1],#32 // load key schedule... -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ vld1.32 {q12-q13},[$key1],#32 // load key schedule... -+ aese $dat0,q10 -+ aesmc $dat0,$dat0 -+ aese $dat0,q11 -+ aesmc $dat0,$dat0 -+ vld1.32 {q14-q15},[$key1],#32 // load key schedule... -+ aese $dat0,q12 -+ aesmc $dat0,$dat0 -+ aese $dat0,q13 -+ aesmc $dat0,$dat0 -+ vld1.32 {$rndlast},[$key1] -+ aese $dat0,q14 -+ aesmc $dat0,$dat0 -+ aese $dat0,q15 -+ veor $dat0,$dat0,$rndlast -+ veor $dat0,$dat0,$iv0 -+ vst1.8 {$dat0},[$out] -+ b .Lxts_enc_final_abort -+ -+.align 4 -+.Lxts_enc_big_size: -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ stp $constnumx,$tmpinp,[sp,#-64]! -+ stp $tailcnt,$midnumx,[sp,#48] -+ stp $ivd10,$ivd20,[sp,#32] -+ stp $ivd30,$ivd40,[sp,#16] -+ -+ // tailcnt store the tail value of length%16. -+ and $tailcnt,$len,#0xf -+ and $len,$len,#-16 -+ subs $len,$len,#16 -+ mov $step,#16 -+ b.lo .Lxts_abort -+ csel $step,xzr,$step,eq -+ -+ // Firstly, encrypt the iv with key2, as the first iv of XEX. -+ ldr $rounds,[$key2,#240] -+ vld1.32 {$dat},[$key2],#16 -+ vld1.8 {$iv0},[$ivp] -+ sub $rounds,$rounds,#2 -+ vld1.32 {$dat1},[$key2],#16 -+ -+.Loop_iv_enc: -+ aese $iv0,$dat -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat},[$key2],#16 -+ subs $rounds,$rounds,#2 -+ aese $iv0,$dat1 -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat1},[$key2],#16 -+ b.gt .Loop_iv_enc -+ -+ aese $iv0,$dat -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat},[$key2] -+ aese $iv0,$dat1 -+ veor $iv0,$iv0,$dat -+ -+ // The iv for second block -+ // $ivl- iv(low), $ivh - iv(high) -+ // the five ivs stored into, $iv0,$iv1,$iv2,$iv3,$iv4 -+ fmov $ivl,$ivd00 -+ fmov $ivh,$ivd01 -+ mov $constnum,#0x87 -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr#31 -+ eor $ivl,$tmpmx,$ivl,lsl#1 -+ fmov $ivd10,$ivl -+ fmov $ivd11,$ivh -+ -+ ldr $rounds0,[$key1,#240] // next starting point -+ vld1.8 {$dat},[$inp],$step -+ -+ vld1.32 {q8-q9},[$key1] // load key schedule... -+ sub $rounds0,$rounds0,#6 -+ add $key_,$key1,$ivp,lsl#4 // pointer to last 7 round keys -+ sub $rounds0,$rounds0,#2 -+ vld1.32 {q10-q11},[$key_],#32 -+ vld1.32 {q12-q13},[$key_],#32 -+ vld1.32 {q14-q15},[$key_],#32 -+ vld1.32 {$rndlast},[$key_] -+ -+ add $key_,$key1,#32 -+ mov $rounds,$rounds0 -+ -+ // Encryption -+.Lxts_enc: -+ vld1.8 {$dat2},[$inp],#16 -+ subs $len,$len,#32 // bias -+ add $rounds,$rounds0,#2 -+ vorr $in1,$dat,$dat -+ vorr $dat1,$dat,$dat -+ vorr $in3,$dat,$dat -+ vorr $in2,$dat2,$dat2 -+ vorr $in4,$dat2,$dat2 -+ b.lo .Lxts_inner_enc_tail -+ veor $dat,$dat,$iv0 // before encryption, xor with iv -+ veor $dat2,$dat2,$iv1 -+ -+ // The iv for third block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr#31 -+ eor $ivl,$tmpmx,$ivl,lsl#1 -+ fmov $ivd20,$ivl -+ fmov $ivd21,$ivh -+ -+ -+ vorr $dat1,$dat2,$dat2 -+ vld1.8 {$dat2},[$inp],#16 -+ vorr $in0,$dat,$dat -+ vorr $in1,$dat1,$dat1 -+ veor $in2,$dat2,$iv2 // the third block -+ veor $dat2,$dat2,$iv2 -+ cmp $len,#32 -+ b.lo .Lxts_outer_enc_tail -+ -+ // The iv for fourth block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr#31 -+ eor $ivl,$tmpmx,$ivl,lsl#1 -+ fmov $ivd30,$ivl -+ fmov $ivd31,$ivh -+ -+ vld1.8 {$dat3},[$inp],#16 -+ // The iv for fifth block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr#31 -+ eor $ivl,$tmpmx,$ivl,lsl#1 -+ fmov $ivd40,$ivl -+ fmov $ivd41,$ivh -+ -+ vld1.8 {$dat4},[$inp],#16 -+ veor $dat3,$dat3,$iv3 // the fourth block -+ veor $dat4,$dat4,$iv4 -+ sub $len,$len,#32 // bias -+ mov $rounds,$rounds0 -+ b .Loop5x_xts_enc -+ -+.align 4 -+.Loop5x_xts_enc: -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ aese $dat3,q8 -+ aesmc $dat3,$dat3 -+ aese $dat4,q8 -+ aesmc $dat4,$dat4 -+ vld1.32 {q8},[$key_],#16 -+ subs $rounds,$rounds,#2 -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ aese $dat3,q9 -+ aesmc $dat3,$dat3 -+ aese $dat4,q9 -+ aesmc $dat4,$dat4 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Loop5x_xts_enc -+ -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ aese $dat3,q8 -+ aesmc $dat3,$dat3 -+ aese $dat4,q8 -+ aesmc $dat4,$dat4 -+ subs $len,$len,#0x50 // because .Lxts_enc_tail4x -+ -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ aese $dat3,q9 -+ aesmc $dat3,$dat3 -+ aese $dat4,q9 -+ aesmc $dat4,$dat4 -+ csel $xoffset,xzr,$len,gt // borrow x6, w6, "gt" is not typo -+ mov $key_,$key1 -+ -+ aese $dat0,q10 -+ aesmc $dat0,$dat0 -+ aese $dat1,q10 -+ aesmc $dat1,$dat1 -+ aese $dat2,q10 -+ aesmc $dat2,$dat2 -+ aese $dat3,q10 -+ aesmc $dat3,$dat3 -+ aese $dat4,q10 -+ aesmc $dat4,$dat4 -+ add $inp,$inp,$xoffset // x0 is adjusted in such way that -+ // at exit from the loop v1.16b-v26.16b -+ // are loaded with last "words" -+ add $xoffset,$len,#0x60 // because .Lxts_enc_tail4x -+ -+ aese $dat0,q11 -+ aesmc $dat0,$dat0 -+ aese $dat1,q11 -+ aesmc $dat1,$dat1 -+ aese $dat2,q11 -+ aesmc $dat2,$dat2 -+ aese $dat3,q11 -+ aesmc $dat3,$dat3 -+ aese $dat4,q11 -+ aesmc $dat4,$dat4 -+ -+ aese $dat0,q12 -+ aesmc $dat0,$dat0 -+ aese $dat1,q12 -+ aesmc $dat1,$dat1 -+ aese $dat2,q12 -+ aesmc $dat2,$dat2 -+ aese $dat3,q12 -+ aesmc $dat3,$dat3 -+ aese $dat4,q12 -+ aesmc $dat4,$dat4 -+ -+ aese $dat0,q13 -+ aesmc $dat0,$dat0 -+ aese $dat1,q13 -+ aesmc $dat1,$dat1 -+ aese $dat2,q13 -+ aesmc $dat2,$dat2 -+ aese $dat3,q13 -+ aesmc $dat3,$dat3 -+ aese $dat4,q13 -+ aesmc $dat4,$dat4 -+ -+ aese $dat0,q14 -+ aesmc $dat0,$dat0 -+ aese $dat1,q14 -+ aesmc $dat1,$dat1 -+ aese $dat2,q14 -+ aesmc $dat2,$dat2 -+ aese $dat3,q14 -+ aesmc $dat3,$dat3 -+ aese $dat4,q14 -+ aesmc $dat4,$dat4 -+ -+ veor $tmp0,$rndlast,$iv0 -+ aese $dat0,q15 -+ // The iv for first block of one iteration -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr#31 -+ eor $ivl,$tmpmx,$ivl,lsl#1 -+ fmov $ivd00,$ivl -+ fmov $ivd01,$ivh -+ veor $tmp1,$rndlast,$iv1 -+ vld1.8 {$in0},[$inp],#16 -+ aese $dat1,q15 -+ // The iv for second block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr#31 -+ eor $ivl,$tmpmx,$ivl,lsl#1 -+ fmov $ivd10,$ivl -+ fmov $ivd11,$ivh -+ veor $tmp2,$rndlast,$iv2 -+ vld1.8 {$in1},[$inp],#16 -+ aese $dat2,q15 -+ // The iv for third block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr#31 -+ eor $ivl,$tmpmx,$ivl,lsl#1 -+ fmov $ivd20,$ivl -+ fmov $ivd21,$ivh -+ veor $tmp3,$rndlast,$iv3 -+ vld1.8 {$in2},[$inp],#16 -+ aese $dat3,q15 -+ // The iv for fourth block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr#31 -+ eor $ivl,$tmpmx,$ivl,lsl#1 -+ fmov $ivd30,$ivl -+ fmov $ivd31,$ivh -+ veor $tmp4,$rndlast,$iv4 -+ vld1.8 {$in3},[$inp],#16 -+ aese $dat4,q15 -+ -+ // The iv for fifth block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd40,$ivl -+ fmov $ivd41,$ivh -+ -+ vld1.8 {$in4},[$inp],#16 -+ cbz $xoffset,.Lxts_enc_tail4x -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ veor $tmp0,$tmp0,$dat0 -+ veor $dat0,$in0,$iv0 -+ veor $tmp1,$tmp1,$dat1 -+ veor $dat1,$in1,$iv1 -+ veor $tmp2,$tmp2,$dat2 -+ veor $dat2,$in2,$iv2 -+ veor $tmp3,$tmp3,$dat3 -+ veor $dat3,$in3,$iv3 -+ veor $tmp4,$tmp4,$dat4 -+ vst1.8 {$tmp0},[$out],#16 -+ veor $dat4,$in4,$iv4 -+ vst1.8 {$tmp1},[$out],#16 -+ mov $rounds,$rounds0 -+ vst1.8 {$tmp2},[$out],#16 -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] -+ vst1.8 {$tmp3},[$out],#16 -+ vst1.8 {$tmp4},[$out],#16 -+ b.hs .Loop5x_xts_enc -+ -+ -+ // If left 4 blocks, borrow the five block's processing. -+ cmn $len,#0x10 -+ b.ne .Loop5x_enc_after -+ vorr $iv4,$iv3,$iv3 -+ vorr $iv3,$iv2,$iv2 -+ vorr $iv2,$iv1,$iv1 -+ vorr $iv1,$iv0,$iv0 -+ fmov $ivl,$ivd40 -+ fmov $ivh,$ivd41 -+ veor $dat0,$iv0,$in0 -+ veor $dat1,$iv1,$in1 -+ veor $dat2,$in2,$iv2 -+ veor $dat3,$in3,$iv3 -+ veor $dat4,$in4,$iv4 -+ b.eq .Loop5x_xts_enc -+ -+.Loop5x_enc_after: -+ add $len,$len,#0x50 -+ cbz $len,.Lxts_enc_done -+ -+ add $rounds,$rounds0,#2 -+ subs $len,$len,#0x30 -+ b.lo .Lxts_inner_enc_tail -+ -+ veor $dat0,$iv0,$in2 -+ veor $dat1,$iv1,$in3 -+ veor $dat2,$in4,$iv2 -+ b .Lxts_outer_enc_tail -+ -+.align 4 -+.Lxts_enc_tail4x: -+ add $inp,$inp,#16 -+ veor $tmp1,$dat1,$tmp1 -+ vst1.8 {$tmp1},[$out],#16 -+ veor $tmp2,$dat2,$tmp2 -+ vst1.8 {$tmp2},[$out],#16 -+ veor $tmp3,$dat3,$tmp3 -+ veor $tmp4,$dat4,$tmp4 -+ vst1.8 {$tmp3-$tmp4},[$out],#32 -+ -+ b .Lxts_enc_done -+.align 4 -+.Lxts_outer_enc_tail: -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ vld1.32 {q8},[$key_],#16 -+ subs $rounds,$rounds,#2 -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Lxts_outer_enc_tail -+ -+ aese $dat0,q8 -+ aesmc $dat0,$dat0 -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ veor $tmp0,$iv0,$rndlast -+ subs $len,$len,#0x30 -+ // The iv for first block -+ fmov $ivl,$ivd20 -+ fmov $ivh,$ivd21 -+ //mov $constnum,#0x87 -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr#31 -+ eor $ivl,$tmpmx,$ivl,lsl#1 -+ fmov $ivd00,$ivl -+ fmov $ivd01,$ivh -+ veor $tmp1,$iv1,$rndlast -+ csel $xoffset,$len,$xoffset,lo // x6, w6, is zero at this point -+ aese $dat0,q9 -+ aesmc $dat0,$dat0 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ veor $tmp2,$iv2,$rndlast -+ -+ add $xoffset,$xoffset,#0x20 -+ add $inp,$inp,$xoffset -+ mov $key_,$key1 -+ -+ aese $dat0,q12 -+ aesmc $dat0,$dat0 -+ aese $dat1,q12 -+ aesmc $dat1,$dat1 -+ aese $dat2,q12 -+ aesmc $dat2,$dat2 -+ aese $dat0,q13 -+ aesmc $dat0,$dat0 -+ aese $dat1,q13 -+ aesmc $dat1,$dat1 -+ aese $dat2,q13 -+ aesmc $dat2,$dat2 -+ aese $dat0,q14 -+ aesmc $dat0,$dat0 -+ aese $dat1,q14 -+ aesmc $dat1,$dat1 -+ aese $dat2,q14 -+ aesmc $dat2,$dat2 -+ aese $dat0,q15 -+ aese $dat1,q15 -+ aese $dat2,q15 -+ vld1.8 {$in2},[$inp],#16 -+ add $rounds,$rounds0,#2 -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ veor $tmp0,$tmp0,$dat0 -+ veor $tmp1,$tmp1,$dat1 -+ veor $dat2,$dat2,$tmp2 -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] -+ vst1.8 {$tmp0},[$out],#16 -+ vst1.8 {$tmp1},[$out],#16 -+ vst1.8 {$dat2},[$out],#16 -+ cmn $len,#0x30 -+ b.eq .Lxts_enc_done -+.Lxts_encxor_one: -+ vorr $in3,$in1,$in1 -+ vorr $in4,$in2,$in2 -+ nop -+ -+.Lxts_inner_enc_tail: -+ cmn $len,#0x10 -+ veor $dat1,$in3,$iv0 -+ veor $dat2,$in4,$iv1 -+ b.eq .Lxts_enc_tail_loop -+ veor $dat2,$in4,$iv0 -+.Lxts_enc_tail_loop: -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ vld1.32 {q8},[$key_],#16 -+ subs $rounds,$rounds,#2 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Lxts_enc_tail_loop -+ -+ aese $dat1,q8 -+ aesmc $dat1,$dat1 -+ aese $dat2,q8 -+ aesmc $dat2,$dat2 -+ aese $dat1,q9 -+ aesmc $dat1,$dat1 -+ aese $dat2,q9 -+ aesmc $dat2,$dat2 -+ aese $dat1,q12 -+ aesmc $dat1,$dat1 -+ aese $dat2,q12 -+ aesmc $dat2,$dat2 -+ cmn $len,#0x20 -+ aese $dat1,q13 -+ aesmc $dat1,$dat1 -+ aese $dat2,q13 -+ aesmc $dat2,$dat2 -+ veor $tmp1,$iv0,$rndlast -+ aese $dat1,q14 -+ aesmc $dat1,$dat1 -+ aese $dat2,q14 -+ aesmc $dat2,$dat2 -+ veor $tmp2,$iv1,$rndlast -+ aese $dat1,q15 -+ aese $dat2,q15 -+ b.eq .Lxts_enc_one -+ veor $tmp1,$tmp1,$dat1 -+ vst1.8 {$tmp1},[$out],#16 -+ veor $tmp2,$tmp2,$dat2 -+ vorr $iv0,$iv1,$iv1 -+ vst1.8 {$tmp2},[$out],#16 -+ fmov $ivl,$ivd10 -+ fmov $ivh,$ivd11 -+ mov $constnum,#0x87 -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd00,$ivl -+ fmov $ivd01,$ivh -+ b .Lxts_enc_done -+ -+.Lxts_enc_one: -+ veor $tmp1,$tmp1,$dat2 -+ vorr $iv0,$iv0,$iv0 -+ vst1.8 {$tmp1},[$out],#16 -+ fmov $ivl,$ivd00 -+ fmov $ivh,$ivd01 -+ mov $constnum,#0x87 -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd00,$ivl -+ fmov $ivd01,$ivh -+ b .Lxts_enc_done -+.align 5 -+.Lxts_enc_done: -+ // Process the tail block with cipher stealing. -+ tst $tailcnt,#0xf -+ b.eq .Lxts_abort -+ -+ mov $tmpinp,$inp -+ mov $tmpoutp,$out -+ sub $out,$out,#16 -+.composite_enc_loop: -+ subs $tailcnt,$tailcnt,#1 -+ ldrb $l2outp,[$out,$tailcnt] -+ ldrb $loutp,[$tmpinp,$tailcnt] -+ strb $l2outp,[$tmpoutp,$tailcnt] -+ strb $loutp,[$out,$tailcnt] -+ b.gt .composite_enc_loop -+.Lxts_enc_load_done: -+ vld1.8 {$tmpin},[$out] -+ veor $tmpin,$tmpin,$iv0 -+ -+ // Encrypt the composite block to get the last second encrypted text block -+ ldr $rounds,[$key1,#240] // load key schedule... -+ vld1.8 {$dat},[$key1],#16 -+ sub $rounds,$rounds,#2 -+ vld1.8 {$dat1},[$key1],#16 // load key schedule... -+.Loop_final_enc: -+ aese $tmpin,$dat0 -+ aesmc $tmpin,$tmpin -+ vld1.32 {$dat0},[$key1],#16 -+ subs $rounds,$rounds,#2 -+ aese $tmpin,$dat1 -+ aesmc $tmpin,$tmpin -+ vld1.32 {$dat1},[$key1],#16 -+ b.gt .Loop_final_enc -+ -+ aese $tmpin,$dat0 -+ aesmc $tmpin,$tmpin -+ vld1.32 {$dat0},[$key1] -+ aese $tmpin,$dat1 -+ veor $tmpin,$tmpin,$dat0 -+ veor $tmpin,$tmpin,$iv0 -+ vst1.8 {$tmpin},[$out] -+ -+.Lxts_abort: -+ ldp $tailcnt,$midnumx,[sp,#48] -+ ldp $ivd10,$ivd20,[sp,#32] -+ ldp $ivd30,$ivd40,[sp,#16] -+ ldp $constnumx,$tmpinp,[sp],#64 -+.Lxts_enc_final_abort: -+ ret -+.size ${prefix}_xts_encrypt,.-${prefix}_xts_encrypt -+___ -+ -+}}} -+{{{ -+my ($inp,$out,$len,$key1,$key2,$ivp)=map("x$_",(0..5)); -+my ($rounds0,$rounds,$key_,$step,$ivl,$ivh)=("w5","w6","x7","x8","x9","x10"); -+my ($tmpoutp,$loutp,$l2outp,$tmpinp)=("x13","w14","w15","x20"); -+my ($tailcnt,$midnum,$midnumx,$constnum,$constnumx)=("x21","w22","x22","w19","x19"); -+my ($xoffset,$tmpmx,$tmpmw)=("x6","x11","w11"); -+my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$tmp2,$rndlast)=map("q$_",(0..7)); -+my ($iv0,$iv1,$iv2,$iv3,$iv4,$tmpin)=("v6.16b","v8.16b","v9.16b","v10.16b","v11.16b","v26.16b"); -+my ($ivd00,$ivd01,$ivd20,$ivd21)=("d6","v6.d[1]","d9","v9.d[1]"); -+my ($ivd10,$ivd11,$ivd30,$ivd31,$ivd40,$ivd41)=("d8","v8.d[1]","d10","v10.d[1]","d11","v11.d[1]"); -+ -+my ($dat,$tmp,$rndzero_n_last)=($dat0,$tmp0,$tmp1); -+ -+# q7 last round key -+# q10-q15, q7 Last 7 round keys -+# q8-q9 preloaded round keys except last 7 keys for big size -+# q20, q21, q8-q9 preloaded round keys except last 7 keys for only 16 byte -+ -+{ -+my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9)); -+ -+my ($dat3,$in3,$tmp3); # used only in 64-bit mode -+my ($dat4,$in4,$tmp4); -+if ($flavour =~ /64/) { -+ ($dat2,$dat3,$dat4,$in2,$in3,$in4,$tmp3,$tmp4)=map("q$_",(16..23)); -+} -+ -+$code.=<<___ if ($flavour =~ /64/); -+.globl ${prefix}_xts_decrypt -+.type ${prefix}_xts_decrypt,%function -+.align 5 -+${prefix}_xts_decrypt: -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ cmp $len,#16 -+ // Original input data size bigger than 16, jump to big size processing. -+ b.ne .Lxts_dec_big_size -+ // Encrypt the iv with key2, as the first XEX iv. -+ ldr $rounds,[$key2,#240] -+ vld1.8 {$dat},[$key2],#16 -+ vld1.8 {$iv0},[$ivp] -+ sub $rounds,$rounds,#2 -+ vld1.8 {$dat1},[$key2],#16 -+ -+.Loop_dec_small_iv_enc: -+ aese $iv0,$dat -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat},[$key2],#16 -+ subs $rounds,$rounds,#2 -+ aese $iv0,$dat1 -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat1},[$key2],#16 -+ b.gt .Loop_dec_small_iv_enc -+ -+ aese $iv0,$dat -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat},[$key2] -+ aese $iv0,$dat1 -+ veor $iv0,$iv0,$dat -+ -+ vld1.8 {$dat0},[$inp] -+ veor $dat0,$iv0,$dat0 -+ -+ ldr $rounds,[$key1,#240] -+ vld1.32 {q20-q21},[$key1],#32 // load key schedule... -+ -+ aesd $dat0,q20 -+ aesimc $dat0,$dat0 -+ vld1.32 {q8-q9},[$key1],#32 // load key schedule... -+ aesd $dat0,q21 -+ aesimc $dat0,$dat0 -+ subs $rounds,$rounds,#10 // bias -+ b.eq .Lxts_128_dec -+.Lxts_dec_round_loop: -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ vld1.32 {q8},[$key1],#16 // load key schedule... -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ vld1.32 {q9},[$key1],#16 // load key schedule... -+ subs $rounds,$rounds,#2 // bias -+ b.gt .Lxts_dec_round_loop -+.Lxts_128_dec: -+ vld1.32 {q10-q11},[$key1],#32 // load key schedule... -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ vld1.32 {q12-q13},[$key1],#32 // load key schedule... -+ aesd $dat0,q10 -+ aesimc $dat0,$dat0 -+ aesd $dat0,q11 -+ aesimc $dat0,$dat0 -+ vld1.32 {q14-q15},[$key1],#32 // load key schedule... -+ aesd $dat0,q12 -+ aesimc $dat0,$dat0 -+ aesd $dat0,q13 -+ aesimc $dat0,$dat0 -+ vld1.32 {$rndlast},[$key1] -+ aesd $dat0,q14 -+ aesimc $dat0,$dat0 -+ aesd $dat0,q15 -+ veor $dat0,$dat0,$rndlast -+ veor $dat0,$iv0,$dat0 -+ vst1.8 {$dat0},[$out] -+ b .Lxts_dec_final_abort -+.Lxts_dec_big_size: -+___ -+$code.=<<___ if ($flavour =~ /64/); -+ stp $constnumx,$tmpinp,[sp,#-64]! -+ stp $tailcnt,$midnumx,[sp,#48] -+ stp $ivd10,$ivd20,[sp,#32] -+ stp $ivd30,$ivd40,[sp,#16] -+ -+ and $tailcnt,$len,#0xf -+ and $len,$len,#-16 -+ subs $len,$len,#16 -+ mov $step,#16 -+ b.lo .Lxts_dec_abort -+ -+ // Encrypt the iv with key2, as the first XEX iv -+ ldr $rounds,[$key2,#240] -+ vld1.8 {$dat},[$key2],#16 -+ vld1.8 {$iv0},[$ivp] -+ sub $rounds,$rounds,#2 -+ vld1.8 {$dat1},[$key2],#16 -+ -+.Loop_dec_iv_enc: -+ aese $iv0,$dat -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat},[$key2],#16 -+ subs $rounds,$rounds,#2 -+ aese $iv0,$dat1 -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat1},[$key2],#16 -+ b.gt .Loop_dec_iv_enc -+ -+ aese $iv0,$dat -+ aesmc $iv0,$iv0 -+ vld1.32 {$dat},[$key2] -+ aese $iv0,$dat1 -+ veor $iv0,$iv0,$dat -+ -+ // The iv for second block -+ // $ivl- iv(low), $ivh - iv(high) -+ // the five ivs stored into, $iv0,$iv1,$iv2,$iv3,$iv4 -+ fmov $ivl,$ivd00 -+ fmov $ivh,$ivd01 -+ mov $constnum,#0x87 -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd10,$ivl -+ fmov $ivd11,$ivh -+ -+ ldr $rounds0,[$key1,#240] // load rounds number -+ -+ // The iv for third block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd20,$ivl -+ fmov $ivd21,$ivh -+ -+ vld1.32 {q8-q9},[$key1] // load key schedule... -+ sub $rounds0,$rounds0,#6 -+ add $key_,$key1,$ivp,lsl#4 // pointer to last 7 round keys -+ sub $rounds0,$rounds0,#2 -+ vld1.32 {q10-q11},[$key_],#32 // load key schedule... -+ vld1.32 {q12-q13},[$key_],#32 -+ vld1.32 {q14-q15},[$key_],#32 -+ vld1.32 {$rndlast},[$key_] -+ -+ // The iv for fourth block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd30,$ivl -+ fmov $ivd31,$ivh -+ -+ add $key_,$key1,#32 -+ mov $rounds,$rounds0 -+ b .Lxts_dec -+ -+ // Decryption -+.align 5 -+.Lxts_dec: -+ tst $tailcnt,#0xf -+ b.eq .Lxts_dec_begin -+ subs $len,$len,#16 -+ csel $step,xzr,$step,eq -+ vld1.8 {$dat},[$inp],#16 -+ b.lo .Lxts_done -+ sub $inp,$inp,#16 -+.Lxts_dec_begin: -+ vld1.8 {$dat},[$inp],$step -+ subs $len,$len,#32 // bias -+ add $rounds,$rounds0,#2 -+ vorr $in1,$dat,$dat -+ vorr $dat1,$dat,$dat -+ vorr $in3,$dat,$dat -+ vld1.8 {$dat2},[$inp],#16 -+ vorr $in2,$dat2,$dat2 -+ vorr $in4,$dat2,$dat2 -+ b.lo .Lxts_inner_dec_tail -+ veor $dat,$dat,$iv0 // before decryt, xor with iv -+ veor $dat2,$dat2,$iv1 -+ -+ vorr $dat1,$dat2,$dat2 -+ vld1.8 {$dat2},[$inp],#16 -+ vorr $in0,$dat,$dat -+ vorr $in1,$dat1,$dat1 -+ veor $in2,$dat2,$iv2 // third block xox with third iv -+ veor $dat2,$dat2,$iv2 -+ cmp $len,#32 -+ b.lo .Lxts_outer_dec_tail -+ -+ vld1.8 {$dat3},[$inp],#16 -+ -+ // The iv for fifth block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd40,$ivl -+ fmov $ivd41,$ivh -+ -+ vld1.8 {$dat4},[$inp],#16 -+ veor $dat3,$dat3,$iv3 // the fourth block -+ veor $dat4,$dat4,$iv4 -+ sub $len,$len,#32 // bias -+ mov $rounds,$rounds0 -+ b .Loop5x_xts_dec -+ -+.align 4 -+.Loop5x_xts_dec: -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q8 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q8 -+ aesimc $dat4,$dat4 -+ vld1.32 {q8},[$key_],#16 // load key schedule... -+ subs $rounds,$rounds,#2 -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q9 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q9 -+ aesimc $dat4,$dat4 -+ vld1.32 {q9},[$key_],#16 // load key schedule... -+ b.gt .Loop5x_xts_dec -+ -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q8 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q8 -+ aesimc $dat4,$dat4 -+ subs $len,$len,#0x50 // because .Lxts_dec_tail4x -+ -+ aesd $dat0,q9 -+ aesimc $dat0,$dat -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q9 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q9 -+ aesimc $dat4,$dat4 -+ csel $xoffset,xzr,$len,gt // borrow x6, w6, "gt" is not typo -+ mov $key_,$key1 -+ -+ aesd $dat0,q10 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q10 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q10 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q10 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q10 -+ aesimc $dat4,$dat4 -+ add $inp,$inp,$xoffset // x0 is adjusted in such way that -+ // at exit from the loop v1.16b-v26.16b -+ // are loaded with last "words" -+ add $xoffset,$len,#0x60 // because .Lxts_dec_tail4x -+ -+ aesd $dat0,q11 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q11 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q11 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q11 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q11 -+ aesimc $dat4,$dat4 -+ -+ aesd $dat0,q12 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q12 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q12 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q12 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q12 -+ aesimc $dat4,$dat4 -+ -+ aesd $dat0,q13 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q13 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q13 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q13 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q13 -+ aesimc $dat4,$dat4 -+ -+ aesd $dat0,q14 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q14 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q14 -+ aesimc $dat2,$dat2 -+ aesd $dat3,q14 -+ aesimc $dat3,$dat3 -+ aesd $dat4,q14 -+ aesimc $dat4,$dat4 -+ -+ veor $tmp0,$rndlast,$iv0 -+ aesd $dat0,q15 -+ // The iv for first block of next iteration. -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd00,$ivl -+ fmov $ivd01,$ivh -+ veor $tmp1,$rndlast,$iv1 -+ vld1.8 {$in0},[$inp],#16 -+ aesd $dat1,q15 -+ // The iv for second block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd10,$ivl -+ fmov $ivd11,$ivh -+ veor $tmp2,$rndlast,$iv2 -+ vld1.8 {$in1},[$inp],#16 -+ aesd $dat2,q15 -+ // The iv for third block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd20,$ivl -+ fmov $ivd21,$ivh -+ veor $tmp3,$rndlast,$iv3 -+ vld1.8 {$in2},[$inp],#16 -+ aesd $dat3,q15 -+ // The iv for fourth block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd30,$ivl -+ fmov $ivd31,$ivh -+ veor $tmp4,$rndlast,$iv4 -+ vld1.8 {$in3},[$inp],#16 -+ aesd $dat4,q15 -+ -+ // The iv for fifth block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd40,$ivl -+ fmov $ivd41,$ivh -+ -+ vld1.8 {$in4},[$inp],#16 -+ cbz $xoffset,.Lxts_dec_tail4x -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ veor $tmp0,$tmp0,$dat0 -+ veor $dat0,$in0,$iv0 -+ veor $tmp1,$tmp1,$dat1 -+ veor $dat1,$in1,$iv1 -+ veor $tmp2,$tmp2,$dat2 -+ veor $dat2,$in2,$iv2 -+ veor $tmp3,$tmp3,$dat3 -+ veor $dat3,$in3,$iv3 -+ veor $tmp4,$tmp4,$dat4 -+ vst1.8 {$tmp0},[$out],#16 -+ veor $dat4,$in4,$iv4 -+ vst1.8 {$tmp1},[$out],#16 -+ mov $rounds,$rounds0 -+ vst1.8 {$tmp2},[$out],#16 -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] -+ vst1.8 {$tmp3},[$out],#16 -+ vst1.8 {$tmp4},[$out],#16 -+ b.hs .Loop5x_xts_dec -+ -+ cmn $len,#0x10 -+ b.ne .Loop5x_dec_after -+ // If x2($len) equal to -0x10, the left blocks is 4. -+ // After specially processing, utilize the five blocks processing again. -+ // It will use the following IVs: $iv0,$iv0,$iv1,$iv2,$iv3. -+ vorr $iv4,$iv3,$iv3 -+ vorr $iv3,$iv2,$iv2 -+ vorr $iv2,$iv1,$iv1 -+ vorr $iv1,$iv0,$iv0 -+ fmov $ivl,$ivd40 -+ fmov $ivh,$ivd41 -+ veor $dat0,$iv0,$in0 -+ veor $dat1,$iv1,$in1 -+ veor $dat2,$in2,$iv2 -+ veor $dat3,$in3,$iv3 -+ veor $dat4,$in4,$iv4 -+ b.eq .Loop5x_xts_dec -+ -+.Loop5x_dec_after: -+ add $len,$len,#0x50 -+ cbz $len,.Lxts_done -+ -+ add $rounds,$rounds0,#2 -+ subs $len,$len,#0x30 -+ b.lo .Lxts_inner_dec_tail -+ -+ veor $dat0,$iv0,$in2 -+ veor $dat1,$iv1,$in3 -+ veor $dat2,$in4,$iv2 -+ b .Lxts_outer_dec_tail -+ -+.align 4 -+.Lxts_dec_tail4x: -+ add $inp,$inp,#16 -+ vld1.32 {$dat0},[$inp],#16 -+ veor $tmp1,$dat1,$tmp0 -+ vst1.8 {$tmp1},[$out],#16 -+ veor $tmp2,$dat2,$tmp2 -+ vst1.8 {$tmp2},[$out],#16 -+ veor $tmp3,$dat3,$tmp3 -+ veor $tmp4,$dat4,$tmp4 -+ vst1.8 {$tmp3-$tmp4},[$out],#32 -+ -+ b .Lxts_done -+.align 4 -+.Lxts_outer_dec_tail: -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ vld1.32 {q8},[$key_],#16 -+ subs $rounds,$rounds,#2 -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Lxts_outer_dec_tail -+ -+ aesd $dat0,q8 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ veor $tmp0,$iv0,$rndlast -+ subs $len,$len,#0x30 -+ // The iv for first block -+ fmov $ivl,$ivd20 -+ fmov $ivh,$ivd21 -+ mov $constnum,#0x87 -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd00,$ivl -+ fmov $ivd01,$ivh -+ veor $tmp1,$iv1,$rndlast -+ csel $xoffset,$len,$xoffset,lo // x6, w6, is zero at this point -+ aesd $dat0,q9 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ veor $tmp2,$iv2,$rndlast -+ // The iv for second block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd10,$ivl -+ fmov $ivd11,$ivh -+ -+ add $xoffset,$xoffset,#0x20 -+ add $inp,$inp,$xoffset // $inp is adjusted to the last data -+ -+ mov $key_,$key1 -+ -+ // The iv for third block -+ extr $midnumx,$ivh,$ivh,#32 -+ extr $ivh,$ivh,$ivl,#63 -+ and $tmpmw,$constnum,$midnum,asr #31 -+ eor $ivl,$tmpmx,$ivl,lsl #1 -+ fmov $ivd20,$ivl -+ fmov $ivd21,$ivh -+ -+ aesd $dat0,q12 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q12 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q12 -+ aesimc $dat2,$dat2 -+ aesd $dat0,q13 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q13 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q13 -+ aesimc $dat2,$dat2 -+ aesd $dat0,q14 -+ aesimc $dat0,$dat0 -+ aesd $dat1,q14 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q14 -+ aesimc $dat2,$dat2 -+ vld1.8 {$in2},[$inp],#16 -+ aesd $dat0,q15 -+ aesd $dat1,q15 -+ aesd $dat2,q15 -+ vld1.32 {q8},[$key_],#16 // re-pre-load rndkey[0] -+ add $rounds,$rounds0,#2 -+ veor $tmp0,$tmp0,$dat0 -+ veor $tmp1,$tmp1,$dat1 -+ veor $dat2,$dat2,$tmp2 -+ vld1.32 {q9},[$key_],#16 // re-pre-load rndkey[1] -+ vst1.8 {$tmp0},[$out],#16 -+ vst1.8 {$tmp1},[$out],#16 -+ vst1.8 {$dat2},[$out],#16 -+ -+ cmn $len,#0x30 -+ add $len,$len,#0x30 -+ b.eq .Lxts_done -+ sub $len,$len,#0x30 -+ vorr $in3,$in1,$in1 -+ vorr $in4,$in2,$in2 -+ nop -+ -+.Lxts_inner_dec_tail: -+ // $len == -0x10 means two blocks left. -+ cmn $len,#0x10 -+ veor $dat1,$in3,$iv0 -+ veor $dat2,$in4,$iv1 -+ b.eq .Lxts_dec_tail_loop -+ veor $dat2,$in4,$iv0 -+.Lxts_dec_tail_loop: -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ vld1.32 {q8},[$key_],#16 -+ subs $rounds,$rounds,#2 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ vld1.32 {q9},[$key_],#16 -+ b.gt .Lxts_dec_tail_loop -+ -+ aesd $dat1,q8 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q8 -+ aesimc $dat2,$dat2 -+ aesd $dat1,q9 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q9 -+ aesimc $dat2,$dat2 -+ aesd $dat1,q12 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q12 -+ aesimc $dat2,$dat2 -+ cmn $len,#0x20 -+ aesd $dat1,q13 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q13 -+ aesimc $dat2,$dat2 -+ veor $tmp1,$iv0,$rndlast -+ aesd $dat1,q14 -+ aesimc $dat1,$dat1 -+ aesd $dat2,q14 -+ aesimc $dat2,$dat2 -+ veor $tmp2,$iv1,$rndlast -+ aesd $dat1,q15 -+ aesd $dat2,q15 -+ b.eq .Lxts_dec_one -+ veor $tmp1,$tmp1,$dat1 -+ veor $tmp2,$tmp2,$dat2 -+ vorr $iv0,$iv2,$iv2 -+ vorr $iv1,$iv3,$iv3 -+ vst1.8 {$tmp1},[$out],#16 -+ vst1.8 {$tmp2},[$out],#16 -+ add $len,$len,#16 -+ b .Lxts_done -+ -+.Lxts_dec_one: -+ veor $tmp1,$tmp1,$dat2 -+ vorr $iv0,$iv1,$iv1 -+ vorr $iv1,$iv2,$iv2 -+ vst1.8 {$tmp1},[$out],#16 -+ add $len,$len,#32 -+ -+.Lxts_done: -+ tst $tailcnt,#0xf -+ b.eq .Lxts_dec_abort -+ // Processing the last two blocks with cipher stealing. -+ mov x7,x3 -+ cbnz x2,.Lxts_dec_1st_done -+ vld1.32 {$dat0},[$inp],#16 -+ -+ // Decrypt the last secod block to get the last plain text block -+.Lxts_dec_1st_done: -+ eor $tmpin,$dat0,$iv1 -+ ldr $rounds,[$key1,#240] -+ vld1.32 {$dat0},[$key1],#16 -+ sub $rounds,$rounds,#2 -+ vld1.32 {$dat1},[$key1],#16 -+.Loop_final_2nd_dec: -+ aesd $tmpin,$dat0 -+ aesimc $tmpin,$tmpin -+ vld1.32 {$dat0},[$key1],#16 // load key schedule... -+ subs $rounds,$rounds,#2 -+ aesd $tmpin,$dat1 -+ aesimc $tmpin,$tmpin -+ vld1.32 {$dat1},[$key1],#16 // load key schedule... -+ b.gt .Loop_final_2nd_dec -+ -+ aesd $tmpin,$dat0 -+ aesimc $tmpin,$tmpin -+ vld1.32 {$dat0},[$key1] -+ aesd $tmpin,$dat1 -+ veor $tmpin,$tmpin,$dat0 -+ veor $tmpin,$tmpin,$iv1 -+ vst1.8 {$tmpin},[$out] -+ -+ mov $tmpinp,$inp -+ add $tmpoutp,$out,#16 -+ -+ // Composite the tailcnt "16 byte not aligned block" into the last second plain blocks -+ // to get the last encrypted block. -+.composite_dec_loop: -+ subs $tailcnt,$tailcnt,#1 -+ ldrb $l2outp,[$out,$tailcnt] -+ ldrb $loutp,[$tmpinp,$tailcnt] -+ strb $l2outp,[$tmpoutp,$tailcnt] -+ strb $loutp,[$out,$tailcnt] -+ b.gt .composite_dec_loop -+.Lxts_dec_load_done: -+ vld1.8 {$tmpin},[$out] -+ veor $tmpin,$tmpin,$iv0 -+ -+ // Decrypt the composite block to get the last second plain text block -+ ldr $rounds,[$key_,#240] -+ vld1.8 {$dat},[$key_],#16 -+ sub $rounds,$rounds,#2 -+ vld1.8 {$dat1},[$key_],#16 -+.Loop_final_dec: -+ aesd $tmpin,$dat0 -+ aesimc $tmpin,$tmpin -+ vld1.32 {$dat0},[$key_],#16 // load key schedule... -+ subs $rounds,$rounds,#2 -+ aesd $tmpin,$dat1 -+ aesimc $tmpin,$tmpin -+ vld1.32 {$dat1},[$key_],#16 // load key schedule... -+ b.gt .Loop_final_dec -+ -+ aesd $tmpin,$dat0 -+ aesimc $tmpin,$tmpin -+ vld1.32 {$dat0},[$key_] -+ aesd $tmpin,$dat1 -+ veor $tmpin,$tmpin,$dat0 -+ veor $tmpin,$tmpin,$iv0 -+ vst1.8 {$tmpin},[$out] -+ -+.Lxts_dec_abort: -+ ldp $tailcnt,$midnumx,[sp,#48] -+ ldp $ivd10,$ivd20,[sp,#32] -+ ldp $ivd30,$ivd40,[sp,#16] -+ ldp $constnumx,$tmpinp,[sp],#64 -+ -+.Lxts_dec_final_abort: -+ ret -+.size ${prefix}_xts_decrypt,.-${prefix}_xts_decrypt -+___ -+} -+}}} - $code.=<<___; - #endif - ___ -@@ -963,7 +3615,7 @@ if ($flavour =~ /64/) { ######## 64-bi - # since ARMv7 instructions are always encoded little-endian. - # correct solution is to use .inst directive, but older - # assemblers don't implement it:-( -- sprintf ".byte\t0x%02x,0x%02x,0x%02x,0x%02x\t@ %s %s", -+ sprintf "INST(0x%02x,0x%02x,0x%02x,0x%02x)\t@ %s %s", - $word&0xff,($word>>8)&0xff, - ($word>>16)&0xff,($word>>24)&0xff, - $mnemonic,$arg; -@@ -1004,14 +3656,17 @@ if ($flavour =~ /64/) { ######## 64-bi - s/\],#[0-9]+/]!/o; - - s/[v]?(aes\w+)\s+([qv].*)/unaes($1,$2)/geo or -- s/cclr\s+([^,]+),\s*([a-z]+)/mov$2 $1,#0/o or -+ s/cclr\s+([^,]+),\s*([a-z]+)/mov.$2 $1,#0/o or - s/vtbl\.8\s+(.*)/unvtbl($1)/geo or - s/vdup\.32\s+(.*)/unvdup32($1)/geo or - s/vmov\.32\s+(.*)/unvmov32($1)/geo or - s/^(\s+)b\./$1b/o or -- s/^(\s+)mov\./$1mov/o or - s/^(\s+)ret/$1bx\tlr/o; - -+ if (s/^(\s+)mov\.([a-z]+)/$1mov$2/) { -+ print " it $2\n"; -+ } -+ - print $_,"\n"; - } - } -diff -up openssl-1.1.1i/crypto/aes/asm/vpaes-armv8.pl.arm-update openssl-1.1.1i/crypto/aes/asm/vpaes-armv8.pl ---- openssl-1.1.1i/crypto/aes/asm/vpaes-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/crypto/aes/asm/vpaes-armv8.pl 2020-12-09 10:37:38.405558929 +0100 -@@ -30,6 +30,7 @@ - # Denver(***) 16.6(**) 15.1/17.8(**) [8.80/9.93 ] - # Apple A7(***) 22.7(**) 10.9/14.3 [8.45/10.0 ] - # Mongoose(***) 26.3(**) 21.0/25.0(**) [13.3/16.8 ] -+# ThunderX2(***) 39.4(**) 33.8/48.6(**) - # - # (*) ECB denotes approximate result for parallelizable modes - # such as CBC decrypt, CTR, etc.; -diff -up openssl-1.1.1i/crypto/chacha/asm/chacha-armv8.pl.arm-update openssl-1.1.1i/crypto/chacha/asm/chacha-armv8.pl ---- openssl-1.1.1i/crypto/chacha/asm/chacha-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/crypto/chacha/asm/chacha-armv8.pl 2020-12-09 10:40:57.922288627 +0100 -@@ -18,32 +18,44 @@ - # - # ChaCha20 for ARMv8. - # -+# April 2019 -+# -+# Replace 3xNEON+1xIALU code path with 4+1. 4+1 is actually fastest -+# option on most(*), but not all, processors, yet 6+2 is retained. -+# This is because penalties are considered tolerable in comparison to -+# improvement on processors where 6+2 helps. Most notably +37% on -+# ThunderX2. It's server-oriented processor which will have to serve -+# as many requests as possible. While others are mostly clients, when -+# performance doesn't have to be absolute top-notch, just fast enough, -+# as majority of time is spent "entertaining" relatively slow human. -+# - # Performance in cycles per byte out of large buffer. - # --# IALU/gcc-4.9 3xNEON+1xIALU 6xNEON+2xIALU -+# IALU/gcc-4.9 4xNEON+1xIALU 6xNEON+2xIALU - # --# Apple A7 5.50/+49% 3.33 1.70 --# Cortex-A53 8.40/+80% 4.72 4.72(*) --# Cortex-A57 8.06/+43% 4.90 4.43(**) --# Denver 4.50/+82% 2.63 2.67(*) --# X-Gene 9.50/+46% 8.82 8.89(*) --# Mongoose 8.00/+44% 3.64 3.25 --# Kryo 8.17/+50% 4.83 4.65 -+# Apple A7 5.50/+49% 2.72 1.60 -+# Cortex-A53 8.40/+80% 4.06 4.45(*) -+# Cortex-A57 8.06/+43% 4.15 4.40(*) -+# Denver 4.50/+82% 2.30 2.70(*) -+# X-Gene 9.50/+46% 8.20 8.90(*) -+# Mongoose 8.00/+44% 2.74 3.12(*) -+# Kryo 8.17/+50% 4.47 4.65(*) -+# ThunderX2 7.22/+48% 5.64 4.10 - # --# (*) it's expected that doubling interleave factor doesn't help --# all processors, only those with higher NEON latency and --# higher instruction issue rate; --# (**) expected improvement was actually higher; -+# (*) slower than 4+1:-( - --$flavour=shift; --$output=shift; -+# $output is the last argument if it looks like a file (it has an extension) -+# $flavour is the first argument if it doesn't look like a file -+$output = $#ARGV >= 0 && $ARGV[$#ARGV] =~ m|\.\w+$| ? pop : undef; -+$flavour = $#ARGV >= 0 && $ARGV[0] !~ m|\.| ? shift : undef; - - $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; - ( $xlate="${dir}arm-xlate.pl" and -f $xlate ) or - ( $xlate="${dir}../../perlasm/arm-xlate.pl" and -f $xlate) or - die "can't locate arm-xlate.pl"; - --open OUT,"| \"$^X\" $xlate $flavour $output"; -+open OUT,"| \"$^X\" $xlate $flavour \"$output\"" -+ or die "can't call $xlate: $!"; - *STDOUT=*OUT; - - sub AUTOLOAD() # thunk [simplified] x86-style perlasm -@@ -120,42 +132,37 @@ my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1) - } - - $code.=<<___; --#include "arm_arch.h" -- --.text -- -+#ifndef __KERNEL__ -+# include "arm_arch.h" - .extern OPENSSL_armcap_P - .hidden OPENSSL_armcap_P -+#endif -+ -+.text - - .align 5 - .Lsigma: - .quad 0x3320646e61707865,0x6b20657479622d32 // endian-neutral - .Lone: --.long 1,0,0,0 --.LOPENSSL_armcap_P: --#ifdef __ILP32__ --.long OPENSSL_armcap_P-. --#else --.quad OPENSSL_armcap_P-. --#endif --.asciz "ChaCha20 for ARMv8, CRYPTOGAMS by " -+.long 1,2,3,4 -+.Lrot24: -+.long 0x02010003,0x06050407,0x0a09080b,0x0e0d0c0f -+.asciz "ChaCha20 for ARMv8, CRYPTOGAMS by \@dot-asm" - - .globl ChaCha20_ctr32 - .type ChaCha20_ctr32,%function - .align 5 - ChaCha20_ctr32: - cbz $len,.Labort -- adr @x[0],.LOPENSSL_armcap_P - cmp $len,#192 - b.lo .Lshort --#ifdef __ILP32__ -- ldrsw @x[1],[@x[0]] --#else -- ldr @x[1],[@x[0]] --#endif -- ldr w17,[@x[1],@x[0]] -+ -+#ifndef __KERNEL__ -+ adrp x17,OPENSSL_armcap_P -+ ldr w17,[x17,#:lo12:OPENSSL_armcap_P] - tst w17,#ARMV7_NEON -- b.ne ChaCha20_neon -+ b.ne .LChaCha20_neon -+#endif - - .Lshort: - .inst 0xd503233f // paciasp -@@ -174,7 +181,7 @@ ChaCha20_ctr32: - ldp @d[2],@d[3],[$key] // load key - ldp @d[4],@d[5],[$key,#16] - ldp @d[6],@d[7],[$ctr] // load counter --#ifdef __ARMEB__ -+#ifdef __AARCH64EB__ - ror @d[2],@d[2],#32 - ror @d[3],@d[3],#32 - ror @d[4],@d[4],#32 -@@ -243,7 +250,7 @@ $code.=<<___; - add @x[14],@x[14],@x[15],lsl#32 - ldp @x[13],@x[15],[$inp,#48] - add $inp,$inp,#64 --#ifdef __ARMEB__ -+#ifdef __AARCH64EB__ - rev @x[0],@x[0] - rev @x[2],@x[2] - rev @x[4],@x[4] -@@ -300,7 +307,7 @@ $code.=<<___; - add @x[10],@x[10],@x[11],lsl#32 - add @x[12],@x[12],@x[13],lsl#32 - add @x[14],@x[14],@x[15],lsl#32 --#ifdef __ARMEB__ -+#ifdef __AARCH64EB__ - rev @x[0],@x[0] - rev @x[2],@x[2] - rev @x[4],@x[4] -@@ -341,46 +348,91 @@ $code.=<<___; - ___ - - {{{ --my ($A0,$B0,$C0,$D0,$A1,$B1,$C1,$D1,$A2,$B2,$C2,$D2,$T0,$T1,$T2,$T3) = -- map("v$_.4s",(0..7,16..23)); --my (@K)=map("v$_.4s",(24..30)); --my $ONE="v31.4s"; -+my @K = map("v$_.4s",(0..3)); -+my ($xt0,$xt1,$xt2,$xt3, $CTR,$ROT24) = map("v$_.4s",(4..9)); -+my @X = map("v$_.4s",(16,20,24,28, 17,21,25,29, 18,22,26,30, 19,23,27,31)); -+my ($xa0,$xa1,$xa2,$xa3, $xb0,$xb1,$xb2,$xb3, -+ $xc0,$xc1,$xc2,$xc3, $xd0,$xd1,$xd2,$xd3) = @X; - --sub NEONROUND { --my $odd = pop; --my ($a,$b,$c,$d,$t)=@_; -+sub NEON_lane_ROUND { -+my ($a0,$b0,$c0,$d0)=@_; -+my ($a1,$b1,$c1,$d1)=map(($_&~3)+(($_+1)&3),($a0,$b0,$c0,$d0)); -+my ($a2,$b2,$c2,$d2)=map(($_&~3)+(($_+1)&3),($a1,$b1,$c1,$d1)); -+my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2)); -+my @x=map("'$_'",@X); - - ( -- "&add ('$a','$a','$b')", -- "&eor ('$d','$d','$a')", -- "&rev32_16 ('$d','$d')", # vrot ($d,16) -- -- "&add ('$c','$c','$d')", -- "&eor ('$t','$b','$c')", -- "&ushr ('$b','$t',20)", -- "&sli ('$b','$t',12)", -- -- "&add ('$a','$a','$b')", -- "&eor ('$t','$d','$a')", -- "&ushr ('$d','$t',24)", -- "&sli ('$d','$t',8)", -- -- "&add ('$c','$c','$d')", -- "&eor ('$t','$b','$c')", -- "&ushr ('$b','$t',25)", -- "&sli ('$b','$t',7)", -- -- "&ext ('$c','$c','$c',8)", -- "&ext ('$d','$d','$d',$odd?4:12)", -- "&ext ('$b','$b','$b',$odd?12:4)" -+ "&add (@x[$a0],@x[$a0],@x[$b0])", # Q1 -+ "&add (@x[$a1],@x[$a1],@x[$b1])", # Q2 -+ "&add (@x[$a2],@x[$a2],@x[$b2])", # Q3 -+ "&add (@x[$a3],@x[$a3],@x[$b3])", # Q4 -+ "&eor (@x[$d0],@x[$d0],@x[$a0])", -+ "&eor (@x[$d1],@x[$d1],@x[$a1])", -+ "&eor (@x[$d2],@x[$d2],@x[$a2])", -+ "&eor (@x[$d3],@x[$d3],@x[$a3])", -+ "&rev32_16 (@x[$d0],@x[$d0])", -+ "&rev32_16 (@x[$d1],@x[$d1])", -+ "&rev32_16 (@x[$d2],@x[$d2])", -+ "&rev32_16 (@x[$d3],@x[$d3])", -+ -+ "&add (@x[$c0],@x[$c0],@x[$d0])", -+ "&add (@x[$c1],@x[$c1],@x[$d1])", -+ "&add (@x[$c2],@x[$c2],@x[$d2])", -+ "&add (@x[$c3],@x[$c3],@x[$d3])", -+ "&eor ('$xt0',@x[$b0],@x[$c0])", -+ "&eor ('$xt1',@x[$b1],@x[$c1])", -+ "&eor ('$xt2',@x[$b2],@x[$c2])", -+ "&eor ('$xt3',@x[$b3],@x[$c3])", -+ "&ushr (@x[$b0],'$xt0',20)", -+ "&ushr (@x[$b1],'$xt1',20)", -+ "&ushr (@x[$b2],'$xt2',20)", -+ "&ushr (@x[$b3],'$xt3',20)", -+ "&sli (@x[$b0],'$xt0',12)", -+ "&sli (@x[$b1],'$xt1',12)", -+ "&sli (@x[$b2],'$xt2',12)", -+ "&sli (@x[$b3],'$xt3',12)", -+ -+ "&add (@x[$a0],@x[$a0],@x[$b0])", -+ "&add (@x[$a1],@x[$a1],@x[$b1])", -+ "&add (@x[$a2],@x[$a2],@x[$b2])", -+ "&add (@x[$a3],@x[$a3],@x[$b3])", -+ "&eor ('$xt0',@x[$d0],@x[$a0])", -+ "&eor ('$xt1',@x[$d1],@x[$a1])", -+ "&eor ('$xt2',@x[$d2],@x[$a2])", -+ "&eor ('$xt3',@x[$d3],@x[$a3])", -+ "&tbl (@x[$d0],'{$xt0}','$ROT24')", -+ "&tbl (@x[$d1],'{$xt1}','$ROT24')", -+ "&tbl (@x[$d2],'{$xt2}','$ROT24')", -+ "&tbl (@x[$d3],'{$xt3}','$ROT24')", -+ -+ "&add (@x[$c0],@x[$c0],@x[$d0])", -+ "&add (@x[$c1],@x[$c1],@x[$d1])", -+ "&add (@x[$c2],@x[$c2],@x[$d2])", -+ "&add (@x[$c3],@x[$c3],@x[$d3])", -+ "&eor ('$xt0',@x[$b0],@x[$c0])", -+ "&eor ('$xt1',@x[$b1],@x[$c1])", -+ "&eor ('$xt2',@x[$b2],@x[$c2])", -+ "&eor ('$xt3',@x[$b3],@x[$c3])", -+ "&ushr (@x[$b0],'$xt0',25)", -+ "&ushr (@x[$b1],'$xt1',25)", -+ "&ushr (@x[$b2],'$xt2',25)", -+ "&ushr (@x[$b3],'$xt3',25)", -+ "&sli (@x[$b0],'$xt0',7)", -+ "&sli (@x[$b1],'$xt1',7)", -+ "&sli (@x[$b2],'$xt2',7)", -+ "&sli (@x[$b3],'$xt3',7)" - ); - } - - $code.=<<___; - -+#ifdef __KERNEL__ -+.globl ChaCha20_neon -+#endif - .type ChaCha20_neon,%function - .align 5 - ChaCha20_neon: -+.LChaCha20_neon: - .inst 0xd503233f // paciasp - stp x29,x30,[sp,#-96]! - add x29,sp,#0 -@@ -403,8 +455,9 @@ ChaCha20_neon: - ld1 {@K[1],@K[2]},[$key] - ldp @d[6],@d[7],[$ctr] // load counter - ld1 {@K[3]},[$ctr] -- ld1 {$ONE},[@x[0]] --#ifdef __ARMEB__ -+ stp d8,d9,[sp] // meet ABI requirements -+ ld1 {$CTR,$ROT24},[@x[0]] -+#ifdef __AARCH64EB__ - rev64 @K[0],@K[0] - ror @d[2],@d[2],#32 - ror @d[3],@d[3],#32 -@@ -413,115 +466,129 @@ ChaCha20_neon: - ror @d[6],@d[6],#32 - ror @d[7],@d[7],#32 - #endif -- add @K[3],@K[3],$ONE // += 1 -- add @K[4],@K[3],$ONE -- add @K[5],@K[4],$ONE -- shl $ONE,$ONE,#2 // 1 -> 4 - - .Loop_outer_neon: -- mov.32 @x[0],@d[0] // unpack key block -- lsr @x[1],@d[0],#32 -- mov $A0,@K[0] -- mov.32 @x[2],@d[1] -- lsr @x[3],@d[1],#32 -- mov $A1,@K[0] -- mov.32 @x[4],@d[2] -- lsr @x[5],@d[2],#32 -- mov $A2,@K[0] -- mov.32 @x[6],@d[3] -- mov $B0,@K[1] -- lsr @x[7],@d[3],#32 -- mov $B1,@K[1] -- mov.32 @x[8],@d[4] -- mov $B2,@K[1] -- lsr @x[9],@d[4],#32 -- mov $D0,@K[3] -- mov.32 @x[10],@d[5] -- mov $D1,@K[4] -- lsr @x[11],@d[5],#32 -- mov $D2,@K[5] -- mov.32 @x[12],@d[6] -- mov $C0,@K[2] -- lsr @x[13],@d[6],#32 -- mov $C1,@K[2] -- mov.32 @x[14],@d[7] -- mov $C2,@K[2] -- lsr @x[15],@d[7],#32 -+ dup $xa0,@{K[0]}[0] // unpack key block -+ mov.32 @x[0],@d[0] -+ dup $xa1,@{K[0]}[1] -+ lsr @x[1],@d[0],#32 -+ dup $xa2,@{K[0]}[2] -+ mov.32 @x[2],@d[1] -+ dup $xa3,@{K[0]}[3] -+ lsr @x[3],@d[1],#32 -+ dup $xb0,@{K[1]}[0] -+ mov.32 @x[4],@d[2] -+ dup $xb1,@{K[1]}[1] -+ lsr @x[5],@d[2],#32 -+ dup $xb2,@{K[1]}[2] -+ mov.32 @x[6],@d[3] -+ dup $xb3,@{K[1]}[3] -+ lsr @x[7],@d[3],#32 -+ dup $xd0,@{K[3]}[0] -+ mov.32 @x[8],@d[4] -+ dup $xd1,@{K[3]}[1] -+ lsr @x[9],@d[4],#32 -+ dup $xd2,@{K[3]}[2] -+ mov.32 @x[10],@d[5] -+ dup $xd3,@{K[3]}[3] -+ lsr @x[11],@d[5],#32 -+ add $xd0,$xd0,$CTR -+ mov.32 @x[12],@d[6] -+ dup $xc0,@{K[2]}[0] -+ lsr @x[13],@d[6],#32 -+ dup $xc1,@{K[2]}[1] -+ mov.32 @x[14],@d[7] -+ dup $xc2,@{K[2]}[2] -+ lsr @x[15],@d[7],#32 -+ dup $xc3,@{K[2]}[3] - - mov $ctr,#10 -- subs $len,$len,#256 -+ subs $len,$len,#320 - .Loop_neon: - sub $ctr,$ctr,#1 - ___ -- my @thread0=&NEONROUND($A0,$B0,$C0,$D0,$T0,0); -- my @thread1=&NEONROUND($A1,$B1,$C1,$D1,$T1,0); -- my @thread2=&NEONROUND($A2,$B2,$C2,$D2,$T2,0); -- my @thread3=&ROUND(0,4,8,12); -- -- foreach (@thread0) { -- eval; eval(shift(@thread3)); -- eval(shift(@thread1)); eval(shift(@thread3)); -- eval(shift(@thread2)); eval(shift(@thread3)); -- } -- -- @thread0=&NEONROUND($A0,$B0,$C0,$D0,$T0,1); -- @thread1=&NEONROUND($A1,$B1,$C1,$D1,$T1,1); -- @thread2=&NEONROUND($A2,$B2,$C2,$D2,$T2,1); -- @thread3=&ROUND(0,5,10,15); -+ my @plus_one=&ROUND(0,4,8,12); -+ foreach (&NEON_lane_ROUND(0,4,8,12)) { eval; eval(shift(@plus_one)); } - -- foreach (@thread0) { -- eval; eval(shift(@thread3)); -- eval(shift(@thread1)); eval(shift(@thread3)); -- eval(shift(@thread2)); eval(shift(@thread3)); -- } -+ @plus_one=&ROUND(0,5,10,15); -+ foreach (&NEON_lane_ROUND(0,5,10,15)) { eval; eval(shift(@plus_one)); } - $code.=<<___; - cbnz $ctr,.Loop_neon - -- add.32 @x[0],@x[0],@d[0] // accumulate key block -- add $A0,$A0,@K[0] -- add @x[1],@x[1],@d[0],lsr#32 -- add $A1,$A1,@K[0] -- add.32 @x[2],@x[2],@d[1] -- add $A2,$A2,@K[0] -- add @x[3],@x[3],@d[1],lsr#32 -- add $C0,$C0,@K[2] -- add.32 @x[4],@x[4],@d[2] -- add $C1,$C1,@K[2] -- add @x[5],@x[5],@d[2],lsr#32 -- add $C2,$C2,@K[2] -- add.32 @x[6],@x[6],@d[3] -- add $D0,$D0,@K[3] -- add @x[7],@x[7],@d[3],lsr#32 -- add.32 @x[8],@x[8],@d[4] -- add $D1,$D1,@K[4] -- add @x[9],@x[9],@d[4],lsr#32 -- add.32 @x[10],@x[10],@d[5] -- add $D2,$D2,@K[5] -- add @x[11],@x[11],@d[5],lsr#32 -- add.32 @x[12],@x[12],@d[6] -- add $B0,$B0,@K[1] -- add @x[13],@x[13],@d[6],lsr#32 -- add.32 @x[14],@x[14],@d[7] -- add $B1,$B1,@K[1] -- add @x[15],@x[15],@d[7],lsr#32 -- add $B2,$B2,@K[1] -+ add $xd0,$xd0,$CTR -+ -+ zip1 $xt0,$xa0,$xa1 // transpose data -+ zip1 $xt1,$xa2,$xa3 -+ zip2 $xt2,$xa0,$xa1 -+ zip2 $xt3,$xa2,$xa3 -+ zip1.64 $xa0,$xt0,$xt1 -+ zip2.64 $xa1,$xt0,$xt1 -+ zip1.64 $xa2,$xt2,$xt3 -+ zip2.64 $xa3,$xt2,$xt3 -+ -+ zip1 $xt0,$xb0,$xb1 -+ zip1 $xt1,$xb2,$xb3 -+ zip2 $xt2,$xb0,$xb1 -+ zip2 $xt3,$xb2,$xb3 -+ zip1.64 $xb0,$xt0,$xt1 -+ zip2.64 $xb1,$xt0,$xt1 -+ zip1.64 $xb2,$xt2,$xt3 -+ zip2.64 $xb3,$xt2,$xt3 -+ -+ zip1 $xt0,$xc0,$xc1 -+ add.32 @x[0],@x[0],@d[0] // accumulate key block -+ zip1 $xt1,$xc2,$xc3 -+ add @x[1],@x[1],@d[0],lsr#32 -+ zip2 $xt2,$xc0,$xc1 -+ add.32 @x[2],@x[2],@d[1] -+ zip2 $xt3,$xc2,$xc3 -+ add @x[3],@x[3],@d[1],lsr#32 -+ zip1.64 $xc0,$xt0,$xt1 -+ add.32 @x[4],@x[4],@d[2] -+ zip2.64 $xc1,$xt0,$xt1 -+ add @x[5],@x[5],@d[2],lsr#32 -+ zip1.64 $xc2,$xt2,$xt3 -+ add.32 @x[6],@x[6],@d[3] -+ zip2.64 $xc3,$xt2,$xt3 -+ add @x[7],@x[7],@d[3],lsr#32 -+ -+ zip1 $xt0,$xd0,$xd1 -+ add.32 @x[8],@x[8],@d[4] -+ zip1 $xt1,$xd2,$xd3 -+ add @x[9],@x[9],@d[4],lsr#32 -+ zip2 $xt2,$xd0,$xd1 -+ add.32 @x[10],@x[10],@d[5] -+ zip2 $xt3,$xd2,$xd3 -+ add @x[11],@x[11],@d[5],lsr#32 -+ zip1.64 $xd0,$xt0,$xt1 -+ add.32 @x[12],@x[12],@d[6] -+ zip2.64 $xd1,$xt0,$xt1 -+ add @x[13],@x[13],@d[6],lsr#32 -+ zip1.64 $xd2,$xt2,$xt3 -+ add.32 @x[14],@x[14],@d[7] -+ zip2.64 $xd3,$xt2,$xt3 -+ add @x[15],@x[15],@d[7],lsr#32 - - b.lo .Ltail_neon - - add @x[0],@x[0],@x[1],lsl#32 // pack - add @x[2],@x[2],@x[3],lsl#32 - ldp @x[1],@x[3],[$inp,#0] // load input -+ add $xa0,$xa0,@K[0] // accumulate key block - add @x[4],@x[4],@x[5],lsl#32 - add @x[6],@x[6],@x[7],lsl#32 - ldp @x[5],@x[7],[$inp,#16] -+ add $xb0,$xb0,@K[1] - add @x[8],@x[8],@x[9],lsl#32 - add @x[10],@x[10],@x[11],lsl#32 - ldp @x[9],@x[11],[$inp,#32] -+ add $xc0,$xc0,@K[2] - add @x[12],@x[12],@x[13],lsl#32 - add @x[14],@x[14],@x[15],lsl#32 - ldp @x[13],@x[15],[$inp,#48] -+ add $xd0,$xd0,@K[3] - add $inp,$inp,#64 --#ifdef __ARMEB__ -+#ifdef __AARCH64EB__ - rev @x[0],@x[0] - rev @x[2],@x[2] - rev @x[4],@x[4] -@@ -531,48 +598,68 @@ $code.=<<___; - rev @x[12],@x[12] - rev @x[14],@x[14] - #endif -- ld1.8 {$T0-$T3},[$inp],#64 -+ ld1.8 {$xt0-$xt3},[$inp],#64 - eor @x[0],@x[0],@x[1] -+ add $xa1,$xa1,@K[0] - eor @x[2],@x[2],@x[3] -+ add $xb1,$xb1,@K[1] - eor @x[4],@x[4],@x[5] -+ add $xc1,$xc1,@K[2] - eor @x[6],@x[6],@x[7] -+ add $xd1,$xd1,@K[3] - eor @x[8],@x[8],@x[9] -- eor $A0,$A0,$T0 -+ eor $xa0,$xa0,$xt0 -+ movi $xt0,#5 - eor @x[10],@x[10],@x[11] -- eor $B0,$B0,$T1 -+ eor $xb0,$xb0,$xt1 - eor @x[12],@x[12],@x[13] -- eor $C0,$C0,$T2 -+ eor $xc0,$xc0,$xt2 - eor @x[14],@x[14],@x[15] -- eor $D0,$D0,$T3 -- ld1.8 {$T0-$T3},[$inp],#64 -+ eor $xd0,$xd0,$xt3 -+ add $CTR,$CTR,$xt0 // += 5 -+ ld1.8 {$xt0-$xt3},[$inp],#64 - - stp @x[0],@x[2],[$out,#0] // store output -- add @d[6],@d[6],#4 // increment counter -+ add @d[6],@d[6],#5 // increment counter - stp @x[4],@x[6],[$out,#16] -- add @K[3],@K[3],$ONE // += 4 - stp @x[8],@x[10],[$out,#32] -- add @K[4],@K[4],$ONE - stp @x[12],@x[14],[$out,#48] -- add @K[5],@K[5],$ONE - add $out,$out,#64 - -- st1.8 {$A0-$D0},[$out],#64 -- ld1.8 {$A0-$D0},[$inp],#64 -- -- eor $A1,$A1,$T0 -- eor $B1,$B1,$T1 -- eor $C1,$C1,$T2 -- eor $D1,$D1,$T3 -- st1.8 {$A1-$D1},[$out],#64 -- -- eor $A2,$A2,$A0 -- eor $B2,$B2,$B0 -- eor $C2,$C2,$C0 -- eor $D2,$D2,$D0 -- st1.8 {$A2-$D2},[$out],#64 -+ st1.8 {$xa0-$xd0},[$out],#64 -+ add $xa2,$xa2,@K[0] -+ add $xb2,$xb2,@K[1] -+ add $xc2,$xc2,@K[2] -+ add $xd2,$xd2,@K[3] -+ ld1.8 {$xa0-$xd0},[$inp],#64 -+ -+ eor $xa1,$xa1,$xt0 -+ eor $xb1,$xb1,$xt1 -+ eor $xc1,$xc1,$xt2 -+ eor $xd1,$xd1,$xt3 -+ st1.8 {$xa1-$xd1},[$out],#64 -+ add $xa3,$xa3,@K[0] -+ add $xb3,$xb3,@K[1] -+ add $xc3,$xc3,@K[2] -+ add $xd3,$xd3,@K[3] -+ ld1.8 {$xa1-$xd1},[$inp],#64 -+ -+ eor $xa2,$xa2,$xa0 -+ eor $xb2,$xb2,$xb0 -+ eor $xc2,$xc2,$xc0 -+ eor $xd2,$xd2,$xd0 -+ st1.8 {$xa2-$xd2},[$out],#64 -+ -+ eor $xa3,$xa3,$xa1 -+ eor $xb3,$xb3,$xb1 -+ eor $xc3,$xc3,$xc1 -+ eor $xd3,$xd3,$xd1 -+ st1.8 {$xa3-$xd3},[$out],#64 - - b.hi .Loop_outer_neon - -+ ldp d8,d9,[sp] // meet ABI requirements -+ - ldp x19,x20,[x29,#16] - add sp,sp,#64 - ldp x21,x22,[x29,#32] -@@ -583,8 +670,10 @@ $code.=<<___; - .inst 0xd50323bf // autiasp - ret - -+.align 4 - .Ltail_neon: -- add $len,$len,#256 -+ add $len,$len,#320 -+ ldp d8,d9,[sp] // meet ABI requirements - cmp $len,#64 - b.lo .Less_than_64 - -@@ -601,7 +690,7 @@ $code.=<<___; - add @x[14],@x[14],@x[15],lsl#32 - ldp @x[13],@x[15],[$inp,#48] - add $inp,$inp,#64 --#ifdef __ARMEB__ -+#ifdef __AARCH64EB__ - rev @x[0],@x[0] - rev @x[2],@x[2] - rev @x[4],@x[4] -@@ -621,48 +710,68 @@ $code.=<<___; - eor @x[14],@x[14],@x[15] - - stp @x[0],@x[2],[$out,#0] // store output -- add @d[6],@d[6],#4 // increment counter -+ add $xa0,$xa0,@K[0] // accumulate key block - stp @x[4],@x[6],[$out,#16] -+ add $xb0,$xb0,@K[1] - stp @x[8],@x[10],[$out,#32] -+ add $xc0,$xc0,@K[2] - stp @x[12],@x[14],[$out,#48] -+ add $xd0,$xd0,@K[3] - add $out,$out,#64 - b.eq .Ldone_neon - sub $len,$len,#64 - cmp $len,#64 -- b.lo .Less_than_128 -+ b.lo .Last_neon - -- ld1.8 {$T0-$T3},[$inp],#64 -- eor $A0,$A0,$T0 -- eor $B0,$B0,$T1 -- eor $C0,$C0,$T2 -- eor $D0,$D0,$T3 -- st1.8 {$A0-$D0},[$out],#64 -+ ld1.8 {$xt0-$xt3},[$inp],#64 -+ eor $xa0,$xa0,$xt0 -+ eor $xb0,$xb0,$xt1 -+ eor $xc0,$xc0,$xt2 -+ eor $xd0,$xd0,$xt3 -+ st1.8 {$xa0-$xd0},[$out],#64 - b.eq .Ldone_neon -+ -+ add $xa0,$xa1,@K[0] -+ add $xb0,$xb1,@K[1] - sub $len,$len,#64 -+ add $xc0,$xc1,@K[2] - cmp $len,#64 -- b.lo .Less_than_192 -+ add $xd0,$xd1,@K[3] -+ b.lo .Last_neon - -- ld1.8 {$T0-$T3},[$inp],#64 -- eor $A1,$A1,$T0 -- eor $B1,$B1,$T1 -- eor $C1,$C1,$T2 -- eor $D1,$D1,$T3 -- st1.8 {$A1-$D1},[$out],#64 -+ ld1.8 {$xt0-$xt3},[$inp],#64 -+ eor $xa1,$xa0,$xt0 -+ eor $xb1,$xb0,$xt1 -+ eor $xc1,$xc0,$xt2 -+ eor $xd1,$xd0,$xt3 -+ st1.8 {$xa1-$xd1},[$out],#64 - b.eq .Ldone_neon -+ -+ add $xa0,$xa2,@K[0] -+ add $xb0,$xb2,@K[1] - sub $len,$len,#64 -+ add $xc0,$xc2,@K[2] -+ cmp $len,#64 -+ add $xd0,$xd2,@K[3] -+ b.lo .Last_neon - -- st1.8 {$A2-$D2},[sp] -- b .Last_neon -+ ld1.8 {$xt0-$xt3},[$inp],#64 -+ eor $xa2,$xa0,$xt0 -+ eor $xb2,$xb0,$xt1 -+ eor $xc2,$xc0,$xt2 -+ eor $xd2,$xd0,$xt3 -+ st1.8 {$xa2-$xd2},[$out],#64 -+ b.eq .Ldone_neon - --.Less_than_128: -- st1.8 {$A0-$D0},[sp] -- b .Last_neon --.Less_than_192: -- st1.8 {$A1-$D1},[sp] -- b .Last_neon -+ add $xa0,$xa3,@K[0] -+ add $xb0,$xb3,@K[1] -+ add $xc0,$xc3,@K[2] -+ add $xd0,$xd3,@K[3] -+ sub $len,$len,#64 - --.align 4 - .Last_neon: -+ st1.8 {$xa0-$xd0},[sp] -+ - sub $out,$out,#1 - add $inp,$inp,$len - add $out,$out,$len -@@ -695,9 +804,41 @@ $code.=<<___; - .size ChaCha20_neon,.-ChaCha20_neon - ___ - { -+my @K = map("v$_.4s",(0..6)); - my ($T0,$T1,$T2,$T3,$T4,$T5)=@K; - my ($A0,$B0,$C0,$D0,$A1,$B1,$C1,$D1,$A2,$B2,$C2,$D2, -- $A3,$B3,$C3,$D3,$A4,$B4,$C4,$D4,$A5,$B5,$C5,$D5) = map("v$_.4s",(0..23)); -+ $A3,$B3,$C3,$D3,$A4,$B4,$C4,$D4,$A5,$B5,$C5,$D5) = map("v$_.4s",(8..31)); -+my $rot24 = @K[6]; -+my $ONE = "v7.4s"; -+ -+sub NEONROUND { -+my $odd = pop; -+my ($a,$b,$c,$d,$t)=@_; -+ -+ ( -+ "&add ('$a','$a','$b')", -+ "&eor ('$d','$d','$a')", -+ "&rev32_16 ('$d','$d')", # vrot ($d,16) -+ -+ "&add ('$c','$c','$d')", -+ "&eor ('$t','$b','$c')", -+ "&ushr ('$b','$t',20)", -+ "&sli ('$b','$t',12)", -+ -+ "&add ('$a','$a','$b')", -+ "&eor ('$d','$d','$a')", -+ "&tbl ('$d','{$d}','$rot24')", -+ -+ "&add ('$c','$c','$d')", -+ "&eor ('$t','$b','$c')", -+ "&ushr ('$b','$t',25)", -+ "&sli ('$b','$t',7)", -+ -+ "&ext ('$c','$c','$c',8)", -+ "&ext ('$d','$d','$d',$odd?4:12)", -+ "&ext ('$b','$b','$b',$odd?12:4)" -+ ); -+} - - $code.=<<___; - .type ChaCha20_512_neon,%function -@@ -717,6 +858,7 @@ ChaCha20_512_neon: - .L512_or_more_neon: - sub sp,sp,#128+64 - -+ eor $ONE,$ONE,$ONE - ldp @d[0],@d[1],[@x[0]] // load sigma - ld1 {@K[0]},[@x[0]],#16 - ldp @d[2],@d[3],[$key] // load key -@@ -724,8 +866,9 @@ ChaCha20_512_neon: - ld1 {@K[1],@K[2]},[$key] - ldp @d[6],@d[7],[$ctr] // load counter - ld1 {@K[3]},[$ctr] -- ld1 {$ONE},[@x[0]] --#ifdef __ARMEB__ -+ ld1 {$ONE}[0],[@x[0]] -+ add $key,@x[0],#16 // .Lrot24 -+#ifdef __AARCH64EB__ - rev64 @K[0],@K[0] - ror @d[2],@d[2],#32 - ror @d[3],@d[3],#32 -@@ -792,9 +935,10 @@ ChaCha20_512_neon: - mov $C4,@K[2] - stp @K[3],@K[4],[sp,#48] // off-load key block, variable part - mov $C5,@K[2] -- str @K[5],[sp,#80] -+ stp @K[5],@K[6],[sp,#80] - - mov $ctr,#5 -+ ld1 {$rot24},[$key] - subs $len,$len,#512 - .Loop_upper_neon: - sub $ctr,$ctr,#1 -@@ -867,7 +1011,7 @@ $code.=<<___; - add @x[14],@x[14],@x[15],lsl#32 - ldp @x[13],@x[15],[$inp,#48] - add $inp,$inp,#64 --#ifdef __ARMEB__ -+#ifdef __AARCH64EB__ - rev @x[0],@x[0] - rev @x[2],@x[2] - rev @x[4],@x[4] -@@ -956,6 +1100,7 @@ $code.=<<___; - add.32 @x[2],@x[2],@d[1] - ldp @K[4],@K[5],[sp,#64] - add @x[3],@x[3],@d[1],lsr#32 -+ ldr @K[6],[sp,#96] - add $A0,$A0,@K[0] - add.32 @x[4],@x[4],@d[2] - add $A1,$A1,@K[0] -@@ -1008,7 +1153,7 @@ $code.=<<___; - add $inp,$inp,#64 - add $B5,$B5,@K[1] - --#ifdef __ARMEB__ -+#ifdef __AARCH64EB__ - rev @x[0],@x[0] - rev @x[2],@x[2] - rev @x[4],@x[4] -@@ -1086,26 +1231,26 @@ $code.=<<___; - b.hs .Loop_outer_512_neon - - adds $len,$len,#512 -- ushr $A0,$ONE,#2 // 4 -> 1 -+ ushr $ONE,$ONE,#1 // 4 -> 2 - -- ldp d8,d9,[sp,#128+0] // meet ABI requirements - ldp d10,d11,[sp,#128+16] - ldp d12,d13,[sp,#128+32] - ldp d14,d15,[sp,#128+48] - -- stp @K[0],$ONE,[sp,#0] // wipe off-load area -- stp @K[0],$ONE,[sp,#32] -- stp @K[0],$ONE,[sp,#64] -+ stp @K[0],@K[0],[sp,#0] // wipe off-load area -+ stp @K[0],@K[0],[sp,#32] -+ stp @K[0],@K[0],[sp,#64] - - b.eq .Ldone_512_neon - -+ sub $key,$key,#16 // .Lone - cmp $len,#192 -- sub @K[3],@K[3],$A0 // -= 1 -- sub @K[4],@K[4],$A0 -- sub @K[5],@K[5],$A0 - add sp,sp,#128 -+ sub @K[3],@K[3],$ONE // -= 2 -+ ld1 {$CTR,$ROT24},[$key] - b.hs .Loop_outer_neon - -+ ldp d8,d9,[sp,#0] // meet ABI requirements - eor @K[1],@K[1],@K[1] - eor @K[2],@K[2],@K[2] - eor @K[3],@K[3],@K[3] -@@ -1115,6 +1260,7 @@ $code.=<<___; - b .Loop_outer - - .Ldone_512_neon: -+ ldp d8,d9,[sp,#128+0] // meet ABI requirements - ldp x19,x20,[x29,#16] - add sp,sp,#128+64 - ldp x21,x22,[x29,#32] -@@ -1133,9 +1279,11 @@ foreach (split("\n",$code)) { - s/\`([^\`]*)\`/eval $1/geo; - - (s/\b([a-z]+)\.32\b/$1/ and (s/x([0-9]+)/w$1/g or 1)) or -- (m/\b(eor|ext|mov)\b/ and (s/\.4s/\.16b/g or 1)) or -+ (m/\b(eor|ext|mov|tbl)\b/ and (s/\.4s/\.16b/g or 1)) or - (s/\b((?:ld|st)1)\.8\b/$1/ and (s/\.4s/\.16b/g or 1)) or - (m/\b(ld|st)[rp]\b/ and (s/v([0-9]+)\.4s/q$1/g or 1)) or -+ (m/\b(dup|ld1)\b/ and (s/\.4(s}?\[[0-3]\])/.$1/g or 1)) or -+ (s/\b(zip[12])\.64\b/$1/ and (s/\.4s/\.2d/g or 1)) or - (s/\brev32\.16\b/rev32/ and (s/\.4s/\.8h/g or 1)); - - #s/\bq([0-9]+)#(lo|hi)/sprintf "d%d",2*$1+($2 eq "hi")/geo; -diff -up openssl-1.1.1i/crypto/modes/asm/ghashv8-armx.pl.arm-update openssl-1.1.1i/crypto/modes/asm/ghashv8-armx.pl ---- openssl-1.1.1i/crypto/modes/asm/ghashv8-armx.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/crypto/modes/asm/ghashv8-armx.pl 2020-12-09 10:37:38.408558954 +0100 -@@ -42,6 +42,7 @@ - # Denver 0.51 0.65 6.02 - # Mongoose 0.65 1.10 8.06 - # Kryo 0.76 1.16 8.00 -+# ThunderX2 1.05 - # - # (*) presented for reference/comparison purposes; - -diff -up openssl-1.1.1i/crypto/poly1305/asm/poly1305-armv8.pl.arm-update openssl-1.1.1i/crypto/poly1305/asm/poly1305-armv8.pl ---- openssl-1.1.1i/crypto/poly1305/asm/poly1305-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/crypto/poly1305/asm/poly1305-armv8.pl 2020-12-09 10:37:38.408558954 +0100 -@@ -29,6 +29,7 @@ - # X-Gene 2.13/+68% 2.27 - # Mongoose 1.77/+75% 1.12 - # Kryo 2.70/+55% 1.13 -+# ThunderX2 1.17/+95% 1.36 - # - # (*) estimate based on resources availability is less than 1.0, - # i.e. measured result is worse than expected, presumably binary -diff -up openssl-1.1.1i/crypto/sha/asm/keccak1600-armv8.pl.arm-update openssl-1.1.1i/crypto/sha/asm/keccak1600-armv8.pl ---- openssl-1.1.1i/crypto/sha/asm/keccak1600-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/crypto/sha/asm/keccak1600-armv8.pl 2020-12-09 10:37:38.408558954 +0100 -@@ -51,6 +51,7 @@ - # Kryo 12 - # Denver 7.8 - # Apple A7 7.2 -+# ThunderX2 9.7 - # - # (*) Corresponds to SHA3-256. No improvement coefficients are listed - # because they vary too much from compiler to compiler. Newer -diff -up openssl-1.1.1i/crypto/sha/asm/sha1-armv8.pl.arm-update openssl-1.1.1i/crypto/sha/asm/sha1-armv8.pl ---- openssl-1.1.1i/crypto/sha/asm/sha1-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/crypto/sha/asm/sha1-armv8.pl 2020-12-09 10:37:38.408558954 +0100 -@@ -27,6 +27,7 @@ - # X-Gene 8.80 (+200%) - # Mongoose 2.05 6.50 (+160%) - # Kryo 1.88 8.00 (+90%) -+# ThunderX2 2.64 6.36 (+150%) - # - # (*) Software results are presented mostly for reference purposes. - # (**) Keep in mind that Denver relies on binary translation, which -diff -up openssl-1.1.1i/crypto/sha/asm/sha512-armv8.pl.arm-update openssl-1.1.1i/crypto/sha/asm/sha512-armv8.pl ---- openssl-1.1.1i/crypto/sha/asm/sha512-armv8.pl.arm-update 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/crypto/sha/asm/sha512-armv8.pl 2020-12-09 10:37:38.408558954 +0100 -@@ -28,6 +28,7 @@ - # X-Gene 20.0 (+100%) 12.8 (+300%(***)) - # Mongoose 2.36 13.0 (+50%) 8.36 (+33%) - # Kryo 1.92 17.4 (+30%) 11.2 (+8%) -+# ThunderX2 2.54 13.2 (+40%) 8.40 (+18%) - # - # (*) Software SHA256 results are of lesser relevance, presented - # mostly for informational purposes. diff --git a/openssl-1.1.1-build.patch b/openssl-1.1.1-build.patch deleted file mode 100644 index c0ef62b..0000000 --- a/openssl-1.1.1-build.patch +++ /dev/null @@ -1,40 +0,0 @@ -diff -up openssl-1.1.1f/Configurations/10-main.conf.build openssl-1.1.1f/Configurations/10-main.conf ---- openssl-1.1.1f/Configurations/10-main.conf.build 2020-03-31 14:17:45.000000000 +0200 -+++ openssl-1.1.1f/Configurations/10-main.conf 2020-04-07 16:42:10.920546387 +0200 -@@ -678,6 +678,7 @@ my %targets = ( - cxxflags => add("-m64"), - lib_cppflags => add("-DL_ENDIAN"), - perlasm_scheme => "linux64le", -+ multilib => "64", - }, - - "linux-armv4" => { -@@ -718,6 +719,7 @@ my %targets = ( - "linux-aarch64" => { - inherit_from => [ "linux-generic64", asm("aarch64_asm") ], - perlasm_scheme => "linux64", -+ multilib => "64", - }, - "linux-arm64ilp32" => { # https://wiki.linaro.org/Platform/arm64-ilp32 - inherit_from => [ "linux-generic32", asm("aarch64_asm") ], -diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build openssl-1.1.1f/Configurations/unix-Makefile.tmpl ---- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build 2020-04-07 16:42:10.920546387 +0200 -+++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-04-07 16:44:23.539142108 +0200 -@@ -823,7 +823,7 @@ uninstall_runtime_libs: - install_man_docs: - @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) - @$(ECHO) "*** Installing manpages" -- $(PERL) $(SRCDIR)/util/process_docs.pl \ -+ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \ - "--destdir=$(DESTDIR)$(MANDIR)" --type=man --suffix=$(MANSUFFIX) - - uninstall_man_docs: -@@ -835,7 +835,7 @@ uninstall_man_docs: - install_html_docs: - @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) - @$(ECHO) "*** Installing HTML manpages" -- $(PERL) $(SRCDIR)/util/process_docs.pl \ -+ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \ - "--destdir=$(DESTDIR)$(HTMLDIR)" --type=html - - uninstall_html_docs: diff --git a/openssl-1.1.1-disable-ssl3.patch b/openssl-1.1.1-disable-ssl3.patch deleted file mode 100644 index fdec0a8..0000000 --- a/openssl-1.1.1-disable-ssl3.patch +++ /dev/null @@ -1,91 +0,0 @@ -diff -up openssl-1.1.1-pre8/apps/s_client.c.disable-ssl3 openssl-1.1.1-pre8/apps/s_client.c ---- openssl-1.1.1-pre8/apps/s_client.c.disable-ssl3 2018-07-16 18:08:20.000487628 +0200 -+++ openssl-1.1.1-pre8/apps/s_client.c 2018-07-16 18:16:40.070186323 +0200 -@@ -1681,6 +1681,9 @@ int s_client_main(int argc, char **argv) - if (sdebug) - ssl_ctx_security_debug(ctx, sdebug); - -+ if (min_version == SSL3_VERSION && max_version == SSL3_VERSION) -+ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3); -+ - if (!config_ctx(cctx, ssl_args, ctx)) - goto end; - -diff -up openssl-1.1.1-pre8/apps/s_server.c.disable-ssl3 openssl-1.1.1-pre8/apps/s_server.c ---- openssl-1.1.1-pre8/apps/s_server.c.disable-ssl3 2018-07-16 18:08:20.000487628 +0200 -+++ openssl-1.1.1-pre8/apps/s_server.c 2018-07-16 18:17:17.300055551 +0200 -@@ -1760,6 +1760,9 @@ int s_server_main(int argc, char *argv[] - if (sdebug) - ssl_ctx_security_debug(ctx, sdebug); - -+ if (min_version == SSL3_VERSION && max_version == SSL3_VERSION) -+ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3); -+ - if (!config_ctx(cctx, ssl_args, ctx)) - goto end; - -diff -up openssl-1.1.1-pre8/ssl/ssl_lib.c.disable-ssl3 openssl-1.1.1-pre8/ssl/ssl_lib.c ---- openssl-1.1.1-pre8/ssl/ssl_lib.c.disable-ssl3 2018-06-20 16:48:13.000000000 +0200 -+++ openssl-1.1.1-pre8/ssl/ssl_lib.c 2018-07-16 18:08:20.001487652 +0200 -@@ -3016,6 +3016,16 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m - */ - ret->options |= SSL_OP_NO_COMPRESSION | SSL_OP_ENABLE_MIDDLEBOX_COMPAT; - -+ if (meth->version != SSL3_VERSION) { -+ /* -+ * Disable SSLv3 by default. Applications can -+ * re-enable it by configuring -+ * SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3); -+ * or by using the SSL_CONF API. -+ */ -+ ret->options |= SSL_OP_NO_SSLv3; -+ } -+ - ret->ext.status_type = TLSEXT_STATUSTYPE_nothing; - - /* -diff -up openssl-1.1.1-pre8/test/ssl_test.c.disable-ssl3 openssl-1.1.1-pre8/test/ssl_test.c ---- openssl-1.1.1-pre8/test/ssl_test.c.disable-ssl3 2018-06-20 16:48:15.000000000 +0200 -+++ openssl-1.1.1-pre8/test/ssl_test.c 2018-07-16 18:18:34.806865121 +0200 -@@ -443,6 +443,7 @@ static int test_handshake(int idx) - SSL_TEST_SERVERNAME_CB_NONE) { - if (!TEST_ptr(server2_ctx = SSL_CTX_new(TLS_server_method()))) - goto err; -+ SSL_CTX_clear_options(server2_ctx, SSL_OP_NO_SSLv3); - if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, - TLS_MAX_VERSION))) - goto err; -@@ -464,6 +465,8 @@ static int test_handshake(int idx) - if (!TEST_ptr(resume_server_ctx) - || !TEST_ptr(resume_client_ctx)) - goto err; -+ SSL_CTX_clear_options(resume_server_ctx, SSL_OP_NO_SSLv3); -+ SSL_CTX_clear_options(resume_client_ctx, SSL_OP_NO_SSLv3); - } - } - -@@ -477,6 +480,9 @@ static int test_handshake(int idx) - || !TEST_int_gt(CONF_modules_load(conf, test_app, 0), 0)) - goto err; - -+ SSL_CTX_clear_options(server_ctx, SSL_OP_NO_SSLv3); -+ SSL_CTX_clear_options(client_ctx, SSL_OP_NO_SSLv3); -+ - if (!SSL_CTX_config(server_ctx, "server") - || !SSL_CTX_config(client_ctx, "client")) { - goto err; -diff -up openssl-1.1.1-pre8/test/ssltest_old.c.disable-ssl3 openssl-1.1.1-pre8/test/ssltest_old.c ---- openssl-1.1.1-pre8/test/ssltest_old.c.disable-ssl3 2018-06-20 16:48:15.000000000 +0200 -+++ openssl-1.1.1-pre8/test/ssltest_old.c 2018-07-16 18:08:20.002487676 +0200 -@@ -1358,6 +1358,11 @@ int main(int argc, char *argv[]) - ERR_print_errors(bio_err); - goto end; - } -+ -+ SSL_CTX_clear_options(c_ctx, SSL_OP_NO_SSLv3); -+ SSL_CTX_clear_options(s_ctx, SSL_OP_NO_SSLv3); -+ SSL_CTX_clear_options(s_ctx2, SSL_OP_NO_SSLv3); -+ - /* - * Since we will use low security ciphersuites and keys for testing set - * security level to zero by default. Tests can override this by adding diff --git a/openssl-1.1.1-ec-curves.patch b/openssl-1.1.1-ec-curves.patch deleted file mode 100644 index 27f23ca..0000000 --- a/openssl-1.1.1-ec-curves.patch +++ /dev/null @@ -1,266 +0,0 @@ -diff -up openssl-1.1.1h/apps/speed.c.curves openssl-1.1.1h/apps/speed.c ---- openssl-1.1.1h/apps/speed.c.curves 2020-09-22 14:55:07.000000000 +0200 -+++ openssl-1.1.1h/apps/speed.c 2020-11-06 13:27:15.659288431 +0100 -@@ -490,90 +490,30 @@ static double rsa_results[RSA_NUM][2]; - #endif /* OPENSSL_NO_RSA */ - - enum { -- R_EC_P160, -- R_EC_P192, - R_EC_P224, - R_EC_P256, - R_EC_P384, - R_EC_P521, --#ifndef OPENSSL_NO_EC2M -- R_EC_K163, -- R_EC_K233, -- R_EC_K283, -- R_EC_K409, -- R_EC_K571, -- R_EC_B163, -- R_EC_B233, -- R_EC_B283, -- R_EC_B409, -- R_EC_B571, --#endif -- R_EC_BRP256R1, -- R_EC_BRP256T1, -- R_EC_BRP384R1, -- R_EC_BRP384T1, -- R_EC_BRP512R1, -- R_EC_BRP512T1, - R_EC_X25519, - R_EC_X448 - }; - - #ifndef OPENSSL_NO_EC - static OPT_PAIR ecdsa_choices[] = { -- {"ecdsap160", R_EC_P160}, -- {"ecdsap192", R_EC_P192}, - {"ecdsap224", R_EC_P224}, - {"ecdsap256", R_EC_P256}, - {"ecdsap384", R_EC_P384}, - {"ecdsap521", R_EC_P521}, --# ifndef OPENSSL_NO_EC2M -- {"ecdsak163", R_EC_K163}, -- {"ecdsak233", R_EC_K233}, -- {"ecdsak283", R_EC_K283}, -- {"ecdsak409", R_EC_K409}, -- {"ecdsak571", R_EC_K571}, -- {"ecdsab163", R_EC_B163}, -- {"ecdsab233", R_EC_B233}, -- {"ecdsab283", R_EC_B283}, -- {"ecdsab409", R_EC_B409}, -- {"ecdsab571", R_EC_B571}, --# endif -- {"ecdsabrp256r1", R_EC_BRP256R1}, -- {"ecdsabrp256t1", R_EC_BRP256T1}, -- {"ecdsabrp384r1", R_EC_BRP384R1}, -- {"ecdsabrp384t1", R_EC_BRP384T1}, -- {"ecdsabrp512r1", R_EC_BRP512R1}, -- {"ecdsabrp512t1", R_EC_BRP512T1} - }; - # define ECDSA_NUM OSSL_NELEM(ecdsa_choices) - - static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */ - - static const OPT_PAIR ecdh_choices[] = { -- {"ecdhp160", R_EC_P160}, -- {"ecdhp192", R_EC_P192}, - {"ecdhp224", R_EC_P224}, - {"ecdhp256", R_EC_P256}, - {"ecdhp384", R_EC_P384}, - {"ecdhp521", R_EC_P521}, --# ifndef OPENSSL_NO_EC2M -- {"ecdhk163", R_EC_K163}, -- {"ecdhk233", R_EC_K233}, -- {"ecdhk283", R_EC_K283}, -- {"ecdhk409", R_EC_K409}, -- {"ecdhk571", R_EC_K571}, -- {"ecdhb163", R_EC_B163}, -- {"ecdhb233", R_EC_B233}, -- {"ecdhb283", R_EC_B283}, -- {"ecdhb409", R_EC_B409}, -- {"ecdhb571", R_EC_B571}, --# endif -- {"ecdhbrp256r1", R_EC_BRP256R1}, -- {"ecdhbrp256t1", R_EC_BRP256T1}, -- {"ecdhbrp384r1", R_EC_BRP384R1}, -- {"ecdhbrp384t1", R_EC_BRP384T1}, -- {"ecdhbrp512r1", R_EC_BRP512R1}, -- {"ecdhbrp512t1", R_EC_BRP512T1}, - {"ecdhx25519", R_EC_X25519}, - {"ecdhx448", R_EC_X448} - }; -@@ -1502,31 +1442,10 @@ int speed_main(int argc, char **argv) - unsigned int bits; - } test_curves[] = { - /* Prime Curves */ -- {"secp160r1", NID_secp160r1, 160}, -- {"nistp192", NID_X9_62_prime192v1, 192}, - {"nistp224", NID_secp224r1, 224}, - {"nistp256", NID_X9_62_prime256v1, 256}, - {"nistp384", NID_secp384r1, 384}, - {"nistp521", NID_secp521r1, 521}, --# ifndef OPENSSL_NO_EC2M -- /* Binary Curves */ -- {"nistk163", NID_sect163k1, 163}, -- {"nistk233", NID_sect233k1, 233}, -- {"nistk283", NID_sect283k1, 283}, -- {"nistk409", NID_sect409k1, 409}, -- {"nistk571", NID_sect571k1, 571}, -- {"nistb163", NID_sect163r2, 163}, -- {"nistb233", NID_sect233r1, 233}, -- {"nistb283", NID_sect283r1, 283}, -- {"nistb409", NID_sect409r1, 409}, -- {"nistb571", NID_sect571r1, 571}, --# endif -- {"brainpoolP256r1", NID_brainpoolP256r1, 256}, -- {"brainpoolP256t1", NID_brainpoolP256t1, 256}, -- {"brainpoolP384r1", NID_brainpoolP384r1, 384}, -- {"brainpoolP384t1", NID_brainpoolP384t1, 384}, -- {"brainpoolP512r1", NID_brainpoolP512r1, 512}, -- {"brainpoolP512t1", NID_brainpoolP512t1, 512}, - /* Other and ECDH only ones */ - {"X25519", NID_X25519, 253}, - {"X448", NID_X448, 448} -@@ -2026,9 +1945,9 @@ int speed_main(int argc, char **argv) - # endif - - # ifndef OPENSSL_NO_EC -- ecdsa_c[R_EC_P160][0] = count / 1000; -- ecdsa_c[R_EC_P160][1] = count / 1000 / 2; -- for (i = R_EC_P192; i <= R_EC_P521; i++) { -+ ecdsa_c[R_EC_P224][0] = count / 1000; -+ ecdsa_c[R_EC_P224][1] = count / 1000 / 2; -+ for (i = R_EC_P256; i <= R_EC_P521; i++) { - ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2; - ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2; - if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0) -@@ -2040,7 +1959,7 @@ int speed_main(int argc, char **argv) - } - } - } --# ifndef OPENSSL_NO_EC2M -+# if 0 - ecdsa_c[R_EC_K163][0] = count / 1000; - ecdsa_c[R_EC_K163][1] = count / 1000 / 2; - for (i = R_EC_K233; i <= R_EC_K571; i++) { -@@ -2071,8 +1990,8 @@ int speed_main(int argc, char **argv) - } - # endif - -- ecdh_c[R_EC_P160][0] = count / 1000; -- for (i = R_EC_P192; i <= R_EC_P521; i++) { -+ ecdh_c[R_EC_P224][0] = count / 1000; -+ for (i = R_EC_P256; i <= R_EC_P521; i++) { - ecdh_c[i][0] = ecdh_c[i - 1][0] / 2; - if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0) - ecdh_doit[i] = 0; -@@ -2082,7 +2001,7 @@ int speed_main(int argc, char **argv) - } - } - } --# ifndef OPENSSL_NO_EC2M -+# if 0 - ecdh_c[R_EC_K163][0] = count / 1000; - for (i = R_EC_K233; i <= R_EC_K571; i++) { - ecdh_c[i][0] = ecdh_c[i - 1][0] / 2; -diff -up openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves openssl-1.1.1h/crypto/ec/ecp_smpl.c ---- openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves 2020-09-22 14:55:07.000000000 +0200 -+++ openssl-1.1.1h/crypto/ec/ecp_smpl.c 2020-11-06 13:27:15.659288431 +0100 -@@ -145,6 +145,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO - return 0; - } - -+ if (BN_num_bits(p) < 224) { -+ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD); -+ return 0; -+ } -+ - if (ctx == NULL) { - ctx = new_ctx = BN_CTX_new(); - if (ctx == NULL) -diff -up openssl-1.1.1h/test/ecdsatest.h.curves openssl-1.1.1h/test/ecdsatest.h ---- openssl-1.1.1h/test/ecdsatest.h.curves 2020-11-06 13:27:15.627288114 +0100 -+++ openssl-1.1.1h/test/ecdsatest.h 2020-11-06 13:27:15.660288441 +0100 -@@ -32,23 +32,6 @@ typedef struct { - } ecdsa_cavs_kat_t; - - static const ecdsa_cavs_kat_t ecdsa_cavs_kats[] = { -- /* prime KATs from X9.62 */ -- {NID_X9_62_prime192v1, NID_sha1, -- "616263", /* "abc" */ -- "1a8d598fc15bf0fd89030b5cb1111aeb92ae8baf5ea475fb", -- "0462b12d60690cdcf330babab6e69763b471f994dd702d16a563bf5ec08069705ffff65e" -- "5ca5c0d69716dfcb3474373902", -- "fa6de29746bbeb7f8bb1e761f85f7dfb2983169d82fa2f4e", -- "885052380ff147b734c330c43d39b2c4a89f29b0f749fead", -- "e9ecc78106def82bf1070cf1d4d804c3cb390046951df686"}, -- {NID_X9_62_prime239v1, NID_sha1, -- "616263", /* "abc" */ -- "7ef7c6fabefffdea864206e80b0b08a9331ed93e698561b64ca0f7777f3d", -- "045b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c707fd9f1ed2e" -- "65f09f6ce0893baf5e8e31e6ae82ea8c3592335be906d38dee", -- "656c7196bf87dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", -- "2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0", -- "2eeae988104e9c2234a3c2beb1f53bfa5dc11ff36a875d1e3ccb1f7e45cf"}, - /* prime KATs from NIST CAVP */ - {NID_secp224r1, NID_sha224, - "699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1" ---- openssl-1.1.1h/test/recipes/15-test_genec.t.ec-curves 2020-11-06 13:58:36.402895540 +0100 -+++ openssl-1.1.1h/test/recipes/15-test_genec.t 2020-11-06 13:59:38.508484498 +0100 -@@ -20,45 +20,11 @@ plan skip_all => "This test is unsupport - if disabled("ec"); - - my @prime_curves = qw( -- secp112r1 -- secp112r2 -- secp128r1 -- secp128r2 -- secp160k1 -- secp160r1 -- secp160r2 -- secp192k1 -- secp224k1 - secp224r1 - secp256k1 - secp384r1 - secp521r1 -- prime192v1 -- prime192v2 -- prime192v3 -- prime239v1 -- prime239v2 -- prime239v3 - prime256v1 -- wap-wsg-idm-ecid-wtls6 -- wap-wsg-idm-ecid-wtls7 -- wap-wsg-idm-ecid-wtls8 -- wap-wsg-idm-ecid-wtls9 -- wap-wsg-idm-ecid-wtls12 -- brainpoolP160r1 -- brainpoolP160t1 -- brainpoolP192r1 -- brainpoolP192t1 -- brainpoolP224r1 -- brainpoolP224t1 -- brainpoolP256r1 -- brainpoolP256t1 -- brainpoolP320r1 -- brainpoolP320t1 -- brainpoolP384r1 -- brainpoolP384t1 -- brainpoolP512r1 -- brainpoolP512t1 - ); - - my @binary_curves = qw( -@@ -115,7 +81,6 @@ push(@other_curves, 'SM2') - if !disabled("sm2"); - - my @curve_aliases = qw( -- P-192 - P-224 - P-256 - P-384 diff --git a/openssl-1.1.1-edk2-build.patch b/openssl-1.1.1-edk2-build.patch deleted file mode 100644 index b13708e..0000000 --- a/openssl-1.1.1-edk2-build.patch +++ /dev/null @@ -1,57 +0,0 @@ -diff -up openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build openssl-1.1.1g/crypto/evp/pkey_kdf.c ---- openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build 2020-05-18 12:55:53.299548432 +0200 -+++ openssl-1.1.1g/crypto/evp/pkey_kdf.c 2020-05-18 12:55:53.340548788 +0200 -@@ -12,6 +12,7 @@ - #include - #include - #include -+#include "internal/numbers.h" - #include "crypto/evp.h" - - static int pkey_kdf_init(EVP_PKEY_CTX *ctx) -diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build openssl-1.1.1g/crypto/kdf/hkdf.c ---- openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build 2020-05-18 12:55:53.340548788 +0200 -+++ openssl-1.1.1g/crypto/kdf/hkdf.c 2020-05-18 12:57:18.648288904 +0200 -@@ -13,6 +13,7 @@ - #include - #include - #include -+#include "internal/numbers.h" - #include "internal/cryptlib.h" - #include "crypto/evp.h" - #include "kdf_local.h" -diff -up openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build openssl-1.1.1g/crypto/rand/rand_unix.c ---- openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build 2020-05-18 12:56:05.646655554 +0200 -+++ openssl-1.1.1g/crypto/rand/rand_unix.c 2020-05-18 12:58:51.088090896 +0200 -@@ -20,7 +20,7 @@ - #include "crypto/fips.h" - #include - #include "internal/dso.h" --#ifdef __linux -+#if defined(__linux) && !defined(OPENSSL_SYS_UEFI) - # include - # include - # ifdef DEVRANDOM_WAIT -diff -up openssl-1.1.1g/include/crypto/fips.h.edk2-build openssl-1.1.1g/include/crypto/fips.h ---- openssl-1.1.1g/include/crypto/fips.h.edk2-build 2020-05-18 12:55:53.296548406 +0200 -+++ openssl-1.1.1g/include/crypto/fips.h 2020-05-18 12:55:53.340548788 +0200 -@@ -50,10 +50,6 @@ - #include - #include - --#ifndef OPENSSL_FIPS --# error FIPS is disabled. --#endif -- - #ifdef OPENSSL_FIPS - - int FIPS_module_mode_set(int onoff); -@@ -97,4 +93,8 @@ void fips_set_selftest_fail(void); - - void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); - -+#else -+ -+# define fips_in_post() 0 -+ - #endif diff --git a/openssl-1.1.1-evp-kdf.patch b/openssl-1.1.1-evp-kdf.patch deleted file mode 100644 index 6145753..0000000 --- a/openssl-1.1.1-evp-kdf.patch +++ /dev/null @@ -1,5238 +0,0 @@ -diff -up openssl-1.1.1j/crypto/err/openssl.txt.evp-kdf openssl-1.1.1j/crypto/err/openssl.txt ---- openssl-1.1.1j/crypto/err/openssl.txt.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/err/openssl.txt 2021-03-03 14:10:13.729466935 +0100 -@@ -748,6 +748,9 @@ EVP_F_EVP_DIGESTINIT_EX:128:EVP_DigestIn - EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate - EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex - EVP_F_EVP_ENCRYPTUPDATE:167:EVP_EncryptUpdate -+EVP_F_EVP_KDF_CTRL:224:EVP_KDF_ctrl -+EVP_F_EVP_KDF_CTRL_STR:225:EVP_KDF_ctrl_str -+EVP_F_EVP_KDF_CTX_NEW_ID:226:EVP_KDF_CTX_new_id - EVP_F_EVP_MD_CTX_COPY_EX:110:EVP_MD_CTX_copy_ex - EVP_F_EVP_MD_SIZE:162:EVP_MD_size - EVP_F_EVP_OPENINIT:102:EVP_OpenInit -@@ -810,12 +813,31 @@ EVP_F_PKCS5_PBE_KEYIVGEN:117:PKCS5_PBE_k - EVP_F_PKCS5_V2_PBE_KEYIVGEN:118:PKCS5_v2_PBE_keyivgen - EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN:164:PKCS5_v2_PBKDF2_keyivgen - EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN:180:PKCS5_v2_scrypt_keyivgen -+EVP_F_PKEY_KDF_CTRL:227:pkey_kdf_ctrl - EVP_F_PKEY_SET_TYPE:158:pkey_set_type - EVP_F_RC2_MAGIC_TO_METH:109:rc2_magic_to_meth - EVP_F_RC5_CTRL:125:rc5_ctrl - EVP_F_R_32_12_16_INIT_KEY:242:r_32_12_16_init_key - EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_gcm_ctrl -+EVP_F_SCRYPT_ALG:228:scrypt_alg - EVP_F_UPDATE:173:update -+KDF_F_HKDF_EXTRACT:112:HKDF_Extract -+KDF_F_KDF_HKDF_DERIVE:113:kdf_hkdf_derive -+KDF_F_KDF_HKDF_NEW:114:kdf_hkdf_new -+KDF_F_KDF_HKDF_SIZE:115:kdf_hkdf_size -+KDF_F_KDF_MD2CTRL:116:kdf_md2ctrl -+KDF_F_KDF_PBKDF2_CTRL_STR:117:kdf_pbkdf2_ctrl_str -+KDF_F_KDF_PBKDF2_DERIVE:118:kdf_pbkdf2_derive -+KDF_F_KDF_PBKDF2_NEW:119:kdf_pbkdf2_new -+KDF_F_KDF_SCRYPT_CTRL_STR:120:kdf_scrypt_ctrl_str -+KDF_F_KDF_SCRYPT_CTRL_UINT32:121:kdf_scrypt_ctrl_uint32 -+KDF_F_KDF_SCRYPT_CTRL_UINT64:122:kdf_scrypt_ctrl_uint64 -+KDF_F_KDF_SCRYPT_DERIVE:123:kdf_scrypt_derive -+KDF_F_KDF_SCRYPT_NEW:124:kdf_scrypt_new -+KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str -+KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive -+KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new -+KDF_F_PBKDF2_SET_MEMBUF:128:pbkdf2_set_membuf - KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str - KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive - KDF_F_PKEY_HKDF_INIT:108:pkey_hkdf_init -@@ -827,6 +849,7 @@ KDF_F_PKEY_SCRYPT_SET_MEMBUF:107:pkey_sc - KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tls1_prf_ctrl_str - KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive - KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init -+KDF_F_SCRYPT_SET_MEMBUF:129:scrypt_set_membuf - KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg - OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object - OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid -@@ -2284,6 +2307,7 @@ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_K - operation not supported for this keytype - EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized - EVP_R_OUTPUT_WOULD_OVERFLOW:184:output would overflow -+EVP_R_PARAMETER_TOO_LARGE:187:parameter too large - EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers - EVP_R_PBKDF2_ERROR:181:pbkdf2 error - EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\ -@@ -2320,6 +2344,7 @@ KDF_R_MISSING_SEED:106:missing seed - KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type - KDF_R_VALUE_ERROR:108:value error - KDF_R_VALUE_MISSING:102:value missing -+KDF_R_WRONG_OUTPUT_BUFFER_SIZE:112:wrong output buffer size - OBJ_R_OID_EXISTS:102:oid exists - OBJ_R_UNKNOWN_NID:101:unknown nid - OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error -diff -up openssl-1.1.1j/crypto/evp/build.info.evp-kdf openssl-1.1.1j/crypto/evp/build.info ---- openssl-1.1.1j/crypto/evp/build.info.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/build.info 2021-03-03 14:08:02.490294839 +0100 -@@ -9,7 +9,8 @@ SOURCE[../../libcrypto]=\ - p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ - bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ - c_allc.c c_alld.c evp_lib.c bio_ok.c \ -- evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \ -+ evp_pkey.c kdf_lib.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \ -+ pkey_kdf.c \ - e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \ - e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \ - e_chacha20_poly1305.c cmeth_lib.c -diff -up openssl-1.1.1j/crypto/evp/e_chacha20_poly1305.c.evp-kdf openssl-1.1.1j/crypto/evp/e_chacha20_poly1305.c ---- openssl-1.1.1j/crypto/evp/e_chacha20_poly1305.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/e_chacha20_poly1305.c 2021-03-03 14:08:02.490294839 +0100 -@@ -14,9 +14,9 @@ - - # include - # include --# include "evp_local.h" - # include "crypto/evp.h" - # include "crypto/chacha.h" -+# include "evp_local.h" - - typedef struct { - union { -diff -up openssl-1.1.1j/crypto/evp/encode.c.evp-kdf openssl-1.1.1j/crypto/evp/encode.c ---- openssl-1.1.1j/crypto/evp/encode.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/encode.c 2021-03-03 14:08:02.491294847 +0100 -@@ -11,8 +11,8 @@ - #include - #include "internal/cryptlib.h" - #include --#include "evp_local.h" - #include "crypto/evp.h" -+#include "evp_local.h" - - static unsigned char conv_ascii2bin(unsigned char a, - const unsigned char *table); -diff -up openssl-1.1.1j/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1j/crypto/evp/evp_err.c ---- openssl-1.1.1j/crypto/evp/evp_err.c.evp-kdf 2021-03-03 14:08:02.469294651 +0100 -+++ openssl-1.1.1j/crypto/evp/evp_err.c 2021-03-03 14:12:08.272351600 +0100 -@@ -60,6 +60,9 @@ static const ERR_STRING_DATA EVP_str_fun - {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, 0), - "EVP_EncryptFinal_ex"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTUPDATE, 0), "EVP_EncryptUpdate"}, -+ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTRL, 0), "EVP_KDF_ctrl"}, -+ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTRL_STR, 0), "EVP_KDF_ctrl_str"}, -+ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTX_NEW_ID, 0), "EVP_KDF_CTX_new_id"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_CTX_COPY_EX, 0), "EVP_MD_CTX_copy_ex"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_SIZE, 0), "EVP_MD_size"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_OPENINIT, 0), "EVP_OpenInit"}, -@@ -151,12 +154,14 @@ static const ERR_STRING_DATA EVP_str_fun - "PKCS5_v2_PBKDF2_keyivgen"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, 0), - "PKCS5_v2_scrypt_keyivgen"}, -+ {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_KDF_CTRL, 0), "pkey_kdf_ctrl"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_SET_TYPE, 0), "pkey_set_type"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_RC2_MAGIC_TO_METH, 0), "rc2_magic_to_meth"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_RC5_CTRL, 0), "rc5_ctrl"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_R_32_12_16_INIT_KEY, 0), - "r_32_12_16_init_key"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_S390X_AES_GCM_CTRL, 0), "s390x_aes_gcm_ctrl"}, -+ {ERR_PACK(ERR_LIB_EVP, EVP_F_SCRYPT_ALG, 0), "scrypt_alg"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"}, - {0, NULL} - }; -@@ -243,6 +248,8 @@ static const ERR_STRING_DATA EVP_str_rea - "operaton not initialized"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OUTPUT_WOULD_OVERFLOW), - "output would overflow"}, -+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARAMETER_TOO_LARGE), -+ "parameter too large"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING), - "partially overlapping buffers"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"}, -diff -up openssl-1.1.1j/crypto/evp/evp_local.h.evp-kdf openssl-1.1.1j/crypto/evp/evp_local.h ---- openssl-1.1.1j/crypto/evp/evp_local.h.evp-kdf 2021-03-03 14:08:02.362293695 +0100 -+++ openssl-1.1.1j/crypto/evp/evp_local.h 2021-03-03 14:08:02.491294847 +0100 -@@ -41,6 +41,11 @@ struct evp_cipher_ctx_st { - unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */ - } /* EVP_CIPHER_CTX */ ; - -+struct evp_kdf_ctx_st { -+ const EVP_KDF_METHOD *kmeth; -+ EVP_KDF_IMPL *impl; /* Algorithm-specific data */ -+} /* EVP_KDF_CTX */ ; -+ - int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, - int passlen, ASN1_TYPE *param, - const EVP_CIPHER *c, const EVP_MD *md, -diff -up openssl-1.1.1j/crypto/evp/evp_pbe.c.evp-kdf openssl-1.1.1j/crypto/evp/evp_pbe.c ---- openssl-1.1.1j/crypto/evp/evp_pbe.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/evp_pbe.c 2021-03-03 14:08:02.491294847 +0100 -@@ -12,6 +12,7 @@ - #include - #include - #include -+#include "crypto/evp.h" - #include "evp_local.h" - - /* Password based encryption (PBE) functions */ -diff -up openssl-1.1.1j/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1j/crypto/evp/kdf_lib.c ---- openssl-1.1.1j/crypto/evp/kdf_lib.c.evp-kdf 2021-03-03 14:08:02.491294847 +0100 -+++ openssl-1.1.1j/crypto/evp/kdf_lib.c 2021-03-03 14:08:02.491294847 +0100 -@@ -0,0 +1,165 @@ -+/* -+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include -+#include -+#include "internal/cryptlib.h" -+#include -+#include -+#include -+#include -+#include "crypto/asn1.h" -+#include "crypto/evp.h" -+#include "internal/numbers.h" -+#include "evp_local.h" -+ -+typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); -+ -+/* This array needs to be in order of NIDs */ -+static const EVP_KDF_METHOD *standard_methods[] = { -+ &pbkdf2_kdf_meth, -+#ifndef OPENSSL_NO_SCRYPT -+ &scrypt_kdf_meth, -+#endif -+ &tls1_prf_kdf_meth, -+ &hkdf_kdf_meth -+}; -+ -+DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, -+ kmeth); -+ -+static int kmeth_cmp(const EVP_KDF_METHOD *const *a, -+ const EVP_KDF_METHOD *const *b) -+{ -+ return ((*a)->type - (*b)->type); -+} -+ -+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, -+ kmeth); -+ -+static const EVP_KDF_METHOD *kdf_meth_find(int type) -+{ -+ EVP_KDF_METHOD tmp; -+ const EVP_KDF_METHOD *t = &tmp, **ret; -+ -+ tmp.type = type; -+ ret = OBJ_bsearch_kmeth(&t, standard_methods, -+ OSSL_NELEM(standard_methods)); -+ if (ret == NULL || *ret == NULL) -+ return NULL; -+ -+ return *ret; -+} -+ -+EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id) -+{ -+ EVP_KDF_CTX *ret; -+ const EVP_KDF_METHOD *kmeth; -+ -+ kmeth = kdf_meth_find(id); -+ if (kmeth == NULL) { -+ EVPerr(EVP_F_EVP_KDF_CTX_NEW_ID, EVP_R_UNSUPPORTED_ALGORITHM); -+ return NULL; -+ } -+ -+ ret = OPENSSL_zalloc(sizeof(*ret)); -+ if (ret == NULL) { -+ EVPerr(EVP_F_EVP_KDF_CTX_NEW_ID, ERR_R_MALLOC_FAILURE); -+ return NULL; -+ } -+ -+ if (kmeth->new != NULL && (ret->impl = kmeth->new()) == NULL) { -+ EVP_KDF_CTX_free(ret); -+ return NULL; -+ } -+ -+ ret->kmeth = kmeth; -+ return ret; -+} -+ -+void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx) -+{ -+ if (ctx == NULL) -+ return; -+ -+ ctx->kmeth->free(ctx->impl); -+ OPENSSL_free(ctx); -+} -+ -+void EVP_KDF_reset(EVP_KDF_CTX *ctx) -+{ -+ if (ctx == NULL) -+ return; -+ -+ if (ctx->kmeth->reset != NULL) -+ ctx->kmeth->reset(ctx->impl); -+} -+ -+int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...) -+{ -+ int ret; -+ va_list args; -+ -+ va_start(args, cmd); -+ ret = EVP_KDF_vctrl(ctx, cmd, args); -+ va_end(args); -+ -+ if (ret == -2) -+ EVPerr(EVP_F_EVP_KDF_CTRL, EVP_R_COMMAND_NOT_SUPPORTED); -+ -+ return ret; -+} -+ -+int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args) -+{ -+ if (ctx == NULL) -+ return 0; -+ -+ return ctx->kmeth->ctrl(ctx->impl, cmd, args); -+} -+ -+int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value) -+{ -+ int ret; -+ -+ if (ctx == NULL) -+ return 0; -+ -+ if (ctx->kmeth->ctrl_str == NULL) { -+ EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED); -+ return -2; -+ } -+ -+ ret = ctx->kmeth->ctrl_str(ctx->impl, type, value); -+ if (ret == -2) -+ EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED); -+ -+ return ret; -+} -+ -+size_t EVP_KDF_size(EVP_KDF_CTX *ctx) -+{ -+ if (ctx == NULL) -+ return 0; -+ -+ if (ctx->kmeth->size == NULL) -+ return SIZE_MAX; -+ -+ return ctx->kmeth->size(ctx->impl); -+} -+ -+int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen) -+{ -+ if (ctx == NULL) -+ return 0; -+ -+ return ctx->kmeth->derive(ctx->impl, key, keylen); -+} -+ -diff -up openssl-1.1.1j/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1j/crypto/evp/p5_crpt2.c ---- openssl-1.1.1j/crypto/evp/p5_crpt2.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/p5_crpt2.c 2021-03-03 14:08:02.491294847 +0100 -@@ -1,5 +1,5 @@ - /* -- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy -@@ -10,105 +10,51 @@ - #include - #include - #include "internal/cryptlib.h" --# include --# include --# include --# include "evp_local.h" -+#include -+#include -+#include -+#include -+#include "crypto/evp.h" -+#include "evp_local.h" - - /* set this to print out info about the keygen algorithm */ - /* #define OPENSSL_DEBUG_PKCS5V2 */ - --# ifdef OPENSSL_DEBUG_PKCS5V2 -+#ifdef OPENSSL_DEBUG_PKCS5V2 - static void h__dump(const unsigned char *p, int len); --# endif -- --/* -- * This is an implementation of PKCS#5 v2.0 password based encryption key -- * derivation function PBKDF2. SHA1 version verified against test vectors -- * posted by Peter Gutmann to the PKCS-TNG mailing list. -- */ -+#endif - - int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, - const unsigned char *salt, int saltlen, int iter, - const EVP_MD *digest, int keylen, unsigned char *out) - { - const char *empty = ""; -- unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; -- int cplen, j, k, tkeylen, mdlen; -- unsigned long i = 1; -- HMAC_CTX *hctx_tpl = NULL, *hctx = NULL; -- -- mdlen = EVP_MD_size(digest); -- if (mdlen < 0) -- return 0; -+ int rv = 1; -+ EVP_KDF_CTX *kctx; - -- hctx_tpl = HMAC_CTX_new(); -- if (hctx_tpl == NULL) -- return 0; -- p = out; -- tkeylen = keylen; -+ /* Keep documented behaviour. */ - if (pass == NULL) { - pass = empty; - passlen = 0; - } else if (passlen == -1) { - passlen = strlen(pass); - } -- if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) { -- HMAC_CTX_free(hctx_tpl); -- return 0; -- } -- hctx = HMAC_CTX_new(); -- if (hctx == NULL) { -- HMAC_CTX_free(hctx_tpl); -+ if (salt == NULL && saltlen == 0) -+ salt = (unsigned char *)empty; -+ -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2); -+ if (kctx == NULL) - return 0; -- } -- while (tkeylen) { -- if (tkeylen > mdlen) -- cplen = mdlen; -- else -- cplen = tkeylen; -- /* -- * We are unlikely to ever use more than 256 blocks (5120 bits!) but -- * just in case... -- */ -- itmp[0] = (unsigned char)((i >> 24) & 0xff); -- itmp[1] = (unsigned char)((i >> 16) & 0xff); -- itmp[2] = (unsigned char)((i >> 8) & 0xff); -- itmp[3] = (unsigned char)(i & 0xff); -- if (!HMAC_CTX_copy(hctx, hctx_tpl)) { -- HMAC_CTX_free(hctx); -- HMAC_CTX_free(hctx_tpl); -- return 0; -- } -- if (!HMAC_Update(hctx, salt, saltlen) -- || !HMAC_Update(hctx, itmp, 4) -- || !HMAC_Final(hctx, digtmp, NULL)) { -- HMAC_CTX_free(hctx); -- HMAC_CTX_free(hctx_tpl); -- return 0; -- } -- memcpy(p, digtmp, cplen); -- for (j = 1; j < iter; j++) { -- if (!HMAC_CTX_copy(hctx, hctx_tpl)) { -- HMAC_CTX_free(hctx); -- HMAC_CTX_free(hctx_tpl); -- return 0; -- } -- if (!HMAC_Update(hctx, digtmp, mdlen) -- || !HMAC_Final(hctx, digtmp, NULL)) { -- HMAC_CTX_free(hctx); -- HMAC_CTX_free(hctx_tpl); -- return 0; -- } -- for (k = 0; k < cplen; k++) -- p[k] ^= digtmp[k]; -- } -- tkeylen -= cplen; -- i++; -- p += cplen; -- } -- HMAC_CTX_free(hctx); -- HMAC_CTX_free(hctx_tpl); -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1 -+ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, -+ salt, (size_t)saltlen) != 1 -+ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, iter) != 1 -+ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, digest) != 1 -+ || EVP_KDF_derive(kctx, out, keylen) != 1) -+ rv = 0; -+ -+ EVP_KDF_CTX_free(kctx); -+ - # ifdef OPENSSL_DEBUG_PKCS5V2 - fprintf(stderr, "Password:\n"); - h__dump(pass, passlen); -@@ -118,7 +64,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, - fprintf(stderr, "Key:\n"); - h__dump(out, keylen); - # endif -- return 1; -+ return rv; - } - - int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, -diff -up openssl-1.1.1j/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1j/crypto/evp/pbe_scrypt.c ---- openssl-1.1.1j/crypto/evp/pbe_scrypt.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/pbe_scrypt.c 2021-03-03 14:08:02.491294847 +0100 -@@ -7,135 +7,12 @@ - * https://www.openssl.org/source/license.html - */ - --#include --#include --#include - #include - #include --#include "internal/numbers.h" -+#include - - #ifndef OPENSSL_NO_SCRYPT - --#define R(a,b) (((a) << (b)) | ((a) >> (32 - (b)))) --static void salsa208_word_specification(uint32_t inout[16]) --{ -- int i; -- uint32_t x[16]; -- memcpy(x, inout, sizeof(x)); -- for (i = 8; i > 0; i -= 2) { -- x[4] ^= R(x[0] + x[12], 7); -- x[8] ^= R(x[4] + x[0], 9); -- x[12] ^= R(x[8] + x[4], 13); -- x[0] ^= R(x[12] + x[8], 18); -- x[9] ^= R(x[5] + x[1], 7); -- x[13] ^= R(x[9] + x[5], 9); -- x[1] ^= R(x[13] + x[9], 13); -- x[5] ^= R(x[1] + x[13], 18); -- x[14] ^= R(x[10] + x[6], 7); -- x[2] ^= R(x[14] + x[10], 9); -- x[6] ^= R(x[2] + x[14], 13); -- x[10] ^= R(x[6] + x[2], 18); -- x[3] ^= R(x[15] + x[11], 7); -- x[7] ^= R(x[3] + x[15], 9); -- x[11] ^= R(x[7] + x[3], 13); -- x[15] ^= R(x[11] + x[7], 18); -- x[1] ^= R(x[0] + x[3], 7); -- x[2] ^= R(x[1] + x[0], 9); -- x[3] ^= R(x[2] + x[1], 13); -- x[0] ^= R(x[3] + x[2], 18); -- x[6] ^= R(x[5] + x[4], 7); -- x[7] ^= R(x[6] + x[5], 9); -- x[4] ^= R(x[7] + x[6], 13); -- x[5] ^= R(x[4] + x[7], 18); -- x[11] ^= R(x[10] + x[9], 7); -- x[8] ^= R(x[11] + x[10], 9); -- x[9] ^= R(x[8] + x[11], 13); -- x[10] ^= R(x[9] + x[8], 18); -- x[12] ^= R(x[15] + x[14], 7); -- x[13] ^= R(x[12] + x[15], 9); -- x[14] ^= R(x[13] + x[12], 13); -- x[15] ^= R(x[14] + x[13], 18); -- } -- for (i = 0; i < 16; ++i) -- inout[i] += x[i]; -- OPENSSL_cleanse(x, sizeof(x)); --} -- --static void scryptBlockMix(uint32_t *B_, uint32_t *B, uint64_t r) --{ -- uint64_t i, j; -- uint32_t X[16], *pB; -- -- memcpy(X, B + (r * 2 - 1) * 16, sizeof(X)); -- pB = B; -- for (i = 0; i < r * 2; i++) { -- for (j = 0; j < 16; j++) -- X[j] ^= *pB++; -- salsa208_word_specification(X); -- memcpy(B_ + (i / 2 + (i & 1) * r) * 16, X, sizeof(X)); -- } -- OPENSSL_cleanse(X, sizeof(X)); --} -- --static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, -- uint32_t *X, uint32_t *T, uint32_t *V) --{ -- unsigned char *pB; -- uint32_t *pV; -- uint64_t i, k; -- -- /* Convert from little endian input */ -- for (pV = V, i = 0, pB = B; i < 32 * r; i++, pV++) { -- *pV = *pB++; -- *pV |= *pB++ << 8; -- *pV |= *pB++ << 16; -- *pV |= (uint32_t)*pB++ << 24; -- } -- -- for (i = 1; i < N; i++, pV += 32 * r) -- scryptBlockMix(pV, pV - 32 * r, r); -- -- scryptBlockMix(X, V + (N - 1) * 32 * r, r); -- -- for (i = 0; i < N; i++) { -- uint32_t j; -- j = X[16 * (2 * r - 1)] % N; -- pV = V + 32 * r * j; -- for (k = 0; k < 32 * r; k++) -- T[k] = X[k] ^ *pV++; -- scryptBlockMix(X, T, r); -- } -- /* Convert output to little endian */ -- for (i = 0, pB = B; i < 32 * r; i++) { -- uint32_t xtmp = X[i]; -- *pB++ = xtmp & 0xff; -- *pB++ = (xtmp >> 8) & 0xff; -- *pB++ = (xtmp >> 16) & 0xff; -- *pB++ = (xtmp >> 24) & 0xff; -- } --} -- --#ifndef SIZE_MAX --# define SIZE_MAX ((size_t)-1) --#endif -- --/* -- * Maximum power of two that will fit in uint64_t: this should work on -- * most (all?) platforms. -- */ -- --#define LOG2_UINT64_MAX (sizeof(uint64_t) * 8 - 1) -- --/* -- * Maximum value of p * r: -- * p <= ((2^32-1) * hLen) / MFLen => -- * p <= ((2^32-1) * 32) / (128 * r) => -- * p * r <= (2^30-1) -- * -- */ -- --#define SCRYPT_PR_MAX ((1 << 30) - 1) -- - /* - * Maximum permitted memory allow this to be overridden with Configuration - * option: e.g. -DSCRYPT_MAX_MEM=0 for maximum possible. -@@ -160,107 +37,43 @@ int EVP_PBE_scrypt(const char *pass, siz - uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, - unsigned char *key, size_t keylen) - { -- int rv = 0; -- unsigned char *B; -- uint32_t *X, *V, *T; -- uint64_t i, Blen, Vlen; -- -- /* Sanity check parameters */ -- /* initial check, r,p must be non zero, N >= 2 and a power of 2 */ -- if (r == 0 || p == 0 || N < 2 || (N & (N - 1))) -- return 0; -- /* Check p * r < SCRYPT_PR_MAX avoiding overflow */ -- if (p > SCRYPT_PR_MAX / r) { -- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); -- return 0; -- } -- -- /* -- * Need to check N: if 2^(128 * r / 8) overflows limit this is -- * automatically satisfied since N <= UINT64_MAX. -- */ -- -- if (16 * r <= LOG2_UINT64_MAX) { -- if (N >= (((uint64_t)1) << (16 * r))) { -- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); -- return 0; -- } -- } -+ const char *empty = ""; -+ int rv = 1; -+ EVP_KDF_CTX *kctx; - -- /* Memory checks: check total allocated buffer size fits in uint64_t */ -- -- /* -- * B size in section 5 step 1.S -- * Note: we know p * 128 * r < UINT64_MAX because we already checked -- * p * r < SCRYPT_PR_MAX -- */ -- Blen = p * 128 * r; -- /* -- * Yet we pass it as integer to PKCS5_PBKDF2_HMAC... [This would -- * have to be revised when/if PKCS5_PBKDF2_HMAC accepts size_t.] -- */ -- if (Blen > INT_MAX) { -- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); -+ if (r > UINT32_MAX || p > UINT32_MAX) { -+ EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE); - return 0; - } - -- /* -- * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in uint64_t -- * This is combined size V, X and T (section 4) -- */ -- i = UINT64_MAX / (32 * sizeof(uint32_t)); -- if (N + 2 > i / r) { -- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); -- return 0; -+ /* Maintain existing behaviour. */ -+ if (pass == NULL) { -+ pass = empty; -+ passlen = 0; - } -- Vlen = 32 * r * (N + 2) * sizeof(uint32_t); -- -- /* check total allocated size fits in uint64_t */ -- if (Blen > UINT64_MAX - Vlen) { -- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); -- return 0; -+ if (salt == NULL) { -+ salt = (const unsigned char *)empty; -+ saltlen = 0; - } -- - if (maxmem == 0) - maxmem = SCRYPT_MAX_MEM; - -- /* Check that the maximum memory doesn't exceed a size_t limits */ -- if (maxmem > SIZE_MAX) -- maxmem = SIZE_MAX; -- -- if (Blen + Vlen > maxmem) { -- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT); -+ if (kctx == NULL) - return 0; -- } - -- /* If no key return to indicate parameters are OK */ -- if (key == NULL) -- return 1; -- -- B = OPENSSL_malloc((size_t)(Blen + Vlen)); -- if (B == NULL) { -- EVPerr(EVP_F_EVP_PBE_SCRYPT, ERR_R_MALLOC_FAILURE); -- return 0; -- } -- X = (uint32_t *)(B + Blen); -- T = X + 32 * r; -- V = T + 32 * r; -- if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, EVP_sha256(), -- (int)Blen, B) == 0) -- goto err; -- -- for (i = 0; i < p; i++) -- scryptROMix(B + 128 * r * i, r, N, X, T, V); -- -- if (PKCS5_PBKDF2_HMAC(pass, passlen, B, (int)Blen, 1, EVP_sha256(), -- keylen, key) == 0) -- goto err; -- rv = 1; -- err: -- if (rv == 0) -- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PBKDF2_ERROR); -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1 -+ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, -+ salt, (size_t)saltlen) != 1 -+ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, N) != 1 -+ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)r) != 1 -+ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)p) != 1 -+ || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, maxmem) != 1 -+ || EVP_KDF_derive(kctx, key, keylen) != 1) -+ rv = 0; - -- OPENSSL_clear_free(B, (size_t)(Blen + Vlen)); -+ EVP_KDF_CTX_free(kctx); - return rv; - } -+ - #endif -diff -up openssl-1.1.1j/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1j/crypto/evp/pkey_kdf.c ---- openssl-1.1.1j/crypto/evp/pkey_kdf.c.evp-kdf 2021-03-03 14:08:02.491294847 +0100 -+++ openssl-1.1.1j/crypto/evp/pkey_kdf.c 2021-03-03 14:08:02.491294847 +0100 -@@ -0,0 +1,255 @@ -+/* -+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include -+#include -+#include -+#include -+#include "crypto/evp.h" -+ -+static int pkey_kdf_init(EVP_PKEY_CTX *ctx) -+{ -+ EVP_KDF_CTX *kctx; -+ -+ kctx = EVP_KDF_CTX_new_id(ctx->pmeth->pkey_id); -+ if (kctx == NULL) -+ return 0; -+ -+ ctx->data = kctx; -+ return 1; -+} -+ -+static void pkey_kdf_cleanup(EVP_PKEY_CTX *ctx) -+{ -+ EVP_KDF_CTX *kctx = ctx->data; -+ -+ EVP_KDF_CTX_free(kctx); -+} -+ -+static int pkey_kdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -+{ -+ EVP_KDF_CTX *kctx = ctx->data; -+ uint64_t u64_value; -+ int cmd; -+ int ret; -+ -+ switch (type) { -+ case EVP_PKEY_CTRL_PASS: -+ cmd = EVP_KDF_CTRL_SET_PASS; -+ break; -+ case EVP_PKEY_CTRL_HKDF_SALT: -+ case EVP_PKEY_CTRL_SCRYPT_SALT: -+ cmd = EVP_KDF_CTRL_SET_SALT; -+ break; -+ case EVP_PKEY_CTRL_TLS_MD: -+ case EVP_PKEY_CTRL_HKDF_MD: -+ cmd = EVP_KDF_CTRL_SET_MD; -+ break; -+ case EVP_PKEY_CTRL_TLS_SECRET: -+ cmd = EVP_KDF_CTRL_SET_TLS_SECRET; -+ ret = EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_RESET_TLS_SEED); -+ if (ret < 1) -+ return ret; -+ break; -+ case EVP_PKEY_CTRL_TLS_SEED: -+ cmd = EVP_KDF_CTRL_ADD_TLS_SEED; -+ break; -+ case EVP_PKEY_CTRL_HKDF_KEY: -+ cmd = EVP_KDF_CTRL_SET_KEY; -+ break; -+ case EVP_PKEY_CTRL_HKDF_INFO: -+ cmd = EVP_KDF_CTRL_ADD_HKDF_INFO; -+ break; -+ case EVP_PKEY_CTRL_HKDF_MODE: -+ cmd = EVP_KDF_CTRL_SET_HKDF_MODE; -+ break; -+ case EVP_PKEY_CTRL_SCRYPT_N: -+ cmd = EVP_KDF_CTRL_SET_SCRYPT_N; -+ break; -+ case EVP_PKEY_CTRL_SCRYPT_R: -+ cmd = EVP_KDF_CTRL_SET_SCRYPT_R; -+ break; -+ case EVP_PKEY_CTRL_SCRYPT_P: -+ cmd = EVP_KDF_CTRL_SET_SCRYPT_P; -+ break; -+ case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES: -+ cmd = EVP_KDF_CTRL_SET_MAXMEM_BYTES; -+ break; -+ default: -+ return -2; -+ } -+ -+ switch (cmd) { -+ case EVP_KDF_CTRL_SET_PASS: -+ case EVP_KDF_CTRL_SET_SALT: -+ case EVP_KDF_CTRL_SET_KEY: -+ case EVP_KDF_CTRL_SET_TLS_SECRET: -+ case EVP_KDF_CTRL_ADD_TLS_SEED: -+ case EVP_KDF_CTRL_ADD_HKDF_INFO: -+ return EVP_KDF_ctrl(kctx, cmd, (const unsigned char *)p2, (size_t)p1); -+ -+ case EVP_KDF_CTRL_SET_MD: -+ return EVP_KDF_ctrl(kctx, cmd, (const EVP_MD *)p2); -+ -+ case EVP_KDF_CTRL_SET_HKDF_MODE: -+ return EVP_KDF_ctrl(kctx, cmd, (int)p1); -+ -+ case EVP_KDF_CTRL_SET_SCRYPT_R: -+ case EVP_KDF_CTRL_SET_SCRYPT_P: -+ u64_value = *(uint64_t *)p2; -+ if (u64_value > UINT32_MAX) { -+ EVPerr(EVP_F_PKEY_KDF_CTRL, EVP_R_PARAMETER_TOO_LARGE); -+ return 0; -+ } -+ -+ return EVP_KDF_ctrl(kctx, cmd, (uint32_t)u64_value); -+ -+ case EVP_KDF_CTRL_SET_SCRYPT_N: -+ case EVP_KDF_CTRL_SET_MAXMEM_BYTES: -+ return EVP_KDF_ctrl(kctx, cmd, *(uint64_t *)p2); -+ -+ default: -+ return 0; -+ } -+} -+ -+static int pkey_kdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, -+ const char *value) -+{ -+ EVP_KDF_CTX *kctx = ctx->data; -+ -+ if (strcmp(type, "md") == 0) -+ return EVP_KDF_ctrl_str(kctx, "digest", value); -+ return EVP_KDF_ctrl_str(kctx, type, value); -+} -+ -+static int pkey_kdf_derive_init(EVP_PKEY_CTX *ctx) -+{ -+ EVP_KDF_CTX *kctx = ctx->data; -+ -+ EVP_KDF_reset(kctx); -+ return 1; -+} -+ -+/* -+ * For fixed-output algorithms the keylen parameter is an "out" parameter -+ * otherwise it is an "in" parameter. -+ */ -+static int pkey_kdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, -+ size_t *keylen) -+{ -+ EVP_KDF_CTX *kctx = ctx->data; -+ size_t outlen = EVP_KDF_size(kctx); -+ -+ if (outlen == 0 || outlen == SIZE_MAX) { -+ /* Variable-output algorithm */ -+ if (key == NULL) -+ return 0; -+ } else { -+ /* Fixed-output algorithm */ -+ *keylen = outlen; -+ if (key == NULL) -+ return 1; -+ } -+ return EVP_KDF_derive(kctx, key, *keylen); -+} -+ -+#ifndef OPENSSL_NO_SCRYPT -+const EVP_PKEY_METHOD scrypt_pkey_meth = { -+ EVP_PKEY_SCRYPT, -+ 0, -+ pkey_kdf_init, -+ 0, -+ pkey_kdf_cleanup, -+ -+ 0, 0, -+ 0, 0, -+ -+ 0, -+ 0, -+ -+ 0, -+ 0, -+ -+ 0, 0, -+ -+ 0, 0, 0, 0, -+ -+ 0, 0, -+ -+ 0, 0, -+ -+ pkey_kdf_derive_init, -+ pkey_kdf_derive, -+ pkey_kdf_ctrl, -+ pkey_kdf_ctrl_str -+}; -+#endif -+ -+const EVP_PKEY_METHOD tls1_prf_pkey_meth = { -+ EVP_PKEY_TLS1_PRF, -+ EVP_PKEY_FLAG_FIPS, -+ pkey_kdf_init, -+ 0, -+ pkey_kdf_cleanup, -+ -+ 0, 0, -+ 0, 0, -+ -+ 0, -+ 0, -+ -+ 0, -+ 0, -+ -+ 0, 0, -+ -+ 0, 0, 0, 0, -+ -+ 0, 0, -+ -+ 0, 0, -+ -+ pkey_kdf_derive_init, -+ pkey_kdf_derive, -+ pkey_kdf_ctrl, -+ pkey_kdf_ctrl_str -+}; -+ -+const EVP_PKEY_METHOD hkdf_pkey_meth = { -+ EVP_PKEY_HKDF, -+ EVP_PKEY_FLAG_FIPS, -+ pkey_kdf_init, -+ 0, -+ pkey_kdf_cleanup, -+ -+ 0, 0, -+ 0, 0, -+ -+ 0, -+ 0, -+ -+ 0, -+ 0, -+ -+ 0, 0, -+ -+ 0, 0, 0, 0, -+ -+ 0, 0, -+ -+ 0, 0, -+ -+ pkey_kdf_derive_init, -+ pkey_kdf_derive, -+ pkey_kdf_ctrl, -+ pkey_kdf_ctrl_str -+}; -+ -diff -up openssl-1.1.1j/crypto/kdf/build.info.evp-kdf openssl-1.1.1j/crypto/kdf/build.info ---- openssl-1.1.1j/crypto/kdf/build.info.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/kdf/build.info 2021-03-03 14:08:02.491294847 +0100 -@@ -1,3 +1,3 @@ - LIBS=../../libcrypto - SOURCE[../../libcrypto]=\ -- tls1_prf.c kdf_err.c hkdf.c scrypt.c -+ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c -diff -up openssl-1.1.1j/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1j/crypto/kdf/hkdf.c ---- openssl-1.1.1j/crypto/kdf/hkdf.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/kdf/hkdf.c 2021-03-03 14:08:02.492294856 +0100 -@@ -8,32 +8,33 @@ - */ - - #include -+#include - #include - #include - #include - #include - #include "internal/cryptlib.h" - #include "crypto/evp.h" -+#include "kdf_local.h" - - #define HKDF_MAXBUF 1024 - --static unsigned char *HKDF(const EVP_MD *evp_md, -- const unsigned char *salt, size_t salt_len, -- const unsigned char *key, size_t key_len, -- const unsigned char *info, size_t info_len, -- unsigned char *okm, size_t okm_len); -- --static unsigned char *HKDF_Extract(const EVP_MD *evp_md, -- const unsigned char *salt, size_t salt_len, -- const unsigned char *key, size_t key_len, -- unsigned char *prk, size_t *prk_len); -- --static unsigned char *HKDF_Expand(const EVP_MD *evp_md, -- const unsigned char *prk, size_t prk_len, -- const unsigned char *info, size_t info_len, -- unsigned char *okm, size_t okm_len); -+static void kdf_hkdf_reset(EVP_KDF_IMPL *impl); -+static int HKDF(const EVP_MD *evp_md, -+ const unsigned char *salt, size_t salt_len, -+ const unsigned char *key, size_t key_len, -+ const unsigned char *info, size_t info_len, -+ unsigned char *okm, size_t okm_len); -+static int HKDF_Extract(const EVP_MD *evp_md, -+ const unsigned char *salt, size_t salt_len, -+ const unsigned char *key, size_t key_len, -+ unsigned char *prk, size_t prk_len); -+static int HKDF_Expand(const EVP_MD *evp_md, -+ const unsigned char *prk, size_t prk_len, -+ const unsigned char *info, size_t info_len, -+ unsigned char *okm, size_t okm_len); - --typedef struct { -+struct evp_kdf_impl_st { - int mode; - const EVP_MD *md; - unsigned char *salt; -@@ -42,230 +43,208 @@ typedef struct { - size_t key_len; - unsigned char info[HKDF_MAXBUF]; - size_t info_len; --} HKDF_PKEY_CTX; -+}; - --static int pkey_hkdf_init(EVP_PKEY_CTX *ctx) -+static EVP_KDF_IMPL *kdf_hkdf_new(void) - { -- HKDF_PKEY_CTX *kctx; -- -- if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL) { -- KDFerr(KDF_F_PKEY_HKDF_INIT, ERR_R_MALLOC_FAILURE); -- return 0; -- } -+ EVP_KDF_IMPL *impl; - -- ctx->data = kctx; -+ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) -+ KDFerr(KDF_F_KDF_HKDF_NEW, ERR_R_MALLOC_FAILURE); -+ return impl; -+} - -- return 1; -+static void kdf_hkdf_free(EVP_KDF_IMPL *impl) -+{ -+ kdf_hkdf_reset(impl); -+ OPENSSL_free(impl); - } - --static void pkey_hkdf_cleanup(EVP_PKEY_CTX *ctx) -+static void kdf_hkdf_reset(EVP_KDF_IMPL *impl) - { -- HKDF_PKEY_CTX *kctx = ctx->data; -- OPENSSL_clear_free(kctx->salt, kctx->salt_len); -- OPENSSL_clear_free(kctx->key, kctx->key_len); -- OPENSSL_cleanse(kctx->info, kctx->info_len); -- OPENSSL_free(kctx); -+ OPENSSL_free(impl->salt); -+ OPENSSL_clear_free(impl->key, impl->key_len); -+ OPENSSL_cleanse(impl->info, impl->info_len); -+ memset(impl, 0, sizeof(*impl)); - } - --static int pkey_hkdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -+static int kdf_hkdf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) - { -- HKDF_PKEY_CTX *kctx = ctx->data; -+ const unsigned char *p; -+ size_t len; -+ const EVP_MD *md; - -- switch (type) { -- case EVP_PKEY_CTRL_HKDF_MD: -- if (p2 == NULL) -+ switch (cmd) { -+ case EVP_KDF_CTRL_SET_MD: -+ md = va_arg(args, const EVP_MD *); -+ if (md == NULL) - return 0; - -- kctx->md = p2; -+ impl->md = md; - return 1; - -- case EVP_PKEY_CTRL_HKDF_MODE: -- kctx->mode = p1; -+ case EVP_KDF_CTRL_SET_HKDF_MODE: -+ impl->mode = va_arg(args, int); - return 1; - -- case EVP_PKEY_CTRL_HKDF_SALT: -- if (p1 == 0 || p2 == NULL) -+ case EVP_KDF_CTRL_SET_SALT: -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ if (len == 0 || p == NULL) - return 1; - -- if (p1 < 0) -+ OPENSSL_free(impl->salt); -+ impl->salt = OPENSSL_memdup(p, len); -+ if (impl->salt == NULL) - return 0; - -- if (kctx->salt != NULL) -- OPENSSL_clear_free(kctx->salt, kctx->salt_len); -- -- kctx->salt = OPENSSL_memdup(p2, p1); -- if (kctx->salt == NULL) -- return 0; -- -- kctx->salt_len = p1; -+ impl->salt_len = len; - return 1; - -- case EVP_PKEY_CTRL_HKDF_KEY: -- if (p1 < 0) -+ case EVP_KDF_CTRL_SET_KEY: -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ OPENSSL_clear_free(impl->key, impl->key_len); -+ impl->key = OPENSSL_memdup(p, len); -+ if (impl->key == NULL) - return 0; - -- if (kctx->key != NULL) -- OPENSSL_clear_free(kctx->key, kctx->key_len); -- -- kctx->key = OPENSSL_memdup(p2, p1); -- if (kctx->key == NULL) -- return 0; -+ impl->key_len = len; -+ return 1; - -- kctx->key_len = p1; -+ case EVP_KDF_CTRL_RESET_HKDF_INFO: -+ OPENSSL_cleanse(impl->info, impl->info_len); -+ impl->info_len = 0; - return 1; - -- case EVP_PKEY_CTRL_HKDF_INFO: -- if (p1 == 0 || p2 == NULL) -+ case EVP_KDF_CTRL_ADD_HKDF_INFO: -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ if (len == 0 || p == NULL) - return 1; - -- if (p1 < 0 || p1 > (int)(HKDF_MAXBUF - kctx->info_len)) -+ if (len > (HKDF_MAXBUF - impl->info_len)) - return 0; - -- memcpy(kctx->info + kctx->info_len, p2, p1); -- kctx->info_len += p1; -+ memcpy(impl->info + impl->info_len, p, len); -+ impl->info_len += len; - return 1; - - default: - return -2; -- - } - } - --static int pkey_hkdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, -- const char *value) -+static int kdf_hkdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, -+ const char *value) - { - if (strcmp(type, "mode") == 0) { - int mode; - - if (strcmp(value, "EXTRACT_AND_EXPAND") == 0) -- mode = EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND; -+ mode = EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND; - else if (strcmp(value, "EXTRACT_ONLY") == 0) -- mode = EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY; -+ mode = EVP_KDF_HKDF_MODE_EXTRACT_ONLY; - else if (strcmp(value, "EXPAND_ONLY") == 0) -- mode = EVP_PKEY_HKDEF_MODE_EXPAND_ONLY; -+ mode = EVP_KDF_HKDF_MODE_EXPAND_ONLY; - else - return 0; - -- return EVP_PKEY_CTX_hkdf_mode(ctx, mode); -+ return call_ctrl(kdf_hkdf_ctrl, impl, EVP_KDF_CTRL_SET_HKDF_MODE, mode); - } - -- if (strcmp(type, "md") == 0) -- return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_DERIVE, -- EVP_PKEY_CTRL_HKDF_MD, value); -+ if (strcmp(type, "digest") == 0) -+ return kdf_md2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); - - if (strcmp(type, "salt") == 0) -- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, value); -+ return kdf_str2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_SALT, value); - - if (strcmp(type, "hexsalt") == 0) -- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, value); -+ return kdf_hex2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_SALT, value); - - if (strcmp(type, "key") == 0) -- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value); -+ return kdf_str2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_KEY, value); - - if (strcmp(type, "hexkey") == 0) -- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value); -+ return kdf_hex2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_SET_KEY, value); - - if (strcmp(type, "info") == 0) -- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO, value); -+ return kdf_str2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_ADD_HKDF_INFO, -+ value); - - if (strcmp(type, "hexinfo") == 0) -- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO, value); -+ return kdf_hex2ctrl(impl, kdf_hkdf_ctrl, EVP_KDF_CTRL_ADD_HKDF_INFO, -+ value); - -- KDFerr(KDF_F_PKEY_HKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); - return -2; - } - --static int pkey_hkdf_derive_init(EVP_PKEY_CTX *ctx) -+static size_t kdf_hkdf_size(EVP_KDF_IMPL *impl) - { -- HKDF_PKEY_CTX *kctx = ctx->data; -+ if (impl->mode != EVP_KDF_HKDF_MODE_EXTRACT_ONLY) -+ return SIZE_MAX; - -- OPENSSL_clear_free(kctx->key, kctx->key_len); -- OPENSSL_clear_free(kctx->salt, kctx->salt_len); -- OPENSSL_cleanse(kctx->info, kctx->info_len); -- memset(kctx, 0, sizeof(*kctx)); -- -- return 1; -+ if (impl->md == NULL) { -+ KDFerr(KDF_F_KDF_HKDF_SIZE, KDF_R_MISSING_MESSAGE_DIGEST); -+ return 0; -+ } -+ return EVP_MD_size(impl->md); - } - --static int pkey_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, -- size_t *keylen) -+static int kdf_hkdf_derive(EVP_KDF_IMPL *impl, unsigned char *key, -+ size_t keylen) - { -- HKDF_PKEY_CTX *kctx = ctx->data; -- -- if (kctx->md == NULL) { -- KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); -+ if (impl->md == NULL) { -+ KDFerr(KDF_F_KDF_HKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); - return 0; - } -- if (kctx->key == NULL) { -- KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_KEY); -+ if (impl->key == NULL) { -+ KDFerr(KDF_F_KDF_HKDF_DERIVE, KDF_R_MISSING_KEY); - return 0; - } - -- switch (kctx->mode) { -- case EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: -- return HKDF(kctx->md, kctx->salt, kctx->salt_len, kctx->key, -- kctx->key_len, kctx->info, kctx->info_len, key, -- *keylen) != NULL; -- -- case EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: -- if (key == NULL) { -- *keylen = EVP_MD_size(kctx->md); -- return 1; -- } -- return HKDF_Extract(kctx->md, kctx->salt, kctx->salt_len, kctx->key, -- kctx->key_len, key, keylen) != NULL; -- -- case EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: -- return HKDF_Expand(kctx->md, kctx->key, kctx->key_len, kctx->info, -- kctx->info_len, key, *keylen) != NULL; -+ switch (impl->mode) { -+ case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND: -+ return HKDF(impl->md, impl->salt, impl->salt_len, impl->key, -+ impl->key_len, impl->info, impl->info_len, key, -+ keylen); -+ -+ case EVP_KDF_HKDF_MODE_EXTRACT_ONLY: -+ return HKDF_Extract(impl->md, impl->salt, impl->salt_len, impl->key, -+ impl->key_len, key, keylen); -+ -+ case EVP_KDF_HKDF_MODE_EXPAND_ONLY: -+ return HKDF_Expand(impl->md, impl->key, impl->key_len, impl->info, -+ impl->info_len, key, keylen); - - default: - return 0; - } - } - --const EVP_PKEY_METHOD hkdf_pkey_meth = { -- EVP_PKEY_HKDF, -- 0, -- pkey_hkdf_init, -- 0, -- pkey_hkdf_cleanup, -- -- 0, 0, -- 0, 0, -- -- 0, -- 0, -- -- 0, -- 0, -- -- 0, 0, -- -- 0, 0, 0, 0, -- -- 0, 0, -- -- 0, 0, -- -- pkey_hkdf_derive_init, -- pkey_hkdf_derive, -- pkey_hkdf_ctrl, -- pkey_hkdf_ctrl_str -+const EVP_KDF_METHOD hkdf_kdf_meth = { -+ EVP_KDF_HKDF, -+ kdf_hkdf_new, -+ kdf_hkdf_free, -+ kdf_hkdf_reset, -+ kdf_hkdf_ctrl, -+ kdf_hkdf_ctrl_str, -+ kdf_hkdf_size, -+ kdf_hkdf_derive - }; - --static unsigned char *HKDF(const EVP_MD *evp_md, -- const unsigned char *salt, size_t salt_len, -- const unsigned char *key, size_t key_len, -- const unsigned char *info, size_t info_len, -- unsigned char *okm, size_t okm_len) -+static int HKDF(const EVP_MD *evp_md, -+ const unsigned char *salt, size_t salt_len, -+ const unsigned char *key, size_t key_len, -+ const unsigned char *info, size_t info_len, -+ unsigned char *okm, size_t okm_len) - { - unsigned char prk[EVP_MAX_MD_SIZE]; -- unsigned char *ret; -- size_t prk_len; -+ int ret; -+ size_t prk_len = EVP_MD_size(evp_md); - -- if (!HKDF_Extract(evp_md, salt, salt_len, key, key_len, prk, &prk_len)) -- return NULL; -+ if (!HKDF_Extract(evp_md, salt, salt_len, key, key_len, prk, prk_len)) -+ return 0; - - ret = HKDF_Expand(evp_md, prk, prk_len, info, info_len, okm, okm_len); - OPENSSL_cleanse(prk, sizeof(prk)); -@@ -273,43 +252,38 @@ static unsigned char *HKDF(const EVP_MD - return ret; - } - --static unsigned char *HKDF_Extract(const EVP_MD *evp_md, -- const unsigned char *salt, size_t salt_len, -- const unsigned char *key, size_t key_len, -- unsigned char *prk, size_t *prk_len) -+static int HKDF_Extract(const EVP_MD *evp_md, -+ const unsigned char *salt, size_t salt_len, -+ const unsigned char *key, size_t key_len, -+ unsigned char *prk, size_t prk_len) - { -- unsigned int tmp_len; -- -- if (!HMAC(evp_md, salt, salt_len, key, key_len, prk, &tmp_len)) -- return NULL; -- -- *prk_len = tmp_len; -- return prk; -+ if (prk_len != (size_t)EVP_MD_size(evp_md)) { -+ KDFerr(KDF_F_HKDF_EXTRACT, KDF_R_WRONG_OUTPUT_BUFFER_SIZE); -+ return 0; -+ } -+ return HMAC(evp_md, salt, salt_len, key, key_len, prk, NULL) != NULL; - } - --static unsigned char *HKDF_Expand(const EVP_MD *evp_md, -- const unsigned char *prk, size_t prk_len, -- const unsigned char *info, size_t info_len, -- unsigned char *okm, size_t okm_len) -+static int HKDF_Expand(const EVP_MD *evp_md, -+ const unsigned char *prk, size_t prk_len, -+ const unsigned char *info, size_t info_len, -+ unsigned char *okm, size_t okm_len) - { - HMAC_CTX *hmac; -- unsigned char *ret = NULL; -- -+ int ret = 0; - unsigned int i; -- - unsigned char prev[EVP_MAX_MD_SIZE]; -- - size_t done_len = 0, dig_len = EVP_MD_size(evp_md); -- - size_t n = okm_len / dig_len; -+ - if (okm_len % dig_len) - n++; - - if (n > 255 || okm == NULL) -- return NULL; -+ return 0; - - if ((hmac = HMAC_CTX_new()) == NULL) -- return NULL; -+ return 0; - - if (!HMAC_Init_ex(hmac, prk, prk_len, evp_md, NULL)) - goto err; -@@ -343,7 +317,7 @@ static unsigned char *HKDF_Expand(const - - done_len += copy_len; - } -- ret = okm; -+ ret = 1; - - err: - OPENSSL_cleanse(prev, sizeof(prev)); -diff -up openssl-1.1.1j/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1j/crypto/kdf/kdf_err.c ---- openssl-1.1.1j/crypto/kdf/kdf_err.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/kdf/kdf_err.c 2021-03-03 14:08:02.492294856 +0100 -@@ -1,6 +1,6 @@ - /* - * Generated by util/mkerr.pl DO NOT EDIT -- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy -@@ -14,6 +14,29 @@ - #ifndef OPENSSL_NO_ERR - - static const ERR_STRING_DATA KDF_str_functs[] = { -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_HKDF_EXTRACT, 0), "HKDF_Extract"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_DERIVE, 0), "kdf_hkdf_derive"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_NEW, 0), "kdf_hkdf_new"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_SIZE, 0), "kdf_hkdf_size"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_MD2CTRL, 0), "kdf_md2ctrl"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_PBKDF2_CTRL_STR, 0), -+ "kdf_pbkdf2_ctrl_str"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_PBKDF2_DERIVE, 0), "kdf_pbkdf2_derive"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_PBKDF2_NEW, 0), "kdf_pbkdf2_new"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_CTRL_STR, 0), -+ "kdf_scrypt_ctrl_str"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_CTRL_UINT32, 0), -+ "kdf_scrypt_ctrl_uint32"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_CTRL_UINT64, 0), -+ "kdf_scrypt_ctrl_uint64"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_DERIVE, 0), "kdf_scrypt_derive"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_NEW, 0), "kdf_scrypt_new"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_CTRL_STR, 0), -+ "kdf_tls1_prf_ctrl_str"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_DERIVE, 0), -+ "kdf_tls1_prf_derive"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_NEW, 0), "kdf_tls1_prf_new"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_PBKDF2_SET_MEMBUF, 0), "pbkdf2_set_membuf"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"}, -@@ -30,6 +53,7 @@ static const ERR_STRING_DATA KDF_str_fun - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0), - "pkey_tls1_prf_derive"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_SCRYPT_SET_MEMBUF, 0), "scrypt_set_membuf"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "tls1_prf_alg"}, - {0, NULL} - }; -@@ -50,6 +74,8 @@ static const ERR_STRING_DATA KDF_str_rea - "unknown parameter type"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_OUTPUT_BUFFER_SIZE), -+ "wrong output buffer size"}, - {0, NULL} - }; - -diff -up openssl-1.1.1j/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1j/crypto/kdf/kdf_local.h ---- openssl-1.1.1j/crypto/kdf/kdf_local.h.evp-kdf 2021-03-03 14:08:02.492294856 +0100 -+++ openssl-1.1.1j/crypto/kdf/kdf_local.h 2021-03-03 14:08:02.492294856 +0100 -@@ -0,0 +1,22 @@ -+/* -+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+int call_ctrl(int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), -+ EVP_KDF_IMPL *impl, int cmd, ...); -+int kdf_str2ctrl(EVP_KDF_IMPL *impl, -+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), -+ int cmd, const char *str); -+int kdf_hex2ctrl(EVP_KDF_IMPL *impl, -+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), -+ int cmd, const char *hex); -+int kdf_md2ctrl(EVP_KDF_IMPL *impl, -+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), -+ int cmd, const char *md_name); -+ -diff -up openssl-1.1.1j/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1j/crypto/kdf/kdf_util.c ---- openssl-1.1.1j/crypto/kdf/kdf_util.c.evp-kdf 2021-03-03 14:08:02.492294856 +0100 -+++ openssl-1.1.1j/crypto/kdf/kdf_util.c 2021-03-03 14:08:02.492294856 +0100 -@@ -0,0 +1,73 @@ -+/* -+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include -+#include -+#include -+#include -+#include "internal/cryptlib.h" -+#include "crypto/evp.h" -+#include "internal/numbers.h" -+#include "kdf_local.h" -+ -+int call_ctrl(int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), -+ EVP_KDF_IMPL *impl, int cmd, ...) -+{ -+ int ret; -+ va_list args; -+ -+ va_start(args, cmd); -+ ret = ctrl(impl, cmd, args); -+ va_end(args); -+ -+ return ret; -+} -+ -+/* Utility functions to send a string or hex string to a ctrl */ -+ -+int kdf_str2ctrl(EVP_KDF_IMPL *impl, -+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), -+ int cmd, const char *str) -+{ -+ return call_ctrl(ctrl, impl, cmd, (const unsigned char *)str, strlen(str)); -+} -+ -+int kdf_hex2ctrl(EVP_KDF_IMPL *impl, -+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), -+ int cmd, const char *hex) -+{ -+ unsigned char *bin; -+ long binlen; -+ int ret = -1; -+ -+ bin = OPENSSL_hexstr2buf(hex, &binlen); -+ if (bin == NULL) -+ return 0; -+ -+ if (binlen <= INT_MAX) -+ ret = call_ctrl(ctrl, impl, cmd, bin, (size_t)binlen); -+ OPENSSL_free(bin); -+ return ret; -+} -+ -+/* Pass a message digest to a ctrl */ -+int kdf_md2ctrl(EVP_KDF_IMPL *impl, -+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), -+ int cmd, const char *md_name) -+{ -+ const EVP_MD *md; -+ -+ if (md_name == NULL || (md = EVP_get_digestbyname(md_name)) == NULL) { -+ KDFerr(KDF_F_KDF_MD2CTRL, KDF_R_INVALID_DIGEST); -+ return 0; -+ } -+ return call_ctrl(ctrl, impl, cmd, md); -+} -+ -diff -up openssl-1.1.1j/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1j/crypto/kdf/pbkdf2.c ---- openssl-1.1.1j/crypto/kdf/pbkdf2.c.evp-kdf 2021-03-03 14:08:02.492294856 +0100 -+++ openssl-1.1.1j/crypto/kdf/pbkdf2.c 2021-03-03 14:08:02.492294856 +0100 -@@ -0,0 +1,264 @@ -+/* -+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include "internal/cryptlib.h" -+#include "crypto/evp.h" -+#include "kdf_local.h" -+ -+static void kdf_pbkdf2_reset(EVP_KDF_IMPL *impl); -+static void kdf_pbkdf2_init(EVP_KDF_IMPL *impl); -+static int pkcs5_pbkdf2_alg(const char *pass, size_t passlen, -+ const unsigned char *salt, int saltlen, int iter, -+ const EVP_MD *digest, unsigned char *key, -+ size_t keylen); -+ -+struct evp_kdf_impl_st { -+ unsigned char *pass; -+ size_t pass_len; -+ unsigned char *salt; -+ size_t salt_len; -+ int iter; -+ const EVP_MD *md; -+}; -+ -+static EVP_KDF_IMPL *kdf_pbkdf2_new(void) -+{ -+ EVP_KDF_IMPL *impl; -+ -+ impl = OPENSSL_zalloc(sizeof(*impl)); -+ if (impl == NULL) { -+ KDFerr(KDF_F_KDF_PBKDF2_NEW, ERR_R_MALLOC_FAILURE); -+ return NULL; -+ } -+ kdf_pbkdf2_init(impl); -+ return impl; -+} -+ -+static void kdf_pbkdf2_free(EVP_KDF_IMPL *impl) -+{ -+ kdf_pbkdf2_reset(impl); -+ OPENSSL_free(impl); -+} -+ -+static void kdf_pbkdf2_reset(EVP_KDF_IMPL *impl) -+{ -+ OPENSSL_free(impl->salt); -+ OPENSSL_clear_free(impl->pass, impl->pass_len); -+ memset(impl, 0, sizeof(*impl)); -+ kdf_pbkdf2_init(impl); -+} -+ -+static void kdf_pbkdf2_init(EVP_KDF_IMPL *impl) -+{ -+ impl->iter = PKCS5_DEFAULT_ITER; -+ impl->md = EVP_sha1(); -+} -+ -+static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen, -+ const unsigned char *new_buffer, -+ size_t new_buflen) -+{ -+ if (new_buffer == NULL) -+ return 1; -+ -+ OPENSSL_clear_free(*buffer, *buflen); -+ -+ if (new_buflen > 0) { -+ *buffer = OPENSSL_memdup(new_buffer, new_buflen); -+ } else { -+ *buffer = OPENSSL_malloc(1); -+ } -+ if (*buffer == NULL) { -+ KDFerr(KDF_F_PBKDF2_SET_MEMBUF, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ *buflen = new_buflen; -+ return 1; -+} -+ -+static int kdf_pbkdf2_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) -+{ -+ int iter; -+ const unsigned char *p; -+ size_t len; -+ const EVP_MD *md; -+ -+ switch (cmd) { -+ case EVP_KDF_CTRL_SET_PASS: -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ return pbkdf2_set_membuf(&impl->pass, &impl->pass_len, p, len); -+ -+ case EVP_KDF_CTRL_SET_SALT: -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ return pbkdf2_set_membuf(&impl->salt, &impl->salt_len, p, len); -+ -+ case EVP_KDF_CTRL_SET_ITER: -+ iter = va_arg(args, int); -+ if (iter < 1) -+ return 0; -+ -+ impl->iter = iter; -+ return 1; -+ -+ case EVP_KDF_CTRL_SET_MD: -+ md = va_arg(args, const EVP_MD *); -+ if (md == NULL) -+ return 0; -+ -+ impl->md = md; -+ return 1; -+ -+ default: -+ return -2; -+ } -+} -+ -+static int kdf_pbkdf2_ctrl_str(EVP_KDF_IMPL *impl, const char *type, -+ const char *value) -+{ -+ if (value == NULL) { -+ KDFerr(KDF_F_KDF_PBKDF2_CTRL_STR, KDF_R_VALUE_MISSING); -+ return 0; -+ } -+ -+ if (strcmp(type, "pass") == 0) -+ return kdf_str2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_PASS, -+ value); -+ -+ if (strcmp(type, "hexpass") == 0) -+ return kdf_hex2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_PASS, -+ value); -+ -+ if (strcmp(type, "salt") == 0) -+ return kdf_str2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_SALT, -+ value); -+ -+ if (strcmp(type, "hexsalt") == 0) -+ return kdf_hex2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_SALT, -+ value); -+ -+ if (strcmp(type, "iter") == 0) -+ return call_ctrl(kdf_pbkdf2_ctrl, impl, EVP_KDF_CTRL_SET_ITER, -+ atoi(value)); -+ -+ if (strcmp(type, "digest") == 0) -+ return kdf_md2ctrl(impl, kdf_pbkdf2_ctrl, EVP_KDF_CTRL_SET_MD, value); -+ -+ return -2; -+} -+ -+static int kdf_pbkdf2_derive(EVP_KDF_IMPL *impl, unsigned char *key, -+ size_t keylen) -+{ -+ if (impl->pass == NULL) { -+ KDFerr(KDF_F_KDF_PBKDF2_DERIVE, KDF_R_MISSING_PASS); -+ return 0; -+ } -+ -+ if (impl->salt == NULL) { -+ KDFerr(KDF_F_KDF_PBKDF2_DERIVE, KDF_R_MISSING_SALT); -+ return 0; -+ } -+ -+ return pkcs5_pbkdf2_alg((char *)impl->pass, impl->pass_len, -+ impl->salt, impl->salt_len, impl->iter, -+ impl->md, key, keylen); -+} -+ -+const EVP_KDF_METHOD pbkdf2_kdf_meth = { -+ EVP_KDF_PBKDF2, -+ kdf_pbkdf2_new, -+ kdf_pbkdf2_free, -+ kdf_pbkdf2_reset, -+ kdf_pbkdf2_ctrl, -+ kdf_pbkdf2_ctrl_str, -+ NULL, -+ kdf_pbkdf2_derive -+}; -+ -+/* -+ * This is an implementation of PKCS#5 v2.0 password based encryption key -+ * derivation function PBKDF2. SHA1 version verified against test vectors -+ * posted by Peter Gutmann to the PKCS-TNG mailing list. -+ */ -+ -+static int pkcs5_pbkdf2_alg(const char *pass, size_t passlen, -+ const unsigned char *salt, int saltlen, int iter, -+ const EVP_MD *digest, unsigned char *key, -+ size_t keylen) -+{ -+ int ret = 0; -+ unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; -+ int cplen, j, k, tkeylen, mdlen; -+ unsigned long i = 1; -+ HMAC_CTX *hctx_tpl = NULL, *hctx = NULL; -+ -+ mdlen = EVP_MD_size(digest); -+ if (mdlen < 0) -+ return 0; -+ -+ hctx_tpl = HMAC_CTX_new(); -+ if (hctx_tpl == NULL) -+ return 0; -+ p = key; -+ tkeylen = keylen; -+ if (!HMAC_Init_ex(hctx_tpl, pass, passlen, digest, NULL)) -+ goto err; -+ hctx = HMAC_CTX_new(); -+ if (hctx == NULL) -+ goto err; -+ while (tkeylen) { -+ if (tkeylen > mdlen) -+ cplen = mdlen; -+ else -+ cplen = tkeylen; -+ /* -+ * We are unlikely to ever use more than 256 blocks (5120 bits!) but -+ * just in case... -+ */ -+ itmp[0] = (unsigned char)((i >> 24) & 0xff); -+ itmp[1] = (unsigned char)((i >> 16) & 0xff); -+ itmp[2] = (unsigned char)((i >> 8) & 0xff); -+ itmp[3] = (unsigned char)(i & 0xff); -+ if (!HMAC_CTX_copy(hctx, hctx_tpl)) -+ goto err; -+ if (!HMAC_Update(hctx, salt, saltlen) -+ || !HMAC_Update(hctx, itmp, 4) -+ || !HMAC_Final(hctx, digtmp, NULL)) -+ goto err; -+ memcpy(p, digtmp, cplen); -+ for (j = 1; j < iter; j++) { -+ if (!HMAC_CTX_copy(hctx, hctx_tpl)) -+ goto err; -+ if (!HMAC_Update(hctx, digtmp, mdlen) -+ || !HMAC_Final(hctx, digtmp, NULL)) -+ goto err; -+ for (k = 0; k < cplen; k++) -+ p[k] ^= digtmp[k]; -+ } -+ tkeylen -= cplen; -+ i++; -+ p += cplen; -+ } -+ ret = 1; -+ -+err: -+ HMAC_CTX_free(hctx); -+ HMAC_CTX_free(hctx_tpl); -+ return ret; -+} -diff -up openssl-1.1.1j/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1j/crypto/kdf/scrypt.c ---- openssl-1.1.1j/crypto/kdf/scrypt.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/kdf/scrypt.c 2021-03-03 14:08:02.492294856 +0100 -@@ -8,25 +8,35 @@ - */ - - #include -+#include - #include - #include - #include - #include --#include "internal/cryptlib.h" -+#include - #include "crypto/evp.h" -+#include "internal/numbers.h" -+#include "kdf_local.h" - - #ifndef OPENSSL_NO_SCRYPT - -+static void kdf_scrypt_reset(EVP_KDF_IMPL *impl); -+static void kdf_scrypt_init(EVP_KDF_IMPL *impl); - static int atou64(const char *nptr, uint64_t *result); -+static int scrypt_alg(const char *pass, size_t passlen, -+ const unsigned char *salt, size_t saltlen, -+ uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, -+ unsigned char *key, size_t keylen); - --typedef struct { -+struct evp_kdf_impl_st { - unsigned char *pass; - size_t pass_len; - unsigned char *salt; - size_t salt_len; -- uint64_t N, r, p; -+ uint64_t N; -+ uint32_t r, p; - uint64_t maxmem_bytes; --} SCRYPT_PKEY_CTX; -+}; - - /* Custom uint64_t parser since we do not have strtoull */ - static int atou64(const char *nptr, uint64_t *result) -@@ -53,51 +63,53 @@ static int atou64(const char *nptr, uint - return 1; - } - --static int pkey_scrypt_init(EVP_PKEY_CTX *ctx) -+static EVP_KDF_IMPL *kdf_scrypt_new(void) - { -- SCRYPT_PKEY_CTX *kctx; -+ EVP_KDF_IMPL *impl; - -- kctx = OPENSSL_zalloc(sizeof(*kctx)); -- if (kctx == NULL) { -- KDFerr(KDF_F_PKEY_SCRYPT_INIT, ERR_R_MALLOC_FAILURE); -- return 0; -+ impl = OPENSSL_zalloc(sizeof(*impl)); -+ if (impl == NULL) { -+ KDFerr(KDF_F_KDF_SCRYPT_NEW, ERR_R_MALLOC_FAILURE); -+ return NULL; - } -+ kdf_scrypt_init(impl); -+ return impl; -+} - -- /* Default values are the most conservative recommendation given in the -- * original paper of C. Percival. Derivation uses roughly 1 GiB of memory -- * for this parameter choice (approx. 128 * r * (N + p) bytes). -- */ -- kctx->N = 1 << 20; -- kctx->r = 8; -- kctx->p = 1; -- kctx->maxmem_bytes = 1025 * 1024 * 1024; -- -- ctx->data = kctx; -- -- return 1; -+static void kdf_scrypt_free(EVP_KDF_IMPL *impl) -+{ -+ kdf_scrypt_reset(impl); -+ OPENSSL_free(impl); - } - --static void pkey_scrypt_cleanup(EVP_PKEY_CTX *ctx) -+static void kdf_scrypt_reset(EVP_KDF_IMPL *impl) - { -- SCRYPT_PKEY_CTX *kctx = ctx->data; -+ OPENSSL_free(impl->salt); -+ OPENSSL_clear_free(impl->pass, impl->pass_len); -+ memset(impl, 0, sizeof(*impl)); -+ kdf_scrypt_init(impl); -+} - -- OPENSSL_clear_free(kctx->salt, kctx->salt_len); -- OPENSSL_clear_free(kctx->pass, kctx->pass_len); -- OPENSSL_free(kctx); -+static void kdf_scrypt_init(EVP_KDF_IMPL *impl) -+{ -+ /* Default values are the most conservative recommendation given in the -+ * original paper of C. Percival. Derivation uses roughly 1 GiB of memory -+ * for this parameter choice (approx. 128 * r * N * p bytes). -+ */ -+ impl->N = 1 << 20; -+ impl->r = 8; -+ impl->p = 1; -+ impl->maxmem_bytes = 1025 * 1024 * 1024; - } - --static int pkey_scrypt_set_membuf(unsigned char **buffer, size_t *buflen, -- const unsigned char *new_buffer, -- const int new_buflen) -+static int scrypt_set_membuf(unsigned char **buffer, size_t *buflen, -+ const unsigned char *new_buffer, -+ size_t new_buflen) - { - if (new_buffer == NULL) - return 1; - -- if (new_buflen < 0) -- return 0; -- -- if (*buffer != NULL) -- OPENSSL_clear_free(*buffer, *buflen); -+ OPENSSL_clear_free(*buffer, *buflen); - - if (new_buflen > 0) { - *buffer = OPENSSL_memdup(new_buffer, new_buflen); -@@ -105,7 +117,7 @@ static int pkey_scrypt_set_membuf(unsign - *buffer = OPENSSL_malloc(1); - } - if (*buffer == NULL) { -- KDFerr(KDF_F_PKEY_SCRYPT_SET_MEMBUF, ERR_R_MALLOC_FAILURE); -+ KDFerr(KDF_F_SCRYPT_SET_MEMBUF, ERR_R_MALLOC_FAILURE); - return 0; - } - -@@ -118,149 +130,378 @@ static int is_power_of_two(uint64_t valu - return (value != 0) && ((value & (value - 1)) == 0); - } - --static int pkey_scrypt_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -+static int kdf_scrypt_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) - { -- SCRYPT_PKEY_CTX *kctx = ctx->data; - uint64_t u64_value; -+ uint32_t value; -+ const unsigned char *p; -+ size_t len; -+ -+ switch (cmd) { -+ case EVP_KDF_CTRL_SET_PASS: -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ return scrypt_set_membuf(&impl->pass, &impl->pass_len, p, len); -+ -+ case EVP_KDF_CTRL_SET_SALT: -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ return scrypt_set_membuf(&impl->salt, &impl->salt_len, p, len); - -- switch (type) { -- case EVP_PKEY_CTRL_PASS: -- return pkey_scrypt_set_membuf(&kctx->pass, &kctx->pass_len, p2, p1); -- -- case EVP_PKEY_CTRL_SCRYPT_SALT: -- return pkey_scrypt_set_membuf(&kctx->salt, &kctx->salt_len, p2, p1); -- -- case EVP_PKEY_CTRL_SCRYPT_N: -- u64_value = *((uint64_t *)p2); -+ case EVP_KDF_CTRL_SET_SCRYPT_N: -+ u64_value = va_arg(args, uint64_t); - if ((u64_value <= 1) || !is_power_of_two(u64_value)) - return 0; -- kctx->N = u64_value; -+ -+ impl->N = u64_value; - return 1; - -- case EVP_PKEY_CTRL_SCRYPT_R: -- u64_value = *((uint64_t *)p2); -- if (u64_value < 1) -+ case EVP_KDF_CTRL_SET_SCRYPT_R: -+ value = va_arg(args, uint32_t); -+ if (value < 1) - return 0; -- kctx->r = u64_value; -+ -+ impl->r = value; - return 1; - -- case EVP_PKEY_CTRL_SCRYPT_P: -- u64_value = *((uint64_t *)p2); -- if (u64_value < 1) -+ case EVP_KDF_CTRL_SET_SCRYPT_P: -+ value = va_arg(args, uint32_t); -+ if (value < 1) - return 0; -- kctx->p = u64_value; -+ -+ impl->p = value; - return 1; - -- case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES: -- u64_value = *((uint64_t *)p2); -+ case EVP_KDF_CTRL_SET_MAXMEM_BYTES: -+ u64_value = va_arg(args, uint64_t); - if (u64_value < 1) - return 0; -- kctx->maxmem_bytes = u64_value; -+ -+ impl->maxmem_bytes = u64_value; - return 1; - - default: - return -2; -+ } -+} - -+static int kdf_scrypt_ctrl_uint32(EVP_KDF_IMPL *impl, int cmd, -+ const char *value) -+{ -+ int int_value = atoi(value); -+ -+ if (int_value < 0 || (uint64_t)int_value > UINT32_MAX) { -+ KDFerr(KDF_F_KDF_SCRYPT_CTRL_UINT32, KDF_R_VALUE_ERROR); -+ return 0; - } -+ return call_ctrl(kdf_scrypt_ctrl, impl, cmd, (uint32_t)int_value); - } - --static int pkey_scrypt_ctrl_uint64(EVP_PKEY_CTX *ctx, int type, -- const char *value) -+static int kdf_scrypt_ctrl_uint64(EVP_KDF_IMPL *impl, int cmd, -+ const char *value) - { -- uint64_t int_value; -+ uint64_t u64_value; - -- if (!atou64(value, &int_value)) { -- KDFerr(KDF_F_PKEY_SCRYPT_CTRL_UINT64, KDF_R_VALUE_ERROR); -+ if (!atou64(value, &u64_value)) { -+ KDFerr(KDF_F_KDF_SCRYPT_CTRL_UINT64, KDF_R_VALUE_ERROR); - return 0; - } -- return pkey_scrypt_ctrl(ctx, type, 0, &int_value); -+ return call_ctrl(kdf_scrypt_ctrl, impl, cmd, u64_value); - } - --static int pkey_scrypt_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, -- const char *value) -+static int kdf_scrypt_ctrl_str(EVP_KDF_IMPL *impl, const char *type, -+ const char *value) - { - if (value == NULL) { -- KDFerr(KDF_F_PKEY_SCRYPT_CTRL_STR, KDF_R_VALUE_MISSING); -+ KDFerr(KDF_F_KDF_SCRYPT_CTRL_STR, KDF_R_VALUE_MISSING); - return 0; - } - - if (strcmp(type, "pass") == 0) -- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_PASS, value); -+ return kdf_str2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_PASS, -+ value); - - if (strcmp(type, "hexpass") == 0) -- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_PASS, value); -+ return kdf_hex2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_PASS, -+ value); - - if (strcmp(type, "salt") == 0) -- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_SCRYPT_SALT, value); -+ return kdf_str2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_SALT, -+ value); - - if (strcmp(type, "hexsalt") == 0) -- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_SCRYPT_SALT, value); -+ return kdf_hex2ctrl(impl, kdf_scrypt_ctrl, EVP_KDF_CTRL_SET_SALT, -+ value); - - if (strcmp(type, "N") == 0) -- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_N, value); -+ return kdf_scrypt_ctrl_uint64(impl, EVP_KDF_CTRL_SET_SCRYPT_N, value); - - if (strcmp(type, "r") == 0) -- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_R, value); -+ return kdf_scrypt_ctrl_uint32(impl, EVP_KDF_CTRL_SET_SCRYPT_R, value); - - if (strcmp(type, "p") == 0) -- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_P, value); -+ return kdf_scrypt_ctrl_uint32(impl, EVP_KDF_CTRL_SET_SCRYPT_P, value); - - if (strcmp(type, "maxmem_bytes") == 0) -- return pkey_scrypt_ctrl_uint64(ctx, EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, -- value); -+ return kdf_scrypt_ctrl_uint64(impl, EVP_KDF_CTRL_SET_MAXMEM_BYTES, -+ value); - -- KDFerr(KDF_F_PKEY_SCRYPT_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); - return -2; - } - --static int pkey_scrypt_derive(EVP_PKEY_CTX *ctx, unsigned char *key, -- size_t *keylen) -+static int kdf_scrypt_derive(EVP_KDF_IMPL *impl, unsigned char *key, -+ size_t keylen) - { -- SCRYPT_PKEY_CTX *kctx = ctx->data; -- -- if (kctx->pass == NULL) { -- KDFerr(KDF_F_PKEY_SCRYPT_DERIVE, KDF_R_MISSING_PASS); -+ if (impl->pass == NULL) { -+ KDFerr(KDF_F_KDF_SCRYPT_DERIVE, KDF_R_MISSING_PASS); - return 0; - } - -- if (kctx->salt == NULL) { -- KDFerr(KDF_F_PKEY_SCRYPT_DERIVE, KDF_R_MISSING_SALT); -+ if (impl->salt == NULL) { -+ KDFerr(KDF_F_KDF_SCRYPT_DERIVE, KDF_R_MISSING_SALT); - return 0; - } - -- return EVP_PBE_scrypt((char *)kctx->pass, kctx->pass_len, kctx->salt, -- kctx->salt_len, kctx->N, kctx->r, kctx->p, -- kctx->maxmem_bytes, key, *keylen); -+ return scrypt_alg((char *)impl->pass, impl->pass_len, impl->salt, -+ impl->salt_len, impl->N, impl->r, impl->p, -+ impl->maxmem_bytes, key, keylen); - } - --const EVP_PKEY_METHOD scrypt_pkey_meth = { -- EVP_PKEY_SCRYPT, -- 0, -- pkey_scrypt_init, -- 0, -- pkey_scrypt_cleanup, -+const EVP_KDF_METHOD scrypt_kdf_meth = { -+ EVP_KDF_SCRYPT, -+ kdf_scrypt_new, -+ kdf_scrypt_free, -+ kdf_scrypt_reset, -+ kdf_scrypt_ctrl, -+ kdf_scrypt_ctrl_str, -+ NULL, -+ kdf_scrypt_derive -+}; - -- 0, 0, -- 0, 0, -+#define R(a,b) (((a) << (b)) | ((a) >> (32 - (b)))) -+static void salsa208_word_specification(uint32_t inout[16]) -+{ -+ int i; -+ uint32_t x[16]; - -- 0, -- 0, -+ memcpy(x, inout, sizeof(x)); -+ for (i = 8; i > 0; i -= 2) { -+ x[4] ^= R(x[0] + x[12], 7); -+ x[8] ^= R(x[4] + x[0], 9); -+ x[12] ^= R(x[8] + x[4], 13); -+ x[0] ^= R(x[12] + x[8], 18); -+ x[9] ^= R(x[5] + x[1], 7); -+ x[13] ^= R(x[9] + x[5], 9); -+ x[1] ^= R(x[13] + x[9], 13); -+ x[5] ^= R(x[1] + x[13], 18); -+ x[14] ^= R(x[10] + x[6], 7); -+ x[2] ^= R(x[14] + x[10], 9); -+ x[6] ^= R(x[2] + x[14], 13); -+ x[10] ^= R(x[6] + x[2], 18); -+ x[3] ^= R(x[15] + x[11], 7); -+ x[7] ^= R(x[3] + x[15], 9); -+ x[11] ^= R(x[7] + x[3], 13); -+ x[15] ^= R(x[11] + x[7], 18); -+ x[1] ^= R(x[0] + x[3], 7); -+ x[2] ^= R(x[1] + x[0], 9); -+ x[3] ^= R(x[2] + x[1], 13); -+ x[0] ^= R(x[3] + x[2], 18); -+ x[6] ^= R(x[5] + x[4], 7); -+ x[7] ^= R(x[6] + x[5], 9); -+ x[4] ^= R(x[7] + x[6], 13); -+ x[5] ^= R(x[4] + x[7], 18); -+ x[11] ^= R(x[10] + x[9], 7); -+ x[8] ^= R(x[11] + x[10], 9); -+ x[9] ^= R(x[8] + x[11], 13); -+ x[10] ^= R(x[9] + x[8], 18); -+ x[12] ^= R(x[15] + x[14], 7); -+ x[13] ^= R(x[12] + x[15], 9); -+ x[14] ^= R(x[13] + x[12], 13); -+ x[15] ^= R(x[14] + x[13], 18); -+ } -+ for (i = 0; i < 16; ++i) -+ inout[i] += x[i]; -+ OPENSSL_cleanse(x, sizeof(x)); -+} - -- 0, -- 0, -+static void scryptBlockMix(uint32_t *B_, uint32_t *B, uint64_t r) -+{ -+ uint64_t i, j; -+ uint32_t X[16], *pB; - -- 0, 0, -+ memcpy(X, B + (r * 2 - 1) * 16, sizeof(X)); -+ pB = B; -+ for (i = 0; i < r * 2; i++) { -+ for (j = 0; j < 16; j++) -+ X[j] ^= *pB++; -+ salsa208_word_specification(X); -+ memcpy(B_ + (i / 2 + (i & 1) * r) * 16, X, sizeof(X)); -+ } -+ OPENSSL_cleanse(X, sizeof(X)); -+} - -- 0, 0, 0, 0, -+static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, -+ uint32_t *X, uint32_t *T, uint32_t *V) -+{ -+ unsigned char *pB; -+ uint32_t *pV; -+ uint64_t i, k; -+ -+ /* Convert from little endian input */ -+ for (pV = V, i = 0, pB = B; i < 32 * r; i++, pV++) { -+ *pV = *pB++; -+ *pV |= *pB++ << 8; -+ *pV |= *pB++ << 16; -+ *pV |= (uint32_t)*pB++ << 24; -+ } - -- 0, 0, -+ for (i = 1; i < N; i++, pV += 32 * r) -+ scryptBlockMix(pV, pV - 32 * r, r); - -- 0, 0, -+ scryptBlockMix(X, V + (N - 1) * 32 * r, r); - -- 0, -- pkey_scrypt_derive, -- pkey_scrypt_ctrl, -- pkey_scrypt_ctrl_str --}; -+ for (i = 0; i < N; i++) { -+ uint32_t j; -+ j = X[16 * (2 * r - 1)] % N; -+ pV = V + 32 * r * j; -+ for (k = 0; k < 32 * r; k++) -+ T[k] = X[k] ^ *pV++; -+ scryptBlockMix(X, T, r); -+ } -+ /* Convert output to little endian */ -+ for (i = 0, pB = B; i < 32 * r; i++) { -+ uint32_t xtmp = X[i]; -+ *pB++ = xtmp & 0xff; -+ *pB++ = (xtmp >> 8) & 0xff; -+ *pB++ = (xtmp >> 16) & 0xff; -+ *pB++ = (xtmp >> 24) & 0xff; -+ } -+} -+ -+#ifndef SIZE_MAX -+# define SIZE_MAX ((size_t)-1) -+#endif -+ -+/* -+ * Maximum power of two that will fit in uint64_t: this should work on -+ * most (all?) platforms. -+ */ -+ -+#define LOG2_UINT64_MAX (sizeof(uint64_t) * 8 - 1) -+ -+/* -+ * Maximum value of p * r: -+ * p <= ((2^32-1) * hLen) / MFLen => -+ * p <= ((2^32-1) * 32) / (128 * r) => -+ * p * r <= (2^30-1) -+ */ -+ -+#define SCRYPT_PR_MAX ((1 << 30) - 1) -+ -+static int scrypt_alg(const char *pass, size_t passlen, -+ const unsigned char *salt, size_t saltlen, -+ uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, -+ unsigned char *key, size_t keylen) -+{ -+ int rv = 0; -+ unsigned char *B; -+ uint32_t *X, *V, *T; -+ uint64_t i, Blen, Vlen; -+ -+ /* Sanity check parameters */ -+ /* initial check, r,p must be non zero, N >= 2 and a power of 2 */ -+ if (r == 0 || p == 0 || N < 2 || (N & (N - 1))) -+ return 0; -+ /* Check p * r < SCRYPT_PR_MAX avoiding overflow */ -+ if (p > SCRYPT_PR_MAX / r) { -+ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); -+ return 0; -+ } -+ -+ /* -+ * Need to check N: if 2^(128 * r / 8) overflows limit this is -+ * automatically satisfied since N <= UINT64_MAX. -+ */ -+ -+ if (16 * r <= LOG2_UINT64_MAX) { -+ if (N >= (((uint64_t)1) << (16 * r))) { -+ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); -+ return 0; -+ } -+ } -+ -+ /* Memory checks: check total allocated buffer size fits in uint64_t */ -+ -+ /* -+ * B size in section 5 step 1.S -+ * Note: we know p * 128 * r < UINT64_MAX because we already checked -+ * p * r < SCRYPT_PR_MAX -+ */ -+ Blen = p * 128 * r; -+ /* -+ * Yet we pass it as integer to PKCS5_PBKDF2_HMAC... [This would -+ * have to be revised when/if PKCS5_PBKDF2_HMAC accepts size_t.] -+ */ -+ if (Blen > INT_MAX) { -+ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); -+ return 0; -+ } -+ -+ /* -+ * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in uint64_t -+ * This is combined size V, X and T (section 4) -+ */ -+ i = UINT64_MAX / (32 * sizeof(uint32_t)); -+ if (N + 2 > i / r) { -+ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); -+ return 0; -+ } -+ Vlen = 32 * r * (N + 2) * sizeof(uint32_t); -+ -+ /* check total allocated size fits in uint64_t */ -+ if (Blen > UINT64_MAX - Vlen) { -+ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); -+ return 0; -+ } -+ -+ /* Check that the maximum memory doesn't exceed a size_t limits */ -+ if (maxmem > SIZE_MAX) -+ maxmem = SIZE_MAX; -+ -+ if (Blen + Vlen > maxmem) { -+ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_MEMORY_LIMIT_EXCEEDED); -+ return 0; -+ } -+ -+ /* If no key return to indicate parameters are OK */ -+ if (key == NULL) -+ return 1; -+ -+ B = OPENSSL_malloc((size_t)(Blen + Vlen)); -+ if (B == NULL) { -+ EVPerr(EVP_F_SCRYPT_ALG, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ X = (uint32_t *)(B + Blen); -+ T = X + 32 * r; -+ V = T + 32 * r; -+ if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, EVP_sha256(), -+ (int)Blen, B) == 0) -+ goto err; -+ -+ for (i = 0; i < p; i++) -+ scryptROMix(B + 128 * r * i, r, N, X, T, V); -+ -+ if (PKCS5_PBKDF2_HMAC(pass, passlen, B, (int)Blen, 1, EVP_sha256(), -+ keylen, key) == 0) -+ goto err; -+ rv = 1; -+ err: -+ if (rv == 0) -+ EVPerr(EVP_F_SCRYPT_ALG, EVP_R_PBKDF2_ERROR); -+ -+ OPENSSL_clear_free(B, (size_t)(Blen + Vlen)); -+ return rv; -+} - - #endif -diff -up openssl-1.1.1j/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1j/crypto/kdf/tls1_prf.c ---- openssl-1.1.1j/crypto/kdf/tls1_prf.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/kdf/tls1_prf.c 2021-03-03 14:08:02.492294856 +0100 -@@ -8,11 +8,15 @@ - */ - - #include -+#include -+#include - #include "internal/cryptlib.h" - #include - #include - #include "crypto/evp.h" -+#include "kdf_local.h" - -+static void kdf_tls1_prf_reset(EVP_KDF_IMPL *impl); - static int tls1_prf_alg(const EVP_MD *md, - const unsigned char *sec, size_t slen, - const unsigned char *seed, size_t seed_len, -@@ -20,9 +24,9 @@ static int tls1_prf_alg(const EVP_MD *md - - #define TLS1_PRF_MAXBUF 1024 - --/* TLS KDF pkey context structure */ -+/* TLS KDF kdf context structure */ - --typedef struct { -+struct evp_kdf_impl_st { - /* Digest to use for PRF */ - const EVP_MD *md; - /* Secret value to use for PRF */ -@@ -31,145 +35,137 @@ typedef struct { - /* Buffer of concatenated seed data */ - unsigned char seed[TLS1_PRF_MAXBUF]; - size_t seedlen; --} TLS1_PRF_PKEY_CTX; -+}; - --static int pkey_tls1_prf_init(EVP_PKEY_CTX *ctx) -+static EVP_KDF_IMPL *kdf_tls1_prf_new(void) - { -- TLS1_PRF_PKEY_CTX *kctx; -+ EVP_KDF_IMPL *impl; - -- if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL) { -- KDFerr(KDF_F_PKEY_TLS1_PRF_INIT, ERR_R_MALLOC_FAILURE); -- return 0; -- } -- ctx->data = kctx; -+ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) -+ KDFerr(KDF_F_KDF_TLS1_PRF_NEW, ERR_R_MALLOC_FAILURE); -+ return impl; -+} - -- return 1; -+static void kdf_tls1_prf_free(EVP_KDF_IMPL *impl) -+{ -+ kdf_tls1_prf_reset(impl); -+ OPENSSL_free(impl); - } - --static void pkey_tls1_prf_cleanup(EVP_PKEY_CTX *ctx) -+static void kdf_tls1_prf_reset(EVP_KDF_IMPL *impl) - { -- TLS1_PRF_PKEY_CTX *kctx = ctx->data; -- OPENSSL_clear_free(kctx->sec, kctx->seclen); -- OPENSSL_cleanse(kctx->seed, kctx->seedlen); -- OPENSSL_free(kctx); -+ OPENSSL_clear_free(impl->sec, impl->seclen); -+ OPENSSL_cleanse(impl->seed, impl->seedlen); -+ memset(impl, 0, sizeof(*impl)); - } - --static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -+static int kdf_tls1_prf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) - { -- TLS1_PRF_PKEY_CTX *kctx = ctx->data; -- switch (type) { -- case EVP_PKEY_CTRL_TLS_MD: -- kctx->md = p2; -- return 1; -+ const unsigned char *p; -+ size_t len; -+ const EVP_MD *md; - -- case EVP_PKEY_CTRL_TLS_SECRET: -- if (p1 < 0) -+ switch (cmd) { -+ case EVP_KDF_CTRL_SET_MD: -+ md = va_arg(args, const EVP_MD *); -+ if (md == NULL) - return 0; -- if (kctx->sec != NULL) -- OPENSSL_clear_free(kctx->sec, kctx->seclen); -- OPENSSL_cleanse(kctx->seed, kctx->seedlen); -- kctx->seedlen = 0; -- kctx->sec = OPENSSL_memdup(p2, p1); -- if (kctx->sec == NULL) -+ -+ impl->md = md; -+ return 1; -+ -+ case EVP_KDF_CTRL_SET_TLS_SECRET: -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ OPENSSL_clear_free(impl->sec, impl->seclen); -+ impl->sec = OPENSSL_memdup(p, len); -+ if (impl->sec == NULL) - return 0; -- kctx->seclen = p1; -+ -+ impl->seclen = len; -+ return 1; -+ -+ case EVP_KDF_CTRL_RESET_TLS_SEED: -+ OPENSSL_cleanse(impl->seed, impl->seedlen); -+ impl->seedlen = 0; - return 1; - -- case EVP_PKEY_CTRL_TLS_SEED: -- if (p1 == 0 || p2 == NULL) -+ case EVP_KDF_CTRL_ADD_TLS_SEED: -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ if (len == 0 || p == NULL) - return 1; -- if (p1 < 0 || p1 > (int)(TLS1_PRF_MAXBUF - kctx->seedlen)) -+ -+ if (len > (TLS1_PRF_MAXBUF - impl->seedlen)) - return 0; -- memcpy(kctx->seed + kctx->seedlen, p2, p1); -- kctx->seedlen += p1; -+ -+ memcpy(impl->seed + impl->seedlen, p, len); -+ impl->seedlen += len; - return 1; - - default: - return -2; -- - } - } - --static int pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx, -- const char *type, const char *value) -+static int kdf_tls1_prf_ctrl_str(EVP_KDF_IMPL *impl, -+ const char *type, const char *value) - { - if (value == NULL) { -- KDFerr(KDF_F_PKEY_TLS1_PRF_CTRL_STR, KDF_R_VALUE_MISSING); -+ KDFerr(KDF_F_KDF_TLS1_PRF_CTRL_STR, KDF_R_VALUE_MISSING); - return 0; - } -- if (strcmp(type, "md") == 0) { -- TLS1_PRF_PKEY_CTX *kctx = ctx->data; -+ if (strcmp(type, "digest") == 0) -+ return kdf_md2ctrl(impl, kdf_tls1_prf_ctrl, EVP_KDF_CTRL_SET_MD, value); - -- const EVP_MD *md = EVP_get_digestbyname(value); -- if (md == NULL) { -- KDFerr(KDF_F_PKEY_TLS1_PRF_CTRL_STR, KDF_R_INVALID_DIGEST); -- return 0; -- } -- kctx->md = md; -- return 1; -- } - if (strcmp(type, "secret") == 0) -- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); -+ return kdf_str2ctrl(impl, kdf_tls1_prf_ctrl, -+ EVP_KDF_CTRL_SET_TLS_SECRET, value); -+ - if (strcmp(type, "hexsecret") == 0) -- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); -+ return kdf_hex2ctrl(impl, kdf_tls1_prf_ctrl, -+ EVP_KDF_CTRL_SET_TLS_SECRET, value); -+ - if (strcmp(type, "seed") == 0) -- return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); -+ return kdf_str2ctrl(impl, kdf_tls1_prf_ctrl, EVP_KDF_CTRL_ADD_TLS_SEED, -+ value); -+ - if (strcmp(type, "hexseed") == 0) -- return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); -+ return kdf_hex2ctrl(impl, kdf_tls1_prf_ctrl, EVP_KDF_CTRL_ADD_TLS_SEED, -+ value); - -- KDFerr(KDF_F_PKEY_TLS1_PRF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); - return -2; - } - --static int pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, -- size_t *keylen) -+static int kdf_tls1_prf_derive(EVP_KDF_IMPL *impl, unsigned char *key, -+ size_t keylen) - { -- TLS1_PRF_PKEY_CTX *kctx = ctx->data; -- if (kctx->md == NULL) { -- KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); -+ if (impl->md == NULL) { -+ KDFerr(KDF_F_KDF_TLS1_PRF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); - return 0; - } -- if (kctx->sec == NULL) { -- KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_SECRET); -+ if (impl->sec == NULL) { -+ KDFerr(KDF_F_KDF_TLS1_PRF_DERIVE, KDF_R_MISSING_SECRET); - return 0; - } -- if (kctx->seedlen == 0) { -- KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_SEED); -+ if (impl->seedlen == 0) { -+ KDFerr(KDF_F_KDF_TLS1_PRF_DERIVE, KDF_R_MISSING_SEED); - return 0; - } -- return tls1_prf_alg(kctx->md, kctx->sec, kctx->seclen, -- kctx->seed, kctx->seedlen, -- key, *keylen); -+ return tls1_prf_alg(impl->md, impl->sec, impl->seclen, -+ impl->seed, impl->seedlen, -+ key, keylen); - } - --const EVP_PKEY_METHOD tls1_prf_pkey_meth = { -- EVP_PKEY_TLS1_PRF, -- 0, -- pkey_tls1_prf_init, -- 0, -- pkey_tls1_prf_cleanup, -- -- 0, 0, -- 0, 0, -- -- 0, -- 0, -- -- 0, -- 0, -- -- 0, 0, -- -- 0, 0, 0, 0, -- -- 0, 0, -- -- 0, 0, -- -- 0, -- pkey_tls1_prf_derive, -- pkey_tls1_prf_ctrl, -- pkey_tls1_prf_ctrl_str -+const EVP_KDF_METHOD tls1_prf_kdf_meth = { -+ EVP_KDF_TLS1_PRF, -+ kdf_tls1_prf_new, -+ kdf_tls1_prf_free, -+ kdf_tls1_prf_reset, -+ kdf_tls1_prf_ctrl, -+ kdf_tls1_prf_ctrl_str, -+ NULL, -+ kdf_tls1_prf_derive - }; - - static int tls1_prf_P_hash(const EVP_MD *md, -@@ -249,12 +245,11 @@ static int tls1_prf_alg(const EVP_MD *md - const unsigned char *seed, size_t seed_len, - unsigned char *out, size_t olen) - { -- - if (EVP_MD_type(md) == NID_md5_sha1) { - size_t i; - unsigned char *tmp; - if (!tls1_prf_P_hash(EVP_md5(), sec, slen/2 + (slen & 1), -- seed, seed_len, out, olen)) -+ seed, seed_len, out, olen)) - return 0; - - if ((tmp = OPENSSL_malloc(olen)) == NULL) { -@@ -262,7 +257,7 @@ static int tls1_prf_alg(const EVP_MD *md - return 0; - } - if (!tls1_prf_P_hash(EVP_sha1(), sec + slen/2, slen/2 + (slen & 1), -- seed, seed_len, tmp, olen)) { -+ seed, seed_len, tmp, olen)) { - OPENSSL_clear_free(tmp, olen); - return 0; - } -diff -up openssl-1.1.1j/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1j/doc/man3/EVP_KDF_CTX.pod ---- openssl-1.1.1j/doc/man3/EVP_KDF_CTX.pod.evp-kdf 2021-03-03 14:08:02.492294856 +0100 -+++ openssl-1.1.1j/doc/man3/EVP_KDF_CTX.pod 2021-03-03 14:08:02.492294856 +0100 -@@ -0,0 +1,217 @@ -+=pod -+ -+=head1 NAME -+ -+EVP_KDF_CTX, EVP_KDF_CTX_new_id, EVP_KDF_CTX_free, EVP_KDF_reset, -+EVP_KDF_ctrl, EVP_KDF_vctrl, EVP_KDF_ctrl_str, EVP_KDF_size, -+EVP_KDF_derive - EVP KDF routines -+ -+=head1 SYNOPSIS -+ -+ #include -+ -+ typedef struct evp_kdf_ctx_st EVP_KDF_CTX; -+ -+ EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); -+ void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); -+ void EVP_KDF_reset(EVP_KDF_CTX *ctx); -+ int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...); -+ int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args); -+ int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value); -+ size_t EVP_KDF_size(EVP_KDF_CTX *ctx); -+ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); -+ -+=head1 DESCRIPTION -+ -+The EVP KDF routines are a high level interface to Key Derivation Function -+algorithms and should be used instead of algorithm-specific functions. -+ -+After creating a C for the required algorithm using -+EVP_KDF_CTX_new_id(), inputs to the algorithm are supplied using calls to -+EVP_KDF_ctrl(), EVP_KDF_vctrl() or EVP_KDF_ctrl_str() before calling -+EVP_KDF_derive() to derive the key. -+ -+=head2 Types -+ -+B is a context type that holds the algorithm inputs. -+ -+=head2 Context manipulation functions -+ -+EVP_KDF_CTX_new_id() creates a KDF context for the algorithm identified by the -+specified NID. -+ -+EVP_KDF_CTX_free() frees up the context C. If C is C, nothing -+is done. -+ -+=head2 Computing functions -+ -+EVP_KDF_reset() resets the context to the default state as if the context -+had just been created. -+ -+EVP_KDF_ctrl() is used to provide inputs to the KDF algorithm prior to -+EVP_KDF_derive() being called. The inputs that may be provided will vary -+depending on the KDF algorithm or its implementation. This functions takes -+variable arguments, the exact expected arguments depend on C. -+See L below for a description of standard controls. -+ -+EVP_KDF_vctrl() is the variant of EVP_KDF_ctrl() that takes a C -+argument instead of variadic arguments. -+ -+EVP_KDF_ctrl_str() allows an application to send an algorithm specific control -+operation to a context C in string form. This is intended to be used for -+options specified on the command line or in text files. -+ -+EVP_KDF_size() returns the output size if the algorithm produces a fixed amount -+of output and C otherwise. If an error occurs then 0 is returned. -+For some algorithms an error may result if input parameters necessary to -+calculate a fixed output size have not yet been supplied. -+ -+EVP_KDF_derive() derives C bytes of key material and places it in the -+C buffer. If the algorithm produces a fixed amount of output then an -+error will occur unless the C parameter is equal to that output size, -+as returned by EVP_KDF_size(). -+ -+=head1 CONTROLS -+ -+The standard controls are: -+ -+=over 4 -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+Some KDF implementations require a password. For those KDF implementations -+that support it, this control sets the password. -+ -+EVP_KDF_ctrl_str() takes two type strings for this control: -+ -+=over 4 -+ -+=item "pass" -+ -+The value string is used as is. -+ -+=item "hexpass" -+ -+The value string is expected to be a hexadecimal number, which will be -+decoded before being passed on as the control value. -+ -+=back -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+Some KDF implementations can take a salt. For those KDF implementations that -+support it, this control sets the salt. -+ -+The default value, if any, is implementation dependent. -+ -+EVP_KDF_ctrl_str() takes two type strings for this control: -+ -+=over 4 -+ -+=item "salt" -+ -+The value string is used as is. -+ -+=item "hexsalt" -+ -+The value string is expected to be a hexadecimal number, which will be -+decoded before being passed on as the control value. -+ -+=back -+ -+=item B -+ -+This control expects one argument: C -+ -+Some KDF implementations require an iteration count. For those KDF implementations that support it, this control sets the iteration count. -+ -+The default value, if any, is implementation dependent. -+ -+EVP_KDF_ctrl_str() type string: "iter" -+ -+The value string is expected to be a decimal number. -+ -+=item B -+ -+This control expects one argument: C -+ -+For MAC implementations that use a message digest as an underlying computation -+algorithm, this control set what the digest algorithm should be. -+ -+EVP_KDF_ctrl_str() type string: "md" -+ -+The value string is expected to be the name of a digest. -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+Some KDF implementations require a key. For those KDF implementations that -+support it, this control sets the key. -+ -+EVP_KDF_ctrl_str() takes two type strings for this control: -+ -+=over 4 -+ -+=item "key" -+ -+The value string is used as is. -+ -+=item "hexkey" -+ -+The value string is expected to be a hexadecimal number, which will be -+decoded before being passed on as the control value. -+ -+=back -+ -+=item B -+ -+This control expects one argument: C -+ -+Memory-hard password-based KDF algorithms, such as scrypt, use an amount of -+memory that depends on the load factors provided as input. For those KDF -+implementations that support it, this control sets an upper limit on the amount -+of memory that may be consumed while performing a key derivation. If this -+memory usage limit is exceeded because the load factors are chosen too high, -+the key derivation will fail. -+ -+The default value is implementation dependent. -+ -+EVP_KDF_ctrl_str() type string: "maxmem_bytes" -+ -+The value string is expected to be a decimal number. -+ -+=back -+ -+=head1 RETURN VALUES -+ -+EVP_KDF_CTX_new_id() returns either the newly allocated C -+structure or C if an error occurred. -+ -+EVP_KDF_CTX_free() and EVP_KDF_reset() do not return a value. -+ -+EVP_KDF_size() returns the output size. C is returned to indicate -+that the algorithm produces a variable amount of output; 0 to indicate failure. -+ -+The remaining functions return 1 for success and 0 or a negative value for -+failure. In particular, a return value of -2 indicates the operation is not -+supported by the KDF algorithm. -+ -+=head1 SEE ALSO -+ -+L -+ -+=head1 COPYRIGHT -+ -+Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. -+ -+Licensed under the Apache License 2.0 (the "License"). You may not use -+this file except in compliance with the License. You can obtain a copy -+in the file LICENSE in the source distribution or at -+L. -+ -+=cut -diff -up openssl-1.1.1j/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1j/doc/man7/EVP_KDF_HKDF.pod ---- openssl-1.1.1j/doc/man7/EVP_KDF_HKDF.pod.evp-kdf 2021-03-03 14:08:02.493294865 +0100 -+++ openssl-1.1.1j/doc/man7/EVP_KDF_HKDF.pod 2021-03-03 14:08:02.493294865 +0100 -@@ -0,0 +1,180 @@ -+=pod -+ -+=head1 NAME -+ -+EVP_KDF_HKDF - The HKDF EVP_KDF implementation -+ -+=head1 DESCRIPTION -+ -+Support for computing the B KDF through the B API. -+ -+The EVP_KDF_HKDF algorithm implements the HKDF key derivation function. -+HKDF follows the "extract-then-expand" paradigm, where the KDF logically -+consists of two modules. The first stage takes the input keying material -+and "extracts" from it a fixed-length pseudorandom key K. The second stage -+"expands" the key K into several additional pseudorandom keys (the output -+of the KDF). -+ -+=head2 Numeric identity -+ -+B is the numeric identity for this implementation; it -+can be used with the EVP_KDF_CTX_new_id() function. -+ -+=head2 Supported controls -+ -+The supported controls are: -+ -+=over 4 -+ -+=item B -+ -+=item B -+ -+=item B -+ -+These controls work as described in L. -+ -+=item B -+ -+This control does not expect any arguments. -+ -+Resets the context info buffer to zero length. -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+Sets the info value to the first B bytes of the buffer B. If a -+value is already set, the contents of the buffer are appended to the existing -+value. -+ -+The total length of the context info buffer cannot exceed 1024 bytes; -+this should be more than enough for any normal use of HKDF. -+ -+EVP_KDF_ctrl_str() takes two type strings for this control: -+ -+=over 4 -+ -+=item "info" -+ -+The value string is used as is. -+ -+=item "hexinfo" -+ -+The value string is expected to be a hexadecimal number, which will be -+decoded before being passed on as the control value. -+ -+=back -+ -+=item B -+ -+This control expects one argument: C -+ -+Sets the mode for the HKDF operation. There are three modes that are currently -+defined: -+ -+=over 4 -+ -+=item EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND -+ -+This is the default mode. Calling L on an EVP_KDF_CTX set -+up for HKDF will perform an extract followed by an expand operation in one go. -+The derived key returned will be the result after the expand operation. The -+intermediate fixed-length pseudorandom key K is not returned. -+ -+In this mode the digest, key, salt and info values must be set before a key is -+derived otherwise an error will occur. -+ -+=item EVP_KDF_HKDF_MODE_EXTRACT_ONLY -+ -+In this mode calling L will just perform the extract -+operation. The value returned will be the intermediate fixed-length pseudorandom -+key K. The C parameter must match the size of K, which can be looked -+up by calling EVP_KDF_size() after setting the mode and digest. -+ -+The digest, key and salt values must be set before a key is derived otherwise -+an error will occur. -+ -+=item EVP_KDF_HKDF_MODE_EXPAND_ONLY -+ -+In this mode calling L will just perform the expand -+operation. The input key should be set to the intermediate fixed-length -+pseudorandom key K returned from a previous extract operation. -+ -+The digest, key and info values must be set before a key is derived otherwise -+an error will occur. -+ -+=back -+ -+EVP_KDF_ctrl_str() type string: "mode" -+ -+The value string is expected to be one of: "EXTRACT_AND_EXPAND", "EXTRACT_ONLY" -+or "EXPAND_ONLY". -+ -+=back -+ -+=head1 NOTES -+ -+A context for HKDF can be obtained by calling: -+ -+ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF); -+ -+The output length of an HKDF expand operation is specified via the C -+parameter to the L function. When using -+EVP_KDF_HKDF_MODE_EXTRACT_ONLY the C parameter must equal the size of -+the intermediate fixed-length pseudorandom key otherwise an error will occur. -+For that mode, the fixed output size can be looked up by calling EVP_KDF_size() -+after setting the mode and digest on the C. -+ -+=head1 EXAMPLE -+ -+This example derives 10 bytes using SHA-256 with the secret key "secret", -+salt value "salt" and info value "label": -+ -+ EVP_KDF_CTX *kctx; -+ unsigned char out[10]; -+ -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF); -+ -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { -+ error("EVP_KDF_CTRL_SET_MD"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { -+ error("EVP_KDF_CTRL_SET_SALT"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) { -+ error("EVP_KDF_CTRL_SET_KEY"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, "label", (size_t)5) <= 0) { -+ error("EVP_KDF_CTRL_ADD_HKDF_INFO"); -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { -+ error("EVP_KDF_derive"); -+ } -+ -+ EVP_KDF_CTX_free(kctx); -+ -+=head1 CONFORMING TO -+ -+RFC 5869 -+ -+=head1 SEE ALSO -+ -+L, -+L, -+L, -+L, -+L, -+L, -+L -+ -+=head1 COPYRIGHT -+ -+Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. -+ -+Licensed under the Apache License 2.0 (the "License"). You may not use -+this file except in compliance with the License. You can obtain a copy -+in the file LICENSE in the source distribution or at -+L. -+ -+=cut -diff -up openssl-1.1.1j/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1j/doc/man7/EVP_KDF_PBKDF2.pod ---- openssl-1.1.1j/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf 2021-03-03 14:08:02.493294865 +0100 -+++ openssl-1.1.1j/doc/man7/EVP_KDF_PBKDF2.pod 2021-03-03 14:08:02.493294865 +0100 -@@ -0,0 +1,78 @@ -+=pod -+ -+=head1 NAME -+ -+EVP_KDF_PBKDF2 - The PBKDF2 EVP_KDF implementation -+ -+=head1 DESCRIPTION -+ -+Support for computing the B password-based KDF through the B -+API. -+ -+The EVP_KDF_PBKDF2 algorithm implements the PBKDF2 password-based key -+derivation function, as described in RFC 2898; it derives a key from a password -+using a salt and iteration count. -+ -+=head2 Numeric identity -+ -+B is the numeric identity for this implementation; it -+can be used with the EVP_KDF_CTX_new_id() function. -+ -+=head2 Supported controls -+ -+The supported controls are: -+ -+=over 4 -+ -+=item B -+ -+=item B -+ -+=item B -+ -+=item B -+ -+These controls work as described in L. -+ -+B is the iteration count and its value should be greater than or equal to -+1. RFC 2898 suggests an iteration count of at least 1000. The default value is -+2048. Any B less than 1 is treated as a single iteration. -+ -+=back -+ -+=head1 NOTES -+ -+A typical application of this algorithm is to derive keying material for an -+encryption algorithm from a password in the B, a salt in B, -+and an iteration count. -+ -+Increasing the B parameter slows down the algorithm which makes it -+harder for an attacker to perform a brute force attack using a large number -+of candidate passwords. -+ -+No assumption is made regarding the given password; it is simply treated as a -+byte sequence. -+ -+=head1 CONFORMING TO -+ -+RFC 2898 -+ -+=head1 SEE ALSO -+ -+L, -+L, -+L, -+L, -+L, -+L -+ -+=head1 COPYRIGHT -+ -+Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. -+ -+Licensed under the Apache License 2.0 (the "License"). You may not use -+this file except in compliance with the License. You can obtain a copy -+in the file LICENSE in the source distribution or at -+L. -+ -+=cut -diff -up openssl-1.1.1j/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1j/doc/man7/EVP_KDF_SCRYPT.pod ---- openssl-1.1.1j/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf 2021-03-03 14:08:02.493294865 +0100 -+++ openssl-1.1.1j/doc/man7/EVP_KDF_SCRYPT.pod 2021-03-03 14:08:02.493294865 +0100 -@@ -0,0 +1,149 @@ -+=pod -+ -+=head1 NAME -+ -+EVP_KDF_SCRYPT - The scrypt EVP_KDF implementation -+ -+=head1 DESCRIPTION -+ -+Support for computing the B password-based KDF through the B -+API. -+ -+The EVP_KDF_SCRYPT algorithm implements the scrypt password-based key -+derivation function, as described in RFC 7914. It is memory-hard in the sense -+that it deliberately requires a significant amount of RAM for efficient -+computation. The intention of this is to render brute forcing of passwords on -+systems that lack large amounts of main memory (such as GPUs or ASICs) -+computationally infeasible. -+ -+scrypt provides three work factors that can be customized: N, r and p. N, which -+has to be a positive power of two, is the general work factor and scales CPU -+time in an approximately linear fashion. r is the block size of the internally -+used hash function and p is the parallelization factor. Both r and p need to be -+greater than zero. The amount of RAM that scrypt requires for its computation -+is roughly (128 * N * r * p) bytes. -+ -+In the original paper of Colin Percival ("Stronger Key Derivation via -+Sequential Memory-Hard Functions", 2009), the suggested values that give a -+computation time of less than 5 seconds on a 2.5 GHz Intel Core 2 Duo are N = -+2^20 = 1048576, r = 8, p = 1. Consequently, the required amount of memory for -+this computation is roughly 1 GiB. On a more recent CPU (Intel i7-5930K at 3.5 -+GHz), this computation takes about 3 seconds. When N, r or p are not specified, -+they default to 1048576, 8, and 1, respectively. The maximum amount of RAM that -+may be used by scrypt defaults to 1025 MiB. -+ -+=head2 Numeric identity -+ -+B is the numeric identity for this implementation; it -+can be used with the EVP_KDF_CTX_new_id() function. -+ -+=head2 Supported controls -+ -+The supported controls are: -+ -+=over 4 -+ -+=item B -+ -+=item B -+ -+These controls work as described in L. -+ -+=item B -+ -+=item B -+ -+=item B -+ -+B expects one argument: C -+ -+B expects one argument: C -+ -+B expects one argument: C -+ -+These controls configure the scrypt work factors N, r and p. -+ -+EVP_KDF_ctrl_str() type strings: "N", "r" and "p", respectively. -+ -+The corresponding value strings are expected to be decimal numbers. -+ -+=back -+ -+=head1 NOTES -+ -+A context for scrypt can be obtained by calling: -+ -+ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT); -+ -+The output length of an scrypt key derivation is specified via the -+B parameter to the L function. -+ -+=head1 EXAMPLE -+ -+This example derives a 64-byte long test vector using scrypt with the password -+"password", salt "NaCl" and N = 1024, r = 8, p = 16. -+ -+ EVP_KDF_CTX *kctx; -+ unsigned char out[64]; -+ -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT); -+ -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { -+ error("EVP_KDF_CTRL_SET_PASS"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl", (size_t)4) <= 0) { -+ error("EVP_KDF_CTRL_SET_SALT"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, (uint64_t)1024) <= 0) { -+ error("EVP_KDF_CTRL_SET_SCRYPT_N"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)8) <= 0) { -+ error("EVP_KDF_CTRL_SET_SCRYPT_R"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)16) <= 0) { -+ error("EVP_KDF_CTRL_SET_SCRYPT_P"); -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { -+ error("EVP_KDF_derive"); -+ } -+ -+ { -+ const unsigned char expected[sizeof(out)] = { -+ 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, -+ 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, -+ 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, -+ 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, -+ 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, -+ 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, -+ 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, -+ 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 -+ }; -+ -+ assert(!memcmp(out, expected, sizeof(out))); -+ } -+ -+ EVP_KDF_CTX_free(kctx); -+ -+=head1 CONFORMING TO -+ -+RFC 7914 -+ -+=head1 SEE ALSO -+ -+L, -+L, -+L, -+L, -+L, -+L -+ -+=head1 COPYRIGHT -+ -+Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. -+ -+Licensed under the OpenSSL license (the "License"). You may not use -+this file except in compliance with the License. You can obtain a copy -+in the file LICENSE in the source distribution or at -+L. -+ -+=cut -diff -up openssl-1.1.1j/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1j/doc/man7/EVP_KDF_TLS1_PRF.pod ---- openssl-1.1.1j/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf 2021-03-03 14:08:02.493294865 +0100 -+++ openssl-1.1.1j/doc/man7/EVP_KDF_TLS1_PRF.pod 2021-03-03 14:08:02.493294865 +0100 -@@ -0,0 +1,142 @@ -+=pod -+ -+=head1 NAME -+ -+EVP_KDF_TLS1_PRF - The TLS1 PRF EVP_KDF implementation -+ -+=head1 DESCRIPTION -+ -+Support for computing the B PRF through the B API. -+ -+The EVP_KDF_TLS1_PRF algorithm implements the PRF used by TLS versions up to -+and including TLS 1.2. -+ -+=head2 Numeric identity -+ -+B is the numeric identity for this implementation; it -+can be used with the EVP_KDF_CTX_new_id() function. -+ -+=head2 Supported controls -+ -+The supported controls are: -+ -+=over 4 -+ -+=item B -+ -+This control works as described in L. -+ -+The C control is used to set the message digest associated -+with the TLS PRF. EVP_md5_sha1() is treated as a special case which uses the -+PRF algorithm using both B and B as used in TLS 1.0 and 1.1. -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+Sets the secret value of the TLS PRF to B bytes of the buffer B. -+Any existing secret value is replaced. -+ -+EVP_KDF_ctrl_str() takes two type strings for this control: -+ -+=over 4 -+ -+=item "secret" -+ -+The value string is used as is. -+ -+=item "hexsecret" -+ -+The value string is expected to be a hexadecimal number, which will be -+decoded before being passed on as the control value. -+ -+=back -+ -+=item B -+ -+This control does not expect any arguments. -+ -+Resets the context seed buffer to zero length. -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+Sets the seed to B bytes of B. If a seed is already set it is -+appended to the existing value. -+ -+The total length of the context seed buffer cannot exceed 1024 bytes; -+this should be more than enough for any normal use of the TLS PRF. -+ -+EVP_KDF_ctrl_str() takes two type strings for this control: -+ -+=over 4 -+ -+=item "seed" -+ -+The value string is used as is. -+ -+=item "hexseed" -+ -+The value string is expected to be a hexadecimal number, which will be -+decoded before being passed on as the control value. -+ -+=back -+ -+=back -+ -+=head1 NOTES -+ -+A context for the TLS PRF can be obtained by calling: -+ -+ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF, NULL); -+ -+The digest, secret value and seed must be set before a key is derived otherwise -+an error will occur. -+ -+The output length of the PRF is specified by the C parameter to the -+EVP_KDF_derive() function. -+ -+=head1 EXAMPLE -+ -+This example derives 10 bytes using SHA-256 with the secret key "secret" -+and seed value "seed": -+ -+ EVP_KDF_CTX *kctx; -+ unsigned char out[10]; -+ -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF); -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { -+ error("EVP_KDF_CTRL_SET_MD"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET, -+ "secret", (size_t)6) <= 0) { -+ error("EVP_KDF_CTRL_SET_TLS_SECRET"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed", (size_t)4) <= 0) { -+ error("EVP_KDF_CTRL_ADD_TLS_SEED"); -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { -+ error("EVP_KDF_derive"); -+ } -+ EVP_KDF_CTX_free(kctx); -+ -+=head1 SEE ALSO -+ -+L, -+L, -+L, -+L, -+L, -+L -+ -+=head1 COPYRIGHT -+ -+Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. -+ -+Licensed under the Apache License 2.0 (the "License"). You may not use -+this file except in compliance with the License. You can obtain a copy -+in the file LICENSE in the source distribution or at -+L. -+ -+=cut -diff -up openssl-1.1.1j/include/crypto/evp.h.evp-kdf openssl-1.1.1j/include/crypto/evp.h ---- openssl-1.1.1j/include/crypto/evp.h.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/crypto/evp.h 2021-03-03 14:08:02.493294865 +0100 -@@ -112,6 +112,24 @@ extern const EVP_PKEY_METHOD hkdf_pkey_m - extern const EVP_PKEY_METHOD poly1305_pkey_meth; - extern const EVP_PKEY_METHOD siphash_pkey_meth; - -+/* struct evp_kdf_impl_st is defined by the implementation */ -+typedef struct evp_kdf_impl_st EVP_KDF_IMPL; -+typedef struct { -+ int type; -+ EVP_KDF_IMPL *(*new) (void); -+ void (*free) (EVP_KDF_IMPL *impl); -+ void (*reset) (EVP_KDF_IMPL *impl); -+ int (*ctrl) (EVP_KDF_IMPL *impl, int cmd, va_list args); -+ int (*ctrl_str) (EVP_KDF_IMPL *impl, const char *type, const char *value); -+ size_t (*size) (EVP_KDF_IMPL *impl); -+ int (*derive) (EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen); -+} EVP_KDF_METHOD; -+ -+extern const EVP_KDF_METHOD pbkdf2_kdf_meth; -+extern const EVP_KDF_METHOD scrypt_kdf_meth; -+extern const EVP_KDF_METHOD tls1_prf_kdf_meth; -+extern const EVP_KDF_METHOD hkdf_kdf_meth; -+ - struct evp_md_st { - int type; - int pkey_type; -diff -up openssl-1.1.1j/include/openssl/evperr.h.evp-kdf openssl-1.1.1j/include/openssl/evperr.h ---- openssl-1.1.1j/include/openssl/evperr.h.evp-kdf 2021-03-03 14:08:02.477294722 +0100 -+++ openssl-1.1.1j/include/openssl/evperr.h 2021-03-03 14:13:37.587003722 +0100 -@@ -56,6 +56,9 @@ int ERR_load_EVP_strings(void); - # define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 219 - # define EVP_F_EVP_ENCRYPTFINAL_EX 127 - # define EVP_F_EVP_ENCRYPTUPDATE 167 -+# define EVP_F_EVP_KDF_CTRL 224 -+# define EVP_F_EVP_KDF_CTRL_STR 225 -+# define EVP_F_EVP_KDF_CTX_NEW_ID 226 - # define EVP_F_EVP_MD_CTX_COPY_EX 110 - # define EVP_F_EVP_MD_SIZE 162 - # define EVP_F_EVP_OPENINIT 102 -@@ -118,11 +121,13 @@ int ERR_load_EVP_strings(void); - # define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 - # define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164 - # define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 180 -+# define EVP_F_PKEY_KDF_CTRL 227 - # define EVP_F_PKEY_SET_TYPE 158 - # define EVP_F_RC2_MAGIC_TO_METH 109 - # define EVP_F_RC5_CTRL 125 - # define EVP_F_R_32_12_16_INIT_KEY 242 - # define EVP_F_S390X_AES_GCM_CTRL 201 -+# define EVP_F_SCRYPT_ALG 228 - # define EVP_F_UPDATE 173 - - /* -@@ -179,6 +184,7 @@ int ERR_load_EVP_strings(void); - # define EVP_R_ONLY_ONESHOT_SUPPORTED 177 - # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 - # define EVP_R_OPERATON_NOT_INITIALIZED 151 -+# define EVP_R_PARAMETER_TOO_LARGE 187 - # define EVP_R_OUTPUT_WOULD_OVERFLOW 184 - # define EVP_R_PARTIALLY_OVERLAPPING 162 - # define EVP_R_PBKDF2_ERROR 181 -diff -up openssl-1.1.1j/include/openssl/kdferr.h.evp-kdf openssl-1.1.1j/include/openssl/kdferr.h ---- openssl-1.1.1j/include/openssl/kdferr.h.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/kdferr.h 2021-03-03 14:08:02.493294865 +0100 -@@ -23,6 +23,23 @@ int ERR_load_KDF_strings(void); - /* - * KDF function codes. - */ -+# define KDF_F_HKDF_EXTRACT 112 -+# define KDF_F_KDF_HKDF_DERIVE 113 -+# define KDF_F_KDF_HKDF_NEW 114 -+# define KDF_F_KDF_HKDF_SIZE 115 -+# define KDF_F_KDF_MD2CTRL 116 -+# define KDF_F_KDF_PBKDF2_CTRL_STR 117 -+# define KDF_F_KDF_PBKDF2_DERIVE 118 -+# define KDF_F_KDF_PBKDF2_NEW 119 -+# define KDF_F_KDF_SCRYPT_CTRL_STR 120 -+# define KDF_F_KDF_SCRYPT_CTRL_UINT32 121 -+# define KDF_F_KDF_SCRYPT_CTRL_UINT64 122 -+# define KDF_F_KDF_SCRYPT_DERIVE 123 -+# define KDF_F_KDF_SCRYPT_NEW 124 -+# define KDF_F_KDF_TLS1_PRF_CTRL_STR 125 -+# define KDF_F_KDF_TLS1_PRF_DERIVE 126 -+# define KDF_F_KDF_TLS1_PRF_NEW 127 -+# define KDF_F_PBKDF2_SET_MEMBUF 128 - # define KDF_F_PKEY_HKDF_CTRL_STR 103 - # define KDF_F_PKEY_HKDF_DERIVE 102 - # define KDF_F_PKEY_HKDF_INIT 108 -@@ -34,6 +51,7 @@ int ERR_load_KDF_strings(void); - # define KDF_F_PKEY_TLS1_PRF_CTRL_STR 100 - # define KDF_F_PKEY_TLS1_PRF_DERIVE 101 - # define KDF_F_PKEY_TLS1_PRF_INIT 110 -+# define KDF_F_SCRYPT_SET_MEMBUF 129 - # define KDF_F_TLS1_PRF_ALG 111 - - /* -@@ -51,5 +69,6 @@ int ERR_load_KDF_strings(void); - # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 - # define KDF_R_VALUE_ERROR 108 - # define KDF_R_VALUE_MISSING 102 -+# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112 - - #endif -diff -up openssl-1.1.1j/include/openssl/kdf.h.evp-kdf openssl-1.1.1j/include/openssl/kdf.h ---- openssl-1.1.1j/include/openssl/kdf.h.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/kdf.h 2021-03-03 14:08:02.493294865 +0100 -@@ -10,10 +10,50 @@ - #ifndef HEADER_KDF_H - # define HEADER_KDF_H - -+# include - # include --#ifdef __cplusplus -+# ifdef __cplusplus - extern "C" { --#endif -+# endif -+ -+# define EVP_KDF_PBKDF2 NID_id_pbkdf2 -+# define EVP_KDF_SCRYPT NID_id_scrypt -+# define EVP_KDF_TLS1_PRF NID_tls1_prf -+# define EVP_KDF_HKDF NID_hkdf -+ -+EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); -+void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); -+ -+void EVP_KDF_reset(EVP_KDF_CTX *ctx); -+int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...); -+int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args); -+int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value); -+size_t EVP_KDF_size(EVP_KDF_CTX *ctx); -+int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); -+ -+ -+# define EVP_KDF_CTRL_SET_PASS 0x01 /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_SET_SALT 0x02 /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_SET_ITER 0x03 /* int */ -+# define EVP_KDF_CTRL_SET_MD 0x04 /* EVP_MD * */ -+# define EVP_KDF_CTRL_SET_KEY 0x05 /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_SET_MAXMEM_BYTES 0x06 /* uint64_t */ -+# define EVP_KDF_CTRL_SET_TLS_SECRET 0x07 /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_RESET_TLS_SEED 0x08 -+# define EVP_KDF_CTRL_ADD_TLS_SEED 0x09 /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_RESET_HKDF_INFO 0x0a -+# define EVP_KDF_CTRL_ADD_HKDF_INFO 0x0b /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_SET_HKDF_MODE 0x0c /* int */ -+# define EVP_KDF_CTRL_SET_SCRYPT_N 0x0d /* uint64_t */ -+# define EVP_KDF_CTRL_SET_SCRYPT_R 0x0e /* uint32_t */ -+# define EVP_KDF_CTRL_SET_SCRYPT_P 0x0f /* uint32_t */ -+ -+# define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 -+# define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 -+# define EVP_KDF_HKDF_MODE_EXPAND_ONLY 2 -+ -+ -+/**** The legacy PKEY-based KDF API follows. ****/ - - # define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL) - # define EVP_PKEY_CTRL_TLS_SECRET (EVP_PKEY_ALG_CTRL + 1) -@@ -30,9 +70,12 @@ extern "C" { - # define EVP_PKEY_CTRL_SCRYPT_P (EVP_PKEY_ALG_CTRL + 12) - # define EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES (EVP_PKEY_ALG_CTRL + 13) - --# define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND 0 --# define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1 --# define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2 -+# define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND \ -+ EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND -+# define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY \ -+ EVP_KDF_HKDF_MODE_EXTRACT_ONLY -+# define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY \ -+ EVP_KDF_HKDF_MODE_EXPAND_ONLY - - # define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \ - EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ -@@ -91,7 +134,7 @@ extern "C" { - EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, maxmem_bytes) - - --# ifdef __cplusplus -+# ifdef __cplusplus - } - # endif - #endif -diff -up openssl-1.1.1j/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1j/include/openssl/ossl_typ.h ---- openssl-1.1.1j/include/openssl/ossl_typ.h.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/ossl_typ.h 2021-03-03 14:08:02.493294865 +0100 -@@ -97,6 +97,8 @@ typedef struct evp_pkey_asn1_method_st E - typedef struct evp_pkey_method_st EVP_PKEY_METHOD; - typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; - -+typedef struct evp_kdf_ctx_st EVP_KDF_CTX; -+ - typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX; - - typedef struct hmac_ctx_st HMAC_CTX; -diff -up openssl-1.1.1j/test/build.info.evp-kdf openssl-1.1.1j/test/build.info ---- openssl-1.1.1j/test/build.info.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/test/build.info 2021-03-03 14:08:02.493294865 +0100 -@@ -44,7 +44,8 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I - ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \ - bio_callback_test bio_memleak_test \ - bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \ -- pkey_meth_test pkey_meth_kdf_test uitest cipherbytes_test \ -+ pkey_meth_test pkey_meth_kdf_test evp_kdf_test uitest \ -+ cipherbytes_test \ - asn1_encode_test asn1_decode_test asn1_string_table_test \ - x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \ - recordlentest drbgtest sslbuffertest \ -@@ -336,6 +337,10 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I - INCLUDE[pkey_meth_kdf_test]=../include - DEPEND[pkey_meth_kdf_test]=../libcrypto libtestutil.a - -+ SOURCE[evp_kdf_test]=evp_kdf_test.c -+ INCLUDE[evp_kdf_test]=../include -+ DEPEND[evp_kdf_test]=../libcrypto libtestutil.a -+ - SOURCE[x509_time_test]=x509_time_test.c - INCLUDE[x509_time_test]=../include - DEPEND[x509_time_test]=../libcrypto libtestutil.a -diff -up openssl-1.1.1j/test/evp_kdf_test.c.evp-kdf openssl-1.1.1j/test/evp_kdf_test.c ---- openssl-1.1.1j/test/evp_kdf_test.c.evp-kdf 2021-03-03 14:08:02.494294874 +0100 -+++ openssl-1.1.1j/test/evp_kdf_test.c 2021-03-03 14:08:02.494294874 +0100 -@@ -0,0 +1,237 @@ -+/* -+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+/* Tests of the EVP_KDF_CTX APIs */ -+ -+#include -+#include -+ -+#include -+#include -+#include "testutil.h" -+ -+static int test_kdf_tls1_prf(void) -+{ -+ int ret = 0; -+ EVP_KDF_CTX *kctx; -+ unsigned char out[16]; -+ -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF)) == NULL) { -+ TEST_error("EVP_KDF_TLS1_PRF"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_MD"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET, -+ "secret", (size_t)6) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_TLS_SECRET"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed", (size_t)4) <= 0) { -+ TEST_error("EVP_KDF_CTRL_ADD_TLS_SEED"); -+ goto err; -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { -+ TEST_error("EVP_KDF_derive"); -+ goto err; -+ } -+ -+ { -+ const unsigned char expected[sizeof(out)] = { -+ 0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0, -+ 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc -+ }; -+ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { -+ goto err; -+ } -+ } -+ ret = 1; -+err: -+ EVP_KDF_CTX_free(kctx); -+ return ret; -+} -+ -+static int test_kdf_hkdf(void) -+{ -+ int ret = 0; -+ EVP_KDF_CTX *kctx; -+ unsigned char out[10]; -+ -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF)) == NULL) { -+ TEST_error("EVP_KDF_HKDF"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_MD"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SALT"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KEY"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, -+ "label", (size_t)5) <= 0) { -+ TEST_error("EVP_KDF_CTRL_ADD_HKDF_INFO"); -+ goto err; -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { -+ TEST_error("EVP_KDF_derive"); -+ goto err; -+ } -+ -+ { -+ const unsigned char expected[sizeof(out)] = { -+ 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13 -+ }; -+ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { -+ goto err; -+ } -+ } -+ ret = 1; -+err: -+ EVP_KDF_CTX_free(kctx); -+ return ret; -+} -+ -+static int test_kdf_pbkdf2(void) -+{ -+ int ret = 0; -+ EVP_KDF_CTX *kctx; -+ unsigned char out[32]; -+ -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) { -+ TEST_error("EVP_KDF_PBKDF2"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_PASS"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SALT"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_ITER"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_MD"); -+ goto err; -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { -+ TEST_error("EVP_KDF_derive"); -+ goto err; -+ } -+ -+ { -+ const unsigned char expected[sizeof(out)] = { -+ 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3, -+ 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0, -+ 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf, -+ 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43 -+ }; -+ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { -+ goto err; -+ } -+ } -+ ret = 1; -+err: -+ EVP_KDF_CTX_free(kctx); -+ return ret; -+} -+ -+#ifndef OPENSSL_NO_SCRYPT -+static int test_kdf_scrypt(void) -+{ -+ int ret = 0; -+ EVP_KDF_CTX *kctx; -+ unsigned char out[64]; -+ -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT)) == NULL) { -+ TEST_error("EVP_KDF_SCRYPT"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_PASS"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl", (size_t)4) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SALT"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N, (uint64_t)1024) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SCRYPT_N"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R, (uint32_t)8) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SCRYPT_R"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P, (uint32_t)16) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SCRYPT_P"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, (uint64_t)16) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_MAXMEM_BYTES"); -+ goto err; -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) > 0) { -+ TEST_error("EVP_KDF_derive should have failed"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES, -+ (uint64_t)(10 * 1024 * 1024)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_MAXMEM_BYTES"); -+ goto err; -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { -+ TEST_error("EVP_KDF_derive"); -+ goto err; -+ } -+ -+ { -+ const unsigned char expected[sizeof(out)] = { -+ 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, -+ 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, -+ 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, -+ 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, -+ 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, -+ 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, -+ 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, -+ 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 -+ }; -+ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { -+ goto err; -+ } -+ } -+ ret = 1; -+err: -+ EVP_KDF_CTX_free(kctx); -+ return ret; -+} -+#endif -+ -+int setup_tests(void) -+{ -+ ADD_TEST(test_kdf_tls1_prf); -+ ADD_TEST(test_kdf_hkdf); -+ ADD_TEST(test_kdf_pbkdf2); -+#ifndef OPENSSL_NO_SCRYPT -+ ADD_TEST(test_kdf_scrypt); -+#endif -+ return 1; -+} -diff -up openssl-1.1.1j/test/evp_test.c.evp-kdf openssl-1.1.1j/test/evp_test.c ---- openssl-1.1.1j/test/evp_test.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/test/evp_test.c 2021-03-03 14:08:02.494294874 +0100 -@@ -1705,13 +1705,14 @@ static const EVP_TEST_METHOD encode_test - encode_test_run, - }; - -+ - /** - *** KDF TESTS - **/ - - typedef struct kdf_data_st { - /* Context for this operation */ -- EVP_PKEY_CTX *ctx; -+ EVP_KDF_CTX *ctx; - /* Expected output */ - unsigned char *output; - size_t output_len; -@@ -1738,16 +1739,11 @@ static int kdf_test_init(EVP_TEST *t, co - - if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) - return 0; -- kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL); -+ kdata->ctx = EVP_KDF_CTX_new_id(kdf_nid); - if (kdata->ctx == NULL) { - OPENSSL_free(kdata); - return 0; - } -- if (EVP_PKEY_derive_init(kdata->ctx) <= 0) { -- EVP_PKEY_CTX_free(kdata->ctx); -- OPENSSL_free(kdata); -- return 0; -- } - t->data = kdata; - return 1; - } -@@ -1756,7 +1752,42 @@ static void kdf_test_cleanup(EVP_TEST *t - { - KDF_DATA *kdata = t->data; - OPENSSL_free(kdata->output); -- EVP_PKEY_CTX_free(kdata->ctx); -+ EVP_KDF_CTX_free(kdata->ctx); -+} -+ -+static int kdf_test_ctrl(EVP_TEST *t, EVP_KDF_CTX *kctx, -+ const char *value) -+{ -+ int rv; -+ char *p, *tmpval; -+ -+ if (!TEST_ptr(tmpval = OPENSSL_strdup(value))) -+ return 0; -+ p = strchr(tmpval, ':'); -+ if (p != NULL) -+ *p++ = '\0'; -+ rv = EVP_KDF_ctrl_str(kctx, tmpval, p); -+ if (rv == -2) { -+ t->err = "KDF_CTRL_INVALID"; -+ rv = 1; -+ } else if (p != NULL && rv <= 0) { -+ /* If p has an OID and lookup fails assume disabled algorithm */ -+ int nid = OBJ_sn2nid(p); -+ -+ if (nid == NID_undef) -+ nid = OBJ_ln2nid(p); -+ if (nid != NID_undef -+ && EVP_get_digestbynid(nid) == NULL -+ && EVP_get_cipherbynid(nid) == NULL) { -+ t->skip = 1; -+ rv = 1; -+ } else { -+ t->err = "KDF_CTRL_ERROR"; -+ rv = 1; -+ } -+ } -+ OPENSSL_free(tmpval); -+ return rv > 0; - } - - static int kdf_test_parse(EVP_TEST *t, -@@ -1767,7 +1798,7 @@ static int kdf_test_parse(EVP_TEST *t, - if (strcmp(keyword, "Output") == 0) - return parse_bin(value, &kdata->output, &kdata->output_len); - if (strncmp(keyword, "Ctrl", 4) == 0) -- return pkey_test_ctrl(t, kdata->ctx, value); -+ return kdf_test_ctrl(t, kdata->ctx, value); - return 0; - } - -@@ -1781,7 +1812,7 @@ static int kdf_test_run(EVP_TEST *t) - t->err = "INTERNAL_ERROR"; - goto err; - } -- if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) { -+ if (EVP_KDF_derive(expected->ctx, got, got_len) <= 0) { - t->err = "KDF_DERIVE_ERROR"; - goto err; - } -@@ -1807,6 +1838,106 @@ static const EVP_TEST_METHOD kdf_test_me - - - /** -+*** PKEY KDF TESTS -+**/ -+ -+typedef struct pkey_kdf_data_st { -+ /* Context for this operation */ -+ EVP_PKEY_CTX *ctx; -+ /* Expected output */ -+ unsigned char *output; -+ size_t output_len; -+} PKEY_KDF_DATA; -+ -+/* -+ * Perform public key operation setup: lookup key, allocated ctx and call -+ * the appropriate initialisation function -+ */ -+static int pkey_kdf_test_init(EVP_TEST *t, const char *name) -+{ -+ PKEY_KDF_DATA *kdata; -+ int kdf_nid = OBJ_sn2nid(name); -+ -+#ifdef OPENSSL_NO_SCRYPT -+ if (strcmp(name, "scrypt") == 0) { -+ t->skip = 1; -+ return 1; -+ } -+#endif -+ -+ if (kdf_nid == NID_undef) -+ kdf_nid = OBJ_ln2nid(name); -+ -+ if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) -+ return 0; -+ kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL); -+ if (kdata->ctx == NULL) { -+ OPENSSL_free(kdata); -+ return 0; -+ } -+ if (EVP_PKEY_derive_init(kdata->ctx) <= 0) { -+ EVP_PKEY_CTX_free(kdata->ctx); -+ OPENSSL_free(kdata); -+ return 0; -+ } -+ t->data = kdata; -+ return 1; -+} -+ -+static void pkey_kdf_test_cleanup(EVP_TEST *t) -+{ -+ PKEY_KDF_DATA *kdata = t->data; -+ OPENSSL_free(kdata->output); -+ EVP_PKEY_CTX_free(kdata->ctx); -+} -+ -+static int pkey_kdf_test_parse(EVP_TEST *t, -+ const char *keyword, const char *value) -+{ -+ PKEY_KDF_DATA *kdata = t->data; -+ -+ if (strcmp(keyword, "Output") == 0) -+ return parse_bin(value, &kdata->output, &kdata->output_len); -+ if (strncmp(keyword, "Ctrl", 4) == 0) -+ return pkey_test_ctrl(t, kdata->ctx, value); -+ return 0; -+} -+ -+static int pkey_kdf_test_run(EVP_TEST *t) -+{ -+ PKEY_KDF_DATA *expected = t->data; -+ unsigned char *got = NULL; -+ size_t got_len = expected->output_len; -+ -+ if (!TEST_ptr(got = OPENSSL_malloc(got_len))) { -+ t->err = "INTERNAL_ERROR"; -+ goto err; -+ } -+ if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) { -+ t->err = "KDF_DERIVE_ERROR"; -+ goto err; -+ } -+ if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) { -+ t->err = "KDF_MISMATCH"; -+ goto err; -+ } -+ t->err = NULL; -+ -+ err: -+ OPENSSL_free(got); -+ return 1; -+} -+ -+static const EVP_TEST_METHOD pkey_kdf_test_method = { -+ "PKEYKDF", -+ pkey_kdf_test_init, -+ pkey_kdf_test_cleanup, -+ pkey_kdf_test_parse, -+ pkey_kdf_test_run -+}; -+ -+ -+/** - *** KEYPAIR TESTS - **/ - -@@ -2310,6 +2441,7 @@ static const EVP_TEST_METHOD *evp_test_l - &digestverify_test_method, - &encode_test_method, - &kdf_test_method, -+ &pkey_kdf_test_method, - &keypair_test_method, - &keygen_test_method, - &mac_test_method, -diff -up openssl-1.1.1j/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1j/test/pkey_meth_kdf_test.c ---- openssl-1.1.1j/test/pkey_meth_kdf_test.c.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/test/pkey_meth_kdf_test.c 2021-03-03 14:08:02.494294874 +0100 -@@ -1,5 +1,5 @@ - /* -- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy -@@ -18,30 +18,34 @@ - - static int test_kdf_tls1_prf(void) - { -+ int ret = 0; - EVP_PKEY_CTX *pctx; - unsigned char out[16]; - size_t outlen = sizeof(out); -- pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL); - -+ if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL)) == NULL) { -+ TEST_error("EVP_PKEY_TLS1_PRF"); -+ goto err; -+ } - if (EVP_PKEY_derive_init(pctx) <= 0) { - TEST_error("EVP_PKEY_derive_init"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0) { - TEST_error("EVP_PKEY_CTX_set_tls1_prf_md"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0) { - TEST_error("EVP_PKEY_CTX_set1_tls1_prf_secret"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0) { - TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed"); -- return 0; -+ goto err; - } - if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { - TEST_error("EVP_PKEY_derive"); -- return 0; -+ goto err; - } - - { -@@ -50,43 +54,49 @@ static int test_kdf_tls1_prf(void) - 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc - }; - if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { -- return 0; -+ goto err; - } - } -+ ret = 1; -+err: - EVP_PKEY_CTX_free(pctx); -- return 1; -+ return ret; - } - - static int test_kdf_hkdf(void) - { -+ int ret = 0; - EVP_PKEY_CTX *pctx; - unsigned char out[10]; - size_t outlen = sizeof(out); -- pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); - -+ if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) { -+ TEST_error("EVP_PKEY_HKDF"); -+ goto err; -+ } - if (EVP_PKEY_derive_init(pctx) <= 0) { - TEST_error("EVP_PKEY_derive_init"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) { - TEST_error("EVP_PKEY_CTX_set_hkdf_md"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, "salt", 4) <= 0) { - TEST_error("EVP_PKEY_CTX_set1_hkdf_salt"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set1_hkdf_key(pctx, "secret", 6) <= 0) { - TEST_error("EVP_PKEY_CTX_set1_hkdf_key"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_add1_hkdf_info(pctx, "label", 5) <= 0) { - TEST_error("EVP_PKEY_CTX_set1_hkdf_info"); -- return 0; -+ goto err; - } - if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { - TEST_error("EVP_PKEY_derive"); -- return 0; -+ goto err; - } - - { -@@ -94,60 +104,66 @@ static int test_kdf_hkdf(void) - 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13 - }; - if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { -- return 0; -+ goto err; - } - } -+ ret = 1; -+err: - EVP_PKEY_CTX_free(pctx); -- return 1; -+ return ret; - } - - #ifndef OPENSSL_NO_SCRYPT - static int test_kdf_scrypt(void) - { -+ int ret = 0; - EVP_PKEY_CTX *pctx; - unsigned char out[64]; - size_t outlen = sizeof(out); -- pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL); - -+ if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL)) == NULL) { -+ TEST_error("EVP_PKEY_SCRYPT"); -+ goto err; -+ } - if (EVP_PKEY_derive_init(pctx) <= 0) { - TEST_error("EVP_PKEY_derive_init"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set1_pbe_pass(pctx, "password", 8) <= 0) { - TEST_error("EVP_PKEY_CTX_set1_pbe_pass"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, "NaCl", 4) <= 0) { - TEST_error("EVP_PKEY_CTX_set1_scrypt_salt"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) <= 0) { - TEST_error("EVP_PKEY_CTX_set_scrypt_N"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) <= 0) { - TEST_error("EVP_PKEY_CTX_set_scrypt_r"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) <= 0) { - TEST_error("EVP_PKEY_CTX_set_scrypt_p"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 16) <= 0) { - TEST_error("EVP_PKEY_CTX_set_maxmem_bytes"); -- return 0; -+ goto err; - } - if (EVP_PKEY_derive(pctx, out, &outlen) > 0) { - TEST_error("EVP_PKEY_derive should have failed"); -- return 0; -+ goto err; - } - if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 10 * 1024 * 1024) <= 0) { - TEST_error("EVP_PKEY_CTX_set_maxmem_bytes"); -- return 0; -+ goto err; - } - if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { - TEST_error("EVP_PKEY_derive"); -- return 0; -+ goto err; - } - - { -@@ -162,11 +178,13 @@ static int test_kdf_scrypt(void) - 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 - }; - if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { -- return 0; -+ goto err; - } - } -+ ret = 1; -+err: - EVP_PKEY_CTX_free(pctx); -- return 1; -+ return ret; - } - #endif - -diff -up openssl-1.1.1j/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl-1.1.1j/test/recipes/30-test_evp_data/evpkdf.txt ---- openssl-1.1.1j/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/test/recipes/30-test_evp_data/evpkdf.txt 2021-03-03 14:08:02.494294874 +0100 -@@ -1,5 +1,5 @@ - # --# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. -+# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. - # - # Licensed under the OpenSSL license (the "License"). You may not use - # this file except in compliance with the License. You can obtain a copy -@@ -15,7 +15,7 @@ - Title = TLS1 PRF tests (from NIST test vectors) - - KDF=TLS1-PRF --Ctrl.md = md:MD5-SHA1 -+Ctrl.digest = digest:MD5-SHA1 - Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0 - Ctrl.label = seed:master secret - Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693 -@@ -23,7 +23,7 @@ Ctrl.server_random = hexseed:135e4d557fd - Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 - - KDF=TLS1-PRF --Ctrl.md = md:MD5-SHA1 -+Ctrl.digest = digest:MD5-SHA1 - Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 - Ctrl.label = seed:key expansion - Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be -@@ -31,7 +31,7 @@ Ctrl.client_random = hexseed:d58a7b1cd4f - Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d - - KDF=TLS1-PRF --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc - Ctrl.label = seed:master secret - Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c -@@ -39,7 +39,7 @@ Ctrl.server_random = hexseed:f6c9575ed7d - Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf - - KDF=TLS1-PRF --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf - Ctrl.label = seed:key expansion - Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 -@@ -48,7 +48,7 @@ Output = d06139889fffac1e3a71865f504aa5d - - # As above but use long name for KDF - KDF=tls1-prf --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf - Ctrl.label = seed:key expansion - Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 -@@ -64,7 +64,7 @@ Result = KDF_DERIVE_ERROR - - # Missing secret. - KDF=TLS1-PRF --Ctrl.md = md:MD5-SHA1 -+Ctrl.digest = digest:MD5-SHA1 - Ctrl.Seed = hexseed:02 - Output = 03 - Result = KDF_DERIVE_ERROR -@@ -72,7 +72,7 @@ Result = KDF_DERIVE_ERROR - Title = HKDF tests (from RFC5869 test vectors) - - KDF = HKDF --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b - Ctrl.salt = hexsalt:000102030405060708090a0b0c - Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 -@@ -80,20 +80,20 @@ Output = 3cb25f25faacd57a90434f64d0362f2 - - KDF = HKDF - Ctrl.mode = mode:EXTRACT_ONLY --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b - Ctrl.salt = hexsalt:000102030405060708090a0b0c - Output = 077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 - - KDF = HKDF - Ctrl.mode = mode:EXPAND_ONLY --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.IKM = hexkey:077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 - Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 - Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 - - KDF = HKDF --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f - Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf - Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff -@@ -101,20 +101,20 @@ Output = b11e398dc80327a1c8e7f78c596a493 - - KDF = HKDF - Ctrl.mode = mode:EXTRACT_ONLY --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f - Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf - Output = 06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 - - KDF = HKDF - Ctrl.mode = mode:EXPAND_ONLY --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.IKM = hexkey:06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 - Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff - Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 - - KDF = HKDF --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b - Ctrl.salt = salt: - Ctrl.info = info: -@@ -122,7 +122,7 @@ Output = 8da4e775a563c18f715f802a063c5a3 - - KDF = HKDF - Ctrl.mode = mode:EXTRACT_ONLY --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b - Ctrl.salt = salt: - Ctrl.info = info: -@@ -130,13 +130,13 @@ Output = 19ef24a32c717b167f33a91d6f648bd - - KDF = HKDF - Ctrl.mode = mode:EXPAND_ONLY --Ctrl.md = md:SHA256 -+Ctrl.digest = digest:SHA256 - Ctrl.IKM = hexkey:19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 - Ctrl.info = info: - Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 - - KDF = HKDF --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b - Ctrl.salt = hexsalt:000102030405060708090a0b0c - Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 -@@ -144,20 +144,20 @@ Output = 085a01ea1b10f36933068b56efa5ad8 - - KDF = HKDF - Ctrl.mode = mode:EXTRACT_ONLY --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b - Ctrl.salt = hexsalt:000102030405060708090a0b0c - Output = 9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 - - KDF = HKDF - Ctrl.mode = mode:EXPAND_ONLY --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 - Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 - Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 - - KDF = HKDF --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f - Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf - Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff -@@ -165,20 +165,20 @@ Output = 0bd770a74d1160f7c9f12cd5912a06e - - KDF = HKDF - Ctrl.mode = mode:EXTRACT_ONLY --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f - Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf - Output = 8adae09a2a307059478d309b26c4115a224cfaf6 - - KDF = HKDF - Ctrl.mode = mode:EXPAND_ONLY --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:8adae09a2a307059478d309b26c4115a224cfaf6 - Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff - Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 - - KDF = HKDF --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b - Ctrl.salt = salt: - Ctrl.info = info: -@@ -186,20 +186,20 @@ Output = 0ac1af7002b3d761d1e55298da9d050 - - KDF = HKDF - Ctrl.mode = mode:EXTRACT_ONLY --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b - Ctrl.salt = salt: - Output = da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 - - KDF = HKDF - Ctrl.mode = mode:EXPAND_ONLY --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 - Ctrl.info = info: - Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 - - KDF = HKDF --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c - Ctrl.salt = salt: - Ctrl.info = info: -@@ -207,14 +207,14 @@ Output = 2c91117204d745f3500d636a62f64f0 - - KDF = HKDF - Ctrl.mode = mode:EXTRACT_ONLY --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c - Ctrl.salt = salt: - Output = 2adccada18779e7c2077ad2eb19d3f3e731385dd - - KDF = HKDF - Ctrl.mode = mode:EXPAND_ONLY --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:2adccada18779e7c2077ad2eb19d3f3e731385dd - Ctrl.info = info: - Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 -@@ -227,27 +227,27 @@ Output = 00 - Result = KDF_DERIVE_ERROR - - KDF = HKDF --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.salt = salt: - Ctrl.info = info: - Output = 00 - Result = KDF_DERIVE_ERROR - - KDF = HKDF --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c - Ctrl.info = info: - Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 - - KDF = HKDF --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c - Ctrl.salt = salt: - Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 - - KDF = HKDF - Ctrl.mode = mode:EXTRACT_AND_EXPAND --Ctrl.md = md:SHA1 -+Ctrl.digest = digest:SHA1 - Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c - Ctrl.salt = salt: - Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 -@@ -303,3 +303,133 @@ Ctrl.r = r:8 - Ctrl.p = p:1 - Result = INTERNAL_ERROR - -+Title = PBKDF2 tests -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:password -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:1 -+Ctrl.digest = digest:sha1 -+Output = 0c60c80f961f0e71f3a9b524af6012062fe037a6 -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:password -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:1 -+Ctrl.digest = digest:sha256 -+Output = 120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:password -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:1 -+Ctrl.digest = digest:sha512 -+Output = 867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d470a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:password -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:2 -+Ctrl.digest = digest:sha1 -+Output = ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957 -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:password -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:2 -+Ctrl.digest = digest:sha256 -+Output = ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43 -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:password -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:2 -+Ctrl.digest = digest:sha512 -+Output = e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:password -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:4096 -+Ctrl.digest = digest:sha1 -+Output = 4b007901b765489abead49d926f721d065a429c1 -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:password -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:4096 -+Ctrl.digest = digest:sha256 -+Output = c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:password -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:4096 -+Ctrl.digest = digest:sha512 -+Output = d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5 -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:passwordPASSWORDpassword -+Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt -+Ctrl.iter = iter:4096 -+Ctrl.digest = digest:sha1 -+Output = 3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038 -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:passwordPASSWORDpassword -+Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt -+Ctrl.iter = iter:4096 -+Ctrl.digest = digest:sha256 -+Output = 348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9 -+ -+KDF = PBKDF2 -+Ctrl.pass = pass:passwordPASSWORDpassword -+Ctrl.salt = salt:saltSALTsaltSALTsaltSALTsaltSALTsalt -+Ctrl.iter = iter:4096 -+Ctrl.digest = digest:sha512 -+Output = 8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8 -+ -+KDF = PBKDF2 -+Ctrl.hexpass = hexpass:7061737300776f7264 -+Ctrl.hexsalt = hexsalt:7361006c74 -+Ctrl.iter = iter:4096 -+Ctrl.digest = digest:sha1 -+Output = 56fa6aa75548099dcc37d7f03425e0c3 -+ -+KDF = PBKDF2 -+Ctrl.hexpass = hexpass:7061737300776f7264 -+Ctrl.hexsalt = hexsalt:7361006c74 -+Ctrl.iter = iter:4096 -+Ctrl.digest = digest:sha256 -+Output = 89b69d0516f829893c696226650a8687 -+ -+KDF = PBKDF2 -+Ctrl.hexpass = hexpass:7061737300776f7264 -+Ctrl.hexsalt = hexsalt:7361006c74 -+Ctrl.iter = iter:4096 -+Ctrl.digest = digest:sha512 -+Output = 9d9e9c4cd21fe4be24d5b8244c759665 -+ -+Title = PBKDF2 tests for empty inputs -+ -+KDF = PBKDF2 -+Ctrl.pass = pass: -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:1 -+Ctrl.digest = digest:sha1 -+Output = a33dddc30478185515311f8752895d36ea4363a2 -+ -+KDF = PBKDF2 -+Ctrl.pass = pass: -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:1 -+Ctrl.digest = digest:sha256 -+Output = f135c27993baf98773c5cdb40a5706ce6a345cde -+ -+KDF = PBKDF2 -+Ctrl.pass = pass: -+Ctrl.salt = salt:salt -+Ctrl.iter = iter:1 -+Ctrl.digest = digest:sha512 -+Output = 00ef42cdbfc98d29db20976608e455567fdddf14 -+ -diff -up openssl-1.1.1j/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf openssl-1.1.1j/test/recipes/30-test_evp_data/evppkey_kdf.txt ---- openssl-1.1.1j/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf 2021-03-03 14:08:02.494294874 +0100 -+++ openssl-1.1.1j/test/recipes/30-test_evp_data/evppkey_kdf.txt 2021-03-03 14:08:02.494294874 +0100 -@@ -0,0 +1,305 @@ -+# -+# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. -+# -+# Licensed under the Apache License 2.0 (the "License"). You may not use -+# this file except in compliance with the License. You can obtain a copy -+# in the file LICENSE in the source distribution or at -+# https://www.openssl.org/source/license.html -+ -+# Tests start with one of these keywords -+# Cipher Decrypt Derive Digest Encoding KDF PKEYKDF MAC PBE -+# PrivPubKeyPair Sign Verify VerifyRecover -+# and continue until a blank line. Lines starting with a pound sign, -+# like this prolog, are ignored. -+ -+Title = TLS1 PRF tests (from NIST test vectors) -+ -+PKEYKDF=TLS1-PRF -+Ctrl.md = md:MD5-SHA1 -+Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0 -+Ctrl.label = seed:master secret -+Ctrl.client_random = hexseed:e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693 -+Ctrl.server_random = hexseed:135e4d557fdf3aa6406d82975d5c606a9734c9334b42136e96990fbd5358cdb2 -+Output = 2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 -+ -+PKEYKDF=TLS1-PRF -+Ctrl.md = md:MD5-SHA1 -+Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62 -+Ctrl.label = seed:key expansion -+Ctrl.server_random = hexseed:67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be -+Ctrl.client_random = hexseed:d58a7b1cd4fedaa232159df652ce188f9d997e061b9bf48e83b62990440931f6 -+Output = 3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d -+ -+PKEYKDF=TLS1-PRF -+Ctrl.md = md:SHA256 -+Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc -+Ctrl.label = seed:master secret -+Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c -+Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce -+Output = 202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf -+ -+PKEYKDF=TLS1-PRF -+Ctrl.md = md:SHA256 -+Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf -+Ctrl.label = seed:key expansion -+Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 -+Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616 -+Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928 -+ -+# As above but use long name for KDF -+PKEYKDF=tls1-prf -+Ctrl.md = md:SHA256 -+Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf -+Ctrl.label = seed:key expansion -+Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 -+Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616 -+Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928 -+ -+# Missing digest. -+PKEYKDF=TLS1-PRF -+Ctrl.Secret = hexsecret:01 -+Ctrl.Seed = hexseed:02 -+Output = 03 -+Result = KDF_DERIVE_ERROR -+ -+# Missing secret. -+PKEYKDF=TLS1-PRF -+Ctrl.md = md:MD5-SHA1 -+Ctrl.Seed = hexseed:02 -+Output = 03 -+Result = KDF_DERIVE_ERROR -+ -+Title = HKDF tests (from RFC5869 test vectors) -+ -+PKEYKDF = HKDF -+Ctrl.md = md:SHA256 -+Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b -+Ctrl.salt = hexsalt:000102030405060708090a0b0c -+Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 -+Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXTRACT_ONLY -+Ctrl.md = md:SHA256 -+Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b -+Ctrl.salt = hexsalt:000102030405060708090a0b0c -+Output = 077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXPAND_ONLY -+Ctrl.md = md:SHA256 -+Ctrl.IKM = hexkey:077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 -+Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 -+Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 -+ -+PKEYKDF = HKDF -+Ctrl.md = md:SHA256 -+Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f -+Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf -+Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff -+Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXTRACT_ONLY -+Ctrl.md = md:SHA256 -+Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f -+Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf -+Output = 06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXPAND_ONLY -+Ctrl.md = md:SHA256 -+Ctrl.IKM = hexkey:06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 -+Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff -+Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 -+ -+PKEYKDF = HKDF -+Ctrl.md = md:SHA256 -+Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b -+Ctrl.salt = salt: -+Ctrl.info = info: -+Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXTRACT_ONLY -+Ctrl.md = md:SHA256 -+Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b -+Ctrl.salt = salt: -+Ctrl.info = info: -+Output = 19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXPAND_ONLY -+Ctrl.md = md:SHA256 -+Ctrl.IKM = hexkey:19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 -+Ctrl.info = info: -+Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 -+ -+PKEYKDF = HKDF -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b -+Ctrl.salt = hexsalt:000102030405060708090a0b0c -+Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 -+Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXTRACT_ONLY -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b -+Ctrl.salt = hexsalt:000102030405060708090a0b0c -+Output = 9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXPAND_ONLY -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 -+Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 -+Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 -+ -+PKEYKDF = HKDF -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f -+Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf -+Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff -+Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXTRACT_ONLY -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f -+Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf -+Output = 8adae09a2a307059478d309b26c4115a224cfaf6 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXPAND_ONLY -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:8adae09a2a307059478d309b26c4115a224cfaf6 -+Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff -+Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 -+ -+PKEYKDF = HKDF -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b -+Ctrl.salt = salt: -+Ctrl.info = info: -+Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXTRACT_ONLY -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b -+Ctrl.salt = salt: -+Output = da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXPAND_ONLY -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 -+Ctrl.info = info: -+Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 -+ -+PKEYKDF = HKDF -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c -+Ctrl.salt = salt: -+Ctrl.info = info: -+Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXTRACT_ONLY -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c -+Ctrl.salt = salt: -+Output = 2adccada18779e7c2077ad2eb19d3f3e731385dd -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXPAND_ONLY -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:2adccada18779e7c2077ad2eb19d3f3e731385dd -+Ctrl.info = info: -+Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 -+ -+PKEYKDF = HKDF -+Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c -+Ctrl.salt = salt: -+Ctrl.info = info: -+Output = 00 -+Result = KDF_DERIVE_ERROR -+ -+PKEYKDF = HKDF -+Ctrl.md = md:SHA1 -+Ctrl.salt = salt: -+Ctrl.info = info: -+Output = 00 -+Result = KDF_DERIVE_ERROR -+ -+PKEYKDF = HKDF -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c -+Ctrl.info = info: -+Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 -+ -+PKEYKDF = HKDF -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c -+Ctrl.salt = salt: -+Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 -+ -+PKEYKDF = HKDF -+Ctrl.mode = mode:EXTRACT_AND_EXPAND -+Ctrl.md = md:SHA1 -+Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c -+Ctrl.salt = salt: -+Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 -+ -+Title = id-scrypt tests (from draft-josefsson-id-scrypt-kdf-03 and others) -+ -+PKEYKDF = scrypt -+Ctrl.pass = pass: -+Ctrl.salt = salt: -+Ctrl.N = N:16 -+Ctrl.r = r:1 -+Ctrl.p = p:1 -+Output = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906 -+ -+PKEYKDF = scrypt -+Ctrl.pass = pass:password -+Ctrl.salt = salt:NaCl -+Ctrl.N = N:1024 -+Ctrl.r = r:8 -+Ctrl.p = p:16 -+Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 -+ -+PKEYKDF = scrypt -+Ctrl.hexpass = hexpass:70617373776f7264 -+Ctrl.salt = salt:NaCl -+Ctrl.N = N:1024 -+Ctrl.r = r:8 -+Ctrl.p = p:16 -+Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 -+ -+PKEYKDF = scrypt -+Ctrl.pass = pass:password -+Ctrl.hexsalt = hexsalt:4e61436c -+Ctrl.N = N:1024 -+Ctrl.r = r:8 -+Ctrl.p = p:16 -+Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 -+ -+PKEYKDF = scrypt -+Ctrl.pass = pass:pleaseletmein -+Ctrl.salt = salt:SodiumChloride -+Ctrl.N = N:16384 -+Ctrl.r = r:8 -+Ctrl.p = p:1 -+Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887 -+ -+# Out of memory -+PKEYKDF = scrypt -+Ctrl.pass = pass:pleaseletmein -+Ctrl.salt = salt:SodiumChloride -+Ctrl.N = N:1048576 -+Ctrl.r = r:8 -+Ctrl.p = p:1 -+Result = INTERNAL_ERROR -+ -diff -up openssl-1.1.1j/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1j/test/recipes/30-test_evp_kdf.t ---- openssl-1.1.1j/test/recipes/30-test_evp_kdf.t.evp-kdf 2021-03-03 14:08:02.494294874 +0100 -+++ openssl-1.1.1j/test/recipes/30-test_evp_kdf.t 2021-03-03 14:08:02.494294874 +0100 -@@ -0,0 +1,13 @@ -+#! /usr/bin/env perl -+# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. -+# Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. -+# -+# Licensed under the Apache License 2.0 (the "License"). You may not use -+# this file except in compliance with the License. You can obtain a copy -+# in the file LICENSE in the source distribution or at -+# https://www.openssl.org/source/license.html -+ -+ -+use OpenSSL::Test::Simple; -+ -+simple_test("test_evp_kdf", "evp_kdf_test"); -diff -up openssl-1.1.1j/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1j/test/recipes/30-test_evp.t ---- openssl-1.1.1j/test/recipes/30-test_evp.t.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/test/recipes/30-test_evp.t 2021-03-03 14:08:02.495294883 +0100 -@@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT data_file/ - setup("test_evp"); - - my @files = ( "evpciph.txt", "evpdigest.txt", "evpencod.txt", "evpkdf.txt", -- "evpmac.txt", "evppbe.txt", "evppkey.txt", "evppkey_ecc.txt", -+ "evppkey_kdf.txt", "evpmac.txt", "evppbe.txt", "evppkey.txt", "evppkey_ecc.txt", - "evpcase.txt", "evpccmcavs.txt" ); - - plan tests => scalar(@files); -diff -up openssl-1.1.1j/util/libcrypto.num.evp-kdf openssl-1.1.1j/util/libcrypto.num ---- openssl-1.1.1j/util/libcrypto.num.evp-kdf 2021-03-03 14:08:02.481294758 +0100 -+++ openssl-1.1.1j/util/libcrypto.num 2021-03-03 14:08:02.495294883 +0100 -@@ -4626,3 +4626,11 @@ FIPS_drbg_get_strength - FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION: - FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION: - FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION: -+EVP_KDF_CTX_new_id 6590 1_1_1b EXIST::FUNCTION: -+EVP_KDF_CTX_free 6591 1_1_1b EXIST::FUNCTION: -+EVP_KDF_reset 6592 1_1_1b EXIST::FUNCTION: -+EVP_KDF_ctrl 6593 1_1_1b EXIST::FUNCTION: -+EVP_KDF_vctrl 6594 1_1_1b EXIST::FUNCTION: -+EVP_KDF_ctrl_str 6595 1_1_1b EXIST::FUNCTION: -+EVP_KDF_size 6596 1_1_1b EXIST::FUNCTION: -+EVP_KDF_derive 6597 1_1_1b EXIST::FUNCTION: -diff -up openssl-1.1.1j/util/private.num.evp-kdf openssl-1.1.1j/util/private.num ---- openssl-1.1.1j/util/private.num.evp-kdf 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/util/private.num 2021-03-03 14:08:02.495294883 +0100 -@@ -21,6 +21,7 @@ CRYPTO_EX_dup - CRYPTO_EX_free datatype - CRYPTO_EX_new datatype - DTLS_timer_cb datatype -+EVP_KDF_CTX datatype - EVP_PKEY_gen_cb datatype - EVP_PKEY_METHOD datatype - EVP_PKEY_ASN1_METHOD datatype diff --git a/openssl-1.1.1-fips-crng-test.patch b/openssl-1.1.1-fips-crng-test.patch deleted file mode 100644 index 267a3ea..0000000 --- a/openssl-1.1.1-fips-crng-test.patch +++ /dev/null @@ -1,408 +0,0 @@ -diff -up openssl-1.1.1g/crypto/rand/build.info.crng-test openssl-1.1.1g/crypto/rand/build.info ---- openssl-1.1.1g/crypto/rand/build.info.crng-test 2020-04-23 13:30:45.863389837 +0200 -+++ openssl-1.1.1g/crypto/rand/build.info 2020-04-23 13:31:55.847069892 +0200 -@@ -1,6 +1,6 @@ - LIBS=../../libcrypto - SOURCE[../../libcrypto]=\ -- randfile.c rand_lib.c rand_err.c rand_egd.c \ -+ randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \ - rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c - - INCLUDE[drbg_ctr.o]=../modes -diff -up openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1g/crypto/rand/drbg_lib.c ---- openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test 2020-04-23 13:30:45.818390686 +0200 -+++ openssl-1.1.1g/crypto/rand/drbg_lib.c 2020-04-23 13:30:45.864389819 +0200 -@@ -67,7 +67,7 @@ static CRYPTO_THREAD_LOCAL private_drbg; - - - /* NIST SP 800-90A DRBG recommends the use of a personalization string. */ --static const char ossl_pers_string[] = "OpenSSL NIST SP 800-90A DRBG"; -+static const char ossl_pers_string[] = DRBG_DEFAULT_PERS_STRING; - - static CRYPTO_ONCE rand_drbg_init = CRYPTO_ONCE_STATIC_INIT; - -@@ -201,8 +201,13 @@ static RAND_DRBG *rand_drbg_new(int secu - drbg->parent = parent; - - if (parent == NULL) { -+#ifdef OPENSSL_FIPS -+ drbg->get_entropy = rand_crngt_get_entropy; -+ drbg->cleanup_entropy = rand_crngt_cleanup_entropy; -+#else - drbg->get_entropy = rand_drbg_get_entropy; - drbg->cleanup_entropy = rand_drbg_cleanup_entropy; -+#endif - #ifndef RAND_DRBG_GET_RANDOM_NONCE - drbg->get_nonce = rand_drbg_get_nonce; - drbg->cleanup_nonce = rand_drbg_cleanup_nonce; -diff -up openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1g/crypto/rand/rand_crng_test.c ---- openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test 2020-04-23 13:30:45.864389819 +0200 -+++ openssl-1.1.1g/crypto/rand/rand_crng_test.c 2020-04-23 13:30:45.864389819 +0200 -@@ -0,0 +1,118 @@ -+/* -+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+/* -+ * Implementation of the FIPS 140-2 section 4.9.2 Conditional Tests. -+ */ -+ -+#include -+#include -+#include "crypto/rand.h" -+#include "internal/thread_once.h" -+#include "rand_local.h" -+ -+static RAND_POOL *crngt_pool; -+static unsigned char crngt_prev[EVP_MAX_MD_SIZE]; -+ -+int (*crngt_get_entropy)(unsigned char *, unsigned char *, unsigned int *) -+ = &rand_crngt_get_entropy_cb; -+ -+int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md, -+ unsigned int *md_size) -+{ -+ int r; -+ size_t n; -+ unsigned char *p; -+ -+ n = rand_pool_acquire_entropy(crngt_pool); -+ if (n >= CRNGT_BUFSIZ) { -+ p = rand_pool_detach(crngt_pool); -+ r = EVP_Digest(p, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL); -+ if (r != 0) -+ memcpy(buf, p, CRNGT_BUFSIZ); -+ rand_pool_reattach(crngt_pool, p); -+ return r; -+ } -+ return 0; -+} -+ -+void rand_crngt_cleanup(void) -+{ -+ rand_pool_free(crngt_pool); -+ crngt_pool = NULL; -+} -+ -+int rand_crngt_init(void) -+{ -+ unsigned char buf[CRNGT_BUFSIZ]; -+ -+ if ((crngt_pool = rand_pool_new(0, 1, CRNGT_BUFSIZ, CRNGT_BUFSIZ)) == NULL) -+ return 0; -+ if (crngt_get_entropy(buf, crngt_prev, NULL)) { -+ OPENSSL_cleanse(buf, sizeof(buf)); -+ return 1; -+ } -+ rand_crngt_cleanup(); -+ return 0; -+} -+ -+static CRYPTO_ONCE rand_crngt_init_flag = CRYPTO_ONCE_STATIC_INIT; -+DEFINE_RUN_ONCE_STATIC(do_rand_crngt_init) -+{ -+ return OPENSSL_init_crypto(0, NULL) -+ && rand_crngt_init() -+ && OPENSSL_atexit(&rand_crngt_cleanup); -+} -+ -+int rand_crngt_single_init(void) -+{ -+ return RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init); -+} -+ -+size_t rand_crngt_get_entropy(RAND_DRBG *drbg, -+ unsigned char **pout, -+ int entropy, size_t min_len, size_t max_len, -+ int prediction_resistance) -+{ -+ unsigned char buf[CRNGT_BUFSIZ], md[EVP_MAX_MD_SIZE]; -+ unsigned int sz; -+ RAND_POOL *pool; -+ size_t q, r = 0, s, t = 0; -+ int attempts = 3; -+ -+ if (!RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init)) -+ return 0; -+ -+ if ((pool = rand_pool_new(entropy, 1, min_len, max_len)) == NULL) -+ return 0; -+ -+ while ((q = rand_pool_bytes_needed(pool, 1)) > 0 && attempts-- > 0) { -+ s = q > sizeof(buf) ? sizeof(buf) : q; -+ if (!crngt_get_entropy(buf, md, &sz) -+ || memcmp(crngt_prev, md, sz) == 0 -+ || !rand_pool_add(pool, buf, s, s * 8)) -+ goto err; -+ memcpy(crngt_prev, md, sz); -+ t += s; -+ attempts++; -+ } -+ r = t; -+ *pout = rand_pool_detach(pool); -+err: -+ OPENSSL_cleanse(buf, sizeof(buf)); -+ rand_pool_free(pool); -+ return r; -+} -+ -+void rand_crngt_cleanup_entropy(RAND_DRBG *drbg, -+ unsigned char *out, size_t outlen) -+{ -+ OPENSSL_secure_clear_free(out, outlen); -+} -diff -up openssl-1.1.1g/crypto/rand/rand_local.h.crng-test openssl-1.1.1g/crypto/rand/rand_local.h ---- openssl-1.1.1g/crypto/rand/rand_local.h.crng-test 2020-04-23 13:30:45.470397250 +0200 -+++ openssl-1.1.1g/crypto/rand/rand_local.h 2020-04-23 13:30:45.864389819 +0200 -@@ -33,7 +33,15 @@ - # define MASTER_RESEED_TIME_INTERVAL (60*60) /* 1 hour */ - # define SLAVE_RESEED_TIME_INTERVAL (7*60) /* 7 minutes */ - -- -+/* -+ * The number of bytes that constitutes an atomic lump of entropy with respect -+ * to the FIPS 140-2 section 4.9.2 Conditional Tests. The size is somewhat -+ * arbitrary, the smaller the value, the less entropy is consumed on first -+ * read but the higher the probability of the test failing by accident. -+ * -+ * The value is in bytes. -+ */ -+#define CRNGT_BUFSIZ 16 - - /* - * Maximum input size for the DRBG (entropy, nonce, personalization string) -@@ -44,6 +52,8 @@ - */ - # define DRBG_MAX_LENGTH INT32_MAX - -+/* The default nonce */ -+# define DRBG_DEFAULT_PERS_STRING "OpenSSL NIST SP 800-90A DRBG" - - /* - * Maximum allocation size for RANDOM_POOL buffers -@@ -296,4 +306,22 @@ int rand_drbg_enable_locking(RAND_DRBG * - /* initializes the AES-CTR DRBG implementation */ - int drbg_ctr_init(RAND_DRBG *drbg); - -+/* -+ * Entropy call back for the FIPS 140-2 section 4.9.2 Conditional Tests. -+ * These need to be exposed for the unit tests. -+ */ -+int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md, -+ unsigned int *md_size); -+extern int (*crngt_get_entropy)(unsigned char *buf, unsigned char *md, -+ unsigned int *md_size); -+int rand_crngt_init(void); -+void rand_crngt_cleanup(void); -+ -+/* -+ * Expose the run once initialisation function for the unit tests because. -+ * they need to restart from scratch to validate the first block is skipped -+ * properly. -+ */ -+int rand_crngt_single_init(void); -+ - #endif -diff -up openssl-1.1.1g/include/crypto/rand.h.crng-test openssl-1.1.1g/include/crypto/rand.h ---- openssl-1.1.1g/include/crypto/rand.h.crng-test 2020-04-23 13:30:45.824390573 +0200 -+++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:30:45.864389819 +0200 -@@ -49,6 +49,14 @@ size_t rand_drbg_get_additional_data(RAN - - void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out); - -+/* CRNG test entropy filter callbacks. */ -+size_t rand_crngt_get_entropy(RAND_DRBG *drbg, -+ unsigned char **pout, -+ int entropy, size_t min_len, size_t max_len, -+ int prediction_resistance); -+void rand_crngt_cleanup_entropy(RAND_DRBG *drbg, -+ unsigned char *out, size_t outlen); -+ - /* - * RAND_POOL functions - */ -diff -up openssl-1.1.1g/test/drbgtest.c.crng-test openssl-1.1.1g/test/drbgtest.c ---- openssl-1.1.1g/test/drbgtest.c.crng-test 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/test/drbgtest.c 2020-04-23 13:30:45.865389800 +0200 -@@ -150,6 +150,31 @@ static size_t kat_nonce(RAND_DRBG *drbg, - return t->noncelen; - } - -+ /* -+ * Disable CRNG testing if it is enabled. -+ * If the DRBG is ready or in an error state, this means an instantiate cycle -+ * for which the default personalisation string is used. -+ */ -+static int disable_crngt(RAND_DRBG *drbg) -+{ -+ static const char pers[] = DRBG_DEFAULT_PERS_STRING; -+ const int instantiate = drbg->state != DRBG_UNINITIALISED; -+ -+ if (drbg->get_entropy != rand_crngt_get_entropy) -+ return 1; -+ -+ if ((instantiate && !RAND_DRBG_uninstantiate(drbg)) -+ || !TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_drbg_get_entropy, -+ &rand_drbg_cleanup_entropy, -+ &rand_drbg_get_nonce, -+ &rand_drbg_cleanup_nonce)) -+ || (instantiate -+ && !RAND_DRBG_instantiate(drbg, (const unsigned char *)pers, -+ sizeof(pers) - 1))) -+ return 0; -+ return 1; -+} -+ - static int uninstantiate(RAND_DRBG *drbg) - { - int ret = drbg == NULL ? 1 : RAND_DRBG_uninstantiate(drbg); -@@ -175,7 +200,8 @@ static int single_kat(DRBG_SELFTEST_DATA - if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL))) - return 0; - if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, -- kat_nonce, NULL))) { -+ kat_nonce, NULL)) -+ || !TEST_true(disable_crngt(drbg))) { - failures++; - goto err; - } -@@ -293,7 +319,8 @@ static int error_check(DRBG_SELFTEST_DAT - unsigned int reseed_counter_tmp; - int ret = 0; - -- if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL))) -+ if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL)) -+ || !TEST_true(disable_crngt(drbg))) - goto err; - - /* -@@ -740,6 +767,10 @@ static int test_rand_drbg_reseed(void) - || !TEST_ptr_eq(private->parent, master)) - return 0; - -+ /* Disable CRNG testing for the master DRBG */ -+ if (!TEST_true(disable_crngt(master))) -+ return 0; -+ - /* uninstantiate the three global DRBGs */ - RAND_DRBG_uninstantiate(private); - RAND_DRBG_uninstantiate(public); -@@ -964,7 +995,8 @@ static int test_rand_seed(void) - size_t rand_buflen; - size_t required_seed_buflen = 0; - -- if (!TEST_ptr(master = RAND_DRBG_get0_master())) -+ if (!TEST_ptr(master = RAND_DRBG_get0_master()) -+ || !TEST_true(disable_crngt(master))) - return 0; - - #ifdef OPENSSL_RAND_SEED_NONE -@@ -1013,6 +1045,95 @@ static int test_rand_add(void) - return 1; - } - -+/* -+ * A list of the FIPS DRGB types. -+ */ -+static const struct s_drgb_types { -+ int nid; -+ int flags; -+} drgb_types[] = { -+ { NID_aes_128_ctr, 0 }, -+ { NID_aes_192_ctr, 0 }, -+ { NID_aes_256_ctr, 0 }, -+}; -+ -+/* Six cases for each covers seed sizes up to 32 bytes */ -+static const size_t crngt_num_cases = 6; -+ -+static size_t crngt_case, crngt_idx; -+ -+static int crngt_entropy_cb(unsigned char *buf, unsigned char *md, -+ unsigned int *md_size) -+{ -+ size_t i, z; -+ -+ if (!TEST_int_lt(crngt_idx, crngt_num_cases)) -+ return 0; -+ /* Generate a block of unique data unless this is the duplication point */ -+ z = crngt_idx++; -+ if (z > 0 && crngt_case == z) -+ z--; -+ for (i = 0; i < CRNGT_BUFSIZ; i++) -+ buf[i] = (unsigned char)(i + 'A' + z); -+ return EVP_Digest(buf, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL); -+} -+ -+static int test_crngt(int n) -+{ -+ const struct s_drgb_types *dt = drgb_types + n / crngt_num_cases; -+ RAND_DRBG *drbg = NULL; -+ unsigned char buff[100]; -+ size_t ent; -+ int res = 0; -+ int expect; -+ -+ if (!TEST_true(rand_crngt_single_init())) -+ return 0; -+ rand_crngt_cleanup(); -+ -+ if (!TEST_ptr(drbg = RAND_DRBG_new(dt->nid, dt->flags, NULL))) -+ return 0; -+ ent = (drbg->min_entropylen + CRNGT_BUFSIZ - 1) / CRNGT_BUFSIZ; -+ crngt_case = n % crngt_num_cases; -+ crngt_idx = 0; -+ crngt_get_entropy = &crngt_entropy_cb; -+ if (!TEST_true(rand_crngt_init())) -+ goto err; -+#ifndef OPENSSL_FIPS -+ if (!TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_crngt_get_entropy, -+ &rand_crngt_cleanup_entropy, -+ &rand_drbg_get_nonce, -+ &rand_drbg_cleanup_nonce))) -+ goto err; -+#endif -+ expect = crngt_case == 0 || crngt_case > ent; -+ if (!TEST_int_eq(RAND_DRBG_instantiate(drbg, NULL, 0), expect)) -+ goto err; -+ if (!expect) -+ goto fin; -+ if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0))) -+ goto err; -+ -+ expect = crngt_case == 0 || crngt_case > 2 * ent; -+ if (!TEST_int_eq(RAND_DRBG_reseed(drbg, NULL, 0, 0), expect)) -+ goto err; -+ if (!expect) -+ goto fin; -+ if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0))) -+ goto err; -+ -+fin: -+ res = 1; -+err: -+ if (!res) -+ TEST_note("DRBG %zd case %zd block %zd", n / crngt_num_cases, -+ crngt_case, crngt_idx); -+ uninstantiate(drbg); -+ RAND_DRBG_free(drbg); -+ crngt_get_entropy = &rand_crngt_get_entropy_cb; -+ return res; -+} -+ - int setup_tests(void) - { - app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL); -@@ -1025,5 +1146,6 @@ int setup_tests(void) - #if defined(OPENSSL_THREADS) - ADD_TEST(test_multi_thread); - #endif -+ ADD_ALL_TESTS(test_crngt, crngt_num_cases * OSSL_NELEM(drgb_types)); - return 1; - } diff --git a/openssl-1.1.1-fips-curves.patch b/openssl-1.1.1-fips-curves.patch deleted file mode 100644 index 33e9fc5..0000000 --- a/openssl-1.1.1-fips-curves.patch +++ /dev/null @@ -1,200 +0,0 @@ -diff -up openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves openssl-1.1.1g/crypto/ec/ec_curve.c ---- openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves 2020-05-18 12:59:54.839643980 +0200 -+++ openssl-1.1.1g/crypto/ec/ec_curve.c 2020-05-18 12:59:54.852644093 +0200 -@@ -13,6 +13,7 @@ - #include - #include - #include -+#include - #include "internal/nelem.h" - - typedef struct { -@@ -237,6 +238,7 @@ static const struct { - - typedef struct _ec_list_element_st { - int nid; -+ int fips_allowed; - const EC_CURVE_DATA *data; - const EC_METHOD *(*meth) (void); - const char *comment; -@@ -246,23 +248,23 @@ static const ec_list_element curve_list[ - /* prime field curves */ - /* secg curves */ - #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 -- {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, -+ {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, - "NIST/SECG curve over a 224 bit prime field"}, - #else -- {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, -+ {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, 0, - "NIST/SECG curve over a 224 bit prime field"}, - #endif -- {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, -+ {NID_secp256k1, 0, &_EC_SECG_PRIME_256K1.h, 0, - "SECG curve over a 256 bit prime field"}, - /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ -- {NID_secp384r1, &_EC_NIST_PRIME_384.h, -+ {NID_secp384r1, 1, &_EC_NIST_PRIME_384.h, - # if defined(S390X_EC_ASM) - EC_GFp_s390x_nistp384_method, - # else - 0, - # endif - "NIST/SECG curve over a 384 bit prime field"}, -- {NID_secp521r1, &_EC_NIST_PRIME_521.h, -+ {NID_secp521r1, 1, &_EC_NIST_PRIME_521.h, - # if defined(S390X_EC_ASM) - EC_GFp_s390x_nistp521_method, - # elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) -@@ -272,7 +274,7 @@ static const ec_list_element curve_list[ - # endif - "NIST/SECG curve over a 521 bit prime field"}, - /* X9.62 curves */ -- {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, -+ {NID_X9_62_prime256v1, 1, &_EC_X9_62_PRIME_256V1.h, - #if defined(ECP_NISTZ256_ASM) - EC_GFp_nistz256_method, - # elif defined(S390X_EC_ASM) -@@ -404,6 +406,10 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int - - for (i = 0; i < curve_list_length; i++) - if (curve_list[i].nid == nid) { -+ if (!curve_list[i].fips_allowed && FIPS_mode()) { -+ ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_NOT_A_NIST_PRIME); -+ return NULL; -+ } - ret = ec_group_new_from_data(curve_list[i]); - break; - } -@@ -418,19 +424,31 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int - - size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems) - { -- size_t i, min; -+ size_t i, j, num; -+ int fips_mode = FIPS_mode(); - -- if (r == NULL || nitems == 0) -- return curve_list_length; -+ num = curve_list_length; -+ if (fips_mode) -+ for (i = 0; i < curve_list_length; i++) { -+ if (!curve_list[i].fips_allowed) -+ --num; -+ } - -- min = nitems < curve_list_length ? nitems : curve_list_length; -+ if (r == NULL || nitems == 0) { -+ return num; -+ } - -- for (i = 0; i < min; i++) { -- r[i].nid = curve_list[i].nid; -- r[i].comment = curve_list[i].comment; -+ for (i = 0, j = 0; i < curve_list_length; i++) { -+ if (j >= nitems) -+ break; -+ if (!fips_mode || curve_list[i].fips_allowed) { -+ r[j].nid = curve_list[i].nid; -+ r[j].comment = curve_list[i].comment; -+ ++j; -+ } - } - -- return curve_list_length; -+ return num; - } - - /* Functions to translate between common NIST curve names and NIDs */ -diff -up openssl-1.1.1g/ssl/t1_lib.c.fips-curves openssl-1.1.1g/ssl/t1_lib.c ---- openssl-1.1.1g/ssl/t1_lib.c.fips-curves 2020-05-18 12:59:54.797643616 +0200 -+++ openssl-1.1.1g/ssl/t1_lib.c 2020-05-18 13:03:54.748725463 +0200 -@@ -678,6 +678,36 @@ static const uint16_t tls12_sigalgs[] = - #endif - }; - -+static const uint16_t tls12_fips_sigalgs[] = { -+#ifndef OPENSSL_NO_EC -+ TLSEXT_SIGALG_ecdsa_secp256r1_sha256, -+ TLSEXT_SIGALG_ecdsa_secp384r1_sha384, -+ TLSEXT_SIGALG_ecdsa_secp521r1_sha512, -+#endif -+ -+ TLSEXT_SIGALG_rsa_pss_pss_sha256, -+ TLSEXT_SIGALG_rsa_pss_pss_sha384, -+ TLSEXT_SIGALG_rsa_pss_pss_sha512, -+ TLSEXT_SIGALG_rsa_pss_rsae_sha256, -+ TLSEXT_SIGALG_rsa_pss_rsae_sha384, -+ TLSEXT_SIGALG_rsa_pss_rsae_sha512, -+ -+ TLSEXT_SIGALG_rsa_pkcs1_sha256, -+ TLSEXT_SIGALG_rsa_pkcs1_sha384, -+ TLSEXT_SIGALG_rsa_pkcs1_sha512, -+ -+#ifndef OPENSSL_NO_EC -+ TLSEXT_SIGALG_ecdsa_sha224, -+#endif -+ TLSEXT_SIGALG_rsa_pkcs1_sha224, -+#ifndef OPENSSL_NO_DSA -+ TLSEXT_SIGALG_dsa_sha224, -+ TLSEXT_SIGALG_dsa_sha256, -+ TLSEXT_SIGALG_dsa_sha384, -+ TLSEXT_SIGALG_dsa_sha512, -+#endif -+}; -+ - #ifndef OPENSSL_NO_EC - static const uint16_t suiteb_sigalgs[] = { - TLSEXT_SIGALG_ecdsa_secp256r1_sha256, -@@ -894,6 +924,8 @@ static const SIGALG_LOOKUP *tls1_get_leg - } - if (idx < 0 || idx >= (int)OSSL_NELEM(tls_default_sigalg)) - return NULL; -+ if (FIPS_mode()) /* We do not allow legacy SHA1 signatures in FIPS mode */ -+ return NULL; - if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) { - const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(tls_default_sigalg[idx]); - -@@ -954,6 +986,9 @@ size_t tls12_get_psigalgs(SSL *s, int se - } else if (s->cert->conf_sigalgs) { - *psigs = s->cert->conf_sigalgs; - return s->cert->conf_sigalgslen; -+ } else if (FIPS_mode()) { -+ *psigs = tls12_fips_sigalgs; -+ return OSSL_NELEM(tls12_fips_sigalgs); - } else { - *psigs = tls12_sigalgs; - return OSSL_NELEM(tls12_sigalgs); -@@ -973,6 +1008,9 @@ int tls_check_sigalg_curve(const SSL *s, - if (s->cert->conf_sigalgs) { - sigs = s->cert->conf_sigalgs; - siglen = s->cert->conf_sigalgslen; -+ } else if (FIPS_mode()) { -+ sigs = tls12_fips_sigalgs; -+ siglen = OSSL_NELEM(tls12_fips_sigalgs); - } else { - sigs = tls12_sigalgs; - siglen = OSSL_NELEM(tls12_sigalgs); -@@ -1617,6 +1655,8 @@ static int tls12_sigalg_allowed(const SS - if (lu->sig == NID_id_GostR3410_2012_256 - || lu->sig == NID_id_GostR3410_2012_512 - || lu->sig == NID_id_GostR3410_2001) { -+ if (FIPS_mode()) -+ return 0; - /* We never allow GOST sig algs on the server with TLSv1.3 */ - if (s->server && SSL_IS_TLS13(s)) - return 0; -@@ -2842,6 +2882,13 @@ int tls_choose_sigalg(SSL *s, int fatale - const uint16_t *sent_sigs; - size_t sent_sigslen; - -+ if (fatalerrs && FIPS_mode()) { -+ /* There are no suitable legacy algorithms in FIPS mode */ -+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, -+ SSL_F_TLS_CHOOSE_SIGALG, -+ SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); -+ return 0; -+ } - if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) { - if (!fatalerrs) - return 1; diff --git a/openssl-1.1.1-fips-dh.patch b/openssl-1.1.1-fips-dh.patch deleted file mode 100644 index e1c739b..0000000 --- a/openssl-1.1.1-fips-dh.patch +++ /dev/null @@ -1,2730 +0,0 @@ -diff -up openssl-1.1.1j/crypto/bn/bn_const.c.fips-dh openssl-1.1.1j/crypto/bn/bn_const.c ---- openssl-1.1.1j/crypto/bn/bn_const.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/bn/bn_const.c 2021-03-03 14:23:27.403092418 +0100 -@@ -1,13 +1,17 @@ - /* -- * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved. - * -- * Licensed under the OpenSSL license (the "License"). You may not use -+ * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - - #include -+#include "crypto/bn_dh.h" -+ -+#define COPY_BN(dst, src) (dst != NULL) ? BN_copy(dst, &src) : BN_dup(&src) -+ - - /*- - * "First Oakley Default Group" from RFC2409, section 6.1. -@@ -80,33 +84,7 @@ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM - - BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn) - { -- static const unsigned char RFC3526_PRIME_1536[] = { -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, -- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, -- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, -- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, -- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, -- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, -- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, -- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, -- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, -- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, -- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, -- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, -- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, -- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, -- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, -- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, -- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, -- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, -- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, -- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, -- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, -- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x23, 0x73, 0x27, -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- }; -- return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn); -+ return COPY_BN(bn, _bignum_modp_1536_p); - } - - /*- -@@ -119,41 +97,7 @@ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM - - BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn) - { -- static const unsigned char RFC3526_PRIME_2048[] = { -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, -- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, -- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, -- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, -- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, -- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, -- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, -- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, -- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, -- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, -- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, -- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, -- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, -- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, -- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, -- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, -- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, -- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, -- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, -- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, -- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, -- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, -- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, -- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, -- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, -- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, -- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, -- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, -- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, -- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- }; -- return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn); -+ return COPY_BN(bn, _bignum_modp_2048_p); - } - - /*- -@@ -166,57 +110,7 @@ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM - - BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn) - { -- static const unsigned char RFC3526_PRIME_3072[] = { -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, -- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, -- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, -- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, -- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, -- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, -- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, -- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, -- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, -- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, -- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, -- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, -- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, -- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, -- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, -- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, -- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, -- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, -- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, -- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, -- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, -- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, -- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, -- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, -- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, -- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, -- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, -- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, -- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, -- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, -- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, -- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, -- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, -- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, -- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, -- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, -- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, -- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, -- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, -- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, -- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, -- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, -- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, -- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, -- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, -- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- }; -- return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn); -+ return COPY_BN(bn, _bignum_modp_3072_p); - } - - /*- -@@ -229,73 +123,7 @@ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM - - BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn) - { -- static const unsigned char RFC3526_PRIME_4096[] = { -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, -- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, -- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, -- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, -- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, -- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, -- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, -- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, -- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, -- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, -- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, -- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, -- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, -- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, -- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, -- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, -- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, -- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, -- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, -- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, -- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, -- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, -- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, -- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, -- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, -- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, -- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, -- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, -- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, -- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, -- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, -- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, -- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, -- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, -- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, -- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, -- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, -- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, -- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, -- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, -- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, -- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, -- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, -- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, -- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, -- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, -- 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, -- 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, -- 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, -- 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, -- 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, -- 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, -- 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, -- 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, -- 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, -- 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, -- 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, -- 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, -- 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, -- 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, -- 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, -- 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- }; -- return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn); -+ return COPY_BN(bn, _bignum_modp_4096_p); - } - - /*- -@@ -308,105 +136,7 @@ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM - - BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn) - { -- static const unsigned char RFC3526_PRIME_6144[] = { -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, -- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, -- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, -- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, -- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, -- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, -- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, -- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, -- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, -- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, -- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, -- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, -- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, -- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, -- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, -- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, -- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, -- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, -- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, -- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, -- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, -- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, -- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, -- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, -- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, -- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, -- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, -- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, -- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, -- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, -- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, -- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, -- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, -- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, -- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, -- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, -- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, -- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, -- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, -- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, -- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, -- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, -- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, -- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, -- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, -- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, -- 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, -- 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, -- 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, -- 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, -- 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, -- 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, -- 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, -- 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, -- 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, -- 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, -- 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, -- 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, -- 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, -- 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, -- 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, -- 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, -- 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, -- 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE, -- 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD, -- 0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, -- 0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE, -- 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, -- 0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, -- 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED, -- 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B, -- 0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, -- 0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42, -- 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF, -- 0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, -- 0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03, -- 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6, -- 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, -- 0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E, -- 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3, -- 0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, -- 0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, -- 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, -- 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, -- 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0, -- 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28, -- 0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, -- 0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, -- 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, -- 0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, -- 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68, -- 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE, -- 0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, -- 0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xCC, 0x40, 0x24, -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- }; -- return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn); -+ return COPY_BN(bn, _bignum_modp_6144_p); - } - - /*- -@@ -419,135 +149,5 @@ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM - - BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn) - { -- static const unsigned char RFC3526_PRIME_8192[] = { -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, -- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, -- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, -- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, -- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, -- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, -- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, -- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, -- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, -- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, -- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, -- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, -- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, -- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, -- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, -- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, -- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, -- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, -- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, -- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, -- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, -- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, -- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, -- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, -- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, -- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, -- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, -- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, -- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, -- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, -- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, -- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, -- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, -- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, -- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, -- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, -- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, -- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, -- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, -- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, -- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, -- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, -- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, -- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, -- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, -- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, -- 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, -- 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, -- 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, -- 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, -- 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, -- 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, -- 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, -- 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, -- 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, -- 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, -- 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, -- 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, -- 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, -- 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, -- 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, -- 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, -- 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, -- 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE, -- 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD, -- 0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, -- 0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE, -- 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, -- 0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, -- 0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED, -- 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B, -- 0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, -- 0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42, -- 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF, -- 0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, -- 0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03, -- 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6, -- 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, -- 0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E, -- 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3, -- 0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, -- 0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, -- 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, -- 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, -- 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0, -- 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28, -- 0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, -- 0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0, -- 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, -- 0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, -- 0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68, -- 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE, -- 0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, -- 0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xBE, 0x11, 0x59, -- 0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4, -- 0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, -- 0xD8, 0xBE, 0xC4, 0xD0, 0x73, 0xB9, 0x31, 0xBA, -- 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00, -- 0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED, -- 0x25, 0x76, 0xF6, 0x93, 0x6B, 0xA4, 0x24, 0x66, -- 0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68, -- 0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78, -- 0x23, 0x8F, 0x16, 0xCB, 0xE3, 0x9D, 0x65, 0x2D, -- 0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9, -- 0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07, -- 0x13, 0xEB, 0x57, 0xA8, 0x1A, 0x23, 0xF0, 0xC7, -- 0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B, -- 0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD, -- 0xFA, 0x9D, 0x4B, 0x7F, 0xA2, 0xC0, 0x87, 0xE8, -- 0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A, -- 0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6, -- 0x6D, 0x2A, 0x13, 0xF8, 0x3F, 0x44, 0xF8, 0x2D, -- 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36, -- 0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1, -- 0x64, 0xF3, 0x1C, 0xC5, 0x08, 0x46, 0x85, 0x1D, -- 0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1, -- 0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, -- 0xFA, 0xF3, 0x6B, 0xC3, 0x1E, 0xCF, 0xA2, 0x68, -- 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92, -- 0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7, -- 0x88, 0x9A, 0x00, 0x2E, 0xD5, 0xEE, 0x38, 0x2B, -- 0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47, -- 0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA, -- 0x9E, 0x30, 0x50, 0xE2, 0x76, 0x56, 0x94, 0xDF, -- 0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71, -- 0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF, -- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -- }; -- return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn); -+ return COPY_BN(bn, _bignum_modp_8192_p); - } -diff -up openssl-1.1.1j/crypto/bn/bn_dh.c.fips-dh openssl-1.1.1j/crypto/bn/bn_dh.c ---- openssl-1.1.1j/crypto/bn/bn_dh.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/bn/bn_dh.c 2021-03-03 14:23:27.404092427 +0100 -@@ -1,7 +1,7 @@ - /* -- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved. - * -- * Licensed under the OpenSSL license (the "License"). You may not use -+ * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html -@@ -11,474 +11,995 @@ - #include "internal/nelem.h" - - #ifndef OPENSSL_NO_DH --#include --#include "crypto/bn_dh.h" --/* DH parameters from RFC5114 */ -+# include -+# include "crypto/bn_dh.h" - - # if BN_BITS2 == 64 --static const BN_ULONG dh1024_160_p[] = { -- 0xDF1FB2BC2E4A4371ULL, 0xE68CFDA76D4DA708ULL, 0x45BF37DF365C1A65ULL, -- 0xA151AF5F0DC8B4BDULL, 0xFAA31A4FF55BCCC0ULL, 0x4EFFD6FAE5644738ULL, -- 0x98488E9C219A7372ULL, 0xACCBDD7D90C4BD70ULL, 0x24975C3CD49B83BFULL, -- 0x13ECB4AEA9061123ULL, 0x9838EF1E2EE652C0ULL, 0x6073E28675A23D18ULL, -- 0x9A6A9DCA52D23B61ULL, 0x52C99FBCFB06A3C6ULL, 0xDE92DE5EAE5D54ECULL, -- 0xB10B8F96A080E01DULL --}; -- --static const BN_ULONG dh1024_160_g[] = { -- 0x855E6EEB22B3B2E5ULL, 0x858F4DCEF97C2A24ULL, 0x2D779D5918D08BC8ULL, -- 0xD662A4D18E73AFA3ULL, 0x1DBF0A0169B6A28AULL, 0xA6A24C087A091F53ULL, -- 0x909D0D2263F80A76ULL, 0xD7FBD7D3B9A92EE1ULL, 0x5E91547F9E2749F4ULL, -- 0x160217B4B01B886AULL, 0x777E690F5504F213ULL, 0x266FEA1E5C41564BULL, -- 0xD6406CFF14266D31ULL, 0xF8104DD258AC507FULL, 0x6765A442EFB99905ULL, -- 0xA4D1CBD5C3FD3412ULL --}; -- --static const BN_ULONG dh1024_160_q[] = { -- 0x64B7CB9D49462353ULL, 0x81A8DF278ABA4E7DULL, 0x00000000F518AA87ULL --}; -- --static const BN_ULONG dh2048_224_p[] = { -- 0x0AC4DFFE0C10E64FULL, 0xCF9DE5384E71B81CULL, 0x7EF363E2FFA31F71ULL, -- 0xE3FB73C16B8E75B9ULL, 0xC9B53DCF4BA80A29ULL, 0x23F10B0E16E79763ULL, -- 0xC52172E413042E9BULL, 0xBE60E69CC928B2B9ULL, 0x80CD86A1B9E587E8ULL, -- 0x315D75E198C641A4ULL, 0xCDF93ACC44328387ULL, 0x15987D9ADC0A486DULL, -- 0x7310F7121FD5A074ULL, 0x278273C7DE31EFDCULL, 0x1602E714415D9330ULL, -- 0x81286130BC8985DBULL, 0xB3BF8A3170918836ULL, 0x6A00E0A0B9C49708ULL, -- 0xC6BA0B2C8BBC27BEULL, 0xC9F98D11ED34DBF6ULL, 0x7AD5B7D0B6C12207ULL, -- 0xD91E8FEF55B7394BULL, 0x9037C9EDEFDA4DF8ULL, 0x6D3F8152AD6AC212ULL, -- 0x1DE6B85A1274A0A6ULL, 0xEB3D688A309C180EULL, 0xAF9A3C407BA1DF15ULL, -- 0xE6FA141DF95A56DBULL, 0xB54B1597B61D0A75ULL, 0xA20D64E5683B9FD1ULL, -- 0xD660FAA79559C51FULL, 0xAD107E1E9123A9D0ULL --}; -- --static const BN_ULONG dh2048_224_g[] = { -- 0x84B890D3191F2BFAULL, 0x81BC087F2A7065B3ULL, 0x19C418E1F6EC0179ULL, -- 0x7B5A0F1C71CFFF4CULL, 0xEDFE72FE9B6AA4BDULL, 0x81E1BCFE94B30269ULL, -- 0x566AFBB48D6C0191ULL, 0xB539CCE3409D13CDULL, 0x6AA21E7F5F2FF381ULL, -- 0xD9E263E4770589EFULL, 0x10E183EDD19963DDULL, 0xB70A8137150B8EEBULL, -- 0x051AE3D428C8F8ACULL, 0xBB77A86F0C1AB15BULL, 0x6E3025E316A330EFULL, -- 0x19529A45D6F83456ULL, 0xF180EB34118E98D1ULL, 0xB5F6C6B250717CBEULL, -- 0x09939D54DA7460CDULL, 0xE247150422EA1ED4ULL, 0xB8A762D0521BC98AULL, -- 0xF4D027275AC1348BULL, 0xC17669101999024AULL, 0xBE5E9001A8D66AD7ULL, -- 0xC57DB17C620A8652ULL, 0xAB739D7700C29F52ULL, 0xDD921F01A70C4AFAULL, -- 0xA6824A4E10B9A6F0ULL, 0x74866A08CFE4FFE3ULL, 0x6CDEBE7B89998CAFULL, -- 0x9DF30B5C8FFDAC50ULL, 0xAC4032EF4F2D9AE3ULL --}; -- --static const BN_ULONG dh2048_224_q[] = { -- 0xBF389A99B36371EBULL, 0x1F80535A4738CEBCULL, 0xC58D93FE99717710ULL, -- 0x00000000801C0D34ULL --}; -- --static const BN_ULONG dh2048_256_p[] = { -- 0xDB094AE91E1A1597ULL, 0x693877FAD7EF09CAULL, 0x6116D2276E11715FULL, -- 0xA4B54330C198AF12ULL, 0x75F26375D7014103ULL, 0xC3A3960A54E710C3ULL, -- 0xDED4010ABD0BE621ULL, 0xC0B857F689962856ULL, 0xB3CA3F7971506026ULL, -- 0x1CCACB83E6B486F6ULL, 0x67E144E514056425ULL, 0xF6A167B5A41825D9ULL, -- 0x3AD8347796524D8EULL, 0xF13C6D9A51BFA4ABULL, 0x2D52526735488A0EULL, -- 0xB63ACAE1CAA6B790ULL, 0x4FDB70C581B23F76ULL, 0xBC39A0BF12307F5CULL, -- 0xB941F54EB1E59BB8ULL, 0x6C5BFC11D45F9088ULL, 0x22E0B1EF4275BF7BULL, -- 0x91F9E6725B4758C0ULL, 0x5A8A9D306BCF67EDULL, 0x209E0C6497517ABDULL, -- 0x3BF4296D830E9A7CULL, 0x16C3D91134096FAAULL, 0xFAF7DF4561B2AA30ULL, -- 0xE00DF8F1D61957D4ULL, 0x5D2CEED4435E3B00ULL, 0x8CEEF608660DD0F2ULL, -- 0xFFBBD19C65195999ULL, 0x87A8E61DB4B6663CULL --}; -+# define BN_DEF(lo, hi) (BN_ULONG)hi << 32 | lo -+# else -+# define BN_DEF(lo, hi) lo, hi -+# endif - --static const BN_ULONG dh2048_256_g[] = { -- 0x664B4C0F6CC41659ULL, 0x5E2327CFEF98C582ULL, 0xD647D148D4795451ULL, -- 0x2F63078490F00EF8ULL, 0x184B523D1DB246C3ULL, 0xC7891428CDC67EB6ULL, -- 0x7FD028370DF92B52ULL, 0xB3353BBB64E0EC37ULL, 0xECD06E1557CD0915ULL, -- 0xB7D2BBD2DF016199ULL, 0xC8484B1E052588B9ULL, 0xDB2A3B7313D3FE14ULL, -- 0xD052B985D182EA0AULL, 0xA4BD1BFFE83B9C80ULL, 0xDFC967C1FB3F2E55ULL, -- 0xB5045AF2767164E1ULL, 0x1D14348F6F2F9193ULL, 0x64E67982428EBC83ULL, -- 0x8AC376D282D6ED38ULL, 0x777DE62AAAB8A862ULL, 0xDDF463E5E9EC144BULL, -- 0x0196F931C77A57F2ULL, 0xA55AE31341000A65ULL, 0x901228F8C28CBB18ULL, -- 0xBC3773BF7E8C6F62ULL, 0xBE3A6C1B0C6B47B1ULL, 0xFF4FED4AAC0BB555ULL, -- 0x10DBC15077BE463FULL, 0x07F4793A1A0BA125ULL, 0x4CA7B18F21EF2054ULL, -- 0x2E77506660EDBD48ULL, 0x3FB32C9B73134D0BULL --}; -+/* DH parameters from RFC3526 */ - --static const BN_ULONG dh2048_256_q[] = { -- 0xA308B0FE64F5FBD3ULL, 0x99B1A47D1EB3750BULL, 0xB447997640129DA2ULL, -- 0x8CF83642A709A097ULL -+/* -+ * "1536-bit MODP Group" from RFC3526, Section 2. -+ * -+ * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 } -+ * -+ * RFC3526 specifies a generator of 2. -+ * RFC2312 specifies a generator of 22. -+ */ -+static const BN_ULONG modp_1536_p[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xCA237327, 0xF1746C08), -+ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), -+ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), -+ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), -+ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), -+ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), -+ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), -+ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), -+ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), -+ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), -+ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), -+ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG modp_1536_q[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x6511B993, 0x78BA3604), -+ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), -+ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), -+ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), -+ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), -+ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), -+ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), -+ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), -+ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), -+ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), -+ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), -+ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF) - }; - --/* Primes from RFC 7919 */ --static const BN_ULONG ffdhe2048_p[] = { -- 0xFFFFFFFFFFFFFFFFULL, 0x886B423861285C97ULL, 0xC6F34A26C1B2EFFAULL, -- 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, 0xC3FE3B1B4C6FAD73ULL, -- 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, 0xC03404CD28342F61ULL, -- 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, 0xAE56EDE76372BB19ULL, -- 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, 0xD108A94BB2C8E3FBULL, -- 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, 0x1DF158A136ADE735ULL, -- 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, 0xB557135E7F57C935ULL, -- 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, 0xD3DF1ED5D5FD6561ULL, -- 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, 0xCC939DCE249B3EF9ULL, -- 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, 0xAFDC5620273D3CF1ULL, -- 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL -+/*- -+ * "2048-bit MODP Group" from RFC3526, Section 3. -+ * -+ * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } -+ * -+ * RFC3526 specifies a generator of 2. -+ */ -+static const BN_ULONG modp_2048_p[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x8AACAA68, 0x15728E5A), -+ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), -+ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), -+ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), -+ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), -+ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), -+ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), -+ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), -+ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), -+ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), -+ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), -+ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), -+ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), -+ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), -+ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), -+ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG modp_2048_q[] = { -+ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x45565534, 0x0AB9472D), -+ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), -+ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), -+ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), -+ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), -+ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), -+ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), -+ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), -+ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), -+ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), -+ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), -+ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), -+ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), -+ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), -+ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), -+ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), - }; - --static const BN_ULONG ffdhe3072_p[] = { -- 0xFFFFFFFFFFFFFFFFULL, 0x25E41D2B66C62E37ULL, 0x3C1B20EE3FD59D7CULL, -- 0x0ABCD06BFA53DDEFULL, 0x1DBF9A42D5C4484EULL, 0xABC521979B0DEADAULL, -- 0xE86D2BC522363A0DULL, 0x5CAE82AB9C9DF69EULL, 0x64F2E21E71F54BFFULL, -- 0xF4FD4452E2D74DD3ULL, 0xB4130C93BC437944ULL, 0xAEFE130985139270ULL, -- 0x598CB0FAC186D91CULL, 0x7AD91D2691F7F7EEULL, 0x61B46FC9D6E6C907ULL, -- 0xBC34F4DEF99C0238ULL, 0xDE355B3B6519035BULL, 0x886B4238611FCFDCULL, -- 0xC6F34A26C1B2EFFAULL, 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, -- 0xC3FE3B1B4C6FAD73ULL, 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, -- 0xC03404CD28342F61ULL, 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, -- 0xAE56EDE76372BB19ULL, 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, -- 0xD108A94BB2C8E3FBULL, 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, -- 0x1DF158A136ADE735ULL, 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, -- 0xB557135E7F57C935ULL, 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, -- 0xD3DF1ED5D5FD6561ULL, 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, -- 0xCC939DCE249B3EF9ULL, 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, -- 0xAFDC5620273D3CF1ULL, 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL -+/*- -+ * "3072-bit MODP Group" from RFC3526, Section 4. -+ * -+ * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 } -+ * -+ * RFC3526 specifies a generator of 2. -+ */ -+static const BN_ULONG modp_3072_p[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xA93AD2CA, 0x4B82D120), -+ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), -+ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), -+ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), -+ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), -+ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), -+ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), -+ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), -+ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), -+ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), -+ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), -+ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), -+ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), -+ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), -+ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), -+ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), -+ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), -+ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), -+ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), -+ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), -+ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), -+ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), -+ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), -+ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG modp_3072_q[] = { -+ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x549D6965, 0x25C16890), -+ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), -+ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), -+ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), -+ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), -+ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), -+ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), -+ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), -+ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), -+ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), -+ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), -+ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), -+ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), -+ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), -+ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), -+ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), -+ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), -+ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), -+ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), -+ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), -+ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), -+ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), -+ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), -+ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), - }; - --static const BN_ULONG ffdhe4096_p[] = { -- 0xFFFFFFFFFFFFFFFFULL, 0xC68A007E5E655F6AULL, 0x4DB5A851F44182E1ULL, -- 0x8EC9B55A7F88A46BULL, 0x0A8291CDCEC97DCFULL, 0x2A4ECEA9F98D0ACCULL, -- 0x1A1DB93D7140003CULL, 0x092999A333CB8B7AULL, 0x6DC778F971AD0038ULL, -- 0xA907600A918130C4ULL, 0xED6A1E012D9E6832ULL, 0x7135C886EFB4318AULL, -- 0x87F55BA57E31CC7AULL, 0x7763CF1D55034004ULL, 0xAC7D5F42D69F6D18ULL, -- 0x7930E9E4E58857B6ULL, 0x6E6F52C3164DF4FBULL, 0x25E41D2B669E1EF1ULL, -- 0x3C1B20EE3FD59D7CULL, 0x0ABCD06BFA53DDEFULL, 0x1DBF9A42D5C4484EULL, -- 0xABC521979B0DEADAULL, 0xE86D2BC522363A0DULL, 0x5CAE82AB9C9DF69EULL, -- 0x64F2E21E71F54BFFULL, 0xF4FD4452E2D74DD3ULL, 0xB4130C93BC437944ULL, -- 0xAEFE130985139270ULL, 0x598CB0FAC186D91CULL, 0x7AD91D2691F7F7EEULL, -- 0x61B46FC9D6E6C907ULL, 0xBC34F4DEF99C0238ULL, 0xDE355B3B6519035BULL, -- 0x886B4238611FCFDCULL, 0xC6F34A26C1B2EFFAULL, 0xC58EF1837D1683B2ULL, -- 0x3BB5FCBC2EC22005ULL, 0xC3FE3B1B4C6FAD73ULL, 0x8E4F1232EEF28183ULL, -- 0x9172FE9CE98583FFULL, 0xC03404CD28342F61ULL, 0x9E02FCE1CDF7E2ECULL, -- 0x0B07A7C8EE0A6D70ULL, 0xAE56EDE76372BB19ULL, 0x1D4F42A3DE394DF4ULL, -- 0xB96ADAB760D7F468ULL, 0xD108A94BB2C8E3FBULL, 0xBC0AB182B324FB61ULL, -- 0x30ACCA4F483A797AULL, 0x1DF158A136ADE735ULL, 0xE2A689DAF3EFE872ULL, -- 0x984F0C70E0E68B77ULL, 0xB557135E7F57C935ULL, 0x856365553DED1AF3ULL, -- 0x2433F51F5F066ED0ULL, 0xD3DF1ED5D5FD6561ULL, 0xF681B202AEC4617AULL, -- 0x7D2FE363630C75D8ULL, 0xCC939DCE249B3EF9ULL, 0xA9E13641146433FBULL, -- 0xD8B9C583CE2D3695ULL, 0xAFDC5620273D3CF1ULL, 0xADF85458A2BB4A9AULL, -- 0xFFFFFFFFFFFFFFFFULL -+/*- -+ * "4096-bit MODP Group" from RFC3526, Section 5. -+ * -+ * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 } -+ * -+ * RFC3526 specifies a generator of 2. -+ */ -+static const BN_ULONG modp_4096_p[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x34063199, 0x4DF435C9), -+ BN_DEF(0x90A6C08F, 0x86FFB7DC), BN_DEF(0x8D8FDDC1, 0x93B4EA98), -+ BN_DEF(0xD5B05AA9, 0xD0069127), BN_DEF(0x2170481C, 0xB81BDD76), -+ BN_DEF(0xCEE2D7AF, 0x1F612970), BN_DEF(0x515BE7ED, 0x233BA186), -+ BN_DEF(0xA090C3A2, 0x99B2964F), BN_DEF(0x4E6BC05D, 0x287C5947), -+ BN_DEF(0x1FBECAA6, 0x2E8EFC14), BN_DEF(0x04DE8EF9, 0xDBBBC2DB), -+ BN_DEF(0x2AD44CE8, 0x2583E9CA), BN_DEF(0xB6150BDA, 0x1A946834), -+ BN_DEF(0x6AF4E23C, 0x99C32718), BN_DEF(0xBDBA5B26, 0x88719A10), -+ BN_DEF(0xA787E6D7, 0x1A723C12), BN_DEF(0xA9210801, 0x4B82D120), -+ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), -+ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), -+ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), -+ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), -+ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), -+ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), -+ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), -+ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), -+ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), -+ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), -+ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), -+ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), -+ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), -+ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), -+ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), -+ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), -+ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), -+ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), -+ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), -+ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), -+ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), -+ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), -+ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG modp_4096_q[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x9A0318CC, 0xA6FA1AE4), -+ BN_DEF(0x48536047, 0xC37FDBEE), BN_DEF(0x46C7EEE0, 0xC9DA754C), -+ BN_DEF(0xEAD82D54, 0x68034893), BN_DEF(0x10B8240E, 0xDC0DEEBB), -+ BN_DEF(0x67716BD7, 0x8FB094B8), BN_DEF(0x28ADF3F6, 0x119DD0C3), -+ BN_DEF(0xD04861D1, 0xCCD94B27), BN_DEF(0xA735E02E, 0x143E2CA3), -+ BN_DEF(0x0FDF6553, 0x97477E0A), BN_DEF(0x826F477C, 0x6DDDE16D), -+ BN_DEF(0x156A2674, 0x12C1F4E5), BN_DEF(0x5B0A85ED, 0x0D4A341A), -+ BN_DEF(0x357A711E, 0x4CE1938C), BN_DEF(0x5EDD2D93, 0xC438CD08), -+ BN_DEF(0x53C3F36B, 0x8D391E09), BN_DEF(0x54908400, 0x25C16890), -+ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), -+ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), -+ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), -+ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), -+ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), -+ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), -+ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), -+ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), -+ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), -+ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), -+ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), -+ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), -+ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), -+ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), -+ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), -+ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), -+ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), -+ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), -+ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), -+ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), -+ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), -+ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), -+ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), - }; - --static const BN_ULONG ffdhe6144_p[] = { -- 0xFFFFFFFFFFFFFFFFULL, 0xA40E329CD0E40E65ULL, 0xA41D570D7938DAD4ULL, -- 0x62A69526D43161C1ULL, 0x3FDD4A8E9ADB1E69ULL, 0x5B3B71F9DC6B80D6ULL, -- 0xEC9D1810C6272B04ULL, 0x8CCF2DD5CACEF403ULL, 0xE49F5235C95B9117ULL, -- 0x505DC82DB854338AULL, 0x62292C311562A846ULL, 0xD72B03746AE77F5EULL, -- 0xF9C9091B462D538CULL, 0x0AE8DB5847A67CBEULL, 0xB3A739C122611682ULL, -- 0xEEAAC0232A281BF6ULL, 0x94C6651E77CAF992ULL, 0x763E4E4B94B2BBC1ULL, -- 0x587E38DA0077D9B4ULL, 0x7FB29F8C183023C3ULL, 0x0ABEC1FFF9E3A26EULL, -- 0xA00EF092350511E3ULL, 0xB855322EDB6340D8ULL, 0xA52471F7A9A96910ULL, -- 0x388147FB4CFDB477ULL, 0x9B1F5C3E4E46041FULL, 0xCDAD0657FCCFEC71ULL, -- 0xB38E8C334C701C3AULL, 0x917BDD64B1C0FD4CULL, 0x3BB454329B7624C8ULL, -- 0x23BA4442CAF53EA6ULL, 0x4E677D2C38532A3AULL, 0x0BFD64B645036C7AULL, -- 0xC68A007E5E0DD902ULL, 0x4DB5A851F44182E1ULL, 0x8EC9B55A7F88A46BULL, -- 0x0A8291CDCEC97DCFULL, 0x2A4ECEA9F98D0ACCULL, 0x1A1DB93D7140003CULL, -- 0x092999A333CB8B7AULL, 0x6DC778F971AD0038ULL, 0xA907600A918130C4ULL, -- 0xED6A1E012D9E6832ULL, 0x7135C886EFB4318AULL, 0x87F55BA57E31CC7AULL, -- 0x7763CF1D55034004ULL, 0xAC7D5F42D69F6D18ULL, 0x7930E9E4E58857B6ULL, -- 0x6E6F52C3164DF4FBULL, 0x25E41D2B669E1EF1ULL, 0x3C1B20EE3FD59D7CULL, -- 0x0ABCD06BFA53DDEFULL, 0x1DBF9A42D5C4484EULL, 0xABC521979B0DEADAULL, -- 0xE86D2BC522363A0DULL, 0x5CAE82AB9C9DF69EULL, 0x64F2E21E71F54BFFULL, -- 0xF4FD4452E2D74DD3ULL, 0xB4130C93BC437944ULL, 0xAEFE130985139270ULL, -- 0x598CB0FAC186D91CULL, 0x7AD91D2691F7F7EEULL, 0x61B46FC9D6E6C907ULL, -- 0xBC34F4DEF99C0238ULL, 0xDE355B3B6519035BULL, 0x886B4238611FCFDCULL, -- 0xC6F34A26C1B2EFFAULL, 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, -- 0xC3FE3B1B4C6FAD73ULL, 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, -- 0xC03404CD28342F61ULL, 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, -- 0xAE56EDE76372BB19ULL, 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, -- 0xD108A94BB2C8E3FBULL, 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, -- 0x1DF158A136ADE735ULL, 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, -- 0xB557135E7F57C935ULL, 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, -- 0xD3DF1ED5D5FD6561ULL, 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, -- 0xCC939DCE249B3EF9ULL, 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, -- 0xAFDC5620273D3CF1ULL, 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL -+/*- -+ * "6144-bit MODP Group" from RFC3526, Section 6. -+ * -+ * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 } -+ * -+ * RFC3526 specifies a generator of 2. -+ */ -+static const BN_ULONG modp_6144_p[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x6DCC4024, 0xE694F91E), -+ BN_DEF(0x0B7474D6, 0x12BF2D5B), BN_DEF(0x3F4860EE, 0x043E8F66), -+ BN_DEF(0x6E3C0468, 0x387FE8D7), BN_DEF(0x2EF29632, 0xDA56C9EC), -+ BN_DEF(0xA313D55C, 0xEB19CCB1), BN_DEF(0x8A1FBFF0, 0xF550AA3D), -+ BN_DEF(0xB7C5DA76, 0x06A1D58B), BN_DEF(0xF29BE328, 0xA79715EE), -+ BN_DEF(0x0F8037E0, 0x14CC5ED2), BN_DEF(0xBF48E1D8, 0xCC8F6D7E), -+ BN_DEF(0x2B4154AA, 0x4BD407B2), BN_DEF(0xFF585AC5, 0x0F1D45B7), -+ BN_DEF(0x36CC88BE, 0x23A97A7E), BN_DEF(0xBEC7E8F3, 0x59E7C97F), -+ BN_DEF(0x900B1C9E, 0xB5A84031), BN_DEF(0x46980C82, 0xD55E702F), -+ BN_DEF(0x6E74FEF6, 0xF482D7CE), BN_DEF(0xD1721D03, 0xF032EA15), -+ BN_DEF(0xC64B92EC, 0x5983CA01), BN_DEF(0x378CD2BF, 0x6FB8F401), -+ BN_DEF(0x2BD7AF42, 0x33205151), BN_DEF(0xE6CC254B, 0xDB7F1447), -+ BN_DEF(0xCED4BB1B, 0x44CE6CBA), BN_DEF(0xCF9B14ED, 0xDA3EDBEB), -+ BN_DEF(0x865A8918, 0x179727B0), BN_DEF(0x9027D831, 0xB06A53ED), -+ BN_DEF(0x413001AE, 0xE5DB382F), BN_DEF(0xAD9E530E, 0xF8FF9406), -+ BN_DEF(0x3DBA37BD, 0xC9751E76), BN_DEF(0x602646DE, 0xC1D4DCB2), -+ BN_DEF(0xD27C7026, 0x36C3FAB4), BN_DEF(0x34028492, 0x4DF435C9), -+ BN_DEF(0x90A6C08F, 0x86FFB7DC), BN_DEF(0x8D8FDDC1, 0x93B4EA98), -+ BN_DEF(0xD5B05AA9, 0xD0069127), BN_DEF(0x2170481C, 0xB81BDD76), -+ BN_DEF(0xCEE2D7AF, 0x1F612970), BN_DEF(0x515BE7ED, 0x233BA186), -+ BN_DEF(0xA090C3A2, 0x99B2964F), BN_DEF(0x4E6BC05D, 0x287C5947), -+ BN_DEF(0x1FBECAA6, 0x2E8EFC14), BN_DEF(0x04DE8EF9, 0xDBBBC2DB), -+ BN_DEF(0x2AD44CE8, 0x2583E9CA), BN_DEF(0xB6150BDA, 0x1A946834), -+ BN_DEF(0x6AF4E23C, 0x99C32718), BN_DEF(0xBDBA5B26, 0x88719A10), -+ BN_DEF(0xA787E6D7, 0x1A723C12), BN_DEF(0xA9210801, 0x4B82D120), -+ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), -+ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), -+ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), -+ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), -+ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), -+ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), -+ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), -+ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), -+ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), -+ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), -+ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), -+ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), -+ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), -+ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), -+ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), -+ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), -+ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), -+ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), -+ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), -+ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), -+ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), -+ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), -+ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG modp_6144_q[] = { -+ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x36E62012, 0x734A7C8F), -+ BN_DEF(0x85BA3A6B, 0x095F96AD), BN_DEF(0x1FA43077, 0x021F47B3), -+ BN_DEF(0xB71E0234, 0x1C3FF46B), BN_DEF(0x17794B19, 0x6D2B64F6), -+ BN_DEF(0xD189EAAE, 0x758CE658), BN_DEF(0xC50FDFF8, 0x7AA8551E), -+ BN_DEF(0xDBE2ED3B, 0x0350EAC5), BN_DEF(0x794DF194, 0x53CB8AF7), -+ BN_DEF(0x07C01BF0, 0x0A662F69), BN_DEF(0x5FA470EC, 0x6647B6BF), -+ BN_DEF(0x15A0AA55, 0xA5EA03D9), BN_DEF(0xFFAC2D62, 0x078EA2DB), -+ BN_DEF(0x1B66445F, 0x91D4BD3F), BN_DEF(0xDF63F479, 0x2CF3E4BF), -+ BN_DEF(0xC8058E4F, 0x5AD42018), BN_DEF(0xA34C0641, 0x6AAF3817), -+ BN_DEF(0x373A7F7B, 0xFA416BE7), BN_DEF(0xE8B90E81, 0x7819750A), -+ BN_DEF(0xE325C976, 0xACC1E500), BN_DEF(0x9BC6695F, 0x37DC7A00), -+ BN_DEF(0x95EBD7A1, 0x999028A8), BN_DEF(0xF36612A5, 0xEDBF8A23), -+ BN_DEF(0x676A5D8D, 0xA267365D), BN_DEF(0xE7CD8A76, 0x6D1F6DF5), -+ BN_DEF(0x432D448C, 0x8BCB93D8), BN_DEF(0xC813EC18, 0x583529F6), -+ BN_DEF(0xA09800D7, 0x72ED9C17), BN_DEF(0x56CF2987, 0xFC7FCA03), -+ BN_DEF(0x1EDD1BDE, 0x64BA8F3B), BN_DEF(0x3013236F, 0x60EA6E59), -+ BN_DEF(0x693E3813, 0x1B61FD5A), BN_DEF(0x9A014249, 0xA6FA1AE4), -+ BN_DEF(0x48536047, 0xC37FDBEE), BN_DEF(0x46C7EEE0, 0xC9DA754C), -+ BN_DEF(0xEAD82D54, 0x68034893), BN_DEF(0x10B8240E, 0xDC0DEEBB), -+ BN_DEF(0x67716BD7, 0x8FB094B8), BN_DEF(0x28ADF3F6, 0x119DD0C3), -+ BN_DEF(0xD04861D1, 0xCCD94B27), BN_DEF(0xA735E02E, 0x143E2CA3), -+ BN_DEF(0x0FDF6553, 0x97477E0A), BN_DEF(0x826F477C, 0x6DDDE16D), -+ BN_DEF(0x156A2674, 0x12C1F4E5), BN_DEF(0x5B0A85ED, 0x0D4A341A), -+ BN_DEF(0x357A711E, 0x4CE1938C), BN_DEF(0x5EDD2D93, 0xC438CD08), -+ BN_DEF(0x53C3F36B, 0x8D391E09), BN_DEF(0x54908400, 0x25C16890), -+ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), -+ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), -+ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), -+ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), -+ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), -+ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), -+ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), -+ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), -+ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), -+ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), -+ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), -+ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), -+ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), -+ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), -+ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), -+ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), -+ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), -+ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), -+ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), -+ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), -+ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), -+ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), -+ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), - }; - --static const BN_ULONG ffdhe8192_p[] = { -- 0xFFFFFFFFFFFFFFFFULL, 0xD68C8BB7C5C6424CULL, 0x011E2A94838FF88CULL, -- 0x0822E506A9F4614EULL, 0x97D11D49F7A8443DULL, 0xA6BBFDE530677F0DULL, -- 0x2F741EF8C1FE86FEULL, 0xFAFABE1C5D71A87EULL, 0xDED2FBABFBE58A30ULL, -- 0xB6855DFE72B0A66EULL, 0x1EFC8CE0BA8A4FE8ULL, 0x83F81D4A3F2FA457ULL, -- 0xA1FE3075A577E231ULL, 0xD5B8019488D9C0A0ULL, 0x624816CDAD9A95F9ULL, -- 0x99E9E31650C1217BULL, 0x51AA691E0E423CFCULL, 0x1C217E6C3826E52CULL, -- 0x51A8A93109703FEEULL, 0xBB7099876A460E74ULL, 0x541FC68C9C86B022ULL, -- 0x59160CC046FD8251ULL, 0x2846C0BA35C35F5CULL, 0x54504AC78B758282ULL, -- 0x29388839D2AF05E4ULL, 0xCB2C0F1CC01BD702ULL, 0x555B2F747C932665ULL, -- 0x86B63142A3AB8829ULL, 0x0B8CC3BDF64B10EFULL, 0x687FEB69EDD1CC5EULL, -- 0xFDB23FCEC9509D43ULL, 0x1E425A31D951AE64ULL, 0x36AD004CF600C838ULL, -- 0xA40E329CCFF46AAAULL, 0xA41D570D7938DAD4ULL, 0x62A69526D43161C1ULL, -- 0x3FDD4A8E9ADB1E69ULL, 0x5B3B71F9DC6B80D6ULL, 0xEC9D1810C6272B04ULL, -- 0x8CCF2DD5CACEF403ULL, 0xE49F5235C95B9117ULL, 0x505DC82DB854338AULL, -- 0x62292C311562A846ULL, 0xD72B03746AE77F5EULL, 0xF9C9091B462D538CULL, -- 0x0AE8DB5847A67CBEULL, 0xB3A739C122611682ULL, 0xEEAAC0232A281BF6ULL, -- 0x94C6651E77CAF992ULL, 0x763E4E4B94B2BBC1ULL, 0x587E38DA0077D9B4ULL, -- 0x7FB29F8C183023C3ULL, 0x0ABEC1FFF9E3A26EULL, 0xA00EF092350511E3ULL, -- 0xB855322EDB6340D8ULL, 0xA52471F7A9A96910ULL, 0x388147FB4CFDB477ULL, -- 0x9B1F5C3E4E46041FULL, 0xCDAD0657FCCFEC71ULL, 0xB38E8C334C701C3AULL, -- 0x917BDD64B1C0FD4CULL, 0x3BB454329B7624C8ULL, 0x23BA4442CAF53EA6ULL, -- 0x4E677D2C38532A3AULL, 0x0BFD64B645036C7AULL, 0xC68A007E5E0DD902ULL, -- 0x4DB5A851F44182E1ULL, 0x8EC9B55A7F88A46BULL, 0x0A8291CDCEC97DCFULL, -- 0x2A4ECEA9F98D0ACCULL, 0x1A1DB93D7140003CULL, 0x092999A333CB8B7AULL, -- 0x6DC778F971AD0038ULL, 0xA907600A918130C4ULL, 0xED6A1E012D9E6832ULL, -- 0x7135C886EFB4318AULL, 0x87F55BA57E31CC7AULL, 0x7763CF1D55034004ULL, -- 0xAC7D5F42D69F6D18ULL, 0x7930E9E4E58857B6ULL, 0x6E6F52C3164DF4FBULL, -- 0x25E41D2B669E1EF1ULL, 0x3C1B20EE3FD59D7CULL, 0x0ABCD06BFA53DDEFULL, -- 0x1DBF9A42D5C4484EULL, 0xABC521979B0DEADAULL, 0xE86D2BC522363A0DULL, -- 0x5CAE82AB9C9DF69EULL, 0x64F2E21E71F54BFFULL, 0xF4FD4452E2D74DD3ULL, -- 0xB4130C93BC437944ULL, 0xAEFE130985139270ULL, 0x598CB0FAC186D91CULL, -- 0x7AD91D2691F7F7EEULL, 0x61B46FC9D6E6C907ULL, 0xBC34F4DEF99C0238ULL, -- 0xDE355B3B6519035BULL, 0x886B4238611FCFDCULL, 0xC6F34A26C1B2EFFAULL, -- 0xC58EF1837D1683B2ULL, 0x3BB5FCBC2EC22005ULL, 0xC3FE3B1B4C6FAD73ULL, -- 0x8E4F1232EEF28183ULL, 0x9172FE9CE98583FFULL, 0xC03404CD28342F61ULL, -- 0x9E02FCE1CDF7E2ECULL, 0x0B07A7C8EE0A6D70ULL, 0xAE56EDE76372BB19ULL, -- 0x1D4F42A3DE394DF4ULL, 0xB96ADAB760D7F468ULL, 0xD108A94BB2C8E3FBULL, -- 0xBC0AB182B324FB61ULL, 0x30ACCA4F483A797AULL, 0x1DF158A136ADE735ULL, -- 0xE2A689DAF3EFE872ULL, 0x984F0C70E0E68B77ULL, 0xB557135E7F57C935ULL, -- 0x856365553DED1AF3ULL, 0x2433F51F5F066ED0ULL, 0xD3DF1ED5D5FD6561ULL, -- 0xF681B202AEC4617AULL, 0x7D2FE363630C75D8ULL, 0xCC939DCE249B3EF9ULL, -- 0xA9E13641146433FBULL, 0xD8B9C583CE2D3695ULL, 0xAFDC5620273D3CF1ULL, -- 0xADF85458A2BB4A9AULL, 0xFFFFFFFFFFFFFFFFULL -+/* -+ * "8192-bit MODP Group" from RFC3526, Section 7. -+ * -+ * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 } -+ * -+ * RFC3526 specifies a generator of 2. -+ */ -+static const BN_ULONG modp_8192_p[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x98EDD3DF, 0x60C980DD), -+ BN_DEF(0x80B96E71, 0xC81F56E8), BN_DEF(0x765694DF, 0x9E3050E2), -+ BN_DEF(0x5677E9AA, 0x9558E447), BN_DEF(0xFC026E47, 0xC9190DA6), -+ BN_DEF(0xD5EE382B, 0x889A002E), BN_DEF(0x481C6CD7, 0x4009438B), -+ BN_DEF(0xEB879F92, 0x359046F4), BN_DEF(0x1ECFA268, 0xFAF36BC3), -+ BN_DEF(0x7EE74D73, 0xB1D510BD), BN_DEF(0x5DED7EA1, 0xF9AB4819), -+ BN_DEF(0x0846851D, 0x64F31CC5), BN_DEF(0xA0255DC1, 0x4597E899), -+ BN_DEF(0x74AB6A36, 0xDF310EE0), BN_DEF(0x3F44F82D, 0x6D2A13F8), -+ BN_DEF(0xB3A278A6, 0x062B3CF5), BN_DEF(0xED5BDD3A, 0x79683303), -+ BN_DEF(0xA2C087E8, 0xFA9D4B7F), BN_DEF(0x2F8385DD, 0x4BCBC886), -+ BN_DEF(0x6CEA306B, 0x3473FC64), BN_DEF(0x1A23F0C7, 0x13EB57A8), -+ BN_DEF(0xA4037C07, 0x22222E04), BN_DEF(0xFC848AD9, 0xE3FDB8BE), -+ BN_DEF(0xE39D652D, 0x238F16CB), BN_DEF(0x2BF1C978, 0x3423B474), -+ BN_DEF(0x5AE4F568, 0x3AAB639C), BN_DEF(0x6BA42466, 0x2576F693), -+ BN_DEF(0x8AFC47ED, 0x741FA7BF), BN_DEF(0x8D9DD300, 0x3BC832B6), -+ BN_DEF(0x73B931BA, 0xD8BEC4D0), BN_DEF(0xA932DF8C, 0x38777CB6), -+ BN_DEF(0x12FEE5E4, 0x74A3926F), BN_DEF(0x6DBE1159, 0xE694F91E), -+ BN_DEF(0x0B7474D6, 0x12BF2D5B), BN_DEF(0x3F4860EE, 0x043E8F66), -+ BN_DEF(0x6E3C0468, 0x387FE8D7), BN_DEF(0x2EF29632, 0xDA56C9EC), -+ BN_DEF(0xA313D55C, 0xEB19CCB1), BN_DEF(0x8A1FBFF0, 0xF550AA3D), -+ BN_DEF(0xB7C5DA76, 0x06A1D58B), BN_DEF(0xF29BE328, 0xA79715EE), -+ BN_DEF(0x0F8037E0, 0x14CC5ED2), BN_DEF(0xBF48E1D8, 0xCC8F6D7E), -+ BN_DEF(0x2B4154AA, 0x4BD407B2), BN_DEF(0xFF585AC5, 0x0F1D45B7), -+ BN_DEF(0x36CC88BE, 0x23A97A7E), BN_DEF(0xBEC7E8F3, 0x59E7C97F), -+ BN_DEF(0x900B1C9E, 0xB5A84031), BN_DEF(0x46980C82, 0xD55E702F), -+ BN_DEF(0x6E74FEF6, 0xF482D7CE), BN_DEF(0xD1721D03, 0xF032EA15), -+ BN_DEF(0xC64B92EC, 0x5983CA01), BN_DEF(0x378CD2BF, 0x6FB8F401), -+ BN_DEF(0x2BD7AF42, 0x33205151), BN_DEF(0xE6CC254B, 0xDB7F1447), -+ BN_DEF(0xCED4BB1B, 0x44CE6CBA), BN_DEF(0xCF9B14ED, 0xDA3EDBEB), -+ BN_DEF(0x865A8918, 0x179727B0), BN_DEF(0x9027D831, 0xB06A53ED), -+ BN_DEF(0x413001AE, 0xE5DB382F), BN_DEF(0xAD9E530E, 0xF8FF9406), -+ BN_DEF(0x3DBA37BD, 0xC9751E76), BN_DEF(0x602646DE, 0xC1D4DCB2), -+ BN_DEF(0xD27C7026, 0x36C3FAB4), BN_DEF(0x34028492, 0x4DF435C9), -+ BN_DEF(0x90A6C08F, 0x86FFB7DC), BN_DEF(0x8D8FDDC1, 0x93B4EA98), -+ BN_DEF(0xD5B05AA9, 0xD0069127), BN_DEF(0x2170481C, 0xB81BDD76), -+ BN_DEF(0xCEE2D7AF, 0x1F612970), BN_DEF(0x515BE7ED, 0x233BA186), -+ BN_DEF(0xA090C3A2, 0x99B2964F), BN_DEF(0x4E6BC05D, 0x287C5947), -+ BN_DEF(0x1FBECAA6, 0x2E8EFC14), BN_DEF(0x04DE8EF9, 0xDBBBC2DB), -+ BN_DEF(0x2AD44CE8, 0x2583E9CA), BN_DEF(0xB6150BDA, 0x1A946834), -+ BN_DEF(0x6AF4E23C, 0x99C32718), BN_DEF(0xBDBA5B26, 0x88719A10), -+ BN_DEF(0xA787E6D7, 0x1A723C12), BN_DEF(0xA9210801, 0x4B82D120), -+ BN_DEF(0xE0FD108E, 0x43DB5BFC), BN_DEF(0x74E5AB31, 0x08E24FA0), -+ BN_DEF(0xBAD946E2, 0x770988C0), BN_DEF(0x7A615D6C, 0xBBE11757), -+ BN_DEF(0x177B200C, 0x521F2B18), BN_DEF(0x3EC86A64, 0xD8760273), -+ BN_DEF(0xD98A0864, 0xF12FFA06), BN_DEF(0x1AD2EE6B, 0xCEE3D226), -+ BN_DEF(0x4A25619D, 0x1E8C94E0), BN_DEF(0xDB0933D7, 0xABF5AE8C), -+ BN_DEF(0xA6E1E4C7, 0xB3970F85), BN_DEF(0x5D060C7D, 0x8AEA7157), -+ BN_DEF(0x58DBEF0A, 0xECFB8504), BN_DEF(0xDF1CBA64, 0xA85521AB), -+ BN_DEF(0x04507A33, 0xAD33170D), BN_DEF(0x8AAAC42D, 0x15728E5A), -+ BN_DEF(0x98FA0510, 0x15D22618), BN_DEF(0xEA956AE5, 0x3995497C), -+ BN_DEF(0x95581718, 0xDE2BCBF6), BN_DEF(0x6F4C52C9, 0xB5C55DF0), -+ BN_DEF(0xEC07A28F, 0x9B2783A2), BN_DEF(0x180E8603, 0xE39E772C), -+ BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), -+ BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), -+ BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), -+ BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), -+ BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), -+ BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), -+ BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), -+ BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), -+ BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), -+ BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), -+ BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), -+ BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG modp_8192_q[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xCC76E9EF, 0xB064C06E), -+ BN_DEF(0x405CB738, 0xE40FAB74), BN_DEF(0x3B2B4A6F, 0x4F182871), -+ BN_DEF(0xAB3BF4D5, 0xCAAC7223), BN_DEF(0x7E013723, 0xE48C86D3), -+ BN_DEF(0x6AF71C15, 0xC44D0017), BN_DEF(0xA40E366B, 0x2004A1C5), -+ BN_DEF(0x75C3CFC9, 0x1AC8237A), BN_DEF(0x8F67D134, 0xFD79B5E1), -+ BN_DEF(0xBF73A6B9, 0xD8EA885E), BN_DEF(0xAEF6BF50, 0xFCD5A40C), -+ BN_DEF(0x8423428E, 0xB2798E62), BN_DEF(0xD012AEE0, 0x22CBF44C), -+ BN_DEF(0x3A55B51B, 0xEF988770), BN_DEF(0x1FA27C16, 0x369509FC), -+ BN_DEF(0xD9D13C53, 0x03159E7A), BN_DEF(0xF6ADEE9D, 0x3CB41981), -+ BN_DEF(0xD16043F4, 0xFD4EA5BF), BN_DEF(0x17C1C2EE, 0xA5E5E443), -+ BN_DEF(0x36751835, 0x9A39FE32), BN_DEF(0x0D11F863, 0x89F5ABD4), -+ BN_DEF(0x5201BE03, 0x91111702), BN_DEF(0x7E42456C, 0xF1FEDC5F), -+ BN_DEF(0xF1CEB296, 0x11C78B65), BN_DEF(0x15F8E4BC, 0x1A11DA3A), -+ BN_DEF(0x2D727AB4, 0x1D55B1CE), BN_DEF(0xB5D21233, 0x92BB7B49), -+ BN_DEF(0xC57E23F6, 0x3A0FD3DF), BN_DEF(0x46CEE980, 0x1DE4195B), -+ BN_DEF(0x39DC98DD, 0x6C5F6268), BN_DEF(0x54996FC6, 0x1C3BBE5B), -+ BN_DEF(0x897F72F2, 0xBA51C937), BN_DEF(0x36DF08AC, 0x734A7C8F), -+ BN_DEF(0x85BA3A6B, 0x095F96AD), BN_DEF(0x1FA43077, 0x021F47B3), -+ BN_DEF(0xB71E0234, 0x1C3FF46B), BN_DEF(0x17794B19, 0x6D2B64F6), -+ BN_DEF(0xD189EAAE, 0x758CE658), BN_DEF(0xC50FDFF8, 0x7AA8551E), -+ BN_DEF(0xDBE2ED3B, 0x0350EAC5), BN_DEF(0x794DF194, 0x53CB8AF7), -+ BN_DEF(0x07C01BF0, 0x0A662F69), BN_DEF(0x5FA470EC, 0x6647B6BF), -+ BN_DEF(0x15A0AA55, 0xA5EA03D9), BN_DEF(0xFFAC2D62, 0x078EA2DB), -+ BN_DEF(0x1B66445F, 0x91D4BD3F), BN_DEF(0xDF63F479, 0x2CF3E4BF), -+ BN_DEF(0xC8058E4F, 0x5AD42018), BN_DEF(0xA34C0641, 0x6AAF3817), -+ BN_DEF(0x373A7F7B, 0xFA416BE7), BN_DEF(0xE8B90E81, 0x7819750A), -+ BN_DEF(0xE325C976, 0xACC1E500), BN_DEF(0x9BC6695F, 0x37DC7A00), -+ BN_DEF(0x95EBD7A1, 0x999028A8), BN_DEF(0xF36612A5, 0xEDBF8A23), -+ BN_DEF(0x676A5D8D, 0xA267365D), BN_DEF(0xE7CD8A76, 0x6D1F6DF5), -+ BN_DEF(0x432D448C, 0x8BCB93D8), BN_DEF(0xC813EC18, 0x583529F6), -+ BN_DEF(0xA09800D7, 0x72ED9C17), BN_DEF(0x56CF2987, 0xFC7FCA03), -+ BN_DEF(0x1EDD1BDE, 0x64BA8F3B), BN_DEF(0x3013236F, 0x60EA6E59), -+ BN_DEF(0x693E3813, 0x1B61FD5A), BN_DEF(0x9A014249, 0xA6FA1AE4), -+ BN_DEF(0x48536047, 0xC37FDBEE), BN_DEF(0x46C7EEE0, 0xC9DA754C), -+ BN_DEF(0xEAD82D54, 0x68034893), BN_DEF(0x10B8240E, 0xDC0DEEBB), -+ BN_DEF(0x67716BD7, 0x8FB094B8), BN_DEF(0x28ADF3F6, 0x119DD0C3), -+ BN_DEF(0xD04861D1, 0xCCD94B27), BN_DEF(0xA735E02E, 0x143E2CA3), -+ BN_DEF(0x0FDF6553, 0x97477E0A), BN_DEF(0x826F477C, 0x6DDDE16D), -+ BN_DEF(0x156A2674, 0x12C1F4E5), BN_DEF(0x5B0A85ED, 0x0D4A341A), -+ BN_DEF(0x357A711E, 0x4CE1938C), BN_DEF(0x5EDD2D93, 0xC438CD08), -+ BN_DEF(0x53C3F36B, 0x8D391E09), BN_DEF(0x54908400, 0x25C16890), -+ BN_DEF(0x707E8847, 0xA1EDADFE), BN_DEF(0x3A72D598, 0x047127D0), -+ BN_DEF(0x5D6CA371, 0x3B84C460), BN_DEF(0xBD30AEB6, 0x5DF08BAB), -+ BN_DEF(0x0BBD9006, 0x290F958C), BN_DEF(0x9F643532, 0x6C3B0139), -+ BN_DEF(0x6CC50432, 0xF897FD03), BN_DEF(0x0D697735, 0xE771E913), -+ BN_DEF(0x2512B0CE, 0x8F464A70), BN_DEF(0x6D8499EB, 0xD5FAD746), -+ BN_DEF(0xD370F263, 0xD9CB87C2), BN_DEF(0xAE83063E, 0x457538AB), -+ BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), -+ BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), -+ BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), -+ BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), -+ BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), -+ BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), -+ BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), -+ BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), -+ BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), -+ BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), -+ BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), -+ BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), -+ BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), -+ BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), -+ BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), -+ BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), -+ BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), - }; - --# elif BN_BITS2 == 32 -- -+/* DH parameters from RFC5114 */ - static const BN_ULONG dh1024_160_p[] = { -- 0x2E4A4371, 0xDF1FB2BC, 0x6D4DA708, 0xE68CFDA7, 0x365C1A65, 0x45BF37DF, -- 0x0DC8B4BD, 0xA151AF5F, 0xF55BCCC0, 0xFAA31A4F, 0xE5644738, 0x4EFFD6FA, -- 0x219A7372, 0x98488E9C, 0x90C4BD70, 0xACCBDD7D, 0xD49B83BF, 0x24975C3C, -- 0xA9061123, 0x13ECB4AE, 0x2EE652C0, 0x9838EF1E, 0x75A23D18, 0x6073E286, -- 0x52D23B61, 0x9A6A9DCA, 0xFB06A3C6, 0x52C99FBC, 0xAE5D54EC, 0xDE92DE5E, -- 0xA080E01D, 0xB10B8F96 -+ BN_DEF(0x2E4A4371, 0xDF1FB2BC), BN_DEF(0x6D4DA708, 0xE68CFDA7), -+ BN_DEF(0x365C1A65, 0x45BF37DF), BN_DEF(0x0DC8B4BD, 0xA151AF5F), -+ BN_DEF(0xF55BCCC0, 0xFAA31A4F), BN_DEF(0xE5644738, 0x4EFFD6FA), -+ BN_DEF(0x219A7372, 0x98488E9C), BN_DEF(0x90C4BD70, 0xACCBDD7D), -+ BN_DEF(0xD49B83BF, 0x24975C3C), BN_DEF(0xA9061123, 0x13ECB4AE), -+ BN_DEF(0x2EE652C0, 0x9838EF1E), BN_DEF(0x75A23D18, 0x6073E286), -+ BN_DEF(0x52D23B61, 0x9A6A9DCA), BN_DEF(0xFB06A3C6, 0x52C99FBC), -+ BN_DEF(0xAE5D54EC, 0xDE92DE5E), BN_DEF(0xA080E01D, 0xB10B8F96) - }; -- --static const BN_ULONG dh1024_160_g[] = { -- 0x22B3B2E5, 0x855E6EEB, 0xF97C2A24, 0x858F4DCE, 0x18D08BC8, 0x2D779D59, -- 0x8E73AFA3, 0xD662A4D1, 0x69B6A28A, 0x1DBF0A01, 0x7A091F53, 0xA6A24C08, -- 0x63F80A76, 0x909D0D22, 0xB9A92EE1, 0xD7FBD7D3, 0x9E2749F4, 0x5E91547F, -- 0xB01B886A, 0x160217B4, 0x5504F213, 0x777E690F, 0x5C41564B, 0x266FEA1E, -- 0x14266D31, 0xD6406CFF, 0x58AC507F, 0xF8104DD2, 0xEFB99905, 0x6765A442, -- 0xC3FD3412, 0xA4D1CBD5 --}; -- - static const BN_ULONG dh1024_160_q[] = { -- 0x49462353, 0x64B7CB9D, 0x8ABA4E7D, 0x81A8DF27, 0xF518AA87 -+ BN_DEF(0x49462353, 0x64B7CB9D), BN_DEF(0x8ABA4E7D, 0x81A8DF27), -+ (BN_ULONG)0xF518AA87 - }; -- --static const BN_ULONG dh2048_224_p[] = { -- 0x0C10E64F, 0x0AC4DFFE, 0x4E71B81C, 0xCF9DE538, 0xFFA31F71, 0x7EF363E2, -- 0x6B8E75B9, 0xE3FB73C1, 0x4BA80A29, 0xC9B53DCF, 0x16E79763, 0x23F10B0E, -- 0x13042E9B, 0xC52172E4, 0xC928B2B9, 0xBE60E69C, 0xB9E587E8, 0x80CD86A1, -- 0x98C641A4, 0x315D75E1, 0x44328387, 0xCDF93ACC, 0xDC0A486D, 0x15987D9A, -- 0x1FD5A074, 0x7310F712, 0xDE31EFDC, 0x278273C7, 0x415D9330, 0x1602E714, -- 0xBC8985DB, 0x81286130, 0x70918836, 0xB3BF8A31, 0xB9C49708, 0x6A00E0A0, -- 0x8BBC27BE, 0xC6BA0B2C, 0xED34DBF6, 0xC9F98D11, 0xB6C12207, 0x7AD5B7D0, -- 0x55B7394B, 0xD91E8FEF, 0xEFDA4DF8, 0x9037C9ED, 0xAD6AC212, 0x6D3F8152, -- 0x1274A0A6, 0x1DE6B85A, 0x309C180E, 0xEB3D688A, 0x7BA1DF15, 0xAF9A3C40, -- 0xF95A56DB, 0xE6FA141D, 0xB61D0A75, 0xB54B1597, 0x683B9FD1, 0xA20D64E5, -- 0x9559C51F, 0xD660FAA7, 0x9123A9D0, 0xAD107E1E -+static const BN_ULONG dh1024_160_g[] = { -+ BN_DEF(0x22B3B2E5, 0x855E6EEB), BN_DEF(0xF97C2A24, 0x858F4DCE), -+ BN_DEF(0x18D08BC8, 0x2D779D59), BN_DEF(0x8E73AFA3, 0xD662A4D1), -+ BN_DEF(0x69B6A28A, 0x1DBF0A01), BN_DEF(0x7A091F53, 0xA6A24C08), -+ BN_DEF(0x63F80A76, 0x909D0D22), BN_DEF(0xB9A92EE1, 0xD7FBD7D3), -+ BN_DEF(0x9E2749F4, 0x5E91547F), BN_DEF(0xB01B886A, 0x160217B4), -+ BN_DEF(0x5504F213, 0x777E690F), BN_DEF(0x5C41564B, 0x266FEA1E), -+ BN_DEF(0x14266D31, 0xD6406CFF), BN_DEF(0x58AC507F, 0xF8104DD2), -+ BN_DEF(0xEFB99905, 0x6765A442), BN_DEF(0xC3FD3412, 0xA4D1CBD5) - }; - --static const BN_ULONG dh2048_224_g[] = { -- 0x191F2BFA, 0x84B890D3, 0x2A7065B3, 0x81BC087F, 0xF6EC0179, 0x19C418E1, -- 0x71CFFF4C, 0x7B5A0F1C, 0x9B6AA4BD, 0xEDFE72FE, 0x94B30269, 0x81E1BCFE, -- 0x8D6C0191, 0x566AFBB4, 0x409D13CD, 0xB539CCE3, 0x5F2FF381, 0x6AA21E7F, -- 0x770589EF, 0xD9E263E4, 0xD19963DD, 0x10E183ED, 0x150B8EEB, 0xB70A8137, -- 0x28C8F8AC, 0x051AE3D4, 0x0C1AB15B, 0xBB77A86F, 0x16A330EF, 0x6E3025E3, -- 0xD6F83456, 0x19529A45, 0x118E98D1, 0xF180EB34, 0x50717CBE, 0xB5F6C6B2, -- 0xDA7460CD, 0x09939D54, 0x22EA1ED4, 0xE2471504, 0x521BC98A, 0xB8A762D0, -- 0x5AC1348B, 0xF4D02727, 0x1999024A, 0xC1766910, 0xA8D66AD7, 0xBE5E9001, -- 0x620A8652, 0xC57DB17C, 0x00C29F52, 0xAB739D77, 0xA70C4AFA, 0xDD921F01, -- 0x10B9A6F0, 0xA6824A4E, 0xCFE4FFE3, 0x74866A08, 0x89998CAF, 0x6CDEBE7B, -- 0x8FFDAC50, 0x9DF30B5C, 0x4F2D9AE3, 0xAC4032EF -+static const BN_ULONG dh2048_224_p[] = { -+ BN_DEF(0x0C10E64F, 0x0AC4DFFE), BN_DEF(0x4E71B81C, 0xCF9DE538), -+ BN_DEF(0xFFA31F71, 0x7EF363E2), BN_DEF(0x6B8E75B9, 0xE3FB73C1), -+ BN_DEF(0x4BA80A29, 0xC9B53DCF), BN_DEF(0x16E79763, 0x23F10B0E), -+ BN_DEF(0x13042E9B, 0xC52172E4), BN_DEF(0xC928B2B9, 0xBE60E69C), -+ BN_DEF(0xB9E587E8, 0x80CD86A1), BN_DEF(0x98C641A4, 0x315D75E1), -+ BN_DEF(0x44328387, 0xCDF93ACC), BN_DEF(0xDC0A486D, 0x15987D9A), -+ BN_DEF(0x1FD5A074, 0x7310F712), BN_DEF(0xDE31EFDC, 0x278273C7), -+ BN_DEF(0x415D9330, 0x1602E714), BN_DEF(0xBC8985DB, 0x81286130), -+ BN_DEF(0x70918836, 0xB3BF8A31), BN_DEF(0xB9C49708, 0x6A00E0A0), -+ BN_DEF(0x8BBC27BE, 0xC6BA0B2C), BN_DEF(0xED34DBF6, 0xC9F98D11), -+ BN_DEF(0xB6C12207, 0x7AD5B7D0), BN_DEF(0x55B7394B, 0xD91E8FEF), -+ BN_DEF(0xEFDA4DF8, 0x9037C9ED), BN_DEF(0xAD6AC212, 0x6D3F8152), -+ BN_DEF(0x1274A0A6, 0x1DE6B85A), BN_DEF(0x309C180E, 0xEB3D688A), -+ BN_DEF(0x7BA1DF15, 0xAF9A3C40), BN_DEF(0xF95A56DB, 0xE6FA141D), -+ BN_DEF(0xB61D0A75, 0xB54B1597), BN_DEF(0x683B9FD1, 0xA20D64E5), -+ BN_DEF(0x9559C51F, 0xD660FAA7), BN_DEF(0x9123A9D0, 0xAD107E1E) - }; -- - static const BN_ULONG dh2048_224_q[] = { -- 0xB36371EB, 0xBF389A99, 0x4738CEBC, 0x1F80535A, 0x99717710, 0xC58D93FE, -- 0x801C0D34 -+ BN_DEF(0xB36371EB, 0xBF389A99), BN_DEF(0x4738CEBC, 0x1F80535A), -+ BN_DEF(0x99717710, 0xC58D93FE), (BN_ULONG)0x801C0D34 - }; -- --static const BN_ULONG dh2048_256_p[] = { -- 0x1E1A1597, 0xDB094AE9, 0xD7EF09CA, 0x693877FA, 0x6E11715F, 0x6116D227, -- 0xC198AF12, 0xA4B54330, 0xD7014103, 0x75F26375, 0x54E710C3, 0xC3A3960A, -- 0xBD0BE621, 0xDED4010A, 0x89962856, 0xC0B857F6, 0x71506026, 0xB3CA3F79, -- 0xE6B486F6, 0x1CCACB83, 0x14056425, 0x67E144E5, 0xA41825D9, 0xF6A167B5, -- 0x96524D8E, 0x3AD83477, 0x51BFA4AB, 0xF13C6D9A, 0x35488A0E, 0x2D525267, -- 0xCAA6B790, 0xB63ACAE1, 0x81B23F76, 0x4FDB70C5, 0x12307F5C, 0xBC39A0BF, -- 0xB1E59BB8, 0xB941F54E, 0xD45F9088, 0x6C5BFC11, 0x4275BF7B, 0x22E0B1EF, -- 0x5B4758C0, 0x91F9E672, 0x6BCF67ED, 0x5A8A9D30, 0x97517ABD, 0x209E0C64, -- 0x830E9A7C, 0x3BF4296D, 0x34096FAA, 0x16C3D911, 0x61B2AA30, 0xFAF7DF45, -- 0xD61957D4, 0xE00DF8F1, 0x435E3B00, 0x5D2CEED4, 0x660DD0F2, 0x8CEEF608, -- 0x65195999, 0xFFBBD19C, 0xB4B6663C, 0x87A8E61D -+static const BN_ULONG dh2048_224_g[] = { -+ BN_DEF(0x191F2BFA, 0x84B890D3), BN_DEF(0x2A7065B3, 0x81BC087F), -+ BN_DEF(0xF6EC0179, 0x19C418E1), BN_DEF(0x71CFFF4C, 0x7B5A0F1C), -+ BN_DEF(0x9B6AA4BD, 0xEDFE72FE), BN_DEF(0x94B30269, 0x81E1BCFE), -+ BN_DEF(0x8D6C0191, 0x566AFBB4), BN_DEF(0x409D13CD, 0xB539CCE3), -+ BN_DEF(0x5F2FF381, 0x6AA21E7F), BN_DEF(0x770589EF, 0xD9E263E4), -+ BN_DEF(0xD19963DD, 0x10E183ED), BN_DEF(0x150B8EEB, 0xB70A8137), -+ BN_DEF(0x28C8F8AC, 0x051AE3D4), BN_DEF(0x0C1AB15B, 0xBB77A86F), -+ BN_DEF(0x16A330EF, 0x6E3025E3), BN_DEF(0xD6F83456, 0x19529A45), -+ BN_DEF(0x118E98D1, 0xF180EB34), BN_DEF(0x50717CBE, 0xB5F6C6B2), -+ BN_DEF(0xDA7460CD, 0x09939D54), BN_DEF(0x22EA1ED4, 0xE2471504), -+ BN_DEF(0x521BC98A, 0xB8A762D0), BN_DEF(0x5AC1348B, 0xF4D02727), -+ BN_DEF(0x1999024A, 0xC1766910), BN_DEF(0xA8D66AD7, 0xBE5E9001), -+ BN_DEF(0x620A8652, 0xC57DB17C), BN_DEF(0x00C29F52, 0xAB739D77), -+ BN_DEF(0xA70C4AFA, 0xDD921F01), BN_DEF(0x10B9A6F0, 0xA6824A4E), -+ BN_DEF(0xCFE4FFE3, 0x74866A08), BN_DEF(0x89998CAF, 0x6CDEBE7B), -+ BN_DEF(0x8FFDAC50, 0x9DF30B5C), BN_DEF(0x4F2D9AE3, 0xAC4032EF) - }; - --static const BN_ULONG dh2048_256_g[] = { -- 0x6CC41659, 0x664B4C0F, 0xEF98C582, 0x5E2327CF, 0xD4795451, 0xD647D148, -- 0x90F00EF8, 0x2F630784, 0x1DB246C3, 0x184B523D, 0xCDC67EB6, 0xC7891428, -- 0x0DF92B52, 0x7FD02837, 0x64E0EC37, 0xB3353BBB, 0x57CD0915, 0xECD06E15, -- 0xDF016199, 0xB7D2BBD2, 0x052588B9, 0xC8484B1E, 0x13D3FE14, 0xDB2A3B73, -- 0xD182EA0A, 0xD052B985, 0xE83B9C80, 0xA4BD1BFF, 0xFB3F2E55, 0xDFC967C1, -- 0x767164E1, 0xB5045AF2, 0x6F2F9193, 0x1D14348F, 0x428EBC83, 0x64E67982, -- 0x82D6ED38, 0x8AC376D2, 0xAAB8A862, 0x777DE62A, 0xE9EC144B, 0xDDF463E5, -- 0xC77A57F2, 0x0196F931, 0x41000A65, 0xA55AE313, 0xC28CBB18, 0x901228F8, -- 0x7E8C6F62, 0xBC3773BF, 0x0C6B47B1, 0xBE3A6C1B, 0xAC0BB555, 0xFF4FED4A, -- 0x77BE463F, 0x10DBC150, 0x1A0BA125, 0x07F4793A, 0x21EF2054, 0x4CA7B18F, -- 0x60EDBD48, 0x2E775066, 0x73134D0B, 0x3FB32C9B -+static const BN_ULONG dh2048_256_p[] = { -+ BN_DEF(0x1E1A1597, 0xDB094AE9), BN_DEF(0xD7EF09CA, 0x693877FA), -+ BN_DEF(0x6E11715F, 0x6116D227), BN_DEF(0xC198AF12, 0xA4B54330), -+ BN_DEF(0xD7014103, 0x75F26375), BN_DEF(0x54E710C3, 0xC3A3960A), -+ BN_DEF(0xBD0BE621, 0xDED4010A), BN_DEF(0x89962856, 0xC0B857F6), -+ BN_DEF(0x71506026, 0xB3CA3F79), BN_DEF(0xE6B486F6, 0x1CCACB83), -+ BN_DEF(0x14056425, 0x67E144E5), BN_DEF(0xA41825D9, 0xF6A167B5), -+ BN_DEF(0x96524D8E, 0x3AD83477), BN_DEF(0x51BFA4AB, 0xF13C6D9A), -+ BN_DEF(0x35488A0E, 0x2D525267), BN_DEF(0xCAA6B790, 0xB63ACAE1), -+ BN_DEF(0x81B23F76, 0x4FDB70C5), BN_DEF(0x12307F5C, 0xBC39A0BF), -+ BN_DEF(0xB1E59BB8, 0xB941F54E), BN_DEF(0xD45F9088, 0x6C5BFC11), -+ BN_DEF(0x4275BF7B, 0x22E0B1EF), BN_DEF(0x5B4758C0, 0x91F9E672), -+ BN_DEF(0x6BCF67ED, 0x5A8A9D30), BN_DEF(0x97517ABD, 0x209E0C64), -+ BN_DEF(0x830E9A7C, 0x3BF4296D), BN_DEF(0x34096FAA, 0x16C3D911), -+ BN_DEF(0x61B2AA30, 0xFAF7DF45), BN_DEF(0xD61957D4, 0xE00DF8F1), -+ BN_DEF(0x435E3B00, 0x5D2CEED4), BN_DEF(0x660DD0F2, 0x8CEEF608), -+ BN_DEF(0x65195999, 0xFFBBD19C), BN_DEF(0xB4B6663C, 0x87A8E61D) - }; -- - static const BN_ULONG dh2048_256_q[] = { -- 0x64F5FBD3, 0xA308B0FE, 0x1EB3750B, 0x99B1A47D, 0x40129DA2, 0xB4479976, -- 0xA709A097, 0x8CF83642 -+ BN_DEF(0x64F5FBD3, 0xA308B0FE), BN_DEF(0x1EB3750B, 0x99B1A47D), -+ BN_DEF(0x40129DA2, 0xB4479976), BN_DEF(0xA709A097, 0x8CF83642) -+}; -+static const BN_ULONG dh2048_256_g[] = { -+ BN_DEF(0x6CC41659, 0x664B4C0F), BN_DEF(0xEF98C582, 0x5E2327CF), -+ BN_DEF(0xD4795451, 0xD647D148), BN_DEF(0x90F00EF8, 0x2F630784), -+ BN_DEF(0x1DB246C3, 0x184B523D), BN_DEF(0xCDC67EB6, 0xC7891428), -+ BN_DEF(0x0DF92B52, 0x7FD02837), BN_DEF(0x64E0EC37, 0xB3353BBB), -+ BN_DEF(0x57CD0915, 0xECD06E15), BN_DEF(0xDF016199, 0xB7D2BBD2), -+ BN_DEF(0x052588B9, 0xC8484B1E), BN_DEF(0x13D3FE14, 0xDB2A3B73), -+ BN_DEF(0xD182EA0A, 0xD052B985), BN_DEF(0xE83B9C80, 0xA4BD1BFF), -+ BN_DEF(0xFB3F2E55, 0xDFC967C1), BN_DEF(0x767164E1, 0xB5045AF2), -+ BN_DEF(0x6F2F9193, 0x1D14348F), BN_DEF(0x428EBC83, 0x64E67982), -+ BN_DEF(0x82D6ED38, 0x8AC376D2), BN_DEF(0xAAB8A862, 0x777DE62A), -+ BN_DEF(0xE9EC144B, 0xDDF463E5), BN_DEF(0xC77A57F2, 0x0196F931), -+ BN_DEF(0x41000A65, 0xA55AE313), BN_DEF(0xC28CBB18, 0x901228F8), -+ BN_DEF(0x7E8C6F62, 0xBC3773BF), BN_DEF(0x0C6B47B1, 0xBE3A6C1B), -+ BN_DEF(0xAC0BB555, 0xFF4FED4A), BN_DEF(0x77BE463F, 0x10DBC150), -+ BN_DEF(0x1A0BA125, 0x07F4793A), BN_DEF(0x21EF2054, 0x4CA7B18F), -+ BN_DEF(0x60EDBD48, 0x2E775066), BN_DEF(0x73134D0B, 0x3FB32C9B) - }; - - /* Primes from RFC 7919 */ -- - static const BN_ULONG ffdhe2048_p[] = { -- 0xFFFFFFFF, 0xFFFFFFFF, 0x61285C97, 0x886B4238, 0xC1B2EFFA, 0xC6F34A26, -- 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, 0x4C6FAD73, 0xC3FE3B1B, -- 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, 0x28342F61, 0xC03404CD, -- 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, 0x6372BB19, 0xAE56EDE7, -- 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, 0xB2C8E3FB, 0xD108A94B, -- 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, 0x36ADE735, 0x1DF158A1, -- 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, 0x7F57C935, 0xB557135E, -- 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, 0xD5FD6561, 0xD3DF1ED5, -- 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, 0x249B3EF9, 0xCC939DCE, -- 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, 0x273D3CF1, 0xAFDC5620, -- 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x61285C97, 0x886B4238), -+ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), -+ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), -+ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), -+ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), -+ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), -+ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), -+ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), -+ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), -+ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), -+ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), -+ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), -+ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), -+ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), -+ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), -+ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG ffdhe2048_q[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x30942E4B, 0x4435A11C), -+ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), -+ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), -+ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), -+ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), -+ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), -+ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), -+ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), -+ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), -+ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), -+ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), -+ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), -+ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), -+ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), -+ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), -+ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), - }; - - static const BN_ULONG ffdhe3072_p[] = { -- 0xFFFFFFFF, 0xFFFFFFFF, 0x66C62E37, 0x25E41D2B, 0x3FD59D7C, 0x3C1B20EE, -- 0xFA53DDEF, 0x0ABCD06B, 0xD5C4484E, 0x1DBF9A42, 0x9B0DEADA, 0xABC52197, -- 0x22363A0D, 0xE86D2BC5, 0x9C9DF69E, 0x5CAE82AB, 0x71F54BFF, 0x64F2E21E, -- 0xE2D74DD3, 0xF4FD4452, 0xBC437944, 0xB4130C93, 0x85139270, 0xAEFE1309, -- 0xC186D91C, 0x598CB0FA, 0x91F7F7EE, 0x7AD91D26, 0xD6E6C907, 0x61B46FC9, -- 0xF99C0238, 0xBC34F4DE, 0x6519035B, 0xDE355B3B, 0x611FCFDC, 0x886B4238, -- 0xC1B2EFFA, 0xC6F34A26, 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, -- 0x4C6FAD73, 0xC3FE3B1B, 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, -- 0x28342F61, 0xC03404CD, 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, -- 0x6372BB19, 0xAE56EDE7, 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, -- 0xB2C8E3FB, 0xD108A94B, 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, -- 0x36ADE735, 0x1DF158A1, 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, -- 0x7F57C935, 0xB557135E, 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, -- 0xD5FD6561, 0xD3DF1ED5, 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, -- 0x249B3EF9, 0xCC939DCE, 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, -- 0x273D3CF1, 0xAFDC5620, 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x66C62E37, 0x25E41D2B), -+ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), -+ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), -+ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), -+ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), -+ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), -+ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), -+ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), -+ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), -+ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), -+ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), -+ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), -+ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), -+ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), -+ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), -+ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), -+ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), -+ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), -+ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), -+ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), -+ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), -+ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), -+ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), -+ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG ffdhe3072_q[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xB363171B, 0x12F20E95), -+ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), -+ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), -+ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), -+ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), -+ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), -+ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), -+ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), -+ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), -+ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), -+ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), -+ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), -+ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), -+ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), -+ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), -+ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), -+ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), -+ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), -+ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), -+ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), -+ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), -+ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), -+ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), -+ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), - }; - - static const BN_ULONG ffdhe4096_p[] = { -- 0xFFFFFFFF, 0xFFFFFFFF, 0x5E655F6A, 0xC68A007E, 0xF44182E1, 0x4DB5A851, -- 0x7F88A46B, 0x8EC9B55A, 0xCEC97DCF, 0x0A8291CD, 0xF98D0ACC, 0x2A4ECEA9, -- 0x7140003C, 0x1A1DB93D, 0x33CB8B7A, 0x092999A3, 0x71AD0038, 0x6DC778F9, -- 0x918130C4, 0xA907600A, 0x2D9E6832, 0xED6A1E01, 0xEFB4318A, 0x7135C886, -- 0x7E31CC7A, 0x87F55BA5, 0x55034004, 0x7763CF1D, 0xD69F6D18, 0xAC7D5F42, -- 0xE58857B6, 0x7930E9E4, 0x164DF4FB, 0x6E6F52C3, 0x669E1EF1, 0x25E41D2B, -- 0x3FD59D7C, 0x3C1B20EE, 0xFA53DDEF, 0x0ABCD06B, 0xD5C4484E, 0x1DBF9A42, -- 0x9B0DEADA, 0xABC52197, 0x22363A0D, 0xE86D2BC5, 0x9C9DF69E, 0x5CAE82AB, -- 0x71F54BFF, 0x64F2E21E, 0xE2D74DD3, 0xF4FD4452, 0xBC437944, 0xB4130C93, -- 0x85139270, 0xAEFE1309, 0xC186D91C, 0x598CB0FA, 0x91F7F7EE, 0x7AD91D26, -- 0xD6E6C907, 0x61B46FC9, 0xF99C0238, 0xBC34F4DE, 0x6519035B, 0xDE355B3B, -- 0x611FCFDC, 0x886B4238, 0xC1B2EFFA, 0xC6F34A26, 0x7D1683B2, 0xC58EF183, -- 0x2EC22005, 0x3BB5FCBC, 0x4C6FAD73, 0xC3FE3B1B, 0xEEF28183, 0x8E4F1232, -- 0xE98583FF, 0x9172FE9C, 0x28342F61, 0xC03404CD, 0xCDF7E2EC, 0x9E02FCE1, -- 0xEE0A6D70, 0x0B07A7C8, 0x6372BB19, 0xAE56EDE7, 0xDE394DF4, 0x1D4F42A3, -- 0x60D7F468, 0xB96ADAB7, 0xB2C8E3FB, 0xD108A94B, 0xB324FB61, 0xBC0AB182, -- 0x483A797A, 0x30ACCA4F, 0x36ADE735, 0x1DF158A1, 0xF3EFE872, 0xE2A689DA, -- 0xE0E68B77, 0x984F0C70, 0x7F57C935, 0xB557135E, 0x3DED1AF3, 0x85636555, -- 0x5F066ED0, 0x2433F51F, 0xD5FD6561, 0xD3DF1ED5, 0xAEC4617A, 0xF681B202, -- 0x630C75D8, 0x7D2FE363, 0x249B3EF9, 0xCC939DCE, 0x146433FB, 0xA9E13641, -- 0xCE2D3695, 0xD8B9C583, 0x273D3CF1, 0xAFDC5620, 0xA2BB4A9A, 0xADF85458, -- 0xFFFFFFFF, 0xFFFFFFFF -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x5E655F6A, 0xC68A007E), -+ BN_DEF(0xF44182E1, 0x4DB5A851), BN_DEF(0x7F88A46B, 0x8EC9B55A), -+ BN_DEF(0xCEC97DCF, 0x0A8291CD), BN_DEF(0xF98D0ACC, 0x2A4ECEA9), -+ BN_DEF(0x7140003C, 0x1A1DB93D), BN_DEF(0x33CB8B7A, 0x092999A3), -+ BN_DEF(0x71AD0038, 0x6DC778F9), BN_DEF(0x918130C4, 0xA907600A), -+ BN_DEF(0x2D9E6832, 0xED6A1E01), BN_DEF(0xEFB4318A, 0x7135C886), -+ BN_DEF(0x7E31CC7A, 0x87F55BA5), BN_DEF(0x55034004, 0x7763CF1D), -+ BN_DEF(0xD69F6D18, 0xAC7D5F42), BN_DEF(0xE58857B6, 0x7930E9E4), -+ BN_DEF(0x164DF4FB, 0x6E6F52C3), BN_DEF(0x669E1EF1, 0x25E41D2B), -+ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), -+ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), -+ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), -+ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), -+ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), -+ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), -+ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), -+ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), -+ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), -+ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), -+ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), -+ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), -+ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), -+ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), -+ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), -+ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), -+ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), -+ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), -+ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), -+ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), -+ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), -+ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), -+ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG ffdhe4096_q[] = { -+ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x2F32AFB5, 0xE345003F), -+ BN_DEF(0xFA20C170, 0xA6DAD428), BN_DEF(0x3FC45235, 0xC764DAAD), -+ BN_DEF(0xE764BEE7, 0x054148E6), BN_DEF(0xFCC68566, 0x15276754), -+ BN_DEF(0xB8A0001E, 0x0D0EDC9E), BN_DEF(0x99E5C5BD, 0x0494CCD1), -+ BN_DEF(0xB8D6801C, 0x36E3BC7C), BN_DEF(0x48C09862, 0x5483B005), -+ BN_DEF(0x96CF3419, 0x76B50F00), BN_DEF(0x77DA18C5, 0x389AE443), -+ BN_DEF(0xBF18E63D, 0x43FAADD2), BN_DEF(0xAA81A002, 0x3BB1E78E), -+ BN_DEF(0x6B4FB68C, 0x563EAFA1), BN_DEF(0x72C42BDB, 0xBC9874F2), -+ BN_DEF(0x8B26FA7D, 0xB737A961), BN_DEF(0xB34F0F78, 0x12F20E95), -+ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), -+ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), -+ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), -+ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), -+ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), -+ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), -+ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), -+ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), -+ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), -+ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), -+ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), -+ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), -+ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), -+ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), -+ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), -+ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), -+ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), -+ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), -+ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), -+ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), -+ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), -+ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), -+ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), - }; - - static const BN_ULONG ffdhe6144_p[] = { -- 0xFFFFFFFF, 0xFFFFFFFF, 0xD0E40E65, 0xA40E329C, 0x7938DAD4, 0xA41D570D, -- 0xD43161C1, 0x62A69526, 0x9ADB1E69, 0x3FDD4A8E, 0xDC6B80D6, 0x5B3B71F9, -- 0xC6272B04, 0xEC9D1810, 0xCACEF403, 0x8CCF2DD5, 0xC95B9117, 0xE49F5235, -- 0xB854338A, 0x505DC82D, 0x1562A846, 0x62292C31, 0x6AE77F5E, 0xD72B0374, -- 0x462D538C, 0xF9C9091B, 0x47A67CBE, 0x0AE8DB58, 0x22611682, 0xB3A739C1, -- 0x2A281BF6, 0xEEAAC023, 0x77CAF992, 0x94C6651E, 0x94B2BBC1, 0x763E4E4B, -- 0x0077D9B4, 0x587E38DA, 0x183023C3, 0x7FB29F8C, 0xF9E3A26E, 0x0ABEC1FF, -- 0x350511E3, 0xA00EF092, 0xDB6340D8, 0xB855322E, 0xA9A96910, 0xA52471F7, -- 0x4CFDB477, 0x388147FB, 0x4E46041F, 0x9B1F5C3E, 0xFCCFEC71, 0xCDAD0657, -- 0x4C701C3A, 0xB38E8C33, 0xB1C0FD4C, 0x917BDD64, 0x9B7624C8, 0x3BB45432, -- 0xCAF53EA6, 0x23BA4442, 0x38532A3A, 0x4E677D2C, 0x45036C7A, 0x0BFD64B6, -- 0x5E0DD902, 0xC68A007E, 0xF44182E1, 0x4DB5A851, 0x7F88A46B, 0x8EC9B55A, -- 0xCEC97DCF, 0x0A8291CD, 0xF98D0ACC, 0x2A4ECEA9, 0x7140003C, 0x1A1DB93D, -- 0x33CB8B7A, 0x092999A3, 0x71AD0038, 0x6DC778F9, 0x918130C4, 0xA907600A, -- 0x2D9E6832, 0xED6A1E01, 0xEFB4318A, 0x7135C886, 0x7E31CC7A, 0x87F55BA5, -- 0x55034004, 0x7763CF1D, 0xD69F6D18, 0xAC7D5F42, 0xE58857B6, 0x7930E9E4, -- 0x164DF4FB, 0x6E6F52C3, 0x669E1EF1, 0x25E41D2B, 0x3FD59D7C, 0x3C1B20EE, -- 0xFA53DDEF, 0x0ABCD06B, 0xD5C4484E, 0x1DBF9A42, 0x9B0DEADA, 0xABC52197, -- 0x22363A0D, 0xE86D2BC5, 0x9C9DF69E, 0x5CAE82AB, 0x71F54BFF, 0x64F2E21E, -- 0xE2D74DD3, 0xF4FD4452, 0xBC437944, 0xB4130C93, 0x85139270, 0xAEFE1309, -- 0xC186D91C, 0x598CB0FA, 0x91F7F7EE, 0x7AD91D26, 0xD6E6C907, 0x61B46FC9, -- 0xF99C0238, 0xBC34F4DE, 0x6519035B, 0xDE355B3B, 0x611FCFDC, 0x886B4238, -- 0xC1B2EFFA, 0xC6F34A26, 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, -- 0x4C6FAD73, 0xC3FE3B1B, 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, -- 0x28342F61, 0xC03404CD, 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, -- 0x6372BB19, 0xAE56EDE7, 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, -- 0xB2C8E3FB, 0xD108A94B, 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, -- 0x36ADE735, 0x1DF158A1, 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, -- 0x7F57C935, 0xB557135E, 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, -- 0xD5FD6561, 0xD3DF1ED5, 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, -- 0x249B3EF9, 0xCC939DCE, 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, -- 0x273D3CF1, 0xAFDC5620, 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xD0E40E65, 0xA40E329C), -+ BN_DEF(0x7938DAD4, 0xA41D570D), BN_DEF(0xD43161C1, 0x62A69526), -+ BN_DEF(0x9ADB1E69, 0x3FDD4A8E), BN_DEF(0xDC6B80D6, 0x5B3B71F9), -+ BN_DEF(0xC6272B04, 0xEC9D1810), BN_DEF(0xCACEF403, 0x8CCF2DD5), -+ BN_DEF(0xC95B9117, 0xE49F5235), BN_DEF(0xB854338A, 0x505DC82D), -+ BN_DEF(0x1562A846, 0x62292C31), BN_DEF(0x6AE77F5E, 0xD72B0374), -+ BN_DEF(0x462D538C, 0xF9C9091B), BN_DEF(0x47A67CBE, 0x0AE8DB58), -+ BN_DEF(0x22611682, 0xB3A739C1), BN_DEF(0x2A281BF6, 0xEEAAC023), -+ BN_DEF(0x77CAF992, 0x94C6651E), BN_DEF(0x94B2BBC1, 0x763E4E4B), -+ BN_DEF(0x0077D9B4, 0x587E38DA), BN_DEF(0x183023C3, 0x7FB29F8C), -+ BN_DEF(0xF9E3A26E, 0x0ABEC1FF), BN_DEF(0x350511E3, 0xA00EF092), -+ BN_DEF(0xDB6340D8, 0xB855322E), BN_DEF(0xA9A96910, 0xA52471F7), -+ BN_DEF(0x4CFDB477, 0x388147FB), BN_DEF(0x4E46041F, 0x9B1F5C3E), -+ BN_DEF(0xFCCFEC71, 0xCDAD0657), BN_DEF(0x4C701C3A, 0xB38E8C33), -+ BN_DEF(0xB1C0FD4C, 0x917BDD64), BN_DEF(0x9B7624C8, 0x3BB45432), -+ BN_DEF(0xCAF53EA6, 0x23BA4442), BN_DEF(0x38532A3A, 0x4E677D2C), -+ BN_DEF(0x45036C7A, 0x0BFD64B6), BN_DEF(0x5E0DD902, 0xC68A007E), -+ BN_DEF(0xF44182E1, 0x4DB5A851), BN_DEF(0x7F88A46B, 0x8EC9B55A), -+ BN_DEF(0xCEC97DCF, 0x0A8291CD), BN_DEF(0xF98D0ACC, 0x2A4ECEA9), -+ BN_DEF(0x7140003C, 0x1A1DB93D), BN_DEF(0x33CB8B7A, 0x092999A3), -+ BN_DEF(0x71AD0038, 0x6DC778F9), BN_DEF(0x918130C4, 0xA907600A), -+ BN_DEF(0x2D9E6832, 0xED6A1E01), BN_DEF(0xEFB4318A, 0x7135C886), -+ BN_DEF(0x7E31CC7A, 0x87F55BA5), BN_DEF(0x55034004, 0x7763CF1D), -+ BN_DEF(0xD69F6D18, 0xAC7D5F42), BN_DEF(0xE58857B6, 0x7930E9E4), -+ BN_DEF(0x164DF4FB, 0x6E6F52C3), BN_DEF(0x669E1EF1, 0x25E41D2B), -+ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), -+ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), -+ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), -+ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), -+ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), -+ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), -+ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), -+ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), -+ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), -+ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), -+ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), -+ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), -+ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), -+ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), -+ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), -+ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), -+ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), -+ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), -+ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), -+ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), -+ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), -+ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), -+ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG ffdhe6144_q[] = { -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0x68720732, 0x5207194E), -+ BN_DEF(0xBC9C6D6A, 0xD20EAB86), BN_DEF(0x6A18B0E0, 0xB1534A93), -+ BN_DEF(0x4D6D8F34, 0x1FEEA547), BN_DEF(0xEE35C06B, 0x2D9DB8FC), -+ BN_DEF(0x63139582, 0xF64E8C08), BN_DEF(0xE5677A01, 0xC66796EA), -+ BN_DEF(0xE4ADC88B, 0x724FA91A), BN_DEF(0xDC2A19C5, 0x282EE416), -+ BN_DEF(0x8AB15423, 0x31149618), BN_DEF(0x3573BFAF, 0x6B9581BA), -+ BN_DEF(0xA316A9C6, 0x7CE4848D), BN_DEF(0x23D33E5F, 0x05746DAC), -+ BN_DEF(0x91308B41, 0x59D39CE0), BN_DEF(0x95140DFB, 0x77556011), -+ BN_DEF(0x3BE57CC9, 0xCA63328F), BN_DEF(0xCA595DE0, 0x3B1F2725), -+ BN_DEF(0x003BECDA, 0xAC3F1C6D), BN_DEF(0x0C1811E1, 0x3FD94FC6), -+ BN_DEF(0xFCF1D137, 0x855F60FF), BN_DEF(0x1A8288F1, 0x50077849), -+ BN_DEF(0x6DB1A06C, 0x5C2A9917), BN_DEF(0xD4D4B488, 0xD29238FB), -+ BN_DEF(0xA67EDA3B, 0x9C40A3FD), BN_DEF(0x2723020F, 0xCD8FAE1F), -+ BN_DEF(0xFE67F638, 0x66D6832B), BN_DEF(0xA6380E1D, 0x59C74619), -+ BN_DEF(0x58E07EA6, 0x48BDEEB2), BN_DEF(0x4DBB1264, 0x1DDA2A19), -+ BN_DEF(0x657A9F53, 0x11DD2221), BN_DEF(0x1C29951D, 0x2733BE96), -+ BN_DEF(0x2281B63D, 0x05FEB25B), BN_DEF(0x2F06EC81, 0xE345003F), -+ BN_DEF(0xFA20C170, 0xA6DAD428), BN_DEF(0x3FC45235, 0xC764DAAD), -+ BN_DEF(0xE764BEE7, 0x054148E6), BN_DEF(0xFCC68566, 0x15276754), -+ BN_DEF(0xB8A0001E, 0x0D0EDC9E), BN_DEF(0x99E5C5BD, 0x0494CCD1), -+ BN_DEF(0xB8D6801C, 0x36E3BC7C), BN_DEF(0x48C09862, 0x5483B005), -+ BN_DEF(0x96CF3419, 0x76B50F00), BN_DEF(0x77DA18C5, 0x389AE443), -+ BN_DEF(0xBF18E63D, 0x43FAADD2), BN_DEF(0xAA81A002, 0x3BB1E78E), -+ BN_DEF(0x6B4FB68C, 0x563EAFA1), BN_DEF(0x72C42BDB, 0xBC9874F2), -+ BN_DEF(0x8B26FA7D, 0xB737A961), BN_DEF(0xB34F0F78, 0x12F20E95), -+ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), -+ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), -+ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), -+ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), -+ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), -+ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), -+ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), -+ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), -+ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), -+ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), -+ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), -+ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), -+ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), -+ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), -+ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), -+ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), -+ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), -+ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), -+ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), -+ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), -+ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), -+ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), -+ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), - }; - - static const BN_ULONG ffdhe8192_p[] = { -- 0xFFFFFFFF, 0xFFFFFFFF, 0xC5C6424C, 0xD68C8BB7, 0x838FF88C, 0x011E2A94, -- 0xA9F4614E, 0x0822E506, 0xF7A8443D, 0x97D11D49, 0x30677F0D, 0xA6BBFDE5, -- 0xC1FE86FE, 0x2F741EF8, 0x5D71A87E, 0xFAFABE1C, 0xFBE58A30, 0xDED2FBAB, -- 0x72B0A66E, 0xB6855DFE, 0xBA8A4FE8, 0x1EFC8CE0, 0x3F2FA457, 0x83F81D4A, -- 0xA577E231, 0xA1FE3075, 0x88D9C0A0, 0xD5B80194, 0xAD9A95F9, 0x624816CD, -- 0x50C1217B, 0x99E9E316, 0x0E423CFC, 0x51AA691E, 0x3826E52C, 0x1C217E6C, -- 0x09703FEE, 0x51A8A931, 0x6A460E74, 0xBB709987, 0x9C86B022, 0x541FC68C, -- 0x46FD8251, 0x59160CC0, 0x35C35F5C, 0x2846C0BA, 0x8B758282, 0x54504AC7, -- 0xD2AF05E4, 0x29388839, 0xC01BD702, 0xCB2C0F1C, 0x7C932665, 0x555B2F74, -- 0xA3AB8829, 0x86B63142, 0xF64B10EF, 0x0B8CC3BD, 0xEDD1CC5E, 0x687FEB69, -- 0xC9509D43, 0xFDB23FCE, 0xD951AE64, 0x1E425A31, 0xF600C838, 0x36AD004C, -- 0xCFF46AAA, 0xA40E329C, 0x7938DAD4, 0xA41D570D, 0xD43161C1, 0x62A69526, -- 0x9ADB1E69, 0x3FDD4A8E, 0xDC6B80D6, 0x5B3B71F9, 0xC6272B04, 0xEC9D1810, -- 0xCACEF403, 0x8CCF2DD5, 0xC95B9117, 0xE49F5235, 0xB854338A, 0x505DC82D, -- 0x1562A846, 0x62292C31, 0x6AE77F5E, 0xD72B0374, 0x462D538C, 0xF9C9091B, -- 0x47A67CBE, 0x0AE8DB58, 0x22611682, 0xB3A739C1, 0x2A281BF6, 0xEEAAC023, -- 0x77CAF992, 0x94C6651E, 0x94B2BBC1, 0x763E4E4B, 0x0077D9B4, 0x587E38DA, -- 0x183023C3, 0x7FB29F8C, 0xF9E3A26E, 0x0ABEC1FF, 0x350511E3, 0xA00EF092, -- 0xDB6340D8, 0xB855322E, 0xA9A96910, 0xA52471F7, 0x4CFDB477, 0x388147FB, -- 0x4E46041F, 0x9B1F5C3E, 0xFCCFEC71, 0xCDAD0657, 0x4C701C3A, 0xB38E8C33, -- 0xB1C0FD4C, 0x917BDD64, 0x9B7624C8, 0x3BB45432, 0xCAF53EA6, 0x23BA4442, -- 0x38532A3A, 0x4E677D2C, 0x45036C7A, 0x0BFD64B6, 0x5E0DD902, 0xC68A007E, -- 0xF44182E1, 0x4DB5A851, 0x7F88A46B, 0x8EC9B55A, 0xCEC97DCF, 0x0A8291CD, -- 0xF98D0ACC, 0x2A4ECEA9, 0x7140003C, 0x1A1DB93D, 0x33CB8B7A, 0x092999A3, -- 0x71AD0038, 0x6DC778F9, 0x918130C4, 0xA907600A, 0x2D9E6832, 0xED6A1E01, -- 0xEFB4318A, 0x7135C886, 0x7E31CC7A, 0x87F55BA5, 0x55034004, 0x7763CF1D, -- 0xD69F6D18, 0xAC7D5F42, 0xE58857B6, 0x7930E9E4, 0x164DF4FB, 0x6E6F52C3, -- 0x669E1EF1, 0x25E41D2B, 0x3FD59D7C, 0x3C1B20EE, 0xFA53DDEF, 0x0ABCD06B, -- 0xD5C4484E, 0x1DBF9A42, 0x9B0DEADA, 0xABC52197, 0x22363A0D, 0xE86D2BC5, -- 0x9C9DF69E, 0x5CAE82AB, 0x71F54BFF, 0x64F2E21E, 0xE2D74DD3, 0xF4FD4452, -- 0xBC437944, 0xB4130C93, 0x85139270, 0xAEFE1309, 0xC186D91C, 0x598CB0FA, -- 0x91F7F7EE, 0x7AD91D26, 0xD6E6C907, 0x61B46FC9, 0xF99C0238, 0xBC34F4DE, -- 0x6519035B, 0xDE355B3B, 0x611FCFDC, 0x886B4238, 0xC1B2EFFA, 0xC6F34A26, -- 0x7D1683B2, 0xC58EF183, 0x2EC22005, 0x3BB5FCBC, 0x4C6FAD73, 0xC3FE3B1B, -- 0xEEF28183, 0x8E4F1232, 0xE98583FF, 0x9172FE9C, 0x28342F61, 0xC03404CD, -- 0xCDF7E2EC, 0x9E02FCE1, 0xEE0A6D70, 0x0B07A7C8, 0x6372BB19, 0xAE56EDE7, -- 0xDE394DF4, 0x1D4F42A3, 0x60D7F468, 0xB96ADAB7, 0xB2C8E3FB, 0xD108A94B, -- 0xB324FB61, 0xBC0AB182, 0x483A797A, 0x30ACCA4F, 0x36ADE735, 0x1DF158A1, -- 0xF3EFE872, 0xE2A689DA, 0xE0E68B77, 0x984F0C70, 0x7F57C935, 0xB557135E, -- 0x3DED1AF3, 0x85636555, 0x5F066ED0, 0x2433F51F, 0xD5FD6561, 0xD3DF1ED5, -- 0xAEC4617A, 0xF681B202, 0x630C75D8, 0x7D2FE363, 0x249B3EF9, 0xCC939DCE, -- 0x146433FB, 0xA9E13641, 0xCE2D3695, 0xD8B9C583, 0x273D3CF1, 0xAFDC5620, -- 0xA2BB4A9A, 0xADF85458, 0xFFFFFFFF, 0xFFFFFFFF -+ BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xC5C6424C, 0xD68C8BB7), -+ BN_DEF(0x838FF88C, 0x011E2A94), BN_DEF(0xA9F4614E, 0x0822E506), -+ BN_DEF(0xF7A8443D, 0x97D11D49), BN_DEF(0x30677F0D, 0xA6BBFDE5), -+ BN_DEF(0xC1FE86FE, 0x2F741EF8), BN_DEF(0x5D71A87E, 0xFAFABE1C), -+ BN_DEF(0xFBE58A30, 0xDED2FBAB), BN_DEF(0x72B0A66E, 0xB6855DFE), -+ BN_DEF(0xBA8A4FE8, 0x1EFC8CE0), BN_DEF(0x3F2FA457, 0x83F81D4A), -+ BN_DEF(0xA577E231, 0xA1FE3075), BN_DEF(0x88D9C0A0, 0xD5B80194), -+ BN_DEF(0xAD9A95F9, 0x624816CD), BN_DEF(0x50C1217B, 0x99E9E316), -+ BN_DEF(0x0E423CFC, 0x51AA691E), BN_DEF(0x3826E52C, 0x1C217E6C), -+ BN_DEF(0x09703FEE, 0x51A8A931), BN_DEF(0x6A460E74, 0xBB709987), -+ BN_DEF(0x9C86B022, 0x541FC68C), BN_DEF(0x46FD8251, 0x59160CC0), -+ BN_DEF(0x35C35F5C, 0x2846C0BA), BN_DEF(0x8B758282, 0x54504AC7), -+ BN_DEF(0xD2AF05E4, 0x29388839), BN_DEF(0xC01BD702, 0xCB2C0F1C), -+ BN_DEF(0x7C932665, 0x555B2F74), BN_DEF(0xA3AB8829, 0x86B63142), -+ BN_DEF(0xF64B10EF, 0x0B8CC3BD), BN_DEF(0xEDD1CC5E, 0x687FEB69), -+ BN_DEF(0xC9509D43, 0xFDB23FCE), BN_DEF(0xD951AE64, 0x1E425A31), -+ BN_DEF(0xF600C838, 0x36AD004C), BN_DEF(0xCFF46AAA, 0xA40E329C), -+ BN_DEF(0x7938DAD4, 0xA41D570D), BN_DEF(0xD43161C1, 0x62A69526), -+ BN_DEF(0x9ADB1E69, 0x3FDD4A8E), BN_DEF(0xDC6B80D6, 0x5B3B71F9), -+ BN_DEF(0xC6272B04, 0xEC9D1810), BN_DEF(0xCACEF403, 0x8CCF2DD5), -+ BN_DEF(0xC95B9117, 0xE49F5235), BN_DEF(0xB854338A, 0x505DC82D), -+ BN_DEF(0x1562A846, 0x62292C31), BN_DEF(0x6AE77F5E, 0xD72B0374), -+ BN_DEF(0x462D538C, 0xF9C9091B), BN_DEF(0x47A67CBE, 0x0AE8DB58), -+ BN_DEF(0x22611682, 0xB3A739C1), BN_DEF(0x2A281BF6, 0xEEAAC023), -+ BN_DEF(0x77CAF992, 0x94C6651E), BN_DEF(0x94B2BBC1, 0x763E4E4B), -+ BN_DEF(0x0077D9B4, 0x587E38DA), BN_DEF(0x183023C3, 0x7FB29F8C), -+ BN_DEF(0xF9E3A26E, 0x0ABEC1FF), BN_DEF(0x350511E3, 0xA00EF092), -+ BN_DEF(0xDB6340D8, 0xB855322E), BN_DEF(0xA9A96910, 0xA52471F7), -+ BN_DEF(0x4CFDB477, 0x388147FB), BN_DEF(0x4E46041F, 0x9B1F5C3E), -+ BN_DEF(0xFCCFEC71, 0xCDAD0657), BN_DEF(0x4C701C3A, 0xB38E8C33), -+ BN_DEF(0xB1C0FD4C, 0x917BDD64), BN_DEF(0x9B7624C8, 0x3BB45432), -+ BN_DEF(0xCAF53EA6, 0x23BA4442), BN_DEF(0x38532A3A, 0x4E677D2C), -+ BN_DEF(0x45036C7A, 0x0BFD64B6), BN_DEF(0x5E0DD902, 0xC68A007E), -+ BN_DEF(0xF44182E1, 0x4DB5A851), BN_DEF(0x7F88A46B, 0x8EC9B55A), -+ BN_DEF(0xCEC97DCF, 0x0A8291CD), BN_DEF(0xF98D0ACC, 0x2A4ECEA9), -+ BN_DEF(0x7140003C, 0x1A1DB93D), BN_DEF(0x33CB8B7A, 0x092999A3), -+ BN_DEF(0x71AD0038, 0x6DC778F9), BN_DEF(0x918130C4, 0xA907600A), -+ BN_DEF(0x2D9E6832, 0xED6A1E01), BN_DEF(0xEFB4318A, 0x7135C886), -+ BN_DEF(0x7E31CC7A, 0x87F55BA5), BN_DEF(0x55034004, 0x7763CF1D), -+ BN_DEF(0xD69F6D18, 0xAC7D5F42), BN_DEF(0xE58857B6, 0x7930E9E4), -+ BN_DEF(0x164DF4FB, 0x6E6F52C3), BN_DEF(0x669E1EF1, 0x25E41D2B), -+ BN_DEF(0x3FD59D7C, 0x3C1B20EE), BN_DEF(0xFA53DDEF, 0x0ABCD06B), -+ BN_DEF(0xD5C4484E, 0x1DBF9A42), BN_DEF(0x9B0DEADA, 0xABC52197), -+ BN_DEF(0x22363A0D, 0xE86D2BC5), BN_DEF(0x9C9DF69E, 0x5CAE82AB), -+ BN_DEF(0x71F54BFF, 0x64F2E21E), BN_DEF(0xE2D74DD3, 0xF4FD4452), -+ BN_DEF(0xBC437944, 0xB4130C93), BN_DEF(0x85139270, 0xAEFE1309), -+ BN_DEF(0xC186D91C, 0x598CB0FA), BN_DEF(0x91F7F7EE, 0x7AD91D26), -+ BN_DEF(0xD6E6C907, 0x61B46FC9), BN_DEF(0xF99C0238, 0xBC34F4DE), -+ BN_DEF(0x6519035B, 0xDE355B3B), BN_DEF(0x611FCFDC, 0x886B4238), -+ BN_DEF(0xC1B2EFFA, 0xC6F34A26), BN_DEF(0x7D1683B2, 0xC58EF183), -+ BN_DEF(0x2EC22005, 0x3BB5FCBC), BN_DEF(0x4C6FAD73, 0xC3FE3B1B), -+ BN_DEF(0xEEF28183, 0x8E4F1232), BN_DEF(0xE98583FF, 0x9172FE9C), -+ BN_DEF(0x28342F61, 0xC03404CD), BN_DEF(0xCDF7E2EC, 0x9E02FCE1), -+ BN_DEF(0xEE0A6D70, 0x0B07A7C8), BN_DEF(0x6372BB19, 0xAE56EDE7), -+ BN_DEF(0xDE394DF4, 0x1D4F42A3), BN_DEF(0x60D7F468, 0xB96ADAB7), -+ BN_DEF(0xB2C8E3FB, 0xD108A94B), BN_DEF(0xB324FB61, 0xBC0AB182), -+ BN_DEF(0x483A797A, 0x30ACCA4F), BN_DEF(0x36ADE735, 0x1DF158A1), -+ BN_DEF(0xF3EFE872, 0xE2A689DA), BN_DEF(0xE0E68B77, 0x984F0C70), -+ BN_DEF(0x7F57C935, 0xB557135E), BN_DEF(0x3DED1AF3, 0x85636555), -+ BN_DEF(0x5F066ED0, 0x2433F51F), BN_DEF(0xD5FD6561, 0xD3DF1ED5), -+ BN_DEF(0xAEC4617A, 0xF681B202), BN_DEF(0x630C75D8, 0x7D2FE363), -+ BN_DEF(0x249B3EF9, 0xCC939DCE), BN_DEF(0x146433FB, 0xA9E13641), -+ BN_DEF(0xCE2D3695, 0xD8B9C583), BN_DEF(0x273D3CF1, 0xAFDC5620), -+ BN_DEF(0xA2BB4A9A, 0xADF85458), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) -+}; -+/* q = (p - 1) / 2 */ -+static const BN_ULONG ffdhe8192_q[] = { -+ BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0xE2E32126, 0x6B4645DB), -+ BN_DEF(0x41C7FC46, 0x008F154A), BN_DEF(0x54FA30A7, 0x84117283), -+ BN_DEF(0xFBD4221E, 0xCBE88EA4), BN_DEF(0x9833BF86, 0x535DFEF2), -+ BN_DEF(0x60FF437F, 0x17BA0F7C), BN_DEF(0x2EB8D43F, 0x7D7D5F0E), -+ BN_DEF(0xFDF2C518, 0x6F697DD5), BN_DEF(0x39585337, 0x5B42AEFF), -+ BN_DEF(0x5D4527F4, 0x8F7E4670), BN_DEF(0x1F97D22B, 0xC1FC0EA5), -+ BN_DEF(0xD2BBF118, 0x50FF183A), BN_DEF(0x446CE050, 0xEADC00CA), -+ BN_DEF(0xD6CD4AFC, 0xB1240B66), BN_DEF(0x286090BD, 0x4CF4F18B), -+ BN_DEF(0x07211E7E, 0x28D5348F), BN_DEF(0x1C137296, 0x0E10BF36), -+ BN_DEF(0x84B81FF7, 0x28D45498), BN_DEF(0xB523073A, 0x5DB84CC3), -+ BN_DEF(0x4E435811, 0xAA0FE346), BN_DEF(0x237EC128, 0x2C8B0660), -+ BN_DEF(0x1AE1AFAE, 0x1423605D), BN_DEF(0xC5BAC141, 0x2A282563), -+ BN_DEF(0xE95782F2, 0x149C441C), BN_DEF(0x600DEB81, 0xE596078E), -+ BN_DEF(0x3E499332, 0xAAAD97BA), BN_DEF(0x51D5C414, 0xC35B18A1), -+ BN_DEF(0xFB258877, 0x05C661DE), BN_DEF(0xF6E8E62F, 0xB43FF5B4), -+ BN_DEF(0x64A84EA1, 0x7ED91FE7), BN_DEF(0xECA8D732, 0x0F212D18), -+ BN_DEF(0x7B00641C, 0x1B568026), BN_DEF(0x67FA3555, 0x5207194E), -+ BN_DEF(0xBC9C6D6A, 0xD20EAB86), BN_DEF(0x6A18B0E0, 0xB1534A93), -+ BN_DEF(0x4D6D8F34, 0x1FEEA547), BN_DEF(0xEE35C06B, 0x2D9DB8FC), -+ BN_DEF(0x63139582, 0xF64E8C08), BN_DEF(0xE5677A01, 0xC66796EA), -+ BN_DEF(0xE4ADC88B, 0x724FA91A), BN_DEF(0xDC2A19C5, 0x282EE416), -+ BN_DEF(0x8AB15423, 0x31149618), BN_DEF(0x3573BFAF, 0x6B9581BA), -+ BN_DEF(0xA316A9C6, 0x7CE4848D), BN_DEF(0x23D33E5F, 0x05746DAC), -+ BN_DEF(0x91308B41, 0x59D39CE0), BN_DEF(0x95140DFB, 0x77556011), -+ BN_DEF(0x3BE57CC9, 0xCA63328F), BN_DEF(0xCA595DE0, 0x3B1F2725), -+ BN_DEF(0x003BECDA, 0xAC3F1C6D), BN_DEF(0x0C1811E1, 0x3FD94FC6), -+ BN_DEF(0xFCF1D137, 0x855F60FF), BN_DEF(0x1A8288F1, 0x50077849), -+ BN_DEF(0x6DB1A06C, 0x5C2A9917), BN_DEF(0xD4D4B488, 0xD29238FB), -+ BN_DEF(0xA67EDA3B, 0x9C40A3FD), BN_DEF(0x2723020F, 0xCD8FAE1F), -+ BN_DEF(0xFE67F638, 0x66D6832B), BN_DEF(0xA6380E1D, 0x59C74619), -+ BN_DEF(0x58E07EA6, 0x48BDEEB2), BN_DEF(0x4DBB1264, 0x1DDA2A19), -+ BN_DEF(0x657A9F53, 0x11DD2221), BN_DEF(0x1C29951D, 0x2733BE96), -+ BN_DEF(0x2281B63D, 0x05FEB25B), BN_DEF(0x2F06EC81, 0xE345003F), -+ BN_DEF(0xFA20C170, 0xA6DAD428), BN_DEF(0x3FC45235, 0xC764DAAD), -+ BN_DEF(0xE764BEE7, 0x054148E6), BN_DEF(0xFCC68566, 0x15276754), -+ BN_DEF(0xB8A0001E, 0x0D0EDC9E), BN_DEF(0x99E5C5BD, 0x0494CCD1), -+ BN_DEF(0xB8D6801C, 0x36E3BC7C), BN_DEF(0x48C09862, 0x5483B005), -+ BN_DEF(0x96CF3419, 0x76B50F00), BN_DEF(0x77DA18C5, 0x389AE443), -+ BN_DEF(0xBF18E63D, 0x43FAADD2), BN_DEF(0xAA81A002, 0x3BB1E78E), -+ BN_DEF(0x6B4FB68C, 0x563EAFA1), BN_DEF(0x72C42BDB, 0xBC9874F2), -+ BN_DEF(0x8B26FA7D, 0xB737A961), BN_DEF(0xB34F0F78, 0x12F20E95), -+ BN_DEF(0x1FEACEBE, 0x9E0D9077), BN_DEF(0xFD29EEF7, 0x055E6835), -+ BN_DEF(0x6AE22427, 0x0EDFCD21), BN_DEF(0xCD86F56D, 0xD5E290CB), -+ BN_DEF(0x911B1D06, 0x743695E2), BN_DEF(0xCE4EFB4F, 0xAE574155), -+ BN_DEF(0x38FAA5FF, 0xB279710F), BN_DEF(0x716BA6E9, 0x7A7EA229), -+ BN_DEF(0xDE21BCA2, 0x5A098649), BN_DEF(0xC289C938, 0x577F0984), -+ BN_DEF(0x60C36C8E, 0x2CC6587D), BN_DEF(0x48FBFBF7, 0xBD6C8E93), -+ BN_DEF(0xEB736483, 0x30DA37E4), BN_DEF(0x7CCE011C, 0xDE1A7A6F), -+ BN_DEF(0xB28C81AD, 0x6F1AAD9D), BN_DEF(0x308FE7EE, 0x4435A11C), -+ BN_DEF(0x60D977FD, 0x6379A513), BN_DEF(0xBE8B41D9, 0xE2C778C1), -+ BN_DEF(0x17611002, 0x9DDAFE5E), BN_DEF(0xA637D6B9, 0xE1FF1D8D), -+ BN_DEF(0x777940C1, 0xC7278919), BN_DEF(0x74C2C1FF, 0xC8B97F4E), -+ BN_DEF(0x941A17B0, 0x601A0266), BN_DEF(0xE6FBF176, 0x4F017E70), -+ BN_DEF(0x770536B8, 0x8583D3E4), BN_DEF(0xB1B95D8C, 0x572B76F3), -+ BN_DEF(0xEF1CA6FA, 0x0EA7A151), BN_DEF(0xB06BFA34, 0xDCB56D5B), -+ BN_DEF(0xD96471FD, 0xE88454A5), BN_DEF(0x59927DB0, 0x5E0558C1), -+ BN_DEF(0xA41D3CBD, 0x98566527), BN_DEF(0x9B56F39A, 0x0EF8AC50), -+ BN_DEF(0x79F7F439, 0xF15344ED), BN_DEF(0x707345BB, 0xCC278638), -+ BN_DEF(0x3FABE49A, 0xDAAB89AF), BN_DEF(0x9EF68D79, 0x42B1B2AA), -+ BN_DEF(0xAF833768, 0x9219FA8F), BN_DEF(0xEAFEB2B0, 0x69EF8F6A), -+ BN_DEF(0x576230BD, 0x7B40D901), BN_DEF(0xB1863AEC, 0xBE97F1B1), -+ BN_DEF(0x124D9F7C, 0xE649CEE7), BN_DEF(0x8A3219FD, 0xD4F09B20), -+ BN_DEF(0xE7169B4A, 0xEC5CE2C1), BN_DEF(0x139E9E78, 0x57EE2B10), -+ BN_DEF(0x515DA54D, 0xD6FC2A2C), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), - }; - --# else --# error "unsupported BN_BITS2" --# endif -- - /* Macro to make a BIGNUM from static data */ - - # define make_dh_bn(x) extern const BIGNUM _bignum_##x; \ -@@ -489,24 +1010,42 @@ static const BN_ULONG ffdhe8192_p[] = { - - static const BN_ULONG value_2 = 2; - --const BIGNUM _bignum_const_2 = -- { (BN_ULONG *)&value_2, 1, 1, 0, BN_FLG_STATIC_DATA }; -+const BIGNUM _bignum_const_2 = { -+ (BN_ULONG *)&value_2, 1, 1, 0, BN_FLG_STATIC_DATA -+}; - - make_dh_bn(dh1024_160_p) --make_dh_bn(dh1024_160_g) - make_dh_bn(dh1024_160_q) -+make_dh_bn(dh1024_160_g) - make_dh_bn(dh2048_224_p) --make_dh_bn(dh2048_224_g) - make_dh_bn(dh2048_224_q) -+make_dh_bn(dh2048_224_g) - make_dh_bn(dh2048_256_p) --make_dh_bn(dh2048_256_g) - make_dh_bn(dh2048_256_q) -+make_dh_bn(dh2048_256_g) - - make_dh_bn(ffdhe2048_p) -+make_dh_bn(ffdhe2048_q) - make_dh_bn(ffdhe3072_p) -+make_dh_bn(ffdhe3072_q) - make_dh_bn(ffdhe4096_p) -+make_dh_bn(ffdhe4096_q) - make_dh_bn(ffdhe6144_p) -+make_dh_bn(ffdhe6144_q) - make_dh_bn(ffdhe8192_p) -+make_dh_bn(ffdhe8192_q) - -+make_dh_bn(modp_1536_p) -+make_dh_bn(modp_1536_q) -+make_dh_bn(modp_2048_p) -+make_dh_bn(modp_2048_q) -+make_dh_bn(modp_3072_p) -+make_dh_bn(modp_3072_q) -+make_dh_bn(modp_4096_p) -+make_dh_bn(modp_4096_q) -+make_dh_bn(modp_6144_p) -+make_dh_bn(modp_6144_q) -+make_dh_bn(modp_8192_p) -+make_dh_bn(modp_8192_q) - --#endif -+#endif /* OPENSSL_NO_DH */ -diff -up openssl-1.1.1j/crypto/dh/dh_check.c.fips-dh openssl-1.1.1j/crypto/dh/dh_check.c ---- openssl-1.1.1j/crypto/dh/dh_check.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dh/dh_check.c 2021-03-03 14:23:27.404092427 +0100 -@@ -10,6 +10,7 @@ - #include - #include "internal/cryptlib.h" - #include -+#include - #include "dh_local.h" - - # define DH_NUMBER_ITERATIONS_FOR_PRIME 64 -@@ -41,6 +42,12 @@ int DH_check_params(const DH *dh, int *r - BIGNUM *tmp = NULL; - BN_CTX *ctx = NULL; - -+ if (FIPS_mode()) { -+ int nid = dh->nid == NID_undef ? DH_get_nid(dh) : dh->nid; -+ -+ return nid != NID_undef; -+ } -+ - *ret = 0; - ctx = BN_CTX_new(); - if (ctx == NULL) -@@ -95,6 +102,7 @@ int DH_check_ex(const DH *dh) - return errflags == 0; - } - -+/* Note: according to documentation - this only checks the params */ - int DH_check(const DH *dh, int *ret) - { - int ok = 0, r; -@@ -104,6 +112,9 @@ int DH_check(const DH *dh, int *ret) - if (!DH_check_params(dh, ret)) - return 0; - -+ if (FIPS_mode()) /* we allow only well-known params */ -+ return 1; -+ - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; -@@ -177,7 +188,7 @@ int DH_check_pub_key_ex(const DH *dh, co - return errflags == 0; - } - --int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) -+static int dh_check_pub_key_int(const DH *dh, const BIGNUM *q, const BIGNUM *pub_key, int *ret) - { - int ok = 0; - BIGNUM *tmp = NULL; -@@ -198,9 +209,9 @@ int DH_check_pub_key(const DH *dh, const - if (BN_cmp(pub_key, tmp) >= 0) - *ret |= DH_CHECK_PUBKEY_TOO_LARGE; - -- if (dh->q != NULL) { -+ if (q != NULL) { - /* Check pub_key^q == 1 mod p */ -- if (!BN_mod_exp(tmp, pub_key, dh->q, dh->p, ctx)) -+ if (!BN_mod_exp(tmp, pub_key, q, dh->p, ctx)) - goto err; - if (!BN_is_one(tmp)) - *ret |= DH_CHECK_PUBKEY_INVALID; -@@ -212,3 +223,23 @@ int DH_check_pub_key(const DH *dh, const - BN_CTX_free(ctx); - return ok; - } -+ -+int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) -+{ -+ return dh_check_pub_key_int(dh, dh->q, pub_key, ret); -+} -+ -+int dh_check_pub_key_full(const DH *dh, const BIGNUM *pub_key, int *ret) -+{ -+ BIGNUM *q = dh->q; -+ -+ if (q == NULL) { -+ if (dh_get_known_q(dh, &q) == 0) { -+ *ret |= DH_CHECK_INVALID_Q_VALUE; -+ return 0; -+ } -+ } -+ -+ return dh_check_pub_key_int(dh, q, pub_key, ret); -+} -+ -diff -up openssl-1.1.1j/crypto/dh/dh_gen.c.fips-dh openssl-1.1.1j/crypto/dh/dh_gen.c ---- openssl-1.1.1j/crypto/dh/dh_gen.c.fips-dh 2021-03-03 14:23:27.338091859 +0100 -+++ openssl-1.1.1j/crypto/dh/dh_gen.c 2021-03-03 14:23:27.404092427 +0100 -@@ -27,8 +27,7 @@ int DH_generate_parameters_ex(DH *ret, i - BN_GENCB *cb) - { - #ifdef OPENSSL_FIPS -- if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD) -- && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) { -+ if (FIPS_mode()) { - DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD); - return 0; - } -@@ -75,18 +74,6 @@ static int dh_builtin_genparams(DH *ret, - int g, ok = -1; - BN_CTX *ctx = NULL; - --#ifdef OPENSSL_FIPS -- if (FIPS_selftest_failed()) { -- FIPSerr(FIPS_F_DH_BUILTIN_GENPARAMS, FIPS_R_FIPS_SELFTEST_FAILED); -- return 0; -- } -- -- if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN)) { -- DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL); -- goto err; -- } --#endif -- - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; -diff -up openssl-1.1.1j/crypto/dh/dh_key.c.fips-dh openssl-1.1.1j/crypto/dh/dh_key.c ---- openssl-1.1.1j/crypto/dh/dh_key.c.fips-dh 2021-03-03 14:23:27.338091859 +0100 -+++ openssl-1.1.1j/crypto/dh/dh_key.c 2021-03-03 14:51:36.235296236 +0100 -@@ -120,10 +120,18 @@ static int generate_key(DH *dh) - BIGNUM *pub_key = NULL, *priv_key = NULL; - - #ifdef OPENSSL_FIPS -- if (FIPS_mode() -- && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) { -- DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL); -- return 0; -+ if (FIPS_mode()) { -+ if (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS) { -+ DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL); -+ return 0; -+ } -+ if (dh->nid == NID_undef) -+ dh_cache_nid(dh); -+ if (dh->nid == NID_undef || dh->length > BN_num_bits(dh->p) - 2 -+ || dh->length < 224) { -+ DHerr(DH_F_GENERATE_KEY, DH_R_NON_FIPS_METHOD); -+ return 0; -+ } - } - #endif - -@@ -159,7 +167,15 @@ static int generate_key(DH *dh) - } - - if (generate_new_key) { -- if (dh->q) { -+ if (FIPS_mode()) { -+ do { -+ if (!BN_priv_rand(priv_key, dh->length, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY)) -+ goto err; -+ if (!BN_add_word(priv_key, 1)) -+ goto err; -+ } -+ while (BN_num_bits(priv_key) > dh->length); -+ } else if (dh->q) { - do { - if (!BN_priv_rand_range(priv_key, dh->q)) - goto err; -@@ -195,6 +211,15 @@ static int generate_key(DH *dh) - } - /* We MUST free prk before any further use of priv_key */ - BN_clear_free(prk); -+ -+ if (FIPS_mode()) { -+ int check_result; -+ -+ if (!dh_check_pub_key_full(dh, pub_key, &check_result) || check_result) { -+ DHerr(DH_F_GENERATE_KEY, DH_R_INVALID_PUBKEY); -+ goto err; -+ } -+ } - } - - dh->pub_key = pub_key; -@@ -217,6 +242,7 @@ static int compute_key(unsigned char *ke - BN_CTX *ctx = NULL; - BN_MONT_CTX *mont = NULL; - BIGNUM *tmp; -+ BIGNUM *p1; - int ret = -1; - int check_result; - -@@ -263,6 +289,18 @@ static int compute_key(unsigned char *ke - DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB); - goto err; - } -+ -+ if (BN_is_zero(tmp) || BN_is_one(tmp) || BN_is_negative(tmp)) { -+ DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB); -+ goto err; -+ } -+ -+ if ((p1 = BN_CTX_get(ctx)) == NULL -+ || !BN_sub(p1, dh->p, BN_value_one()) -+ || BN_cmp(p1, tmp) <= 0) { -+ DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB); -+ goto err; -+ } - - ret = BN_bn2binpad(tmp, key, BN_num_bytes(dh->p)); - err: -diff -up openssl-1.1.1j/crypto/dh/dh_lib.c.fips-dh openssl-1.1.1j/crypto/dh/dh_lib.c ---- openssl-1.1.1j/crypto/dh/dh_lib.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dh/dh_lib.c 2021-03-03 14:23:27.405092436 +0100 -@@ -8,6 +8,7 @@ - */ - - #include -+#include - #include "internal/cryptlib.h" - #include "internal/refcount.h" - #include -@@ -86,6 +87,8 @@ DH *DH_new_method(ENGINE *engine) - goto err; - } - -+ ret->nid = NID_undef; -+ - return ret; - - err: -@@ -205,7 +208,10 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNU - dh->g = g; - } - -- if (q != NULL) { -+ dh->nid = NID_undef; -+ dh_cache_nid(dh); -+ -+ if (q != NULL && dh->nid == NID_undef) { - dh->length = BN_num_bits(q); - } - -diff -up openssl-1.1.1j/crypto/dh/dh_local.h.fips-dh openssl-1.1.1j/crypto/dh/dh_local.h ---- openssl-1.1.1j/crypto/dh/dh_local.h.fips-dh 2021-03-03 14:23:27.202090689 +0100 -+++ openssl-1.1.1j/crypto/dh/dh_local.h 2021-03-03 14:23:27.405092436 +0100 -@@ -35,6 +35,7 @@ struct dh_st { - const DH_METHOD *meth; - ENGINE *engine; - CRYPTO_RWLOCK *lock; -+ int nid; - }; - - struct dh_method { -@@ -55,3 +56,10 @@ struct dh_method { - int (*generate_params) (DH *dh, int prime_len, int generator, - BN_GENCB *cb); - }; -+ -+void dh_cache_nid(DH *dh); -+/* Obtain known q value based on nid or p */ -+int dh_get_known_q(const DH *dh, BIGNUM **q); -+/* FIPS mode only check which requires nid set and looks up q based on it. */ -+int dh_check_pub_key_full(const DH *dh, const BIGNUM *pub_key, int *ret); -+ -diff -up openssl-1.1.1j/crypto/dh/dh_rfc7919.c.fips-dh openssl-1.1.1j/crypto/dh/dh_rfc7919.c ---- openssl-1.1.1j/crypto/dh/dh_rfc7919.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dh/dh_rfc7919.c 2021-03-03 14:23:27.405092436 +0100 -@@ -7,6 +7,8 @@ - * https://www.openssl.org/source/license.html - */ - -+/* DH parameters from RFC7919 and RFC3526 */ -+ - #include - #include "internal/cryptlib.h" - #include "dh_local.h" -@@ -14,14 +16,19 @@ - #include - #include "crypto/bn_dh.h" - --static DH *dh_param_init(const BIGNUM *p, int32_t nbits) -+static DH *dh_param_init(int nid, const BIGNUM *p, const BIGNUM *q, int32_t nbits) - { - DH *dh = DH_new(); - if (dh == NULL) - return NULL; - dh->p = (BIGNUM *)p; -+ /* -+ * We do not set q as it would enable the inefficient and -+ * unnecessary pubkey modular exponentiation check. -+ */ - dh->g = (BIGNUM *)&_bignum_const_2; - dh->length = nbits; -+ dh->nid = nid; - return dh; - } - -@@ -29,46 +36,121 @@ DH *DH_new_by_nid(int nid) - { - switch (nid) { - case NID_ffdhe2048: -- return dh_param_init(&_bignum_ffdhe2048_p, 225); -+ return dh_param_init(nid, &_bignum_ffdhe2048_p, &_bignum_ffdhe2048_q, 225); - case NID_ffdhe3072: -- return dh_param_init(&_bignum_ffdhe3072_p, 275); -+ return dh_param_init(nid, &_bignum_ffdhe3072_p, &_bignum_ffdhe3072_q, 275); - case NID_ffdhe4096: -- return dh_param_init(&_bignum_ffdhe4096_p, 325); -+ return dh_param_init(nid, &_bignum_ffdhe4096_p, &_bignum_ffdhe4096_q, 325); - case NID_ffdhe6144: -- return dh_param_init(&_bignum_ffdhe6144_p, 375); -+ return dh_param_init(nid, &_bignum_ffdhe6144_p, &_bignum_ffdhe6144_q, 375); - case NID_ffdhe8192: -- return dh_param_init(&_bignum_ffdhe8192_p, 400); -+ return dh_param_init(nid, &_bignum_ffdhe8192_p, &_bignum_ffdhe8192_q, 400); -+ case NID_modp_2048: -+ return dh_param_init(nid, &_bignum_modp_2048_p, &_bignum_modp_2048_q, 225); -+ case NID_modp_3072: -+ return dh_param_init(nid, &_bignum_modp_3072_p, &_bignum_modp_3072_q, 275); -+ case NID_modp_4096: -+ return dh_param_init(nid, &_bignum_modp_4096_p, &_bignum_modp_4096_q, 325); -+ case NID_modp_6144: -+ return dh_param_init(nid, &_bignum_modp_6144_p, &_bignum_modp_6144_q, 375); -+ case NID_modp_8192: -+ return dh_param_init(nid, &_bignum_modp_8192_p, &_bignum_modp_8192_q, 400); -+ case NID_modp_1536: -+ if (!FIPS_mode()) -+ return dh_param_init(nid, &_bignum_modp_1536_p, &_bignum_modp_1536_q, 175); -+ /* fallthrough */ - default: - DHerr(DH_F_DH_NEW_BY_NID, DH_R_INVALID_PARAMETER_NID); - return NULL; - } - } - --int DH_get_nid(const DH *dh) -+static int dh_match_group(const DH *dh, BIGNUM **qout, int *lout) - { - int nid; -+ const BIGNUM *q; -+ int length; - - if (BN_get_word(dh->g) != 2) - return NID_undef; -- if (!BN_cmp(dh->p, &_bignum_ffdhe2048_p)) -+ -+ if (dh->nid == NID_ffdhe2048 || !BN_cmp(dh->p, &_bignum_ffdhe2048_p)) { - nid = NID_ffdhe2048; -- else if (!BN_cmp(dh->p, &_bignum_ffdhe3072_p)) -+ q = &_bignum_ffdhe2048_q; -+ length = 225; -+ } else if (dh->nid == NID_ffdhe3072 || !BN_cmp(dh->p, &_bignum_ffdhe3072_p)) { - nid = NID_ffdhe3072; -- else if (!BN_cmp(dh->p, &_bignum_ffdhe4096_p)) -+ q = &_bignum_ffdhe3072_q; -+ length = 275; -+ } else if (dh->nid == NID_ffdhe4096 || !BN_cmp(dh->p, &_bignum_ffdhe4096_p)) { - nid = NID_ffdhe4096; -- else if (!BN_cmp(dh->p, &_bignum_ffdhe6144_p)) -+ q = &_bignum_ffdhe4096_q; -+ length = 325; -+ } else if (dh->nid == NID_ffdhe6144 || !BN_cmp(dh->p, &_bignum_ffdhe6144_p)) { - nid = NID_ffdhe6144; -- else if (!BN_cmp(dh->p, &_bignum_ffdhe8192_p)) -+ q = &_bignum_ffdhe6144_q; -+ length = 375; -+ } else if (dh->nid == NID_ffdhe8192 || !BN_cmp(dh->p, &_bignum_ffdhe8192_p)) { - nid = NID_ffdhe8192; -- else -+ q = &_bignum_ffdhe8192_q; -+ length = 400; -+ } else if (dh->nid == NID_modp_2048 || !BN_cmp(dh->p, &_bignum_modp_2048_p)) { -+ nid = NID_modp_2048; -+ q = &_bignum_modp_2048_q; -+ length = 225; -+ } else if (dh->nid == NID_modp_3072 || !BN_cmp(dh->p, &_bignum_modp_3072_p)) { -+ nid = NID_modp_3072; -+ q = &_bignum_modp_3072_q; -+ length = 275; -+ } else if (dh->nid == NID_modp_4096 || !BN_cmp(dh->p, &_bignum_modp_4096_p)) { -+ nid = NID_modp_4096; -+ q = &_bignum_modp_4096_q; -+ length = 325; -+ } else if (dh->nid == NID_modp_6144 || !BN_cmp(dh->p, &_bignum_modp_6144_p)) { -+ nid = NID_modp_6144; -+ q = &_bignum_modp_6144_q; -+ length = 375; -+ } else if (dh->nid == NID_modp_8192 || !BN_cmp(dh->p, &_bignum_modp_8192_p)) { -+ nid = NID_modp_8192; -+ q = &_bignum_modp_8192_q; -+ length = 400; -+ } else if (!FIPS_mode() && (dh->nid == NID_modp_1536 || !BN_cmp(dh->p, &_bignum_modp_1536_p))) { -+ nid = NID_modp_1536; -+ q = &_bignum_modp_1536_q; -+ length = 175; -+ } else { - return NID_undef; -+ } -+ - if (dh->q != NULL) { -- BIGNUM *q = BN_dup(dh->p); -+ /* Check that q matches the known q. */ -+ if (BN_cmp(dh->q, q)) -+ return NID_undef; -+ } else if (qout != NULL) { -+ *qout = (BIGNUM *)q; -+ } - -- /* Check q = p * 2 + 1 we already know q is odd, so just shift right */ -- if (q == NULL || !BN_rshift1(q, q) || !BN_cmp(dh->q, q)) -- nid = NID_undef; -- BN_free(q); -+ if (lout != NULL) { -+ *lout = length; - } - return nid; - } -+ -+int DH_get_nid(const DH *dh) -+{ -+ if (dh->nid != NID_undef) { -+ return dh->nid; -+ } -+ return dh_match_group(dh, NULL, NULL); -+} -+ -+void dh_cache_nid(DH *dh) -+{ -+ dh->nid = dh_match_group(dh, NULL, &dh->length); -+} -+ -+int dh_get_known_q(const DH *dh, BIGNUM **q) -+{ -+ return dh_match_group(dh, q, NULL) != NID_undef; -+} -+ -diff -up openssl-1.1.1j/crypto/ec/ec_key.c.fips-dh openssl-1.1.1j/crypto/ec/ec_key.c ---- openssl-1.1.1j/crypto/ec/ec_key.c.fips-dh 2021-03-03 14:23:27.339091868 +0100 -+++ openssl-1.1.1j/crypto/ec/ec_key.c 2021-03-03 14:23:27.405092436 +0100 -@@ -281,9 +281,18 @@ int ec_key_simple_generate_key(EC_KEY *e - if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, ctx)) - goto err; - -- eckey->priv_key = priv_key; - eckey->pub_key = pub_key; - -+ if (FIPS_mode()) { -+ eckey->priv_key = NULL; -+ if (EC_KEY_check_key(eckey) <= 0) { -+ eckey->pub_key = NULL; -+ goto err; -+ } -+ } -+ -+ eckey->priv_key = priv_key; -+ - ok = 1; - - err: -@@ -297,8 +306,23 @@ int ec_key_simple_generate_key(EC_KEY *e - - int ec_key_simple_generate_public_key(EC_KEY *eckey) - { -- return EC_POINT_mul(eckey->group, eckey->pub_key, eckey->priv_key, NULL, -+ BIGNUM *priv_key; -+ int ret = EC_POINT_mul(eckey->group, eckey->pub_key, eckey->priv_key, NULL, - NULL, NULL); -+ -+ if (ret <= 0 || !FIPS_mode()) -+ return ret; -+ -+ /* no need to perform private key test, temporarily hide it */ -+ priv_key = eckey->priv_key; -+ eckey->priv_key = NULL; -+ ret = EC_KEY_check_key(eckey); -+ eckey->priv_key = priv_key; -+ -+ if (ret <= 0) -+ EC_POINT_set_to_infinity(eckey->group, eckey->pub_key); -+ -+ return ret; - } - - int EC_KEY_check_key(const EC_KEY *eckey) -diff -up openssl-1.1.1j/crypto/evp/p_lib.c.fips-dh openssl-1.1.1j/crypto/evp/p_lib.c ---- openssl-1.1.1j/crypto/evp/p_lib.c.fips-dh 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/p_lib.c 2021-03-03 14:23:27.405092436 +0100 -@@ -540,7 +540,8 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *p - - int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) - { -- int type = DH_get0_q(key) == NULL ? EVP_PKEY_DH : EVP_PKEY_DHX; -+ int type = DH_get0_q(key) == NULL || DH_get_nid(key) != NID_undef ? -+ EVP_PKEY_DH : EVP_PKEY_DHX; - int ret = EVP_PKEY_assign(pkey, type, key); - - if (ret) -diff -up openssl-1.1.1j/crypto/objects/obj_dat.h.fips-dh openssl-1.1.1j/crypto/objects/obj_dat.h ---- openssl-1.1.1j/crypto/objects/obj_dat.h.fips-dh 2021-03-03 14:23:27.394092341 +0100 -+++ openssl-1.1.1j/crypto/objects/obj_dat.h 2021-03-03 14:23:27.406092444 +0100 -@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = { - 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ - }; - --#define NUM_NID 1199 -+#define NUM_NID 1205 - static const ASN1_OBJECT nid_objs[NUM_NID] = { - {"UNDEF", "undefined", NID_undef}, - {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, -@@ -2279,9 +2279,15 @@ static const ASN1_OBJECT nid_objs[NUM_NI - {"KBKDF", "kbkdf", NID_kbkdf}, - {"KRB5KDF", "krb5kdf", NID_krb5kdf}, - {"SSKDF", "sskdf", NID_sskdf}, -+ {"modp_1536", "modp_1536", NID_modp_1536}, -+ {"modp_2048", "modp_2048", NID_modp_2048}, -+ {"modp_3072", "modp_3072", NID_modp_3072}, -+ {"modp_4096", "modp_4096", NID_modp_4096}, -+ {"modp_6144", "modp_6144", NID_modp_6144}, -+ {"modp_8192", "modp_8192", NID_modp_8192}, - }; - --#define NUM_SN 1190 -+#define NUM_SN 1196 - static const unsigned int sn_objs[NUM_SN] = { - 364, /* "AD_DVCS" */ - 419, /* "AES-128-CBC" */ -@@ -3127,6 +3133,12 @@ static const unsigned int sn_objs[NUM_SN - 506, /* "mime-mhs-bodies" */ - 505, /* "mime-mhs-headings" */ - 488, /* "mobileTelephoneNumber" */ -+ 1199, /* "modp_1536" */ -+ 1200, /* "modp_2048" */ -+ 1201, /* "modp_3072" */ -+ 1202, /* "modp_4096" */ -+ 1203, /* "modp_6144" */ -+ 1204, /* "modp_8192" */ - 136, /* "msCTLSign" */ - 135, /* "msCodeCom" */ - 134, /* "msCodeInd" */ -@@ -3475,7 +3487,7 @@ static const unsigned int sn_objs[NUM_SN - 1093, /* "x509ExtAdmission" */ - }; - --#define NUM_LN 1190 -+#define NUM_LN 1196 - static const unsigned int ln_objs[NUM_LN] = { - 363, /* "AD Time Stamping" */ - 405, /* "ANSI X9.62" */ -@@ -4313,6 +4325,12 @@ static const unsigned int ln_objs[NUM_LN - 506, /* "mime-mhs-bodies" */ - 505, /* "mime-mhs-headings" */ - 488, /* "mobileTelephoneNumber" */ -+ 1199, /* "modp_1536" */ -+ 1200, /* "modp_2048" */ -+ 1201, /* "modp_3072" */ -+ 1202, /* "modp_4096" */ -+ 1203, /* "modp_6144" */ -+ 1204, /* "modp_8192" */ - 481, /* "nSRecord" */ - 173, /* "name" */ - 681, /* "onBasis" */ -diff -up openssl-1.1.1j/crypto/objects/objects.txt.fips-dh openssl-1.1.1j/crypto/objects/objects.txt ---- openssl-1.1.1j/crypto/objects/objects.txt.fips-dh 2021-03-03 14:23:27.395092350 +0100 -+++ openssl-1.1.1j/crypto/objects/objects.txt 2021-03-03 14:23:27.406092444 +0100 -@@ -1657,6 +1657,13 @@ id-pkinit 5 : pkInit - : ffdhe4096 - : ffdhe6144 - : ffdhe8192 -+# NIDs for RFC3526 DH parameters -+ : modp_1536 -+ : modp_2048 -+ : modp_3072 -+ : modp_4096 -+ : modp_6144 -+ : modp_8192 - - # OIDs for DSTU-4145/DSTU-7564 (http://zakon2.rada.gov.ua/laws/show/z0423-17) - -diff -up openssl-1.1.1j/crypto/objects/obj_mac.num.fips-dh openssl-1.1.1j/crypto/objects/obj_mac.num ---- openssl-1.1.1j/crypto/objects/obj_mac.num.fips-dh 2021-03-03 14:23:27.395092350 +0100 -+++ openssl-1.1.1j/crypto/objects/obj_mac.num 2021-03-03 14:23:27.406092444 +0100 -@@ -1196,3 +1196,9 @@ sshkdf 1195 - kbkdf 1196 - krb5kdf 1197 - sskdf 1198 -+modp_1536 1199 -+modp_2048 1200 -+modp_3072 1201 -+modp_4096 1202 -+modp_6144 1203 -+modp_8192 1204 -diff -up openssl-1.1.1j/doc/man3/DH_new_by_nid.pod.fips-dh openssl-1.1.1j/doc/man3/DH_new_by_nid.pod ---- openssl-1.1.1j/doc/man3/DH_new_by_nid.pod.fips-dh 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/doc/man3/DH_new_by_nid.pod 2021-03-03 14:23:27.406092444 +0100 -@@ -8,13 +8,15 @@ DH_new_by_nid, DH_get_nid - get or find - - #include - DH *DH_new_by_nid(int nid); -- int *DH_get_nid(const DH *dh); -+ int DH_get_nid(const DH *dh); - - =head1 DESCRIPTION - - DH_new_by_nid() creates and returns a DH structure containing named parameters - B. Currently B must be B, B, --B, B or B. -+B, B, B, -+B, B, B, -+B, B or B. - - DH_get_nid() determines if the parameters contained in B match - any named set. It returns the NID corresponding to the matching parameters or -diff -up openssl-1.1.1j/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh openssl-1.1.1j/doc/man3/EVP_PKEY_CTX_ctrl.pod ---- openssl-1.1.1j/doc/man3/EVP_PKEY_CTX_ctrl.pod.fips-dh 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/doc/man3/EVP_PKEY_CTX_ctrl.pod 2021-03-03 14:23:27.406092444 +0100 -@@ -294,10 +294,11 @@ The EVP_PKEY_CTX_set_dh_pad() macro sets - If B is zero (the default) then no padding is performed. - - EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to --B as defined in RFC7919. The B parameter must be B, --B, B, B, B --or B to clear the stored value. This macro can be called during --parameter or key generation. -+I as defined in RFC7919 or RFC3526. The I parameter must be -+B, B, B, B, -+B, B, B, B, -+B, B, B or B to clear -+the stored value. This macro can be called during parameter or key generation. - The nid parameter and the rfc5114 parameter are mutually exclusive. - - The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are -diff -up openssl-1.1.1j/include/crypto/bn_dh.h.fips-dh openssl-1.1.1j/include/crypto/bn_dh.h ---- openssl-1.1.1j/include/crypto/bn_dh.h.fips-dh 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/crypto/bn_dh.h 2021-03-03 14:23:27.406092444 +0100 -@@ -1,7 +1,7 @@ - /* -- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. - * -- * Licensed under the OpenSSL license (the "License"). You may not use -+ * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html -@@ -9,16 +9,35 @@ - - #define declare_dh_bn(x) \ - extern const BIGNUM _bignum_dh##x##_p; \ -+ extern const BIGNUM _bignum_dh##x##_q; \ - extern const BIGNUM _bignum_dh##x##_g; \ -- extern const BIGNUM _bignum_dh##x##_q; - - declare_dh_bn(1024_160) - declare_dh_bn(2048_224) - declare_dh_bn(2048_256) - -+extern const BIGNUM _bignum_const_2; -+ - extern const BIGNUM _bignum_ffdhe2048_p; - extern const BIGNUM _bignum_ffdhe3072_p; - extern const BIGNUM _bignum_ffdhe4096_p; - extern const BIGNUM _bignum_ffdhe6144_p; - extern const BIGNUM _bignum_ffdhe8192_p; --extern const BIGNUM _bignum_const_2; -+extern const BIGNUM _bignum_ffdhe2048_q; -+extern const BIGNUM _bignum_ffdhe3072_q; -+extern const BIGNUM _bignum_ffdhe4096_q; -+extern const BIGNUM _bignum_ffdhe6144_q; -+extern const BIGNUM _bignum_ffdhe8192_q; -+ -+extern const BIGNUM _bignum_modp_1536_p; -+extern const BIGNUM _bignum_modp_2048_p; -+extern const BIGNUM _bignum_modp_3072_p; -+extern const BIGNUM _bignum_modp_4096_p; -+extern const BIGNUM _bignum_modp_6144_p; -+extern const BIGNUM _bignum_modp_8192_p; -+extern const BIGNUM _bignum_modp_1536_q; -+extern const BIGNUM _bignum_modp_2048_q; -+extern const BIGNUM _bignum_modp_3072_q; -+extern const BIGNUM _bignum_modp_4096_q; -+extern const BIGNUM _bignum_modp_6144_q; -+extern const BIGNUM _bignum_modp_8192_q; -diff -up openssl-1.1.1j/include/openssl/obj_mac.h.fips-dh openssl-1.1.1j/include/openssl/obj_mac.h ---- openssl-1.1.1j/include/openssl/obj_mac.h.fips-dh 2021-03-03 14:23:27.396092358 +0100 -+++ openssl-1.1.1j/include/openssl/obj_mac.h 2021-03-03 14:23:27.407092453 +0100 -@@ -5115,6 +5115,24 @@ - #define SN_ffdhe8192 "ffdhe8192" - #define NID_ffdhe8192 1130 - -+#define SN_modp_1536 "modp_1536" -+#define NID_modp_1536 1199 -+ -+#define SN_modp_2048 "modp_2048" -+#define NID_modp_2048 1200 -+ -+#define SN_modp_3072 "modp_3072" -+#define NID_modp_3072 1201 -+ -+#define SN_modp_4096 "modp_4096" -+#define NID_modp_4096 1202 -+ -+#define SN_modp_6144 "modp_6144" -+#define NID_modp_6144 1203 -+ -+#define SN_modp_8192 "modp_8192" -+#define NID_modp_8192 1204 -+ - #define SN_ISO_UA "ISO-UA" - #define NID_ISO_UA 1150 - #define OBJ_ISO_UA OBJ_member_body,804L -diff -up openssl-1.1.1j/ssl/s3_lib.c.fips-dh openssl-1.1.1j/ssl/s3_lib.c ---- openssl-1.1.1j/ssl/s3_lib.c.fips-dh 2021-03-03 14:23:27.354091997 +0100 -+++ openssl-1.1.1j/ssl/s3_lib.c 2021-03-03 14:23:27.407092453 +0100 -@@ -4849,13 +4849,51 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey - EVP_PKEY *ssl_dh_to_pkey(DH *dh) - { - EVP_PKEY *ret; -+ DH *dhp = NULL; -+ - if (dh == NULL) - return NULL; -+ -+ if (FIPS_mode() && DH_get_nid(dh) == NID_undef) { -+ int bits = DH_bits(dh); -+ BIGNUM *p, *g; -+ -+ dhp = DH_new(); -+ if (dhp == NULL) -+ return NULL; -+ g = BN_new(); -+ if (g == NULL || !BN_set_word(g, 2)) { -+ DH_free(dhp); -+ BN_free(g); -+ return NULL; -+ } -+ -+ if (bits >= 7000) -+ p = BN_get_rfc3526_prime_8192(NULL); -+ else if (bits >= 5000) -+ p = BN_get_rfc3526_prime_6144(NULL); -+ else if (bits >= 3800) -+ p = BN_get_rfc3526_prime_4096(NULL); -+ else if (bits >= 2500) -+ p = BN_get_rfc3526_prime_3072(NULL); -+ else -+ p = BN_get_rfc3526_prime_2048(NULL); -+ if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) { -+ DH_free(dhp); -+ BN_free(p); -+ BN_free(g); -+ return NULL; -+ } -+ dh = dhp; -+ } -+ - ret = EVP_PKEY_new(); - if (EVP_PKEY_set1_DH(ret, dh) <= 0) { -+ DH_free(dhp); - EVP_PKEY_free(ret); - return NULL; - } -+ DH_free(dhp); - return ret; - } - #endif -diff -up openssl-1.1.1j/ssl/t1_lib.c.fips-dh openssl-1.1.1j/ssl/t1_lib.c ---- openssl-1.1.1j/ssl/t1_lib.c.fips-dh 2021-03-03 14:23:27.401092401 +0100 -+++ openssl-1.1.1j/ssl/t1_lib.c 2021-03-03 14:23:27.407092453 +0100 -@@ -2542,7 +2542,7 @@ DH *ssl_get_auto_dh(SSL *s) - p = BN_get_rfc3526_prime_4096(NULL); - else if (dh_secbits >= 128) - p = BN_get_rfc3526_prime_3072(NULL); -- else if (dh_secbits >= 112) -+ else if (dh_secbits >= 112 || FIPS_mode()) - p = BN_get_rfc3526_prime_2048(NULL); - else - p = BN_get_rfc2409_prime_1024(NULL); diff --git a/openssl-1.1.1-fips-drbg-selftest.patch b/openssl-1.1.1-fips-drbg-selftest.patch deleted file mode 100644 index b800c06..0000000 --- a/openssl-1.1.1-fips-drbg-selftest.patch +++ /dev/null @@ -1,587 +0,0 @@ -diff -up openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest openssl-1.1.1g/crypto/fips/fips_post.c ---- openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest 2020-04-23 13:33:12.500624151 +0200 -+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-04-23 13:33:12.618621925 +0200 -@@ -67,12 +67,18 @@ - - # include - # include "crypto/fips.h" -+# include "crypto/rand.h" - # include "fips_locl.h" - - /* Run all selftests */ - int FIPS_selftest(void) - { - int rv = 1; -+ if (!rand_drbg_selftest()) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_TEST_FAILURE); -+ ERR_add_error_data(2, "Type=", "rand_drbg_selftest"); -+ rv = 0; -+ } - if (!FIPS_selftest_drbg()) - rv = 0; - if (!FIPS_selftest_sha1()) -diff -up openssl-1.1.1g/crypto/rand/build.info.drbg-selftest openssl-1.1.1g/crypto/rand/build.info ---- openssl-1.1.1g/crypto/rand/build.info.drbg-selftest 2020-04-23 13:33:12.619621907 +0200 -+++ openssl-1.1.1g/crypto/rand/build.info 2020-04-23 13:34:10.857523497 +0200 -@@ -1,6 +1,6 @@ - LIBS=../../libcrypto - SOURCE[../../libcrypto]=\ - randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \ -- rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c -+ rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c drbg_selftest.c - - INCLUDE[drbg_ctr.o]=../modes -diff -up openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1g/crypto/rand/drbg_selftest.c ---- openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest 2020-04-23 13:33:12.619621907 +0200 -+++ openssl-1.1.1g/crypto/rand/drbg_selftest.c 2020-04-23 13:33:12.619621907 +0200 -@@ -0,0 +1,537 @@ -+/* -+ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the OpenSSL license (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include -+#include -+#include "internal/nelem.h" -+#include -+#include -+#include -+#include -+#include "internal/thread_once.h" -+#include "crypto/rand.h" -+ -+typedef struct test_ctx_st { -+ const unsigned char *entropy; -+ size_t entropylen; -+ int entropycnt; -+ const unsigned char *nonce; -+ size_t noncelen; -+ int noncecnt; -+} TEST_CTX; -+ -+static int app_data_index = -1; -+static CRYPTO_ONCE get_index_once = CRYPTO_ONCE_STATIC_INIT; -+DEFINE_RUN_ONCE_STATIC(drbg_app_data_index_init) -+{ -+ app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL); -+ -+ return 1; -+} -+ -+enum drbg_kat_type { -+ NO_RESEED, -+ PR_FALSE, -+ PR_TRUE -+}; -+ -+enum drbg_df { -+ USE_DF, -+ NO_DF, -+ NA -+}; -+ -+struct drbg_kat_no_reseed { -+ size_t count; -+ const unsigned char *entropyin; -+ const unsigned char *nonce; -+ const unsigned char *persstr; -+ const unsigned char *addin1; -+ const unsigned char *addin2; -+ const unsigned char *retbytes; -+}; -+ -+struct drbg_kat_pr_false { -+ size_t count; -+ const unsigned char *entropyin; -+ const unsigned char *nonce; -+ const unsigned char *persstr; -+ const unsigned char *entropyinreseed; -+ const unsigned char *addinreseed; -+ const unsigned char *addin1; -+ const unsigned char *addin2; -+ const unsigned char *retbytes; -+}; -+ -+struct drbg_kat_pr_true { -+ size_t count; -+ const unsigned char *entropyin; -+ const unsigned char *nonce; -+ const unsigned char *persstr; -+ const unsigned char *entropyinpr1; -+ const unsigned char *addin1; -+ const unsigned char *entropyinpr2; -+ const unsigned char *addin2; -+ const unsigned char *retbytes; -+}; -+ -+struct drbg_kat { -+ enum drbg_kat_type type; -+ enum drbg_df df; -+ int nid; -+ -+ size_t entropyinlen; -+ size_t noncelen; -+ size_t persstrlen; -+ size_t addinlen; -+ size_t retbyteslen; -+ -+ const void *t; -+}; -+ -+/* -+ * Excerpt from test/drbg_cavs_data.c -+ * DRBG test vectors from: -+ * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/ -+ */ -+ -+static const unsigned char kat1308_entropyin[] = { -+ 0x7c, 0x5d, 0x90, 0x70, 0x3b, 0x8a, 0xc7, 0x0f, 0x23, 0x73, 0x24, 0x9c, -+ 0xa7, 0x15, 0x41, 0x71, 0x7a, 0x31, 0xea, 0x32, 0xfc, 0x28, 0x0d, 0xd7, -+ 0x5b, 0x09, 0x01, 0x98, 0x1b, 0xe2, 0xa5, 0x53, 0xd9, 0x05, 0x32, 0x97, -+ 0xec, 0xbe, 0x86, 0xfd, 0x1c, 0x1c, 0x71, 0x4c, 0x52, 0x29, 0x9e, 0x52, -+}; -+static const unsigned char kat1308_nonce[] = {0}; -+static const unsigned char kat1308_persstr[] = { -+ 0xdc, 0x07, 0x2f, 0x68, 0xfa, 0x77, 0x03, 0x23, 0x42, 0xb0, 0xf5, 0xa2, -+ 0xd9, 0xad, 0xa1, 0xd0, 0xad, 0xa2, 0x14, 0xb4, 0xd0, 0x8e, 0xfb, 0x39, -+ 0xdd, 0xc2, 0xac, 0xfb, 0x98, 0xdf, 0x7f, 0xce, 0x4c, 0x75, 0x56, 0x45, -+ 0xcd, 0x86, 0x93, 0x74, 0x90, 0x6e, 0xf6, 0x9e, 0x85, 0x7e, 0xfb, 0xc3, -+}; -+static const unsigned char kat1308_addin0[] = { -+ 0x52, 0x25, 0xc4, 0x2f, 0x03, 0xce, 0x29, 0x71, 0xc5, 0x0b, 0xc3, 0x4e, -+ 0xad, 0x8d, 0x6f, 0x17, 0x82, 0xe1, 0xf3, 0xfd, 0xfd, 0x9b, 0x94, 0x9a, -+ 0x1d, 0xac, 0xd0, 0xd4, 0x3f, 0x2b, 0xe3, 0xab, 0x7c, 0x3d, 0x3e, 0x5a, -+ 0x68, 0xbb, 0xa4, 0x74, 0x68, 0x1a, 0xc6, 0x27, 0xff, 0xe0, 0xc0, 0x6c, -+}; -+static const unsigned char kat1308_addin1[] = { -+ 0xdc, 0x91, 0xd7, 0xb7, 0xb9, 0x94, 0x79, 0x0f, 0x06, 0xc4, 0x70, 0x19, -+ 0x33, 0x25, 0x7c, 0x96, 0x01, 0xa0, 0x62, 0xb0, 0x50, 0xe6, 0xc0, 0x3a, -+ 0x56, 0x8f, 0xc5, 0x50, 0x48, 0xc6, 0xf4, 0x49, 0xe5, 0x70, 0x16, 0x2e, -+ 0xae, 0xf2, 0x99, 0xb4, 0x2d, 0x70, 0x18, 0x16, 0xcd, 0xe0, 0x24, 0xe4, -+}; -+static const unsigned char kat1308_retbits[] = { -+ 0xde, 0xf8, 0x91, 0x1b, 0xf1, 0xe1, 0xa9, 0x97, 0xd8, 0x61, 0x84, 0xe2, -+ 0xdb, 0x83, 0x3e, 0x60, 0x45, 0xcd, 0xc8, 0x66, 0x93, 0x28, 0xc8, 0x92, -+ 0xbc, 0x25, 0xae, 0xe8, 0xb0, 0xed, 0xed, 0x16, 0x3d, 0xa5, 0xf9, 0x0f, -+ 0xb3, 0x72, 0x08, 0x84, 0xac, 0x3c, 0x3b, 0xaa, 0x5f, 0xf9, 0x7d, 0x63, -+ 0x3e, 0xde, 0x59, 0x37, 0x0e, 0x40, 0x12, 0x2b, 0xbc, 0x6c, 0x96, 0x53, -+ 0x26, 0x32, 0xd0, 0xb8, -+}; -+static const struct drbg_kat_no_reseed kat1308_t = { -+ 2, kat1308_entropyin, kat1308_nonce, kat1308_persstr, -+ kat1308_addin0, kat1308_addin1, kat1308_retbits -+}; -+static const struct drbg_kat kat1308 = { -+ NO_RESEED, NO_DF, NID_aes_256_ctr, 48, 0, 48, 48, 64, &kat1308_t -+}; -+ -+static const unsigned char kat1465_entropyin[] = { -+ 0xc9, 0x96, 0x3a, 0x15, 0x51, 0x76, 0x4f, 0xe0, 0x45, 0x82, 0x8a, 0x64, -+ 0x87, 0xbe, 0xaa, 0xc0, -+}; -+static const unsigned char kat1465_nonce[] = { -+ 0x08, 0xcd, 0x69, 0x39, 0xf8, 0x58, 0x9a, 0x85, -+}; -+static const unsigned char kat1465_persstr[] = {0}; -+static const unsigned char kat1465_entropyinreseed[] = { -+ 0x16, 0xcc, 0x35, 0x15, 0xb1, 0x17, 0xf5, 0x33, 0x80, 0x9a, 0x80, 0xc5, -+ 0x1f, 0x4b, 0x7b, 0x51, -+}; -+static const unsigned char kat1465_addinreseed[] = { -+ 0xf5, 0x3d, 0xf1, 0x2e, 0xdb, 0x28, 0x1c, 0x00, 0x7b, 0xcb, 0xb6, 0x12, -+ 0x61, 0x9f, 0x26, 0x5f, -+}; -+static const unsigned char kat1465_addin0[] = { -+ 0xe2, 0x67, 0x06, 0x62, 0x09, 0xa7, 0xcf, 0xd6, 0x84, 0x8c, 0x20, 0xf6, -+ 0x10, 0x5a, 0x73, 0x9c, -+}; -+static const unsigned char kat1465_addin1[] = { -+ 0x26, 0xfa, 0x50, 0xe1, 0xb3, 0xcb, 0x65, 0xed, 0xbc, 0x6d, 0xda, 0x18, -+ 0x47, 0x99, 0x1f, 0xeb, -+}; -+static const unsigned char kat1465_retbits[] = { -+ 0xf9, 0x47, 0xc6, 0xb0, 0x58, 0xa8, 0x66, 0x8a, 0xf5, 0x2b, 0x2a, 0x6d, -+ 0x4e, 0x24, 0x6f, 0x65, 0xbf, 0x51, 0x22, 0xbf, 0xe8, 0x8d, 0x6c, 0xeb, -+ 0xf9, 0x68, 0x7f, 0xed, 0x3b, 0xdd, 0x6b, 0xd5, 0x28, 0x47, 0x56, 0x52, -+ 0xda, 0x50, 0xf0, 0x90, 0x73, 0x95, 0x06, 0x58, 0xaf, 0x08, 0x98, 0x6e, -+ 0x24, 0x18, 0xfd, 0x2f, 0x48, 0x72, 0x57, 0xd6, 0x59, 0xab, 0xe9, 0x41, -+ 0x58, 0xdb, 0x27, 0xba, -+}; -+static const struct drbg_kat_pr_false kat1465_t = { -+ 9, kat1465_entropyin, kat1465_nonce, kat1465_persstr, -+ kat1465_entropyinreseed, kat1465_addinreseed, kat1465_addin0, -+ kat1465_addin1, kat1465_retbits -+}; -+static const struct drbg_kat kat1465 = { -+ PR_FALSE, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat1465_t -+}; -+ -+static const unsigned char kat3146_entropyin[] = { -+ 0xd7, 0x08, 0x42, 0x82, 0xc2, 0xd2, 0xd1, 0xde, 0x01, 0xb4, 0x36, 0xb3, -+ 0x7f, 0xbd, 0xd3, 0xdd, 0xb3, 0xc4, 0x31, 0x4f, 0x8f, 0xa7, 0x10, 0xf4, -+}; -+static const unsigned char kat3146_nonce[] = { -+ 0x7b, 0x9e, 0xcd, 0x49, 0x4f, 0x46, 0xa0, 0x08, 0x32, 0xff, 0x2e, 0xc3, -+ 0x50, 0x86, 0xca, 0xca, -+}; -+static const unsigned char kat3146_persstr[] = {0}; -+static const unsigned char kat3146_entropyinpr1[] = { -+ 0x68, 0xd0, 0x7b, 0xa4, 0xe7, 0x22, 0x19, 0xe6, 0xb6, 0x46, 0x6a, 0xda, -+ 0x8e, 0x67, 0xea, 0x63, 0x3f, 0xaf, 0x2f, 0x6c, 0x9d, 0x5e, 0x48, 0x15, -+}; -+static const unsigned char kat3146_addinpr1[] = { -+ 0x70, 0x0f, 0x54, 0xf4, 0x53, 0xde, 0xca, 0x61, 0x5c, 0x49, 0x51, 0xd1, -+ 0x41, 0xc4, 0xf1, 0x2f, 0x65, 0xfb, 0x7e, 0xbc, 0x9b, 0x14, 0xba, 0x90, -+ 0x05, 0x33, 0x7e, 0x64, 0xb7, 0x2b, 0xaf, 0x99, -+}; -+static const unsigned char kat3146_entropyinpr2[] = { -+ 0xeb, 0x77, 0xb0, 0xe9, 0x2d, 0x31, 0xc8, 0x66, 0xc5, 0xc4, 0xa7, 0xf7, -+ 0x6c, 0xb2, 0x74, 0x36, 0x4b, 0x25, 0x78, 0x04, 0xd8, 0xd7, 0xd2, 0x34, -+}; -+static const unsigned char kat3146_addinpr2[] = { -+ 0x05, 0xcd, 0x2a, 0x97, 0x5a, 0x5d, 0xfb, 0x98, 0xc1, 0xf1, 0x00, 0x0c, -+ 0xed, 0xe6, 0x2a, 0xba, 0xf0, 0x89, 0x1f, 0x5a, 0x4f, 0xd7, 0x48, 0xb3, -+ 0x24, 0xc0, 0x8a, 0x3d, 0x60, 0x59, 0x5d, 0xb6, -+}; -+static const unsigned char kat3146_retbits[] = { -+ 0x29, 0x94, 0xa4, 0xa8, 0x17, 0x3e, 0x62, 0x2f, 0x94, 0xdd, 0x40, 0x1f, -+ 0xe3, 0x7e, 0x77, 0xd4, 0x38, 0xbc, 0x0e, 0x49, 0x46, 0xf6, 0x0e, 0x28, -+ 0x91, 0xc6, 0x9c, 0xc4, 0xa6, 0xa1, 0xf8, 0x9a, 0x64, 0x5e, 0x99, 0x76, -+ 0xd0, 0x2d, 0xee, 0xde, 0xe1, 0x2c, 0x93, 0x29, 0x4b, 0x12, 0xcf, 0x87, -+ 0x03, 0x98, 0xb9, 0x74, 0x41, 0xdb, 0x3a, 0x49, 0x9f, 0x92, 0xd0, 0x45, -+ 0xd4, 0x30, 0x73, 0xbb, -+}; -+static const struct drbg_kat_pr_true kat3146_t = { -+ 10, kat3146_entropyin, kat3146_nonce, kat3146_persstr, -+ kat3146_entropyinpr1, kat3146_addinpr1, kat3146_entropyinpr2, -+ kat3146_addinpr2, kat3146_retbits -+}; -+static const struct drbg_kat kat3146 = { -+ PR_TRUE, USE_DF, NID_aes_192_ctr, 24, 16, 0, 32, 64, &kat3146_t -+}; -+ -+static const struct drbg_kat *drbg_test[] = { &kat1308, &kat1465, &kat3146 }; -+ -+static const size_t drbg_test_nelem = OSSL_NELEM(drbg_test); -+ -+static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout, -+ int entropy, size_t min_len, size_t max_len, -+ int prediction_resistance) -+{ -+ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index); -+ -+ t->entropycnt++; -+ *pout = (unsigned char *)t->entropy; -+ return t->entropylen; -+} -+ -+static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout, -+ int entropy, size_t min_len, size_t max_len) -+{ -+ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index); -+ -+ t->noncecnt++; -+ *pout = (unsigned char *)t->nonce; -+ return t->noncelen; -+} -+ -+/* -+ * Do a single NO_RESEED KAT: -+ * -+ * Instantiate -+ * Generate Random Bits (pr=false) -+ * Generate Random Bits (pr=false) -+ * Uninstantiate -+ * -+ * Return 0 on failure. -+ */ -+static int single_kat_no_reseed(const struct drbg_kat *td) -+{ -+ struct drbg_kat_no_reseed *data = (struct drbg_kat_no_reseed *)td->t; -+ RAND_DRBG *drbg = NULL; -+ unsigned char *buff = NULL; -+ unsigned int flags = 0; -+ int failures = 0; -+ TEST_CTX t; -+ -+ if (td->df != USE_DF) -+ flags |= RAND_DRBG_FLAG_CTR_NO_DF; -+ -+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) -+ return 0; -+ -+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, -+ kat_nonce, NULL)) { -+ failures++; -+ goto err; -+ } -+ memset(&t, 0, sizeof(t)); -+ t.entropy = data->entropyin; -+ t.entropylen = td->entropyinlen; -+ t.nonce = data->nonce; -+ t.noncelen = td->noncelen; -+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); -+ -+ buff = OPENSSL_malloc(td->retbyteslen); -+ if (buff == NULL) { -+ failures++; -+ goto err; -+ } -+ -+ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen) -+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, -+ data->addin1, td->addinlen) -+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, -+ data->addin2, td->addinlen) -+ || memcmp(data->retbytes, buff, -+ td->retbyteslen) != 0) -+ failures++; -+ -+err: -+ OPENSSL_free(buff); -+ RAND_DRBG_uninstantiate(drbg); -+ RAND_DRBG_free(drbg); -+ return failures == 0; -+} -+ -+/*- -+ * Do a single PR_FALSE KAT: -+ * -+ * Instantiate -+ * Reseed -+ * Generate Random Bits (pr=false) -+ * Generate Random Bits (pr=false) -+ * Uninstantiate -+ * -+ * Return 0 on failure. -+ */ -+static int single_kat_pr_false(const struct drbg_kat *td) -+{ -+ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t; -+ RAND_DRBG *drbg = NULL; -+ unsigned char *buff = NULL; -+ unsigned int flags = 0; -+ int failures = 0; -+ TEST_CTX t; -+ -+ if (td->df != USE_DF) -+ flags |= RAND_DRBG_FLAG_CTR_NO_DF; -+ -+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) -+ return 0; -+ -+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, -+ kat_nonce, NULL)) { -+ failures++; -+ goto err; -+ } -+ memset(&t, 0, sizeof(t)); -+ t.entropy = data->entropyin; -+ t.entropylen = td->entropyinlen; -+ t.nonce = data->nonce; -+ t.noncelen = td->noncelen; -+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); -+ -+ buff = OPENSSL_malloc(td->retbyteslen); -+ if (buff == NULL) { -+ failures++; -+ goto err; -+ } -+ -+ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) -+ failures++; -+ -+ t.entropy = data->entropyinreseed; -+ t.entropylen = td->entropyinlen; -+ -+ if (!RAND_DRBG_reseed(drbg, data->addinreseed, td->addinlen, 0) -+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, -+ data->addin1, td->addinlen) -+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, -+ data->addin2, td->addinlen) -+ || memcmp(data->retbytes, buff, -+ td->retbyteslen) != 0) -+ failures++; -+ -+err: -+ OPENSSL_free(buff); -+ RAND_DRBG_uninstantiate(drbg); -+ RAND_DRBG_free(drbg); -+ return failures == 0; -+} -+ -+/*- -+ * Do a single PR_TRUE KAT: -+ * -+ * Instantiate -+ * Generate Random Bits (pr=true) -+ * Generate Random Bits (pr=true) -+ * Uninstantiate -+ * -+ * Return 0 on failure. -+ */ -+static int single_kat_pr_true(const struct drbg_kat *td) -+{ -+ struct drbg_kat_pr_true *data = (struct drbg_kat_pr_true *)td->t; -+ RAND_DRBG *drbg = NULL; -+ unsigned char *buff = NULL; -+ unsigned int flags = 0; -+ int failures = 0; -+ TEST_CTX t; -+ -+ if (td->df != USE_DF) -+ flags |= RAND_DRBG_FLAG_CTR_NO_DF; -+ -+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) -+ return 0; -+ -+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, -+ kat_nonce, NULL)) { -+ failures++; -+ goto err; -+ } -+ memset(&t, 0, sizeof(t)); -+ t.nonce = data->nonce; -+ t.noncelen = td->noncelen; -+ t.entropy = data->entropyin; -+ t.entropylen = td->entropyinlen; -+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); -+ -+ buff = OPENSSL_malloc(td->retbyteslen); -+ if (buff == NULL) { -+ failures++; -+ goto err; -+ } -+ -+ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) -+ failures++; -+ -+ t.entropy = data->entropyinpr1; -+ t.entropylen = td->entropyinlen; -+ -+ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1, -+ data->addin1, td->addinlen)) -+ failures++; -+ -+ t.entropy = data->entropyinpr2; -+ t.entropylen = td->entropyinlen; -+ -+ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1, -+ data->addin2, td->addinlen) -+ || memcmp(data->retbytes, buff, -+ td->retbyteslen) != 0) -+ failures++; -+ -+err: -+ OPENSSL_free(buff); -+ RAND_DRBG_uninstantiate(drbg); -+ RAND_DRBG_free(drbg); -+ return failures == 0; -+} -+ -+static int test_kats(int i) -+{ -+ const struct drbg_kat *td = drbg_test[i]; -+ int rv = 0; -+ -+ switch (td->type) { -+ case NO_RESEED: -+ if (!single_kat_no_reseed(td)) -+ goto err; -+ break; -+ case PR_FALSE: -+ if (!single_kat_pr_false(td)) -+ goto err; -+ break; -+ case PR_TRUE: -+ if (!single_kat_pr_true(td)) -+ goto err; -+ break; -+ default: /* cant happen */ -+ goto err; -+ } -+ rv = 1; -+err: -+ return rv; -+} -+ -+/*- -+ * Do one expected-error test: -+ * -+ * Instantiate with no entropy supplied -+ * -+ * Return 0 on failure. -+ */ -+static int test_drbg_sanity(const struct drbg_kat *td) -+{ -+ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t; -+ RAND_DRBG *drbg = NULL; -+ unsigned int flags = 0; -+ int failures = 0; -+ TEST_CTX t; -+ -+ if (td->df != USE_DF) -+ flags |= RAND_DRBG_FLAG_CTR_NO_DF; -+ -+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) -+ return 0; -+ -+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, -+ kat_nonce, NULL)) { -+ failures++; -+ goto err; -+ } -+ memset(&t, 0, sizeof(t)); -+ t.entropy = data->entropyin; -+ t.entropylen = 0; /* No entropy */ -+ t.nonce = data->nonce; -+ t.noncelen = td->noncelen; -+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); -+ -+ ERR_set_mark(); -+ /* This must fail. */ -+ if (RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) -+ failures++; -+ RAND_DRBG_uninstantiate(drbg); -+ ERR_pop_to_mark(); -+ -+err: -+ RAND_DRBG_free(drbg); -+ return failures == 0; -+} -+ -+ -+int rand_drbg_selftest(void) -+{ -+ int i; -+ -+ if (!RUN_ONCE(&get_index_once, drbg_app_data_index_init)) -+ return 0; -+ -+ for (i = 0; i < drbg_test_nelem; i++) { -+ if (test_kats(i) <= 0) -+ return 0; -+ } -+ -+ if (test_drbg_sanity(&kat1465) <= 0) -+ return 0; -+ -+ return 1; -+} -diff -up openssl-1.1.1g/include/crypto/rand.h.drbg-selftest openssl-1.1.1g/include/crypto/rand.h ---- openssl-1.1.1g/include/crypto/rand.h.drbg-selftest 2020-04-23 13:33:12.587622510 +0200 -+++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:33:12.619621907 +0200 -@@ -140,4 +140,9 @@ void rand_pool_cleanup(void); - */ - void rand_pool_keep_random_devices_open(int keep); - -+/* -+ * Perform the DRBG KAT selftests -+ */ -+int rand_drbg_selftest(void); -+ - #endif diff --git a/openssl-1.1.1-fips-post-rand.patch b/openssl-1.1.1-fips-post-rand.patch deleted file mode 100644 index 027dc55..0000000 --- a/openssl-1.1.1-fips-post-rand.patch +++ /dev/null @@ -1,189 +0,0 @@ -diff -up openssl-1.1.1i/crypto/fips/fips.c.fips-post-rand openssl-1.1.1i/crypto/fips/fips.c ---- openssl-1.1.1i/crypto/fips/fips.c.fips-post-rand 2020-12-09 10:26:41.634106328 +0100 -+++ openssl-1.1.1i/crypto/fips/fips.c 2020-12-09 10:26:41.652106475 +0100 -@@ -68,6 +68,7 @@ - - # include - # include "internal/thread_once.h" -+# include "crypto/rand.h" - - # ifndef PATH_MAX - # define PATH_MAX 1024 -@@ -76,6 +77,7 @@ - static int fips_selftest_fail = 0; - static int fips_mode = 0; - static int fips_started = 0; -+static int fips_post = 0; - - static int fips_is_owning_thread(void); - static int fips_set_owning_thread(void); -@@ -158,6 +160,11 @@ void fips_set_selftest_fail(void) - fips_selftest_fail = 1; - } - -+int fips_in_post(void) -+{ -+ return fips_post; -+} -+ - /* we implement what libfipscheck does ourselves */ - - static int -@@ -445,6 +452,8 @@ int FIPS_module_mode_set(int onoff) - } - # endif - -+ fips_post = 1; -+ - if (!FIPS_selftest()) { - fips_selftest_fail = 1; - ret = 0; -@@ -459,7 +468,12 @@ int FIPS_module_mode_set(int onoff) - goto end; - } - -+ fips_post = 0; -+ - fips_set_mode(onoff); -+ /* force RNG reseed with entropy from getrandom() on next call */ -+ rand_force_reseed(); -+ - ret = 1; - goto end; - } -diff -up openssl-1.1.1i/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1i/crypto/rand/drbg_lib.c ---- openssl-1.1.1i/crypto/rand/drbg_lib.c.fips-post-rand 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/crypto/rand/drbg_lib.c 2020-12-09 10:26:41.652106475 +0100 -@@ -1005,6 +1005,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg - return min_entropy > min_entropylen ? min_entropy : min_entropylen; - } - -+void rand_force_reseed(void) -+{ -+ RAND_DRBG *drbg; -+ -+ drbg = RAND_DRBG_get0_master(); -+ drbg->fork_id = 0; -+ -+ drbg = RAND_DRBG_get0_private(); -+ drbg->fork_id = 0; -+ -+ drbg = RAND_DRBG_get0_public(); -+ drbg->fork_id = 0; -+} -+ - /* Implements the default OpenSSL RAND_add() method */ - static int drbg_add(const void *buf, int num, double randomness) - { -diff -up openssl-1.1.1i/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1i/crypto/rand/rand_unix.c ---- openssl-1.1.1i/crypto/rand/rand_unix.c.fips-post-rand 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/crypto/rand/rand_unix.c 2020-12-09 10:36:59.531221903 +0100 -@@ -17,10 +17,12 @@ - #include - #include "rand_local.h" - #include "crypto/rand.h" -+#include "crypto/fips.h" - #include - #include "internal/dso.h" - #ifdef __linux - # include -+# include - # ifdef DEVRANDOM_WAIT - # include - # include -@@ -344,7 +346,7 @@ static ssize_t sysctl_random(char *buf, - * syscall_random(): Try to get random data using a system call - * returns the number of bytes returned in buf, or < 0 on error. - */ --static ssize_t syscall_random(void *buf, size_t buflen) -+static ssize_t syscall_random(void *buf, size_t buflen, int nonblock) - { - /* - * Note: 'buflen' equals the size of the buffer which is used by the -@@ -369,6 +371,7 @@ static ssize_t syscall_random(void *buf, - * Note: Sometimes getentropy() can be provided but not implemented - * internally. So we need to check errno for ENOSYS - */ -+# if 0 - # if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux) - extern int getentropy(void *buffer, size_t length) __attribute__((weak)); - -@@ -394,10 +397,10 @@ static ssize_t syscall_random(void *buf, - if (p_getentropy.p != NULL) - return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1; - # endif -- -+# endif - /* Linux supports this since version 3.17 */ --# if defined(__linux) && defined(__NR_getrandom) -- return syscall(__NR_getrandom, buf, buflen, 0); -+# if defined(__linux) && defined(SYS_getrandom) -+ return syscall(SYS_getrandom, buf, buflen, nonblock?GRND_NONBLOCK:0); - # elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) - return sysctl_random(buf, buflen); - # else -@@ -633,6 +636,9 @@ size_t rand_pool_acquire_entropy(RAND_PO - size_t entropy_available; - - # if defined(OPENSSL_RAND_SEED_GETRANDOM) -+ int in_post; -+ -+ for (in_post = fips_in_post(); in_post >= 0; --in_post) { - { - size_t bytes_needed; - unsigned char *buffer; -@@ -643,7 +649,7 @@ size_t rand_pool_acquire_entropy(RAND_PO - bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); - while (bytes_needed != 0 && attempts-- > 0) { - buffer = rand_pool_add_begin(pool, bytes_needed); -- bytes = syscall_random(buffer, bytes_needed); -+ bytes = syscall_random(buffer, bytes_needed, in_post); - if (bytes > 0) { - rand_pool_add_end(pool, bytes, 8 * bytes); - bytes_needed -= bytes; -@@ -678,8 +684,10 @@ size_t rand_pool_acquire_entropy(RAND_PO - int attempts = 3; - const int fd = get_random_device(i); - -- if (fd == -1) -+ if (fd == -1) { -+ OPENSSL_showfatal("Random device %s cannot be opened.\n", random_device_paths[i]); - continue; -+ } - - while (bytes_needed != 0 && attempts-- > 0) { - buffer = rand_pool_add_begin(pool, bytes_needed); -@@ -742,7 +750,9 @@ size_t rand_pool_acquire_entropy(RAND_PO - return entropy_available; - } - # endif -- -+# ifdef OPENSSL_RAND_SEED_GETRANDOM -+ } -+# endif - return rand_pool_entropy_available(pool); - # endif - } -diff -up openssl-1.1.1i/include/crypto/fips.h.fips-post-rand openssl-1.1.1i/include/crypto/fips.h ---- openssl-1.1.1i/include/crypto/fips.h.fips-post-rand 2020-12-09 10:26:41.639106369 +0100 -+++ openssl-1.1.1i/include/crypto/fips.h 2020-12-09 10:26:41.657106516 +0100 -@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void); - int FIPS_selftest_drbg(void); - int FIPS_selftest_cmac(void); - -+int fips_in_post(void); -+ - int fips_pkey_signature_test(EVP_PKEY *pkey, - const unsigned char *tbs, int tbslen, - const unsigned char *kat, -diff -up openssl-1.1.1i/include/crypto/rand.h.fips-post-rand openssl-1.1.1i/include/crypto/rand.h ---- openssl-1.1.1i/include/crypto/rand.h.fips-post-rand 2020-12-08 14:20:59.000000000 +0100 -+++ openssl-1.1.1i/include/crypto/rand.h 2020-12-09 10:26:41.657106516 +0100 -@@ -24,6 +24,7 @@ - typedef struct rand_pool_st RAND_POOL; - - void rand_cleanup_int(void); -+void rand_force_reseed(void); - void rand_drbg_cleanup_int(void); - void drbg_delete_thread_state(void); - diff --git a/openssl-1.1.1-fips.patch b/openssl-1.1.1-fips.patch deleted file mode 100644 index aa3d33d..0000000 --- a/openssl-1.1.1-fips.patch +++ /dev/null @@ -1,11635 +0,0 @@ -diff -up openssl-1.1.1j/apps/pkcs12.c.fips openssl-1.1.1j/apps/pkcs12.c ---- openssl-1.1.1j/apps/pkcs12.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/apps/pkcs12.c 2021-03-03 12:57:42.194734484 +0100 -@@ -123,7 +123,7 @@ int pkcs12_main(int argc, char **argv) - int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0; - int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER; - #ifndef OPENSSL_NO_RC2 -- int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; -+ int cert_pbe = FIPS_mode() ? NID_pbe_WithSHA1And3_Key_TripleDES_CBC : NID_pbe_WithSHA1And40BitRC2_CBC; - #else - int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; - #endif -diff -up openssl-1.1.1j/apps/speed.c.fips openssl-1.1.1j/apps/speed.c ---- openssl-1.1.1j/apps/speed.c.fips 2021-03-03 12:57:42.185734409 +0100 -+++ openssl-1.1.1j/apps/speed.c 2021-03-03 12:57:42.195734492 +0100 -@@ -1593,7 +1593,8 @@ int speed_main(int argc, char **argv) - continue; - if (strcmp(*argv, "rsa") == 0) { - for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++) -- rsa_doit[loop] = 1; -+ if (!FIPS_mode() || loop != R_RSA_512) -+ rsa_doit[loop] = 1; - continue; - } - if (found(*argv, rsa_choices, &i)) { -@@ -1603,7 +1604,9 @@ int speed_main(int argc, char **argv) - #endif - #ifndef OPENSSL_NO_DSA - if (strcmp(*argv, "dsa") == 0) { -- dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] = -+ if (!FIPS_mode()) -+ dsa_doit[R_DSA_512] = 1; -+ dsa_doit[R_DSA_1024] = - dsa_doit[R_DSA_2048] = 1; - continue; - } -@@ -1634,19 +1637,21 @@ int speed_main(int argc, char **argv) - } - if (strcmp(*argv, "ecdh") == 0) { - for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++) -- ecdh_doit[loop] = 1; -+ if(!FIPS_mode() || (loop != R_EC_X25519 && loop != R_EC_X448)) -+ ecdh_doit[loop] = 1; - continue; - } - if (found(*argv, ecdh_choices, &i)) { -- ecdh_doit[i] = 2; -+ if(!FIPS_mode() || (i != R_EC_X25519 && i != R_EC_X448)) -+ ecdh_doit[i] = 2; - continue; - } -- if (strcmp(*argv, "eddsa") == 0) { -+ if (!FIPS_mode() && strcmp(*argv, "eddsa") == 0) { - for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++) - eddsa_doit[loop] = 1; - continue; - } -- if (found(*argv, eddsa_choices, &i)) { -+ if (!FIPS_mode() && found(*argv, eddsa_choices, &i)) { - eddsa_doit[i] = 2; - continue; - } -@@ -1735,23 +1740,31 @@ int speed_main(int argc, char **argv) - /* No parameters; turn on everything. */ - if ((argc == 0) && !doit[D_EVP]) { - for (i = 0; i < ALGOR_NUM; i++) -- if (i != D_EVP) -+ if (i != D_EVP && -+ (!FIPS_mode() || (i != D_WHIRLPOOL && -+ i != D_MD2 && i != D_MD4 && -+ i != D_MD5 && i != D_MDC2 && -+ i != D_RMD160))) - doit[i] = 1; - #ifndef OPENSSL_NO_RSA - for (i = 0; i < RSA_NUM; i++) -- rsa_doit[i] = 1; -+ if (!FIPS_mode() || i != R_RSA_512) -+ rsa_doit[i] = 1; - #endif - #ifndef OPENSSL_NO_DSA - for (i = 0; i < DSA_NUM; i++) -- dsa_doit[i] = 1; -+ if (!FIPS_mode() || i != R_DSA_512) -+ dsa_doit[i] = 1; - #endif - #ifndef OPENSSL_NO_EC - for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++) - ecdsa_doit[loop] = 1; - for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++) -- ecdh_doit[loop] = 1; -- for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++) -- eddsa_doit[loop] = 1; -+ if(!FIPS_mode() || (loop != R_EC_X25519 && loop != R_EC_X448)) -+ ecdh_doit[loop] = 1; -+ if (!FIPS_mode()) -+ for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++) -+ eddsa_doit[loop] = 1; - #endif - } - for (i = 0; i < ALGOR_NUM; i++) -@@ -1799,30 +1812,46 @@ int speed_main(int argc, char **argv) - AES_set_encrypt_key(key24, 192, &aes_ks2); - AES_set_encrypt_key(key32, 256, &aes_ks3); - #ifndef OPENSSL_NO_CAMELLIA -- Camellia_set_key(key16, 128, &camellia_ks1); -- Camellia_set_key(ckey24, 192, &camellia_ks2); -- Camellia_set_key(ckey32, 256, &camellia_ks3); -+ if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) { -+ Camellia_set_key(key16, 128, &camellia_ks1); -+ Camellia_set_key(ckey24, 192, &camellia_ks2); -+ Camellia_set_key(ckey32, 256, &camellia_ks3); -+ } - #endif - #ifndef OPENSSL_NO_IDEA -- IDEA_set_encrypt_key(key16, &idea_ks); -+ if (doit[D_CBC_IDEA]) { -+ IDEA_set_encrypt_key(key16, &idea_ks); -+ } - #endif - #ifndef OPENSSL_NO_SEED -- SEED_set_key(key16, &seed_ks); -+ if (doit[D_CBC_SEED]) { -+ SEED_set_key(key16, &seed_ks); -+ } - #endif - #ifndef OPENSSL_NO_RC4 -- RC4_set_key(&rc4_ks, 16, key16); -+ if (doit[D_RC4]) { -+ RC4_set_key(&rc4_ks, 16, key16); -+ } - #endif - #ifndef OPENSSL_NO_RC2 -- RC2_set_key(&rc2_ks, 16, key16, 128); -+ if (doit[D_CBC_RC2]) { -+ RC2_set_key(&rc2_ks, 16, key16, 128); -+ } - #endif - #ifndef OPENSSL_NO_RC5 -- RC5_32_set_key(&rc5_ks, 16, key16, 12); -+ if (doit[D_CBC_RC5]) { -+ RC5_32_set_key(&rc5_ks, 16, key16, 12); -+ } - #endif - #ifndef OPENSSL_NO_BF -- BF_set_key(&bf_ks, 16, key16); -+ if (doit[D_CBC_BF]) { -+ BF_set_key(&bf_ks, 16, key16); -+ } - #endif - #ifndef OPENSSL_NO_CAST -- CAST_set_key(&cast_ks, 16, key16); -+ if (doit[D_CBC_CAST]) { -+ CAST_set_key(&cast_ks, 16, key16); -+ } - #endif - #ifndef SIGALRM - # ifndef OPENSSL_NO_DES -@@ -2120,6 +2149,7 @@ int speed_main(int argc, char **argv) - - for (i = 0; i < loopargs_len; i++) { - loopargs[i].hctx = HMAC_CTX_new(); -+ HMAC_CTX_set_flags(loopargs[i].hctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); - if (loopargs[i].hctx == NULL) { - BIO_printf(bio_err, "HMAC malloc failure, exiting..."); - exit(1); -diff -up openssl-1.1.1j/Configure.fips openssl-1.1.1j/Configure ---- openssl-1.1.1j/Configure.fips 2021-03-03 12:57:42.192734467 +0100 -+++ openssl-1.1.1j/Configure 2021-03-03 12:57:42.195734492 +0100 -@@ -329,7 +329,7 @@ $config{sdirs} = [ - "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2", "siphash", "sm3", - "des", "aes", "rc2", "rc4", "rc5", "idea", "aria", "bf", "cast", "camellia", "seed", "sm4", "chacha", "modes", - "bn", "ec", "rsa", "dsa", "dh", "sm2", "dso", "engine", -- "buffer", "bio", "stack", "lhash", "rand", "err", -+ "buffer", "bio", "stack", "lhash", "rand", "err", "fips", - "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", - "cms", "ts", "srp", "cmac", "ct", "async", "kdf", "store" - ]; -diff -up openssl-1.1.1j/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1j/crypto/cmac/cm_pmeth.c ---- openssl-1.1.1j/crypto/cmac/cm_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/cmac/cm_pmeth.c 2021-03-03 12:57:42.195734492 +0100 -@@ -129,7 +129,7 @@ static int pkey_cmac_ctrl_str(EVP_PKEY_C - - const EVP_PKEY_METHOD cmac_pkey_meth = { - EVP_PKEY_CMAC, -- EVP_PKEY_FLAG_SIGCTX_CUSTOM, -+ EVP_PKEY_FLAG_SIGCTX_CUSTOM | EVP_PKEY_FLAG_FIPS, - pkey_cmac_init, - pkey_cmac_copy, - pkey_cmac_cleanup, -diff -up openssl-1.1.1j/crypto/dh/dh_err.c.fips openssl-1.1.1j/crypto/dh/dh_err.c ---- openssl-1.1.1j/crypto/dh/dh_err.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dh/dh_err.c 2021-03-03 12:57:42.195734492 +0100 -@@ -25,6 +25,9 @@ static const ERR_STRING_DATA DH_str_func - {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_PEERKEY, 0), "dh_cms_set_peerkey"}, - {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_SHARED_INFO, 0), - "dh_cms_set_shared_info"}, -+ {ERR_PACK(ERR_LIB_DH, DH_F_DH_COMPUTE_KEY, 0), "DH_compute_key"}, -+ {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_KEY, 0), "DH_generate_key"}, -+ {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_PARAMETERS_EX, 0), "DH_generate_parameters_ex"}, - {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_DUP, 0), "DH_meth_dup"}, - {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_NEW, 0), "DH_meth_new"}, - {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_SET1_NAME, 0), "DH_meth_set1_name"}, -@@ -72,12 +75,14 @@ static const ERR_STRING_DATA DH_str_reas - {ERR_PACK(ERR_LIB_DH, 0, DH_R_INVALID_PUBKEY), "invalid public key"}, - {ERR_PACK(ERR_LIB_DH, 0, DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"}, - {ERR_PACK(ERR_LIB_DH, 0, DH_R_KEYS_NOT_SET), "keys not set"}, -+ {ERR_PACK(ERR_LIB_DH, 0, DH_R_KEY_SIZE_TOO_SMALL), "key size too small"}, - {ERR_PACK(ERR_LIB_DH, 0, DH_R_MISSING_PUBKEY), "missing pubkey"}, - {ERR_PACK(ERR_LIB_DH, 0, DH_R_MODULUS_TOO_LARGE), "modulus too large"}, - {ERR_PACK(ERR_LIB_DH, 0, DH_R_NOT_SUITABLE_GENERATOR), - "not suitable generator"}, - {ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PARAMETERS_SET), "no parameters set"}, - {ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PRIVATE_VALUE), "no private value"}, -+ {ERR_PACK(ERR_LIB_DH, 0, DH_R_NON_FIPS_METHOD), "non FIPS method"}, - {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR), - "parameter encoding error"}, - {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"}, -diff -up openssl-1.1.1j/crypto/dh/dh_gen.c.fips openssl-1.1.1j/crypto/dh/dh_gen.c ---- openssl-1.1.1j/crypto/dh/dh_gen.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dh/dh_gen.c 2021-03-03 12:57:42.195734492 +0100 -@@ -16,6 +16,9 @@ - #include "internal/cryptlib.h" - #include - #include "dh_local.h" -+#ifdef OPENSSL_FIPS -+# include -+#endif - - static int dh_builtin_genparams(DH *ret, int prime_len, int generator, - BN_GENCB *cb); -@@ -23,6 +26,13 @@ static int dh_builtin_genparams(DH *ret, - int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, - BN_GENCB *cb) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD) -+ && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) { -+ DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD); -+ return 0; -+ } -+#endif - if (ret->meth->generate_params) - return ret->meth->generate_params(ret, prime_len, generator, cb); - return dh_builtin_genparams(ret, prime_len, generator, cb); -@@ -65,6 +75,18 @@ static int dh_builtin_genparams(DH *ret, - int g, ok = -1; - BN_CTX *ctx = NULL; - -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_DH_BUILTIN_GENPARAMS, FIPS_R_FIPS_SELFTEST_FAILED); -+ return 0; -+ } -+ -+ if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN)) { -+ DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL); -+ goto err; -+ } -+#endif -+ - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; -diff -up openssl-1.1.1j/crypto/dh/dh_key.c.fips openssl-1.1.1j/crypto/dh/dh_key.c ---- openssl-1.1.1j/crypto/dh/dh_key.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dh/dh_key.c 2021-03-03 13:02:45.963247596 +0100 -@@ -11,6 +11,9 @@ - #include "internal/cryptlib.h" - #include "dh_local.h" - #include "crypto/bn.h" -+#ifdef OPENSSL_FIPS -+# include -+#endif - - static int generate_key(DH *dh); - static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); -@@ -34,6 +37,13 @@ int DH_compute_key(unsigned char *key, c - int ret = 0, i; - volatile size_t npad = 0, mask = 1; - -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) -+ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) { -+ DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD); -+ return 0; -+ } -+#endif - /* compute the key; ret is constant unless compute_key is external */ - if ((ret = dh->meth->compute_key(key, pub_key, dh)) <= 0) - return ret; -@@ -109,6 +119,14 @@ static int generate_key(DH *dh) - BN_MONT_CTX *mont = NULL; - BIGNUM *pub_key = NULL, *priv_key = NULL; - -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() -+ && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) { -+ DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL); -+ return 0; -+ } -+#endif -+ - if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { - DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE); - return 0; -@@ -206,6 +224,13 @@ static int compute_key(unsigned char *ke - DHerr(DH_F_COMPUTE_KEY, DH_R_MODULUS_TOO_LARGE); - goto err; - } -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() -+ && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) { -+ DHerr(DH_F_COMPUTE_KEY, DH_R_KEY_SIZE_TOO_SMALL); -+ goto err; -+ } -+#endif - - ctx = BN_CTX_new(); - if (ctx == NULL) -@@ -255,6 +280,9 @@ static int dh_bn_mod_exp(const DH *dh, B - - static int dh_init(DH *dh) - { -+#ifdef OPENSSL_FIPS -+ FIPS_selftest_check(); -+#endif - dh->flags |= DH_FLAG_CACHE_MONT_P; - return 1; - } -diff -up openssl-1.1.1j/crypto/dh/dh_pmeth.c.fips openssl-1.1.1j/crypto/dh/dh_pmeth.c ---- openssl-1.1.1j/crypto/dh/dh_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dh/dh_pmeth.c 2021-03-03 12:57:42.196734500 +0100 -@@ -480,7 +480,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX * - - const EVP_PKEY_METHOD dh_pkey_meth = { - EVP_PKEY_DH, -- 0, -+ EVP_PKEY_FLAG_FIPS, - pkey_dh_init, - pkey_dh_copy, - pkey_dh_cleanup, -@@ -514,7 +514,7 @@ const EVP_PKEY_METHOD dh_pkey_meth = { - - const EVP_PKEY_METHOD dhx_pkey_meth = { - EVP_PKEY_DHX, -- 0, -+ EVP_PKEY_FLAG_FIPS, - pkey_dh_init, - pkey_dh_copy, - pkey_dh_cleanup, -diff -up openssl-1.1.1j/crypto/dsa/dsa_err.c.fips openssl-1.1.1j/crypto/dsa/dsa_err.c ---- openssl-1.1.1j/crypto/dsa/dsa_err.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dsa/dsa_err.c 2021-03-03 12:57:42.196734500 +0100 -@@ -16,12 +16,15 @@ - static const ERR_STRING_DATA DSA_str_functs[] = { - {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT, 0), "DSAparams_print"}, - {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT_FP, 0), "DSAparams_print_fp"}, -+ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_KEYGEN, 0), "dsa_builtin_keygen"}, - {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_PARAMGEN, 0), - "dsa_builtin_paramgen"}, - {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_PARAMGEN2, 0), - "dsa_builtin_paramgen2"}, - {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_SIGN, 0), "DSA_do_sign"}, - {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_VERIFY, 0), "DSA_do_verify"}, -+ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_KEY, 0), "DSA_generate_key"}, -+ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_PARAMETERS_EX, 0), "DSA_generate_parameters_ex"}, - {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_DUP, 0), "DSA_meth_dup"}, - {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_NEW, 0), "DSA_meth_new"}, - {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_SET1_NAME, 0), "DSA_meth_set1_name"}, -@@ -51,11 +54,14 @@ static const ERR_STRING_DATA DSA_str_rea - {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_INVALID_DIGEST_TYPE), - "invalid digest type"}, - {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_INVALID_PARAMETERS), "invalid parameters"}, -+ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_KEY_SIZE_INVALID), "key size invalid"}, -+ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_KEY_SIZE_TOO_SMALL), "key size too small"}, - {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PARAMETERS), "missing parameters"}, - {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PRIVATE_KEY), - "missing private key"}, - {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MODULUS_TOO_LARGE), "modulus too large"}, - {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NO_PARAMETERS_SET), "no parameters set"}, -+ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NON_FIPS_DSA_METHOD), "non FIPS DSA method"}, - {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_PARAMETER_ENCODING_ERROR), - "parameter encoding error"}, - {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_Q_NOT_PRIME), "q not prime"}, -diff -up openssl-1.1.1j/crypto/dsa/dsa_gen.c.fips openssl-1.1.1j/crypto/dsa/dsa_gen.c ---- openssl-1.1.1j/crypto/dsa/dsa_gen.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dsa/dsa_gen.c 2021-03-03 12:57:42.196734500 +0100 -@@ -22,12 +22,22 @@ - #include - #include - #include "dsa_local.h" -+#ifdef OPENSSL_FIPS -+# include -+#endif - - int DSA_generate_parameters_ex(DSA *ret, int bits, - const unsigned char *seed_in, int seed_len, - int *counter_ret, unsigned long *h_ret, - BN_GENCB *cb) - { -+# ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD) -+ && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW)) { -+ DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD); -+ return 0; -+ } -+# endif - if (ret->meth->dsa_paramgen) - return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, - counter_ret, h_ret, cb); -@@ -35,9 +45,15 @@ int DSA_generate_parameters_ex(DSA *ret, - const EVP_MD *evpmd = bits >= 2048 ? EVP_sha256() : EVP_sha1(); - size_t qbits = EVP_MD_size(evpmd) * 8; - -+# ifdef OPENSSL_FIPS -+ return dsa_builtin_paramgen2(ret, bits, qbits, evpmd, -+ seed_in, seed_len, -1, NULL, counter_ret, -+ h_ret, cb); -+# else - return dsa_builtin_paramgen(ret, bits, qbits, evpmd, - seed_in, seed_len, NULL, counter_ret, - h_ret, cb); -+# endif - } - } - -@@ -309,7 +325,7 @@ int dsa_builtin_paramgen2(DSA *ret, size - int *counter_ret, unsigned long *h_ret, - BN_GENCB *cb) - { -- int ok = -1; -+ int ok = 0; - unsigned char *seed = NULL, *seed_tmp = NULL; - unsigned char md[EVP_MAX_MD_SIZE]; - int mdsize; -@@ -332,6 +348,20 @@ int dsa_builtin_paramgen2(DSA *ret, size - goto err; - } - -+# ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_DSA_BUILTIN_PARAMGEN2, FIPS_R_FIPS_SELFTEST_FAILED); -+ goto err; -+ } -+ -+ if (FIPS_mode() && -+ (L != 2048 || N != 224) && (L != 2048 || N != 256) && -+ (L != 3072 || N != 256)) { -+ DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_KEY_SIZE_INVALID); -+ goto err; -+ } -+# endif -+ - if (evpmd == NULL) { - if (N == 160) - evpmd = EVP_sha1(); -@@ -432,9 +462,10 @@ int dsa_builtin_paramgen2(DSA *ret, size - goto err; - /* Provided seed didn't produce a prime: error */ - if (seed_in) { -- ok = 0; -- DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_Q_NOT_PRIME); -- goto err; -+ /* Different seed_out will indicate that seed_in -+ * did not generate primes. -+ */ -+ seed_in = NULL; - } - - /* do a callback call */ -@@ -520,11 +551,14 @@ int dsa_builtin_paramgen2(DSA *ret, size - if (counter >= (int)(4 * L)) - break; - } -+#if 0 -+ /* Cannot happen */ - if (seed_in) { - ok = 0; - DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS); - goto err; - } -+#endif - } - end: - if (!BN_GENCB_call(cb, 2, 1)) -@@ -595,7 +629,7 @@ int dsa_builtin_paramgen2(DSA *ret, size - BN_free(ret->g); - ret->g = BN_dup(g); - if (ret->p == NULL || ret->q == NULL || ret->g == NULL) { -- ok = -1; -+ ok = 0; - goto err; - } - if (counter_ret != NULL) -@@ -612,3 +646,53 @@ int dsa_builtin_paramgen2(DSA *ret, size - EVP_MD_CTX_free(mctx); - return ok; - } -+ -+#ifdef OPENSSL_FIPS -+ -+int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, -+ const EVP_MD *evpmd, const unsigned char *seed_in, -+ size_t seed_len, int idx, unsigned char *seed_out, -+ int *counter_ret, unsigned long *h_ret, -+ BN_GENCB *cb) -+{ -+ return dsa_builtin_paramgen2(ret, L, N, evpmd, seed_in, seed_len, -+ idx, seed_out, counter_ret, h_ret, cb); -+} -+ -+int FIPS_dsa_paramgen_check_g(DSA *dsa) -+{ -+ BN_CTX *ctx; -+ BIGNUM *tmp; -+ BN_MONT_CTX *mont = NULL; -+ int rv = -1; -+ -+ ctx = BN_CTX_new(); -+ if (ctx == NULL) -+ return -1; -+ if (BN_cmp(dsa->g, BN_value_one()) <= 0) -+ return 0; -+ if (BN_cmp(dsa->g, dsa->p) >= 0) -+ return 0; -+ BN_CTX_start(ctx); -+ tmp = BN_CTX_get(ctx); -+ if (tmp == NULL) -+ goto err; -+ if ((mont=BN_MONT_CTX_new()) == NULL) -+ goto err; -+ if (!BN_MONT_CTX_set(mont,dsa->p,ctx)) -+ goto err; -+ /* Work out g^q mod p */ -+ if (!BN_mod_exp_mont(tmp,dsa->g,dsa->q, dsa->p, ctx, mont)) -+ goto err; -+ if (!BN_cmp(tmp, BN_value_one())) -+ rv = 1; -+ else -+ rv = 0; -+ err: -+ BN_CTX_end(ctx); -+ BN_MONT_CTX_free(mont); -+ BN_CTX_free(ctx); -+ return rv; -+} -+ -+#endif -diff -up openssl-1.1.1j/crypto/dsa/dsa_key.c.fips openssl-1.1.1j/crypto/dsa/dsa_key.c ---- openssl-1.1.1j/crypto/dsa/dsa_key.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dsa/dsa_key.c 2021-03-03 12:57:42.196734500 +0100 -@@ -13,10 +13,49 @@ - #include - #include "dsa_local.h" - -+#ifdef OPENSSL_FIPS -+# include -+# include "crypto/fips.h" -+ -+static int fips_check_dsa(DSA *dsa) -+{ -+ EVP_PKEY *pk; -+ unsigned char tbs[] = "DSA Pairwise Check Data"; -+ int ret = 0; -+ -+ if ((pk = EVP_PKEY_new()) == NULL) -+ goto err; -+ -+ EVP_PKEY_set1_DSA(pk, dsa); -+ -+ if (fips_pkey_signature_test(pk, tbs, -1, NULL, 0, NULL, 0, NULL)) -+ ret = 1; -+ -+ err: -+ if (ret == 0) { -+ FIPSerr(FIPS_F_FIPS_CHECK_DSA, FIPS_R_PAIRWISE_TEST_FAILED); -+ fips_set_selftest_fail(); -+ } -+ -+ if (pk) -+ EVP_PKEY_free(pk); -+ -+ return ret; -+} -+ -+#endif -+ - static int dsa_builtin_keygen(DSA *dsa); - - int DSA_generate_key(DSA *dsa) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD) -+ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) { -+ DSAerr(DSA_F_DSA_GENERATE_KEY, DSA_R_NON_FIPS_DSA_METHOD); -+ return 0; -+ } -+#endif - if (dsa->meth->dsa_keygen) - return dsa->meth->dsa_keygen(dsa); - return dsa_builtin_keygen(dsa); -@@ -28,6 +67,14 @@ static int dsa_builtin_keygen(DSA *dsa) - BN_CTX *ctx = NULL; - BIGNUM *pub_key = NULL, *priv_key = NULL; - -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) -+ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS_GEN)) { -+ DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL); -+ goto err; -+ } -+#endif -+ - if ((ctx = BN_CTX_new()) == NULL) - goto err; - -@@ -65,6 +112,13 @@ static int dsa_builtin_keygen(DSA *dsa) - - dsa->priv_key = priv_key; - dsa->pub_key = pub_key; -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !fips_check_dsa(dsa)) { -+ dsa->pub_key = NULL; -+ dsa->priv_key = NULL; -+ goto err; -+ } -+#endif - ok = 1; - - err: -diff -up openssl-1.1.1j/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1j/crypto/dsa/dsa_ossl.c ---- openssl-1.1.1j/crypto/dsa/dsa_ossl.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dsa/dsa_ossl.c 2021-03-03 12:57:42.196734500 +0100 -@@ -14,6 +14,9 @@ - #include - #include "dsa_local.h" - #include -+#ifdef OPENSSL_FIPS -+# include -+#endif - - static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); - static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, -@@ -77,6 +80,19 @@ static DSA_SIG *dsa_do_sign(const unsign - goto err; - } - -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_DSA_DO_SIGN, FIPS_R_FIPS_SELFTEST_FAILED); -+ return NULL; -+ } -+ -+ if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) -+ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) { -+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_KEY_SIZE_TOO_SMALL); -+ return NULL; -+ } -+#endif -+ - ret = DSA_SIG_new(); - if (ret == NULL) - goto err; -@@ -315,6 +331,18 @@ static int dsa_do_verify(const unsigned - DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_BAD_Q_VALUE); - return -1; - } -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_DSA_DO_VERIFY, FIPS_R_FIPS_SELFTEST_FAILED); -+ return -1; -+ } -+ -+ if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) -+ && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) { -+ DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL); -+ return -1; -+ } -+#endif - - if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) { - DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MODULUS_TOO_LARGE); -@@ -403,6 +431,9 @@ static int dsa_do_verify(const unsigned - - static int dsa_init(DSA *dsa) - { -+#ifdef OPENSSL_FIPS -+ FIPS_selftest_check(); -+#endif - dsa->flags |= DSA_FLAG_CACHE_MONT_P; - return 1; - } -diff -up openssl-1.1.1j/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1j/crypto/dsa/dsa_pmeth.c ---- openssl-1.1.1j/crypto/dsa/dsa_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/dsa/dsa_pmeth.c 2021-03-03 12:57:42.196734500 +0100 -@@ -211,8 +211,8 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT - BN_GENCB_free(pcb); - return 0; - } -- ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd, -- NULL, 0, NULL, NULL, NULL, pcb); -+ ret = dsa_builtin_paramgen2(dsa, dctx->nbits, dctx->qbits, dctx->pmd, -+ NULL, 0, -1, NULL, NULL, NULL, pcb); - BN_GENCB_free(pcb); - if (ret) - EVP_PKEY_assign_DSA(pkey, dsa); -@@ -241,7 +241,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX - - const EVP_PKEY_METHOD dsa_pkey_meth = { - EVP_PKEY_DSA, -- EVP_PKEY_FLAG_AUTOARGLEN, -+ EVP_PKEY_FLAG_AUTOARGLEN | EVP_PKEY_FLAG_FIPS, - pkey_dsa_init, - pkey_dsa_copy, - pkey_dsa_cleanup, -diff -up openssl-1.1.1j/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1j/crypto/ec/ecdh_ossl.c ---- openssl-1.1.1j/crypto/ec/ecdh_ossl.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/ec/ecdh_ossl.c 2021-03-03 12:57:42.196734500 +0100 -@@ -19,9 +19,20 @@ - #include - #include "ec_local.h" - -+#ifdef OPENSSL_FIPS -+# include -+#endif -+ - int ossl_ecdh_compute_key(unsigned char **psec, size_t *pseclen, - const EC_POINT *pub_key, const EC_KEY *ecdh) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_ECDH_COMPUTE_KEY, FIPS_R_FIPS_SELFTEST_FAILED); -+ return -1; -+ } -+#endif -+ - if (ecdh->group->meth->ecdh_compute_key == NULL) { - ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH); - return 0; -diff -up openssl-1.1.1j/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1j/crypto/ec/ecdsa_ossl.c ---- openssl-1.1.1j/crypto/ec/ecdsa_ossl.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/ec/ecdsa_ossl.c 2021-03-03 12:57:42.196734500 +0100 -@@ -14,6 +14,10 @@ - #include "crypto/bn.h" - #include "ec_local.h" - -+#ifdef OPENSSL_FIPS -+# include -+#endif -+ - int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, - unsigned char *sig, unsigned int *siglen, - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) -@@ -163,6 +167,13 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns - ECDSA_SIG *ret; - const BIGNUM *priv_key; - -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_OSSL_ECDSA_SIGN_SIG, FIPS_R_FIPS_SELFTEST_FAILED); -+ return NULL; -+ } -+#endif -+ - group = EC_KEY_get0_group(eckey); - priv_key = EC_KEY_get0_private_key(eckey); - -@@ -325,6 +336,13 @@ int ossl_ecdsa_verify_sig(const unsigned - const EC_GROUP *group; - const EC_POINT *pub_key; - -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_OSSL_ECDSA_VERIFY_SIG, FIPS_R_FIPS_SELFTEST_FAILED); -+ return -1; -+ } -+#endif -+ - /* check input values */ - if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || - (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { -diff -up openssl-1.1.1j/crypto/ec/ec_key.c.fips openssl-1.1.1j/crypto/ec/ec_key.c ---- openssl-1.1.1j/crypto/ec/ec_key.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/ec/ec_key.c 2021-03-03 12:57:42.196734500 +0100 -@@ -179,14 +179,62 @@ ENGINE *EC_KEY_get0_engine(const EC_KEY - return eckey->engine; - } - -+#ifdef OPENSSL_FIPS -+ -+# include -+# include "crypto/fips.h" -+ -+static int fips_check_ec(EC_KEY *key) -+{ -+ EVP_PKEY *pk; -+ unsigned char tbs[] = "ECDSA Pairwise Check Data"; -+ int ret = 0; -+ -+ if (!EC_KEY_can_sign(key)) /* no test for non-signing keys */ -+ return 1; -+ -+ if ((pk = EVP_PKEY_new()) == NULL) -+ goto err; -+ -+ EVP_PKEY_set1_EC_KEY(pk, key); -+ -+ if (fips_pkey_signature_test(pk, tbs, -1, NULL, 0, NULL, 0, NULL)) -+ ret = 1; -+ -+ err: -+ if (ret == 0) { -+ FIPSerr(FIPS_F_FIPS_CHECK_EC, FIPS_R_PAIRWISE_TEST_FAILED); -+ fips_set_selftest_fail(); -+ } -+ if (pk) -+ EVP_PKEY_free(pk); -+ return ret; -+} -+ -+#endif -+ - int EC_KEY_generate_key(EC_KEY *eckey) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_NOT_INITIALIZED); -+ return 0; -+ } -+#endif - if (eckey == NULL || eckey->group == NULL) { - ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } -- if (eckey->meth->keygen != NULL) -- return eckey->meth->keygen(eckey); -+ if (eckey->meth->keygen != NULL) { -+ int rv = eckey->meth->keygen(eckey); -+ -+#ifdef OPENSSL_FIPS -+ if (rv > 0 && FIPS_mode()) { -+ rv = fips_check_ec(eckey); -+ } -+#endif -+ return rv; -+ } - ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_OPERATION_NOT_SUPPORTED); - return 0; - } -diff -up openssl-1.1.1j/crypto/ec/ec_pmeth.c.fips openssl-1.1.1j/crypto/ec/ec_pmeth.c ---- openssl-1.1.1j/crypto/ec/ec_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/ec/ec_pmeth.c 2021-03-03 12:57:42.197734509 +0100 -@@ -438,7 +438,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX * - - const EVP_PKEY_METHOD ec_pkey_meth = { - EVP_PKEY_EC, -- 0, -+ EVP_PKEY_FLAG_FIPS, - pkey_ec_init, - pkey_ec_copy, - pkey_ec_cleanup, -diff -up openssl-1.1.1j/crypto/evp/digest.c.fips openssl-1.1.1j/crypto/evp/digest.c ---- openssl-1.1.1j/crypto/evp/digest.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/digest.c 2021-03-03 12:57:42.197734509 +0100 -@@ -14,6 +14,9 @@ - #include - #include "crypto/evp.h" - #include "evp_local.h" -+#ifdef OPENSSL_FIPS -+# include -+#endif - - /* This call frees resources associated with the context */ - int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) -@@ -66,6 +69,12 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, cons - int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) - { - EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_EVP_DIGESTINIT_EX, FIPS_R_FIPS_SELFTEST_FAILED); -+ return 0; -+ } -+#endif - #ifndef OPENSSL_NO_ENGINE - /* - * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so -@@ -119,6 +128,15 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c - } - #endif - if (ctx->digest != type) { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode()) { -+ if (!(type->flags & EVP_MD_FLAG_FIPS) -+ && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) { -+ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_FOR_FIPS); -+ return 0; -+ } -+ } -+#endif - if (ctx->digest && ctx->digest->ctx_size) { - OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); - ctx->md_data = NULL; -@@ -150,6 +168,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c - - int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) - { -+#ifdef OPENSSL_FIPS -+ FIPS_selftest_check(); -+#endif -+ - if (count == 0) - return 1; - -@@ -170,6 +192,9 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, - { - int ret; - -+#ifdef OPENSSL_FIPS -+ FIPS_selftest_check(); -+#endif - OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); - ret = ctx->digest->final(ctx, md); - if (size != NULL) -diff -up openssl-1.1.1j/crypto/evp/e_aes.c.fips openssl-1.1.1j/crypto/evp/e_aes.c ---- openssl-1.1.1j/crypto/evp/e_aes.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/e_aes.c 2021-03-03 12:57:42.197734509 +0100 -@@ -397,7 +397,7 @@ static int aesni_xts_init_key(EVP_CIPHER - * This addresses Rogaway's vulnerability. - * See comment in aes_xts_init_key() below. - */ -- if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { -+ if (CRYPTO_memcmp(key, key + bytes, bytes) == 0) { - EVPerr(EVP_F_AESNI_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS); - return 0; - } -@@ -817,7 +817,7 @@ static int aes_t4_xts_init_key(EVP_CIPHE - * This addresses Rogaway's vulnerability. - * See comment in aes_xts_init_key() below. - */ -- if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { -+ if (CRYPTO_memcmp(key, key + bytes, bytes) == 0) { - EVPerr(EVP_F_AES_T4_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS); - return 0; - } -@@ -2833,9 +2833,9 @@ static int aes_ctr_cipher(EVP_CIPHER_CTX - return 1; - } - --BLOCK_CIPHER_generic_pack(NID_aes, 128, 0) -- BLOCK_CIPHER_generic_pack(NID_aes, 192, 0) -- BLOCK_CIPHER_generic_pack(NID_aes, 256, 0) -+BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS) -+ BLOCK_CIPHER_generic_pack(NID_aes, 192, EVP_CIPH_FLAG_FIPS) -+ BLOCK_CIPHER_generic_pack(NID_aes, 256, EVP_CIPH_FLAG_FIPS) - - static int aes_gcm_cleanup(EVP_CIPHER_CTX *c) - { -@@ -2869,6 +2869,11 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX * - case EVP_CTRL_AEAD_SET_IVLEN: - if (arg <= 0) - return 0; -+# ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(c->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) -+ && arg < 12) -+ return 0; -+# endif - /* Allocate memory for IV if needed */ - if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) { - if (gctx->iv != c->iv) -@@ -3318,11 +3323,14 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX - | EVP_CIPH_CUSTOM_COPY | EVP_CIPH_CUSTOM_IV_LENGTH) - - BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM, -- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) -+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | -+ CUSTOM_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM, -- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) -+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | -+ CUSTOM_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM, -- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) -+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | -+ CUSTOM_FLAGS) - - static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) - { -@@ -3380,7 +3388,7 @@ static int aes_xts_init_key(EVP_CIPHER_C - * BEFORE using the keys in the XTS-AES algorithm to process - * data with them." - */ -- if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { -+ if (CRYPTO_memcmp(key, key + bytes, bytes) == 0) { - EVPerr(EVP_F_AES_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS); - return 0; - } -@@ -3484,6 +3492,14 @@ static int aes_xts_cipher(EVP_CIPHER_CTX - return 0; - if (!out || !in || len < AES_BLOCK_SIZE) - return 0; -+# ifdef OPENSSL_FIPS -+ /* Requirement of SP800-38E */ -+ if (FIPS_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) && -+ (len > (1UL << 20) * 16)) { -+ EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE); -+ return 0; -+ } -+# endif - if (xctx->stream) - (*xctx->stream) (in, out, len, - xctx->xts.key1, xctx->xts.key2, -@@ -3501,8 +3517,10 @@ static int aes_xts_cipher(EVP_CIPHER_CTX - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ - | EVP_CIPH_CUSTOM_COPY) - --BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, XTS_FLAGS) -- BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, XTS_FLAGS) -+BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, -+ EVP_CIPH_FLAG_FIPS | XTS_FLAGS) -+ BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, -+ EVP_CIPH_FLAG_FIPS | XTS_FLAGS) - - static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) - { -@@ -3772,11 +3790,11 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX - #define aes_ccm_cleanup NULL - - BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM, -- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) -+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM, -- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) -+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM, -- EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) -+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - - typedef struct { - union { -@@ -3869,7 +3887,7 @@ static int aes_wrap_cipher(EVP_CIPHER_CT - return rv ? (int)rv : -1; - } - --#define WRAP_FLAGS (EVP_CIPH_WRAP_MODE \ -+#define WRAP_FLAGS (EVP_CIPH_WRAP_MODE | EVP_CIPH_FLAG_FIPS \ - | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) - -diff -up openssl-1.1.1j/crypto/evp/e_des3.c.fips openssl-1.1.1j/crypto/evp/e_des3.c ---- openssl-1.1.1j/crypto/evp/e_des3.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/e_des3.c 2021-03-03 12:57:42.197734509 +0100 -@@ -211,16 +211,19 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, - # define des_ede3_cbc_cipher des_ede_cbc_cipher - # define des_ede3_ecb_cipher des_ede_ecb_cipher - BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, -- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, -- des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) -+ EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | -+ EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, NULL, -+ des3_ctrl) - - BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1, -- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, -- des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) -+ EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | -+ EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, -+ NULL, des3_ctrl) - - BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8, -- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, -- des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) -+ EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS | -+ EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, -+ NULL, des3_ctrl) - - static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -diff -up openssl-1.1.1j/crypto/evp/e_null.c.fips openssl-1.1.1j/crypto/evp/e_null.c ---- openssl-1.1.1j/crypto/evp/e_null.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/e_null.c 2021-03-03 12:57:42.197734509 +0100 -@@ -19,7 +19,8 @@ static int null_cipher(EVP_CIPHER_CTX *c - const unsigned char *in, size_t inl); - static const EVP_CIPHER n_cipher = { - NID_undef, -- 1, 0, 0, 0, -+ 1, 0, 0, -+ EVP_CIPH_FLAG_FIPS, - null_init_key, - null_cipher, - NULL, -diff -up openssl-1.1.1j/crypto/evp/evp_enc.c.fips openssl-1.1.1j/crypto/evp/evp_enc.c ---- openssl-1.1.1j/crypto/evp/evp_enc.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/evp_enc.c 2021-03-03 12:57:42.197734509 +0100 -@@ -18,9 +18,18 @@ - #include - #include "crypto/evp.h" - #include "evp_local.h" -+#ifdef OPENSSL_FIPS -+# include -+#endif - - int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_EVP_CIPHER_CTX_RESET, FIPS_R_FIPS_SELFTEST_FAILED); -+ return 0; -+ } -+#endif - if (c == NULL) - return 1; - if (c->cipher != NULL) { -@@ -40,6 +49,12 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX - - EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_EVP_CIPHER_CTX_NEW, FIPS_R_FIPS_SELFTEST_FAILED); -+ return NULL; -+ } -+#endif - return OPENSSL_zalloc(sizeof(EVP_CIPHER_CTX)); - } - -@@ -68,6 +83,12 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct - enc = 1; - ctx->encrypt = enc; - } -+#ifdef OPENSSL_FIPS -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_EVP_CIPHERINIT_EX, FIPS_R_FIPS_SELFTEST_FAILED); -+ return 0; -+ } -+#endif - #ifndef OPENSSL_NO_ENGINE - /* - * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so -@@ -137,7 +158,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct - } - ctx->key_len = cipher->key_len; - /* Preserve wrap enable flag, zero everything else */ -- ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW; -+ ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW | EVP_CIPH_FLAG_NON_FIPS_ALLOW; - if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { - if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { - ctx->cipher = NULL; -@@ -196,6 +217,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct - return 0; - } - } -+#ifdef OPENSSL_FIPS -+ /* After 'key' is set no further parameters changes are permissible. -+ * So only check for non FIPS enabling at this point. -+ */ -+ if (key && FIPS_mode()) { -+ if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS) -+ & !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) { -+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_DISABLED_FOR_FIPS); -+ return 0; -+ } -+ } -+#endif - - if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { - if (!ctx->cipher->init(ctx, key, iv, enc)) -diff -up openssl-1.1.1j/crypto/evp/evp_err.c.fips openssl-1.1.1j/crypto/evp/evp_err.c ---- openssl-1.1.1j/crypto/evp/evp_err.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/evp_err.c 2021-03-03 12:57:42.198734517 +0100 -@@ -23,6 +23,7 @@ static const ERR_STRING_DATA EVP_str_fun - {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_T4_XTS_INIT_KEY, 0), - "aes_t4_xts_init_key"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_WRAP_CIPHER, 0), "aes_wrap_cipher"}, -+ {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_XTS_CIPHER, 0), "aes_xts_cipher"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_XTS_INIT_KEY, 0), "aes_xts_init_key"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_ALG_MODULE_INIT, 0), "alg_module_init"}, - {ERR_PACK(ERR_LIB_EVP, EVP_F_ARIA_CCM_INIT_KEY, 0), "aria_ccm_init_key"}, -@@ -186,6 +187,7 @@ static const ERR_STRING_DATA EVP_str_rea - "different key types"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIFFERENT_PARAMETERS), - "different parameters"}, -+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DISABLED_FOR_FIPS), "disabled for FIPS"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_LOADING_SECTION), - "error loading section"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_SETTING_FIPS_MODE), -@@ -251,6 +253,7 @@ static const ERR_STRING_DATA EVP_str_rea - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_ENCODE_ERROR), - "private key encode error"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"}, -+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_TOO_LARGE), "too large"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_CIPHER), "unknown cipher"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_DIGEST), "unknown digest"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_OPTION), "unknown option"}, -@@ -276,6 +279,8 @@ static const ERR_STRING_DATA EVP_str_rea - "wrap mode not allowed"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH), - "wrong final block length"}, -+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE), -+ "xts data unit is too large"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DUPLICATED_KEYS), - "xts duplicated keys"}, - {0, NULL} -diff -up openssl-1.1.1j/crypto/evp/evp_lib.c.fips openssl-1.1.1j/crypto/evp/evp_lib.c ---- openssl-1.1.1j/crypto/evp/evp_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/evp_lib.c 2021-03-03 12:57:42.198734517 +0100 -@@ -192,6 +192,9 @@ int EVP_CIPHER_impl_ctx_size(const EVP_C - int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) - { -+#ifdef OPENSSL_FIPS -+ FIPS_selftest_check(); -+#endif - return ctx->cipher->do_cipher(ctx, out, in, inl); - } - -diff -up openssl-1.1.1j/crypto/evp/m_sha1.c.fips openssl-1.1.1j/crypto/evp/m_sha1.c ---- openssl-1.1.1j/crypto/evp/m_sha1.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/m_sha1.c 2021-03-03 12:57:42.198734517 +0100 -@@ -95,7 +95,7 @@ static const EVP_MD sha1_md = { - NID_sha1, - NID_sha1WithRSAEncryption, - SHA_DIGEST_LENGTH, -- EVP_MD_FLAG_DIGALGID_ABSENT, -+ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, - init, - update, - final, -@@ -145,7 +145,7 @@ static const EVP_MD sha224_md = { - NID_sha224, - NID_sha224WithRSAEncryption, - SHA224_DIGEST_LENGTH, -- EVP_MD_FLAG_DIGALGID_ABSENT, -+ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, - init224, - update224, - final224, -@@ -164,7 +164,7 @@ static const EVP_MD sha256_md = { - NID_sha256, - NID_sha256WithRSAEncryption, - SHA256_DIGEST_LENGTH, -- EVP_MD_FLAG_DIGALGID_ABSENT, -+ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, - init256, - update256, - final256, -@@ -224,7 +224,7 @@ static const EVP_MD sha512_224_md = { - NID_sha512_224, - NID_sha512_224WithRSAEncryption, - SHA224_DIGEST_LENGTH, -- EVP_MD_FLAG_DIGALGID_ABSENT, -+ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, - init512_224, - update512, - final512, -@@ -243,7 +243,7 @@ static const EVP_MD sha512_256_md = { - NID_sha512_256, - NID_sha512_256WithRSAEncryption, - SHA256_DIGEST_LENGTH, -- EVP_MD_FLAG_DIGALGID_ABSENT, -+ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, - init512_256, - update512, - final512, -@@ -262,7 +262,7 @@ static const EVP_MD sha384_md = { - NID_sha384, - NID_sha384WithRSAEncryption, - SHA384_DIGEST_LENGTH, -- EVP_MD_FLAG_DIGALGID_ABSENT, -+ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, - init384, - update384, - final384, -@@ -281,7 +281,7 @@ static const EVP_MD sha512_md = { - NID_sha512, - NID_sha512WithRSAEncryption, - SHA512_DIGEST_LENGTH, -- EVP_MD_FLAG_DIGALGID_ABSENT, -+ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, - init512, - update512, - final512, -diff -up openssl-1.1.1j/crypto/evp/m_sha3.c.fips openssl-1.1.1j/crypto/evp/m_sha3.c ---- openssl-1.1.1j/crypto/evp/m_sha3.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/m_sha3.c 2021-03-03 12:57:42.198734517 +0100 -@@ -295,7 +295,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) - NID_sha3_##bitlen, \ - NID_RSA_SHA3_##bitlen, \ - bitlen / 8, \ -- EVP_MD_FLAG_DIGALGID_ABSENT, \ -+ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, \ - s390x_sha3_init, \ - s390x_sha3_update, \ - s390x_sha3_final, \ -@@ -308,7 +308,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) - NID_sha3_##bitlen, \ - NID_RSA_SHA3_##bitlen, \ - bitlen / 8, \ -- EVP_MD_FLAG_DIGALGID_ABSENT, \ -+ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, \ - sha3_init, \ - sha3_update, \ - sha3_final, \ -@@ -329,7 +329,7 @@ const EVP_MD *EVP_shake##bitlen(void) - NID_shake##bitlen, \ - 0, \ - bitlen / 8, \ -- EVP_MD_FLAG_XOF, \ -+ EVP_MD_FLAG_XOF | EVP_MD_FLAG_FIPS, \ - s390x_shake_init, \ - s390x_sha3_update, \ - s390x_shake_final, \ -@@ -343,7 +343,7 @@ const EVP_MD *EVP_shake##bitlen(void) - NID_shake##bitlen, \ - 0, \ - bitlen / 8, \ -- EVP_MD_FLAG_XOF, \ -+ EVP_MD_FLAG_XOF | EVP_MD_FLAG_FIPS, \ - shake_init, \ - sha3_update, \ - sha3_final, \ -@@ -367,7 +367,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) - NID_sha3_##bitlen, \ - NID_RSA_SHA3_##bitlen, \ - bitlen / 8, \ -- EVP_MD_FLAG_DIGALGID_ABSENT, \ -+ EVP_MD_FLAG_DIGALGID_ABSENT | EVP_MD_FLAG_FIPS, \ - sha3_init, \ - sha3_update, \ - sha3_final, \ -@@ -386,7 +386,7 @@ const EVP_MD *EVP_shake##bitlen(void) - NID_shake##bitlen, \ - 0, \ - bitlen / 8, \ -- EVP_MD_FLAG_XOF, \ -+ EVP_MD_FLAG_XOF | EVP_MD_FLAG_FIPS, \ - shake_init, \ - sha3_update, \ - sha3_final, \ -diff -up openssl-1.1.1j/crypto/evp/pmeth_lib.c.fips openssl-1.1.1j/crypto/evp/pmeth_lib.c ---- openssl-1.1.1j/crypto/evp/pmeth_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/evp/pmeth_lib.c 2021-03-03 12:57:42.198734517 +0100 -@@ -131,7 +131,15 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKE - pmeth = ENGINE_get_pkey_meth(e, id); - else - #endif -+ { - pmeth = EVP_PKEY_meth_find(id); -+#ifdef OPENSSL_FIPS -+ if (pmeth && !(pmeth->flags & EVP_PKEY_FLAG_FIPS) && FIPS_mode()) { -+ EVPerr(EVP_F_INT_CTX_NEW, EVP_R_DISABLED_FOR_FIPS); -+ return NULL; -+ } -+#endif -+ } - - if (pmeth == NULL) { - #ifndef OPENSSL_NO_ENGINE -diff -up openssl-1.1.1j/crypto/fips/build.info.fips openssl-1.1.1j/crypto/fips/build.info ---- openssl-1.1.1j/crypto/fips/build.info.fips 2021-03-03 12:57:42.198734517 +0100 -+++ openssl-1.1.1j/crypto/fips/build.info 2021-03-03 12:57:42.198734517 +0100 -@@ -0,0 +1,15 @@ -+LIBS=../../libcrypto -+SOURCE[../../libcrypto]=\ -+ fips_aes_selftest.c fips_des_selftest.c fips_hmac_selftest.c \ -+ fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c \ -+ fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \ -+ fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \ -+ fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \ -+ fips_dh_selftest.c fips_ers.c -+ -+PROGRAMS_NO_INST=\ -+ fips_standalone_hmac -+ -+SOURCE[fips_standalone_hmac]=fips_standalone_hmac.c -+INCLUDE[fips_standalone_hmac]=../../include -+DEPEND[fips_standalone_hmac]=../../libcrypto -diff -up openssl-1.1.1j/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_aes_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_aes_selftest.c.fips 2021-03-03 12:57:42.198734517 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_aes_selftest.c 2021-03-03 12:57:42.198734517 +0100 -@@ -0,0 +1,372 @@ -+/* ==================================================================== -+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+#ifdef OPENSSL_FIPS -+# include -+# include "crypto/fips.h" -+#endif -+ -+#ifdef OPENSSL_FIPS -+static const struct { -+ const unsigned char key[16]; -+ const unsigned char plaintext[16]; -+ const unsigned char ciphertext[16]; -+} tests[] = { -+ { -+ { -+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, -+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}, { -+ 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, -+ 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF}, { -+0x69, 0xC4, 0xE0, 0xD8, 0x6A, 0x7B, 0x04, 0x30, -+ 0xD8, 0xCD, 0xB7, 0x80, 0x70, 0xB4, 0xC5, 0x5A},},}; -+ -+int FIPS_selftest_aes() -+{ -+ int n; -+ int ret = 0; -+ EVP_CIPHER_CTX *ctx; -+ -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) -+ goto err; -+ -+ for (n = 0; n < 1; ++n) { -+ unsigned char key[16]; -+ -+ memcpy(key, tests[n].key, sizeof(key)); -+ if (fips_cipher_test(ctx, EVP_aes_128_ecb(), -+ key, NULL, -+ tests[n].plaintext, -+ tests[n].ciphertext, 16) <= 0) -+ goto err; -+ } -+ ret = 1; -+ err: -+ EVP_CIPHER_CTX_free(ctx); -+ if (ret == 0) -+ FIPSerr(FIPS_F_FIPS_SELFTEST_AES, FIPS_R_SELFTEST_FAILED); -+ return ret; -+} -+ -+/* AES-CCM test data from NIST public test vectors */ -+ -+static const unsigned char ccm_key[] = { -+ 0xce, 0xb0, 0x09, 0xae, 0xa4, 0x45, 0x44, 0x51, 0xfe, 0xad, 0xf0, 0xe6, -+ 0xb3, 0x6f, 0x45, 0x55, 0x5d, 0xd0, 0x47, 0x23, 0xba, 0xa4, 0x48, 0xe8 -+}; -+ -+static const unsigned char ccm_nonce[] = { -+ 0x76, 0x40, 0x43, 0xc4, 0x94, 0x60, 0xb7 -+}; -+ -+static const unsigned char ccm_adata[] = { -+ 0x6e, 0x80, 0xdd, 0x7f, 0x1b, 0xad, 0xf3, 0xa1, 0xc9, 0xab, 0x25, 0xc7, -+ 0x5f, 0x10, 0xbd, 0xe7, 0x8c, 0x23, 0xfa, 0x0e, 0xb8, 0xf9, 0xaa, 0xa5, -+ 0x3a, 0xde, 0xfb, 0xf4, 0xcb, 0xf7, 0x8f, 0xe4 -+}; -+ -+static const unsigned char ccm_pt[] = { -+ 0xc8, 0xd2, 0x75, 0xf9, 0x19, 0xe1, 0x7d, 0x7f, 0xe6, 0x9c, 0x2a, 0x1f, -+ 0x58, 0x93, 0x9d, 0xfe, 0x4d, 0x40, 0x37, 0x91, 0xb5, 0xdf, 0x13, 0x10 -+}; -+ -+static const unsigned char ccm_ct[] = { -+ 0x8a, 0x0f, 0x3d, 0x82, 0x29, 0xe4, 0x8e, 0x74, 0x87, 0xfd, 0x95, 0xa2, -+ 0x8a, 0xd3, 0x92, 0xc8, 0x0b, 0x36, 0x81, 0xd4, 0xfb, 0xc7, 0xbb, 0xfd -+}; -+ -+static const unsigned char ccm_tag[] = { -+ 0x2d, 0xd6, 0xef, 0x1c, 0x45, 0xd4, 0xcc, 0xb7, 0x23, 0xdc, 0x07, 0x44, -+ 0x14, 0xdb, 0x50, 0x6d -+}; -+ -+int FIPS_selftest_aes_ccm(void) -+{ -+ int ret = 0; -+ unsigned char out[128], tag[16]; -+ EVP_CIPHER_CTX *ctx; -+ -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) -+ goto err; -+ -+ memset(out, 0, sizeof(out)); -+ if (!EVP_CipherInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL, 1)) -+ goto err; -+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, -+ sizeof(ccm_nonce), NULL)) -+ goto err; -+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, -+ sizeof(ccm_tag), NULL)) -+ goto err; -+ if (!EVP_CipherInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce, 1)) -+ goto err; -+ if (EVP_Cipher(ctx, NULL, NULL, sizeof(ccm_pt)) != sizeof(ccm_pt)) -+ goto err; -+ if (EVP_Cipher(ctx, NULL, ccm_adata, sizeof(ccm_adata)) < 0) -+ goto err; -+ if (EVP_Cipher(ctx, out, ccm_pt, sizeof(ccm_pt)) != sizeof(ccm_ct)) -+ goto err; -+ -+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, 16, tag)) -+ goto err; -+ if (memcmp(tag, ccm_tag, sizeof(ccm_tag)) -+ || memcmp(out, ccm_ct, sizeof(ccm_ct))) -+ goto err; -+ -+ memset(out, 0, sizeof(out)); -+ -+ if (!EVP_CipherInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL, 0)) -+ goto err; -+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, -+ sizeof(ccm_nonce), NULL)) -+ goto err; -+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, 16, tag)) -+ goto err; -+ if (!EVP_CipherInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce, 0)) -+ goto err; -+ if (EVP_Cipher(ctx, NULL, NULL, sizeof(ccm_ct)) != sizeof(ccm_ct)) -+ goto err; -+ if (EVP_Cipher(ctx, NULL, ccm_adata, sizeof(ccm_adata)) < 0) -+ goto err; -+ if (EVP_Cipher(ctx, out, ccm_ct, sizeof(ccm_ct)) != sizeof(ccm_pt)) -+ goto err; -+ -+ if (memcmp(out, ccm_pt, sizeof(ccm_pt))) -+ goto err; -+ -+ ret = 1; -+ -+ err: -+ EVP_CIPHER_CTX_free(ctx); -+ -+ if (ret == 0) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST_AES_CCM, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } else -+ return ret; -+ -+} -+ -+/* AES-GCM test data from NIST public test vectors */ -+ -+static const unsigned char gcm_key[] = { -+ 0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66, -+ 0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69, -+ 0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f -+}; -+ -+static const unsigned char gcm_iv[] = { -+ 0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84 -+}; -+ -+static const unsigned char gcm_pt[] = { -+ 0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e, 0xeb, 0x31, 0xb2, 0xea, -+ 0xcc, 0x2b, 0xf2, 0xa5 -+}; -+ -+static const unsigned char gcm_aad[] = { -+ 0x4d, 0x23, 0xc3, 0xce, 0xc3, 0x34, 0xb4, 0x9b, 0xdb, 0x37, 0x0c, 0x43, -+ 0x7f, 0xec, 0x78, 0xde -+}; -+ -+static const unsigned char gcm_ct[] = { -+ 0xf7, 0x26, 0x44, 0x13, 0xa8, 0x4c, 0x0e, 0x7c, 0xd5, 0x36, 0x86, 0x7e, -+ 0xb9, 0xf2, 0x17, 0x36 -+}; -+ -+static const unsigned char gcm_tag[] = { -+ 0x67, 0xba, 0x05, 0x10, 0x26, 0x2a, 0xe4, 0x87, 0xd7, 0x37, 0xee, 0x62, -+ 0x98, 0xf7, 0x7e, 0x0c -+}; -+ -+int FIPS_selftest_aes_gcm(void) -+{ -+ int ret = 0; -+ unsigned char out[128], tag[16]; -+ EVP_CIPHER_CTX *ctx; -+ -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) -+ goto err; -+ -+ memset(out, 0, sizeof(out)); -+ memset(tag, 0, sizeof(tag)); -+ if (!EVP_CipherInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL, 1)) -+ goto err; -+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, -+ sizeof(gcm_iv), NULL)) -+ goto err; -+ if (!EVP_CipherInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv, 1)) -+ goto err; -+ if (EVP_Cipher(ctx, NULL, gcm_aad, sizeof(gcm_aad)) < 0) -+ goto err; -+ if (EVP_Cipher(ctx, out, gcm_pt, sizeof(gcm_pt)) != sizeof(gcm_ct)) -+ goto err; -+ if (EVP_Cipher(ctx, NULL, NULL, 0) < 0) -+ goto err; -+ -+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag)) -+ goto err; -+ -+ if (memcmp(tag, gcm_tag, 16) || memcmp(out, gcm_ct, 16)) -+ goto err; -+ -+ memset(out, 0, sizeof(out)); -+ -+ if (!EVP_CipherInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL, 0)) -+ goto err; -+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, -+ sizeof(gcm_iv), NULL)) -+ goto err; -+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag)) -+ goto err; -+ if (!EVP_CipherInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv, 0)) -+ goto err; -+ if (EVP_Cipher(ctx, NULL, gcm_aad, sizeof(gcm_aad)) < 0) -+ goto err; -+ if (EVP_Cipher(ctx, out, gcm_ct, sizeof(gcm_ct)) != sizeof(gcm_pt)) -+ goto err; -+ if (EVP_Cipher(ctx, NULL, NULL, 0) < 0) -+ goto err; -+ -+ if (memcmp(out, gcm_pt, 16)) -+ goto err; -+ -+ ret = 1; -+ -+ err: -+ EVP_CIPHER_CTX_free(ctx); -+ -+ if (ret == 0) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST_AES_GCM, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } else -+ return ret; -+ -+} -+ -+static const unsigned char XTS_128_key[] = { -+ 0xa1, 0xb9, 0x0c, 0xba, 0x3f, 0x06, 0xac, 0x35, 0x3b, 0x2c, 0x34, 0x38, -+ 0x76, 0x08, 0x17, 0x62, 0x09, 0x09, 0x23, 0x02, 0x6e, 0x91, 0x77, 0x18, -+ 0x15, 0xf2, 0x9d, 0xab, 0x01, 0x93, 0x2f, 0x2f -+}; -+ -+static const unsigned char XTS_128_i[] = { -+ 0x4f, 0xae, 0xf7, 0x11, 0x7c, 0xda, 0x59, 0xc6, 0x6e, 0x4b, 0x92, 0x01, -+ 0x3e, 0x76, 0x8a, 0xd5 -+}; -+ -+static const unsigned char XTS_128_pt[] = { -+ 0xeb, 0xab, 0xce, 0x95, 0xb1, 0x4d, 0x3c, 0x8d, 0x6f, 0xb3, 0x50, 0x39, -+ 0x07, 0x90, 0x31, 0x1c -+}; -+ -+static const unsigned char XTS_128_ct[] = { -+ 0x77, 0x8a, 0xe8, 0xb4, 0x3c, 0xb9, 0x8d, 0x5a, 0x82, 0x50, 0x81, 0xd5, -+ 0xbe, 0x47, 0x1c, 0x63 -+}; -+ -+static const unsigned char XTS_256_key[] = { -+ 0x1e, 0xa6, 0x61, 0xc5, 0x8d, 0x94, 0x3a, 0x0e, 0x48, 0x01, 0xe4, 0x2f, -+ 0x4b, 0x09, 0x47, 0x14, 0x9e, 0x7f, 0x9f, 0x8e, 0x3e, 0x68, 0xd0, 0xc7, -+ 0x50, 0x52, 0x10, 0xbd, 0x31, 0x1a, 0x0e, 0x7c, 0xd6, 0xe1, 0x3f, 0xfd, -+ 0xf2, 0x41, 0x8d, 0x8d, 0x19, 0x11, 0xc0, 0x04, 0xcd, 0xa5, 0x8d, 0xa3, -+ 0xd6, 0x19, 0xb7, 0xe2, 0xb9, 0x14, 0x1e, 0x58, 0x31, 0x8e, 0xea, 0x39, -+ 0x2c, 0xf4, 0x1b, 0x08 -+}; -+ -+static const unsigned char XTS_256_i[] = { -+ 0xad, 0xf8, 0xd9, 0x26, 0x27, 0x46, 0x4a, 0xd2, 0xf0, 0x42, 0x8e, 0x84, -+ 0xa9, 0xf8, 0x75, 0x64 -+}; -+ -+static const unsigned char XTS_256_pt[] = { -+ 0x2e, 0xed, 0xea, 0x52, 0xcd, 0x82, 0x15, 0xe1, 0xac, 0xc6, 0x47, 0xe8, -+ 0x10, 0xbb, 0xc3, 0x64, 0x2e, 0x87, 0x28, 0x7f, 0x8d, 0x2e, 0x57, 0xe3, -+ 0x6c, 0x0a, 0x24, 0xfb, 0xc1, 0x2a, 0x20, 0x2e -+}; -+ -+static const unsigned char XTS_256_ct[] = { -+ 0xcb, 0xaa, 0xd0, 0xe2, 0xf6, 0xce, 0xa3, 0xf5, 0x0b, 0x37, 0xf9, 0x34, -+ 0xd4, 0x6a, 0x9b, 0x13, 0x0b, 0x9d, 0x54, 0xf0, 0x7e, 0x34, 0xf3, 0x6a, -+ 0xf7, 0x93, 0xe8, 0x6f, 0x73, 0xc6, 0xd7, 0xdb -+}; -+ -+int FIPS_selftest_aes_xts() -+{ -+ int ret = 1; -+ EVP_CIPHER_CTX *ctx; -+ -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) -+ goto err; -+ -+ if (fips_cipher_test(ctx, EVP_aes_128_xts(), -+ XTS_128_key, XTS_128_i, XTS_128_pt, XTS_128_ct, -+ sizeof(XTS_128_pt)) <= 0) -+ ret = 0; -+ -+ if (fips_cipher_test(ctx, EVP_aes_256_xts(), -+ XTS_256_key, XTS_256_i, XTS_256_pt, XTS_256_ct, -+ sizeof(XTS_256_pt)) <= 0) -+ ret = 0; -+ -+ EVP_CIPHER_CTX_free(ctx); -+ -+ err: -+ if (ret == 0) -+ FIPSerr(FIPS_F_FIPS_SELFTEST_AES_XTS, FIPS_R_SELFTEST_FAILED); -+ return ret; -+} -+ -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips.c.fips openssl-1.1.1j/crypto/fips/fips.c ---- openssl-1.1.1j/crypto/fips/fips.c.fips 2021-03-03 12:57:42.198734517 +0100 -+++ openssl-1.1.1j/crypto/fips/fips.c 2021-03-03 12:57:42.198734517 +0100 -@@ -0,0 +1,526 @@ -+/* ==================================================================== -+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#define _GNU_SOURCE -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include "fips_locl.h" -+ -+#ifdef OPENSSL_FIPS -+ -+# include -+# include "internal/thread_once.h" -+ -+# ifndef PATH_MAX -+# define PATH_MAX 1024 -+# endif -+ -+static int fips_selftest_fail = 0; -+static int fips_mode = 0; -+static int fips_started = 0; -+ -+static int fips_is_owning_thread(void); -+static int fips_set_owning_thread(void); -+static int fips_clear_owning_thread(void); -+ -+static CRYPTO_RWLOCK *fips_lock = NULL; -+static CRYPTO_RWLOCK *fips_owning_lock = NULL; -+static CRYPTO_ONCE fips_lock_init = CRYPTO_ONCE_STATIC_INIT; -+ -+DEFINE_RUN_ONCE_STATIC(do_fips_lock_init) -+{ -+ fips_lock = CRYPTO_THREAD_lock_new(); -+ fips_owning_lock = CRYPTO_THREAD_lock_new(); -+ return fips_lock != NULL && fips_owning_lock != NULL; -+} -+ -+# define fips_w_lock() CRYPTO_THREAD_write_lock(fips_lock) -+# define fips_w_unlock() CRYPTO_THREAD_unlock(fips_lock) -+# define fips_r_lock() CRYPTO_THREAD_read_lock(fips_lock) -+# define fips_r_unlock() CRYPTO_THREAD_unlock(fips_lock) -+ -+static void fips_set_mode(int onoff) -+{ -+ int owning_thread = fips_is_owning_thread(); -+ -+ if (fips_started) { -+ if (!owning_thread) -+ fips_w_lock(); -+ fips_mode = onoff; -+ if (!owning_thread) -+ fips_w_unlock(); -+ } -+} -+ -+int FIPS_module_mode(void) -+{ -+ int ret = 0; -+ int owning_thread = fips_is_owning_thread(); -+ -+ if (fips_started) { -+ if (!owning_thread) -+ fips_r_lock(); -+ ret = fips_mode; -+ if (!owning_thread) -+ fips_r_unlock(); -+ } -+ return ret; -+} -+ -+/* just a compat symbol - return NULL */ -+int FIPS_selftest_failed(void) -+{ -+ int ret = 0; -+ if (fips_started) { -+ int owning_thread = fips_is_owning_thread(); -+ -+ if (!owning_thread) -+ fips_r_lock(); -+ ret = fips_selftest_fail; -+ if (!owning_thread) -+ fips_r_unlock(); -+ } -+ return ret; -+} -+ -+/* Selftest failure fatal exit routine. This will be called -+ * during *any* cryptographic operation. It has the minimum -+ * overhead possible to avoid too big a performance hit. -+ */ -+ -+void FIPS_selftest_check(void) -+{ -+ if (fips_selftest_fail) { -+ OpenSSLDie(__FILE__, __LINE__, "FATAL FIPS SELFTEST FAILURE"); -+ } -+} -+ -+void fips_set_selftest_fail(void) -+{ -+ fips_selftest_fail = 1; -+} -+ -+/* we implement what libfipscheck does ourselves */ -+ -+static int -+get_library_path(const char *libname, const char *symbolname, char *path, -+ size_t pathlen) -+{ -+ Dl_info info; -+ void *dl, *sym; -+ int rv = -1; -+ -+ dl = dlopen(libname, RTLD_LAZY); -+ if (dl == NULL) { -+ return -1; -+ } -+ -+ sym = dlsym(dl, symbolname); -+ -+ if (sym != NULL && dladdr(sym, &info)) { -+ strncpy(path, info.dli_fname, pathlen - 1); -+ path[pathlen - 1] = '\0'; -+ rv = 0; -+ } -+ -+ dlclose(dl); -+ -+ return rv; -+} -+ -+static const char conv[] = "0123456789abcdef"; -+ -+static char *bin2hex(void *buf, size_t len) -+{ -+ char *hex, *p; -+ unsigned char *src = buf; -+ -+ hex = malloc(len * 2 + 1); -+ if (hex == NULL) -+ return NULL; -+ -+ p = hex; -+ -+ while (len > 0) { -+ unsigned c; -+ -+ c = *src; -+ src++; -+ -+ *p = conv[c >> 4]; -+ ++p; -+ *p = conv[c & 0x0f]; -+ ++p; -+ --len; -+ } -+ *p = '\0'; -+ return hex; -+} -+ -+# define HMAC_PREFIX "." -+# ifndef HMAC_SUFFIX -+# define HMAC_SUFFIX ".hmac" -+# endif -+# define READ_BUFFER_LENGTH 16384 -+ -+static char *make_hmac_path(const char *origpath) -+{ -+ char *path, *p; -+ const char *fn; -+ -+ path = -+ malloc(sizeof(HMAC_PREFIX) + sizeof(HMAC_SUFFIX) + strlen(origpath)); -+ if (path == NULL) { -+ return NULL; -+ } -+ -+ fn = strrchr(origpath, '/'); -+ if (fn == NULL) { -+ fn = origpath; -+ } else { -+ ++fn; -+ } -+ -+ strncpy(path, origpath, fn - origpath); -+ p = path + (fn - origpath); -+ p = stpcpy(p, HMAC_PREFIX); -+ p = stpcpy(p, fn); -+ p = stpcpy(p, HMAC_SUFFIX); -+ -+ return path; -+} -+ -+static const char hmackey[] = "orboDeJITITejsirpADONivirpUkvarP"; -+ -+static int compute_file_hmac(const char *path, void **buf, size_t *hmaclen) -+{ -+ FILE *f = NULL; -+ int rv = -1; -+ unsigned char rbuf[READ_BUFFER_LENGTH]; -+ size_t len; -+ unsigned int hlen; -+ HMAC_CTX *c; -+ -+ c = HMAC_CTX_new(); -+ if (c == NULL) -+ return rv; -+ -+ f = fopen(path, "r"); -+ -+ if (f == NULL) { -+ goto end; -+ } -+ -+ if (HMAC_Init_ex(c, hmackey, sizeof(hmackey) - 1, EVP_sha256(), NULL) <= 0) { -+ goto end; -+ } -+ -+ while ((len = fread(rbuf, 1, sizeof(rbuf), f)) != 0) { -+ if (HMAC_Update(c, rbuf, len) <= 0) { -+ goto end; -+ } -+ } -+ -+ len = sizeof(rbuf); -+ /* reuse rbuf for hmac */ -+ if (HMAC_Final(c, rbuf, &hlen) <= 0) { -+ goto end; -+ } -+ -+ *buf = malloc(hlen); -+ if (*buf == NULL) { -+ goto end; -+ } -+ -+ *hmaclen = hlen; -+ -+ memcpy(*buf, rbuf, hlen); -+ -+ rv = 0; -+ end: -+ HMAC_CTX_free(c); -+ -+ if (f) -+ fclose(f); -+ -+ return rv; -+} -+ -+static int FIPSCHECK_verify(const char *path) -+{ -+ int rv = 0; -+ FILE *hf; -+ char *hmacpath, *p; -+ char *hmac = NULL; -+ size_t n; -+ -+ hmacpath = make_hmac_path(path); -+ if (hmacpath == NULL) -+ return 0; -+ -+ hf = fopen(hmacpath, "r"); -+ if (hf == NULL) { -+ free(hmacpath); -+ return 0; -+ } -+ -+ if (getline(&hmac, &n, hf) > 0) { -+ void *buf; -+ size_t hmaclen; -+ char *hex; -+ -+ if ((p = strchr(hmac, '\n')) != NULL) -+ *p = '\0'; -+ -+ if (compute_file_hmac(path, &buf, &hmaclen) < 0) { -+ rv = -4; -+ goto end; -+ } -+ -+ if ((hex = bin2hex(buf, hmaclen)) == NULL) { -+ free(buf); -+ rv = -5; -+ goto end; -+ } -+ -+ if (strcmp(hex, hmac) != 0) { -+ rv = -1; -+ } -+ free(buf); -+ free(hex); -+ } else { -+ rv = -1; -+ } -+ -+ end: -+ free(hmac); -+ free(hmacpath); -+ fclose(hf); -+ -+ if (rv < 0) -+ return 0; -+ -+ /* check successful */ -+ return 1; -+} -+ -+static int verify_checksums(void) -+{ -+ int rv; -+ char path[PATH_MAX + 1]; -+ char *p; -+ -+ /* we need to avoid dlopening libssl, assume both libcrypto and libssl -+ are in the same directory */ -+ -+ rv = get_library_path("libcrypto.so." SHLIB_VERSION_NUMBER, -+ "FIPS_mode_set", path, sizeof(path)); -+ if (rv < 0) -+ return 0; -+ -+ rv = FIPSCHECK_verify(path); -+ if (!rv) -+ return 0; -+ -+ /* replace libcrypto with libssl */ -+ while ((p = strstr(path, "libcrypto.so")) != NULL) { -+ p = stpcpy(p, "libssl"); -+ memmove(p, p + 3, strlen(p + 2)); -+ } -+ -+ rv = FIPSCHECK_verify(path); -+ if (!rv) -+ return 0; -+ return 1; -+} -+ -+# ifndef FIPS_MODULE_PATH -+# define FIPS_MODULE_PATH "/etc/system-fips" -+# endif -+ -+int FIPS_module_installed(void) -+{ -+ int rv; -+ rv = access(FIPS_MODULE_PATH, F_OK); -+ if (rv < 0 && errno != ENOENT) -+ rv = 0; -+ -+ /* Installed == true */ -+ return !rv || FIPS_module_mode(); -+} -+ -+int FIPS_module_mode_set(int onoff) -+{ -+ int ret = 0; -+ -+ if (!RUN_ONCE(&fips_lock_init, do_fips_lock_init)) -+ return 0; -+ -+ fips_w_lock(); -+ fips_started = 1; -+ fips_set_owning_thread(); -+ -+ if (onoff) { -+ -+ fips_selftest_fail = 0; -+ -+ /* Don't go into FIPS mode twice, just so we can do automagic -+ seeding */ -+ if (FIPS_module_mode()) { -+ FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET, -+ FIPS_R_FIPS_MODE_ALREADY_SET); -+ fips_selftest_fail = 1; -+ ret = 0; -+ goto end; -+ } -+# ifdef OPENSSL_IA32_SSE2 -+ { -+ extern unsigned int OPENSSL_ia32cap_P[2]; -+ if ((OPENSSL_ia32cap_P[0] & (1 << 25 | 1 << 26)) != -+ (1 << 25 | 1 << 26)) { -+ FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET, -+ FIPS_R_UNSUPPORTED_PLATFORM); -+ fips_selftest_fail = 1; -+ ret = 0; -+ goto end; -+ } -+ } -+# endif -+ -+ if (!FIPS_selftest()) { -+ fips_selftest_fail = 1; -+ ret = 0; -+ goto end; -+ } -+ -+ if (!verify_checksums()) { -+ FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET, -+ FIPS_R_FINGERPRINT_DOES_NOT_MATCH); -+ fips_selftest_fail = 1; -+ ret = 0; -+ goto end; -+ } -+ -+ fips_set_mode(onoff); -+ ret = 1; -+ goto end; -+ } -+ fips_set_mode(0); -+ fips_selftest_fail = 0; -+ ret = 1; -+ end: -+ fips_clear_owning_thread(); -+ fips_w_unlock(); -+ return ret; -+} -+ -+static CRYPTO_THREAD_ID fips_threadid; -+static int fips_thread_set = 0; -+ -+static int fips_is_owning_thread(void) -+{ -+ int ret = 0; -+ -+ if (fips_started) { -+ CRYPTO_THREAD_read_lock(fips_owning_lock); -+ if (fips_thread_set) { -+ CRYPTO_THREAD_ID cur = CRYPTO_THREAD_get_current_id(); -+ if (CRYPTO_THREAD_compare_id(fips_threadid, cur)) -+ ret = 1; -+ } -+ CRYPTO_THREAD_unlock(fips_owning_lock); -+ } -+ return ret; -+} -+ -+int fips_set_owning_thread(void) -+{ -+ int ret = 0; -+ -+ if (fips_started) { -+ CRYPTO_THREAD_write_lock(fips_owning_lock); -+ if (!fips_thread_set) { -+ fips_threadid = CRYPTO_THREAD_get_current_id(); -+ ret = 1; -+ fips_thread_set = 1; -+ } -+ CRYPTO_THREAD_unlock(fips_owning_lock); -+ } -+ return ret; -+} -+ -+int fips_clear_owning_thread(void) -+{ -+ int ret = 0; -+ -+ if (fips_started) { -+ CRYPTO_THREAD_write_lock(fips_owning_lock); -+ if (fips_thread_set) { -+ CRYPTO_THREAD_ID cur = CRYPTO_THREAD_get_current_id(); -+ if (CRYPTO_THREAD_compare_id(fips_threadid, cur)) -+ fips_thread_set = 0; -+ } -+ CRYPTO_THREAD_unlock(fips_owning_lock); -+ } -+ return ret; -+} -+ -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c.fips 2021-03-03 12:57:42.199734525 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c 2021-03-03 12:57:42.199734525 +0100 -@@ -0,0 +1,156 @@ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+#include -+#include "crypto/fips.h" -+#include -+#include "fips_locl.h" -+ -+#ifdef OPENSSL_FIPS -+typedef struct { -+ int nid; -+ const unsigned char key[EVP_MAX_KEY_LENGTH]; -+ size_t keysize; -+ const unsigned char msg[64]; -+ size_t msgsize; -+ const unsigned char mac[32]; -+ size_t macsize; -+} CMAC_KAT; -+ -+/* from http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf */ -+static const CMAC_KAT vector[] = { -+ {NID_aes_128_cbc, /* Count = 32 from CMACGenAES128.txt */ -+ {0x77, 0xa7, 0x7f, 0xaf, 0x29, 0x0c, 0x1f, 0xa3, -+ 0x0c, 0x68, 0x3d, 0xf1, 0x6b, 0xa7, 0xa7, 0x7b,}, 128, -+ {0x02, 0x06, 0x83, 0xe1, 0xf0, 0x39, 0x2f, 0x4c, -+ 0xac, 0x54, 0x31, 0x8b, 0x60, 0x29, 0x25, 0x9e, -+ 0x9c, 0x55, 0x3d, 0xbc, 0x4b, 0x6a, 0xd9, 0x98, -+ 0xe6, 0x4d, 0x58, 0xe4, 0xe7, 0xdc, 0x2e, 0x13,}, 256, -+ {0xfb, 0xfe, 0xa4, 0x1b,}, 32}, -+ {NID_aes_192_cbc, /* Count = 23 from CMACGenAES192.txt */ -+ {0x7b, 0x32, 0x39, 0x13, 0x69, 0xaa, 0x4c, 0xa9, -+ 0x75, 0x58, 0x09, 0x5b, 0xe3, 0xc3, 0xec, 0x86, -+ 0x2b, 0xd0, 0x57, 0xce, 0xf1, 0xe3, 0x2d, 0x62,}, 192, -+ {0x0}, 0, -+ {0xe4, 0xd9, 0x34, 0x0b, 0x03, 0xe6, 0x7d, 0xef, -+ 0xd4, 0x96, 0x9c, 0xc1, 0xed, 0x37, 0x35, 0xe6,}, 128, -+ }, -+ {NID_aes_256_cbc, /* Count = 33 from CMACGenAES256.txt */ -+ {0x0b, 0x12, 0x2a, 0xc8, 0xf3, 0x4e, 0xd1, 0xfe, -+ 0x08, 0x2a, 0x36, 0x25, 0xd1, 0x57, 0x56, 0x14, -+ 0x54, 0x16, 0x7a, 0xc1, 0x45, 0xa1, 0x0b, 0xbf, -+ 0x77, 0xc6, 0xa7, 0x05, 0x96, 0xd5, 0x74, 0xf1,}, 256, -+ {0x49, 0x8b, 0x53, 0xfd, 0xec, 0x87, 0xed, 0xcb, -+ 0xf0, 0x70, 0x97, 0xdc, 0xcd, 0xe9, 0x3a, 0x08, -+ 0x4b, 0xad, 0x75, 0x01, 0xa2, 0x24, 0xe3, 0x88, -+ 0xdf, 0x34, 0x9c, 0xe1, 0x89, 0x59, 0xfe, 0x84, -+ 0x85, 0xf8, 0xad, 0x15, 0x37, 0xf0, 0xd8, 0x96, -+ 0xea, 0x73, 0xbe, 0xdc, 0x72, 0x14, 0x71, 0x3f,}, 384, -+ {0xf6, 0x2c, 0x46, 0x32, 0x9b,}, 40, -+ }, -+ {NID_des_ede3_cbc, /* Count = 41 from CMACGenTDES3.req */ -+ {0x89, 0xbc, 0xd9, 0x52, 0xa8, 0xc8, 0xab, 0x37, -+ 0x1a, 0xf4, 0x8a, 0xc7, 0xd0, 0x70, 0x85, 0xd5, -+ 0xef, 0xf7, 0x02, 0xe6, 0xd6, 0x2c, 0xdc, 0x23,}, 192, -+ {0xfa, 0x62, 0x0c, 0x1b, 0xbe, 0x97, 0x31, 0x9e, -+ 0x9a, 0x0c, 0xf0, 0x49, 0x21, 0x21, 0xf7, 0xa2, -+ 0x0e, 0xb0, 0x8a, 0x6a, 0x70, 0x9d, 0xcb, 0xd0, -+ 0x0a, 0xaf, 0x38, 0xe4, 0xf9, 0x9e, 0x75, 0x4e,}, 256, -+ {0x8f, 0x49, 0xa1, 0xb7, 0xd6, 0xaa, 0x22, 0x58,}, 64, -+ }, -+}; -+ -+int FIPS_selftest_cmac() -+{ -+ size_t n, outlen; -+ unsigned char out[32]; -+ const EVP_CIPHER *cipher; -+ CMAC_CTX *ctx = CMAC_CTX_new(); -+ const CMAC_KAT *t; -+ int rv = 1; -+ -+ for (n = 0, t = vector; n < sizeof(vector) / sizeof(vector[0]); n++, t++) { -+ cipher = EVP_get_cipherbynid(t->nid); -+ if (!cipher) { -+ rv = -1; -+ goto err; -+ } -+ if (!CMAC_Init(ctx, t->key, t->keysize / 8, cipher, 0)) { -+ rv = -1; -+ goto err; -+ } -+ if (!CMAC_Update(ctx, t->msg, t->msgsize / 8)) { -+ rv = -1; -+ goto err; -+ } -+ -+ if (!CMAC_Final(ctx, out, &outlen)) { -+ rv = -1; -+ goto err; -+ } -+ -+ if (outlen < t->macsize / 8 || memcmp(out, t->mac, t->macsize / 8)) { -+ rv = 0; -+ } -+ } -+ -+ err: -+ CMAC_CTX_free(ctx); -+ -+ if (rv == -1) { -+ rv = 0; -+ } -+ if (!rv) -+ FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC, FIPS_R_SELFTEST_FAILED); -+ -+ return rv; -+} -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_des_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_des_selftest.c.fips 2021-03-03 12:57:42.199734525 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_des_selftest.c 2021-03-03 12:57:42.199734525 +0100 -@@ -0,0 +1,133 @@ -+/* ==================================================================== -+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+#ifdef OPENSSL_FIPS -+# include -+# include "crypto/fips.h" -+#endif -+#include -+ -+#ifdef OPENSSL_FIPS -+ -+static const struct { -+ const unsigned char key[16]; -+ const unsigned char plaintext[8]; -+ const unsigned char ciphertext[8]; -+} tests2[] = { -+ { -+ { -+ 0x7c, 0x4f, 0x6e, 0xf7, 0xa2, 0x04, 0x16, 0xec, -+ 0x0b, 0x6b, 0x7c, 0x9e, 0x5e, 0x19, 0xa7, 0xc4}, { -+ 0x06, 0xa7, 0xd8, 0x79, 0xaa, 0xce, 0x69, 0xef}, { -+ 0x4c, 0x11, 0x17, 0x55, 0xbf, 0xc4, 0x4e, 0xfd} -+ }, { -+ { -+ 0x5d, 0x9e, 0x01, 0xd3, 0x25, 0xc7, 0x3e, 0x34, -+ 0x01, 0x16, 0x7c, 0x85, 0x23, 0xdf, 0xe0, 0x68}, { -+ 0x9c, 0x50, 0x09, 0x0f, 0x5e, 0x7d, 0x69, 0x7e}, { -+ 0xd2, 0x0b, 0x18, 0xdf, 0xd9, 0x0d, 0x9e, 0xff},} -+}; -+ -+static const struct { -+ const unsigned char key[24]; -+ const unsigned char plaintext[8]; -+ const unsigned char ciphertext[8]; -+} tests3[] = { -+ { -+ { -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, -+ 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0}, { -+ 0x8f, 0x8f, 0xbf, 0x9b, 0x5d, 0x48, 0xb4, 0x1c}, { -+ 0x59, 0x8c, 0xe5, 0xd3, 0x6c, 0xa2, 0xea, 0x1b},}, { -+ { -+ 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, 0xFE, -+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, -+ 0xED, 0x39, 0xD9, 0x50, 0xFA, 0x74, 0xBC, 0xC4}, { -+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, { -+0x11, 0x25, 0xb0, 0x35, 0xbe, 0xa0, 0x82, 0x86},},}; -+ -+int FIPS_selftest_des() -+{ -+ int n, ret = 0; -+ EVP_CIPHER_CTX *ctx; -+ -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) -+ goto err; -+ -+ /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ -+ for (n = 0; n < 2; ++n) { -+ unsigned char plaintext[8]; -+ -+ memcpy(plaintext, tests2[n].plaintext, sizeof(plaintext)); -+ if (!fips_cipher_test(ctx, EVP_des_ede_ecb(), -+ tests2[n].key, NULL, -+ plaintext, tests2[n].ciphertext, 8)) -+ goto err; -+ } -+ -+ /* Encrypt/decrypt with 3DES and compare to known answers */ -+ for (n = 0; n < 2; ++n) { -+ if (!fips_cipher_test(ctx, EVP_des_ede3_ecb(), -+ tests3[n].key, NULL, -+ tests3[n].plaintext, tests3[n].ciphertext, 8)) -+ goto err; -+ } -+ ret = 1; -+ err: -+ EVP_CIPHER_CTX_free(ctx); -+ if (ret == 0) -+ FIPSerr(FIPS_F_FIPS_SELFTEST_DES, FIPS_R_SELFTEST_FAILED); -+ -+ return ret; -+} -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_dh_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_dh_selftest.c.fips 2021-03-03 12:57:42.199734525 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_dh_selftest.c 2021-03-03 12:57:42.199734525 +0100 -@@ -0,0 +1,180 @@ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * Copyright (c) 2013 Red Hat, Inc. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include "fips_locl.h" -+ -+#ifdef OPENSSL_FIPS -+ -+static const unsigned char dh_test_2048_p[] = { -+ 0xAE, 0xEC, 0xEE, 0x22, 0xFA, 0x3A, 0xA5, 0x22, 0xC0, 0xDE, 0x0F, 0x09, -+ 0x7E, 0x17, 0xC0, 0x05, 0xF9, 0xF1, 0xE7, 0xC6, 0x87, 0x14, 0x6D, 0x11, -+ 0xE7, 0xAE, 0xED, 0x2F, 0x72, 0x59, 0xC5, 0xA9, 0x9B, 0xB8, 0x02, 0xA5, -+ 0xF3, 0x69, 0x70, 0xD6, 0xDD, 0x90, 0xF9, 0x19, 0x79, 0xBE, 0x60, 0x8F, -+ 0x25, 0x92, 0x30, 0x1C, 0x51, 0x51, 0x38, 0x26, 0x82, 0x25, 0xE6, 0xFC, -+ 0xED, 0x65, 0x96, 0x8F, 0x57, 0xE5, 0x53, 0x8B, 0x38, 0x63, 0xC7, 0xCE, -+ 0xBC, 0x1B, 0x4D, 0x18, 0x2A, 0x5B, 0x04, 0x3F, 0x6A, 0x3C, 0x94, 0x39, -+ 0xAE, 0x36, 0xD6, 0x5E, 0x0F, 0xA2, 0xCC, 0xD0, 0xD4, 0xD5, 0xC6, 0x1E, -+ 0xF6, 0xA0, 0xF5, 0x89, 0x4E, 0xB4, 0x0B, 0xA4, 0xB3, 0x2B, 0x3D, 0xE2, -+ 0x4E, 0xE1, 0x49, 0x25, 0x99, 0x5F, 0x32, 0x16, 0x33, 0x32, 0x1B, 0x7A, -+ 0xA5, 0x5C, 0x6B, 0x34, 0x0D, 0x39, 0x99, 0xDC, 0xF0, 0x76, 0xE5, 0x5A, -+ 0xD4, 0x71, 0x00, 0xED, 0x5A, 0x73, 0xFB, 0xC8, 0x01, 0xAD, 0x99, 0xCF, -+ 0x99, 0x52, 0x7C, 0x9C, 0x64, 0xC6, 0x76, 0x40, 0x57, 0xAF, 0x59, 0xD7, -+ 0x38, 0x0B, 0x40, 0xDE, 0x33, 0x0D, 0xB8, 0x76, 0xEC, 0xA9, 0xD8, 0x73, -+ 0xF8, 0xEF, 0x26, 0x66, 0x06, 0x27, 0xDD, 0x7C, 0xA4, 0x10, 0x9C, 0xA6, -+ 0xAA, 0xF9, 0x53, 0x62, 0x73, 0x1D, 0xBA, 0x1C, 0xF1, 0x67, 0xF4, 0x35, -+ 0xED, 0x6F, 0x37, 0x92, 0xE8, 0x4F, 0x6C, 0xBA, 0x52, 0x6E, 0xA1, 0xED, -+ 0xDA, 0x9F, 0x85, 0x11, 0x82, 0x52, 0x62, 0x08, 0x44, 0xF1, 0x30, 0x03, -+ 0xC3, 0x38, 0x2C, 0x79, 0xBD, 0xD4, 0x43, 0x45, 0xEE, 0x8E, 0x50, 0xFC, -+ 0x29, 0x46, 0x9A, 0xFE, 0x54, 0x1A, 0x19, 0x8F, 0x4B, 0x84, 0x08, 0xDE, -+ 0x20, 0x62, 0x73, 0xCC, 0xDD, 0x7E, 0xF0, 0xEF, 0xA2, 0xFD, 0x86, 0x58, -+ 0x4B, 0xD8, 0x37, 0xEB -+}; -+ -+static const unsigned char dh_test_2048_g[] = { -+ 0x02 -+}; -+ -+static const unsigned char dh_test_2048_pub_key[] = { -+ 0xA0, 0x39, 0x11, 0x77, 0x9A, 0xC1, 0x30, 0x1F, 0xBE, 0x48, 0xA7, 0xAA, -+ 0xA0, 0x84, 0x54, 0x64, 0xAD, 0x1B, 0x70, 0xFA, 0x13, 0x55, 0x63, 0xD2, -+ 0x1F, 0x62, 0x32, 0x93, 0x8E, 0xC9, 0x3E, 0x09, 0xA7, 0x64, 0xE4, 0x12, -+ 0x6E, 0x1B, 0xF2, 0x92, 0x3B, 0xB9, 0xCB, 0x56, 0xEA, 0x07, 0x88, 0xB5, -+ 0xA6, 0xBC, 0x16, 0x1F, 0x27, 0xFE, 0xD8, 0xAA, 0x40, 0xB2, 0xB0, 0x2D, -+ 0x37, 0x76, 0xA6, 0xA4, 0x82, 0x2C, 0x0E, 0x22, 0x64, 0x9D, 0xCB, 0xD1, -+ 0x00, 0xB7, 0x89, 0x14, 0x72, 0x4E, 0xBE, 0x48, 0x41, 0xF8, 0xB2, 0x51, -+ 0x11, 0x09, 0x4B, 0x22, 0x01, 0x23, 0x39, 0x96, 0xE0, 0x15, 0xD7, 0x9F, -+ 0x60, 0xD1, 0xB7, 0xAE, 0xFE, 0x5F, 0xDB, 0xE7, 0x03, 0x17, 0x97, 0xA6, -+ 0x16, 0x74, 0xBD, 0x53, 0x81, 0x19, 0xC5, 0x47, 0x5E, 0xCE, 0x8D, 0xED, -+ 0x45, 0x5D, 0x3C, 0x00, 0xA0, 0x0A, 0x68, 0x6A, 0xE0, 0x8E, 0x06, 0x46, -+ 0x6F, 0xD7, 0xF9, 0xDF, 0x31, 0x7E, 0x77, 0x44, 0x0D, 0x98, 0xE0, 0xCA, -+ 0x98, 0x09, 0x52, 0x04, 0x90, 0xEA, 0x6D, 0xF4, 0x30, 0x69, 0x8F, 0xB1, -+ 0x9B, 0xC1, 0x43, 0xDB, 0xD5, 0x8D, 0xC8, 0x8E, 0xB6, 0x0B, 0x05, 0xBE, -+ 0x0E, 0xC5, 0x99, 0xC8, 0x6E, 0x4E, 0xF3, 0xCB, 0xC3, 0x5E, 0x9B, 0x53, -+ 0xF7, 0x06, 0x1C, 0x4F, 0xC7, 0xB8, 0x6E, 0x30, 0x18, 0xCA, 0x9B, 0xB9, -+ 0xBC, 0x5F, 0x17, 0x72, 0x29, 0x5A, 0xE5, 0xD9, 0x96, 0xB7, 0x0B, 0xF3, -+ 0x2D, 0x8C, 0xF1, 0xE1, 0x0E, 0x0D, 0x74, 0xD5, 0x9D, 0xF0, 0x06, 0xA9, -+ 0xB4, 0x95, 0x63, 0x76, 0x46, 0x55, 0x48, 0x82, 0x39, 0x90, 0xEF, 0x56, -+ 0x75, 0x34, 0xB8, 0x34, 0xC3, 0x18, 0x6E, 0x1E, 0xAD, 0xE3, 0x48, 0x7E, -+ 0x93, 0x2C, 0x23, 0xE7, 0xF8, 0x90, 0x73, 0xB1, 0x77, 0x80, 0x67, 0xA9, -+ 0x36, 0x9E, 0xDA, 0xD2 -+}; -+ -+static const unsigned char dh_test_2048_priv_key[] = { -+ 0x0C, 0x4B, 0x30, 0x89, 0xD1, 0xB8, 0x62, 0xCB, 0x3C, 0x43, 0x64, 0x91, -+ 0xF0, 0x91, 0x54, 0x70, 0xC5, 0x27, 0x96, 0xE3, 0xAC, 0xBE, 0xE8, 0x00, -+ 0xEC, 0x55, 0xF6, 0xCC -+}; -+ -+int FIPS_selftest_dh() -+{ -+ DH *dh = NULL; -+ int ret = 0; -+ void *pub_key_bin = NULL; -+ int len; -+ BIGNUM *p = NULL, *g = NULL, *priv_key = NULL, *tmp_pub_key = NULL; -+ const BIGNUM *pub_key; -+ -+ fips_load_key_component(p, dh_test_2048); -+ fips_load_key_component(g, dh_test_2048); -+ /* note that the private key is much shorter than normally used -+ * but still g ** priv_key > p -+ */ -+ fips_load_key_component(priv_key, dh_test_2048); -+ if ((tmp_pub_key = BN_new()) == NULL) -+ goto err; -+ -+ dh = DH_new(); -+ -+ if (dh == NULL) -+ goto err; -+ -+ DH_set0_pqg(dh, p, NULL, g); -+ DH_set0_key(dh, tmp_pub_key, priv_key); -+ -+ if (DH_generate_key(dh) <= 0) -+ goto err; -+ -+ DH_get0_key(dh, &pub_key, NULL); -+ -+ if (pub_key == NULL) -+ goto err; -+ -+ len = BN_num_bytes(pub_key); -+ if ((pub_key_bin = OPENSSL_malloc(len)) == NULL) -+ goto err; -+ BN_bn2bin(pub_key, pub_key_bin); -+ -+ if (len != sizeof(dh_test_2048_pub_key) || -+ memcmp(pub_key_bin, dh_test_2048_pub_key, len) != 0) -+ goto err; -+ -+ ret = 1; -+ -+ err: -+ if (dh) -+ DH_free(dh); -+ else { -+ BN_free(p); -+ BN_free(g); -+ BN_free(priv_key); -+ BN_free(tmp_pub_key); -+ } -+ -+ OPENSSL_free(pub_key_bin); -+ return ret; -+} -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_ctr.c ---- openssl-1.1.1j/crypto/fips/fips_drbg_ctr.c.fips 2021-03-03 12:57:42.199734525 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_drbg_ctr.c 2021-03-03 12:57:42.199734525 +0100 -@@ -0,0 +1,406 @@ -+/* fips/rand/fips_drbg_ctr.c */ -+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -+ * project. -+ */ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * licensing@OpenSSL.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include "fips_rand_lcl.h" -+ -+static void inc_128(DRBG_CTR_CTX * cctx) -+{ -+ int i; -+ unsigned char c; -+ unsigned char *p = cctx->V + 15; -+ for (i = 0; i < 16; i++) { -+ c = *p; -+ c++; -+ *p = c; -+ if (c) -+ return; -+ p--; -+ } -+} -+ -+static void ctr_XOR(DRBG_CTR_CTX * cctx, const unsigned char *in, -+ size_t inlen) -+{ -+ size_t i, n; -+ /* Any zero padding will have no effect on the result as we -+ * are XORing. So just process however much input we have. -+ */ -+ -+ if (!in || !inlen) -+ return; -+ -+ if (inlen < cctx->keylen) -+ n = inlen; -+ else -+ n = cctx->keylen; -+ -+ for (i = 0; i < n; i++) -+ cctx->K[i] ^= in[i]; -+ if (inlen <= cctx->keylen) -+ return; -+ -+ n = inlen - cctx->keylen; -+ /* Should never happen */ -+ if (n > 16) -+ n = 16; -+ for (i = 0; i < 16; i++) -+ cctx->V[i] ^= in[i + cctx->keylen]; -+} -+ -+/* Process a complete block using BCC algorithm of SPP 800-90 10.4.3 */ -+ -+static void ctr_BCC_block(DRBG_CTR_CTX * cctx, unsigned char *out, -+ const unsigned char *in) -+{ -+ int i; -+ for (i = 0; i < 16; i++) -+ out[i] ^= in[i]; -+ AES_encrypt(out, out, &cctx->df_ks); -+#if 0 -+ fprintf(stderr, "BCC in+out\n"); -+ BIO_dump_fp(stderr, in, 16); -+ BIO_dump_fp(stderr, out, 16); -+#endif -+} -+ -+/* Handle several BCC operations for as much data as we need for K and X */ -+static void ctr_BCC_blocks(DRBG_CTR_CTX * cctx, const unsigned char *in) -+{ -+ ctr_BCC_block(cctx, cctx->KX, in); -+ ctr_BCC_block(cctx, cctx->KX + 16, in); -+ if (cctx->keylen != 16) -+ ctr_BCC_block(cctx, cctx->KX + 32, in); -+} -+ -+/* Initialise BCC blocks: these have the value 0,1,2 in leftmost positions: -+ * see 10.4.2 stage 7. -+ */ -+static void ctr_BCC_init(DRBG_CTR_CTX * cctx) -+{ -+ memset(cctx->KX, 0, 48); -+ memset(cctx->bltmp, 0, 16); -+ ctr_BCC_block(cctx, cctx->KX, cctx->bltmp); -+ cctx->bltmp[3] = 1; -+ ctr_BCC_block(cctx, cctx->KX + 16, cctx->bltmp); -+ if (cctx->keylen != 16) { -+ cctx->bltmp[3] = 2; -+ ctr_BCC_block(cctx, cctx->KX + 32, cctx->bltmp); -+ } -+} -+ -+/* Process several blocks into BCC algorithm, some possibly partial */ -+static void ctr_BCC_update(DRBG_CTR_CTX * cctx, -+ const unsigned char *in, size_t inlen) -+{ -+ if (!in || !inlen) -+ return; -+ /* If we have partial block handle it first */ -+ if (cctx->bltmp_pos) { -+ size_t left = 16 - cctx->bltmp_pos; -+ /* If we now have a complete block process it */ -+ if (inlen >= left) { -+ memcpy(cctx->bltmp + cctx->bltmp_pos, in, left); -+ ctr_BCC_blocks(cctx, cctx->bltmp); -+ cctx->bltmp_pos = 0; -+ inlen -= left; -+ in += left; -+ } -+ } -+ /* Process zero or more complete blocks */ -+ while (inlen >= 16) { -+ ctr_BCC_blocks(cctx, in); -+ in += 16; -+ inlen -= 16; -+ } -+ /* Copy any remaining partial block to the temporary buffer */ -+ if (inlen > 0) { -+ memcpy(cctx->bltmp + cctx->bltmp_pos, in, inlen); -+ cctx->bltmp_pos += inlen; -+ } -+} -+ -+static void ctr_BCC_final(DRBG_CTR_CTX * cctx) -+{ -+ if (cctx->bltmp_pos) { -+ memset(cctx->bltmp + cctx->bltmp_pos, 0, 16 - cctx->bltmp_pos); -+ ctr_BCC_blocks(cctx, cctx->bltmp); -+ } -+} -+ -+static void ctr_df(DRBG_CTR_CTX * cctx, -+ const unsigned char *in1, size_t in1len, -+ const unsigned char *in2, size_t in2len, -+ const unsigned char *in3, size_t in3len) -+{ -+ size_t inlen; -+ unsigned char *p = cctx->bltmp; -+ static unsigned char c80 = 0x80; -+ -+ ctr_BCC_init(cctx); -+ if (!in1) -+ in1len = 0; -+ if (!in2) -+ in2len = 0; -+ if (!in3) -+ in3len = 0; -+ inlen = in1len + in2len + in3len; -+ /* Initialise L||N in temporary block */ -+ *p++ = (inlen >> 24) & 0xff; -+ *p++ = (inlen >> 16) & 0xff; -+ *p++ = (inlen >> 8) & 0xff; -+ *p++ = inlen & 0xff; -+ /* NB keylen is at most 32 bytes */ -+ *p++ = 0; -+ *p++ = 0; -+ *p++ = 0; -+ *p = (unsigned char)((cctx->keylen + 16) & 0xff); -+ cctx->bltmp_pos = 8; -+ ctr_BCC_update(cctx, in1, in1len); -+ ctr_BCC_update(cctx, in2, in2len); -+ ctr_BCC_update(cctx, in3, in3len); -+ ctr_BCC_update(cctx, &c80, 1); -+ ctr_BCC_final(cctx); -+ /* Set up key K */ -+ AES_set_encrypt_key(cctx->KX, cctx->keylen * 8, &cctx->df_kxks); -+ /* X follows key K */ -+ AES_encrypt(cctx->KX + cctx->keylen, cctx->KX, &cctx->df_kxks); -+ AES_encrypt(cctx->KX, cctx->KX + 16, &cctx->df_kxks); -+ if (cctx->keylen != 16) -+ AES_encrypt(cctx->KX + 16, cctx->KX + 32, &cctx->df_kxks); -+#if 0 -+ fprintf(stderr, "Output of ctr_df:\n"); -+ BIO_dump_fp(stderr, cctx->KX, cctx->keylen + 16); -+#endif -+} -+ -+/* NB the no-df Update in SP800-90 specifies a constant input length -+ * of seedlen, however other uses of this algorithm pad the input with -+ * zeroes if necessary and have up to two parameters XORed together, -+ * handle both cases in this function instead. -+ */ -+ -+static void ctr_Update(DRBG_CTX *dctx, -+ const unsigned char *in1, size_t in1len, -+ const unsigned char *in2, size_t in2len, -+ const unsigned char *nonce, size_t noncelen) -+{ -+ DRBG_CTR_CTX *cctx = &dctx->d.ctr; -+ /* ks is already setup for correct key */ -+ inc_128(cctx); -+ AES_encrypt(cctx->V, cctx->K, &cctx->ks); -+ /* If keylen longer than 128 bits need extra encrypt */ -+ if (cctx->keylen != 16) { -+ inc_128(cctx); -+ AES_encrypt(cctx->V, cctx->K + 16, &cctx->ks); -+ } -+ inc_128(cctx); -+ AES_encrypt(cctx->V, cctx->V, &cctx->ks); -+ /* If 192 bit key part of V is on end of K */ -+ if (cctx->keylen == 24) { -+ memcpy(cctx->V + 8, cctx->V, 8); -+ memcpy(cctx->V, cctx->K + 24, 8); -+ } -+ -+ if (dctx->xflags & DRBG_FLAG_CTR_USE_DF) { -+ /* If no input reuse existing derived value */ -+ if (in1 || nonce || in2) -+ ctr_df(cctx, in1, in1len, nonce, noncelen, in2, in2len); -+ /* If this a reuse input in1len != 0 */ -+ if (in1len) -+ ctr_XOR(cctx, cctx->KX, dctx->seedlen); -+ } else { -+ ctr_XOR(cctx, in1, in1len); -+ ctr_XOR(cctx, in2, in2len); -+ } -+ -+ AES_set_encrypt_key(cctx->K, dctx->strength, &cctx->ks); -+#if 0 -+ fprintf(stderr, "K+V after update is:\n"); -+ BIO_dump_fp(stderr, cctx->K, cctx->keylen); -+ BIO_dump_fp(stderr, cctx->V, 16); -+#endif -+} -+ -+static int drbg_ctr_instantiate(DRBG_CTX *dctx, -+ const unsigned char *ent, size_t entlen, -+ const unsigned char *nonce, size_t noncelen, -+ const unsigned char *pers, size_t perslen) -+{ -+ DRBG_CTR_CTX *cctx = &dctx->d.ctr; -+ memset(cctx->K, 0, sizeof(cctx->K)); -+ memset(cctx->V, 0, sizeof(cctx->V)); -+ AES_set_encrypt_key(cctx->K, dctx->strength, &cctx->ks); -+ ctr_Update(dctx, ent, entlen, pers, perslen, nonce, noncelen); -+ return 1; -+} -+ -+static int drbg_ctr_reseed(DRBG_CTX *dctx, -+ const unsigned char *ent, size_t entlen, -+ const unsigned char *adin, size_t adinlen) -+{ -+ ctr_Update(dctx, ent, entlen, adin, adinlen, NULL, 0); -+ return 1; -+} -+ -+static int drbg_ctr_generate(DRBG_CTX *dctx, -+ unsigned char *out, size_t outlen, -+ const unsigned char *adin, size_t adinlen) -+{ -+ DRBG_CTR_CTX *cctx = &dctx->d.ctr; -+ if (adin && adinlen) { -+ ctr_Update(dctx, adin, adinlen, NULL, 0, NULL, 0); -+ /* This means we reuse derived value */ -+ if (dctx->xflags & DRBG_FLAG_CTR_USE_DF) { -+ adin = NULL; -+ adinlen = 1; -+ } -+ } else -+ adinlen = 0; -+ -+ for (;;) { -+ inc_128(cctx); -+ if (outlen < 16) { -+ /* Use K as temp space as it will be updated */ -+ AES_encrypt(cctx->V, cctx->K, &cctx->ks); -+ memcpy(out, cctx->K, outlen); -+ break; -+ } -+ AES_encrypt(cctx->V, out, &cctx->ks); -+ out += 16; -+ outlen -= 16; -+ if (outlen == 0) -+ break; -+ } -+ -+ ctr_Update(dctx, adin, adinlen, NULL, 0, NULL, 0); -+ -+ return 1; -+ -+} -+ -+static int drbg_ctr_uninstantiate(DRBG_CTX *dctx) -+{ -+ memset(&dctx->d.ctr, 0, sizeof(DRBG_CTR_CTX)); -+ return 1; -+} -+ -+int fips_drbg_ctr_init(DRBG_CTX *dctx) -+{ -+ DRBG_CTR_CTX *cctx = &dctx->d.ctr; -+ -+ size_t keylen; -+ -+ switch (dctx->type) { -+ case NID_aes_128_ctr: -+ keylen = 16; -+ break; -+ -+ case NID_aes_192_ctr: -+ keylen = 24; -+ break; -+ -+ case NID_aes_256_ctr: -+ keylen = 32; -+ break; -+ -+ default: -+ return -2; -+ } -+ -+ dctx->instantiate = drbg_ctr_instantiate; -+ dctx->reseed = drbg_ctr_reseed; -+ dctx->generate = drbg_ctr_generate; -+ dctx->uninstantiate = drbg_ctr_uninstantiate; -+ -+ cctx->keylen = keylen; -+ dctx->strength = keylen * 8; -+ dctx->blocklength = 16; -+ dctx->seedlen = keylen + 16; -+ -+ if (dctx->xflags & DRBG_FLAG_CTR_USE_DF) { -+ /* df initialisation */ -+ static unsigned char df_key[32] = { -+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, -+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, -+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, -+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f -+ }; -+ /* Set key schedule for df_key */ -+ AES_set_encrypt_key(df_key, dctx->strength, &cctx->df_ks); -+ -+ dctx->min_entropy = cctx->keylen; -+ dctx->max_entropy = DRBG_MAX_LENGTH; -+ dctx->min_nonce = dctx->min_entropy / 2; -+ dctx->max_nonce = DRBG_MAX_LENGTH; -+ dctx->max_pers = DRBG_MAX_LENGTH; -+ dctx->max_adin = DRBG_MAX_LENGTH; -+ } else { -+ dctx->min_entropy = dctx->seedlen; -+ dctx->max_entropy = dctx->seedlen; -+ /* Nonce not used */ -+ dctx->min_nonce = 0; -+ dctx->max_nonce = 0; -+ dctx->max_pers = dctx->seedlen; -+ dctx->max_adin = dctx->seedlen; -+ } -+ -+ dctx->max_request = 1 << 16; -+ dctx->reseed_interval = 1 << 24; -+ -+ return 1; -+} -diff -up openssl-1.1.1j/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_hash.c ---- openssl-1.1.1j/crypto/fips/fips_drbg_hash.c.fips 2021-03-03 12:57:42.199734525 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_drbg_hash.c 2021-03-03 12:57:42.199734525 +0100 -@@ -0,0 +1,354 @@ -+/* fips/rand/fips_drbg_hash.c */ -+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -+ * project. -+ */ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * licensing@OpenSSL.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ */ -+ -+#define OPENSSL_FIPSAPI -+ -+#include -+#include -+#include -+#include -+#include "crypto/fips.h" -+#include -+#include "fips_rand_lcl.h" -+ -+/* This is Hash_df from SP 800-90 10.4.1 */ -+ -+static int hash_df(DRBG_CTX *dctx, unsigned char *out, -+ const unsigned char *in1, size_t in1len, -+ const unsigned char *in2, size_t in2len, -+ const unsigned char *in3, size_t in3len, -+ const unsigned char *in4, size_t in4len) -+{ -+ EVP_MD_CTX *mctx = dctx->d.hash.mctx; -+ unsigned char *vtmp = dctx->d.hash.vtmp; -+ unsigned char tmp[6]; -+ /* Standard only ever needs seedlen bytes which is always less than -+ * maximum permitted so no need to check length. -+ */ -+ size_t outlen = dctx->seedlen; -+ tmp[0] = 1; -+ tmp[1] = ((outlen * 8) >> 24) & 0xff; -+ tmp[2] = ((outlen * 8) >> 16) & 0xff; -+ tmp[3] = ((outlen * 8) >> 8) & 0xff; -+ tmp[4] = (outlen * 8) & 0xff; -+ if (!in1) { -+ tmp[5] = (unsigned char)in1len; -+ in1 = tmp + 5; -+ in1len = 1; -+ } -+ for (;;) { -+ if (!FIPS_digestinit(mctx, dctx->d.hash.md)) -+ return 0; -+ if (!FIPS_digestupdate(mctx, tmp, 5)) -+ return 0; -+ if (in1 && !FIPS_digestupdate(mctx, in1, in1len)) -+ return 0; -+ if (in2 && !FIPS_digestupdate(mctx, in2, in2len)) -+ return 0; -+ if (in3 && !FIPS_digestupdate(mctx, in3, in3len)) -+ return 0; -+ if (in4 && !FIPS_digestupdate(mctx, in4, in4len)) -+ return 0; -+ if (outlen < dctx->blocklength) { -+ if (!FIPS_digestfinal(mctx, vtmp, NULL)) -+ return 0; -+ memcpy(out, vtmp, outlen); -+ OPENSSL_cleanse(vtmp, dctx->blocklength); -+ return 1; -+ } else if (!FIPS_digestfinal(mctx, out, NULL)) -+ return 0; -+ -+ outlen -= dctx->blocklength; -+ if (outlen == 0) -+ return 1; -+ tmp[0]++; -+ out += dctx->blocklength; -+ } -+} -+ -+/* Add an unsigned buffer to the buf value, storing the result in buf. For -+ * this algorithm the length of input never exceeds the seed length. -+ */ -+ -+static void ctx_add_buf(DRBG_CTX *dctx, unsigned char *buf, -+ unsigned char *in, size_t inlen) -+{ -+ size_t i = inlen; -+ const unsigned char *q; -+ unsigned char c, *p; -+ p = buf + dctx->seedlen; -+ q = in + inlen; -+ -+ OPENSSL_assert(i <= dctx->seedlen); -+ -+ /* Special case: zero length, just increment buffer */ -+ if (i) -+ c = 0; -+ else -+ c = 1; -+ -+ while (i) { -+ int r; -+ p--; -+ q--; -+ r = *p + *q + c; -+ /* Carry */ -+ if (r > 0xff) -+ c = 1; -+ else -+ c = 0; -+ *p = r & 0xff; -+ i--; -+ } -+ -+ i = dctx->seedlen - inlen; -+ -+ /* If not adding whole buffer handle final carries */ -+ if (c && i) { -+ do { -+ p--; -+ c = *p; -+ c++; -+ *p = c; -+ if (c) -+ return; -+ } while (i--); -+ } -+} -+ -+/* Finalise and add hash to V */ -+ -+static int ctx_add_md(DRBG_CTX *dctx) -+{ -+ if (!FIPS_digestfinal(dctx->d.hash.mctx, dctx->d.hash.vtmp, NULL)) -+ return 0; -+ ctx_add_buf(dctx, dctx->d.hash.V, dctx->d.hash.vtmp, dctx->blocklength); -+ return 1; -+} -+ -+static int hash_gen(DRBG_CTX *dctx, unsigned char *out, size_t outlen) -+{ -+ DRBG_HASH_CTX *hctx = &dctx->d.hash; -+ if (outlen == 0) -+ return 1; -+ memcpy(hctx->vtmp, hctx->V, dctx->seedlen); -+ for (;;) { -+ FIPS_digestinit(hctx->mctx, hctx->md); -+ FIPS_digestupdate(hctx->mctx, hctx->vtmp, dctx->seedlen); -+ if (outlen < dctx->blocklength) { -+ FIPS_digestfinal(hctx->mctx, hctx->vtmp, NULL); -+ memcpy(out, hctx->vtmp, outlen); -+ return 1; -+ } else { -+ FIPS_digestfinal(hctx->mctx, out, NULL); -+ outlen -= dctx->blocklength; -+ if (outlen == 0) -+ return 1; -+ out += dctx->blocklength; -+ } -+ ctx_add_buf(dctx, hctx->vtmp, NULL, 0); -+ } -+} -+ -+static int drbg_hash_instantiate(DRBG_CTX *dctx, -+ const unsigned char *ent, size_t ent_len, -+ const unsigned char *nonce, size_t nonce_len, -+ const unsigned char *pstr, size_t pstr_len) -+{ -+ DRBG_HASH_CTX *hctx = &dctx->d.hash; -+ if (!hash_df(dctx, hctx->V, -+ ent, ent_len, nonce, nonce_len, pstr, pstr_len, NULL, 0)) -+ return 0; -+ if (!hash_df(dctx, hctx->C, -+ NULL, 0, hctx->V, dctx->seedlen, NULL, 0, NULL, 0)) -+ return 0; -+ -+#ifdef HASH_DRBG_TRACE -+ fprintf(stderr, "V+C after instantiate:\n"); -+ hexprint(stderr, hctx->V, dctx->seedlen); -+ hexprint(stderr, hctx->C, dctx->seedlen); -+#endif -+ return 1; -+} -+ -+static int drbg_hash_reseed(DRBG_CTX *dctx, -+ const unsigned char *ent, size_t ent_len, -+ const unsigned char *adin, size_t adin_len) -+{ -+ DRBG_HASH_CTX *hctx = &dctx->d.hash; -+ /* V about to be updated so use C as output instead */ -+ if (!hash_df(dctx, hctx->C, -+ NULL, 1, hctx->V, dctx->seedlen, -+ ent, ent_len, adin, adin_len)) -+ return 0; -+ memcpy(hctx->V, hctx->C, dctx->seedlen); -+ if (!hash_df(dctx, hctx->C, NULL, 0, -+ hctx->V, dctx->seedlen, NULL, 0, NULL, 0)) -+ return 0; -+#ifdef HASH_DRBG_TRACE -+ fprintf(stderr, "V+C after reseed:\n"); -+ hexprint(stderr, hctx->V, dctx->seedlen); -+ hexprint(stderr, hctx->C, dctx->seedlen); -+#endif -+ return 1; -+} -+ -+static int drbg_hash_generate(DRBG_CTX *dctx, -+ unsigned char *out, size_t outlen, -+ const unsigned char *adin, size_t adin_len) -+{ -+ DRBG_HASH_CTX *hctx = &dctx->d.hash; -+ EVP_MD_CTX *mctx = hctx->mctx; -+ unsigned char tmp[4]; -+ if (adin && adin_len) { -+ tmp[0] = 2; -+ if (!FIPS_digestinit(mctx, hctx->md)) -+ return 0; -+ if (!EVP_DigestUpdate(mctx, tmp, 1)) -+ return 0; -+ if (!EVP_DigestUpdate(mctx, hctx->V, dctx->seedlen)) -+ return 0; -+ if (!EVP_DigestUpdate(mctx, adin, adin_len)) -+ return 0; -+ if (!ctx_add_md(dctx)) -+ return 0; -+ } -+ if (!hash_gen(dctx, out, outlen)) -+ return 0; -+ -+ tmp[0] = 3; -+ if (!FIPS_digestinit(mctx, hctx->md)) -+ return 0; -+ if (!EVP_DigestUpdate(mctx, tmp, 1)) -+ return 0; -+ if (!EVP_DigestUpdate(mctx, hctx->V, dctx->seedlen)) -+ return 0; -+ -+ if (!ctx_add_md(dctx)) -+ return 0; -+ -+ ctx_add_buf(dctx, hctx->V, hctx->C, dctx->seedlen); -+ -+ tmp[0] = (dctx->reseed_counter >> 24) & 0xff; -+ tmp[1] = (dctx->reseed_counter >> 16) & 0xff; -+ tmp[2] = (dctx->reseed_counter >> 8) & 0xff; -+ tmp[3] = dctx->reseed_counter & 0xff; -+ ctx_add_buf(dctx, hctx->V, tmp, 4); -+#ifdef HASH_DRBG_TRACE -+ fprintf(stderr, "V+C after generate:\n"); -+ hexprint(stderr, hctx->V, dctx->seedlen); -+ hexprint(stderr, hctx->C, dctx->seedlen); -+#endif -+ return 1; -+} -+ -+static int drbg_hash_uninstantiate(DRBG_CTX *dctx) -+{ -+ EVP_MD_CTX_free(dctx->d.hash.mctx); -+ OPENSSL_cleanse(&dctx->d.hash, sizeof(DRBG_HASH_CTX)); -+ return 1; -+} -+ -+int fips_drbg_hash_init(DRBG_CTX *dctx) -+{ -+ const EVP_MD *md; -+ DRBG_HASH_CTX *hctx = &dctx->d.hash; -+ md = EVP_get_digestbynid(dctx->type); -+ if (!md) -+ return -2; -+ switch (dctx->type) { -+ case NID_sha1: -+ dctx->strength = 128; -+ break; -+ -+ case NID_sha224: -+ dctx->strength = 192; -+ break; -+ -+ default: -+ dctx->strength = 256; -+ break; -+ } -+ -+ dctx->instantiate = drbg_hash_instantiate; -+ dctx->reseed = drbg_hash_reseed; -+ dctx->generate = drbg_hash_generate; -+ dctx->uninstantiate = drbg_hash_uninstantiate; -+ -+ dctx->d.hash.md = md; -+ hctx->mctx = EVP_MD_CTX_new(); -+ if (hctx->mctx == NULL) -+ return -1; -+ -+ /* These are taken from SP 800-90 10.1 table 2 */ -+ -+ dctx->blocklength = EVP_MD_size(md); -+ if (dctx->blocklength > 32) -+ dctx->seedlen = 111; -+ else -+ dctx->seedlen = 55; -+ -+ dctx->min_entropy = dctx->strength / 8; -+ dctx->max_entropy = DRBG_MAX_LENGTH; -+ -+ dctx->min_nonce = dctx->min_entropy / 2; -+ dctx->max_nonce = DRBG_MAX_LENGTH; -+ -+ dctx->max_pers = DRBG_MAX_LENGTH; -+ dctx->max_adin = DRBG_MAX_LENGTH; -+ -+ dctx->max_request = 1 << 16; -+ dctx->reseed_interval = 1 << 24; -+ -+ return 1; -+} -diff -up openssl-1.1.1j/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_hmac.c ---- openssl-1.1.1j/crypto/fips/fips_drbg_hmac.c.fips 2021-03-03 12:57:42.199734525 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_drbg_hmac.c 2021-03-03 12:57:42.199734525 +0100 -@@ -0,0 +1,262 @@ -+/* fips/rand/fips_drbg_hmac.c */ -+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -+ * project. -+ */ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * licensing@OpenSSL.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include "fips_rand_lcl.h" -+ -+static int drbg_hmac_update(DRBG_CTX *dctx, -+ const unsigned char *in1, size_t in1len, -+ const unsigned char *in2, size_t in2len, -+ const unsigned char *in3, size_t in3len) -+{ -+ static unsigned char c0 = 0, c1 = 1; -+ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; -+ HMAC_CTX *hctx = hmac->hctx; -+ -+ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) -+ return 0; -+ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) -+ return 0; -+ if (!HMAC_Update(hctx, &c0, 1)) -+ return 0; -+ if (in1len && !HMAC_Update(hctx, in1, in1len)) -+ return 0; -+ if (in2len && !HMAC_Update(hctx, in2, in2len)) -+ return 0; -+ if (in3len && !HMAC_Update(hctx, in3, in3len)) -+ return 0; -+ -+ if (!HMAC_Final(hctx, hmac->K, NULL)) -+ return 0; -+ -+ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) -+ return 0; -+ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) -+ return 0; -+ -+ if (!HMAC_Final(hctx, hmac->V, NULL)) -+ return 0; -+ -+ if (!in1len && !in2len && !in3len) -+ return 1; -+ -+ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) -+ return 0; -+ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) -+ return 0; -+ if (!HMAC_Update(hctx, &c1, 1)) -+ return 0; -+ if (in1len && !HMAC_Update(hctx, in1, in1len)) -+ return 0; -+ if (in2len && !HMAC_Update(hctx, in2, in2len)) -+ return 0; -+ if (in3len && !HMAC_Update(hctx, in3, in3len)) -+ return 0; -+ -+ if (!HMAC_Final(hctx, hmac->K, NULL)) -+ return 0; -+ -+ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) -+ return 0; -+ if (!HMAC_Update(hctx, hmac->V, dctx->blocklength)) -+ return 0; -+ -+ if (!HMAC_Final(hctx, hmac->V, NULL)) -+ return 0; -+ -+ return 1; -+ -+} -+ -+static int drbg_hmac_instantiate(DRBG_CTX *dctx, -+ const unsigned char *ent, size_t ent_len, -+ const unsigned char *nonce, size_t nonce_len, -+ const unsigned char *pstr, size_t pstr_len) -+{ -+ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; -+ memset(hmac->K, 0, dctx->blocklength); -+ memset(hmac->V, 1, dctx->blocklength); -+ if (!drbg_hmac_update(dctx, -+ ent, ent_len, nonce, nonce_len, pstr, pstr_len)) -+ return 0; -+ -+#ifdef HMAC_DRBG_TRACE -+ fprintf(stderr, "K+V after instantiate:\n"); -+ hexprint(stderr, hmac->K, hmac->blocklength); -+ hexprint(stderr, hmac->V, hmac->blocklength); -+#endif -+ return 1; -+} -+ -+static int drbg_hmac_reseed(DRBG_CTX *dctx, -+ const unsigned char *ent, size_t ent_len, -+ const unsigned char *adin, size_t adin_len) -+{ -+ if (!drbg_hmac_update(dctx, ent, ent_len, adin, adin_len, NULL, 0)) -+ return 0; -+ -+#ifdef HMAC_DRBG_TRACE -+ { -+ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; -+ fprintf(stderr, "K+V after reseed:\n"); -+ hexprint(stderr, hmac->K, hmac->blocklength); -+ hexprint(stderr, hmac->V, hmac->blocklength); -+ } -+#endif -+ return 1; -+} -+ -+static int drbg_hmac_generate(DRBG_CTX *dctx, -+ unsigned char *out, size_t outlen, -+ const unsigned char *adin, size_t adin_len) -+{ -+ DRBG_HMAC_CTX *hmac = &dctx->d.hmac; -+ HMAC_CTX *hctx = hmac->hctx; -+ const unsigned char *Vtmp = hmac->V; -+ if (adin_len && !drbg_hmac_update(dctx, adin, adin_len, NULL, 0, NULL, 0)) -+ return 0; -+ for (;;) { -+ if (!HMAC_Init_ex(hctx, hmac->K, dctx->blocklength, hmac->md, NULL)) -+ return 0; -+ if (!HMAC_Update(hctx, Vtmp, dctx->blocklength)) -+ return 0; -+ if (outlen > dctx->blocklength) { -+ if (!HMAC_Final(hctx, out, NULL)) -+ return 0; -+ Vtmp = out; -+ } else { -+ if (!HMAC_Final(hctx, hmac->V, NULL)) -+ return 0; -+ memcpy(out, hmac->V, outlen); -+ break; -+ } -+ out += dctx->blocklength; -+ outlen -= dctx->blocklength; -+ } -+ if (!drbg_hmac_update(dctx, adin, adin_len, NULL, 0, NULL, 0)) -+ return 0; -+ -+ return 1; -+} -+ -+static int drbg_hmac_uninstantiate(DRBG_CTX *dctx) -+{ -+ HMAC_CTX_free(dctx->d.hmac.hctx); -+ OPENSSL_cleanse(&dctx->d.hmac, sizeof(DRBG_HMAC_CTX)); -+ return 1; -+} -+ -+int fips_drbg_hmac_init(DRBG_CTX *dctx) -+{ -+ const EVP_MD *md = NULL; -+ DRBG_HMAC_CTX *hctx = &dctx->d.hmac; -+ dctx->strength = 256; -+ switch (dctx->type) { -+ case NID_hmacWithSHA1: -+ md = EVP_sha1(); -+ dctx->strength = 128; -+ break; -+ -+ case NID_hmacWithSHA224: -+ md = EVP_sha224(); -+ dctx->strength = 192; -+ break; -+ -+ case NID_hmacWithSHA256: -+ md = EVP_sha256(); -+ break; -+ -+ case NID_hmacWithSHA384: -+ md = EVP_sha384(); -+ break; -+ -+ case NID_hmacWithSHA512: -+ md = EVP_sha512(); -+ break; -+ -+ default: -+ dctx->strength = 0; -+ return -2; -+ } -+ dctx->instantiate = drbg_hmac_instantiate; -+ dctx->reseed = drbg_hmac_reseed; -+ dctx->generate = drbg_hmac_generate; -+ dctx->uninstantiate = drbg_hmac_uninstantiate; -+ hctx->hctx = HMAC_CTX_new(); -+ if (hctx->hctx == NULL) -+ return -1; -+ hctx->md = md; -+ dctx->blocklength = M_EVP_MD_size(md); -+ dctx->seedlen = M_EVP_MD_size(md); -+ -+ dctx->min_entropy = dctx->strength / 8; -+ dctx->max_entropy = DRBG_MAX_LENGTH; -+ -+ dctx->min_nonce = dctx->min_entropy / 2; -+ dctx->max_nonce = DRBG_MAX_LENGTH; -+ -+ dctx->max_pers = DRBG_MAX_LENGTH; -+ dctx->max_adin = DRBG_MAX_LENGTH; -+ -+ dctx->max_request = 1 << 16; -+ dctx->reseed_interval = 1 << 24; -+ -+ return 1; -+} -diff -up openssl-1.1.1j/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_lib.c ---- openssl-1.1.1j/crypto/fips/fips_drbg_lib.c.fips 2021-03-03 12:57:42.199734525 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_drbg_lib.c 2021-03-03 12:57:42.199734525 +0100 -@@ -0,0 +1,528 @@ -+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -+ * project. -+ */ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * licensing@OpenSSL.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ */ -+ -+#include -+#include -+#include -+#include -+#include "crypto/fips.h" -+#include -+#include "fips_locl.h" -+#include "fips_rand_lcl.h" -+ -+/* Support framework for SP800-90 DRBGs */ -+ -+int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags) -+{ -+ int rv; -+ memset(dctx, 0, sizeof(DRBG_CTX)); -+ dctx->status = DRBG_STATUS_UNINITIALISED; -+ dctx->xflags = flags; -+ dctx->type = type; -+ -+ dctx->iflags = 0; -+ dctx->entropy_blocklen = 0; -+ dctx->health_check_cnt = 0; -+ dctx->health_check_interval = DRBG_HEALTH_INTERVAL; -+ -+ rv = fips_drbg_hash_init(dctx); -+ -+ if (rv == -2) -+ rv = fips_drbg_ctr_init(dctx); -+ if (rv == -2) -+ rv = fips_drbg_hmac_init(dctx); -+ -+ if (rv <= 0) { -+ if (rv == -2) -+ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_UNSUPPORTED_DRBG_TYPE); -+ else -+ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_ERROR_INITIALISING_DRBG); -+ } -+ -+ /* If not in test mode run selftests on DRBG of the same type */ -+ -+ if (!(dctx->xflags & DRBG_FLAG_TEST)) { -+ if (!FIPS_drbg_health_check(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_SELFTEST_FAILURE); -+ return 0; -+ } -+ } -+ -+ return rv; -+} -+ -+DRBG_CTX *FIPS_drbg_new(int type, unsigned int flags) -+{ -+ DRBG_CTX *dctx; -+ dctx = OPENSSL_malloc(sizeof(DRBG_CTX)); -+ if (!dctx) { -+ FIPSerr(FIPS_F_FIPS_DRBG_NEW, ERR_R_MALLOC_FAILURE); -+ return NULL; -+ } -+ -+ if (type == 0) { -+ memset(dctx, 0, sizeof(DRBG_CTX)); -+ dctx->type = 0; -+ dctx->status = DRBG_STATUS_UNINITIALISED; -+ return dctx; -+ } -+ -+ if (FIPS_drbg_init(dctx, type, flags) <= 0) { -+ OPENSSL_free(dctx); -+ return NULL; -+ } -+ -+ return dctx; -+} -+ -+void FIPS_drbg_free(DRBG_CTX *dctx) -+{ -+ if (dctx->uninstantiate) -+ dctx->uninstantiate(dctx); -+ /* Don't free up default DRBG */ -+ if (dctx == FIPS_get_default_drbg()) { -+ memset(dctx, 0, sizeof(DRBG_CTX)); -+ dctx->type = 0; -+ dctx->status = DRBG_STATUS_UNINITIALISED; -+ } else { -+ OPENSSL_cleanse(&dctx->d, sizeof(dctx->d)); -+ OPENSSL_free(dctx); -+ } -+} -+ -+static size_t fips_get_entropy(DRBG_CTX *dctx, unsigned char **pout, -+ int entropy, size_t min_len, size_t max_len) -+{ -+ unsigned char *tout, *p; -+ size_t bl = dctx->entropy_blocklen, rv; -+ if (!dctx->get_entropy) -+ return 0; -+ if (dctx->xflags & DRBG_FLAG_TEST || !bl) -+ return dctx->get_entropy(dctx, pout, entropy, min_len, max_len); -+ rv = dctx->get_entropy(dctx, &tout, entropy + bl, -+ min_len + bl, max_len + bl); -+ if (tout == NULL) -+ return 0; -+ *pout = tout + bl; -+ if (rv < (min_len + bl) || (rv % bl)) -+ return 0; -+ /* Compare consecutive blocks for continuous PRNG test */ -+ for (p = tout; p < tout + rv - bl; p += bl) { -+ if (!memcmp(p, p + bl, bl)) { -+ FIPSerr(FIPS_F_FIPS_GET_ENTROPY, FIPS_R_ENTROPY_SOURCE_STUCK); -+ return 0; -+ } -+ } -+ rv -= bl; -+ if (rv > max_len) -+ return max_len; -+ return rv; -+} -+ -+static void fips_cleanup_entropy(DRBG_CTX *dctx, -+ unsigned char *out, size_t olen) -+{ -+ size_t bl; -+ if (dctx->xflags & DRBG_FLAG_TEST) -+ bl = 0; -+ else -+ bl = dctx->entropy_blocklen; -+ /* Call cleanup with original arguments */ -+ dctx->cleanup_entropy(dctx, out - bl, olen + bl); -+} -+ -+int FIPS_drbg_instantiate(DRBG_CTX *dctx, -+ const unsigned char *pers, size_t perslen) -+{ -+ size_t entlen = 0, noncelen = 0; -+ unsigned char *nonce = NULL, *entropy = NULL; -+ -+#if 0 -+ /* Put here so error script picks them up */ -+ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, -+ FIPS_R_PERSONALISATION_STRING_TOO_LONG); -+ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_IN_ERROR_STATE); -+ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_ALREADY_INSTANTIATED); -+ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_ERROR_RETRIEVING_ENTROPY); -+ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_ERROR_RETRIEVING_NONCE); -+ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_INSTANTIATE_ERROR); -+ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, FIPS_R_DRBG_NOT_INITIALISED); -+#endif -+ -+ int r = 0; -+ -+ if (perslen > dctx->max_pers) { -+ r = FIPS_R_PERSONALISATION_STRING_TOO_LONG; -+ goto end; -+ } -+ -+ if (!dctx->instantiate) { -+ r = FIPS_R_DRBG_NOT_INITIALISED; -+ goto end; -+ } -+ -+ if (dctx->status != DRBG_STATUS_UNINITIALISED) { -+ if (dctx->status == DRBG_STATUS_ERROR) -+ r = FIPS_R_IN_ERROR_STATE; -+ else -+ r = FIPS_R_ALREADY_INSTANTIATED; -+ goto end; -+ } -+ -+ dctx->status = DRBG_STATUS_ERROR; -+ -+ entlen = fips_get_entropy(dctx, &entropy, dctx->strength, -+ dctx->min_entropy, dctx->max_entropy); -+ -+ if (entlen < dctx->min_entropy || entlen > dctx->max_entropy) { -+ r = FIPS_R_ERROR_RETRIEVING_ENTROPY; -+ goto end; -+ } -+ -+ if (dctx->max_nonce > 0 && dctx->get_nonce) { -+ noncelen = dctx->get_nonce(dctx, &nonce, -+ dctx->strength / 2, -+ dctx->min_nonce, dctx->max_nonce); -+ -+ if (noncelen < dctx->min_nonce || noncelen > dctx->max_nonce) { -+ r = FIPS_R_ERROR_RETRIEVING_NONCE; -+ goto end; -+ } -+ -+ } -+ -+ if (!dctx->instantiate(dctx, -+ entropy, entlen, nonce, noncelen, pers, perslen)) { -+ r = FIPS_R_ERROR_INSTANTIATING_DRBG; -+ goto end; -+ } -+ -+ dctx->status = DRBG_STATUS_READY; -+ if (!(dctx->iflags & DRBG_CUSTOM_RESEED)) -+ dctx->reseed_counter = 1; -+ -+ end: -+ -+ if (entropy && dctx->cleanup_entropy) -+ fips_cleanup_entropy(dctx, entropy, entlen); -+ -+ if (nonce && dctx->cleanup_nonce) -+ dctx->cleanup_nonce(dctx, nonce, noncelen); -+ -+ if (dctx->status == DRBG_STATUS_READY) -+ return 1; -+ -+ if (r && !(dctx->iflags & DRBG_FLAG_NOERR)) -+ FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, r); -+ -+ return 0; -+ -+} -+ -+static int drbg_reseed(DRBG_CTX *dctx, -+ const unsigned char *adin, size_t adinlen, int hcheck) -+{ -+ unsigned char *entropy = NULL; -+ size_t entlen = 0; -+ int r = 0; -+ -+#if 0 -+ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_NOT_INSTANTIATED); -+ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG); -+#endif -+ if (dctx->status != DRBG_STATUS_READY -+ && dctx->status != DRBG_STATUS_RESEED) { -+ if (dctx->status == DRBG_STATUS_ERROR) -+ r = FIPS_R_IN_ERROR_STATE; -+ else if (dctx->status == DRBG_STATUS_UNINITIALISED) -+ r = FIPS_R_NOT_INSTANTIATED; -+ goto end; -+ } -+ -+ if (!adin) -+ adinlen = 0; -+ else if (adinlen > dctx->max_adin) { -+ r = FIPS_R_ADDITIONAL_INPUT_TOO_LONG; -+ goto end; -+ } -+ -+ dctx->status = DRBG_STATUS_ERROR; -+ /* Peform health check on all reseed operations if not a prediction -+ * resistance request and not in test mode. -+ */ -+ if (hcheck && !(dctx->xflags & DRBG_FLAG_TEST)) { -+ if (!FIPS_drbg_health_check(dctx)) { -+ r = FIPS_R_SELFTEST_FAILURE; -+ goto end; -+ } -+ } -+ -+ entlen = fips_get_entropy(dctx, &entropy, dctx->strength, -+ dctx->min_entropy, dctx->max_entropy); -+ -+ if (entlen < dctx->min_entropy || entlen > dctx->max_entropy) { -+ r = FIPS_R_ERROR_RETRIEVING_ENTROPY; -+ goto end; -+ } -+ -+ if (!dctx->reseed(dctx, entropy, entlen, adin, adinlen)) -+ goto end; -+ -+ dctx->status = DRBG_STATUS_READY; -+ if (!(dctx->iflags & DRBG_CUSTOM_RESEED)) -+ dctx->reseed_counter = 1; -+ end: -+ -+ if (entropy && dctx->cleanup_entropy) -+ fips_cleanup_entropy(dctx, entropy, entlen); -+ -+ if (dctx->status == DRBG_STATUS_READY) -+ return 1; -+ -+ if (r && !(dctx->iflags & DRBG_FLAG_NOERR)) -+ FIPSerr(FIPS_F_DRBG_RESEED, r); -+ -+ return 0; -+} -+ -+int FIPS_drbg_reseed(DRBG_CTX *dctx, -+ const unsigned char *adin, size_t adinlen) -+{ -+ return drbg_reseed(dctx, adin, adinlen, 1); -+} -+ -+static int fips_drbg_check(DRBG_CTX *dctx) -+{ -+ if (dctx->xflags & DRBG_FLAG_TEST) -+ return 1; -+ dctx->health_check_cnt++; -+ if (dctx->health_check_cnt >= dctx->health_check_interval) { -+ if (!FIPS_drbg_health_check(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_CHECK, FIPS_R_SELFTEST_FAILURE); -+ return 0; -+ } -+ } -+ return 1; -+} -+ -+int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, -+ int prediction_resistance, -+ const unsigned char *adin, size_t adinlen) -+{ -+ int r = 0; -+ -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } -+ -+ if (!fips_drbg_check(dctx)) -+ return 0; -+ -+ if (dctx->status != DRBG_STATUS_READY -+ && dctx->status != DRBG_STATUS_RESEED) { -+ if (dctx->status == DRBG_STATUS_ERROR) -+ r = FIPS_R_IN_ERROR_STATE; -+ else if (dctx->status == DRBG_STATUS_UNINITIALISED) -+ r = FIPS_R_NOT_INSTANTIATED; -+ goto end; -+ } -+ -+ if (outlen > dctx->max_request) { -+ r = FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG; -+ return 0; -+ } -+ -+ if (adinlen > dctx->max_adin) { -+ r = FIPS_R_ADDITIONAL_INPUT_TOO_LONG; -+ goto end; -+ } -+ -+ if (dctx->iflags & DRBG_CUSTOM_RESEED) -+ dctx->generate(dctx, NULL, outlen, NULL, 0); -+ else if (dctx->reseed_counter >= dctx->reseed_interval) -+ dctx->status = DRBG_STATUS_RESEED; -+ -+ if (dctx->status == DRBG_STATUS_RESEED || prediction_resistance) { -+ /* If prediction resistance request don't do health check */ -+ int hcheck = prediction_resistance ? 0 : 1; -+ -+ if (!drbg_reseed(dctx, adin, adinlen, hcheck)) { -+ r = FIPS_R_RESEED_ERROR; -+ goto end; -+ } -+ adin = NULL; -+ adinlen = 0; -+ } -+ -+ if (!dctx->generate(dctx, out, outlen, adin, adinlen)) { -+ r = FIPS_R_GENERATE_ERROR; -+ dctx->status = DRBG_STATUS_ERROR; -+ goto end; -+ } -+ if (!(dctx->iflags & DRBG_CUSTOM_RESEED)) { -+ if (dctx->reseed_counter >= dctx->reseed_interval) -+ dctx->status = DRBG_STATUS_RESEED; -+ else -+ dctx->reseed_counter++; -+ } -+ -+ end: -+ if (r) { -+ if (!(dctx->iflags & DRBG_FLAG_NOERR)) -+ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, r); -+ return 0; -+ } -+ -+ return 1; -+} -+ -+int FIPS_drbg_uninstantiate(DRBG_CTX *dctx) -+{ -+ int rv; -+ if (!dctx->uninstantiate) -+ rv = 1; -+ else -+ rv = dctx->uninstantiate(dctx); -+ /* Although we'd like to cleanse here we can't because we have to -+ * test the uninstantiate really zeroes the data. -+ */ -+ memset(&dctx->d, 0, sizeof(dctx->d)); -+ dctx->status = DRBG_STATUS_UNINITIALISED; -+ /* If method has problems uninstantiating, return error */ -+ return rv; -+} -+ -+int FIPS_drbg_set_callbacks(DRBG_CTX *dctx, -+ size_t (*get_entropy) (DRBG_CTX *ctx, -+ unsigned char **pout, -+ int entropy, -+ size_t min_len, -+ size_t max_len), -+ void (*cleanup_entropy) (DRBG_CTX *ctx, -+ unsigned char *out, -+ size_t olen), -+ size_t entropy_blocklen, -+ size_t (*get_nonce) (DRBG_CTX *ctx, -+ unsigned char **pout, -+ int entropy, size_t min_len, -+ size_t max_len), -+ void (*cleanup_nonce) (DRBG_CTX *ctx, -+ unsigned char *out, -+ size_t olen)) -+{ -+ if (dctx->status != DRBG_STATUS_UNINITIALISED) -+ return 0; -+ dctx->entropy_blocklen = entropy_blocklen; -+ dctx->get_entropy = get_entropy; -+ dctx->cleanup_entropy = cleanup_entropy; -+ dctx->get_nonce = get_nonce; -+ dctx->cleanup_nonce = cleanup_nonce; -+ return 1; -+} -+ -+int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx, -+ size_t (*get_adin) (DRBG_CTX *ctx, -+ unsigned char **pout), -+ void (*cleanup_adin) (DRBG_CTX *ctx, -+ unsigned char *out, -+ size_t olen), -+ int (*rand_seed_cb) (DRBG_CTX *ctx, -+ const void *buf, -+ int num), -+ int (*rand_add_cb) (DRBG_CTX *ctx, -+ const void *buf, int num, -+ double entropy)) -+{ -+ if (dctx->status != DRBG_STATUS_UNINITIALISED) -+ return 0; -+ dctx->get_adin = get_adin; -+ dctx->cleanup_adin = cleanup_adin; -+ dctx->rand_seed_cb = rand_seed_cb; -+ dctx->rand_add_cb = rand_add_cb; -+ return 1; -+} -+ -+void *FIPS_drbg_get_app_data(DRBG_CTX *dctx) -+{ -+ return dctx->app_data; -+} -+ -+void FIPS_drbg_set_app_data(DRBG_CTX *dctx, void *app_data) -+{ -+ dctx->app_data = app_data; -+} -+ -+size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx) -+{ -+ return dctx->blocklength; -+} -+ -+int FIPS_drbg_get_strength(DRBG_CTX *dctx) -+{ -+ return dctx->strength; -+} -+ -+void FIPS_drbg_set_check_interval(DRBG_CTX *dctx, int interval) -+{ -+ dctx->health_check_interval = interval; -+} -+ -+void FIPS_drbg_set_reseed_interval(DRBG_CTX *dctx, int interval) -+{ -+ dctx->reseed_interval = interval; -+} -+ -+void FIPS_drbg_stick(int onoff) -+{ -+ /* Just backwards compatibility API call with no effect. */ -+} -diff -up openssl-1.1.1j/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_rand.c ---- openssl-1.1.1j/crypto/fips/fips_drbg_rand.c.fips 2021-03-03 12:57:42.199734525 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_drbg_rand.c 2021-03-03 12:57:42.199734525 +0100 -@@ -0,0 +1,185 @@ -+/* fips/rand/fips_drbg_rand.c */ -+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -+ * project. -+ */ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * licensing@OpenSSL.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ */ -+ -+#include -+#include -+#include "internal/thread_once.h" -+#include -+#include -+#include -+#include -+#include "fips_rand_lcl.h" -+ -+/* Mapping of SP800-90 DRBGs to OpenSSL RAND_METHOD */ -+ -+/* Since we only have one global PRNG used at any time in OpenSSL use a global -+ * variable to store context. -+ */ -+ -+static DRBG_CTX ossl_dctx; -+ -+static CRYPTO_RWLOCK *fips_rand_lock = NULL; -+static CRYPTO_ONCE fips_rand_lock_init = CRYPTO_ONCE_STATIC_INIT; -+ -+DEFINE_RUN_ONCE_STATIC(do_fips_rand_lock_init) -+{ -+ fips_rand_lock = CRYPTO_THREAD_lock_new(); -+ return fips_rand_lock != NULL; -+} -+ -+DRBG_CTX *FIPS_get_default_drbg(void) -+{ -+ if (!RUN_ONCE(&fips_rand_lock_init, do_fips_rand_lock_init)) -+ return NULL; -+ return &ossl_dctx; -+} -+ -+static int fips_drbg_bytes(unsigned char *out, int count) -+{ -+ DRBG_CTX *dctx = &ossl_dctx; -+ int rv = 0; -+ unsigned char *adin = NULL; -+ size_t adinlen = 0; -+ CRYPTO_THREAD_write_lock(fips_rand_lock); -+ do { -+ size_t rcnt; -+ if (count > (int)dctx->max_request) -+ rcnt = dctx->max_request; -+ else -+ rcnt = count; -+ if (dctx->get_adin) { -+ adinlen = dctx->get_adin(dctx, &adin); -+ if (adinlen && !adin) { -+ FIPSerr(FIPS_F_FIPS_DRBG_BYTES, -+ FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT); -+ goto err; -+ } -+ } -+ rv = FIPS_drbg_generate(dctx, out, rcnt, 0, adin, adinlen); -+ if (adin) { -+ if (dctx->cleanup_adin) -+ dctx->cleanup_adin(dctx, adin, adinlen); -+ adin = NULL; -+ } -+ if (!rv) -+ goto err; -+ out += rcnt; -+ count -= rcnt; -+ } -+ while (count); -+ rv = 1; -+ err: -+ CRYPTO_THREAD_unlock(fips_rand_lock); -+ return rv; -+} -+ -+static int fips_drbg_pseudo(unsigned char *out, int count) -+{ -+ if (fips_drbg_bytes(out, count) <= 0) -+ return -1; -+ return 1; -+} -+ -+static int fips_drbg_status(void) -+{ -+ DRBG_CTX *dctx = &ossl_dctx; -+ int rv; -+ CRYPTO_THREAD_read_lock(fips_rand_lock); -+ rv = dctx->status == DRBG_STATUS_READY ? 1 : 0; -+ CRYPTO_THREAD_unlock(fips_rand_lock); -+ return rv; -+} -+ -+static void fips_drbg_cleanup(void) -+{ -+ DRBG_CTX *dctx = &ossl_dctx; -+ CRYPTO_THREAD_write_lock(fips_rand_lock); -+ FIPS_drbg_uninstantiate(dctx); -+ CRYPTO_THREAD_unlock(fips_rand_lock); -+} -+ -+static int fips_drbg_seed(const void *seed, int seedlen) -+{ -+ DRBG_CTX *dctx = &ossl_dctx; -+ int ret = 1; -+ CRYPTO_THREAD_write_lock(fips_rand_lock); -+ if (dctx->rand_seed_cb) -+ ret = dctx->rand_seed_cb(dctx, seed, seedlen); -+ CRYPTO_THREAD_unlock(fips_rand_lock); -+ return ret; -+} -+ -+static int fips_drbg_add(const void *seed, int seedlen, double add_entropy) -+{ -+ DRBG_CTX *dctx = &ossl_dctx; -+ int ret = 1; -+ CRYPTO_THREAD_write_lock(fips_rand_lock); -+ if (dctx->rand_add_cb) -+ ret = dctx->rand_add_cb(dctx, seed, seedlen, add_entropy); -+ CRYPTO_THREAD_unlock(fips_rand_lock); -+ return ret; -+} -+ -+static const RAND_METHOD rand_drbg_meth = { -+ fips_drbg_seed, -+ fips_drbg_bytes, -+ fips_drbg_cleanup, -+ fips_drbg_add, -+ fips_drbg_pseudo, -+ fips_drbg_status -+}; -+ -+const RAND_METHOD *FIPS_drbg_method(void) -+{ -+ return &rand_drbg_meth; -+} -diff -up openssl-1.1.1j/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_drbg_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_drbg_selftest.c.fips 2021-03-03 12:57:42.200734534 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_drbg_selftest.c 2021-03-03 12:57:42.200734534 +0100 -@@ -0,0 +1,828 @@ -+/* fips/rand/fips_drbg_selftest.c */ -+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -+ * project. -+ */ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * licensing@OpenSSL.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include "fips_rand_lcl.h" -+#include "fips_locl.h" -+ -+#include "fips_drbg_selftest.h" -+ -+typedef struct { -+ int post; -+ int nid; -+ unsigned int flags; -+ -+ /* KAT data for no PR */ -+ const unsigned char *ent; -+ size_t entlen; -+ const unsigned char *nonce; -+ size_t noncelen; -+ const unsigned char *pers; -+ size_t perslen; -+ const unsigned char *adin; -+ size_t adinlen; -+ const unsigned char *entreseed; -+ size_t entreseedlen; -+ const unsigned char *adinreseed; -+ size_t adinreseedlen; -+ const unsigned char *adin2; -+ size_t adin2len; -+ const unsigned char *kat; -+ size_t katlen; -+ const unsigned char *kat2; -+ size_t kat2len; -+ -+ /* KAT data for PR */ -+ const unsigned char *ent_pr; -+ size_t entlen_pr; -+ const unsigned char *nonce_pr; -+ size_t noncelen_pr; -+ const unsigned char *pers_pr; -+ size_t perslen_pr; -+ const unsigned char *adin_pr; -+ size_t adinlen_pr; -+ const unsigned char *entpr_pr; -+ size_t entprlen_pr; -+ const unsigned char *ading_pr; -+ size_t adinglen_pr; -+ const unsigned char *entg_pr; -+ size_t entglen_pr; -+ const unsigned char *kat_pr; -+ size_t katlen_pr; -+ const unsigned char *kat2_pr; -+ size_t kat2len_pr; -+ -+} DRBG_SELFTEST_DATA; -+ -+#define make_drbg_test_data(nid, flag, pr, p) {p, nid, flag | DRBG_FLAG_TEST, \ -+ pr##_entropyinput, sizeof(pr##_entropyinput), \ -+ pr##_nonce, sizeof(pr##_nonce), \ -+ pr##_personalizationstring, sizeof(pr##_personalizationstring), \ -+ pr##_additionalinput, sizeof(pr##_additionalinput), \ -+ pr##_entropyinputreseed, sizeof(pr##_entropyinputreseed), \ -+ pr##_additionalinputreseed, sizeof(pr##_additionalinputreseed), \ -+ pr##_additionalinput2, sizeof(pr##_additionalinput2), \ -+ pr##_int_returnedbits, sizeof(pr##_int_returnedbits), \ -+ pr##_returnedbits, sizeof(pr##_returnedbits), \ -+ pr##_pr_entropyinput, sizeof(pr##_pr_entropyinput), \ -+ pr##_pr_nonce, sizeof(pr##_pr_nonce), \ -+ pr##_pr_personalizationstring, sizeof(pr##_pr_personalizationstring), \ -+ pr##_pr_additionalinput, sizeof(pr##_pr_additionalinput), \ -+ pr##_pr_entropyinputpr, sizeof(pr##_pr_entropyinputpr), \ -+ pr##_pr_additionalinput2, sizeof(pr##_pr_additionalinput2), \ -+ pr##_pr_entropyinputpr2, sizeof(pr##_pr_entropyinputpr2), \ -+ pr##_pr_int_returnedbits, sizeof(pr##_pr_int_returnedbits), \ -+ pr##_pr_returnedbits, sizeof(pr##_pr_returnedbits), \ -+ } -+ -+#define make_drbg_test_data_df(nid, pr, p) \ -+ make_drbg_test_data(nid, DRBG_FLAG_CTR_USE_DF, pr, p) -+ -+#define make_drbg_test_data_ec(curve, md, pr, p) \ -+ make_drbg_test_data((curve << 16) | md , 0, pr, p) -+ -+static DRBG_SELFTEST_DATA drbg_test[] = { -+ make_drbg_test_data_df(NID_aes_128_ctr, aes_128_use_df, 0), -+ make_drbg_test_data_df(NID_aes_192_ctr, aes_192_use_df, 0), -+ make_drbg_test_data_df(NID_aes_256_ctr, aes_256_use_df, 1), -+ make_drbg_test_data(NID_aes_128_ctr, 0, aes_128_no_df, 0), -+ make_drbg_test_data(NID_aes_192_ctr, 0, aes_192_no_df, 0), -+ make_drbg_test_data(NID_aes_256_ctr, 0, aes_256_no_df, 1), -+ make_drbg_test_data(NID_sha1, 0, sha1, 0), -+ make_drbg_test_data(NID_sha224, 0, sha224, 0), -+ make_drbg_test_data(NID_sha256, 0, sha256, 1), -+ make_drbg_test_data(NID_sha384, 0, sha384, 0), -+ make_drbg_test_data(NID_sha512, 0, sha512, 0), -+ make_drbg_test_data(NID_hmacWithSHA1, 0, hmac_sha1, 0), -+ make_drbg_test_data(NID_hmacWithSHA224, 0, hmac_sha224, 0), -+ make_drbg_test_data(NID_hmacWithSHA256, 0, hmac_sha256, 1), -+ make_drbg_test_data(NID_hmacWithSHA384, 0, hmac_sha384, 0), -+ make_drbg_test_data(NID_hmacWithSHA512, 0, hmac_sha512, 0), -+ {0, 0, 0} -+}; -+ -+typedef struct { -+ const unsigned char *ent; -+ size_t entlen; -+ int entcnt; -+ const unsigned char *nonce; -+ size_t noncelen; -+ int noncecnt; -+} TEST_ENT; -+ -+static size_t test_entropy(DRBG_CTX *dctx, unsigned char **pout, -+ int entropy, size_t min_len, size_t max_len) -+{ -+ TEST_ENT *t = FIPS_drbg_get_app_data(dctx); -+ *pout = (unsigned char *)t->ent; -+ t->entcnt++; -+ return t->entlen; -+} -+ -+static size_t test_nonce(DRBG_CTX *dctx, unsigned char **pout, -+ int entropy, size_t min_len, size_t max_len) -+{ -+ TEST_ENT *t = FIPS_drbg_get_app_data(dctx); -+ *pout = (unsigned char *)t->nonce; -+ t->noncecnt++; -+ return t->noncelen; -+} -+ -+static int fips_drbg_single_kat(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td, -+ int quick) -+{ -+ TEST_ENT t; -+ int rv = 0; -+ size_t adinlen; -+ unsigned char randout[1024]; -+ -+ /* Initial test without PR */ -+ -+ /* Instantiate DRBG with test entropy, nonce and personalisation -+ * string. -+ */ -+ -+ if (!FIPS_drbg_init(dctx, td->nid, td->flags)) -+ return 0; -+ if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0, test_nonce, 0)) -+ return 0; -+ -+ FIPS_drbg_set_app_data(dctx, &t); -+ -+ t.ent = td->ent; -+ t.entlen = td->entlen; -+ t.nonce = td->nonce; -+ t.noncelen = td->noncelen; -+ t.entcnt = 0; -+ t.noncecnt = 0; -+ -+ if (!FIPS_drbg_instantiate(dctx, td->pers, td->perslen)) -+ goto err; -+ -+ /* Note for CTR without DF some additional input values -+ * ignore bytes after the keylength: so reduce adinlen -+ * to half to ensure invalid data is fed in. -+ */ -+ if (!fips_post_corrupt(FIPS_TEST_DRBG, dctx->type, &dctx->iflags)) -+ adinlen = td->adinlen / 2; -+ else -+ adinlen = td->adinlen; -+ -+ /* Generate with no PR and verify output matches expected data */ -+ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, td->adin, adinlen)) -+ goto err; -+ -+ if (memcmp(randout, td->kat, td->katlen)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_NOPR_TEST1_FAILURE); -+ goto err2; -+ } -+ /* If abbreviated POST end of test */ -+ if (quick) { -+ rv = 1; -+ goto err; -+ } -+ /* Reseed DRBG with test entropy and additional input */ -+ t.ent = td->entreseed; -+ t.entlen = td->entreseedlen; -+ -+ if (!FIPS_drbg_reseed(dctx, td->adinreseed, td->adinreseedlen)) -+ goto err; -+ -+ /* Generate with no PR and verify output matches expected data */ -+ if (!FIPS_drbg_generate(dctx, randout, td->kat2len, 0, -+ td->adin2, td->adin2len)) -+ goto err; -+ -+ if (memcmp(randout, td->kat2, td->kat2len)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_NOPR_TEST2_FAILURE); -+ goto err2; -+ } -+ -+ FIPS_drbg_uninstantiate(dctx); -+ -+ /* Now test with PR */ -+ -+ /* Instantiate DRBG with test entropy, nonce and personalisation -+ * string. -+ */ -+ if (!FIPS_drbg_init(dctx, td->nid, td->flags)) -+ return 0; -+ if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0, test_nonce, 0)) -+ return 0; -+ -+ FIPS_drbg_set_app_data(dctx, &t); -+ -+ t.ent = td->ent_pr; -+ t.entlen = td->entlen_pr; -+ t.nonce = td->nonce_pr; -+ t.noncelen = td->noncelen_pr; -+ t.entcnt = 0; -+ t.noncecnt = 0; -+ -+ if (!FIPS_drbg_instantiate(dctx, td->pers_pr, td->perslen_pr)) -+ goto err; -+ -+ /* Now generate with PR: we need to supply entropy as this will -+ * perform a reseed operation. Check output matches expected value. -+ */ -+ -+ t.ent = td->entpr_pr; -+ t.entlen = td->entprlen_pr; -+ -+ /* Note for CTR without DF some additional input values -+ * ignore bytes after the keylength: so reduce adinlen -+ * to half to ensure invalid data is fed in. -+ */ -+ if (!fips_post_corrupt(FIPS_TEST_DRBG, dctx->type, &dctx->iflags)) -+ adinlen = td->adinlen_pr / 2; -+ else -+ adinlen = td->adinlen_pr; -+ if (!FIPS_drbg_generate(dctx, randout, td->katlen_pr, 1, -+ td->adin_pr, adinlen)) -+ goto err; -+ -+ if (memcmp(randout, td->kat_pr, td->katlen_pr)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_PR_TEST1_FAILURE); -+ goto err2; -+ } -+ -+ /* Now generate again with PR: supply new entropy again. -+ * Check output matches expected value. -+ */ -+ -+ t.ent = td->entg_pr; -+ t.entlen = td->entglen_pr; -+ -+ if (!FIPS_drbg_generate(dctx, randout, td->kat2len_pr, 1, -+ td->ading_pr, td->adinglen_pr)) -+ goto err; -+ -+ if (memcmp(randout, td->kat2_pr, td->kat2len_pr)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_PR_TEST2_FAILURE); -+ goto err2; -+ } -+ /* All OK, test complete */ -+ rv = 1; -+ -+ err: -+ if (rv == 0) -+ FIPSerr(FIPS_F_FIPS_DRBG_SINGLE_KAT, FIPS_R_SELFTEST_FAILED); -+ err2: -+ FIPS_drbg_uninstantiate(dctx); -+ -+ return rv; -+ -+} -+ -+/* Initialise a DRBG based on selftest data */ -+ -+static int do_drbg_init(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td, TEST_ENT * t) -+{ -+ -+ if (!FIPS_drbg_init(dctx, td->nid, td->flags)) -+ return 0; -+ -+ if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0, test_nonce, 0)) -+ return 0; -+ -+ FIPS_drbg_set_app_data(dctx, t); -+ -+ t->ent = td->ent; -+ t->entlen = td->entlen; -+ t->nonce = td->nonce; -+ t->noncelen = td->noncelen; -+ t->entcnt = 0; -+ t->noncecnt = 0; -+ return 1; -+} -+ -+/* Initialise and instantiate DRBG based on selftest data */ -+static int do_drbg_instantiate(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td, -+ TEST_ENT * t) -+{ -+ if (!do_drbg_init(dctx, td, t)) -+ return 0; -+ if (!FIPS_drbg_instantiate(dctx, td->pers, td->perslen)) -+ return 0; -+ -+ return 1; -+} -+ -+/* This function performs extensive error checking as required by SP800-90. -+ * Induce several failure modes and check an error condition is set. -+ * This function along with fips_drbg_single_kat peforms the health checking -+ * operation. -+ */ -+ -+static int fips_drbg_error_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA * td) -+{ -+ unsigned char randout[1024]; -+ TEST_ENT t; -+ size_t i; -+ unsigned int reseed_counter_tmp; -+ unsigned char *p = (unsigned char *)dctx; -+ -+ /* Initialise DRBG */ -+ -+ if (!do_drbg_init(dctx, td, &t)) -+ goto err; -+ -+ /* Don't report induced errors */ -+ dctx->iflags |= DRBG_FLAG_NOERR; -+ -+ /* Personalisation string tests */ -+ -+ /* Test detection of too large personlisation string */ -+ -+ if (FIPS_drbg_instantiate(dctx, td->pers, dctx->max_pers + 1) > 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_PERSONALISATION_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ /* Entropy source tests */ -+ -+ /* Test entropy source failure detecion: i.e. returns no data */ -+ -+ t.entlen = 0; -+ -+ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ENTROPY_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ /* Try to generate output from uninstantiated DRBG */ -+ if (FIPS_drbg_generate(dctx, randout, td->katlen, 0, -+ td->adin, td->adinlen)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_GENERATE_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ dctx->iflags &= ~DRBG_FLAG_NOERR; -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ if (!do_drbg_init(dctx, td, &t)) -+ goto err; -+ -+ dctx->iflags |= DRBG_FLAG_NOERR; -+ -+ /* Test insufficient entropy */ -+ -+ t.entlen = dctx->min_entropy - 1; -+ -+ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ENTROPY_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ dctx->iflags &= ~DRBG_FLAG_NOERR; -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ /* Test too much entropy */ -+ -+ if (!do_drbg_init(dctx, td, &t)) -+ goto err; -+ -+ dctx->iflags |= DRBG_FLAG_NOERR; -+ -+ t.entlen = dctx->max_entropy + 1; -+ -+ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ENTROPY_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ dctx->iflags &= ~DRBG_FLAG_NOERR; -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ /* Nonce tests */ -+ -+ /* Test too small nonce */ -+ -+ if (dctx->min_nonce) { -+ -+ if (!do_drbg_init(dctx, td, &t)) -+ goto err; -+ -+ dctx->iflags |= DRBG_FLAG_NOERR; -+ -+ t.noncelen = dctx->min_nonce - 1; -+ -+ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_NONCE_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ dctx->iflags &= ~DRBG_FLAG_NOERR; -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ } -+ -+ /* Test too large nonce */ -+ -+ if (dctx->max_nonce) { -+ -+ if (!do_drbg_init(dctx, td, &t)) -+ goto err; -+ -+ dctx->iflags |= DRBG_FLAG_NOERR; -+ -+ t.noncelen = dctx->max_nonce + 1; -+ -+ if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_NONCE_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ dctx->iflags &= ~DRBG_FLAG_NOERR; -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ } -+ -+ /* Instantiate with valid data. */ -+ if (!do_drbg_instantiate(dctx, td, &t)) -+ goto err; -+ -+ /* Check generation is now OK */ -+ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, -+ td->adin, td->adinlen)) -+ goto err; -+ -+ dctx->iflags |= DRBG_FLAG_NOERR; -+ -+ /* Request too much data for one request */ -+ if (FIPS_drbg_generate(dctx, randout, dctx->max_request + 1, 0, -+ td->adin, td->adinlen)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ /* Try too large additional input */ -+ if (FIPS_drbg_generate(dctx, randout, td->katlen, 0, -+ td->adin, dctx->max_adin + 1)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ /* Check prediction resistance request fails if entropy source -+ * failure. -+ */ -+ -+ t.entlen = 0; -+ -+ if (FIPS_drbg_generate(dctx, randout, td->katlen, 1, -+ td->adin, td->adinlen)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ENTROPY_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ dctx->iflags &= ~DRBG_FLAG_NOERR; -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ /* Instantiate again with valid data */ -+ -+ if (!do_drbg_instantiate(dctx, td, &t)) -+ goto err; -+ /* Test reseed counter works */ -+ /* Save initial reseed counter */ -+ reseed_counter_tmp = dctx->reseed_counter; -+ /* Set reseed counter to beyond interval */ -+ dctx->reseed_counter = dctx->reseed_interval; -+ -+ /* Generate output and check entropy has been requested for reseed */ -+ t.entcnt = 0; -+ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, -+ td->adin, td->adinlen)) -+ goto err; -+ if (t.entcnt != 1) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED); -+ goto err; -+ } -+ /* Check reseed counter has been reset */ -+ if (dctx->reseed_counter != reseed_counter_tmp + 1) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_RESEED_COUNTER_ERROR); -+ goto err; -+ } -+ -+ dctx->iflags &= ~DRBG_FLAG_NOERR; -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ /* Check prediction resistance request fails if entropy source -+ * failure. -+ */ -+ -+ t.entlen = 0; -+ -+ dctx->iflags |= DRBG_FLAG_NOERR; -+ if (FIPS_drbg_generate(dctx, randout, td->katlen, 1, -+ td->adin, td->adinlen)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ENTROPY_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ dctx->iflags &= ~DRBG_FLAG_NOERR; -+ -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ if (!do_drbg_instantiate(dctx, td, &t)) -+ goto err; -+ /* Test reseed counter works */ -+ /* Save initial reseed counter */ -+ reseed_counter_tmp = dctx->reseed_counter; -+ /* Set reseed counter to beyond interval */ -+ dctx->reseed_counter = dctx->reseed_interval; -+ -+ /* Generate output and check entropy has been requested for reseed */ -+ t.entcnt = 0; -+ if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, -+ td->adin, td->adinlen)) -+ goto err; -+ if (t.entcnt != 1) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED); -+ goto err; -+ } -+ /* Check reseed counter has been reset */ -+ if (dctx->reseed_counter != reseed_counter_tmp + 1) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_RESEED_COUNTER_ERROR); -+ goto err; -+ } -+ -+ dctx->iflags &= ~DRBG_FLAG_NOERR; -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ /* Explicit reseed tests */ -+ -+ /* Test explicit reseed with too large additional input */ -+ if (!do_drbg_init(dctx, td, &t)) -+ goto err; -+ -+ dctx->iflags |= DRBG_FLAG_NOERR; -+ -+ if (FIPS_drbg_reseed(dctx, td->adin, dctx->max_adin + 1) > 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ /* Test explicit reseed with entropy source failure */ -+ -+ t.entlen = 0; -+ -+ if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ENTROPY_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ /* Test explicit reseed with too much entropy */ -+ -+ if (!do_drbg_init(dctx, td, &t)) -+ goto err; -+ -+ dctx->iflags |= DRBG_FLAG_NOERR; -+ -+ t.entlen = dctx->max_entropy + 1; -+ -+ if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ENTROPY_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ /* Test explicit reseed with too little entropy */ -+ -+ if (!do_drbg_init(dctx, td, &t)) -+ goto err; -+ -+ dctx->iflags |= DRBG_FLAG_NOERR; -+ -+ t.entlen = dctx->min_entropy - 1; -+ -+ if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_ENTROPY_ERROR_UNDETECTED); -+ goto err; -+ } -+ -+ if (!FIPS_drbg_uninstantiate(dctx)) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR); -+ goto err; -+ } -+ -+ p = (unsigned char *)&dctx->d; -+ /* Standard says we have to check uninstantiate really zeroes -+ * the data... -+ */ -+ for (i = 0; i < sizeof(dctx->d); i++) { -+ if (*p != 0) { -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, -+ FIPS_R_UNINSTANTIATE_ZEROISE_ERROR); -+ goto err; -+ } -+ p++; -+ } -+ -+ return 1; -+ -+ err: -+ /* A real error as opposed to an induced one: underlying function will -+ * indicate the error. -+ */ -+ if (!(dctx->iflags & DRBG_FLAG_NOERR)) -+ FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_FUNCTION_ERROR); -+ FIPS_drbg_uninstantiate(dctx); -+ return 0; -+ -+} -+ -+int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags) -+{ -+ DRBG_SELFTEST_DATA *td; -+ flags |= DRBG_FLAG_TEST; -+ for (td = drbg_test; td->nid != 0; td++) { -+ if (td->nid == nid && td->flags == flags) { -+ if (!fips_drbg_single_kat(dctx, td, 0)) -+ return 0; -+ return fips_drbg_error_check(dctx, td); -+ } -+ } -+ return 0; -+} -+ -+int FIPS_drbg_health_check(DRBG_CTX *dctx) -+{ -+ int rv; -+ DRBG_CTX *tctx = NULL; -+ tctx = FIPS_drbg_new(0, 0); -+ fips_post_started(FIPS_TEST_DRBG, dctx->type, &dctx->xflags); -+ if (!tctx) -+ return 0; -+ rv = fips_drbg_kat(tctx, dctx->type, dctx->xflags); -+ if (tctx) -+ FIPS_drbg_free(tctx); -+ if (rv) -+ fips_post_success(FIPS_TEST_DRBG, dctx->type, &dctx->xflags); -+ else -+ fips_post_failed(FIPS_TEST_DRBG, dctx->type, &dctx->xflags); -+ if (!rv) -+ dctx->status = DRBG_STATUS_ERROR; -+ else -+ dctx->health_check_cnt = 0; -+ return rv; -+} -+ -+int FIPS_selftest_drbg(void) -+{ -+ DRBG_CTX *dctx; -+ DRBG_SELFTEST_DATA *td; -+ int rv = 1; -+ dctx = FIPS_drbg_new(0, 0); -+ if (!dctx) -+ return 0; -+ for (td = drbg_test; td->nid != 0; td++) { -+ if (td->post != 1) -+ continue; -+ if (!fips_post_started(FIPS_TEST_DRBG, td->nid, &td->flags)) -+ return 1; -+ if (!fips_drbg_single_kat(dctx, td, 1)) { -+ fips_post_failed(FIPS_TEST_DRBG, td->nid, &td->flags); -+ rv = 0; -+ continue; -+ } -+ if (!fips_post_success(FIPS_TEST_DRBG, td->nid, &td->flags)) -+ return 0; -+ } -+ FIPS_drbg_free(dctx); -+ return rv; -+} -+ -+int FIPS_selftest_drbg_all(void) -+{ -+ DRBG_CTX *dctx; -+ DRBG_SELFTEST_DATA *td; -+ int rv = 1; -+ dctx = FIPS_drbg_new(0, 0); -+ if (!dctx) -+ return 0; -+ for (td = drbg_test; td->nid != 0; td++) { -+ if (!fips_post_started(FIPS_TEST_DRBG, td->nid, &td->flags)) -+ return 1; -+ if (!fips_drbg_single_kat(dctx, td, 0)) { -+ fips_post_failed(FIPS_TEST_DRBG, td->nid, &td->flags); -+ rv = 0; -+ continue; -+ } -+ if (!fips_drbg_error_check(dctx, td)) { -+ fips_post_failed(FIPS_TEST_DRBG, td->nid, &td->flags); -+ rv = 0; -+ continue; -+ } -+ if (!fips_post_success(FIPS_TEST_DRBG, td->nid, &td->flags)) -+ return 0; -+ } -+ FIPS_drbg_free(dctx); -+ return rv; -+} -diff -up openssl-1.1.1j/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1j/crypto/fips/fips_drbg_selftest.h ---- openssl-1.1.1j/crypto/fips/fips_drbg_selftest.h.fips 2021-03-03 12:57:42.200734534 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_drbg_selftest.h 2021-03-03 12:57:42.200734534 +0100 -@@ -0,0 +1,1791 @@ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+/* Selftest and health check data for the SP800-90 DRBG */ -+ -+#define __fips_constseg -+ -+/* AES-128 use df PR */ -+__fips_constseg static const unsigned char aes_128_use_df_pr_entropyinput[] = { -+ 0x61, 0x52, 0x7c, 0xe3, 0x23, 0x7d, 0x0a, 0x07, 0x10, 0x0c, 0x50, 0x33, -+ 0xc8, 0xdb, 0xff, 0x12 -+}; -+ -+__fips_constseg static const unsigned char aes_128_use_df_pr_nonce[] = { -+ 0x51, 0x0d, 0x85, 0x77, 0xed, 0x22, 0x97, 0x28 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_use_df_pr_personalizationstring[] = { -+ 0x59, 0x9f, 0xbb, 0xcd, 0xd5, 0x25, 0x69, 0xb5, 0xcb, 0xb5, 0x03, 0xfe, -+ 0xd7, 0xd7, 0x01, 0x67 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_use_df_pr_additionalinput[] = { -+ 0xef, 0x88, 0x76, 0x01, 0xaf, 0x3c, 0xfe, 0x8b, 0xaf, 0x26, 0x06, 0x9e, -+ 0x9a, 0x47, 0x08, 0x76 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_use_df_pr_entropyinputpr[] = { -+ 0xe2, 0x76, 0xf9, 0xf6, 0x3a, 0xba, 0x10, 0x9f, 0xbf, 0x47, 0x0e, 0x51, -+ 0x09, 0xfb, 0xa3, 0xb6 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_use_df_pr_int_returnedbits[] = { -+ 0xd4, 0x98, 0x8a, 0x46, 0x80, 0x4c, 0xdb, 0xa3, 0x59, 0x02, 0x57, 0x52, -+ 0x66, 0x1c, 0xea, 0x5b -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_use_df_pr_additionalinput2[] = { -+ 0x88, 0x8c, 0x91, 0xd6, 0xbe, 0x56, 0x6e, 0x08, 0x9a, 0x62, 0x2b, 0x11, -+ 0x3f, 0x5e, 0x31, 0x06 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_use_df_pr_entropyinputpr2[] = { -+ 0xc0, 0x5c, 0x6b, 0x98, 0x01, 0x0d, 0x58, 0x18, 0x51, 0x18, 0x96, 0xae, -+ 0xa7, 0xe3, 0xa8, 0x67 -+}; -+ -+__fips_constseg static const unsigned char aes_128_use_df_pr_returnedbits[] = { -+ 0xcf, 0x01, 0xac, 0x22, 0x31, 0x06, 0x8e, 0xfc, 0xce, 0x56, 0xea, 0x24, -+ 0x0f, 0x38, 0x43, 0xc6 -+}; -+ -+/* AES-128 use df No PR */ -+__fips_constseg static const unsigned char aes_128_use_df_entropyinput[] = { -+ 0x1f, 0x8e, 0x34, 0x82, 0x0c, 0xb7, 0xbe, 0xc5, 0x01, 0x3e, 0xd0, 0xa3, -+ 0x9d, 0x7d, 0x1c, 0x9b -+}; -+ -+__fips_constseg static const unsigned char aes_128_use_df_nonce[] = { -+ 0xd5, 0x4d, 0xbd, 0x4a, 0x93, 0x7f, 0xb8, 0x96 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_use_df_personalizationstring[] = { -+ 0xab, 0xd6, 0x3f, 0x04, 0xfe, 0x27, 0x6b, 0x2d, 0xd7, 0xc3, 0x1c, 0xf3, -+ 0x38, 0x66, 0xba, 0x1b -+}; -+ -+__fips_constseg static const unsigned char aes_128_use_df_additionalinput[] = { -+ 0xfe, 0xf4, 0x09, 0xa8, 0xb7, 0x73, 0x27, 0x9c, 0x5f, 0xa7, 0xea, 0x46, -+ 0xb5, 0xe2, 0xb2, 0x41 -+}; -+ -+__fips_constseg static const unsigned char aes_128_use_df_int_returnedbits[] = { -+ 0x42, 0xe4, 0x4e, 0x7b, 0x27, 0xdd, 0xcb, 0xbc, 0x0a, 0xcf, 0xa6, 0x67, -+ 0xe7, 0x57, 0x11, 0xb4 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_use_df_entropyinputreseed[] = { -+ 0x14, 0x26, 0x69, 0xd9, 0xf3, 0x65, 0x03, 0xd6, 0x6b, 0xb9, 0x44, 0x0b, -+ 0xc7, 0xc4, 0x9e, 0x39 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_use_df_additionalinputreseed[] = { -+ 0x55, 0x2e, 0x60, 0x9a, 0x05, 0x72, 0x8a, 0xa8, 0xef, 0x22, 0x81, 0x5a, -+ 0xc8, 0x93, 0xfa, 0x84 -+}; -+ -+__fips_constseg static const unsigned char aes_128_use_df_additionalinput2[] = { -+ 0x3c, 0x40, 0xc8, 0xc4, 0x16, 0x0c, 0x21, 0xa4, 0x37, 0x2c, 0x8f, 0xa5, -+ 0x06, 0x0c, 0x15, 0x2c -+}; -+ -+__fips_constseg static const unsigned char aes_128_use_df_returnedbits[] = { -+ 0xe1, 0x3e, 0x99, 0x98, 0x86, 0x67, 0x0b, 0x63, 0x7b, 0xbe, 0x3f, 0x88, -+ 0x46, 0x81, 0xc7, 0x19 -+}; -+ -+/* AES-192 use df PR */ -+__fips_constseg static const unsigned char aes_192_use_df_pr_entropyinput[] = { -+ 0x2b, 0x4e, 0x8b, 0xe1, 0xf1, 0x34, 0x80, 0x56, 0x81, 0xf9, 0x74, 0xec, -+ 0x17, 0x44, 0x2a, 0xf1, 0x14, 0xb0, 0xbf, 0x97, 0x39, 0xb7, 0x04, 0x7d -+}; -+ -+__fips_constseg static const unsigned char aes_192_use_df_pr_nonce[] = { -+ 0xd6, 0x9d, 0xeb, 0x14, 0x4e, 0x6c, 0x30, 0x1e, 0x39, 0x55, 0x73, 0xd0, -+ 0xd1, 0x80, 0x78, 0xfa -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_use_df_pr_personalizationstring[] = { -+ 0xfc, 0x43, 0x4a, 0xf8, 0x9a, 0x55, 0xb3, 0x53, 0x83, 0xe2, 0x18, 0x16, -+ 0x0c, 0xdc, 0xcd, 0x5e, 0x4f, 0xa0, 0x03, 0x01, 0x2b, 0x9f, 0xe4, 0xd5, -+ 0x7d, 0x49, 0xf0, 0x41, 0x9e, 0x3d, 0x99, 0x04 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_use_df_pr_additionalinput[] = { -+ 0x5e, 0x9f, 0x49, 0x6f, 0x21, 0x8b, 0x1d, 0x32, 0xd5, 0x84, 0x5c, 0xac, -+ 0xaf, 0xdf, 0xe4, 0x79, 0x9e, 0xaf, 0xa9, 0x82, 0xd0, 0xf8, 0x4f, 0xcb, -+ 0x69, 0x10, 0x0a, 0x7e, 0x81, 0x57, 0xb5, 0x36 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_use_df_pr_entropyinputpr[] = { -+ 0xd4, 0x81, 0x0c, 0xd7, 0x66, 0x39, 0xec, 0x42, 0x53, 0x87, 0x41, 0xa5, -+ 0x1e, 0x7d, 0x80, 0x91, 0x8e, 0xbb, 0xed, 0xac, 0x14, 0x02, 0x1a, 0xd5 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_use_df_pr_int_returnedbits[] = { -+ 0xdf, 0x1d, 0x39, 0x45, 0x7c, 0x9b, 0xc6, 0x2b, 0x7d, 0x8c, 0x93, 0xe9, -+ 0x19, 0x30, 0x6b, 0x67 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_use_df_pr_additionalinput2[] = { -+ 0x00, 0x71, 0x27, 0x4e, 0xd3, 0x14, 0xf1, 0x20, 0x7f, 0x4a, 0x41, 0x32, -+ 0x2a, 0x97, 0x11, 0x43, 0x8f, 0x4a, 0x15, 0x7b, 0x9b, 0x51, 0x79, 0xda, -+ 0x49, 0x3d, 0xde, 0xe8, 0xbc, 0x93, 0x91, 0x99 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_use_df_pr_entropyinputpr2[] = { -+ 0x90, 0xee, 0x76, 0xa1, 0x45, 0x8d, 0xb7, 0x40, 0xb0, 0x11, 0xbf, 0xd0, -+ 0x65, 0xd7, 0x3c, 0x7c, 0x4f, 0x20, 0x3f, 0x4e, 0x11, 0x9d, 0xb3, 0x5e -+}; -+ -+__fips_constseg static const unsigned char aes_192_use_df_pr_returnedbits[] = { -+ 0x24, 0x3b, 0x20, 0xa4, 0x37, 0x66, 0xba, 0x72, 0x39, 0x3f, 0xcf, 0x3c, -+ 0x7e, 0x1a, 0x2b, 0x83 -+}; -+ -+/* AES-192 use df No PR */ -+__fips_constseg static const unsigned char aes_192_use_df_entropyinput[] = { -+ 0x8d, 0x74, 0xa4, 0x50, 0x1a, 0x02, 0x68, 0x0c, 0x2a, 0x69, 0xc4, 0x82, -+ 0x3b, 0xbb, 0xda, 0x0e, 0x7f, 0x77, 0xa3, 0x17, 0x78, 0x57, 0xb2, 0x7b -+}; -+ -+__fips_constseg static const unsigned char aes_192_use_df_nonce[] = { -+ 0x75, 0xd5, 0x1f, 0xac, 0xa4, 0x8d, 0x42, 0x78, 0xd7, 0x69, 0x86, 0x9d, -+ 0x77, 0xd7, 0x41, 0x0e -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_use_df_personalizationstring[] = { -+ 0x4e, 0x33, 0x41, 0x3c, 0x9c, 0xc2, 0xd2, 0x53, 0xaf, 0x90, 0xea, 0xcf, -+ 0x19, 0x50, 0x1e, 0xe6, 0x6f, 0x63, 0xc8, 0x32, 0x22, 0xdc, 0x07, 0x65, -+ 0x9c, 0xd3, 0xf8, 0x30, 0x9e, 0xed, 0x35, 0x70 -+}; -+ -+__fips_constseg static const unsigned char aes_192_use_df_additionalinput[] = { -+ 0x5d, 0x8b, 0x8c, 0xc1, 0xdf, 0x0e, 0x02, 0x78, 0xfb, 0x19, 0xb8, 0x69, -+ 0x78, 0x4e, 0x9c, 0x52, 0xbc, 0xc7, 0x20, 0xc9, 0xe6, 0x5e, 0x77, 0x22, -+ 0x28, 0x3d, 0x0c, 0x9e, 0x68, 0xa8, 0x45, 0xd7 -+}; -+ -+__fips_constseg static const unsigned char aes_192_use_df_int_returnedbits[] = { -+ 0xd5, 0xe7, 0x08, 0xc5, 0x19, 0x99, 0xd5, 0x31, 0x03, 0x0a, 0x74, 0xb6, -+ 0xb7, 0xed, 0xe9, 0xea -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_use_df_entropyinputreseed[] = { -+ 0x9c, 0x26, 0xda, 0xf1, 0xac, 0xd9, 0x5a, 0xd6, 0xa8, 0x65, 0xf5, 0x02, -+ 0x8f, 0xdc, 0xa2, 0x09, 0x54, 0xa6, 0xe2, 0xa4, 0xde, 0x32, 0xe0, 0x01 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_use_df_additionalinputreseed[] = { -+ 0x9b, 0x90, 0xb0, 0x3a, 0x0e, 0x3a, 0x80, 0x07, 0x4a, 0xf4, 0xda, 0x76, -+ 0x28, 0x30, 0x3c, 0xee, 0x54, 0x1b, 0x94, 0x59, 0x51, 0x43, 0x56, 0x77, -+ 0xaf, 0x88, 0xdd, 0x63, 0x89, 0x47, 0x06, 0x65 -+}; -+ -+__fips_constseg static const unsigned char aes_192_use_df_additionalinput2[] = { -+ 0x3c, 0x11, 0x64, 0x7a, 0x96, 0xf5, 0xd8, 0xb8, 0xae, 0xd6, 0x70, 0x4e, -+ 0x16, 0x96, 0xde, 0xe9, 0x62, 0xbc, 0xee, 0x28, 0x2f, 0x26, 0xa6, 0xf0, -+ 0x56, 0xef, 0xa3, 0xf1, 0x6b, 0xa1, 0xb1, 0x77 -+}; -+ -+__fips_constseg static const unsigned char aes_192_use_df_returnedbits[] = { -+ 0x0b, 0xe2, 0x56, 0x03, 0x1e, 0xdb, 0x2c, 0x6d, 0x7f, 0x1b, 0x15, 0x58, -+ 0x1a, 0xf9, 0x13, 0x28 -+}; -+ -+/* AES-256 use df PR */ -+__fips_constseg static const unsigned char aes_256_use_df_pr_entropyinput[] = { -+ 0x61, 0x68, 0xfc, 0x1a, 0xf0, 0xb5, 0x95, 0x6b, 0x85, 0x09, 0x9b, 0x74, -+ 0x3f, 0x13, 0x78, 0x49, 0x3b, 0x85, 0xec, 0x93, 0x13, 0x3b, 0xa9, 0x4f, -+ 0x96, 0xab, 0x2c, 0xe4, 0xc8, 0x8f, 0xdd, 0x6a -+}; -+ -+__fips_constseg static const unsigned char aes_256_use_df_pr_nonce[] = { -+ 0xad, 0xd2, 0xbb, 0xba, 0xb7, 0x65, 0x89, 0xc3, 0x21, 0x6c, 0x55, 0x33, -+ 0x2b, 0x36, 0xff, 0xa4 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_use_df_pr_personalizationstring[] = { -+ 0x6e, 0xca, 0xe7, 0x20, 0x72, 0xd3, 0x84, 0x5a, 0x32, 0xd3, 0x4b, 0x24, -+ 0x72, 0xc4, 0x63, 0x2b, 0x9d, 0x12, 0x24, 0x0c, 0x23, 0x26, 0x8e, 0x83, -+ 0x16, 0x37, 0x0b, 0xd1, 0x06, 0x4f, 0x68, 0x6d -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_use_df_pr_additionalinput[] = { -+ 0x7e, 0x08, 0x4a, 0xbb, 0xe3, 0x21, 0x7c, 0xc9, 0x23, 0xd2, 0xf8, 0xb0, -+ 0x73, 0x98, 0xba, 0x84, 0x74, 0x23, 0xab, 0x06, 0x8a, 0xe2, 0x22, 0xd3, -+ 0x7b, 0xce, 0x9b, 0xd2, 0x4a, 0x76, 0xb8, 0xde -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_use_df_pr_entropyinputpr[] = { -+ 0x0b, 0x23, 0xaf, 0xdf, 0xf1, 0x62, 0xd7, 0xd3, 0x43, 0x97, 0xf8, 0x77, -+ 0x04, 0xa8, 0x42, 0x20, 0xbd, 0xf6, 0x0f, 0xc1, 0x17, 0x2f, 0x9f, 0x54, -+ 0xbb, 0x56, 0x17, 0x86, 0x68, 0x0e, 0xba, 0xa9 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_use_df_pr_int_returnedbits[] = { -+ 0x31, 0x8e, 0xad, 0xaf, 0x40, 0xeb, 0x6b, 0x74, 0x31, 0x46, 0x80, 0xc7, -+ 0x17, 0xab, 0x3c, 0x7a -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_use_df_pr_additionalinput2[] = { -+ 0x94, 0x6b, 0xc9, 0x9f, 0xab, 0x8d, 0xc5, 0xec, 0x71, 0x88, 0x1d, 0x00, -+ 0x8c, 0x89, 0x68, 0xe4, 0xc8, 0x07, 0x77, 0x36, 0x17, 0x6d, 0x79, 0x78, -+ 0xc7, 0x06, 0x4e, 0x99, 0x04, 0x28, 0x29, 0xc3 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_use_df_pr_entropyinputpr2[] = { -+ 0xbf, 0x6c, 0x59, 0x2a, 0x0d, 0x44, 0x0f, 0xae, 0x9a, 0x5e, 0x03, 0x73, -+ 0xd8, 0xa6, 0xe1, 0xcf, 0x25, 0x61, 0x38, 0x24, 0x86, 0x9e, 0x53, 0xe8, -+ 0xa4, 0xdf, 0x56, 0xf4, 0x06, 0x07, 0x9c, 0x0f -+}; -+ -+__fips_constseg static const unsigned char aes_256_use_df_pr_returnedbits[] = { -+ 0x22, 0x4a, 0xb4, 0xb8, 0xb6, 0xee, 0x7d, 0xb1, 0x9e, 0xc9, 0xf9, 0xa0, -+ 0xd9, 0xe2, 0x97, 0x00 -+}; -+ -+/* AES-256 use df No PR */ -+__fips_constseg static const unsigned char aes_256_use_df_entropyinput[] = { -+ 0xa5, 0x3e, 0x37, 0x10, 0x17, 0x43, 0x91, 0x93, 0x59, 0x1e, 0x47, 0x50, -+ 0x87, 0xaa, 0xdd, 0xd5, 0xc1, 0xc3, 0x86, 0xcd, 0xca, 0x0d, 0xdb, 0x68, -+ 0xe0, 0x02, 0xd8, 0x0f, 0xdc, 0x40, 0x1a, 0x47 -+}; -+ -+__fips_constseg static const unsigned char aes_256_use_df_nonce[] = { -+ 0xa9, 0x4d, 0xa5, 0x5a, 0xfd, 0xc5, 0x0c, 0xe5, 0x1c, 0x9a, 0x3b, 0x8a, -+ 0x4c, 0x44, 0x84, 0x40 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_use_df_personalizationstring[] = { -+ 0x8b, 0x52, 0xa2, 0x4a, 0x93, 0xc3, 0x4e, 0xa7, 0x1e, 0x1c, 0xa7, 0x05, -+ 0xeb, 0x82, 0x9b, 0xa6, 0x5d, 0xe4, 0xd4, 0xe0, 0x7f, 0xa3, 0xd8, 0x6b, -+ 0x37, 0x84, 0x5f, 0xf1, 0xc7, 0xd5, 0xf6, 0xd2 -+}; -+ -+__fips_constseg static const unsigned char aes_256_use_df_additionalinput[] = { -+ 0x20, 0xf4, 0x22, 0xed, 0xf8, 0x5c, 0xa1, 0x6a, 0x01, 0xcf, 0xbe, 0x5f, -+ 0x8d, 0x6c, 0x94, 0x7f, 0xae, 0x12, 0xa8, 0x57, 0xdb, 0x2a, 0xa9, 0xbf, -+ 0xc7, 0xb3, 0x65, 0x81, 0x80, 0x8d, 0x0d, 0x46 -+}; -+ -+__fips_constseg static const unsigned char aes_256_use_df_int_returnedbits[] = { -+ 0x4e, 0x44, 0xfd, 0xf3, 0x9e, 0x29, 0xa2, 0xb8, 0x0f, 0x5d, 0x6c, 0xe1, -+ 0x28, 0x0c, 0x3b, 0xc1 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_use_df_entropyinputreseed[] = { -+ 0xdd, 0x40, 0xe5, 0x98, 0x7b, 0x27, 0x16, 0x73, 0x15, 0x68, 0xd2, 0x76, -+ 0xbf, 0x0c, 0x67, 0x15, 0x75, 0x79, 0x03, 0xd3, 0xde, 0xde, 0x91, 0x46, -+ 0x42, 0xdd, 0xd4, 0x67, 0xc8, 0x79, 0xc8, 0x1e -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_use_df_additionalinputreseed[] = { -+ 0x7f, 0xd8, 0x1f, 0xbd, 0x2a, 0xb5, 0x1c, 0x11, 0x5d, 0x83, 0x4e, 0x99, -+ 0xf6, 0x5c, 0xa5, 0x40, 0x20, 0xed, 0x38, 0x8e, 0xd5, 0x9e, 0xe0, 0x75, -+ 0x93, 0xfe, 0x12, 0x5e, 0x5d, 0x73, 0xfb, 0x75 -+}; -+ -+__fips_constseg static const unsigned char aes_256_use_df_additionalinput2[] = { -+ 0xcd, 0x2c, 0xff, 0x14, 0x69, 0x3e, 0x4c, 0x9e, 0xfd, 0xfe, 0x26, 0x0d, -+ 0xe9, 0x86, 0x00, 0x49, 0x30, 0xba, 0xb1, 0xc6, 0x50, 0x57, 0x77, 0x2a, -+ 0x62, 0x39, 0x2c, 0x3b, 0x74, 0xeb, 0xc9, 0x0d -+}; -+ -+__fips_constseg static const unsigned char aes_256_use_df_returnedbits[] = { -+ 0x4f, 0x78, 0xbe, 0xb9, 0x4d, 0x97, 0x8c, 0xe9, 0xd0, 0x97, 0xfe, 0xad, -+ 0xfa, 0xfd, 0x35, 0x5e -+}; -+ -+/* AES-128 no df PR */ -+__fips_constseg static const unsigned char aes_128_no_df_pr_entropyinput[] = { -+ 0x9a, 0x25, 0x65, 0x10, 0x67, 0xd5, 0xb6, 0x6b, 0x70, 0xa1, 0xb3, 0xa4, -+ 0x43, 0x95, 0x80, 0xc0, 0x84, 0x0a, 0x79, 0xb0, 0x88, 0x74, 0xf2, 0xbf, -+ 0x31, 0x6c, 0x33, 0x38, 0x0b, 0x00, 0xb2, 0x5a -+}; -+ -+__fips_constseg static const unsigned char aes_128_no_df_pr_nonce[] = { -+ 0x78, 0x47, 0x6b, 0xf7, 0x90, 0x8e, 0x87, 0xf1 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_no_df_pr_personalizationstring[] = { -+ 0xf7, 0x22, 0x1d, 0x3a, 0xbe, 0x1d, 0xca, 0x32, 0x1b, 0xbd, 0x87, 0x0c, -+ 0x51, 0x24, 0x19, 0xee, 0xa3, 0x23, 0x09, 0x63, 0x33, 0x3d, 0xa8, 0x0c, -+ 0x1c, 0xfa, 0x42, 0x89, 0xcc, 0x6f, 0xa0, 0xa8 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_no_df_pr_additionalinput[] = { -+ 0xc9, 0xe0, 0x80, 0xbf, 0x8c, 0x45, 0x58, 0x39, 0xff, 0x00, 0xab, 0x02, -+ 0x4c, 0x3e, 0x3a, 0x95, 0x9b, 0x80, 0xa8, 0x21, 0x2a, 0xee, 0xba, 0x73, -+ 0xb1, 0xd9, 0xcf, 0x28, 0xf6, 0x8f, 0x9b, 0x12 -+}; -+ -+__fips_constseg static const unsigned char aes_128_no_df_pr_entropyinputpr[] = { -+ 0x4c, 0xa8, 0xc5, 0xf0, 0x59, 0x9e, 0xa6, 0x8d, 0x26, 0x53, 0xd7, 0x8a, -+ 0xa9, 0xd8, 0xf7, 0xed, 0xb2, 0xf9, 0x12, 0x42, 0xe1, 0xe5, 0xbd, 0xe7, -+ 0xe7, 0x1d, 0x74, 0x99, 0x00, 0x9d, 0x31, 0x3e -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_no_df_pr_int_returnedbits[] = { -+ 0xe2, 0xac, 0x20, 0xf0, 0x80, 0xe7, 0xbc, 0x7e, 0x9c, 0x7b, 0x65, 0x71, -+ 0xaf, 0x19, 0x32, 0x16 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_no_df_pr_additionalinput2[] = { -+ 0x32, 0x7f, 0x38, 0x8b, 0x73, 0x0a, 0x78, 0x83, 0xdc, 0x30, 0xbe, 0x9f, -+ 0x10, 0x1f, 0xf5, 0x1f, 0xca, 0x00, 0xb5, 0x0d, 0xd6, 0x9d, 0x60, 0x83, -+ 0x51, 0x54, 0x7d, 0x38, 0x23, 0x3a, 0x52, 0x50 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_no_df_pr_entropyinputpr2[] = { -+ 0x18, 0x61, 0x53, 0x56, 0xed, 0xed, 0xd7, 0x20, 0xfb, 0x71, 0x04, 0x7a, -+ 0xb2, 0xac, 0xc1, 0x28, 0xcd, 0xf2, 0xc2, 0xfc, 0xaa, 0xb1, 0x06, 0x07, -+ 0xe9, 0x46, 0x95, 0x02, 0x48, 0x01, 0x78, 0xf9 -+}; -+ -+__fips_constseg static const unsigned char aes_128_no_df_pr_returnedbits[] = { -+ 0x29, 0xc8, 0x1b, 0x15, 0xb1, 0xd1, 0xc2, 0xf6, 0x71, 0x86, 0x68, 0x33, -+ 0x57, 0x82, 0x33, 0xaf -+}; -+ -+/* AES-128 no df No PR */ -+__fips_constseg static const unsigned char aes_128_no_df_entropyinput[] = { -+ 0xc9, 0xc5, 0x79, 0xbc, 0xe8, 0xc5, 0x19, 0xd8, 0xbc, 0x66, 0x73, 0x67, -+ 0xf6, 0xd3, 0x72, 0xaa, 0xa6, 0x16, 0xb8, 0x50, 0xb7, 0x47, 0x3a, 0x42, -+ 0xab, 0xf4, 0x16, 0xb2, 0x96, 0xd2, 0xb6, 0x60 -+}; -+ -+__fips_constseg static const unsigned char aes_128_no_df_nonce[] = { -+ 0x5f, 0xbf, 0x97, 0x0c, 0x4b, 0xa4, 0x87, 0x13 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_no_df_personalizationstring[] = { -+ 0xce, 0xfb, 0x7b, 0x3f, 0xd4, 0x6b, 0x29, 0x0d, 0x69, 0x06, 0xff, 0xbb, -+ 0xf2, 0xe5, 0xc6, 0x6c, 0x0a, 0x10, 0xa0, 0xcf, 0x1a, 0x48, 0xc7, 0x8b, -+ 0x3c, 0x16, 0x88, 0xed, 0x50, 0x13, 0x81, 0xce -+}; -+ -+__fips_constseg static const unsigned char aes_128_no_df_additionalinput[] = { -+ 0x4b, 0x22, 0x46, 0x18, 0x02, 0x7b, 0xd2, 0x1b, 0x22, 0x42, 0x7c, 0x37, -+ 0xd9, 0xf6, 0xe8, 0x9b, 0x12, 0x30, 0x5f, 0xe9, 0x90, 0xe8, 0x08, 0x24, -+ 0x4f, 0x06, 0x66, 0xdb, 0x19, 0x2b, 0x13, 0x95 -+}; -+ -+__fips_constseg static const unsigned char aes_128_no_df_int_returnedbits[] = { -+ 0x2e, 0x96, 0x70, 0x64, 0xfa, 0xdf, 0xdf, 0x57, 0xb5, 0x82, 0xee, 0xd6, -+ 0xed, 0x3e, 0x65, 0xc2 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_no_df_entropyinputreseed[] = { -+ 0x26, 0xc0, 0x72, 0x16, 0x3a, 0x4b, 0xb7, 0x99, 0xd4, 0x07, 0xaf, 0x66, -+ 0x62, 0x36, 0x96, 0xa4, 0x51, 0x17, 0xfa, 0x07, 0x8b, 0x17, 0x5e, 0xa1, -+ 0x2f, 0x3c, 0x10, 0xe7, 0x90, 0xd0, 0x46, 0x00 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_128_no_df_additionalinputreseed[] = { -+ 0x83, 0x39, 0x37, 0x7b, 0x02, 0x06, 0xd2, 0x12, 0x13, 0x8d, 0x8b, 0xf2, -+ 0xf0, 0xf6, 0x26, 0xeb, 0xa4, 0x22, 0x7b, 0xc2, 0xe7, 0xba, 0x79, 0xe4, -+ 0x3b, 0x77, 0x5d, 0x4d, 0x47, 0xb2, 0x2d, 0xb4 -+}; -+ -+__fips_constseg static const unsigned char aes_128_no_df_additionalinput2[] = { -+ 0x0b, 0xb9, 0x67, 0x37, 0xdb, 0x83, 0xdf, 0xca, 0x81, 0x8b, 0xf9, 0x3f, -+ 0xf1, 0x11, 0x1b, 0x2f, 0xf0, 0x61, 0xa6, 0xdf, 0xba, 0xa3, 0xb1, 0xac, -+ 0xd3, 0xe6, 0x09, 0xb8, 0x2c, 0x6a, 0x67, 0xd6 -+}; -+ -+__fips_constseg static const unsigned char aes_128_no_df_returnedbits[] = { -+ 0x1e, 0xa7, 0xa4, 0xe4, 0xe1, 0xa6, 0x7c, 0x69, 0x9a, 0x44, 0x6c, 0x36, -+ 0x81, 0x37, 0x19, 0xd4 -+}; -+ -+/* AES-192 no df PR */ -+__fips_constseg static const unsigned char aes_192_no_df_pr_entropyinput[] = { -+ 0x9d, 0x2c, 0xd2, 0x55, 0x66, 0xea, 0xe0, 0xbe, 0x18, 0xb7, 0x76, 0xe7, -+ 0x73, 0x35, 0xd8, 0x1f, 0xad, 0x3a, 0xe3, 0x81, 0x0e, 0x92, 0xd0, 0x61, -+ 0xc9, 0x12, 0x26, 0xf6, 0x1c, 0xdf, 0xfe, 0x47, 0xaa, 0xfe, 0x7d, 0x5a, -+ 0x17, 0x1f, 0x8d, 0x9a -+}; -+ -+__fips_constseg static const unsigned char aes_192_no_df_pr_nonce[] = { -+ 0x44, 0x82, 0xed, 0xe8, 0x4c, 0x28, 0x5a, 0x14, 0xff, 0x88, 0x8d, 0x19, -+ 0x61, 0x5c, 0xee, 0x0f -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_no_df_pr_personalizationstring[] = { -+ 0x47, 0xd7, 0x9b, 0x99, 0xaa, 0xcb, 0xe7, 0xd2, 0x57, 0x66, 0x2c, 0xe1, -+ 0x78, 0xd6, 0x2c, 0xea, 0xa3, 0x23, 0x5f, 0x2a, 0xc1, 0x3a, 0xf0, 0xa4, -+ 0x20, 0x3b, 0xfa, 0x07, 0xd5, 0x05, 0x02, 0xe4, 0x57, 0x01, 0xb6, 0x10, -+ 0x57, 0x2e, 0xe7, 0x55 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_no_df_pr_additionalinput[] = { -+ 0x4b, 0x74, 0x0b, 0x40, 0xce, 0x6b, 0xc2, 0x6a, 0x24, 0xb4, 0xf3, 0xad, -+ 0x7a, 0xa5, 0x7a, 0xa2, 0x15, 0xe2, 0xc8, 0x61, 0x15, 0xc6, 0xb7, 0x85, -+ 0x69, 0x11, 0xad, 0x7b, 0x14, 0xd2, 0xf6, 0x12, 0xa1, 0x95, 0x5d, 0x3f, -+ 0xe2, 0xd0, 0x0c, 0x2f -+}; -+ -+__fips_constseg static const unsigned char aes_192_no_df_pr_entropyinputpr[] = { -+ 0x0c, 0x9c, 0xad, 0x05, 0xee, 0xae, 0x48, 0x23, 0x89, 0x59, 0xa1, 0x94, -+ 0xd7, 0xd8, 0x75, 0xd5, 0x54, 0x93, 0xc7, 0x4a, 0xd9, 0x26, 0xde, 0xeb, -+ 0xba, 0xb0, 0x7e, 0x30, 0x1d, 0x5f, 0x69, 0x40, 0x9c, 0x3b, 0x17, 0x58, -+ 0x1d, 0x30, 0xb3, 0x78 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_no_df_pr_int_returnedbits[] = { -+ 0xf7, 0x93, 0xb0, 0x6d, 0x77, 0x83, 0xd5, 0x38, 0x01, 0xe1, 0x52, 0x40, -+ 0x7e, 0x3e, 0x0c, 0x26 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_no_df_pr_additionalinput2[] = { -+ 0xbc, 0x4b, 0x37, 0x44, 0x1c, 0xc5, 0x45, 0x5f, 0x8f, 0x51, 0x62, 0x8a, -+ 0x85, 0x30, 0x1d, 0x7c, 0xe4, 0xcf, 0xf7, 0x44, 0xce, 0x32, 0x3e, 0x57, -+ 0x95, 0xa4, 0x2a, 0xdf, 0xfd, 0x9e, 0x38, 0x41, 0xb3, 0xf6, 0xc5, 0xee, -+ 0x0c, 0x4b, 0xee, 0x6e -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_no_df_pr_entropyinputpr2[] = { -+ 0xec, 0xaf, 0xf6, 0x4f, 0xb1, 0xa0, 0x54, 0xb5, 0x5b, 0xe3, 0x46, 0xb0, -+ 0x76, 0x5a, 0x7c, 0x3f, 0x7b, 0x94, 0x69, 0x21, 0x51, 0x02, 0xe5, 0x9f, -+ 0x04, 0x59, 0x02, 0x98, 0xc6, 0x43, 0x2c, 0xcc, 0x26, 0x4c, 0x87, 0x6b, -+ 0x8e, 0x0a, 0x83, 0xdf -+}; -+ -+__fips_constseg static const unsigned char aes_192_no_df_pr_returnedbits[] = { -+ 0x74, 0x45, 0xfb, 0x53, 0x84, 0x96, 0xbe, 0xff, 0x15, 0xcc, 0x41, 0x91, -+ 0xb9, 0xa1, 0x21, 0x68 -+}; -+ -+/* AES-192 no df No PR */ -+__fips_constseg static const unsigned char aes_192_no_df_entropyinput[] = { -+ 0x3c, 0x7d, 0xb5, 0xe0, 0x54, 0xd9, 0x6e, 0x8c, 0xa9, 0x86, 0xce, 0x4e, -+ 0x6b, 0xaf, 0xeb, 0x2f, 0xe7, 0x75, 0xe0, 0x8b, 0xa4, 0x3b, 0x07, 0xfe, -+ 0xbe, 0x33, 0x75, 0x93, 0x80, 0x27, 0xb5, 0x29, 0x47, 0x8b, 0xc7, 0x28, -+ 0x94, 0xc3, 0x59, 0x63 -+}; -+ -+__fips_constseg static const unsigned char aes_192_no_df_nonce[] = { -+ 0x43, 0xf1, 0x7d, 0xb8, 0xc3, 0xfe, 0xd0, 0x23, 0x6b, 0xb4, 0x92, 0xdb, -+ 0x29, 0xfd, 0x45, 0x71 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_no_df_personalizationstring[] = { -+ 0x9f, 0x24, 0x29, 0x99, 0x9e, 0x01, 0xab, 0xe9, 0x19, 0xd8, 0x23, 0x08, -+ 0xb7, 0xd6, 0x7e, 0x8c, 0xc0, 0x9e, 0x7f, 0x6e, 0x5b, 0x33, 0x20, 0x96, -+ 0x0b, 0x23, 0x2c, 0xa5, 0x6a, 0xf8, 0x1b, 0x04, 0x26, 0xdb, 0x2e, 0x2b, -+ 0x3b, 0x88, 0xce, 0x35 -+}; -+ -+__fips_constseg static const unsigned char aes_192_no_df_additionalinput[] = { -+ 0x94, 0xe9, 0x7c, 0x3d, 0xa7, 0xdb, 0x60, 0x83, 0x1f, 0x98, 0x3f, 0x0b, -+ 0x88, 0x59, 0x57, 0x51, 0x88, 0x9f, 0x76, 0x49, 0x9f, 0xa6, 0xda, 0x71, -+ 0x1d, 0x0d, 0x47, 0x16, 0x63, 0xc5, 0x68, 0xe4, 0x5d, 0x39, 0x69, 0xb3, -+ 0x3e, 0xbe, 0xd4, 0x8e -+}; -+ -+__fips_constseg static const unsigned char aes_192_no_df_int_returnedbits[] = { -+ 0xf9, 0xd7, 0xad, 0x69, 0xab, 0x8f, 0x23, 0x56, 0x70, 0x17, 0x4f, 0x2a, -+ 0x45, 0xe7, 0x4a, 0xc5 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_no_df_entropyinputreseed[] = { -+ 0xa6, 0x71, 0x6a, 0x3d, 0xba, 0xd1, 0xe8, 0x66, 0xa6, 0xef, 0xb2, 0x0e, -+ 0xa8, 0x9c, 0xaa, 0x4e, 0xaf, 0x17, 0x89, 0x50, 0x00, 0xda, 0xa1, 0xb1, -+ 0x0b, 0xa4, 0xd9, 0x35, 0x89, 0xc8, 0xe5, 0xb0, 0xd9, 0xb7, 0xc4, 0x33, -+ 0x9b, 0xcb, 0x7e, 0x75 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_192_no_df_additionalinputreseed[] = { -+ 0x27, 0x21, 0xfc, 0xc2, 0xbd, 0xf3, 0x3c, 0xce, 0xc3, 0xca, 0xc1, 0x01, -+ 0xe0, 0xff, 0x93, 0x12, 0x7d, 0x54, 0x42, 0xe3, 0x9f, 0x03, 0xdf, 0x27, -+ 0x04, 0x07, 0x3c, 0x53, 0x7f, 0xa8, 0x66, 0xc8, 0x97, 0x4b, 0x61, 0x40, -+ 0x5d, 0x7a, 0x25, 0x79 -+}; -+ -+__fips_constseg static const unsigned char aes_192_no_df_additionalinput2[] = { -+ 0x2d, 0x8e, 0x16, 0x5d, 0x0b, 0x9f, 0xeb, 0xaa, 0xd6, 0xec, 0x28, 0x71, -+ 0x7c, 0x0b, 0xc1, 0x1d, 0xd4, 0x44, 0x19, 0x47, 0xfd, 0x1d, 0x7c, 0xe5, -+ 0xf3, 0x27, 0xe1, 0xb6, 0x72, 0x0a, 0xe0, 0xec, 0x0e, 0xcd, 0xef, 0x1a, -+ 0x91, 0x6a, 0xe3, 0x5f -+}; -+ -+__fips_constseg static const unsigned char aes_192_no_df_returnedbits[] = { -+ 0xe5, 0xda, 0xb8, 0xe0, 0x63, 0x59, 0x5a, 0xcc, 0x3d, 0xdc, 0x9f, 0xe8, -+ 0x66, 0x67, 0x2c, 0x92 -+}; -+ -+/* AES-256 no df PR */ -+__fips_constseg static const unsigned char aes_256_no_df_pr_entropyinput[] = { -+ 0x15, 0xc7, 0x5d, 0xcb, 0x41, 0x4b, 0x16, 0x01, 0x3a, 0xd1, 0x44, 0xe8, -+ 0x22, 0x32, 0xc6, 0x9c, 0x3f, 0xe7, 0x43, 0xf5, 0x9a, 0xd3, 0xea, 0xf2, -+ 0xd7, 0x4e, 0x6e, 0x6a, 0x55, 0x73, 0x40, 0xef, 0x89, 0xad, 0x0d, 0x03, -+ 0x96, 0x7e, 0x78, 0x81, 0x2f, 0x91, 0x1b, 0x44, 0xb0, 0x02, 0xba, 0x1c -+}; -+ -+__fips_constseg static const unsigned char aes_256_no_df_pr_nonce[] = { -+ 0xdc, 0xe4, 0xd4, 0x27, 0x7a, 0x90, 0xd7, 0x99, 0x43, 0xa1, 0x3c, 0x30, -+ 0xcc, 0x4b, 0xee, 0x2e -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_no_df_pr_personalizationstring[] = { -+ 0xe3, 0xe6, 0xb9, 0x11, 0xe4, 0x7a, 0xa4, 0x40, 0x6b, 0xf8, 0x73, 0xf7, -+ 0x7e, 0xec, 0xc7, 0xb9, 0x97, 0xbf, 0xf8, 0x25, 0x7b, 0xbe, 0x11, 0x9b, -+ 0x5b, 0x6a, 0x0c, 0x2e, 0x2b, 0x01, 0x51, 0xcd, 0x41, 0x4b, 0x6b, 0xac, -+ 0x31, 0xa8, 0x0b, 0xf7, 0xe6, 0x59, 0x42, 0xb8, 0x03, 0x0c, 0xf8, 0x06 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_no_df_pr_additionalinput[] = { -+ 0x6a, 0x9f, 0x00, 0x91, 0xae, 0xfe, 0xcf, 0x84, 0x99, 0xce, 0xb1, 0x40, -+ 0x6d, 0x5d, 0x33, 0x28, 0x84, 0xf4, 0x8c, 0x63, 0x4c, 0x7e, 0xbd, 0x2c, -+ 0x80, 0x76, 0xee, 0x5a, 0xaa, 0x15, 0x07, 0x31, 0xd8, 0xbb, 0x8c, 0x69, -+ 0x9d, 0x9d, 0xbc, 0x7e, 0x49, 0xae, 0xec, 0x39, 0x6b, 0xd1, 0x1f, 0x7e -+}; -+ -+__fips_constseg static const unsigned char aes_256_no_df_pr_entropyinputpr[] = { -+ 0xf3, 0xb9, 0x75, 0x9c, 0xbd, 0x88, 0xea, 0xa2, 0x50, 0xad, 0xd6, 0x16, -+ 0x1a, 0x12, 0x3c, 0x86, 0x68, 0xaf, 0x6f, 0xbe, 0x19, 0xf2, 0xee, 0xcc, -+ 0xa5, 0x70, 0x84, 0x53, 0x50, 0xcb, 0x9f, 0x14, 0xa9, 0xe5, 0xee, 0xb9, -+ 0x48, 0x45, 0x40, 0xe2, 0xc7, 0xc9, 0x9a, 0x74, 0xff, 0x8c, 0x99, 0x1f -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_no_df_pr_int_returnedbits[] = { -+ 0x2e, 0xf2, 0x45, 0x4c, 0x62, 0x2e, 0x0a, 0xb9, 0x6b, 0xa2, 0xfd, 0x56, -+ 0x79, 0x60, 0x93, 0xcf -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_no_df_pr_additionalinput2[] = { -+ 0xaf, 0x69, 0x20, 0xe9, 0x3b, 0x37, 0x9d, 0x3f, 0xb4, 0x80, 0x02, 0x7a, -+ 0x25, 0x7d, 0xb8, 0xde, 0x71, 0xc5, 0x06, 0x0c, 0xb4, 0xe2, 0x8f, 0x35, -+ 0xd8, 0x14, 0x0d, 0x7f, 0x76, 0x63, 0x4e, 0xb5, 0xee, 0xe9, 0x6f, 0x34, -+ 0xc7, 0x5f, 0x56, 0x14, 0x4a, 0xe8, 0x73, 0x95, 0x5b, 0x1c, 0xb9, 0xcb -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_no_df_pr_entropyinputpr2[] = { -+ 0xe5, 0xb0, 0x2e, 0x7e, 0x52, 0x30, 0xe3, 0x63, 0x82, 0xb6, 0x44, 0xd3, -+ 0x25, 0x19, 0x05, 0x24, 0x9a, 0x9f, 0x5f, 0x27, 0x6a, 0x29, 0xab, 0xfa, -+ 0x07, 0xa2, 0x42, 0x0f, 0xc5, 0xa8, 0x94, 0x7c, 0x17, 0x7b, 0x85, 0x83, -+ 0x0c, 0x25, 0x0e, 0x63, 0x0b, 0xe9, 0x12, 0x60, 0xcd, 0xef, 0x80, 0x0f -+}; -+ -+__fips_constseg static const unsigned char aes_256_no_df_pr_returnedbits[] = { -+ 0x5e, 0xf2, 0x26, 0xef, 0x9f, 0x58, 0x5d, 0xd5, 0x4a, 0x10, 0xfe, 0xa7, -+ 0x2d, 0x5f, 0x4a, 0x46 -+}; -+ -+/* AES-256 no df No PR */ -+__fips_constseg static const unsigned char aes_256_no_df_entropyinput[] = { -+ 0xfb, 0xcf, 0x1b, 0x61, 0x16, 0x89, 0x78, 0x23, 0xf5, 0xd8, 0x96, 0xe3, -+ 0x4e, 0x64, 0x0b, 0x29, 0x9a, 0x3f, 0xf8, 0xa5, 0xed, 0xf2, 0xfe, 0xdb, -+ 0x16, 0xca, 0x7f, 0x10, 0xfa, 0x5e, 0x18, 0x76, 0x2c, 0x63, 0x5e, 0x96, -+ 0xcf, 0xb3, 0xd6, 0xfc, 0xaf, 0x99, 0x39, 0x28, 0x9c, 0x61, 0xe8, 0xb3 -+}; -+ -+__fips_constseg static const unsigned char aes_256_no_df_nonce[] = { -+ 0x12, 0x96, 0xf0, 0x52, 0xf3, 0x8d, 0x81, 0xcf, 0xde, 0x86, 0xf2, 0x99, -+ 0x43, 0x96, 0xb9, 0xf0 -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_no_df_personalizationstring[] = { -+ 0x63, 0x0d, 0x78, 0xf5, 0x90, 0x8e, 0x32, 0x47, 0xb0, 0x4d, 0x37, 0x60, -+ 0x09, 0x96, 0xbc, 0xbf, 0x97, 0x7a, 0x62, 0x14, 0x45, 0xbd, 0x8d, 0xcc, -+ 0x69, 0xfb, 0x03, 0xe1, 0x80, 0x1c, 0xc7, 0xe2, 0x2a, 0xf9, 0x37, 0x3f, -+ 0x66, 0x4d, 0x62, 0xd9, 0x10, 0xe0, 0xad, 0xc8, 0x9a, 0xf0, 0xa8, 0x6d -+}; -+ -+__fips_constseg static const unsigned char aes_256_no_df_additionalinput[] = { -+ 0x36, 0xc6, 0x13, 0x60, 0xbb, 0x14, 0xad, 0x22, 0xb0, 0x38, 0xac, 0xa6, -+ 0x18, 0x16, 0x93, 0x25, 0x86, 0xb7, 0xdc, 0xdc, 0x36, 0x98, 0x2b, 0xf9, -+ 0x68, 0x33, 0xd3, 0xc6, 0xff, 0xce, 0x8d, 0x15, 0x59, 0x82, 0x76, 0xed, -+ 0x6f, 0x8d, 0x49, 0x74, 0x2f, 0xda, 0xdc, 0x1f, 0x17, 0xd0, 0xde, 0x17 -+}; -+ -+__fips_constseg static const unsigned char aes_256_no_df_int_returnedbits[] = { -+ 0x16, 0x2f, 0x8e, 0x3f, 0x21, 0x7a, 0x1c, 0x20, 0x56, 0xd1, 0x92, 0xf6, -+ 0xd2, 0x25, 0x75, 0x0e -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_no_df_entropyinputreseed[] = { -+ 0x91, 0x79, 0x76, 0xee, 0xe0, 0xcf, 0x9e, 0xc2, 0xd5, 0xd4, 0x23, 0x9b, -+ 0x12, 0x8c, 0x7e, 0x0a, 0xb7, 0xd2, 0x8b, 0xd6, 0x7c, 0xa3, 0xc6, 0xe5, -+ 0x0e, 0xaa, 0xc7, 0x6b, 0xae, 0x0d, 0xfa, 0x53, 0x06, 0x79, 0xa1, 0xed, -+ 0x4d, 0x6a, 0x0e, 0xd8, 0x9d, 0xbe, 0x1b, 0x31, 0x93, 0x7b, 0xec, 0xfb -+}; -+ -+__fips_constseg -+ static const unsigned char aes_256_no_df_additionalinputreseed[] = { -+ 0xd2, 0x46, 0x50, 0x22, 0x10, 0x14, 0x63, 0xf7, 0xea, 0x0f, 0xb9, 0x7e, -+ 0x0d, 0xe1, 0x94, 0x07, 0xaf, 0x09, 0x44, 0x31, 0xea, 0x64, 0xa4, 0x18, -+ 0x5b, 0xf9, 0xd8, 0xc2, 0xfa, 0x03, 0x47, 0xc5, 0x39, 0x43, 0xd5, 0x3b, -+ 0x62, 0x86, 0x64, 0xea, 0x2c, 0x73, 0x8c, 0xae, 0x9d, 0x98, 0x98, 0x29 -+}; -+ -+__fips_constseg static const unsigned char aes_256_no_df_additionalinput2[] = { -+ 0x8c, 0xab, 0x18, 0xf8, 0xc3, 0xec, 0x18, 0x5c, 0xb3, 0x1e, 0x9d, 0xbe, -+ 0x3f, 0x03, 0xb4, 0x00, 0x98, 0x9d, 0xae, 0xeb, 0xf4, 0x94, 0xf8, 0x42, -+ 0x8f, 0xe3, 0x39, 0x07, 0xe1, 0xc9, 0xad, 0x0b, 0x1f, 0xed, 0xc0, 0xba, -+ 0xf6, 0xd1, 0xec, 0x27, 0x86, 0x7b, 0xd6, 0x55, 0x9b, 0x60, 0xa5, 0xc6 -+}; -+ -+__fips_constseg static const unsigned char aes_256_no_df_returnedbits[] = { -+ 0xef, 0xd2, 0xd8, 0x5c, 0xdc, 0x62, 0x25, 0x9f, 0xaa, 0x1e, 0x2c, 0x67, -+ 0xf6, 0x02, 0x32, 0xe2 -+}; -+ -+/* SHA-1 PR */ -+__fips_constseg static const unsigned char sha1_pr_entropyinput[] = { -+ 0xd2, 0x36, 0xa5, 0x27, 0x31, 0x73, 0xdd, 0x11, 0x4f, 0x93, 0xbd, 0xe2, -+ 0x31, 0xa5, 0x91, 0x13 -+}; -+ -+__fips_constseg static const unsigned char sha1_pr_nonce[] = { -+ 0xb5, 0xb3, 0x60, 0xef, 0xf7, 0x63, 0x31, 0xf3 -+}; -+ -+__fips_constseg static const unsigned char sha1_pr_personalizationstring[] = { -+ 0xd4, 0xbb, 0x02, 0x10, 0xb2, 0x71, 0xdb, 0x81, 0xd6, 0xf0, 0x42, 0x60, -+ 0xda, 0xea, 0x77, 0x52 -+}; -+ -+__fips_constseg static const unsigned char sha1_pr_additionalinput[] = { -+ 0x4d, 0xd2, 0x6c, 0x87, 0xfb, 0x2c, 0x4f, 0xa6, 0x8d, 0x16, 0x63, 0x22, -+ 0x6a, 0x51, 0xe3, 0xf8 -+}; -+ -+__fips_constseg static const unsigned char sha1_pr_entropyinputpr[] = { -+ 0xc9, 0x83, 0x9e, 0x16, 0xf6, 0x1c, 0x0f, 0xb2, 0xec, 0x60, 0x31, 0xa9, -+ 0xcb, 0xa9, 0x36, 0x7a -+}; -+ -+__fips_constseg static const unsigned char sha1_pr_int_returnedbits[] = { -+ 0xa8, 0x13, 0x4f, 0xf4, 0x31, 0x02, 0x44, 0xe3, 0xd3, 0x3d, 0x61, 0x9e, -+ 0xe5, 0xc6, 0x3e, 0x89, 0xb5, 0x9b, 0x0f, 0x35 -+}; -+ -+__fips_constseg static const unsigned char sha1_pr_additionalinput2[] = { -+ 0xf9, 0xe8, 0xd2, 0x72, 0x13, 0x34, 0x95, 0x6f, 0x15, 0x49, 0x47, 0x99, -+ 0x16, 0x03, 0x19, 0x47 -+}; -+ -+__fips_constseg static const unsigned char sha1_pr_entropyinputpr2[] = { -+ 0x4e, 0x8c, 0x49, 0x9b, 0x4a, 0x5c, 0x9b, 0x9c, 0x3a, 0xee, 0xfb, 0xd2, -+ 0xae, 0xcd, 0x8c, 0xc4 -+}; -+ -+__fips_constseg static const unsigned char sha1_pr_returnedbits[] = { -+ 0x50, 0xb4, 0xb4, 0xcd, 0x68, 0x57, 0xfc, 0x2e, 0xc1, 0x52, 0xcc, 0xf6, -+ 0x68, 0xa4, 0x81, 0xed, 0x7e, 0xe4, 0x1d, 0x87 -+}; -+ -+/* SHA-1 No PR */ -+__fips_constseg static const unsigned char sha1_entropyinput[] = { -+ 0xa9, 0x47, 0x1b, 0x29, 0x2d, 0x1c, 0x05, 0xdf, 0x76, 0xd0, 0x62, 0xf9, -+ 0xe2, 0x7f, 0x4c, 0x7b -+}; -+ -+__fips_constseg static const unsigned char sha1_nonce[] = { -+ 0x53, 0x23, 0x24, 0xe3, 0xec, 0x0c, 0x54, 0x14 -+}; -+ -+__fips_constseg static const unsigned char sha1_personalizationstring[] = { -+ 0x7a, 0x87, 0xa1, 0xac, 0x1c, 0xfd, 0xab, 0xae, 0xf7, 0xd6, 0xfb, 0x76, -+ 0x28, 0xec, 0x6d, 0xca -+}; -+ -+__fips_constseg static const unsigned char sha1_additionalinput[] = { -+ 0xfc, 0x92, 0x35, 0xd6, 0x7e, 0xb7, 0x24, 0x65, 0xfd, 0x12, 0x27, 0x35, -+ 0xc0, 0x72, 0xca, 0x28 -+}; -+ -+__fips_constseg static const unsigned char sha1_int_returnedbits[] = { -+ 0x57, 0x88, 0x82, 0xe5, 0x25, 0xa5, 0x2c, 0x4a, 0x06, 0x20, 0x6c, 0x72, -+ 0x55, 0x61, 0xdd, 0x90, 0x71, 0x9f, 0x95, 0xea -+}; -+ -+__fips_constseg static const unsigned char sha1_entropyinputreseed[] = { -+ 0x69, 0xa5, 0x40, 0x62, 0x98, 0x47, 0x56, 0x73, 0x4a, 0x8f, 0x60, 0x96, -+ 0xd6, 0x99, 0x27, 0xed -+}; -+ -+__fips_constseg static const unsigned char sha1_additionalinputreseed[] = { -+ 0xe5, 0x40, 0x4e, 0xbd, 0x50, 0x00, 0xf5, 0x15, 0xa6, 0xee, 0x45, 0xda, -+ 0x84, 0x3d, 0xd4, 0xc0 -+}; -+ -+__fips_constseg static const unsigned char sha1_additionalinput2[] = { -+ 0x11, 0x51, 0x14, 0xf0, 0x09, 0x1b, 0x4e, 0x56, 0x0d, 0xe9, 0xf6, 0x1e, -+ 0x52, 0x65, 0xcd, 0x96 -+}; -+ -+__fips_constseg static const unsigned char sha1_returnedbits[] = { -+ 0xa1, 0x9c, 0x94, 0x6e, 0x29, 0xe1, 0x33, 0x0d, 0x32, 0xd6, 0xaa, 0xce, -+ 0x71, 0x3f, 0x52, 0x72, 0x8b, 0x42, 0xa8, 0xd7 -+}; -+ -+/* SHA-224 PR */ -+__fips_constseg static const unsigned char sha224_pr_entropyinput[] = { -+ 0x12, 0x69, 0x32, 0x4f, 0x83, 0xa6, 0xf5, 0x14, 0xe3, 0x49, 0x3e, 0x75, -+ 0x3e, 0xde, 0xad, 0xa1, 0x29, 0xc3, 0xf3, 0x19, 0x20, 0xb5, 0x4c, 0xd9 -+}; -+ -+__fips_constseg static const unsigned char sha224_pr_nonce[] = { -+ 0x6a, 0x78, 0xd0, 0xeb, 0xbb, 0x5a, 0xf0, 0xee, 0xe8, 0xc3, 0xba, 0x71 -+}; -+ -+__fips_constseg static const unsigned char sha224_pr_personalizationstring[] = { -+ 0xd5, 0xb8, 0xb6, 0xbc, 0xc1, 0x5b, 0x60, 0x31, 0x3c, 0xf5, 0xe5, 0xc0, -+ 0x8e, 0x52, 0x7a, 0xbd, 0xea, 0x47, 0xa9, 0x5f, 0x8f, 0xf9, 0x8b, 0xae -+}; -+ -+__fips_constseg static const unsigned char sha224_pr_additionalinput[] = { -+ 0x1f, 0x55, 0xec, 0xae, 0x16, 0x12, 0x84, 0xba, 0x84, 0x16, 0x19, 0x88, -+ 0x8e, 0xb8, 0x33, 0x25, 0x54, 0xff, 0xca, 0x79, 0xaf, 0x07, 0x25, 0x50 -+}; -+ -+__fips_constseg static const unsigned char sha224_pr_entropyinputpr[] = { -+ 0x92, 0xa3, 0x32, 0xa8, 0x9a, 0x0a, 0x58, 0x7c, 0x1d, 0x5a, 0x7e, 0xe1, -+ 0xb2, 0x73, 0xab, 0x0e, 0x16, 0x79, 0x23, 0xd3, 0x29, 0x89, 0x81, 0xe1 -+}; -+ -+__fips_constseg static const unsigned char sha224_pr_int_returnedbits[] = { -+ 0xf3, 0x38, 0x91, 0x40, 0x37, 0x7a, 0x51, 0x72, 0x42, 0x74, 0x78, 0x0a, -+ 0x69, 0xfd, 0xa6, 0x44, 0x43, 0x45, 0x6c, 0x0c, 0x5a, 0x19, 0xff, 0xf1, -+ 0x54, 0x60, 0xee, 0x6a -+}; -+ -+__fips_constseg static const unsigned char sha224_pr_additionalinput2[] = { -+ 0x75, 0xf3, 0x04, 0x25, 0xdd, 0x36, 0xa8, 0x37, 0x46, 0xae, 0x0c, 0x52, -+ 0x05, 0x79, 0x4c, 0x26, 0xdb, 0xe9, 0x71, 0x16, 0x4c, 0x0a, 0xf2, 0x60 -+}; -+ -+__fips_constseg static const unsigned char sha224_pr_entropyinputpr2[] = { -+ 0xea, 0xc5, 0x03, 0x0a, 0x4f, 0xb0, 0x38, 0x8d, 0x23, 0xd4, 0xc8, 0x77, -+ 0xe2, 0x6d, 0x9c, 0x0b, 0x44, 0xf7, 0x2d, 0x5b, 0xbf, 0x5d, 0x2a, 0x11 -+}; -+ -+__fips_constseg static const unsigned char sha224_pr_returnedbits[] = { -+ 0x60, 0x50, 0x2b, 0xe7, 0x86, 0xd8, 0x26, 0x73, 0xe3, 0x1d, 0x95, 0x20, -+ 0xb3, 0x2c, 0x32, 0x1c, 0xf5, 0xce, 0x57, 0xa6, 0x67, 0x2b, 0xdc, 0x4e, -+ 0xdd, 0x11, 0x4c, 0xc4 -+}; -+ -+/* SHA-224 No PR */ -+__fips_constseg static const unsigned char sha224_entropyinput[] = { -+ 0xb2, 0x1c, 0x77, 0x4d, 0xf6, 0xd3, 0xb6, 0x40, 0xb7, 0x30, 0x3e, 0x29, -+ 0xb0, 0x85, 0x1c, 0xbe, 0x4a, 0xea, 0x6b, 0x5a, 0xb5, 0x8a, 0x97, 0xeb -+}; -+ -+__fips_constseg static const unsigned char sha224_nonce[] = { -+ 0x42, 0x02, 0x0a, 0x1c, 0x98, 0x9a, 0x77, 0x9e, 0x9f, 0x80, 0xba, 0xe0 -+}; -+ -+__fips_constseg static const unsigned char sha224_personalizationstring[] = { -+ 0x98, 0xb8, 0x04, 0x41, 0xfc, 0xc1, 0x5d, 0xc5, 0xe9, 0xb9, 0x08, 0xda, -+ 0xf9, 0xfa, 0x0d, 0x90, 0xce, 0xdf, 0x1d, 0x10, 0xa9, 0x8d, 0x50, 0x0c -+}; -+ -+__fips_constseg static const unsigned char sha224_additionalinput[] = { -+ 0x9a, 0x8d, 0x39, 0x49, 0x42, 0xd5, 0x0b, 0xae, 0xe1, 0xaf, 0xb7, 0x00, -+ 0x02, 0xfa, 0x96, 0xb1, 0xa5, 0x1d, 0x2d, 0x25, 0x78, 0xee, 0x83, 0x3f -+}; -+ -+__fips_constseg static const unsigned char sha224_int_returnedbits[] = { -+ 0xe4, 0xf5, 0x53, 0x79, 0x5a, 0x97, 0x58, 0x06, 0x08, 0xba, 0x7b, 0xfa, -+ 0xf0, 0x83, 0x05, 0x8c, 0x22, 0xc0, 0xc9, 0xdb, 0x15, 0xe7, 0xde, 0x20, -+ 0x55, 0x22, 0x9a, 0xad -+}; -+ -+__fips_constseg static const unsigned char sha224_entropyinputreseed[] = { -+ 0x67, 0x09, 0x48, 0xaa, 0x07, 0x16, 0x99, 0x89, 0x7f, 0x6d, 0xa0, 0xe5, -+ 0x8f, 0xdf, 0xbc, 0xdb, 0xfe, 0xe5, 0x6c, 0x7a, 0x95, 0x4a, 0x66, 0x17 -+}; -+ -+__fips_constseg static const unsigned char sha224_additionalinputreseed[] = { -+ 0x0f, 0x4b, 0x1c, 0x6f, 0xb7, 0xe3, 0x47, 0xe5, 0x5d, 0x7d, 0x38, 0xd6, -+ 0x28, 0x9b, 0xeb, 0x55, 0x63, 0x09, 0x3e, 0x7c, 0x56, 0xea, 0xf8, 0x19 -+}; -+ -+__fips_constseg static const unsigned char sha224_additionalinput2[] = { -+ 0x2d, 0x26, 0x7c, 0x37, 0xe4, 0x7a, 0x28, 0x5e, 0x5a, 0x3c, 0xaf, 0x3d, -+ 0x5a, 0x8e, 0x55, 0xa2, 0x1a, 0x6e, 0xc0, 0xe5, 0xf6, 0x21, 0xd3, 0xf6 -+}; -+ -+__fips_constseg static const unsigned char sha224_returnedbits[] = { -+ 0x4d, 0x83, 0x35, 0xdf, 0x67, 0xa9, 0xfc, 0x17, 0xda, 0x70, 0xcc, 0x8b, -+ 0x7f, 0x77, 0xae, 0xa2, 0x5f, 0xb9, 0x7e, 0x74, 0x4c, 0x26, 0xc1, 0x7a, -+ 0x3b, 0xa7, 0x5c, 0x93 -+}; -+ -+/* SHA-256 PR */ -+__fips_constseg static const unsigned char sha256_pr_entropyinput[] = { -+ 0xce, 0x49, 0x00, 0x7a, 0x56, 0xe3, 0x67, 0x8f, 0xe1, 0xb6, 0xa7, 0xd4, -+ 0x4f, 0x08, 0x7a, 0x1b, 0x01, 0xf4, 0xfa, 0x6b, 0xef, 0xb7, 0xe5, 0xeb, -+ 0x07, 0x3d, 0x11, 0x0d, 0xc8, 0xea, 0x2b, 0xfe -+}; -+ -+__fips_constseg static const unsigned char sha256_pr_nonce[] = { -+ 0x73, 0x41, 0xc8, 0x92, 0x94, 0xe2, 0xc5, 0x5f, 0x93, 0xfd, 0x39, 0x5d, -+ 0x2b, 0x91, 0x4d, 0x38 -+}; -+ -+__fips_constseg static const unsigned char sha256_pr_personalizationstring[] = { -+ 0x50, 0x6d, 0x01, 0x01, 0x07, 0x5a, 0x80, 0x35, 0x7a, 0x56, 0x1a, 0x56, -+ 0x2f, 0x9a, 0x0b, 0x35, 0xb2, 0xb1, 0xc9, 0xe5, 0xca, 0x69, 0x61, 0x48, -+ 0xff, 0xfb, 0x0f, 0xd9, 0x4b, 0x79, 0x1d, 0xba -+}; -+ -+__fips_constseg static const unsigned char sha256_pr_additionalinput[] = { -+ 0x20, 0xb8, 0xdf, 0x44, 0x77, 0x5a, 0xb8, 0xd3, 0xbf, 0xf6, 0xcf, 0xac, -+ 0x5e, 0xa6, 0x96, 0x62, 0x73, 0x44, 0x40, 0x4a, 0x30, 0xfb, 0x38, 0xa5, -+ 0x7b, 0x0d, 0xe4, 0x0d, 0xc6, 0xe4, 0x9a, 0x1f -+}; -+ -+__fips_constseg static const unsigned char sha256_pr_entropyinputpr[] = { -+ 0x04, 0xc4, 0x65, 0xf4, 0xd3, 0xbf, 0x83, 0x4b, 0xab, 0xc8, 0x41, 0xa8, -+ 0xc2, 0xe0, 0x44, 0x63, 0x77, 0x4c, 0x6f, 0x6c, 0x49, 0x46, 0xff, 0x94, -+ 0x17, 0xea, 0xe6, 0x1a, 0x9d, 0x5e, 0x66, 0x78 -+}; -+ -+__fips_constseg static const unsigned char sha256_pr_int_returnedbits[] = { -+ 0x07, 0x4d, 0xac, 0x9b, 0x86, 0xca, 0x4a, 0xaa, 0x6e, 0x7a, 0x03, 0xa2, -+ 0x5d, 0x10, 0xea, 0x0b, 0xf9, 0x83, 0xcc, 0xd1, 0xfc, 0xe2, 0x07, 0xc7, -+ 0x06, 0x34, 0x60, 0x6f, 0x83, 0x94, 0x99, 0x76 -+}; -+ -+__fips_constseg static const unsigned char sha256_pr_additionalinput2[] = { -+ 0x89, 0x4e, 0x45, 0x8c, 0x11, 0xf9, 0xbc, 0x5b, 0xac, 0x74, 0x8b, 0x4b, -+ 0x5f, 0xf7, 0x19, 0xf3, 0xf5, 0x24, 0x54, 0x14, 0xd1, 0x15, 0xb1, 0x43, -+ 0x12, 0xa4, 0x5f, 0xd4, 0xec, 0xfc, 0xcd, 0x09 -+}; -+ -+__fips_constseg static const unsigned char sha256_pr_entropyinputpr2[] = { -+ 0x0e, 0xeb, 0x1f, 0xd7, 0xfc, 0xd1, 0x9d, 0xd4, 0x05, 0x36, 0x8b, 0xb2, -+ 0xfb, 0xe4, 0xf4, 0x51, 0x0c, 0x87, 0x9b, 0x02, 0x44, 0xd5, 0x92, 0x4d, -+ 0x44, 0xfe, 0x1a, 0x03, 0x43, 0x56, 0xbd, 0x86 -+}; -+ -+__fips_constseg static const unsigned char sha256_pr_returnedbits[] = { -+ 0x02, 0xaa, 0xb6, 0x1d, 0x7e, 0x2a, 0x40, 0x03, 0x69, 0x2d, 0x49, 0xa3, -+ 0x41, 0xe7, 0x44, 0x0b, 0xaf, 0x7b, 0x85, 0xe4, 0x5f, 0x53, 0x3b, 0x64, -+ 0xbc, 0x89, 0xc8, 0x82, 0xd4, 0x78, 0x37, 0xa2 -+}; -+ -+/* SHA-256 No PR */ -+__fips_constseg static const unsigned char sha256_entropyinput[] = { -+ 0x5b, 0x1b, 0xec, 0x4d, 0xa9, 0x38, 0x74, 0x5a, 0x34, 0x0b, 0x7b, 0xc5, -+ 0xe5, 0xd7, 0x66, 0x7c, 0xbc, 0x82, 0xb9, 0x0e, 0x2d, 0x1f, 0x92, 0xd7, -+ 0xc1, 0xbc, 0x67, 0x69, 0xec, 0x6b, 0x03, 0x3c -+}; -+ -+__fips_constseg static const unsigned char sha256_nonce[] = { -+ 0xa4, 0x0c, 0xd8, 0x9c, 0x61, 0xd8, 0xc3, 0x54, 0xfe, 0x53, 0xc9, 0xe5, -+ 0x5d, 0x6f, 0x6d, 0x35 -+}; -+ -+__fips_constseg static const unsigned char sha256_personalizationstring[] = { -+ 0x22, 0x5e, 0x62, 0x93, 0x42, 0x83, 0x78, 0x24, 0xd8, 0x40, 0x8c, 0xde, -+ 0x6f, 0xf9, 0xa4, 0x7a, 0xc5, 0xa7, 0x3b, 0x88, 0xa3, 0xee, 0x42, 0x20, -+ 0xfd, 0x61, 0x56, 0xc6, 0x4c, 0x13, 0x41, 0x9c -+}; -+ -+__fips_constseg static const unsigned char sha256_additionalinput[] = { -+ 0xbf, 0x74, 0x5b, 0xf6, 0xc5, 0x64, 0x5e, 0x99, 0x34, 0x8f, 0xbc, 0xa4, -+ 0xe2, 0xbd, 0xd8, 0x85, 0x26, 0x37, 0xea, 0xba, 0x4f, 0xf2, 0x9a, 0x9a, -+ 0x66, 0xfc, 0xdf, 0x63, 0x26, 0x26, 0x19, 0x87 -+}; -+ -+__fips_constseg static const unsigned char sha256_int_returnedbits[] = { -+ 0xb3, 0xc6, 0x07, 0x07, 0xd6, 0x75, 0xf6, 0x2b, 0xd6, 0x21, 0x96, 0xf1, -+ 0xae, 0xdb, 0x2b, 0xac, 0x25, 0x2a, 0xae, 0xae, 0x41, 0x72, 0x03, 0x5e, -+ 0xbf, 0xd3, 0x64, 0xbc, 0x59, 0xf9, 0xc0, 0x76 -+}; -+ -+__fips_constseg static const unsigned char sha256_entropyinputreseed[] = { -+ 0xbf, 0x20, 0x33, 0x56, 0x29, 0xa8, 0x37, 0x04, 0x1f, 0x78, 0x34, 0x3d, -+ 0x81, 0x2a, 0xc9, 0x86, 0xc6, 0x7a, 0x2f, 0x88, 0x5e, 0xd5, 0xbe, 0x34, -+ 0x46, 0x20, 0xa4, 0x35, 0xeb, 0xc7, 0xe2, 0x9d -+}; -+ -+__fips_constseg static const unsigned char sha256_additionalinputreseed[] = { -+ 0x9b, 0xae, 0x2d, 0x2d, 0x61, 0xa4, 0x89, 0xeb, 0x43, 0x46, 0xa7, 0xda, -+ 0xef, 0x40, 0xca, 0x4a, 0x99, 0x11, 0x41, 0xdc, 0x5c, 0x94, 0xe9, 0xac, -+ 0xd4, 0xd0, 0xe6, 0xbd, 0xfb, 0x03, 0x9c, 0xa8 -+}; -+ -+__fips_constseg static const unsigned char sha256_additionalinput2[] = { -+ 0x23, 0xaa, 0x0c, 0xbd, 0x28, 0x33, 0xe2, 0x51, 0xfc, 0x71, 0xd2, 0x15, -+ 0x1f, 0x76, 0xfd, 0x0d, 0xe0, 0xb7, 0xb5, 0x84, 0x75, 0x5b, 0xbe, 0xf3, -+ 0x5c, 0xca, 0xc5, 0x30, 0xf2, 0x75, 0x1f, 0xda -+}; -+ -+__fips_constseg static const unsigned char sha256_returnedbits[] = { -+ 0x90, 0x3c, 0xc1, 0x10, 0x8c, 0x12, 0x01, 0xc6, 0xa6, 0x3a, 0x0f, 0x4d, -+ 0xb6, 0x3a, 0x4f, 0x41, 0x9c, 0x61, 0x75, 0x84, 0xe9, 0x74, 0x75, 0xfd, -+ 0xfe, 0xf2, 0x1f, 0x43, 0xd8, 0x5e, 0x24, 0xa3 -+}; -+ -+/* SHA-384 PR */ -+__fips_constseg static const unsigned char sha384_pr_entropyinput[] = { -+ 0x71, 0x9d, 0xb2, 0x5a, 0x71, 0x6d, 0x04, 0xe9, 0x1e, 0xc7, 0x92, 0x24, -+ 0x6e, 0x12, 0x33, 0xa9, 0x52, 0x64, 0x31, 0xef, 0x71, 0xeb, 0x22, 0x55, -+ 0x28, 0x97, 0x06, 0x6a, 0xc0, 0x0c, 0xa0, 0x7e -+}; -+ -+__fips_constseg static const unsigned char sha384_pr_nonce[] = { -+ 0xf5, 0x0d, 0xfa, 0xb0, 0xec, 0x6a, 0x7c, 0xd6, 0xbd, 0x9b, 0x05, 0xfd, -+ 0x38, 0x3e, 0x2e, 0x56 -+}; -+ -+__fips_constseg static const unsigned char sha384_pr_personalizationstring[] = { -+ 0x74, 0xac, 0x7e, 0x6d, 0xb1, 0xa4, 0xe7, 0x21, 0xd1, 0x1e, 0x6e, 0x96, -+ 0x6d, 0x4d, 0x53, 0x46, 0x82, 0x96, 0x6e, 0xcf, 0xaa, 0x81, 0x8d, 0x7d, -+ 0x9e, 0xe1, 0x0f, 0x15, 0xea, 0x41, 0xbf, 0xe3 -+}; -+ -+__fips_constseg static const unsigned char sha384_pr_additionalinput[] = { -+ 0xda, 0x95, 0xd4, 0xd0, 0xb8, 0x11, 0xd3, 0x49, 0x27, 0x5d, 0xa9, 0x39, -+ 0x68, 0xf3, 0xa8, 0xe9, 0x5d, 0x19, 0x8a, 0x2b, 0x66, 0xe8, 0x69, 0x06, -+ 0x7c, 0x9e, 0x03, 0xa1, 0x8b, 0x26, 0x2d, 0x6e -+}; -+ -+__fips_constseg static const unsigned char sha384_pr_entropyinputpr[] = { -+ 0x49, 0xdf, 0x44, 0x00, 0xe4, 0x1c, 0x75, 0x0b, 0x26, 0x5a, 0x59, 0x64, -+ 0x1f, 0x4e, 0xb1, 0xb2, 0x13, 0xf1, 0x22, 0x4e, 0xb4, 0x6d, 0x9a, 0xcc, -+ 0xa0, 0x48, 0xe6, 0xcf, 0x1d, 0xd1, 0x92, 0x0d -+}; -+ -+__fips_constseg static const unsigned char sha384_pr_int_returnedbits[] = { -+ 0xc8, 0x52, 0xae, 0xbf, 0x04, 0x3c, 0x27, 0xb7, 0x78, 0x18, 0xaa, 0x8f, -+ 0xff, 0xcf, 0xa4, 0xf1, 0xcc, 0xe7, 0x68, 0xfa, 0x22, 0xa2, 0x13, 0x45, -+ 0xe8, 0xdd, 0x87, 0xe6, 0xf2, 0x6e, 0xdd, 0xc7, 0x52, 0x90, 0x9f, 0x7b, -+ 0xfa, 0x61, 0x2d, 0x9d, 0x9e, 0xcf, 0x98, 0xac, 0x52, 0x40, 0xce, 0xaf -+}; -+ -+__fips_constseg static const unsigned char sha384_pr_additionalinput2[] = { -+ 0x61, 0x7c, 0x03, 0x9a, 0x3e, 0x50, 0x57, 0x60, 0xc5, 0x83, 0xc9, 0xb2, -+ 0xd1, 0x87, 0x85, 0x66, 0x92, 0x5d, 0x84, 0x0e, 0x53, 0xfb, 0x70, 0x03, -+ 0x72, 0xfd, 0xba, 0xae, 0x9c, 0x8f, 0xf8, 0x18 -+}; -+ -+__fips_constseg static const unsigned char sha384_pr_entropyinputpr2[] = { -+ 0xf8, 0xeb, 0x89, 0xb1, 0x8d, 0x78, 0xbe, 0x21, 0xe0, 0xbb, 0x9d, 0xb7, -+ 0x95, 0x0e, 0xd9, 0x46, 0x0c, 0x8c, 0xe2, 0x63, 0xb7, 0x9d, 0x67, 0x90, -+ 0xbd, 0xc7, 0x0b, 0xa5, 0xce, 0xb2, 0x65, 0x81 -+}; -+ -+__fips_constseg static const unsigned char sha384_pr_returnedbits[] = { -+ 0xe6, 0x9f, 0xfe, 0x68, 0xd6, 0xb5, 0x79, 0xf1, 0x06, 0x5f, 0xa3, 0xbb, -+ 0x23, 0x85, 0xd8, 0xf0, 0x29, 0x5a, 0x68, 0x9e, 0xf5, 0xf4, 0xa6, 0x12, -+ 0xe0, 0x9a, 0xe2, 0xac, 0x00, 0x1d, 0x98, 0x26, 0xfc, 0x53, 0x95, 0x53, -+ 0xe4, 0x3e, 0x17, 0xd5, 0x08, 0x0b, 0x70, 0x3d, 0x67, 0x99, 0xac, 0x66 -+}; -+ -+/* SHA-384 No PR */ -+__fips_constseg static const unsigned char sha384_entropyinput[] = { -+ 0x07, 0x15, 0x27, 0x2a, 0xaf, 0x74, 0x24, 0x37, 0xbc, 0xd5, 0x14, 0x69, -+ 0xce, 0x11, 0xff, 0xa2, 0x6b, 0xb8, 0x05, 0x67, 0x34, 0xf8, 0xbd, 0x6d, -+ 0x6a, 0xcc, 0xcd, 0x60, 0xa3, 0x68, 0xca, 0xf4 -+}; -+ -+__fips_constseg static const unsigned char sha384_nonce[] = { -+ 0x70, 0x17, 0xc2, 0x5b, 0x5d, 0x22, 0x0b, 0x06, 0x15, 0x54, 0x78, 0x77, -+ 0x44, 0xaf, 0x2f, 0x09 -+}; -+ -+__fips_constseg static const unsigned char sha384_personalizationstring[] = { -+ 0x89, 0x39, 0x28, 0xb0, 0x60, 0xeb, 0x3d, 0xdc, 0x55, 0x75, 0x86, 0xeb, -+ 0xae, 0xa2, 0x8f, 0xbc, 0x1b, 0x75, 0xd4, 0xe1, 0x0f, 0xaa, 0x38, 0xca, -+ 0x62, 0x8b, 0xcb, 0x2c, 0x26, 0xf6, 0xbc, 0xb1 -+}; -+ -+__fips_constseg static const unsigned char sha384_additionalinput[] = { -+ 0x30, 0x2b, 0x42, 0x35, 0xef, 0xda, 0x40, 0x55, 0x28, 0xc6, 0x95, 0xfb, -+ 0x54, 0x01, 0x62, 0xd7, 0x87, 0x14, 0x48, 0x6d, 0x90, 0x4c, 0xa9, 0x02, -+ 0x54, 0x40, 0x22, 0xc8, 0x66, 0xa5, 0x48, 0x48 -+}; -+ -+__fips_constseg static const unsigned char sha384_int_returnedbits[] = { -+ 0x82, 0xc4, 0xa1, 0x9c, 0x21, 0xd2, 0xe7, 0xa5, 0xa6, 0xf6, 0x5f, 0x04, -+ 0x5c, 0xc7, 0x31, 0x9d, 0x8d, 0x59, 0x74, 0x50, 0x19, 0x89, 0x2f, 0x63, -+ 0xd5, 0xb7, 0x7e, 0xeb, 0x15, 0xe3, 0x70, 0x83, 0xa1, 0x24, 0x59, 0xfa, -+ 0x2c, 0x56, 0xf6, 0x88, 0x3a, 0x92, 0x93, 0xa1, 0xfb, 0x79, 0xc1, 0x7a -+}; -+ -+__fips_constseg static const unsigned char sha384_entropyinputreseed[] = { -+ 0x39, 0xa6, 0xe8, 0x5c, 0x82, 0x17, 0x71, 0x26, 0x57, 0x4f, 0x9f, 0xc2, -+ 0x55, 0xff, 0x5c, 0x9b, 0x53, 0x1a, 0xd1, 0x5f, 0xbc, 0x62, 0xe4, 0x27, -+ 0x2d, 0x32, 0xf0, 0xe4, 0x52, 0x8c, 0xc5, 0x0c -+}; -+ -+__fips_constseg static const unsigned char sha384_additionalinputreseed[] = { -+ 0x8d, 0xcb, 0x8d, 0xce, 0x08, 0xea, 0x80, 0xe8, 0x9b, 0x61, 0xa8, 0x0f, -+ 0xaf, 0x49, 0x20, 0x9e, 0x74, 0xcb, 0x57, 0x80, 0x42, 0xb0, 0x84, 0x5e, -+ 0x30, 0x2a, 0x67, 0x08, 0xf4, 0xe3, 0x40, 0x22 -+}; -+ -+__fips_constseg static const unsigned char sha384_additionalinput2[] = { -+ 0x7c, 0x8f, 0xc2, 0xae, 0x22, 0x4a, 0xd6, 0xf6, 0x05, 0xa4, 0x7a, 0xea, -+ 0xbb, 0x25, 0xd0, 0xb7, 0x5a, 0xd6, 0xcf, 0x9d, 0xf3, 0x6c, 0xe2, 0xb2, -+ 0x4e, 0xb4, 0xbd, 0xf4, 0xe5, 0x40, 0x80, 0x94 -+}; -+ -+__fips_constseg static const unsigned char sha384_returnedbits[] = { -+ 0x9e, 0x7e, 0xfb, 0x59, 0xbb, 0xaa, 0x3c, 0xf7, 0xe1, 0xf8, 0x76, 0xdd, -+ 0x63, 0x5f, 0xaf, 0x23, 0xd6, 0x64, 0x61, 0xc0, 0x9a, 0x09, 0x47, 0xc9, -+ 0x33, 0xdf, 0x6d, 0x55, 0x91, 0x34, 0x79, 0x70, 0xc4, 0x99, 0x6e, 0x54, -+ 0x09, 0x64, 0x21, 0x1a, 0xbd, 0x1e, 0x80, 0x40, 0x34, 0xad, 0xfa, 0xd7 -+}; -+ -+/* SHA-512 PR */ -+__fips_constseg static const unsigned char sha512_pr_entropyinput[] = { -+ 0x13, 0xf7, 0x61, 0x75, 0x65, 0x28, 0xa2, 0x59, 0x13, 0x5a, 0x4a, 0x4f, -+ 0x56, 0x60, 0x8c, 0x53, 0x7d, 0xb0, 0xbd, 0x06, 0x4f, 0xed, 0xcc, 0xd2, -+ 0xa2, 0xb5, 0xfd, 0x5b, 0x3a, 0xab, 0xec, 0x28 -+}; -+ -+__fips_constseg static const unsigned char sha512_pr_nonce[] = { -+ 0xbe, 0xa3, 0x91, 0x93, 0x1d, 0xc3, 0x31, 0x3a, 0x23, 0x33, 0x50, 0x67, -+ 0x88, 0xc7, 0xa2, 0xc4 -+}; -+ -+__fips_constseg static const unsigned char sha512_pr_personalizationstring[] = { -+ 0x1f, 0x59, 0x4d, 0x7b, 0xe6, 0x46, 0x91, 0x48, 0xc1, 0x25, 0xfa, 0xff, -+ 0x89, 0x12, 0x77, 0x35, 0xdf, 0x3e, 0xf4, 0x80, 0x5f, 0xd9, 0xb0, 0x07, -+ 0x22, 0x41, 0xdd, 0x48, 0x78, 0x6b, 0x77, 0x2b -+}; -+ -+__fips_constseg static const unsigned char sha512_pr_additionalinput[] = { -+ 0x30, 0xff, 0x63, 0x6f, 0xac, 0xd9, 0x84, 0x39, 0x6f, 0xe4, 0x99, 0xce, -+ 0x91, 0x7d, 0x7e, 0xc8, 0x58, 0xf2, 0x12, 0xc3, 0xb6, 0xad, 0xda, 0x22, -+ 0x04, 0xa0, 0xd2, 0x21, 0xfe, 0xf2, 0x95, 0x1d -+}; -+ -+__fips_constseg static const unsigned char sha512_pr_entropyinputpr[] = { -+ 0x64, 0x54, 0x13, 0xec, 0x4f, 0x77, 0xda, 0xb2, 0x92, 0x2e, 0x52, 0x80, -+ 0x11, 0x10, 0xc2, 0xf8, 0xe6, 0xa7, 0xcd, 0x4b, 0xfc, 0x32, 0x2e, 0x9e, -+ 0xeb, 0xbb, 0xb1, 0xbf, 0x15, 0x5c, 0x73, 0x08 -+}; -+ -+__fips_constseg static const unsigned char sha512_pr_int_returnedbits[] = { -+ 0xef, 0x1e, 0xdc, 0x0a, 0xa4, 0x36, 0x91, 0x9c, 0x3d, 0x27, 0x97, 0x50, -+ 0x8d, 0x36, 0x29, 0x8d, 0xce, 0x6a, 0x0c, 0xf7, 0x21, 0xc0, 0x91, 0xae, -+ 0x0c, 0x96, 0x72, 0xbd, 0x52, 0x81, 0x58, 0xfc, 0x6d, 0xe5, 0xf7, 0xa5, -+ 0xfd, 0x5d, 0xa7, 0x58, 0x68, 0xc8, 0x99, 0x58, 0x8e, 0xc8, 0xce, 0x95, -+ 0x01, 0x7d, 0xff, 0xa4, 0xc8, 0xf7, 0x63, 0xfe, 0x5f, 0x69, 0x83, 0x53, -+ 0xe2, 0xc6, 0x8b, 0xc3 -+}; -+ -+__fips_constseg static const unsigned char sha512_pr_additionalinput2[] = { -+ 0xe6, 0x9b, 0xc4, 0x88, 0x34, 0xca, 0xea, 0x29, 0x2f, 0x98, 0x05, 0xa4, -+ 0xd3, 0xc0, 0x7b, 0x11, 0xe8, 0xbb, 0x75, 0xf2, 0xbd, 0x29, 0xb7, 0x40, -+ 0x25, 0x7f, 0xc1, 0xb7, 0xb1, 0xf1, 0x25, 0x61 -+}; -+ -+__fips_constseg static const unsigned char sha512_pr_entropyinputpr2[] = { -+ 0x23, 0x6d, 0xff, 0xde, 0xfb, 0xd1, 0xba, 0x33, 0x18, 0xe6, 0xbe, 0xb5, -+ 0x48, 0x77, 0x6d, 0x7f, 0xa7, 0xe1, 0x4d, 0x48, 0x1e, 0x3c, 0xa7, 0x34, -+ 0x1a, 0xc8, 0x60, 0xdb, 0x8f, 0x99, 0x15, 0x99 -+}; -+ -+__fips_constseg static const unsigned char sha512_pr_returnedbits[] = { -+ 0x70, 0x27, 0x31, 0xdb, 0x92, 0x70, 0x21, 0xfe, 0x16, 0xb6, 0xc8, 0x51, -+ 0x34, 0x87, 0x65, 0xd0, 0x4e, 0xfd, 0xfe, 0x68, 0xec, 0xac, 0xdc, 0x93, -+ 0x41, 0x38, 0x92, 0x90, 0xb4, 0x94, 0xf9, 0x0d, 0xa4, 0xf7, 0x4e, 0x80, -+ 0x92, 0x67, 0x48, 0x40, 0xa7, 0x08, 0xc7, 0xbc, 0x66, 0x00, 0xfd, 0xf7, -+ 0x4c, 0x8b, 0x17, 0x6e, 0xd1, 0x8f, 0x9b, 0xf3, 0x6f, 0xf6, 0x34, 0xdd, -+ 0x67, 0xf7, 0x68, 0xdd -+}; -+ -+/* SHA-512 No PR */ -+__fips_constseg static const unsigned char sha512_entropyinput[] = { -+ 0xb6, 0x0b, 0xb7, 0xbc, 0x84, 0x56, 0xf6, 0x12, 0xaf, 0x45, 0x67, 0x17, -+ 0x7c, 0xd1, 0xb2, 0x78, 0x2b, 0xa0, 0xf2, 0xbe, 0xb6, 0x6d, 0x8b, 0x56, -+ 0xc6, 0xbc, 0x4d, 0xe1, 0xf7, 0xbe, 0xce, 0xbd -+}; -+ -+__fips_constseg static const unsigned char sha512_nonce[] = { -+ 0x9d, 0xed, 0xc0, 0xe5, 0x5a, 0x98, 0x6a, 0xcb, 0x51, 0x7d, 0x76, 0x31, -+ 0x5a, 0x64, 0xf0, 0xf7 -+}; -+ -+__fips_constseg static const unsigned char sha512_personalizationstring[] = { -+ 0xc2, 0x6d, 0xa3, 0xc3, 0x06, 0x74, 0xe5, 0x01, 0x5c, 0x10, 0x17, 0xc7, -+ 0xaf, 0x83, 0x9d, 0x59, 0x8d, 0x2d, 0x29, 0x38, 0xc5, 0x59, 0x70, 0x8b, -+ 0x46, 0x48, 0x2d, 0xcf, 0x36, 0x7d, 0x59, 0xc0 -+}; -+ -+__fips_constseg static const unsigned char sha512_additionalinput[] = { -+ 0xec, 0x8c, 0xd4, 0xf7, 0x61, 0x6e, 0x0d, 0x95, 0x79, 0xb7, 0x28, 0xad, -+ 0x5f, 0x69, 0x74, 0x5f, 0x2d, 0x36, 0x06, 0x8a, 0x6b, 0xac, 0x54, 0x97, -+ 0xc4, 0xa1, 0x12, 0x85, 0x0a, 0xdf, 0x4b, 0x34 -+}; -+ -+__fips_constseg static const unsigned char sha512_int_returnedbits[] = { -+ 0x84, 0x2f, 0x1f, 0x68, 0x6a, 0xa3, 0xad, 0x1e, 0xfb, 0xf4, 0x15, 0xbd, -+ 0xde, 0x38, 0xd4, 0x30, 0x80, 0x51, 0xe9, 0xd3, 0xc7, 0x20, 0x88, 0xe9, -+ 0xf5, 0xcc, 0xdf, 0x57, 0x5c, 0x47, 0x2f, 0x57, 0x3c, 0x5f, 0x13, 0x56, -+ 0xcc, 0xc5, 0x4f, 0x84, 0xf8, 0x10, 0x41, 0xd5, 0x7e, 0x58, 0x6e, 0x19, -+ 0x19, 0x9e, 0xaf, 0xc2, 0x22, 0x58, 0x41, 0x50, 0x79, 0xc2, 0xd8, 0x04, -+ 0x28, 0xd4, 0x39, 0x9a -+}; -+ -+__fips_constseg static const unsigned char sha512_entropyinputreseed[] = { -+ 0xfa, 0x7f, 0x46, 0x51, 0x83, 0x62, 0x98, 0x16, 0x9a, 0x19, 0xa2, 0x49, -+ 0xa9, 0xe6, 0x4a, 0xd8, 0x85, 0xe7, 0xd4, 0x3b, 0x2c, 0x82, 0xc5, 0x82, -+ 0xbf, 0x11, 0xf9, 0x9e, 0xbc, 0xd0, 0x01, 0xee -+}; -+ -+__fips_constseg static const unsigned char sha512_additionalinputreseed[] = { -+ 0xb9, 0x12, 0xe0, 0x4f, 0xf7, 0xa7, 0xc4, 0xd8, 0xd0, 0x8e, 0x99, 0x29, -+ 0x7c, 0x9a, 0xe9, 0xcf, 0xc4, 0x6c, 0xf8, 0xc3, 0xa7, 0x41, 0x83, 0xd6, -+ 0x2e, 0xfa, 0xb8, 0x5e, 0x8e, 0x6b, 0x78, 0x20 -+}; -+ -+__fips_constseg static const unsigned char sha512_additionalinput2[] = { -+ 0xd7, 0x07, 0x52, 0xb9, 0x83, 0x2c, 0x03, 0x71, 0xee, 0xc9, 0xc0, 0x85, -+ 0xe1, 0x57, 0xb2, 0xcd, 0x3a, 0xf0, 0xc9, 0x34, 0x24, 0x41, 0x1c, 0x42, -+ 0x99, 0xb2, 0x84, 0xe9, 0x17, 0xd2, 0x76, 0x92 -+}; -+ -+__fips_constseg static const unsigned char sha512_returnedbits[] = { -+ 0x36, 0x17, 0x5d, 0x98, 0x2b, 0x65, 0x25, 0x8e, 0xc8, 0x29, 0xdf, 0x27, -+ 0x05, 0x36, 0x26, 0x12, 0x8a, 0x68, 0x74, 0x27, 0x37, 0xd4, 0x7f, 0x32, -+ 0xb1, 0x12, 0xd6, 0x85, 0x83, 0xeb, 0x2e, 0xa0, 0xed, 0x4b, 0xb5, 0x7b, -+ 0x6f, 0x39, 0x3c, 0x71, 0x77, 0x02, 0x12, 0xcc, 0x2c, 0x3a, 0x8e, 0x63, -+ 0xdf, 0x4a, 0xbd, 0x6f, 0x6e, 0x2e, 0xed, 0x0a, 0x85, 0xa5, 0x2f, 0xa2, -+ 0x68, 0xde, 0x42, 0xb5 -+}; -+ -+/* HMAC SHA-1 PR */ -+__fips_constseg static const unsigned char hmac_sha1_pr_entropyinput[] = { -+ 0x26, 0x5f, 0x36, 0x14, 0xff, 0x3d, 0x83, 0xfa, 0x73, 0x5e, 0x75, 0xdc, -+ 0x2c, 0x18, 0x17, 0x1b -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_pr_nonce[] = { -+ 0xc8, 0xe3, 0x57, 0xa5, 0x7b, 0x74, 0x86, 0x6e -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha1_pr_personalizationstring[] = { -+ 0x6e, 0xdb, 0x0d, 0xfe, 0x7d, 0xac, 0x79, 0xd0, 0xa5, 0x3a, 0x48, 0x85, -+ 0x80, 0xe2, 0x7f, 0x2a -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_pr_additionalinput[] = { -+ 0x31, 0xcd, 0x5e, 0x43, 0xdc, 0xfb, 0x7a, 0x79, 0xca, 0x88, 0xde, 0x1f, -+ 0xd7, 0xbb, 0x42, 0x09 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_pr_entropyinputpr[] = { -+ 0x7c, 0x23, 0x95, 0x38, 0x00, 0x95, 0xc1, 0x78, 0x1f, 0x8f, 0xd7, 0x63, -+ 0x23, 0x87, 0x2a, 0xed -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_pr_int_returnedbits[] = { -+ 0xbb, 0x34, 0xe7, 0x93, 0xa3, 0x02, 0x2c, 0x4a, 0xd0, 0x89, 0xda, 0x7f, -+ 0xed, 0xf4, 0x4c, 0xde, 0x17, 0xec, 0xe5, 0x6c -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_pr_additionalinput2[] = { -+ 0x49, 0xbc, 0x2d, 0x2c, 0xb7, 0x32, 0xcb, 0x20, 0xdf, 0xf5, 0x77, 0x58, -+ 0xa0, 0x4b, 0x93, 0x6e -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_pr_entropyinputpr2[] = { -+ 0x3c, 0xaa, 0xb0, 0x21, 0x42, 0xb0, 0xdd, 0x34, 0xf0, 0x16, 0x7f, 0x0c, -+ 0x0f, 0xff, 0x2e, 0xaf -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_pr_returnedbits[] = { -+ 0x8e, 0xcb, 0xa3, 0x64, 0xb2, 0xb8, 0x33, 0x6c, 0x64, 0x3b, 0x78, 0x16, -+ 0x99, 0x35, 0xc8, 0x30, 0xcb, 0x3e, 0xa0, 0xd8 -+}; -+ -+/* HMAC SHA-1 No PR */ -+__fips_constseg static const unsigned char hmac_sha1_entropyinput[] = { -+ 0x32, 0x9a, 0x2a, 0x87, 0x7b, 0x89, 0x7c, 0xf6, 0xcb, 0x95, 0xd5, 0x40, -+ 0x17, 0xfe, 0x47, 0x70 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_nonce[] = { -+ 0x16, 0xd8, 0xe0, 0xc7, 0x52, 0xcf, 0x4a, 0x25 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_personalizationstring[] = { -+ 0x35, 0x35, 0xa9, 0xa5, 0x40, 0xbe, 0x9b, 0xd1, 0x56, 0xdd, 0x44, 0x00, -+ 0x72, 0xf7, 0xd3, 0x5e -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_additionalinput[] = { -+ 0x1b, 0x2c, 0x84, 0x2d, 0x4a, 0x89, 0x8f, 0x69, 0x19, 0xf1, 0xf3, 0xdb, -+ 0xbb, 0xe3, 0xaa, 0xea -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_int_returnedbits[] = { -+ 0xcf, 0xfa, 0x7d, 0x72, 0x0f, 0xe6, 0xc7, 0x96, 0xa0, 0x69, 0x31, 0x11, -+ 0x9b, 0x0b, 0x1a, 0x20, 0x1f, 0x3f, 0xaa, 0xd1 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_entropyinputreseed[] = { -+ 0x90, 0x75, 0x15, 0x04, 0x95, 0xf1, 0xba, 0x81, 0x0c, 0x37, 0x94, 0x6f, -+ 0x86, 0x52, 0x6d, 0x9c -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_additionalinputreseed[] = { -+ 0x5b, 0x40, 0xba, 0x5f, 0x17, 0x70, 0xf0, 0x4b, 0xdf, 0xc9, 0x97, 0x92, -+ 0x79, 0xc5, 0x82, 0x28 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_additionalinput2[] = { -+ 0x97, 0xc8, 0x80, 0x90, 0xb3, 0xaa, 0x6e, 0x60, 0xea, 0x83, 0x7a, 0xe3, -+ 0x8a, 0xca, 0xa4, 0x7f -+}; -+ -+__fips_constseg static const unsigned char hmac_sha1_returnedbits[] = { -+ 0x90, 0xbd, 0x05, 0x56, 0x6d, 0xb5, 0x22, 0xd5, 0xb9, 0x5a, 0x29, 0x2d, -+ 0xe9, 0x0b, 0xe1, 0xac, 0xde, 0x27, 0x0b, 0xb0 -+}; -+ -+/* HMAC SHA-224 PR */ -+__fips_constseg static const unsigned char hmac_sha224_pr_entropyinput[] = { -+ 0x17, 0x32, 0x2b, 0x2e, 0x6f, 0x1b, 0x9c, 0x6d, 0x31, 0xe0, 0x34, 0x07, -+ 0xcf, 0xed, 0xf6, 0xb6, 0x5a, 0x76, 0x4c, 0xbc, 0x62, 0x85, 0x01, 0x90 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_pr_nonce[] = { -+ 0x38, 0xbf, 0x5f, 0x20, 0xb3, 0x68, 0x2f, 0x43, 0x61, 0x05, 0x8f, 0x23 -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha224_pr_personalizationstring[] = { -+ 0xc0, 0xc9, 0x45, 0xac, 0x8d, 0x27, 0x77, 0x08, 0x0b, 0x17, 0x6d, 0xed, -+ 0xc1, 0x7d, 0xd5, 0x07, 0x9d, 0x6e, 0xf8, 0x23, 0x2a, 0x22, 0x13, 0xbd -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_pr_additionalinput[] = { -+ 0xa4, 0x3c, 0xe7, 0x3b, 0xea, 0x19, 0x45, 0x32, 0xc2, 0x83, 0x6d, 0x21, -+ 0x8a, 0xc0, 0xee, 0x67, 0x45, 0xde, 0x13, 0x7d, 0x9d, 0x61, 0x00, 0x3b -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_pr_entropyinputpr[] = { -+ 0x15, 0x05, 0x74, 0x4a, 0x7f, 0x8d, 0x5c, 0x60, 0x16, 0xe5, 0x7b, 0xad, -+ 0xf5, 0x41, 0x8f, 0x55, 0x60, 0xc4, 0x09, 0xee, 0x1e, 0x11, 0x81, 0xab -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_pr_int_returnedbits[] = { -+ 0x6f, 0xf5, 0x9a, 0xe2, 0x54, 0x53, 0x30, 0x3d, 0x5a, 0x27, 0x29, 0x38, -+ 0x27, 0xf2, 0x0d, 0x05, 0xe9, 0x26, 0xcb, 0x16, 0xc3, 0x51, 0x5f, 0x13, -+ 0x41, 0xfe, 0x99, 0xf2 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_pr_additionalinput2[] = { -+ 0x73, 0x81, 0x88, 0x84, 0x8f, 0xed, 0x6f, 0x10, 0x9f, 0x93, 0xbf, 0x17, -+ 0x35, 0x7c, 0xef, 0xd5, 0x8d, 0x26, 0xa6, 0x7a, 0xe8, 0x09, 0x36, 0x4f -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_pr_entropyinputpr2[] = { -+ 0xe6, 0xcf, 0xcf, 0x7e, 0x12, 0xe5, 0x43, 0xd2, 0x38, 0xd8, 0x24, 0x6f, -+ 0x5a, 0x37, 0x68, 0xbf, 0x4f, 0xa0, 0xff, 0xd5, 0x61, 0x8a, 0x93, 0xe0 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_pr_returnedbits[] = { -+ 0xaf, 0xf9, 0xd8, 0x19, 0x91, 0x30, 0x82, 0x6f, 0xa9, 0x1e, 0x9d, 0xd7, -+ 0xf3, 0x50, 0xe0, 0xc7, 0xd5, 0x64, 0x96, 0x7d, 0x4c, 0x4d, 0x78, 0x03, -+ 0x6d, 0xd8, 0x9e, 0x72 -+}; -+ -+/* HMAC SHA-224 No PR */ -+__fips_constseg static const unsigned char hmac_sha224_entropyinput[] = { -+ 0x11, 0x82, 0xfd, 0xd9, 0x42, 0xf4, 0xfa, 0xc8, 0xf2, 0x41, 0xe6, 0x54, -+ 0x01, 0xae, 0x22, 0x6e, 0xc6, 0xaf, 0xaf, 0xd0, 0xa6, 0xb2, 0xe2, 0x6d -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_nonce[] = { -+ 0xa9, 0x48, 0xd7, 0x92, 0x39, 0x7e, 0x2a, 0xdc, 0x30, 0x1f, 0x0e, 0x2b -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha224_personalizationstring[] = { -+ 0x11, 0xd5, 0xf4, 0xbd, 0x67, 0x8c, 0x31, 0xcf, 0xa3, 0x3f, 0x1e, 0x6b, -+ 0xa8, 0x07, 0x02, 0x0b, 0xc8, 0x2e, 0x6c, 0x64, 0x41, 0x5b, 0xc8, 0x37 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_additionalinput[] = { -+ 0x68, 0x18, 0xc2, 0x06, 0xeb, 0x3e, 0x04, 0x95, 0x44, 0x5e, 0xfb, 0xe6, -+ 0x41, 0xc1, 0x5c, 0xcc, 0x40, 0x2f, 0xb7, 0xd2, 0x0f, 0xf3, 0x6b, 0xe7 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_int_returnedbits[] = { -+ 0x7f, 0x45, 0xc7, 0x5d, 0x32, 0xe6, 0x17, 0x60, 0xba, 0xdc, 0xb8, 0x42, -+ 0x1b, 0x9c, 0xf1, 0xfa, 0x3b, 0x4d, 0x29, 0x54, 0xc6, 0x90, 0xff, 0x5c, -+ 0xcd, 0xd6, 0xa9, 0xcc -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_entropyinputreseed[] = { -+ 0xc4, 0x8e, 0x37, 0x95, 0x69, 0x53, 0x28, 0xd7, 0x37, 0xbb, 0x70, 0x95, -+ 0x1c, 0x07, 0x1d, 0xd9, 0xb7, 0xe6, 0x1b, 0xbb, 0xfe, 0x41, 0xeb, 0xc9 -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha224_additionalinputreseed[] = { -+ 0x53, 0x17, 0xa1, 0x6a, 0xfa, 0x77, 0x47, 0xb0, 0x95, 0x56, 0x9a, 0x20, -+ 0x57, 0xde, 0x5c, 0x89, 0x9f, 0x7f, 0xe2, 0xde, 0x17, 0x3a, 0x50, 0x23 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_additionalinput2[] = { -+ 0x3a, 0x32, 0xf9, 0x85, 0x0c, 0xc1, 0xed, 0x76, 0x2d, 0xdf, 0x40, 0xc3, -+ 0x06, 0x22, 0x66, 0xd4, 0x9a, 0x9a, 0xff, 0x5a, 0x7e, 0x7a, 0xf3, 0x96 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha224_returnedbits[] = { -+ 0x43, 0xb4, 0x57, 0x5c, 0x38, 0x25, 0x9d, 0xae, 0xec, 0x96, 0xd1, 0x85, -+ 0x3a, 0x84, 0x8d, 0xfe, 0x68, 0xd5, 0x0e, 0x5c, 0x8f, 0x65, 0xa5, 0x4e, -+ 0x45, 0x84, 0xa8, 0x94 -+}; -+ -+/* HMAC SHA-256 PR */ -+__fips_constseg static const unsigned char hmac_sha256_pr_entropyinput[] = { -+ 0x4d, 0xb0, 0x43, 0xd8, 0x34, 0x4b, 0x10, 0x70, 0xb1, 0x8b, 0xed, 0xea, -+ 0x07, 0x92, 0x9f, 0x6c, 0x79, 0x31, 0xaf, 0x81, 0x29, 0xeb, 0x6e, 0xca, -+ 0x32, 0x48, 0x28, 0xe7, 0x02, 0x5d, 0xa6, 0xa6 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_pr_nonce[] = { -+ 0x3a, 0xae, 0x15, 0xa9, 0x99, 0xdc, 0xe4, 0x67, 0x34, 0x3b, 0x70, 0x15, -+ 0xaa, 0xd3, 0x30, 0x9a -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha256_pr_personalizationstring[] = { -+ 0x13, 0x1d, 0x24, 0x04, 0xb0, 0x18, 0x81, 0x15, 0x21, 0x51, 0x2a, 0x24, -+ 0x52, 0x61, 0xbe, 0x64, 0x82, 0x6b, 0x55, 0x2f, 0xe2, 0xf1, 0x40, 0x7d, -+ 0x71, 0xd8, 0x01, 0x86, 0x15, 0xb7, 0x8b, 0xb5 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_pr_additionalinput[] = { -+ 0x8f, 0xa6, 0x54, 0x5f, 0xb1, 0xd0, 0xd8, 0xc3, 0xe7, 0x0c, 0x15, 0xa9, -+ 0x23, 0x6e, 0xfe, 0xfb, 0x93, 0xf7, 0x3a, 0xbd, 0x59, 0x01, 0xfa, 0x18, -+ 0x8e, 0xe9, 0x1a, 0xa9, 0x78, 0xfc, 0x79, 0x0b -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_pr_entropyinputpr[] = { -+ 0xcf, 0x24, 0xb9, 0xeb, 0xb3, 0xd4, 0xcd, 0x17, 0x37, 0x38, 0x75, 0x79, -+ 0x15, 0xcb, 0x2d, 0x75, 0x51, 0xf1, 0xcc, 0xaa, 0x32, 0xa4, 0xa7, 0x36, -+ 0x7c, 0x5c, 0xe4, 0x47, 0xf1, 0x3e, 0x1d, 0xe5 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_pr_int_returnedbits[] = { -+ 0x52, 0x42, 0xfa, 0xeb, 0x85, 0xe0, 0x30, 0x22, 0x79, 0x00, 0x16, 0xb2, -+ 0x88, 0x2f, 0x14, 0x6a, 0xb7, 0xfc, 0xb7, 0x53, 0xdc, 0x4a, 0x12, 0xef, -+ 0x54, 0xd6, 0x33, 0xe9, 0x20, 0xd6, 0xfd, 0x56 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_pr_additionalinput2[] = { -+ 0xf4, 0xf6, 0x49, 0xa1, 0x2d, 0x64, 0x2b, 0x30, 0x58, 0xf8, 0xbd, 0xb8, -+ 0x75, 0xeb, 0xbb, 0x5e, 0x1c, 0x9b, 0x81, 0x6a, 0xda, 0x14, 0x86, 0x6e, -+ 0xd0, 0xda, 0x18, 0xb7, 0x88, 0xfb, 0x59, 0xf3 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_pr_entropyinputpr2[] = { -+ 0x21, 0xcd, 0x6e, 0x46, 0xad, 0x99, 0x07, 0x17, 0xb4, 0x3d, 0x76, 0x0a, -+ 0xff, 0x5b, 0x52, 0x50, 0x78, 0xdf, 0x1f, 0x24, 0x06, 0x0d, 0x3f, 0x74, -+ 0xa9, 0xc9, 0x37, 0xcf, 0xd8, 0x26, 0x25, 0x91 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_pr_returnedbits[] = { -+ 0xa7, 0xaf, 0x2f, 0x29, 0xe0, 0x3a, 0x72, 0x95, 0x96, 0x1c, 0xa9, 0xf0, -+ 0x4a, 0x17, 0x4d, 0x66, 0x06, 0x10, 0xbf, 0x39, 0x89, 0x88, 0xb8, 0x91, -+ 0x37, 0x18, 0x99, 0xcf, 0x8c, 0x53, 0x3b, 0x7e -+}; -+ -+/* HMAC SHA-256 No PR */ -+__fips_constseg static const unsigned char hmac_sha256_entropyinput[] = { -+ 0x96, 0xb7, 0x53, 0x22, 0x1e, 0x52, 0x2a, 0x96, 0xb1, 0x15, 0x3c, 0x35, -+ 0x5a, 0x8b, 0xd3, 0x4a, 0xa6, 0x6c, 0x83, 0x0a, 0x7d, 0xa3, 0x23, 0x3d, -+ 0x43, 0xa1, 0x07, 0x2c, 0x2d, 0xe3, 0x81, 0xcc -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_nonce[] = { -+ 0xf1, 0xac, 0x97, 0xcb, 0x5e, 0x06, 0x48, 0xd2, 0x94, 0xbe, 0x15, 0x2e, -+ 0xc7, 0xfc, 0xc2, 0x01 -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha256_personalizationstring[] = { -+ 0x98, 0xc5, 0x1e, 0x35, 0x5e, 0x89, 0x0d, 0xce, 0x64, 0x6d, 0x18, 0xa7, -+ 0x5a, 0xc6, 0xf3, 0xe7, 0xd6, 0x9e, 0xc0, 0xea, 0xb7, 0x3a, 0x8d, 0x65, -+ 0xb8, 0xeb, 0x10, 0xd7, 0x57, 0x18, 0xa0, 0x32 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_additionalinput[] = { -+ 0x1b, 0x10, 0xaf, 0xac, 0xd0, 0x65, 0x95, 0xad, 0x04, 0xad, 0x03, 0x1c, -+ 0xe0, 0x40, 0xd6, 0x3e, 0x1c, 0x46, 0x53, 0x39, 0x7c, 0xe2, 0xbc, 0xda, -+ 0x8c, 0xa2, 0x33, 0xa7, 0x9a, 0x26, 0xd3, 0x27 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_int_returnedbits[] = { -+ 0xba, 0x61, 0x0e, 0x55, 0xfe, 0x11, 0x8a, 0x9e, 0x0f, 0x80, 0xdf, 0x1d, -+ 0x03, 0x0a, 0xfe, 0x15, 0x94, 0x28, 0x4b, 0xba, 0xf4, 0x9f, 0x51, 0x25, -+ 0x88, 0xe5, 0x4e, 0xfb, 0xaf, 0xce, 0x69, 0x90 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_entropyinputreseed[] = { -+ 0x62, 0x7f, 0x1e, 0x6b, 0xe8, 0x8e, 0xe1, 0x35, 0x7d, 0x9b, 0x4f, 0xc7, -+ 0xec, 0xc8, 0xac, 0xef, 0x6b, 0x13, 0x9e, 0x05, 0x56, 0xc1, 0x08, 0xf9, -+ 0x2f, 0x0f, 0x27, 0x9c, 0xd4, 0x15, 0xed, 0x2d -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha256_additionalinputreseed[] = { -+ 0xc7, 0x76, 0x6e, 0xa9, 0xd2, 0xb2, 0x76, 0x40, 0x82, 0x25, 0x2c, 0xb3, -+ 0x6f, 0xac, 0xe9, 0x74, 0xef, 0x8f, 0x3c, 0x8e, 0xcd, 0xf1, 0xbf, 0xb3, -+ 0x49, 0x77, 0x34, 0x88, 0x52, 0x36, 0xe6, 0x2e -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_additionalinput2[] = { -+ 0x8d, 0xb8, 0x0c, 0xd1, 0xbf, 0x70, 0xf6, 0x19, 0xc3, 0x41, 0x80, 0x9f, -+ 0xe1, 0xa5, 0xa4, 0x1f, 0x2c, 0x26, 0xb1, 0xe5, 0xd8, 0xeb, 0xbe, 0xf8, -+ 0xdf, 0x88, 0x6a, 0x89, 0xd6, 0x05, 0xd8, 0x9d -+}; -+ -+__fips_constseg static const unsigned char hmac_sha256_returnedbits[] = { -+ 0x43, 0x12, 0x2a, 0x2c, 0x40, 0x53, 0x2e, 0x7c, 0x66, 0x34, 0xac, 0xc3, -+ 0x43, 0xe3, 0xe0, 0x6a, 0xfc, 0xfa, 0xea, 0x87, 0x21, 0x1f, 0xe2, 0x26, -+ 0xc4, 0xf9, 0x09, 0x9a, 0x0d, 0x6e, 0x7f, 0xe0 -+}; -+ -+/* HMAC SHA-384 PR */ -+__fips_constseg static const unsigned char hmac_sha384_pr_entropyinput[] = { -+ 0x69, 0x81, 0x98, 0x88, 0x44, 0xf5, 0xd6, 0x2e, 0x00, 0x08, 0x3b, 0xc5, -+ 0xfb, 0xd7, 0x8e, 0x6f, 0x23, 0xf8, 0x6d, 0x09, 0xd6, 0x85, 0x49, 0xd1, -+ 0xf8, 0x6d, 0xa4, 0x58, 0x54, 0xfd, 0x88, 0xa9 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_pr_nonce[] = { -+ 0x6e, 0x38, 0x81, 0xca, 0xb7, 0xe8, 0x6e, 0x66, 0x49, 0x8a, 0xb2, 0x59, -+ 0xee, 0x16, 0xc9, 0xde -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha384_pr_personalizationstring[] = { -+ 0xfe, 0x4c, 0xd9, 0xf4, 0x78, 0x3b, 0x08, 0x41, 0x8d, 0x8f, 0x55, 0xc4, -+ 0x43, 0x56, 0xb6, 0x12, 0x36, 0x6b, 0x30, 0xb7, 0x5e, 0xe1, 0xb9, 0x47, -+ 0x04, 0xb1, 0x4e, 0xa9, 0x00, 0xa1, 0x52, 0xa1 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_pr_additionalinput[] = { -+ 0x89, 0xe9, 0xcc, 0x8f, 0x27, 0x3c, 0x26, 0xd1, 0x95, 0xc8, 0x7d, 0x0f, -+ 0x5b, 0x1a, 0xf0, 0x78, 0x39, 0x56, 0x6f, 0xa4, 0x23, 0xe7, 0xd1, 0xda, -+ 0x7c, 0x66, 0x33, 0xa0, 0x90, 0xc9, 0x92, 0x88 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_pr_entropyinputpr[] = { -+ 0xbe, 0x3d, 0x7c, 0x0d, 0xca, 0xda, 0x7c, 0x49, 0xb8, 0x12, 0x36, 0xc0, -+ 0xdb, 0xad, 0x35, 0xa8, 0xc7, 0x0b, 0x2a, 0x2c, 0x69, 0x6d, 0x25, 0x56, -+ 0x63, 0x82, 0x11, 0x3e, 0xa7, 0x33, 0x70, 0x72 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_pr_int_returnedbits[] = { -+ 0x82, 0x3d, 0xe6, 0x54, 0x80, 0x42, 0xf8, 0xba, 0x90, 0x4f, 0x06, 0xa6, -+ 0xd2, 0x7f, 0xbf, 0x79, 0x7c, 0x12, 0x7d, 0xa6, 0xa2, 0x66, 0xe8, 0xa6, -+ 0xc0, 0xd6, 0x4a, 0x55, 0xbf, 0xd8, 0x0a, 0xc5, 0xf8, 0x03, 0x88, 0xdd, -+ 0x8e, 0x87, 0xd1, 0x5a, 0x48, 0x26, 0x72, 0x2a, 0x8e, 0xcf, 0xee, 0xba -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_pr_additionalinput2[] = { -+ 0x8f, 0xff, 0xd9, 0x84, 0xbb, 0x85, 0x3a, 0x66, 0xa1, 0x21, 0xce, 0xb2, -+ 0x3a, 0x3a, 0x17, 0x22, 0x19, 0xae, 0xc7, 0xb6, 0x63, 0x81, 0xd5, 0xff, -+ 0x0d, 0xc8, 0xe1, 0xaf, 0x57, 0xd2, 0xcb, 0x60 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_pr_entropyinputpr2[] = { -+ 0xd7, 0xfb, 0xc9, 0xe8, 0xe2, 0xf2, 0xaa, 0x4c, 0xb8, 0x51, 0x2f, 0xe1, -+ 0x22, 0xba, 0xf3, 0xda, 0x0a, 0x19, 0x76, 0x71, 0x57, 0xb2, 0x1d, 0x94, -+ 0x09, 0x69, 0x6c, 0xd3, 0x97, 0x51, 0x81, 0x87 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_pr_returnedbits[] = { -+ 0xe6, 0x19, 0x28, 0xa8, 0x21, 0xce, 0x5e, 0xdb, 0x24, 0x79, 0x8c, 0x76, -+ 0x5d, 0x73, 0xb2, 0xdf, 0xac, 0xef, 0x85, 0xa7, 0x3b, 0x19, 0x09, 0x8b, -+ 0x7f, 0x98, 0x28, 0xa9, 0x93, 0xd8, 0x7a, 0xad, 0x55, 0x8b, 0x24, 0x9d, -+ 0xe6, 0x98, 0xfe, 0x47, 0xd5, 0x48, 0xc1, 0x23, 0xd8, 0x1d, 0x62, 0x75 -+}; -+ -+/* HMAC SHA-384 No PR */ -+__fips_constseg static const unsigned char hmac_sha384_entropyinput[] = { -+ 0xc3, 0x56, 0x2b, 0x1d, 0xc2, 0xbb, 0xa8, 0xf0, 0xae, 0x1b, 0x0d, 0xd3, -+ 0x5a, 0x6c, 0xda, 0x57, 0x8e, 0xa5, 0x8a, 0x0d, 0x6c, 0x4b, 0x18, 0xb1, -+ 0x04, 0x3e, 0xb4, 0x99, 0x35, 0xc4, 0xc0, 0x5f -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_nonce[] = { -+ 0xc5, 0x49, 0x1e, 0x66, 0x27, 0x92, 0xbe, 0xec, 0xb5, 0x1e, 0x4b, 0xb1, -+ 0x38, 0xe3, 0xeb, 0x62 -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha384_personalizationstring[] = { -+ 0xbe, 0xe7, 0x6b, 0x57, 0xde, 0x88, 0x11, 0x96, 0x9b, 0x6e, 0xea, 0xe5, -+ 0x63, 0x83, 0x4c, 0xb6, 0x8d, 0x66, 0xaa, 0x1f, 0x8b, 0x54, 0xe7, 0x62, -+ 0x6d, 0x5a, 0xfc, 0xbf, 0x97, 0xba, 0xcd, 0x77 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_additionalinput[] = { -+ 0xe5, 0x28, 0x5f, 0x43, 0xf5, 0x83, 0x6e, 0x0a, 0x83, 0x5c, 0xe3, 0x81, -+ 0x03, 0xf2, 0xf8, 0x78, 0x00, 0x7c, 0x95, 0x87, 0x16, 0xd6, 0x6c, 0x58, -+ 0x33, 0x6c, 0x53, 0x35, 0x0d, 0x66, 0xe3, 0xce -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_int_returnedbits[] = { -+ 0xe2, 0x1f, 0xf3, 0xda, 0x0d, 0x19, 0x99, 0x87, 0xc4, 0x90, 0xa2, 0x31, -+ 0xca, 0x2a, 0x89, 0x58, 0x43, 0x44, 0xb8, 0xde, 0xcf, 0xa4, 0xbe, 0x3b, -+ 0x53, 0x26, 0x22, 0x31, 0x76, 0x41, 0x22, 0xb5, 0xa8, 0x70, 0x2f, 0x4b, -+ 0x64, 0x95, 0x4d, 0x48, 0x96, 0x35, 0xe6, 0xbd, 0x3c, 0x34, 0xdb, 0x1b -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_entropyinputreseed[] = { -+ 0x77, 0x61, 0xba, 0xbc, 0xf2, 0xc1, 0xf3, 0x4b, 0x86, 0x65, 0xfd, 0x48, -+ 0x0e, 0x3c, 0x02, 0x5e, 0xa2, 0x7a, 0x6b, 0x7c, 0xed, 0x21, 0x5e, 0xf9, -+ 0xcd, 0xcd, 0x77, 0x07, 0x2b, 0xbe, 0xc5, 0x5c -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha384_additionalinputreseed[] = { -+ 0x18, 0x24, 0x5f, 0xc6, 0x84, 0xd1, 0x67, 0xc3, 0x9a, 0x11, 0xa5, 0x8c, -+ 0x07, 0x39, 0x21, 0x83, 0x4d, 0x04, 0xc4, 0x6a, 0x28, 0x19, 0xcf, 0x92, -+ 0x21, 0xd9, 0x9e, 0x41, 0x72, 0x6c, 0x9e, 0x63 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_additionalinput2[] = { -+ 0x96, 0x67, 0x41, 0x28, 0x9b, 0xb7, 0x92, 0x8d, 0x64, 0x3b, 0xe4, 0xcf, -+ 0x7e, 0xaa, 0x1e, 0xb1, 0x4b, 0x1d, 0x09, 0x56, 0x67, 0x9c, 0xc6, 0x6d, -+ 0x3b, 0xe8, 0x91, 0x9d, 0xe1, 0x8a, 0xb7, 0x32 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha384_returnedbits[] = { -+ 0xe3, 0x59, 0x61, 0x38, 0x92, 0xec, 0xe2, 0x3c, 0xff, 0xb7, 0xdb, 0x19, -+ 0x0f, 0x5b, 0x93, 0x68, 0x0d, 0xa4, 0x94, 0x40, 0x72, 0x0b, 0xe0, 0xed, -+ 0x4d, 0xcd, 0x68, 0xa0, 0x1e, 0xfe, 0x67, 0xb2, 0xfa, 0x21, 0x56, 0x74, -+ 0xa4, 0xad, 0xcf, 0xb7, 0x60, 0x66, 0x2e, 0x40, 0xde, 0x82, 0xca, 0xfb -+}; -+ -+/* HMAC SHA-512 PR */ -+__fips_constseg static const unsigned char hmac_sha512_pr_entropyinput[] = { -+ 0xaa, 0x9e, 0x45, 0x67, 0x0e, 0x00, 0x2a, 0x67, 0x98, 0xd6, 0xda, 0x0b, -+ 0x0f, 0x17, 0x7e, 0xac, 0xfd, 0x27, 0xc4, 0xca, 0x84, 0xdf, 0xde, 0xba, -+ 0x85, 0xd9, 0xbe, 0x8f, 0xf3, 0xff, 0x91, 0x4d -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_pr_nonce[] = { -+ 0x8c, 0x49, 0x2f, 0x58, 0x1e, 0x7a, 0xda, 0x4b, 0x7e, 0x8a, 0x30, 0x7b, -+ 0x86, 0xea, 0xaf, 0xa2 -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha512_pr_personalizationstring[] = { -+ 0x71, 0xe1, 0xbb, 0xad, 0xa7, 0x4b, 0x2e, 0x31, 0x3b, 0x0b, 0xec, 0x24, -+ 0x99, 0x38, 0xbc, 0xaa, 0x05, 0x4c, 0x46, 0x44, 0xfa, 0xad, 0x8e, 0x02, -+ 0xc1, 0x7e, 0xad, 0xec, 0x54, 0xa6, 0xd0, 0xad -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_pr_additionalinput[] = { -+ 0x3d, 0x6e, 0xa6, 0xa8, 0x29, 0x2a, 0xb2, 0xf5, 0x98, 0x42, 0xe4, 0x92, -+ 0x78, 0x22, 0x67, 0xfd, 0x1b, 0x15, 0x1e, 0x29, 0xaa, 0x71, 0x3c, 0x3c, -+ 0xe7, 0x05, 0x20, 0xa9, 0x29, 0xc6, 0x75, 0x71 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_pr_entropyinputpr[] = { -+ 0xab, 0xb9, 0x16, 0xd8, 0x55, 0x35, 0x54, 0xb7, 0x97, 0x3f, 0x94, 0xbc, -+ 0x2f, 0x7c, 0x70, 0xc7, 0xd0, 0xed, 0xb7, 0x4b, 0xf7, 0xf6, 0x6c, 0x03, -+ 0x0c, 0xb0, 0x03, 0xd8, 0xbb, 0x71, 0xd9, 0x10 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_pr_int_returnedbits[] = { -+ 0x8e, 0xd3, 0xfd, 0x52, 0x9e, 0x83, 0x08, 0x49, 0x18, 0x6e, 0x23, 0x56, -+ 0x5c, 0x45, 0x93, 0x34, 0x05, 0xe2, 0x98, 0x8f, 0x0c, 0xd4, 0x32, 0x0c, -+ 0xfd, 0xda, 0x5f, 0x92, 0x3a, 0x8c, 0x81, 0xbd, 0xf6, 0x6c, 0x55, 0xfd, -+ 0xb8, 0x20, 0xce, 0x8d, 0x97, 0x27, 0xe8, 0xe8, 0xe0, 0xb3, 0x85, 0x50, -+ 0xa2, 0xc2, 0xb2, 0x95, 0x1d, 0x48, 0xd3, 0x7b, 0x4b, 0x78, 0x13, 0x35, -+ 0x05, 0x17, 0xbe, 0x0d -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_pr_additionalinput2[] = { -+ 0xc3, 0xfc, 0x95, 0xaa, 0x69, 0x06, 0xae, 0x59, 0x41, 0xce, 0x26, 0x08, -+ 0x29, 0x6d, 0x45, 0xda, 0xe8, 0xb3, 0x6c, 0x95, 0x60, 0x0f, 0x70, 0x2c, -+ 0x10, 0xba, 0x38, 0x8c, 0xcf, 0x29, 0x99, 0xaa -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_pr_entropyinputpr2[] = { -+ 0x3b, 0x9a, 0x25, 0xce, 0xd7, 0xf9, 0x5c, 0xd1, 0x3a, 0x3e, 0xaa, 0x71, -+ 0x14, 0x3e, 0x19, 0xe8, 0xce, 0xe6, 0xfe, 0x51, 0x84, 0xe9, 0x1b, 0xfe, -+ 0x3f, 0xa7, 0xf2, 0xfd, 0x76, 0x5f, 0x6a, 0xe7 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_pr_returnedbits[] = { -+ 0xb7, 0x82, 0xa9, 0x57, 0x81, 0x67, 0x53, 0xb5, 0xa1, 0xe9, 0x3d, 0x35, -+ 0xf9, 0xe4, 0x97, 0xbe, 0xa6, 0xca, 0xf1, 0x01, 0x13, 0x09, 0xe7, 0x21, -+ 0xc0, 0xed, 0x93, 0x5d, 0x4b, 0xf4, 0xeb, 0x8d, 0x53, 0x25, 0x8a, 0xc4, -+ 0xb1, 0x6f, 0x6e, 0x37, 0xcd, 0x2e, 0xac, 0x39, 0xb2, 0xb6, 0x99, 0xa3, -+ 0x82, 0x00, 0xb0, 0x21, 0xf0, 0xc7, 0x2f, 0x4c, 0x73, 0x92, 0xfd, 0x00, -+ 0xb6, 0xaf, 0xbc, 0xd3 -+}; -+ -+/* HMAC SHA-512 No PR */ -+__fips_constseg static const unsigned char hmac_sha512_entropyinput[] = { -+ 0x6e, 0x85, 0xe6, 0x25, 0x96, 0x29, 0xa7, 0x52, 0x5b, 0x60, 0xba, 0xaa, -+ 0xde, 0xdb, 0x36, 0x0a, 0x51, 0x9a, 0x15, 0xae, 0x6e, 0x18, 0xd3, 0xfe, -+ 0x39, 0xb9, 0x4a, 0x96, 0xf8, 0x77, 0xcb, 0x95 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_nonce[] = { -+ 0xe0, 0xa6, 0x5d, 0x08, 0xc3, 0x7c, 0xae, 0x25, 0x2e, 0x80, 0xd1, 0x3e, -+ 0xd9, 0xaf, 0x43, 0x3c -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha512_personalizationstring[] = { -+ 0x53, 0x99, 0x52, 0x5f, 0x11, 0xa9, 0x64, 0x66, 0x20, 0x5e, 0x1b, 0x5f, -+ 0x42, 0xb3, 0xf4, 0xda, 0xed, 0xbb, 0x63, 0xc1, 0x23, 0xaf, 0xd0, 0x01, -+ 0x90, 0x3b, 0xd0, 0x78, 0xe4, 0x0b, 0xa7, 0x20 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_additionalinput[] = { -+ 0x85, 0x90, 0x80, 0xd3, 0x98, 0xf1, 0x53, 0x6d, 0x68, 0x15, 0x8f, 0xe5, -+ 0x60, 0x3f, 0x17, 0x29, 0x55, 0x8d, 0x33, 0xb1, 0x45, 0x64, 0x64, 0x8d, -+ 0x50, 0x21, 0x89, 0xae, 0xf6, 0xfd, 0x32, 0x73 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_int_returnedbits[] = { -+ 0x28, 0x56, 0x30, 0x6f, 0xf4, 0xa1, 0x48, 0xe0, 0xc9, 0xf5, 0x75, 0x90, -+ 0xcc, 0xfb, 0xdf, 0xdf, 0x71, 0x3d, 0x0a, 0x9a, 0x03, 0x65, 0x3b, 0x18, -+ 0x61, 0xe3, 0xd1, 0xda, 0xcc, 0x4a, 0xfe, 0x55, 0x38, 0xf8, 0x21, 0x6b, -+ 0xfa, 0x18, 0x01, 0x42, 0x39, 0x2f, 0x99, 0x53, 0x38, 0x15, 0x82, 0x34, -+ 0xc5, 0x93, 0x92, 0xbc, 0x4d, 0x75, 0x1a, 0x5f, 0x21, 0x27, 0xcc, 0xa1, -+ 0xb1, 0x57, 0x69, 0xe8 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_entropyinputreseed[] = { -+ 0x8c, 0x52, 0x7e, 0x77, 0x72, 0x3f, 0xa3, 0x04, 0x97, 0x10, 0x9b, 0x41, -+ 0xbd, 0xe8, 0xff, 0x89, 0xed, 0x80, 0xe3, 0xbd, 0xaa, 0x12, 0x2d, 0xca, -+ 0x75, 0x82, 0x36, 0x77, 0x88, 0xcd, 0xa6, 0x73 -+}; -+ -+__fips_constseg -+ static const unsigned char hmac_sha512_additionalinputreseed[] = { -+ 0x7e, 0x32, 0xe3, 0x69, 0x69, 0x07, 0x34, 0xa2, 0x16, 0xa2, 0x5d, 0x1a, -+ 0x10, 0x91, 0xd3, 0xe2, 0x21, 0xa2, 0xa3, 0xdd, 0xcd, 0x0c, 0x09, 0x86, -+ 0x11, 0xe1, 0x50, 0xff, 0x5c, 0xb7, 0xeb, 0x5c -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_additionalinput2[] = { -+ 0x7f, 0x78, 0x66, 0xd8, 0xfb, 0x67, 0xcf, 0x8d, 0x8c, 0x08, 0x30, 0xa5, -+ 0xf8, 0x7d, 0xcf, 0x44, 0x59, 0xce, 0xf8, 0xdf, 0x58, 0xd3, 0x60, 0xcb, -+ 0xa8, 0x60, 0xb9, 0x07, 0xc4, 0xb1, 0x95, 0x48 -+}; -+ -+__fips_constseg static const unsigned char hmac_sha512_returnedbits[] = { -+ 0xdf, 0xa7, 0x36, 0xd4, 0xdc, 0x5d, 0x4d, 0x31, 0xad, 0x69, 0x46, 0x9f, -+ 0xf1, 0x7c, 0xd7, 0x3b, 0x4f, 0x55, 0xf2, 0xd7, 0xb9, 0x9d, 0xad, 0x7a, -+ 0x79, 0x08, 0x59, 0xa5, 0xdc, 0x74, 0xf5, 0x9b, 0x73, 0xd2, 0x13, 0x25, -+ 0x0b, 0x81, 0x08, 0x08, 0x25, 0xfb, 0x39, 0xf2, 0xf0, 0xa3, 0xa4, 0x8d, -+ 0xef, 0x05, 0x9e, 0xb8, 0xc7, 0x52, 0xe4, 0x0e, 0x42, 0xaa, 0x7c, 0x79, -+ 0xc2, 0xd6, 0xfd, 0xa5 -+}; -diff -up openssl-1.1.1j/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_dsa_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_dsa_selftest.c.fips 2021-03-03 12:57:42.200734534 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_dsa_selftest.c 2021-03-03 12:57:42.200734534 +0100 -@@ -0,0 +1,195 @@ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+#include "crypto/fips.h" -+#include -+#include -+#include -+#include "fips_locl.h" -+ -+#ifdef OPENSSL_FIPS -+ -+static const unsigned char dsa_test_2048_p[] = { -+ 0xa8, 0x53, 0x78, 0xd8, 0xfd, 0x3f, 0x8d, 0x72, 0xec, 0x74, 0x18, 0x08, -+ 0x0d, 0xa2, 0x13, 0x17, 0xe4, 0x3e, 0xc4, 0xb6, 0x2b, 0xa8, 0xc8, 0x62, -+ 0x3b, 0x7e, 0x4d, 0x04, 0x44, 0x1d, 0xd1, 0xa0, 0x65, 0x86, 0x62, 0x59, -+ 0x64, 0x93, 0xca, 0x8e, 0x9e, 0x8f, 0xbb, 0x7e, 0x34, 0xaa, 0xdd, 0xb6, -+ 0x2e, 0x5d, 0x67, 0xb6, 0xd0, 0x9a, 0x6e, 0x61, 0xb7, 0x69, 0xe7, 0xc3, -+ 0x52, 0xaa, 0x2b, 0x10, 0xe2, 0x0c, 0xa0, 0x63, 0x69, 0x63, 0xb5, 0x52, -+ 0x3e, 0x86, 0x47, 0x0d, 0xec, 0xbb, 0xed, 0xa0, 0x27, 0xe7, 0x97, 0xe7, -+ 0xb6, 0x76, 0x35, 0xd4, 0xd4, 0x9c, 0x30, 0x70, 0x0e, 0x74, 0xaf, 0x8a, -+ 0x0f, 0xf1, 0x56, 0xa8, 0x01, 0xaf, 0x57, 0xa2, 0x6e, 0x70, 0x78, 0xf1, -+ 0xd8, 0x2f, 0x74, 0x90, 0x8e, 0xcb, 0x6d, 0x07, 0xe7, 0x0b, 0x35, 0x03, -+ 0xee, 0xd9, 0x4f, 0xa3, 0x2c, 0xf1, 0x7a, 0x7f, 0xc3, 0xd6, 0xcf, 0x40, -+ 0xdc, 0x7b, 0x00, 0x83, 0x0e, 0x6a, 0x25, 0x66, 0xdc, 0x07, 0x3e, 0x34, -+ 0x33, 0x12, 0x51, 0x7c, 0x6a, 0xa5, 0x15, 0x2b, 0x4b, 0xfe, 0xcd, 0x2e, -+ 0x55, 0x1f, 0xee, 0x34, 0x63, 0x18, 0xa1, 0x53, 0x42, 0x3c, 0x99, 0x6b, -+ 0x0d, 0x5d, 0xcb, 0x91, 0x02, 0xae, 0xdd, 0x38, 0x79, 0x86, 0x16, 0xf1, -+ 0xf1, 0xe0, 0xd6, 0xc4, 0x03, 0x52, 0x5b, 0x1f, 0x9b, 0x3d, 0x4d, 0xc7, -+ 0x66, 0xde, 0x2d, 0xfc, 0x4a, 0x56, 0xd7, 0xb8, 0xba, 0x59, 0x63, 0xd6, -+ 0x0f, 0x3e, 0x16, 0x31, 0x88, 0x70, 0xad, 0x43, 0x69, 0x52, 0xe5, 0x57, -+ 0x65, 0x37, 0x4e, 0xab, 0x85, 0xe8, 0xec, 0x17, 0xd6, 0xb9, 0xa4, 0x54, -+ 0x7b, 0x9b, 0x5f, 0x27, 0x52, 0xf3, 0x10, 0x5b, 0xe8, 0x09, 0xb2, 0x3a, -+ 0x2c, 0x8d, 0x74, 0x69, 0xdb, 0x02, 0xe2, 0x4d, 0x59, 0x23, 0x94, 0xa7, -+ 0xdb, 0xa0, 0x69, 0xe9 -+}; -+ -+static const unsigned char dsa_test_2048_q[] = { -+ 0xd2, 0x77, 0x04, 0x4e, 0x50, 0xf5, 0xa4, 0xe3, 0xf5, 0x10, 0xa5, 0x0a, -+ 0x0b, 0x84, 0xfd, 0xff, 0xbc, 0xa0, 0x47, 0xed, 0x27, 0x60, 0x20, 0x56, -+ 0x74, 0x41, 0xa0, 0xa5 -+}; -+ -+static const unsigned char dsa_test_2048_g[] = { -+ 0x13, 0xd7, 0x54, 0xe2, 0x1f, 0xd2, 0x41, 0x65, 0x5d, 0xa8, 0x91, 0xc5, -+ 0x22, 0xa6, 0x5a, 0x72, 0xa8, 0x9b, 0xdc, 0x64, 0xec, 0x9b, 0x54, 0xa8, -+ 0x21, 0xed, 0x4a, 0x89, 0x8b, 0x49, 0x0e, 0x0c, 0x4f, 0xcb, 0x72, 0x19, -+ 0x2a, 0x4a, 0x20, 0xf5, 0x41, 0xf3, 0xf2, 0x92, 0x53, 0x99, 0xf0, 0xba, -+ 0xec, 0xf9, 0x29, 0xaa, 0xfb, 0xf7, 0x9d, 0xfe, 0x43, 0x32, 0x39, 0x3b, -+ 0x32, 0xcd, 0x2e, 0x2f, 0xcf, 0x27, 0x2f, 0x32, 0xa6, 0x27, 0x43, 0x4a, -+ 0x0d, 0xf2, 0x42, 0xb7, 0x5b, 0x41, 0x4d, 0xf3, 0x72, 0x12, 0x1e, 0x53, -+ 0xa5, 0x53, 0xf2, 0x22, 0xf8, 0x36, 0xb0, 0x00, 0xf0, 0x16, 0x48, 0x5b, -+ 0x6b, 0xd0, 0x89, 0x84, 0x51, 0x80, 0x1d, 0xcd, 0x8d, 0xe6, 0x4c, 0xd5, -+ 0x36, 0x56, 0x96, 0xff, 0xc5, 0x32, 0xd5, 0x28, 0xc5, 0x06, 0x62, 0x0a, -+ 0x94, 0x2a, 0x03, 0x05, 0x04, 0x6d, 0x8f, 0x18, 0x76, 0x34, 0x1f, 0x1e, -+ 0x57, 0x0b, 0xc3, 0x97, 0x4b, 0xa6, 0xb9, 0xa4, 0x38, 0xe9, 0x70, 0x23, -+ 0x02, 0xa2, 0xe6, 0xe6, 0x7b, 0xfd, 0x06, 0xd3, 0x2b, 0xc6, 0x79, 0x96, -+ 0x22, 0x71, 0xd7, 0xb4, 0x0c, 0xd7, 0x2f, 0x38, 0x6e, 0x64, 0xe0, 0xd7, -+ 0xef, 0x86, 0xca, 0x8c, 0xa5, 0xd1, 0x42, 0x28, 0xdc, 0x2a, 0x4f, 0x16, -+ 0xe3, 0x18, 0x98, 0x86, 0xb5, 0x99, 0x06, 0x74, 0xf4, 0x20, 0x0f, 0x3a, -+ 0x4c, 0xf6, 0x5a, 0x3f, 0x0d, 0xdb, 0xa1, 0xfa, 0x67, 0x2d, 0xff, 0x2f, -+ 0x5e, 0x14, 0x3d, 0x10, 0xe4, 0xe9, 0x7a, 0xe8, 0x4f, 0x6d, 0xa0, 0x95, -+ 0x35, 0xd5, 0xb9, 0xdf, 0x25, 0x91, 0x81, 0xa7, 0x9b, 0x63, 0xb0, 0x69, -+ 0xe9, 0x49, 0x97, 0x2b, 0x02, 0xba, 0x36, 0xb3, 0x58, 0x6a, 0xab, 0x7e, -+ 0x45, 0xf3, 0x22, 0xf8, 0x2e, 0x4e, 0x85, 0xca, 0x3a, 0xb8, 0x55, 0x91, -+ 0xb3, 0xc2, 0xa9, 0x66 -+}; -+ -+static const unsigned char dsa_test_2048_pub_key[] = { -+ 0x24, 0x52, 0xf3, 0xcc, 0xbe, 0x9e, 0xd5, 0xca, 0x7d, 0xc7, 0x4c, 0x60, -+ 0x2b, 0x99, 0x22, 0x6e, 0x8f, 0x2f, 0xab, 0x38, 0xe7, 0xd7, 0xdd, 0xfb, -+ 0x75, 0x53, 0x9b, 0x17, 0x15, 0x5e, 0x9f, 0xcf, 0xd1, 0xab, 0xa5, 0x64, -+ 0xeb, 0x85, 0x35, 0xd8, 0x12, 0xc9, 0xc2, 0xdc, 0xf9, 0x72, 0x84, 0x44, -+ 0x1b, 0xc4, 0x82, 0x24, 0x36, 0x24, 0xc7, 0xf4, 0x57, 0x58, 0x0c, 0x1c, -+ 0x38, 0xa5, 0x7c, 0x46, 0xc4, 0x57, 0x39, 0x24, 0x70, 0xed, 0xb5, 0x2c, -+ 0xb5, 0xa6, 0xe0, 0x3f, 0xe6, 0x28, 0x7b, 0xb6, 0xf4, 0x9a, 0x42, 0xa2, -+ 0x06, 0x5a, 0x05, 0x4f, 0x03, 0x08, 0x39, 0xdf, 0x1f, 0xd3, 0x14, 0x9c, -+ 0x4c, 0xa0, 0x53, 0x1d, 0xd8, 0xca, 0x8a, 0xaa, 0x9c, 0xc7, 0x33, 0x71, -+ 0x93, 0x38, 0x73, 0x48, 0x33, 0x61, 0x18, 0x22, 0x45, 0x45, 0xe8, 0x8c, -+ 0x80, 0xff, 0xd8, 0x76, 0x5d, 0x74, 0x36, 0x03, 0x33, 0xcc, 0xab, 0x99, -+ 0x72, 0x77, 0x9b, 0x65, 0x25, 0xa6, 0x5b, 0xdd, 0x0d, 0x10, 0xc6, 0x75, -+ 0xc1, 0x09, 0xbb, 0xd3, 0xe5, 0xbe, 0x4d, 0x72, 0xef, 0x6e, 0xba, 0x6e, -+ 0x43, 0x8d, 0x52, 0x26, 0x23, 0x7d, 0xb8, 0x88, 0x37, 0x9c, 0x5f, 0xcc, -+ 0x47, 0xa3, 0x84, 0x7f, 0xf6, 0x37, 0x11, 0xba, 0xed, 0x6d, 0x03, 0xaf, -+ 0xe8, 0x1e, 0x69, 0x4a, 0x41, 0x3b, 0x68, 0x0b, 0xd3, 0x8a, 0xb4, 0x90, -+ 0x3f, 0x83, 0x70, 0xa7, 0x07, 0xef, 0x55, 0x1d, 0x49, 0x41, 0x02, 0x6d, -+ 0x95, 0x79, 0xd6, 0x91, 0xde, 0x8e, 0xda, 0xa1, 0x61, 0x05, 0xeb, 0x9d, -+ 0xba, 0x3c, 0x2f, 0x4c, 0x1b, 0xec, 0x50, 0x82, 0x75, 0xaa, 0x02, 0x07, -+ 0xe2, 0x51, 0xb5, 0xec, 0xcb, 0x28, 0x6a, 0x4b, 0x01, 0xd4, 0x49, 0xd3, -+ 0x0a, 0xcb, 0x67, 0x37, 0x17, 0xa0, 0xd2, 0xfb, 0x3b, 0x50, 0xc8, 0x93, -+ 0xf7, 0xda, 0xb1, 0x4f -+}; -+ -+static const unsigned char dsa_test_2048_priv_key[] = { -+ 0x0c, 0x4b, 0x30, 0x89, 0xd1, 0xb8, 0x62, 0xcb, 0x3c, 0x43, 0x64, 0x91, -+ 0xf0, 0x91, 0x54, 0x70, 0xc5, 0x27, 0x96, 0xe3, 0xac, 0xbe, 0xe8, 0x00, -+ 0xec, 0x55, 0xf6, 0xcc -+}; -+ -+int FIPS_selftest_dsa() -+{ -+ DSA *dsa = NULL; -+ EVP_PKEY *pk = NULL; -+ int ret = 0; -+ BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL; -+ -+ fips_load_key_component(p, dsa_test_2048); -+ fips_load_key_component(q, dsa_test_2048); -+ fips_load_key_component(g, dsa_test_2048); -+ fips_load_key_component(pub_key, dsa_test_2048); -+ fips_load_key_component(priv_key, dsa_test_2048); -+ -+ dsa = DSA_new(); -+ -+ if (dsa == NULL) -+ goto err; -+ -+ DSA_set0_pqg(dsa, p, q, g); -+ -+ DSA_set0_key(dsa, pub_key, priv_key); -+ -+ if ((pk = EVP_PKEY_new()) == NULL) -+ goto err; -+ -+ EVP_PKEY_assign_DSA(pk, dsa); -+ -+ if (!fips_pkey_signature_test(pk, NULL, 0, -+ NULL, 0, EVP_sha256(), 0, "DSA SHA256")) -+ goto err; -+ ret = 1; -+ -+ err: -+ if (pk) -+ EVP_PKEY_free(pk); -+ else if (dsa) -+ DSA_free(dsa); -+ else { -+ BN_free(p); -+ BN_free(q); -+ BN_free(g); -+ BN_free(pub_key); -+ BN_free(priv_key); -+ } -+ return ret; -+} -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_ecdh_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_ecdh_selftest.c.fips 2021-03-03 12:57:42.200734534 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_ecdh_selftest.c 2021-03-03 12:57:42.200734534 +0100 -@@ -0,0 +1,242 @@ -+/* fips/ecdh/fips_ecdh_selftest.c */ -+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -+ * project 2011. -+ */ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * licensing@OpenSSL.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ * -+ */ -+ -+#define OPENSSL_FIPSAPI -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#ifdef OPENSSL_FIPS -+ -+# include "fips_locl.h" -+ -+static const unsigned char p256_qcavsx[] = { -+ 0x52, 0xc6, 0xa5, 0x75, 0xf3, 0x04, 0x98, 0xb3, 0x29, 0x66, 0x0c, 0x62, -+ 0x18, 0x60, 0x55, 0x41, 0x59, 0xd4, 0x60, 0x85, 0x99, 0xc1, 0x51, 0x13, -+ 0x6f, 0x97, 0x85, 0x93, 0x33, 0x34, 0x07, 0x50 -+}; -+ -+static const unsigned char p256_qcavsy[] = { -+ 0x6f, 0x69, 0x24, 0xeb, 0xe9, 0x3b, 0xa7, 0xcc, 0x47, 0x17, 0xaa, 0x3f, -+ 0x70, 0xfc, 0x10, 0x73, 0x0a, 0xcd, 0x21, 0xee, 0x29, 0x19, 0x1f, 0xaf, -+ 0xb4, 0x1c, 0x1e, 0xc2, 0x8e, 0x97, 0x81, 0x6e -+}; -+ -+static const unsigned char p256_qiutx[] = { -+ 0x71, 0x46, 0x88, 0x08, 0x92, 0x21, 0x1b, 0x10, 0x21, 0x74, 0xff, 0x0c, -+ 0x94, 0xde, 0x34, 0x7c, 0x86, 0x74, 0xbe, 0x67, 0x41, 0x68, 0xd4, 0xc1, -+ 0xe5, 0x75, 0x63, 0x9c, 0xa7, 0x46, 0x93, 0x6f -+}; -+ -+static const unsigned char p256_qiuty[] = { -+ 0x33, 0x40, 0xa9, 0x6a, 0xf5, 0x20, 0xb5, 0x9e, 0xfc, 0x60, 0x1a, 0xae, -+ 0x3d, 0xf8, 0x21, 0xd2, 0xa7, 0xca, 0x52, 0x34, 0xb9, 0x5f, 0x27, 0x75, -+ 0x6c, 0x81, 0xbe, 0x32, 0x4d, 0xba, 0xbb, 0xf8 -+}; -+ -+static const unsigned char p256_qiutd[] = { -+ 0x1a, 0x48, 0x55, 0x6b, 0x11, 0xbe, 0x92, 0xd4, 0x1c, 0xd7, 0x45, 0xc3, -+ 0x82, 0x81, 0x51, 0xf1, 0x23, 0x40, 0xb7, 0x83, 0xfd, 0x01, 0x6d, 0xbc, -+ 0xa1, 0x66, 0xaf, 0x0a, 0x03, 0x23, 0xcd, 0xc8 -+}; -+ -+static const unsigned char p256_ziut[] = { -+ 0x77, 0x2a, 0x1e, 0x37, 0xee, 0xe6, 0x51, 0x02, 0x71, 0x40, 0xf8, 0x6a, -+ 0x36, 0xf8, 0x65, 0x61, 0x2b, 0x18, 0x71, 0x82, 0x23, 0xe6, 0xf2, 0x77, -+ 0xce, 0xec, 0xb8, 0x49, 0xc7, 0xbf, 0x36, 0x4f -+}; -+ -+typedef struct { -+ int curve; -+ const unsigned char *x1; -+ size_t x1len; -+ const unsigned char *y1; -+ size_t y1len; -+ const unsigned char *d1; -+ size_t d1len; -+ const unsigned char *x2; -+ size_t x2len; -+ const unsigned char *y2; -+ size_t y2len; -+ const unsigned char *z; -+ size_t zlen; -+} ECDH_SELFTEST_DATA; -+ -+# define make_ecdh_test(nid, pr) { nid, \ -+ pr##_qiutx, sizeof(pr##_qiutx), \ -+ pr##_qiuty, sizeof(pr##_qiuty), \ -+ pr##_qiutd, sizeof(pr##_qiutd), \ -+ pr##_qcavsx, sizeof(pr##_qcavsx), \ -+ pr##_qcavsy, sizeof(pr##_qcavsy), \ -+ pr##_ziut, sizeof(pr##_ziut) } -+ -+static ECDH_SELFTEST_DATA test_ecdh_data[] = { -+ make_ecdh_test(NID_X9_62_prime256v1, p256), -+}; -+ -+int FIPS_selftest_ecdh(void) -+{ -+ EC_KEY *ec1 = NULL, *ec2 = NULL; -+ const EC_POINT *ecp = NULL; -+ BIGNUM *x = NULL, *y = NULL, *d = NULL; -+ unsigned char *ztmp = NULL; -+ int rv = 1; -+ size_t i; -+ -+ for (i = 0; i < sizeof(test_ecdh_data) / sizeof(ECDH_SELFTEST_DATA); i++) { -+ ECDH_SELFTEST_DATA *ecd = test_ecdh_data + i; -+ if (!fips_post_started(FIPS_TEST_ECDH, ecd->curve, 0)) -+ continue; -+ ztmp = OPENSSL_malloc(ecd->zlen); -+ -+ x = BN_bin2bn(ecd->x1, ecd->x1len, x); -+ y = BN_bin2bn(ecd->y1, ecd->y1len, y); -+ d = BN_bin2bn(ecd->d1, ecd->d1len, d); -+ -+ if (!x || !y || !d || !ztmp) { -+ rv = 0; -+ goto err; -+ } -+ -+ ec1 = EC_KEY_new_by_curve_name(ecd->curve); -+ if (!ec1) { -+ rv = 0; -+ goto err; -+ } -+ EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH); -+ -+ if (!EC_KEY_set_public_key_affine_coordinates(ec1, x, y)) { -+ rv = 0; -+ goto err; -+ } -+ -+ if (!EC_KEY_set_private_key(ec1, d)) { -+ rv = 0; -+ goto err; -+ } -+ -+ x = BN_bin2bn(ecd->x2, ecd->x2len, x); -+ y = BN_bin2bn(ecd->y2, ecd->y2len, y); -+ -+ if (!x || !y) { -+ rv = 0; -+ goto err; -+ } -+ -+ ec2 = EC_KEY_new_by_curve_name(ecd->curve); -+ if (!ec2) { -+ rv = 0; -+ goto err; -+ } -+ EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH); -+ -+ if (!EC_KEY_set_public_key_affine_coordinates(ec2, x, y)) { -+ rv = 0; -+ goto err; -+ } -+ -+ ecp = EC_KEY_get0_public_key(ec2); -+ if (!ecp) { -+ rv = 0; -+ goto err; -+ } -+ -+ if (!ECDH_compute_key(ztmp, ecd->zlen, ecp, ec1, 0)) { -+ rv = 0; -+ goto err; -+ } -+ -+ if (!fips_post_corrupt(FIPS_TEST_ECDH, ecd->curve, NULL)) -+ ztmp[0] ^= 0x1; -+ -+ if (memcmp(ztmp, ecd->z, ecd->zlen)) { -+ fips_post_failed(FIPS_TEST_ECDH, ecd->curve, 0); -+ rv = 0; -+ } else if (!fips_post_success(FIPS_TEST_ECDH, ecd->curve, 0)) -+ goto err; -+ -+ EC_KEY_free(ec1); -+ ec1 = NULL; -+ EC_KEY_free(ec2); -+ ec2 = NULL; -+ OPENSSL_free(ztmp); -+ ztmp = NULL; -+ } -+ -+ err: -+ -+ if (x) -+ BN_clear_free(x); -+ if (y) -+ BN_clear_free(y); -+ if (d) -+ BN_clear_free(d); -+ if (ec1) -+ EC_KEY_free(ec1); -+ if (ec2) -+ EC_KEY_free(ec2); -+ if (ztmp) -+ OPENSSL_free(ztmp); -+ -+ return rv; -+ -+} -+ -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_ecdsa_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_ecdsa_selftest.c.fips 2021-03-03 12:57:42.200734534 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_ecdsa_selftest.c 2021-03-03 12:57:42.200734534 +0100 -@@ -0,0 +1,166 @@ -+/* fips/ecdsa/fips_ecdsa_selftest.c */ -+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -+ * project 2011. -+ */ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * licensing@OpenSSL.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ * -+ */ -+ -+#define OPENSSL_FIPSAPI -+ -+#include -+#include -+#include -+#include -+#include -+#include "crypto/fips.h" -+#include -+#include -+#include -+ -+#ifdef OPENSSL_FIPS -+ -+static const char P_256_name[] = "ECDSA P-256"; -+ -+static const unsigned char P_256_d[] = { -+ 0x51, 0xbd, 0x06, 0xa1, 0x1c, 0xda, 0xe2, 0x12, 0x99, 0xc9, 0x52, 0x3f, -+ 0xea, 0xa4, 0xd2, 0xd1, 0xf4, 0x7f, 0xd4, 0x3e, 0xbd, 0xf8, 0xfc, 0x87, -+ 0xdc, 0x82, 0x53, 0x21, 0xee, 0xa0, 0xdc, 0x64 -+}; -+ -+static const unsigned char P_256_qx[] = { -+ 0x23, 0x89, 0xe0, 0xf4, 0x69, 0xe0, 0x49, 0xe5, 0xc7, 0xe5, 0x40, 0x6e, -+ 0x8f, 0x25, 0xdd, 0xad, 0x11, 0x16, 0x14, 0x9b, 0xab, 0x44, 0x06, 0x31, -+ 0xbf, 0x5e, 0xa6, 0x44, 0xac, 0x86, 0x00, 0x07 -+}; -+ -+static const unsigned char P_256_qy[] = { -+ 0xb3, 0x05, 0x0d, 0xd0, 0xdc, 0xf7, 0x40, 0xe6, 0xf9, 0xd8, 0x6d, 0x7b, -+ 0x63, 0xca, 0x97, 0xe6, 0x12, 0xf9, 0xd4, 0x18, 0x59, 0xbe, 0xb2, 0x5e, -+ 0x4a, 0x6a, 0x77, 0x23, 0xf4, 0x11, 0x9d, 0xeb -+}; -+ -+typedef struct { -+ int curve; -+ const char *name; -+ const unsigned char *x; -+ size_t xlen; -+ const unsigned char *y; -+ size_t ylen; -+ const unsigned char *d; -+ size_t dlen; -+} EC_SELFTEST_DATA; -+ -+# define make_ecdsa_test(nid, pr) { nid, pr##_name, \ -+ pr##_qx, sizeof(pr##_qx), \ -+ pr##_qy, sizeof(pr##_qy), \ -+ pr##_d, sizeof(pr##_d)} -+ -+static EC_SELFTEST_DATA test_ec_data[] = { -+ make_ecdsa_test(NID_X9_62_prime256v1, P_256), -+}; -+ -+int FIPS_selftest_ecdsa() -+{ -+ EC_KEY *ec = NULL; -+ BIGNUM *x = NULL, *y = NULL, *d = NULL; -+ EVP_PKEY *pk = NULL; -+ int rv = 0; -+ size_t i; -+ -+ for (i = 0; i < sizeof(test_ec_data) / sizeof(EC_SELFTEST_DATA); i++) { -+ EC_SELFTEST_DATA *ecd = test_ec_data + i; -+ -+ x = BN_bin2bn(ecd->x, ecd->xlen, x); -+ y = BN_bin2bn(ecd->y, ecd->ylen, y); -+ d = BN_bin2bn(ecd->d, ecd->dlen, d); -+ -+ if (!x || !y || !d) -+ goto err; -+ -+ ec = EC_KEY_new_by_curve_name(ecd->curve); -+ if (!ec) -+ goto err; -+ -+ if (!EC_KEY_set_public_key_affine_coordinates(ec, x, y)) -+ goto err; -+ -+ if (!EC_KEY_set_private_key(ec, d)) -+ goto err; -+ -+ if ((pk = EVP_PKEY_new()) == NULL) -+ goto err; -+ -+ EVP_PKEY_assign_EC_KEY(pk, ec); -+ -+ if (!fips_pkey_signature_test(pk, NULL, 0, -+ NULL, 0, EVP_sha256(), 0, ecd->name)) -+ goto err; -+ } -+ -+ rv = 1; -+ -+ err: -+ -+ if (x) -+ BN_clear_free(x); -+ if (y) -+ BN_clear_free(y); -+ if (d) -+ BN_clear_free(d); -+ if (pk) -+ EVP_PKEY_free(pk); -+ else if (ec) -+ EC_KEY_free(ec); -+ -+ return rv; -+ -+} -+ -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_err.h.fips openssl-1.1.1j/crypto/fips/fips_err.h ---- openssl-1.1.1j/crypto/fips/fips_err.h.fips 2021-03-03 12:57:42.201734542 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_err.h 2021-03-03 12:57:42.201734542 +0100 -@@ -0,0 +1,197 @@ -+/* crypto/fips_err.h */ -+/* ==================================================================== -+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@OpenSSL.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ * -+ * This product includes cryptographic software written by Eric Young -+ * (eay@cryptsoft.com). This product includes software written by Tim -+ * Hudson (tjh@cryptsoft.com). -+ * -+ */ -+ -+/* -+ * NOTE: this file was auto generated by the mkerr.pl script: any changes -+ * made to it will be overwritten when the script next updates this file, -+ * only reason strings will be preserved. -+ */ -+ -+#include -+#include -+#include -+ -+/* BEGIN ERROR CODES */ -+#ifndef OPENSSL_NO_ERR -+ -+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0) -+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason) -+ -+static ERR_STRING_DATA FIPS_str_functs[] = { -+ {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "dh_builtin_genparams"}, -+ {ERR_FUNC(FIPS_F_DRBG_RESEED), "drbg_reseed"}, -+ {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "dsa_builtin_paramgen2"}, -+ {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"}, -+ {ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"}, -+ {ERR_FUNC(FIPS_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"}, -+ {ERR_FUNC(FIPS_F_EVP_CIPHER_CTX_NEW), "EVP_CIPHER_CTX_new"}, -+ {ERR_FUNC(FIPS_F_EVP_CIPHER_CTX_RESET), "EVP_CIPHER_CTX_reset"}, -+ {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "fips_check_dsa"}, -+ {ERR_FUNC(FIPS_F_FIPS_CHECK_EC), "fips_check_ec"}, -+ {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"}, -+ {ERR_FUNC(FIPS_F_FIPS_DRBG_BYTES), "fips_drbg_bytes"}, -+ {ERR_FUNC(FIPS_F_FIPS_DRBG_CHECK), "fips_drbg_check"}, -+ {ERR_FUNC(FIPS_F_FIPS_DRBG_CPRNG_TEST), "fips_drbg_cprng_test"}, -+ {ERR_FUNC(FIPS_F_FIPS_DRBG_ERROR_CHECK), "fips_drbg_error_check"}, -+ {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"}, -+ {ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"}, -+ {ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"}, -+ {ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"}, -+ {ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"}, -+ {ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"}, -+ {ERR_FUNC(FIPS_F_FIPS_GET_ENTROPY), "fips_get_entropy"}, -+ {ERR_FUNC(FIPS_F_FIPS_MODULE_MODE_SET), "FIPS_module_mode_set"}, -+ {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, -+ {ERR_FUNC(FIPS_F_FIPS_RAND_BYTES), "FIPS_rand_bytes"}, -+ {ERR_FUNC(FIPS_F_FIPS_RAND_SEED), "FIPS_rand_seed"}, -+ {ERR_FUNC(FIPS_F_FIPS_RAND_SET_METHOD), "FIPS_rand_set_method"}, -+ {ERR_FUNC(FIPS_F_FIPS_RAND_STATUS), "FIPS_rand_status"}, -+ {ERR_FUNC(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN), "fips_rsa_builtin_keygen"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST), "FIPS_selftest"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_CCM), "FIPS_selftest_aes_ccm"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_GCM), "FIPS_selftest_aes_gcm"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_XTS), "FIPS_selftest_aes_xts"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_CMAC), "FIPS_selftest_cmac"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"}, -+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA2), "FIPS_selftest_sha2"}, -+ {ERR_FUNC(FIPS_F_OSSL_ECDSA_SIGN_SIG), "ossl_ecdsa_sign_sig"}, -+ {ERR_FUNC(FIPS_F_OSSL_ECDSA_VERIFY_SIG), "ossl_ecdsa_verify_sig"}, -+ {ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "rsa_builtin_keygen"}, -+ {ERR_FUNC(FIPS_F_RSA_OSSL_INIT), "rsa_ossl_init"}, -+ {ERR_FUNC(FIPS_F_RSA_OSSL_PRIVATE_DECRYPT), "rsa_ossl_private_decrypt"}, -+ {ERR_FUNC(FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT), "rsa_ossl_private_encrypt"}, -+ {ERR_FUNC(FIPS_F_RSA_OSSL_PUBLIC_DECRYPT), "rsa_ossl_public_decrypt"}, -+ {ERR_FUNC(FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT), "rsa_ossl_public_encrypt"}, -+ {0, NULL} -+}; -+ -+static ERR_STRING_DATA FIPS_str_reasons[] = { -+ {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED), -+ "additional input error undetected"}, -+ {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_TOO_LONG), -+ "additional input too long"}, -+ {ERR_REASON(FIPS_R_ALREADY_INSTANTIATED), "already instantiated"}, -+ {ERR_REASON(FIPS_R_DRBG_NOT_INITIALISED), "drbg not initialised"}, -+ {ERR_REASON(FIPS_R_DRBG_STUCK), "drbg stuck"}, -+ {ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED), "entropy error undetected"}, -+ {ERR_REASON(FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED), -+ "entropy not requested for reseed"}, -+ {ERR_REASON(FIPS_R_ENTROPY_SOURCE_STUCK), "entropy source stuck"}, -+ {ERR_REASON(FIPS_R_ERROR_INITIALISING_DRBG), "error initialising drbg"}, -+ {ERR_REASON(FIPS_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"}, -+ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT), -+ "error retrieving additional input"}, -+ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY), "error retrieving entropy"}, -+ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_NONCE), "error retrieving nonce"}, -+ {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH), -+ "fingerprint does not match"}, -+ {ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET), "fips mode already set"}, -+ {ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED), "fips selftest failed"}, -+ {ERR_REASON(FIPS_R_FUNCTION_ERROR), "function error"}, -+ {ERR_REASON(FIPS_R_GENERATE_ERROR), "generate error"}, -+ {ERR_REASON(FIPS_R_GENERATE_ERROR_UNDETECTED), -+ "generate error undetected"}, -+ {ERR_REASON(FIPS_R_INSTANTIATE_ERROR), "instantiate error"}, -+ {ERR_REASON(FIPS_R_INTERNAL_ERROR), "internal error"}, -+ {ERR_REASON(FIPS_R_INVALID_KEY_LENGTH), "invalid key length"}, -+ {ERR_REASON(FIPS_R_IN_ERROR_STATE), "in error state"}, -+ {ERR_REASON(FIPS_R_KEY_TOO_SHORT), "key too short"}, -+ {ERR_REASON(FIPS_R_NONCE_ERROR_UNDETECTED), "nonce error undetected"}, -+ {ERR_REASON(FIPS_R_NON_FIPS_METHOD), "non fips method"}, -+ {ERR_REASON(FIPS_R_NOPR_TEST1_FAILURE), "nopr test1 failure"}, -+ {ERR_REASON(FIPS_R_NOPR_TEST2_FAILURE), "nopr test2 failure"}, -+ {ERR_REASON(FIPS_R_NOT_INSTANTIATED), "not instantiated"}, -+ {ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED), "pairwise test failed"}, -+ {ERR_REASON(FIPS_R_PERSONALISATION_ERROR_UNDETECTED), -+ "personalisation error undetected"}, -+ {ERR_REASON(FIPS_R_PERSONALISATION_STRING_TOO_LONG), -+ "personalisation string too long"}, -+ {ERR_REASON(FIPS_R_PR_TEST1_FAILURE), "pr test1 failure"}, -+ {ERR_REASON(FIPS_R_PR_TEST2_FAILURE), "pr test2 failure"}, -+ {ERR_REASON(FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED), -+ "request length error undetected"}, -+ {ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG), -+ "request too large for drbg"}, -+ {ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR), "reseed counter error"}, -+ {ERR_REASON(FIPS_R_RESEED_ERROR), "reseed error"}, -+ {ERR_REASON(FIPS_R_SELFTEST_FAILED), "selftest failed"}, -+ {ERR_REASON(FIPS_R_SELFTEST_FAILURE), "selftest failure"}, -+ {ERR_REASON(FIPS_R_TEST_FAILURE), "test failure"}, -+ {ERR_REASON(FIPS_R_UNINSTANTIATE_ERROR), "uninstantiate error"}, -+ {ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR), -+ "uninstantiate zeroise error"}, -+ {ERR_REASON(FIPS_R_UNSUPPORTED_DRBG_TYPE), "unsupported drbg type"}, -+ {ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM), "unsupported platform"}, -+ {0, NULL} -+}; -+ -+#endif -+ -+int ERR_load_FIPS_strings(void) -+{ -+#ifndef OPENSSL_NO_ERR -+ -+ if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) { -+ ERR_load_strings(0, FIPS_str_functs); -+ ERR_load_strings(0, FIPS_str_reasons); -+ } -+#endif -+ return 1; -+} -diff -up openssl-1.1.1j/crypto/fips/fips_ers.c.fips openssl-1.1.1j/crypto/fips/fips_ers.c ---- openssl-1.1.1j/crypto/fips/fips_ers.c.fips 2021-03-03 12:57:42.201734542 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_ers.c 2021-03-03 12:57:42.201734542 +0100 -@@ -0,0 +1,7 @@ -+#include -+ -+#ifdef OPENSSL_FIPS -+# include "fips_err.h" -+#else -+static void *dummy = &dummy; -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_hmac_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_hmac_selftest.c.fips 2021-03-03 12:57:42.201734542 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_hmac_selftest.c 2021-03-03 12:57:42.201734542 +0100 -@@ -0,0 +1,134 @@ -+/* ==================================================================== -+ * Copyright (c) 2005 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+#ifdef OPENSSL_FIPS -+# include -+#endif -+#include -+ -+#ifdef OPENSSL_FIPS -+typedef struct { -+ const EVP_MD *(*alg) (void); -+ const char *key, *iv; -+ unsigned char kaval[EVP_MAX_MD_SIZE]; -+} HMAC_KAT; -+ -+static const HMAC_KAT vector[] = { -+ {EVP_sha1, -+ /* from http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf */ -+ "0123456789:;<=>?@ABC", -+ "Sample #2", -+ {0x09, 0x22, 0xd3, 0x40, 0x5f, 0xaa, 0x3d, 0x19, -+ 0x4f, 0x82, 0xa4, 0x58, 0x30, 0x73, 0x7d, 0x5c, -+ 0xc6, 0xc7, 0x5d, 0x24} -+ }, -+ {EVP_sha224, -+ /* just keep extending the above... */ -+ "0123456789:;<=>?@ABC", -+ "Sample #2", -+ {0xdd, 0xef, 0x0a, 0x40, 0xcb, 0x7d, 0x50, 0xfb, -+ 0x6e, 0xe6, 0xce, 0xa1, 0x20, 0xba, 0x26, 0xaa, -+ 0x08, 0xf3, 0x07, 0x75, 0x87, 0xb8, 0xad, 0x1b, -+ 0x8c, 0x8d, 0x12, 0xc7} -+ }, -+ {EVP_sha256, -+ "0123456789:;<=>?@ABC", -+ "Sample #2", -+ {0xb8, 0xf2, 0x0d, 0xb5, 0x41, 0xea, 0x43, 0x09, -+ 0xca, 0x4e, 0xa9, 0x38, 0x0c, 0xd0, 0xe8, 0x34, -+ 0xf7, 0x1f, 0xbe, 0x91, 0x74, 0xa2, 0x61, 0x38, -+ 0x0d, 0xc1, 0x7e, 0xae, 0x6a, 0x34, 0x51, 0xd9} -+ }, -+ {EVP_sha384, -+ "0123456789:;<=>?@ABC", -+ "Sample #2", -+ {0x08, 0xbc, 0xb0, 0xda, 0x49, 0x1e, 0x87, 0xad, -+ 0x9a, 0x1d, 0x6a, 0xce, 0x23, 0xc5, 0x0b, 0xf6, -+ 0xb7, 0x18, 0x06, 0xa5, 0x77, 0xcd, 0x49, 0x04, -+ 0x89, 0xf1, 0xe6, 0x23, 0x44, 0x51, 0x51, 0x9f, -+ 0x85, 0x56, 0x80, 0x79, 0x0c, 0xbd, 0x4d, 0x50, -+ 0xa4, 0x5f, 0x29, 0xe3, 0x93, 0xf0, 0xe8, 0x7f} -+ }, -+ {EVP_sha512, -+ "0123456789:;<=>?@ABC", -+ "Sample #2", -+ {0x80, 0x9d, 0x44, 0x05, 0x7c, 0x5b, 0x95, 0x41, -+ 0x05, 0xbd, 0x04, 0x13, 0x16, 0xdb, 0x0f, 0xac, -+ 0x44, 0xd5, 0xa4, 0xd5, 0xd0, 0x89, 0x2b, 0xd0, -+ 0x4e, 0x86, 0x64, 0x12, 0xc0, 0x90, 0x77, 0x68, -+ 0xf1, 0x87, 0xb7, 0x7c, 0x4f, 0xae, 0x2c, 0x2f, -+ 0x21, 0xa5, 0xb5, 0x65, 0x9a, 0x4f, 0x4b, 0xa7, -+ 0x47, 0x02, 0xa3, 0xde, 0x9b, 0x51, 0xf1, 0x45, -+ 0xbd, 0x4f, 0x25, 0x27, 0x42, 0x98, 0x99, 0x05} -+ }, -+}; -+ -+int FIPS_selftest_hmac() -+{ -+ int n; -+ unsigned int outlen; -+ unsigned char out[EVP_MAX_MD_SIZE]; -+ const EVP_MD *md; -+ const HMAC_KAT *t; -+ -+ for (n = 0, t = vector; n < sizeof(vector) / sizeof(vector[0]); n++, t++) { -+ md = (*t->alg) (); -+ HMAC(md, t->key, strlen(t->key), -+ (const unsigned char *)t->iv, strlen(t->iv), out, &outlen); -+ -+ if (memcmp(out, t->kaval, outlen)) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } -+ } -+ return 1; -+} -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_locl.h.fips openssl-1.1.1j/crypto/fips/fips_locl.h ---- openssl-1.1.1j/crypto/fips/fips_locl.h.fips 2021-03-03 12:57:42.201734542 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_locl.h 2021-03-03 12:57:42.201734542 +0100 -@@ -0,0 +1,71 @@ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#ifdef OPENSSL_FIPS -+ -+# ifdef __cplusplus -+extern "C" { -+# endif -+ -+# define FIPS_MAX_CIPHER_TEST_SIZE 32 -+# define fips_load_key_component(comp, pre) \ -+ comp = BN_bin2bn(pre##_##comp, sizeof(pre##_##comp), NULL); \ -+ if (!comp) \ -+ goto err -+ -+# define fips_post_started(id, subid, ex) 1 -+# define fips_post_success(id, subid, ex) 1 -+# define fips_post_failed(id, subid, ex) 1 -+# define fips_post_corrupt(id, subid, ex) 1 -+# define fips_post_status() 1 -+ -+# ifdef __cplusplus -+} -+# endif -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_post.c.fips openssl-1.1.1j/crypto/fips/fips_post.c ---- openssl-1.1.1j/crypto/fips/fips_post.c.fips 2021-03-03 12:57:42.201734542 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_post.c 2021-03-03 12:57:42.201734542 +0100 -@@ -0,0 +1,224 @@ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#define OPENSSL_FIPSAPI -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#ifdef OPENSSL_FIPS -+ -+/* Power on self test (POST) support functions */ -+ -+# include -+# include "crypto/fips.h" -+# include "fips_locl.h" -+ -+/* Run all selftests */ -+int FIPS_selftest(void) -+{ -+ int rv = 1; -+ if (!FIPS_selftest_drbg()) -+ rv = 0; -+ if (!FIPS_selftest_sha1()) -+ rv = 0; -+ if (!FIPS_selftest_sha2()) -+ rv = 0; -+ if (!FIPS_selftest_sha3()) -+ rv = 0; -+ if (!FIPS_selftest_hmac()) -+ rv = 0; -+ if (!FIPS_selftest_cmac()) -+ rv = 0; -+ if (!FIPS_selftest_aes()) -+ rv = 0; -+ if (!FIPS_selftest_aes_ccm()) -+ rv = 0; -+ if (!FIPS_selftest_aes_gcm()) -+ rv = 0; -+ if (!FIPS_selftest_aes_xts()) -+ rv = 0; -+ if (!FIPS_selftest_des()) -+ rv = 0; -+ if (!FIPS_selftest_rsa()) -+ rv = 0; -+ if (!FIPS_selftest_ecdsa()) -+ rv = 0; -+ if (!FIPS_selftest_dsa()) -+ rv = 0; -+ if (!FIPS_selftest_dh()) -+ rv = 0; -+ if (!FIPS_selftest_ecdh()) -+ rv = 0; -+ return rv; -+} -+ -+/* Generalized public key test routine. Signs and verifies the data -+ * supplied in tbs using mesage digest md and setting option digest -+ * flags md_flags. If the 'kat' parameter is not NULL it will -+ * additionally check the signature matches it: a known answer test -+ * The string "fail_str" is used for identification purposes in case -+ * of failure. If "pkey" is NULL just perform a message digest check. -+ */ -+ -+int fips_pkey_signature_test(EVP_PKEY *pkey, -+ const unsigned char *tbs, int tbslen, -+ const unsigned char *kat, unsigned int katlen, -+ const EVP_MD *digest, unsigned int flags, -+ const char *fail_str) -+{ -+ int ret = 0; -+ unsigned char sigtmp[256], *sig = sigtmp; -+ size_t siglen = sizeof(sigtmp); -+ EVP_MD_CTX *mctx; -+ EVP_PKEY_CTX *pctx; -+ -+ if (digest == NULL) -+ digest = EVP_sha256(); -+ -+ mctx = EVP_MD_CTX_new(); -+ -+ if ((EVP_PKEY_id(pkey) == EVP_PKEY_RSA) -+ && (RSA_size(EVP_PKEY_get0_RSA(pkey)) > sizeof(sigtmp))) { -+ sig = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pkey))); -+ siglen = RSA_size(EVP_PKEY_get0_RSA(pkey)); -+ } -+ if (!sig || ! mctx) { -+ EVP_MD_CTX_free(mctx); -+ FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ if (tbslen == -1) -+ tbslen = strlen((char *)tbs); -+ -+ if (EVP_DigestSignInit(mctx, &pctx, digest, NULL, pkey) <= 0) -+ goto error; -+ -+ if (flags == EVP_MD_CTX_FLAG_PAD_PSS) { -+ EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING); -+ EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, 0); -+ } -+ -+ if (EVP_DigestSignUpdate(mctx, tbs, tbslen) <= 0) -+ goto error; -+ -+ if (EVP_DigestSignFinal(mctx, sig, &siglen) <= 0) -+ goto error; -+ -+ if (kat && ((siglen != katlen) || memcmp(kat, sig, katlen))) -+ goto error; -+ -+ if (EVP_DigestVerifyInit(mctx, &pctx, digest, NULL, pkey) <= 0) -+ goto error; -+ -+ if (flags == EVP_MD_CTX_FLAG_PAD_PSS) { -+ EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING); -+ EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, 0); -+ } -+ -+ if (EVP_DigestVerifyUpdate(mctx, tbs, tbslen) <= 0) -+ goto error; -+ -+ ret = EVP_DigestVerifyFinal(mctx, sig, siglen); -+ -+ error: -+ if (sig != sigtmp) -+ OPENSSL_free(sig); -+ EVP_MD_CTX_free(mctx); -+ if (ret <= 0) { -+ FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST, FIPS_R_TEST_FAILURE); -+ if (fail_str) -+ ERR_add_error_data(2, "Type=", fail_str); -+ return 0; -+ } -+ return 1; -+} -+ -+/* Generalized symmetric cipher test routine. Encrypt data, verify result -+ * against known answer, decrypt and compare with original plaintext. -+ */ -+ -+int fips_cipher_test(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, -+ const unsigned char *key, -+ const unsigned char *iv, -+ const unsigned char *plaintext, -+ const unsigned char *ciphertext, int len) -+{ -+ unsigned char pltmp[FIPS_MAX_CIPHER_TEST_SIZE]; -+ unsigned char citmp[FIPS_MAX_CIPHER_TEST_SIZE]; -+ -+ OPENSSL_assert(len <= FIPS_MAX_CIPHER_TEST_SIZE); -+ memset(pltmp, 0, FIPS_MAX_CIPHER_TEST_SIZE); -+ memset(citmp, 0, FIPS_MAX_CIPHER_TEST_SIZE); -+ -+ if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 1) <= 0) -+ return 0; -+ if (EVP_Cipher(ctx, citmp, plaintext, len) <= 0) -+ return 0; -+ if (memcmp(citmp, ciphertext, len)) -+ return 0; -+ if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0) <= 0) -+ return 0; -+ if (EVP_Cipher(ctx, pltmp, citmp, len) <= 0) -+ return 0; -+ if (memcmp(pltmp, plaintext, len)) -+ return 0; -+ return 1; -+} -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1j/crypto/fips/fips_rand_lcl.h ---- openssl-1.1.1j/crypto/fips/fips_rand_lcl.h.fips 2021-03-03 12:57:42.201734542 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_rand_lcl.h 2021-03-03 12:57:42.201734542 +0100 -@@ -0,0 +1,203 @@ -+/* fips/rand/fips_rand_lcl.h */ -+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -+ * project. -+ */ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * licensing@OpenSSL.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ */ -+ -+typedef struct drbg_hash_ctx_st DRBG_HASH_CTX; -+typedef struct drbg_hmac_ctx_st DRBG_HMAC_CTX; -+typedef struct drbg_ctr_ctx_st DRBG_CTR_CTX; -+ -+/* 888 bits from 10.1 table 2 */ -+#define HASH_PRNG_MAX_SEEDLEN 111 -+ -+struct drbg_hash_ctx_st { -+ const EVP_MD *md; -+ EVP_MD_CTX *mctx; -+ unsigned char V[HASH_PRNG_MAX_SEEDLEN]; -+ unsigned char C[HASH_PRNG_MAX_SEEDLEN]; -+ /* Temporary value storage: should always exceed max digest length */ -+ unsigned char vtmp[HASH_PRNG_MAX_SEEDLEN]; -+}; -+ -+struct drbg_hmac_ctx_st { -+ const EVP_MD *md; -+ HMAC_CTX *hctx; -+ unsigned char K[EVP_MAX_MD_SIZE]; -+ unsigned char V[EVP_MAX_MD_SIZE]; -+}; -+ -+struct drbg_ctr_ctx_st { -+ AES_KEY ks; -+ size_t keylen; -+ unsigned char K[32]; -+ unsigned char V[16]; -+ /* Temp variables used by derivation function */ -+ AES_KEY df_ks; -+ AES_KEY df_kxks; -+ /* Temporary block storage used by ctr_df */ -+ unsigned char bltmp[16]; -+ size_t bltmp_pos; -+ unsigned char KX[48]; -+}; -+ -+/* DRBG internal flags */ -+ -+/* Functions shouldn't call err library */ -+#define DRBG_FLAG_NOERR 0x1 -+/* Custom reseed checking */ -+#define DRBG_CUSTOM_RESEED 0x2 -+ -+/* DRBG status values */ -+/* not initialised */ -+#define DRBG_STATUS_UNINITIALISED 0 -+/* ok and ready to generate random bits */ -+#define DRBG_STATUS_READY 1 -+/* reseed required */ -+#define DRBG_STATUS_RESEED 2 -+/* fatal error condition */ -+#define DRBG_STATUS_ERROR 3 -+ -+/* A default maximum length: larger than any reasonable value used in pratice */ -+ -+#define DRBG_MAX_LENGTH 0x7ffffff0 -+/* Maximum DRBG block length: all md sizes are bigger than cipher blocks sizes -+ * so use max digest length. -+ */ -+#define DRBG_MAX_BLOCK EVP_MAX_MD_SIZE -+ -+#define DRBG_HEALTH_INTERVAL (1 << 24) -+ -+/* DRBG context structure */ -+ -+struct drbg_ctx_st { -+ /* First types common to all implementations */ -+ /* DRBG type: a NID for the underlying algorithm */ -+ int type; -+ /* Various external flags */ -+ unsigned int xflags; -+ /* Various internal use only flags */ -+ unsigned int iflags; -+ /* Used for periodic health checks */ -+ int health_check_cnt, health_check_interval; -+ -+ /* The following parameters are setup by mechanism drbg_init() call */ -+ int strength; -+ size_t blocklength; -+ size_t max_request; -+ -+ size_t min_entropy, max_entropy; -+ size_t min_nonce, max_nonce; -+ size_t max_pers, max_adin; -+ unsigned int reseed_counter; -+ unsigned int reseed_interval; -+ size_t seedlen; -+ int status; -+ /* Application data: typically used by test get_entropy */ -+ void *app_data; -+ /* Implementation specific structures */ -+ union { -+ DRBG_HASH_CTX hash; -+ DRBG_HMAC_CTX hmac; -+ DRBG_CTR_CTX ctr; -+ } d; -+ /* Initialiase PRNG and setup callbacks below */ -+ int (*init) (DRBG_CTX *ctx, int nid, int security, unsigned int flags); -+ /* Intantiate PRNG */ -+ int (*instantiate) (DRBG_CTX *ctx, -+ const unsigned char *ent, size_t entlen, -+ const unsigned char *nonce, size_t noncelen, -+ const unsigned char *pers, size_t perslen); -+ /* reseed */ -+ int (*reseed) (DRBG_CTX *ctx, -+ const unsigned char *ent, size_t entlen, -+ const unsigned char *adin, size_t adinlen); -+ /* generat output */ -+ int (*generate) (DRBG_CTX *ctx, -+ unsigned char *out, size_t outlen, -+ const unsigned char *adin, size_t adinlen); -+ /* uninstantiate */ -+ int (*uninstantiate) (DRBG_CTX *ctx); -+ -+ /* Entropy source block length */ -+ size_t entropy_blocklen; -+ -+ /* entropy gathering function */ -+ size_t (*get_entropy) (DRBG_CTX *ctx, unsigned char **pout, -+ int entropy, size_t min_len, size_t max_len); -+ /* Indicates we have finished with entropy buffer */ -+ void (*cleanup_entropy) (DRBG_CTX *ctx, unsigned char *out, size_t olen); -+ -+ /* nonce gathering function */ -+ size_t (*get_nonce) (DRBG_CTX *ctx, unsigned char **pout, -+ int entropy, size_t min_len, size_t max_len); -+ /* Indicates we have finished with nonce buffer */ -+ void (*cleanup_nonce) (DRBG_CTX *ctx, unsigned char *out, size_t olen); -+ -+ /* Callbacks used when called through RAND interface */ -+ /* Get any additional input for generate */ -+ size_t (*get_adin) (DRBG_CTX *ctx, unsigned char **pout); -+ void (*cleanup_adin) (DRBG_CTX *ctx, unsigned char *out, size_t olen); -+ /* Callback for RAND_seed(), RAND_add() */ -+ int (*rand_seed_cb) (DRBG_CTX *ctx, const void *buf, int num); -+ int (*rand_add_cb) (DRBG_CTX *ctx, -+ const void *buf, int num, double entropy); -+}; -+ -+int fips_drbg_ctr_init(DRBG_CTX *dctx); -+int fips_drbg_hash_init(DRBG_CTX *dctx); -+int fips_drbg_hmac_init(DRBG_CTX *dctx); -+int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags); -+int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out); -+ -+#define FIPS_digestinit EVP_DigestInit -+#define FIPS_digestupdate EVP_DigestUpdate -+#define FIPS_digestfinal EVP_DigestFinal -+#define M_EVP_MD_size EVP_MD_size -diff -up openssl-1.1.1j/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1j/crypto/fips/fips_rand_lib.c ---- openssl-1.1.1j/crypto/fips/fips_rand_lib.c.fips 2021-03-03 12:57:42.201734542 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_rand_lib.c 2021-03-03 12:57:42.201734542 +0100 -@@ -0,0 +1,234 @@ -+/* ==================================================================== -+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+/* If we don't define _XOPEN_SOURCE_EXTENDED, struct timeval won't -+ be defined and gettimeofday() won't be declared with strict compilers -+ like DEC C in ANSI C mode. */ -+#ifndef _XOPEN_SOURCE_EXTENDED -+# define _XOPEN_SOURCE_EXTENDED 1 -+#endif -+ -+#include -+#include -+#include -+#include -+#include "crypto/fips.h" -+#include -+#include "e_os.h" -+ -+#if !(defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS)) -+# include -+#endif -+#if defined(OPENSSL_SYS_VXWORKS) -+# include -+#endif -+#ifndef OPENSSL_SYS_WIN32 -+# ifdef OPENSSL_UNISTD -+# include OPENSSL_UNISTD -+# else -+# include -+# endif -+#endif -+ -+/* FIPS API for PRNG use. Similar to RAND functionality but without -+ * ENGINE and additional checking for non-FIPS rand methods. -+ */ -+ -+static const RAND_METHOD *fips_rand_meth = NULL; -+static int fips_approved_rand_meth = 0; -+static int fips_rand_bits = 0; -+ -+/* Allows application to override number of bits and uses non-FIPS methods */ -+void FIPS_rand_set_bits(int nbits) -+{ -+ fips_rand_bits = nbits; -+} -+ -+int FIPS_rand_set_method(const RAND_METHOD *meth) -+{ -+ if (!fips_rand_bits) { -+ if (meth == FIPS_drbg_method()) -+ fips_approved_rand_meth = 1; -+ else { -+ fips_approved_rand_meth = 0; -+ if (FIPS_module_mode()) { -+ FIPSerr(FIPS_F_FIPS_RAND_SET_METHOD, FIPS_R_NON_FIPS_METHOD); -+ return 0; -+ } -+ } -+ } -+ fips_rand_meth = meth; -+ return 1; -+} -+ -+const RAND_METHOD *FIPS_rand_get_method(void) -+{ -+ return fips_rand_meth; -+} -+ -+void FIPS_rand_reset(void) -+{ -+ if (fips_rand_meth && fips_rand_meth->cleanup) -+ fips_rand_meth->cleanup(); -+} -+ -+int FIPS_rand_seed(const void *buf, int num) -+{ -+ if (!fips_approved_rand_meth && FIPS_module_mode()) { -+ FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD); -+ return 0; -+ } -+ if (fips_rand_meth && fips_rand_meth->seed) -+ fips_rand_meth->seed(buf, num); -+ return 1; -+} -+ -+int FIPS_rand_bytes(unsigned char *buf, int num) -+{ -+ if (!fips_approved_rand_meth && FIPS_module_mode()) { -+ FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD); -+ return 0; -+ } -+ if (fips_rand_meth && fips_rand_meth->bytes) -+ return fips_rand_meth->bytes(buf, num); -+ return 0; -+} -+ -+int FIPS_rand_status(void) -+{ -+ if (!fips_approved_rand_meth && FIPS_module_mode()) { -+ FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD); -+ return 0; -+ } -+ if (fips_rand_meth && fips_rand_meth->status) -+ return fips_rand_meth->status(); -+ return 0; -+} -+ -+/* Return instantiated strength of PRNG. For DRBG this is an internal -+ * parameter. Any other type of PRNG is not approved and returns 0 in -+ * FIPS mode and maximum 256 outside FIPS mode. -+ */ -+ -+int FIPS_rand_strength(void) -+{ -+ if (fips_rand_bits) -+ return fips_rand_bits; -+ if (fips_approved_rand_meth == 1) -+ return FIPS_drbg_get_strength(FIPS_get_default_drbg()); -+ else if (fips_approved_rand_meth == 0) { -+ if (FIPS_module_mode()) -+ return 0; -+ else -+ return 256; -+ } -+ return 0; -+} -+ -+void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr) -+{ -+# ifdef OPENSSL_SYS_WIN32 -+ FILETIME ft; -+# elif defined(OPENSSL_SYS_VXWORKS) -+ struct timespec ts; -+# else -+ struct timeval tv; -+# endif -+ -+# ifndef GETPID_IS_MEANINGLESS -+ unsigned long pid; -+# endif -+ -+# ifdef OPENSSL_SYS_WIN32 -+ GetSystemTimeAsFileTime(&ft); -+ buf[0] = (unsigned char)(ft.dwHighDateTime & 0xff); -+ buf[1] = (unsigned char)((ft.dwHighDateTime >> 8) & 0xff); -+ buf[2] = (unsigned char)((ft.dwHighDateTime >> 16) & 0xff); -+ buf[3] = (unsigned char)((ft.dwHighDateTime >> 24) & 0xff); -+ buf[4] = (unsigned char)(ft.dwLowDateTime & 0xff); -+ buf[5] = (unsigned char)((ft.dwLowDateTime >> 8) & 0xff); -+ buf[6] = (unsigned char)((ft.dwLowDateTime >> 16) & 0xff); -+ buf[7] = (unsigned char)((ft.dwLowDateTime >> 24) & 0xff); -+# elif defined(OPENSSL_SYS_VXWORKS) -+ clock_gettime(CLOCK_REALTIME, &ts); -+ buf[0] = (unsigned char)(ts.tv_sec & 0xff); -+ buf[1] = (unsigned char)((ts.tv_sec >> 8) & 0xff); -+ buf[2] = (unsigned char)((ts.tv_sec >> 16) & 0xff); -+ buf[3] = (unsigned char)((ts.tv_sec >> 24) & 0xff); -+ buf[4] = (unsigned char)(ts.tv_nsec & 0xff); -+ buf[5] = (unsigned char)((ts.tv_nsec >> 8) & 0xff); -+ buf[6] = (unsigned char)((ts.tv_nsec >> 16) & 0xff); -+ buf[7] = (unsigned char)((ts.tv_nsec >> 24) & 0xff); -+# else -+ gettimeofday(&tv, NULL); -+ buf[0] = (unsigned char)(tv.tv_sec & 0xff); -+ buf[1] = (unsigned char)((tv.tv_sec >> 8) & 0xff); -+ buf[2] = (unsigned char)((tv.tv_sec >> 16) & 0xff); -+ buf[3] = (unsigned char)((tv.tv_sec >> 24) & 0xff); -+ buf[4] = (unsigned char)(tv.tv_usec & 0xff); -+ buf[5] = (unsigned char)((tv.tv_usec >> 8) & 0xff); -+ buf[6] = (unsigned char)((tv.tv_usec >> 16) & 0xff); -+ buf[7] = (unsigned char)((tv.tv_usec >> 24) & 0xff); -+# endif -+ buf[8] = (unsigned char)(*pctr & 0xff); -+ buf[9] = (unsigned char)((*pctr >> 8) & 0xff); -+ buf[10] = (unsigned char)((*pctr >> 16) & 0xff); -+ buf[11] = (unsigned char)((*pctr >> 24) & 0xff); -+ -+ (*pctr)++; -+ -+# ifndef GETPID_IS_MEANINGLESS -+ pid = (unsigned long)getpid(); -+ buf[12] = (unsigned char)(pid & 0xff); -+ buf[13] = (unsigned char)((pid >> 8) & 0xff); -+ buf[14] = (unsigned char)((pid >> 16) & 0xff); -+ buf[15] = (unsigned char)((pid >> 24) & 0xff); -+# endif -+} -+ -diff -up openssl-1.1.1j/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_rsa_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_rsa_selftest.c.fips 2021-03-03 12:57:42.201734542 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_rsa_selftest.c 2021-03-03 12:57:42.201734542 +0100 -@@ -0,0 +1,338 @@ -+/* ==================================================================== -+ * Copyright (c) 2003-2007 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+#ifdef OPENSSL_FIPS -+# include -+# include "crypto/fips.h" -+#endif -+#include -+#include -+#include -+#include -+#include "fips_locl.h" -+ -+#ifdef OPENSSL_FIPS -+ -+static int setrsakey(RSA *key) -+{ -+ static const unsigned char keydata_n[] = { -+ 0x00, 0xc9, 0xd5, 0x6d, 0x9d, 0x90, 0xdb, 0x43, 0xd6, 0x02, 0xed, 0x96, 0x88, 0x13, 0x8a, -+ 0xb2, 0xbf, 0x6e, 0xa1, 0x06, 0x10, 0xb2, 0x78, 0x37, 0xa7, 0x14, 0xa8, 0xff, 0xdd, 0x00, -+ 0xdd, 0xb4, 0x93, 0xa0, 0x45, 0xcc, 0x96, 0x90, 0xed, 0xad, 0xa9, 0xdd, 0xc4, 0xd6, 0xca, -+ 0x0c, 0xf0, 0xed, 0x4f, 0x72, 0x5e, 0x21, 0x49, 0x9a, 0x18, 0x12, 0x15, 0x8f, 0x90, 0x5a, -+ 0xdb, 0xb6, 0x33, 0x99, 0xa3, 0xe6, 0xb4, 0xf0, 0xc4, 0x97, 0x21, 0x26, 0xbb, 0xe3, 0xba, -+ 0xf2, 0xff, 0xa0, 0x72, 0xda, 0x89, 0x63, 0x8e, 0x8b, 0x3e, 0x08, 0x9d, 0x92, 0x2a, 0xbe, -+ 0x16, 0xe1, 0x43, 0x15, 0xfc, 0x57, 0xc7, 0x1f, 0x09, 0x11, 0x67, 0x1c, 0xa9, 0x96, 0xd1, -+ 0x8b, 0x3e, 0x80, 0x93, 0xc1, 0x59, 0xd0, 0x6d, 0x39, 0xf2, 0xac, 0x95, 0xcc, 0x10, 0x75, -+ 0xe9, 0x31, 0x24, 0xd1, 0x43, 0xaf, 0x68, 0x52, 0x4b, 0xe7, 0x16, 0xd7, 0x49, 0x65, 0x6f, -+ 0x26, 0xc0, 0x86, 0xad, 0xc0, 0x07, 0x0a, 0xc1, 0xe1, 0x2f, 0x87, 0x85, 0x86, 0x3b, 0xdc, -+ 0x5a, 0x99, 0xbe, 0xe9, 0xf9, 0xb9, 0xe9, 0x82, 0x27, 0x51, 0x04, 0x15, 0xab, 0x06, 0x0e, -+ 0x76, 0x5a, 0x28, 0x8d, 0x92, 0xbd, 0xc5, 0xb5, 0x7b, 0xa8, 0xdf, 0x4e, 0x47, 0xa2, 0xc1, -+ 0xe7, 0x52, 0xbf, 0x47, 0xf7, 0x62, 0xe0, 0x3a, 0x6f, 0x4d, 0x6a, 0x4d, 0x4e, 0xd4, 0xb9, -+ 0x59, 0x69, 0xfa, 0xb2, 0x14, 0xc1, 0xee, 0xe6, 0x2f, 0x95, 0xcd, 0x94, 0x72, 0xae, 0xe4, -+ 0xdb, 0x18, 0x9a, 0xc4, 0xcd, 0x70, 0xbd, 0xee, 0x31, 0x16, 0xb7, 0x49, 0x65, 0xac, 0x40, -+ 0x19, 0x0e, 0xb5, 0x6d, 0x83, 0xf1, 0x36, 0xbb, 0x08, 0x2f, 0x2e, 0x4e, 0x92, 0x62, 0xa4, -+ 0xff, 0x50, 0xdb, 0x20, 0x45, 0xa2, 0xeb, 0x16, 0x7a, 0xf2, 0xd5, 0x28, 0xc1, 0xfd, 0x4e, -+ 0x03, 0x71 -+ }; -+ -+ static const unsigned char keydata_e[] = { 0x01, 0x00, 0x01 }; -+ -+ static const unsigned char keydata_d[] = { -+ 0x36, 0x27, 0x3d, 0xb1, 0xf9, 0x1b, 0xdb, 0xa7, 0xa0, 0x41, 0x7f, 0x12, 0x23, 0xac, 0x23, -+ 0x29, 0x99, 0xd5, 0x3a, 0x7b, 0x60, 0x67, 0x41, 0x07, 0x63, 0x53, 0xb4, 0xd2, 0xe7, 0x58, -+ 0x95, 0x0a, 0xc7, 0x05, 0xf3, 0x4e, 0xb2, 0xb4, 0x12, 0xd4, 0x70, 0xdc, 0x4f, 0x85, 0x06, -+ 0xd3, 0xdd, 0xd8, 0x63, 0x27, 0x3e, 0x67, 0x31, 0x21, 0x24, 0x39, 0x04, 0xbc, 0x06, 0xa4, -+ 0xcc, 0xce, 0x2b, 0x7a, 0xfe, 0x7b, 0xad, 0xde, 0x11, 0x6e, 0xa3, 0xa5, 0xe6, 0x04, 0x53, -+ 0x0e, 0xa3, 0x4e, 0x2d, 0xb4, 0x8f, 0x31, 0xbf, 0xca, 0x75, 0x25, 0x52, 0x02, 0x85, 0xde, -+ 0x3d, 0xb2, 0x72, 0x43, 0xb2, 0x89, 0x8a, 0x9a, 0x34, 0x41, 0x26, 0x3f, 0x9a, 0x67, 0xbe, -+ 0xa4, 0x96, 0x7b, 0x0e, 0x75, 0xba, 0xa6, 0x93, 0xd5, 0xb8, 0xd8, 0xb8, 0x57, 0xf2, 0x4b, -+ 0x0f, 0x14, 0x81, 0xd1, 0x57, 0x4e, 0xf6, 0x45, 0x4c, 0xa6, 0x3b, 0xd0, 0x70, 0xca, 0xd3, -+ 0x9d, 0x55, 0xde, 0x22, 0x05, 0xe7, 0x8e, 0x28, 0x4d, 0xee, 0x11, 0xcf, 0xb6, 0x67, 0x76, -+ 0x09, 0xd3, 0xe3, 0x3c, 0x13, 0xf9, 0x99, 0x34, 0x10, 0x7b, 0xec, 0x81, 0x38, 0xf0, 0xb6, -+ 0x34, 0x9c, 0x9b, 0x50, 0x6f, 0x0b, 0x91, 0x81, 0x4d, 0x89, 0x94, 0x04, 0x7b, 0xf0, 0x3c, -+ 0xf4, 0xb1, 0xb2, 0x00, 0x48, 0x8d, 0x5a, 0x8f, 0x88, 0x9e, 0xc5, 0xab, 0x3a, 0x9e, 0x44, -+ 0x3f, 0x54, 0xe7, 0xd9, 0x6e, 0x47, 0xaa, 0xa1, 0xbd, 0x40, 0x46, 0x31, 0xf9, 0xf0, 0x34, -+ 0xb6, 0x04, 0xe1, 0x2b, 0x5b, 0x73, 0x86, 0xdd, 0x3a, 0x92, 0x1b, 0x71, 0xc7, 0x3f, 0x32, -+ 0xe5, 0xc3, 0xc2, 0xab, 0xa1, 0x7e, 0xbf, 0xa4, 0x52, 0xa0, 0xb0, 0x68, 0x90, 0xd1, 0x20, -+ 0x12, 0x79, 0xe9, 0xd7, 0xc9, 0x40, 0xba, 0xf2, 0x19, 0xc7, 0xa5, 0x00, 0x92, 0x86, 0x0d, -+ 0x01 -+ }; -+ -+ static const unsigned char keydata_p[] = { -+ 0x00, 0xfc, 0x5c, 0x6e, 0x16, 0xce, 0x1f, 0x03, 0x7b, 0xcd, 0xf7, 0xb3, 0x72, 0xb2, 0x8f, -+ 0x16, 0x72, 0xb8, 0x56, 0xae, 0xf7, 0xcd, 0x67, 0xd8, 0x4e, 0x7d, 0x07, 0xaf, 0xd5, 0x43, -+ 0x26, 0xc3, 0x35, 0xbe, 0x43, 0x8f, 0x4e, 0x2f, 0x1c, 0x43, 0x4e, 0x6b, 0xd2, 0xb2, 0xec, -+ 0x52, 0x6d, 0x97, 0x52, 0x2b, 0xcc, 0x5c, 0x3a, 0x6b, 0xf4, 0x14, 0xc6, 0x74, 0xda, 0x66, -+ 0x38, 0x1c, 0x7a, 0x3f, 0x84, 0x2f, 0xe3, 0xf9, 0x5a, 0xb8, 0x65, 0x69, 0x46, 0x06, 0xa3, -+ 0x37, 0x79, 0xb2, 0xa1, 0x5b, 0x58, 0xed, 0x5e, 0xa7, 0x5f, 0x8c, 0x65, 0x66, 0xbb, 0xd1, -+ 0x24, 0x36, 0xe6, 0x37, 0xa7, 0x3d, 0x49, 0x77, 0x8a, 0x8c, 0x34, 0xd8, 0x69, 0x29, 0xf3, -+ 0x4d, 0x58, 0x22, 0xb0, 0x51, 0x24, 0xb6, 0x40, 0xa8, 0x86, 0x59, 0x0a, 0xb7, 0xba, 0x5c, -+ 0x97, 0xda, 0x57, 0xe8, 0x36, 0xda, 0x7a, 0x9c, 0xad -+ }; -+ -+ static const unsigned char keydata_q[] = { -+ 0x00, 0xcc, 0xbe, 0x7b, 0x09, 0x69, 0x06, 0xee, 0x45, 0xbf, 0x88, 0x47, 0x38, 0xa8, 0xf8, -+ 0x17, 0xe5, 0xb6, 0xba, 0x67, 0x55, 0xe3, 0xe8, 0x05, 0x8b, 0xb8, 0xe2, 0x53, 0xd6, 0x8e, -+ 0xef, 0x2c, 0xe7, 0x4f, 0x4a, 0xf7, 0x4e, 0x26, 0x8d, 0x85, 0x0b, 0x3f, 0xec, 0xc3, 0x1c, -+ 0xd4, 0xeb, 0xec, 0x6a, 0xc8, 0x72, 0x2a, 0x25, 0x7d, 0xfd, 0xa6, 0x77, 0x96, 0xf0, 0x1e, -+ 0xcd, 0x28, 0x57, 0xf8, 0x37, 0x30, 0x75, 0x6b, 0xbd, 0xd4, 0x7b, 0x0c, 0x87, 0xc5, 0x6c, -+ 0x87, 0x40, 0xa5, 0xbb, 0x27, 0x2c, 0x78, 0xc9, 0x74, 0x5a, 0x54, 0x5b, 0x0b, 0x30, 0x6f, -+ 0x44, 0x4a, 0xfa, 0x71, 0xe4, 0x21, 0x61, 0x66, 0xf9, 0xee, 0x65, 0xde, 0x7c, 0x04, 0xd7, -+ 0xfd, 0xa9, 0x15, 0x5b, 0x7f, 0xe2, 0x7a, 0xba, 0x69, 0x86, 0x72, 0xa6, 0x06, 0x8d, 0x9b, -+ 0x90, 0x55, 0x60, 0x9e, 0x4c, 0x5d, 0xa9, 0xb6, 0x55 -+ }; -+ -+ static const unsigned char keydata_dmp1[] = { -+ 0x7a, 0xd6, 0x12, 0xd0, 0x0e, 0xec, 0x91, 0xa9, 0x85, 0x8b, 0xf8, 0x50, 0xf0, 0x11, 0x2e, -+ 0x00, 0x11, 0x32, 0x40, 0x60, 0x66, 0x1f, 0x11, 0xee, 0xc2, 0x75, 0x27, 0x65, 0x4b, 0x16, -+ 0x67, 0x16, 0x95, 0xd2, 0x14, 0xc3, 0x1d, 0xb3, 0x48, 0x1f, 0xb7, 0xe4, 0x0b, 0x2b, 0x74, -+ 0xc3, 0xdb, 0x50, 0x27, 0xf9, 0x85, 0x3a, 0xfa, 0xa9, 0x08, 0x23, 0xc1, 0x65, 0x3d, 0x34, -+ 0x3a, 0xc8, 0x56, 0x7a, 0x65, 0x45, 0x36, 0x6e, 0xae, 0x2a, 0xce, 0x9f, 0x43, 0x43, 0xd7, -+ 0x10, 0xe9, 0x9e, 0x18, 0xf4, 0xa4, 0x35, 0xda, 0x8a, 0x6b, 0xb0, 0x3f, 0xdd, 0x53, 0xe3, -+ 0xa8, 0xc5, 0x4e, 0x79, 0x9d, 0x1f, 0x51, 0x8c, 0xa2, 0xca, 0x66, 0x3c, 0x6a, 0x2a, 0xff, -+ 0x8e, 0xd2, 0xf3, 0xb7, 0xcb, 0x82, 0xda, 0xde, 0x2c, 0xe6, 0xd2, 0x8c, 0xb3, 0xad, 0xb6, -+ 0x4c, 0x95, 0x55, 0x76, 0xbd, 0xc9, 0xc8, 0xd1 -+ }; -+ -+ static const unsigned char keydata_dmq1[] = { -+ 0x00, 0x83, 0x23, 0x1d, 0xbb, 0x11, 0x42, 0x17, 0x2b, 0x25, 0x5a, 0x2c, 0x03, 0xe6, 0x75, -+ 0xc1, 0x18, 0xa8, 0xc9, 0x0b, 0x96, 0xbf, 0xba, 0xc4, 0x92, 0x91, 0x80, 0xa5, 0x22, 0x2f, -+ 0xba, 0x91, 0x90, 0x36, 0x01, 0x56, 0x15, 0x00, 0x2c, 0x74, 0xa2, 0x97, 0xf7, 0x15, 0xa1, -+ 0x49, 0xdf, 0x32, 0x35, 0xd2, 0xdd, 0x0c, 0x91, 0xa6, 0xf8, 0xe7, 0xbe, 0x81, 0x36, 0x9b, -+ 0x03, 0xdc, 0x6b, 0x3b, 0xd8, 0x5d, 0x79, 0x57, 0xe0, 0xe6, 0x4f, 0x49, 0xdf, 0x4c, 0x5c, -+ 0x0e, 0xe5, 0x21, 0x41, 0x95, 0xfd, 0xad, 0xff, 0x9a, 0x3e, 0xa0, 0xf9, 0x0f, 0x59, 0x9e, -+ 0x6a, 0xa7, 0x7b, 0x71, 0xa7, 0x24, 0x9a, 0x36, 0x52, 0xae, 0x97, 0x20, 0xc1, 0x5e, 0x78, -+ 0xd9, 0x47, 0x8b, 0x1e, 0x67, 0xf2, 0xaf, 0x98, 0xe6, 0x2d, 0xef, 0x10, 0xd7, 0xf1, 0xab, -+ 0x49, 0xee, 0xe5, 0x4b, 0x7e, 0xae, 0x1f, 0x1d, 0x61 -+ }; -+ -+ static const unsigned char keydata_iqmp[] = { -+ 0x23, 0x96, 0xc1, 0x91, 0x17, 0x5e, 0x0a, 0x83, 0xd2, 0xdc, 0x7b, 0x69, 0xb2, 0x59, 0x1d, -+ 0x33, 0x58, 0x52, 0x3f, 0x18, 0xc7, 0x09, 0x50, 0x1c, 0xb9, 0xa1, 0xbb, 0x4c, 0xa2, 0x38, -+ 0x40, 0x4c, 0x9a, 0x8e, 0xfe, 0x9c, 0x90, 0x92, 0xd0, 0x71, 0x9f, 0x89, 0x99, 0x50, 0x91, -+ 0x1f, 0x34, 0x8b, 0x74, 0x53, 0x11, 0x11, 0x4a, 0x70, 0xe2, 0xf7, 0x30, 0xd8, 0x8c, 0x80, -+ 0xe1, 0xcc, 0x9f, 0xf1, 0x63, 0x17, 0x1a, 0x7d, 0x67, 0x29, 0x4c, 0xcb, 0x4e, 0x74, 0x7b, -+ 0xe0, 0x3e, 0x9e, 0x2f, 0xf4, 0x67, 0x8f, 0xec, 0xb9, 0x5c, 0x00, 0x1e, 0x7e, 0xa2, 0x7b, -+ 0x92, 0xc9, 0x6f, 0x4c, 0xe4, 0x0e, 0xf9, 0x48, 0x63, 0xcd, 0x50, 0x22, 0x5d, 0xbf, 0xb6, -+ 0x9d, 0x01, 0x33, 0x6a, 0xf4, 0x50, 0xbe, 0x86, 0x98, 0x4f, 0xca, 0x3f, 0x3a, 0xfa, 0xcf, -+ 0x07, 0x40, 0xc4, 0xaa, 0xad, 0xae, 0xbe, 0xbf -+ }; -+ -+ int rv = 0; -+ BIGNUM *n = NULL, *e = NULL, *d = NULL, *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; -+ -+ fips_load_key_component(n, keydata); -+ fips_load_key_component(e, keydata); -+ fips_load_key_component(d, keydata); -+ fips_load_key_component(p, keydata); -+ fips_load_key_component(q, keydata); -+ fips_load_key_component(dmp1, keydata); -+ fips_load_key_component(dmq1, keydata); -+ fips_load_key_component(iqmp, keydata); -+ -+ RSA_set0_key(key, n, e, d); -+ RSA_set0_factors(key, p, q); -+ RSA_set0_crt_params(key, dmp1, dmq1, iqmp); -+ -+ rv = 1; -+err: -+ if (!rv) { -+ BN_free(n); -+ BN_free(e); -+ BN_free(d); -+ BN_free(p); -+ BN_free(q); -+ BN_free(dmp1); -+ BN_free(dmq1); -+ BN_free(iqmp); -+ } -+ return rv; -+} -+ -+/* Known Answer Test (KAT) data for the above RSA private key signing -+ * kat_tbs. -+ */ -+ -+static const unsigned char kat_tbs[] = -+ "OpenSSL FIPS 140-2 Public Key RSA KAT"; -+ -+static const unsigned char kat_RSA_PSS_SHA256[] = { -+ 0x38, 0xDA, 0x99, 0x51, 0x26, 0x38, 0xC6, 0x7F, 0xC4, 0x81, 0x57, 0x19, -+ 0x35, 0xC6, 0xF6, 0x1E, 0x90, 0x47, 0x20, 0x55, 0x47, 0x56, 0x26, 0xE9, -+ 0xF2, 0xA8, 0x39, 0x6C, 0xD5, 0xCD, 0xCB, 0x55, 0xFC, 0x0C, 0xC5, 0xCB, -+ 0xF7, 0x40, 0x17, 0x3B, 0xCF, 0xE4, 0x05, 0x03, 0x3B, 0xA0, 0xB2, 0xC9, -+ 0x0D, 0x5E, 0x48, 0x3A, 0xE9, 0xAD, 0x28, 0x71, 0x7D, 0x8F, 0x89, 0x16, -+ 0x59, 0x93, 0x35, 0xDC, 0x4D, 0x7B, 0xDF, 0x84, 0xE4, 0x68, 0xAA, 0x33, -+ 0xAA, 0xDC, 0x66, 0x50, 0xC8, 0xA9, 0x32, 0x12, 0xDC, 0xC6, 0x90, 0x49, -+ 0x0B, 0x75, 0xFF, 0x9B, 0x95, 0x00, 0x9A, 0x90, 0xE0, 0xD4, 0x0E, 0x67, -+ 0xAB, 0x3C, 0x47, 0x36, 0xC5, 0x2E, 0x1C, 0x46, 0xF0, 0x2D, 0xD3, 0x8B, -+ 0x42, 0x08, 0xDE, 0x0D, 0xB6, 0x2C, 0x86, 0xB0, 0x35, 0x71, 0x18, 0x6B, -+ 0x89, 0x67, 0xC0, 0x05, 0xAD, 0xF4, 0x1D, 0x62, 0x4E, 0x75, 0xEC, 0xD6, -+ 0xC2, 0xDB, 0x07, 0xB0, 0xB6, 0x8D, 0x15, 0xAD, 0xCD, 0xBF, 0xF5, 0x60, -+ 0x76, 0xAE, 0x48, 0xB8, 0x77, 0x7F, 0xC5, 0x01, 0xD9, 0x29, 0xBB, 0xD6, -+ 0x17, 0xA2, 0x20, 0x5A, 0xC0, 0x4A, 0x3B, 0x34, 0xC8, 0xB9, 0x39, 0xCF, -+ 0x06, 0x89, 0x95, 0x6F, 0xC7, 0xCA, 0xC4, 0xE4, 0x43, 0xDF, 0x5A, 0x23, -+ 0xE2, 0x89, 0xA3, 0x38, 0x78, 0x31, 0x38, 0xC6, 0xA4, 0x6F, 0x5F, 0x73, -+ 0x5A, 0xE5, 0x9E, 0x09, 0xE7, 0x6F, 0xD4, 0xF8, 0x3E, 0xB7, 0xB0, 0x56, -+ 0x9A, 0xF3, 0x65, 0xF0, 0xC2, 0xA6, 0x8A, 0x08, 0xBA, 0x44, 0xAC, 0x97, -+ 0xDE, 0xB4, 0x16, 0x83, 0xDF, 0xE3, 0xEE, 0x71, 0xFA, 0xF9, 0x51, 0x50, -+ 0x14, 0xDC, 0xFD, 0x6A, 0x82, 0x20, 0x68, 0x64, 0x7D, 0x4E, 0x82, 0x68, -+ 0xD7, 0x45, 0xFA, 0x6A, 0xE4, 0xE5, 0x29, 0x3A, 0x70, 0xFB, 0xE4, 0x62, -+ 0x2B, 0x31, 0xB9, 0x7D -+}; -+ -+static const unsigned char kat_RSA_SHA256[] = { -+ 0xC2, 0xB1, 0x97, 0x00, 0x9A, 0xE5, 0x80, 0x6A, 0xE2, 0x51, 0x68, 0xB9, -+ 0x7A, 0x0C, 0xF2, 0xB4, 0x77, 0xED, 0x15, 0x0C, 0x4E, 0xE1, 0xDC, 0xFF, -+ 0x8E, 0xBC, 0xDE, 0xC7, 0x9A, 0x96, 0xF1, 0x47, 0x45, 0x24, 0x9D, 0x6F, -+ 0xA6, 0xF3, 0x1D, 0x0D, 0x35, 0x4C, 0x1A, 0xF3, 0x58, 0x2C, 0x6C, 0x06, -+ 0xD6, 0x22, 0x37, 0x77, 0x8C, 0x33, 0xE5, 0x07, 0x53, 0x93, 0x28, 0xCF, -+ 0x67, 0xFA, 0xC4, 0x1F, 0x1B, 0x24, 0xDB, 0x4C, 0xC5, 0x2A, 0x51, 0xA2, -+ 0x60, 0x15, 0x8C, 0x54, 0xB4, 0x30, 0xE2, 0x24, 0x47, 0x86, 0xF2, 0xF8, -+ 0x6C, 0xD6, 0x12, 0x59, 0x2C, 0x74, 0x9A, 0x37, 0xF3, 0xC4, 0xA2, 0xD5, -+ 0x4E, 0x1F, 0x77, 0xF0, 0x27, 0xCE, 0x77, 0xF8, 0x4A, 0x79, 0x03, 0xBE, -+ 0xC8, 0x06, 0x2D, 0xA7, 0xA6, 0x46, 0xF5, 0x55, 0x79, 0xD7, 0x5C, 0xC6, -+ 0x5B, 0xB1, 0x00, 0x4E, 0x7C, 0xD9, 0x11, 0x85, 0xE0, 0xB1, 0x4D, 0x2D, -+ 0x13, 0xD7, 0xAC, 0xEA, 0x64, 0xD1, 0xAC, 0x8F, 0x8D, 0x8F, 0xEA, 0x42, -+ 0x7F, 0xF9, 0xB7, 0x7D, 0x2C, 0x68, 0x49, 0x07, 0x7A, 0x74, 0xEF, 0xB4, -+ 0xC9, 0x97, 0x16, 0x5C, 0x6C, 0x6E, 0x5C, 0x09, 0x2E, 0x8E, 0x13, 0x2E, -+ 0x1A, 0x8D, 0xA6, 0x0C, 0x6E, 0x0C, 0x1C, 0x0F, 0xCC, 0xB2, 0x78, 0x8A, -+ 0x07, 0xFC, 0x5C, 0xC2, 0xF5, 0x65, 0xEC, 0xAB, 0x8B, 0x3C, 0xCA, 0x91, -+ 0x6F, 0x84, 0x7C, 0x21, 0x0E, 0xB8, 0xDA, 0x7B, 0x6C, 0xF7, 0xDF, 0xAB, -+ 0x7E, 0x15, 0xFD, 0x85, 0x0B, 0x33, 0x9B, 0x6A, 0x3A, 0xC3, 0xEF, 0x65, -+ 0x04, 0x6E, 0xB2, 0xAC, 0x98, 0xFD, 0xEB, 0x02, 0xF5, 0xC0, 0x0B, 0x5E, -+ 0xCB, 0xD4, 0x83, 0x82, 0x18, 0x1B, 0xDA, 0xB4, 0xCD, 0xE8, 0x71, 0x6B, -+ 0x1D, 0xB5, 0x4F, 0xE9, 0xD6, 0x43, 0xA0, 0x0A, 0x14, 0xA0, 0xE7, 0x5D, -+ 0x47, 0x9D, 0x18, 0xD7 -+}; -+ -+static int fips_rsa_encrypt_test(RSA *rsa, const unsigned char *plaintext, -+ int ptlen) -+{ -+ unsigned char *ctbuf = NULL, *ptbuf = NULL; -+ int ret = 0; -+ int len; -+ -+ ctbuf = OPENSSL_malloc(RSA_size(rsa)); -+ if (!ctbuf) -+ goto err; -+ -+ len = RSA_public_encrypt(ptlen, plaintext, ctbuf, rsa, RSA_PKCS1_PADDING); -+ if (len <= 0) -+ goto err; -+ /* Check ciphertext doesn't match plaintext */ -+ if (len >= ptlen && !memcmp(plaintext, ctbuf, ptlen)) -+ goto err; -+ -+ ptbuf = OPENSSL_malloc(RSA_size(rsa)); -+ if (!ptbuf) -+ goto err; -+ -+ len = RSA_private_decrypt(len, ctbuf, ptbuf, rsa, RSA_PKCS1_PADDING); -+ if (len != ptlen) -+ goto err; -+ if (memcmp(ptbuf, plaintext, len)) -+ goto err; -+ -+ ret = 1; -+ -+ err: -+ if (ctbuf) -+ OPENSSL_free(ctbuf); -+ if (ptbuf) -+ OPENSSL_free(ptbuf); -+ return ret; -+} -+ -+int FIPS_selftest_rsa() -+{ -+ int ret = 0; -+ RSA *key; -+ EVP_PKEY *pk = NULL; -+ -+ if ((key = RSA_new()) == NULL) -+ goto err; -+ -+ if (!setrsakey(key)) -+ goto err; -+ -+ if ((pk = EVP_PKEY_new()) == NULL) -+ goto err; -+ -+ EVP_PKEY_set1_RSA(pk, key); -+ -+ if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1, -+ kat_RSA_SHA256, sizeof(kat_RSA_SHA256), -+ EVP_sha256(), EVP_MD_CTX_FLAG_PAD_PKCS1, -+ "RSA SHA256 PKCS#1")) -+ goto err; -+ -+ if (!fips_pkey_signature_test(pk, kat_tbs, sizeof(kat_tbs) - 1, -+ kat_RSA_PSS_SHA256, -+ sizeof(kat_RSA_PSS_SHA256), EVP_sha256(), -+ EVP_MD_CTX_FLAG_PAD_PSS, "RSA SHA256 PSS")) -+ goto err; -+ -+ if (!fips_rsa_encrypt_test(key, kat_tbs, sizeof(kat_tbs) - 1)) -+ goto err; -+ -+ ret = 1; -+ -+ err: -+ if (pk) -+ EVP_PKEY_free(pk); -+ if (key) -+ RSA_free(key); -+ return ret; -+} -+ -+#endif /* def OPENSSL_FIPS */ -diff -up openssl-1.1.1j/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_sha_selftest.c ---- openssl-1.1.1j/crypto/fips/fips_sha_selftest.c.fips 2021-03-03 12:57:42.201734542 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_sha_selftest.c 2021-03-03 12:57:42.201734542 +0100 -@@ -0,0 +1,223 @@ -+/* ==================================================================== -+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+#ifdef OPENSSL_FIPS -+# include -+#endif -+#include -+#include -+ -+#ifdef OPENSSL_FIPS -+static const char test[][60] = { -+ "", -+ "abc", -+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -+}; -+ -+static const unsigned char ret[][SHA_DIGEST_LENGTH] = { -+ {0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d, 0x32, 0x55, -+ 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09}, -+ {0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, 0xba, 0x3e, -+ 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, 0x9c, 0xd0, 0xd8, 0x9d}, -+ {0x84, 0x98, 0x3e, 0x44, 0x1c, 0x3b, 0xd2, 0x6e, 0xba, 0xae, -+ 0x4a, 0xa1, 0xf9, 0x51, 0x29, 0xe5, 0xe5, 0x46, 0x70, 0xf1}, -+}; -+ -+int FIPS_selftest_sha1() -+{ -+ int n; -+ -+ for (n = 0; n < sizeof(test) / sizeof(test[0]); ++n) { -+ unsigned char md[SHA_DIGEST_LENGTH]; -+ -+ EVP_Digest(test[n], strlen(test[n]), md, NULL, -+ EVP_sha1(), NULL); -+ if (memcmp(md, ret[n], sizeof md)) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } -+ } -+ return 1; -+} -+ -+static const unsigned char msg_sha256[] = -+ { 0xfa, 0x48, 0x59, 0x2a, 0xe1, 0xae, 0x1f, 0x30, -+ 0xfc -+}; -+ -+static const unsigned char dig_sha256[] = -+ { 0xf7, 0x26, 0xd8, 0x98, 0x47, 0x91, 0x68, 0x5b, -+ 0x9e, 0x39, 0xb2, 0x58, 0xbb, 0x75, 0xbf, 0x01, -+ 0x17, 0x0c, 0x84, 0x00, 0x01, 0x7a, 0x94, 0x83, -+ 0xf3, 0x0b, 0x15, 0x84, 0x4b, 0x69, 0x88, 0x8a -+}; -+ -+static const unsigned char msg_sha512[] = -+ { 0x37, 0xd1, 0x35, 0x9d, 0x18, 0x41, 0xe9, 0xb7, -+ 0x6d, 0x9a, 0x13, 0xda, 0x5f, 0xf3, 0xbd -+}; -+ -+static const unsigned char dig_sha512[] = -+ { 0x11, 0x13, 0xc4, 0x19, 0xed, 0x2b, 0x1d, 0x16, -+ 0x11, 0xeb, 0x9b, 0xbe, 0xf0, 0x7f, 0xcf, 0x44, -+ 0x8b, 0xd7, 0x57, 0xbd, 0x8d, 0xa9, 0x25, 0xb0, -+ 0x47, 0x25, 0xd6, 0x6c, 0x9a, 0x54, 0x7f, 0x8f, -+ 0x0b, 0x53, 0x1a, 0x10, 0x68, 0x32, 0x03, 0x38, -+ 0x82, 0xc4, 0x87, 0xc4, 0xea, 0x0e, 0xd1, 0x04, -+ 0xa9, 0x98, 0xc1, 0x05, 0xa3, 0xf3, 0xf8, 0xb1, -+ 0xaf, 0xbc, 0xd9, 0x78, 0x7e, 0xee, 0x3d, 0x43 -+}; -+ -+int FIPS_selftest_sha2(void) -+{ -+ unsigned char md[SHA512_DIGEST_LENGTH]; -+ -+ EVP_Digest(msg_sha256, sizeof(msg_sha256), md, NULL, EVP_sha256(), NULL); -+ if (memcmp(dig_sha256, md, sizeof(dig_sha256))) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST_SHA2, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } -+ -+ EVP_Digest(msg_sha512, sizeof(msg_sha512), md, NULL, EVP_sha512(), NULL); -+ if (memcmp(dig_sha512, md, sizeof(dig_sha512))) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST_SHA2, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } -+ -+ return 1; -+} -+ -+static const unsigned char msg_sha3_256[] = { -+ 0xa1, 0xd7, 0xce, 0x51, 0x04, 0xeb, 0x25, 0xd6, -+ 0x13, 0x1b, 0xb8, 0xf6, 0x6e, 0x1f, 0xb1, 0x3f, -+ 0x35, 0x23 -+}; -+ -+static const unsigned char dig_sha3_256[] = { -+ 0xee, 0x90, 0x62, 0xf3, 0x97, 0x20, 0xb8, 0x21, -+ 0xb8, 0x8b, 0xe5, 0xe6, 0x46, 0x21, 0xd7, 0xe0, -+ 0xca, 0x02, 0x6a, 0x9f, 0xe7, 0x24, 0x8d, 0x78, -+ 0x15, 0x0b, 0x14, 0xbd, 0xba, 0xa4, 0x0b, 0xed -+}; -+ -+static const unsigned char msg_sha3_512[] = { -+ 0x13, 0x3b, 0x49, 0x7b, 0x00, 0x93, 0x27, 0x73, -+ 0xa5, 0x3b, 0xa9, 0xbf, 0x8e, 0x61, 0xd5, 0x9f, -+ 0x05, 0xf4 -+}; -+ -+static const unsigned char dig_sha3_512[] = { -+ 0x78, 0x39, 0x64, 0xa1, 0xcf, 0x41, 0xd6, 0xd2, -+ 0x10, 0xa8, 0xd7, 0xc8, 0x1c, 0xe6, 0x97, 0x0a, -+ 0xa6, 0x2c, 0x90, 0x53, 0xcb, 0x89, 0xe1, 0x5f, -+ 0x88, 0x05, 0x39, 0x57, 0xec, 0xf6, 0x07, 0xf4, -+ 0x2a, 0xf0, 0x88, 0x04, 0xe7, 0x6f, 0x2f, 0xbd, -+ 0xbb, 0x31, 0x80, 0x9c, 0x9e, 0xef, 0xc6, 0x0e, -+ 0x23, 0x3d, 0x66, 0x24, 0x36, 0x7a, 0x3b, 0x9c, -+ 0x30, 0xf8, 0xee, 0x5f, 0x65, 0xbe, 0x56, 0xac -+}; -+ -+static const unsigned char msg_shake_128[] = { -+ 0x43, 0xbd, 0xb1, 0x1e, 0xac, 0x71, 0x03, 0x1f, -+ 0x02, 0xa1, 0x1c, 0x15, 0xa1, 0x88, 0x5f, 0xa4, -+ 0x28, 0x98 -+}; -+ -+static const unsigned char dig_shake_128[] = { -+ 0xde, 0x68, 0x02, 0x7d, 0xa1, 0x30, 0x66, 0x3a, -+ 0x73, 0x98, 0x0e, 0x35, 0x25, 0xb8, 0x8c, 0x75 -+}; -+ -+static const unsigned char msg_shake_256[] = { -+ 0x8f, 0x84, 0xa3, 0x7d, 0xbd, 0x44, 0xd0, 0xf6, -+ 0x95, 0x36, 0xc5, 0xf4, 0x44, 0x6b, 0xa3, 0x23, -+ 0x9b, 0xfc -+}; -+ -+static const unsigned char dig_shake_256[] = { -+ 0x05, 0xca, 0x83, 0x5e, 0x0c, 0xdb, 0xfa, 0xf5, -+ 0x95, 0xc6, 0x86, 0x7e, 0x2d, 0x9d, 0xb9, 0x3f, -+ 0xca, 0x9c, 0x8b, 0xc6, 0x65, 0x02, 0x2e, 0xdd, -+ 0x6f, 0xe7, 0xb3, 0xda, 0x5e, 0x07, 0xc4, 0xcf -+}; -+ -+int FIPS_selftest_sha3(void) -+{ -+ unsigned char md[SHA512_DIGEST_LENGTH]; -+ -+ EVP_Digest(msg_sha3_256, sizeof(msg_sha3_256), md, NULL, EVP_sha3_256(), NULL); -+ if (memcmp(dig_sha3_256, md, sizeof(dig_sha3_256))) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } -+ -+ EVP_Digest(msg_sha3_512, sizeof(msg_sha3_512), md, NULL, EVP_sha3_512(), NULL); -+ if (memcmp(dig_sha3_512, md, sizeof(dig_sha3_512))) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } -+ -+ EVP_Digest(msg_shake_128, sizeof(msg_shake_128), md, NULL, EVP_shake128(), NULL); -+ if (memcmp(dig_shake_128, md, sizeof(dig_shake_128))) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } -+ -+ EVP_Digest(msg_shake_256, sizeof(msg_shake_256), md, NULL, EVP_shake256(), NULL); -+ if (memcmp(dig_shake_256, md, sizeof(dig_shake_256))) { -+ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_SELFTEST_FAILED); -+ return 0; -+ } -+ -+ return 1; -+} -+ -+#endif -diff -up openssl-1.1.1j/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1j/crypto/fips/fips_standalone_hmac.c ---- openssl-1.1.1j/crypto/fips/fips_standalone_hmac.c.fips 2021-03-03 12:57:42.201734542 +0100 -+++ openssl-1.1.1j/crypto/fips/fips_standalone_hmac.c 2021-03-03 12:57:42.201734542 +0100 -@@ -0,0 +1,127 @@ -+/* ==================================================================== -+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+int main(int argc, char **argv) -+{ -+#ifdef OPENSSL_FIPS -+ static char key[] = "orboDeJITITejsirpADONivirpUkvarP"; -+ int n, binary = 0; -+ -+ if (argc < 2) { -+ fprintf(stderr, "%s []+\n", argv[0]); -+ exit(1); -+ } -+ -+ n = 1; -+ if (!strcmp(argv[n], "-binary")) { -+ n++; -+ binary = 1; /* emit binary fingerprint... */ -+ } -+ -+ for (; n < argc; ++n) { -+ FILE *f = fopen(argv[n], "rb"); -+ HMAC_CTX *hmac_ctx; -+ unsigned char mac[EVP_MAX_MD_SIZE]; -+ unsigned int len; -+ unsigned int i; -+ -+ if (!f) { -+ perror(argv[n]); -+ exit(2); -+ } -+ hmac_ctx = HMAC_CTX_new(); -+ if (!hmac_ctx) -+ exit(3); -+ -+ if (HMAC_Init_ex(hmac_ctx, key, strlen(key), EVP_sha256(), NULL) <= 0) { -+ fprintf(stderr, "HMAC SHA256 initialization failed.\n"); -+ exit(4); -+ } -+ -+ for (;;) { -+ unsigned char buf[1024]; -+ size_t l = fread(buf, 1, sizeof buf, f); -+ -+ if (l == 0) { -+ if (ferror(f)) { -+ perror(argv[n]); -+ exit(3); -+ } else -+ break; -+ } -+ if (HMAC_Update(hmac_ctx, buf, l) <= 0) { -+ fprintf(stderr, "HMAC_Update() failed.\n"); -+ exit(4); -+ } -+ } -+ if (HMAC_Final(hmac_ctx, mac, &len) <= 0) { -+ fprintf(stderr, "HMAC_Final() failed.\n"); -+ exit(4); -+ } -+ -+ if (binary) { -+ fwrite(mac, len, 1, stdout); -+ break; /* ... for single(!) file */ -+ } -+ -+/* printf("HMAC-SHA1(%s)= ",argv[n]); */ -+ for (i = 0; i < len; ++i) -+ printf("%02x", mac[i]); -+ printf("\n"); -+ } -+#endif -+ return 0; -+} -diff -up openssl-1.1.1j/crypto/hmac/hmac.c.fips openssl-1.1.1j/crypto/hmac/hmac.c ---- openssl-1.1.1j/crypto/hmac/hmac.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/hmac/hmac.c 2021-03-03 12:57:42.202734550 +0100 -@@ -44,6 +44,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo - return 0; - - if (key != NULL) { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(EVP_MD_flags(md) & EVP_MD_FLAG_FIPS) -+ && (!EVP_MD_CTX_test_flags(ctx->md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) -+ || !EVP_MD_CTX_test_flags(ctx->i_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) -+ || !EVP_MD_CTX_test_flags(ctx->o_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW))) -+ goto err; -+#endif - reset = 1; - - j = EVP_MD_block_size(md); -diff -up openssl-1.1.1j/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1j/crypto/hmac/hm_pmeth.c ---- openssl-1.1.1j/crypto/hmac/hm_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/hmac/hm_pmeth.c 2021-03-03 12:57:42.202734550 +0100 -@@ -180,7 +180,7 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_C - - const EVP_PKEY_METHOD hmac_pkey_meth = { - EVP_PKEY_HMAC, -- 0, -+ EVP_PKEY_FLAG_FIPS, - pkey_hmac_init, - pkey_hmac_copy, - pkey_hmac_cleanup, -diff -up openssl-1.1.1j/crypto/o_fips.c.fips openssl-1.1.1j/crypto/o_fips.c ---- openssl-1.1.1j/crypto/o_fips.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/o_fips.c 2021-03-03 12:57:42.202734550 +0100 -@@ -8,17 +8,28 @@ - */ - - #include "internal/cryptlib.h" -+#include "crypto/fips.h" - - int FIPS_mode(void) - { -+#ifdef OPENSSL_FIPS -+ return FIPS_module_mode(); -+#else - /* This version of the library does not support FIPS mode. */ - return 0; -+#endif - } - - int FIPS_mode_set(int r) - { -+#ifdef OPENSSL_FIPS -+ if (r && FIPS_module_mode()) /* can be implicitly initialized by OPENSSL_init() */ -+ return 1; -+ return FIPS_module_mode_set(r); -+#else - if (r == 0) - return 1; - CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED); - return 0; -+#endif - } -diff -up openssl-1.1.1j/crypto/o_init.c.fips openssl-1.1.1j/crypto/o_init.c ---- openssl-1.1.1j/crypto/o_init.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/o_init.c 2021-03-03 12:57:42.202734550 +0100 -@@ -7,8 +7,69 @@ - * https://www.openssl.org/source/license.html - */ - -+/* for secure_getenv */ -+#define _GNU_SOURCE - #include "e_os.h" - #include -+#ifdef OPENSSL_FIPS -+# include -+# include -+# include -+# include -+# include -+# include -+# include -+# include -+# include "crypto/fips.h" -+ -+# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" -+ -+static void init_fips_mode(void) -+{ -+ char buf[2] = "0"; -+ int fd; -+ -+ if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) { -+ buf[0] = '1'; -+ } else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) { -+ while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR) ; -+ close(fd); -+ } -+ -+ if (buf[0] != '1' && !FIPS_module_installed()) -+ return; -+ -+ /* Ensure the selftests always run */ -+ /* XXX: TO SOLVE - premature initialization due to selftests */ -+ FIPS_mode_set(1); -+ -+ /* Failure reading the fips mode switch file means just not -+ * switching into FIPS mode. We would break too many things -+ * otherwise.. -+ */ -+ -+ if (buf[0] != '1') { -+ /* drop down to non-FIPS mode if it is not requested */ -+ FIPS_mode_set(0); -+ } else { -+ /* abort if selftest failed */ -+ FIPS_selftest_check(); -+ } -+} -+ -+/* -+ * Perform FIPS module power on selftest and automatic FIPS mode switch. -+ */ -+ -+void __attribute__ ((constructor)) OPENSSL_init_library(void) -+{ -+ static int done = 0; -+ if (done) -+ return; -+ done = 1; -+ init_fips_mode(); -+} -+#endif - - /* - * Perform any essential OpenSSL initialization operations. Currently does -diff -up openssl-1.1.1j/crypto/rand/rand_lib.c.fips openssl-1.1.1j/crypto/rand/rand_lib.c ---- openssl-1.1.1j/crypto/rand/rand_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/rand/rand_lib.c 2021-03-03 12:57:42.202734550 +0100 -@@ -16,6 +16,10 @@ - #include "internal/thread_once.h" - #include "rand_local.h" - #include "e_os.h" -+#ifdef OPENSSL_FIPS -+# include -+# include -+#endif - - #ifndef OPENSSL_NO_ENGINE - /* non-NULL if default_RAND_meth is ENGINE-provided */ -@@ -959,3 +963,15 @@ int RAND_status(void) - return meth->status(); - return 0; - } -+ -+#ifdef OPENSSL_FIPS -+void RAND_set_fips_drbg_type(int type, int flags) -+{ /* just a stub for ABI compatibility */ -+} -+ -+int RAND_init_fips(void) -+{ -+ /* just a stub for ABI compatibility */ -+ return 1; -+} -+#endif -diff -up openssl-1.1.1j/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1j/crypto/rsa/rsa_crpt.c ---- openssl-1.1.1j/crypto/rsa/rsa_crpt.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/rsa/rsa_crpt.c 2021-03-03 12:57:42.202734550 +0100 -@@ -27,24 +27,52 @@ int RSA_size(const RSA *r) - int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) -+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { -+ RSAerr(RSA_F_RSA_PUBLIC_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD); -+ return -1; -+ } -+#endif - return rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding); - } - - int RSA_private_encrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { -+ RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, -+ RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); -+ return -1; -+ } -+#endif - return rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding); - } - - int RSA_private_decrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) -+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { -+ RSAerr(RSA_F_RSA_PRIVATE_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD); -+ return -1; -+ } -+#endif - return rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding); - } - - int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { -+ RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, -+ RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); -+ return -1; -+ } -+#endif - return rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding); - } - -diff -up openssl-1.1.1j/crypto/rsa/rsa_err.c.fips openssl-1.1.1j/crypto/rsa/rsa_err.c ---- openssl-1.1.1j/crypto/rsa/rsa_err.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/rsa/rsa_err.c 2021-03-03 12:57:42.202734550 +0100 -@@ -16,6 +16,8 @@ - static const ERR_STRING_DATA RSA_str_functs[] = { - {ERR_PACK(ERR_LIB_RSA, RSA_F_CHECK_PADDING_MD, 0), "check_padding_md"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_ENCODE_PKCS1, 0), "encode_pkcs1"}, -+ {ERR_PACK(ERR_LIB_RSA, RSA_F_FIPS_RSA_BUILTIN_KEYGEN, 0), -+ "fips_rsa_builtin_keygen"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_INT_RSA_VERIFY, 0), "int_rsa_verify"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_OLD_RSA_PRIV_DECODE, 0), - "old_rsa_priv_decode"}, -@@ -32,6 +34,9 @@ static const ERR_STRING_DATA RSA_str_fun - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CHECK_KEY_EX, 0), "RSA_check_key_ex"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_DECRYPT, 0), "rsa_cms_decrypt"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_VERIFY, 0), "rsa_cms_verify"}, -+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_KEY_EX, 0), "RSA_generate_key_ex"}, -+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, 0), -+ "RSA_generate_multi_prime_key"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_ITEM_VERIFY, 0), "rsa_item_verify"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_DUP, 0), "RSA_meth_dup"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_NEW, 0), "RSA_meth_new"}, -@@ -90,9 +95,13 @@ static const ERR_STRING_DATA RSA_str_fun - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRINT_FP, 0), "RSA_print_fp"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_DECODE, 0), "rsa_priv_decode"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_ENCODE, 0), "rsa_priv_encode"}, -+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_DECRYPT, 0), "RSA_private_decrypt"}, -+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_ENCRYPT, 0), "RSA_private_encrypt"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_GET_PARAM, 0), "rsa_pss_get_param"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_TO_CTX, 0), "rsa_pss_to_ctx"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUB_DECODE, 0), "rsa_pub_decode"}, -+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUBLIC_DECRYPT, 0), "RSA_public_decrypt"}, -+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUBLIC_ENCRYPT, 0), "RSA_public_encrypt"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SETUP_BLINDING, 0), "RSA_setup_blinding"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN, 0), "RSA_sign"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN_ASN1_OCTET_STRING, 0), -@@ -102,6 +111,8 @@ static const ERR_STRING_DATA RSA_str_fun - "RSA_verify_ASN1_OCTET_STRING"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, 0), - "RSA_verify_PKCS1_PSS_mgf1"}, -+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_DEFAULT_METHOD, 0), "RSA_set_default_method"}, -+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_METHOD, 0), "RSA_set_method"}, - {ERR_PACK(ERR_LIB_RSA, RSA_F_SETUP_TBUF, 0), "setup_tbuf"}, - {0, NULL} - }; -@@ -183,6 +194,7 @@ static const ERR_STRING_DATA RSA_str_rea - "mp exponent not congruent to d"}, - {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MP_R_NOT_PRIME), "mp r not prime"}, - {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"}, -+ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NON_FIPS_RSA_METHOD), "non FIPS rsa method"}, - {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NULL_BEFORE_BLOCK_MISSING), - "null before block missing"}, - {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES), -@@ -191,6 +203,8 @@ static const ERR_STRING_DATA RSA_str_rea - "n does not equal p q"}, - {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OAEP_DECODING_ERROR), - "oaep decoding error"}, -+ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE), -+ "operation not allowed in FIPS mode"}, - {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), - "operation not supported for this keytype"}, - {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PADDING_CHECK_FAILED), -@@ -226,6 +240,8 @@ static const ERR_STRING_DATA RSA_str_rea - "unsupported mask algorithm"}, - {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_MASK_PARAMETER), - "unsupported mask parameter"}, -+ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_PARAMETERS), -+ "unsupported parameters"}, - {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_SIGNATURE_TYPE), - "unsupported signature type"}, - {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_VALUE_MISSING), "value missing"}, -diff -up openssl-1.1.1j/crypto/rsa/rsa_gen.c.fips openssl-1.1.1j/crypto/rsa/rsa_gen.c ---- openssl-1.1.1j/crypto/rsa/rsa_gen.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/rsa/rsa_gen.c 2021-03-03 12:57:42.202734550 +0100 -@@ -18,6 +18,76 @@ - #include "internal/cryptlib.h" - #include - #include "rsa_local.h" -+#ifdef OPENSSL_FIPS -+# include -+# include "crypto/fips.h" -+ -+int fips_check_rsa(RSA *rsa) -+{ -+ const unsigned char tbs[] = "RSA Pairwise Check Data"; -+ unsigned char *ctbuf = NULL, *ptbuf = NULL; -+ int len, ret = 0; -+ EVP_PKEY *pk; -+ -+ if ((pk = EVP_PKEY_new()) == NULL) -+ goto err; -+ -+ EVP_PKEY_set1_RSA(pk, rsa); -+ -+ /* Perform pairwise consistency signature test */ -+ if (!fips_pkey_signature_test(pk, tbs, -1, -+ NULL, 0, EVP_sha256(), -+ EVP_MD_CTX_FLAG_PAD_PKCS1, NULL) -+ || !fips_pkey_signature_test(pk, tbs, -1, NULL, 0, EVP_sha256(), -+ EVP_MD_CTX_FLAG_PAD_PSS, NULL)) -+ goto err; -+ /* Now perform pairwise consistency encrypt/decrypt test */ -+ ctbuf = OPENSSL_malloc(RSA_size(rsa)); -+ if (!ctbuf) -+ goto err; -+ -+ len = -+ RSA_public_encrypt(sizeof(tbs) - 1, tbs, ctbuf, rsa, -+ RSA_PKCS1_PADDING); -+ if (len <= 0) -+ goto err; -+ /* Check ciphertext doesn't match plaintext */ -+ if ((len == (sizeof(tbs) - 1)) && !memcmp(tbs, ctbuf, len)) -+ goto err; -+ ptbuf = OPENSSL_malloc(RSA_size(rsa)); -+ -+ if (!ptbuf) -+ goto err; -+ len = RSA_private_decrypt(len, ctbuf, ptbuf, rsa, RSA_PKCS1_PADDING); -+ if (len != (sizeof(tbs) - 1)) -+ goto err; -+ if (memcmp(ptbuf, tbs, len)) -+ goto err; -+ -+ ret = 1; -+ -+ if (!ptbuf) -+ goto err; -+ -+ err: -+ if (ret == 0) { -+ fips_set_selftest_fail(); -+ FIPSerr(FIPS_F_FIPS_CHECK_RSA, FIPS_R_PAIRWISE_TEST_FAILED); -+ } -+ -+ if (ctbuf) -+ OPENSSL_free(ctbuf); -+ if (ptbuf) -+ OPENSSL_free(ptbuf); -+ if (pk) -+ EVP_PKEY_free(pk); -+ -+ return ret; -+} -+ -+static int fips_rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, -+ BN_GENCB *cb); -+#endif - - static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, - BN_GENCB *cb); -@@ -31,6 +101,13 @@ static int rsa_builtin_keygen(RSA *rsa, - */ - int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) -+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { -+ RSAerr(RSA_F_RSA_GENERATE_KEY_EX, RSA_R_NON_FIPS_RSA_METHOD); -+ return 0; -+ } -+#endif - if (rsa->meth->rsa_keygen != NULL) - return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); - -@@ -41,6 +118,13 @@ int RSA_generate_key_ex(RSA *rsa, int bi - int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, - BIGNUM *e_value, BN_GENCB *cb) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) -+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { -+ RSAerr(RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, RSA_R_NON_FIPS_RSA_METHOD); -+ return 0; -+ } -+#endif - /* multi-prime is only supported with the builtin key generation */ - if (rsa->meth->rsa_multi_prime_keygen != NULL) { - return rsa->meth->rsa_multi_prime_keygen(rsa, bits, primes, -@@ -57,10 +141,285 @@ int RSA_generate_multi_prime_key(RSA *rs - else - return 0; - } -- -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode()) { -+ if (primes != 2) { -+ RSAerr(RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, RSA_R_UNSUPPORTED_PARAMETERS); -+ return 0; -+ } -+ return fips_rsa_builtin_keygen(rsa, bits, e_value, cb); -+ } -+#endif - return rsa_builtin_keygen(rsa, bits, primes, e_value, cb); - } - -+#ifdef OPENSSL_FIPS -+static int fips_rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, -+ BN_GENCB *cb) -+{ -+ BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp; -+ BN_CTX *ctx = NULL; -+ int ok = -1; -+ int i; -+ int n = 0; -+ int test = 0; -+ int pbits = bits / 2; -+ unsigned long error = 0; -+ -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_FIPS_SELFTEST_FAILED); -+ return 0; -+ } -+ -+ if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS -+ || (getenv("OPENSSL_ENFORCE_MODULUS_BITS") && bits < 2048)) { -+ FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_KEY_TOO_SHORT); -+ return 0; -+ } -+ if ((pbits & 0xFF) != 0) { -+ FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_INVALID_KEY_LENGTH); -+ return 0; -+ } -+ -+ ctx = BN_CTX_new(); -+ if (ctx == NULL) -+ goto err; -+ BN_CTX_start(ctx); -+ r0 = BN_CTX_get(ctx); -+ r1 = BN_CTX_get(ctx); -+ r2 = BN_CTX_get(ctx); -+ r3 = BN_CTX_get(ctx); -+ -+ if (r3 == NULL) -+ goto err; -+ -+ /* We need the RSA components non-NULL */ -+ if (!rsa->n && ((rsa->n = BN_new()) == NULL)) -+ goto err; -+ if (!rsa->d && ((rsa->d = BN_secure_new()) == NULL)) -+ goto err; -+ if (!rsa->e && ((rsa->e = BN_new()) == NULL)) -+ goto err; -+ if (!rsa->p && ((rsa->p = BN_secure_new()) == NULL)) -+ goto err; -+ if (!rsa->q && ((rsa->q = BN_secure_new()) == NULL)) -+ goto err; -+ if (!rsa->dmp1 && ((rsa->dmp1 = BN_secure_new()) == NULL)) -+ goto err; -+ if (!rsa->dmq1 && ((rsa->dmq1 = BN_secure_new()) == NULL)) -+ goto err; -+ if (!rsa->iqmp && ((rsa->iqmp = BN_secure_new()) == NULL)) -+ goto err; -+ -+ if (!BN_set_word(r0, RSA_F4)) -+ goto err; -+ if (BN_cmp(e_value, r0) < 0 || BN_num_bits(e_value) > 256) { -+ ok = 0; /* we set our own err */ -+ RSAerr(RSA_F_FIPS_RSA_BUILTIN_KEYGEN, RSA_R_BAD_E_VALUE); -+ goto err; -+ } -+ -+ /* prepare approximate minimum p and q */ -+ if (!BN_set_word(r0, 0xB504F334)) -+ goto err; -+ if (!BN_lshift(r0, r0, pbits - 32)) -+ goto err; -+ -+ /* prepare minimum p and q difference */ -+ if (!BN_one(r3)) -+ goto err; -+ if (!BN_lshift(r3, r3, pbits - 100)) -+ goto err; -+ -+ BN_copy(rsa->e, e_value); -+ -+ if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q)) -+ test = 1; -+ -+ BN_set_flags(r0, BN_FLG_CONSTTIME); -+ BN_set_flags(r1, BN_FLG_CONSTTIME); -+ BN_set_flags(r2, BN_FLG_CONSTTIME); -+ BN_set_flags(rsa->p, BN_FLG_CONSTTIME); -+ BN_set_flags(rsa->q, BN_FLG_CONSTTIME); -+ -+ retry: -+ /* generate p and q */ -+ for (i = 0; i < 5 * pbits; i++) { -+ ploop: -+ if (!test) -+ if (!BN_rand(rsa->p, pbits, 0, 1)) -+ goto err; -+ if (BN_cmp(rsa->p, r0) < 0) { -+ if (test) -+ goto err; -+ goto ploop; -+ } -+ -+ if (!BN_sub(r2, rsa->p, BN_value_one())) -+ goto err; -+ ERR_set_mark(); -+ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) { -+ /* GCD == 1 since inverse exists */ -+ int r; -+ r = BN_is_prime_fasttest_ex(rsa->p, pbits > 1024 ? 4 : 5, ctx, 0, -+ cb); -+ if (r == -1 || (test && r <= 0)) -+ goto err; -+ if (r > 0) -+ break; -+ } else { -+ error = ERR_peek_last_error(); -+ if (ERR_GET_LIB(error) == ERR_LIB_BN -+ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) { -+ /* GCD != 1 */ -+ ERR_pop_to_mark(); -+ } else { -+ goto err; -+ } -+ } -+ if (!BN_GENCB_call(cb, 2, n++)) -+ goto err; -+ } -+ -+ if (!BN_GENCB_call(cb, 3, 0)) -+ goto err; -+ -+ if (i >= 5 * pbits) -+ /* prime not found */ -+ goto err; -+ -+ for (i = 0; i < 5 * pbits; i++) { -+ qloop: -+ if (!test) -+ if (!BN_rand(rsa->q, pbits, 0, 1)) -+ goto err; -+ if (BN_cmp(rsa->q, r0) < 0) { -+ if (test) -+ goto err; -+ goto qloop; -+ } -+ if (!BN_sub(r2, rsa->q, rsa->p)) -+ goto err; -+ if (BN_ucmp(r2, r3) <= 0) { -+ if (test) -+ goto err; -+ goto qloop; -+ } -+ -+ if (!BN_sub(r2, rsa->q, BN_value_one())) -+ goto err; -+ ERR_set_mark(); -+ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) { -+ /* GCD == 1 since inverse exists */ -+ int r; -+ r = BN_is_prime_fasttest_ex(rsa->q, pbits > 1024 ? 4 : 5, ctx, 0, -+ cb); -+ if (r == -1 || (test && r <= 0)) -+ goto err; -+ if (r > 0) -+ break; -+ } else { -+ error = ERR_peek_last_error(); -+ if (ERR_GET_LIB(error) == ERR_LIB_BN -+ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) { -+ /* GCD != 1 */ -+ ERR_pop_to_mark(); -+ } else { -+ goto err; -+ } -+ } -+ if (!BN_GENCB_call(cb, 2, n++)) -+ goto err; -+ } -+ -+ if (!BN_GENCB_call(cb, 3, 1)) -+ goto err; -+ -+ if (i >= 5 * pbits) -+ /* prime not found */ -+ goto err; -+ -+ if (test) { -+ /* do not try to calculate the remaining key values */ -+ BN_clear(rsa->n); -+ ok = 1; -+ goto err; -+ } -+ -+ if (BN_cmp(rsa->p, rsa->q) < 0) { -+ tmp = rsa->p; -+ rsa->p = rsa->q; -+ rsa->q = tmp; -+ } -+ -+ /* calculate n */ -+ if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) -+ goto err; -+ -+ /* calculate d */ -+ if (!BN_sub(r1, rsa->p, BN_value_one())) -+ goto err; /* p-1 */ -+ if (!BN_sub(r2, rsa->q, BN_value_one())) -+ goto err; /* q-1 */ -+ -+ /* note that computing gcd is not safe to timing attacks */ -+ if (!BN_gcd(r0, r1, r2, ctx)) -+ goto err; -+ -+ { -+ if (!BN_div(r0, NULL, r1, r0, ctx)) -+ goto err; -+ -+ if (!BN_mul(r0, r0, r2, ctx)) /* lcm(p-1, q-1) */ -+ goto err; -+ -+ if (!BN_mod_inverse(rsa->d, rsa->e, r0, ctx)) /* d */ -+ goto err; -+ } -+ -+ if (BN_num_bits(rsa->d) < pbits) -+ goto retry; /* d is too small */ -+ -+ { -+ BIGNUM *d = BN_new(); -+ -+ if (d == NULL) -+ goto err; -+ BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); -+ -+ if (/* calculate d mod (p-1) */ -+ !BN_mod(rsa->dmp1, d, r1, ctx) -+ /* calculate d mod (q-1) */ -+ || !BN_mod(rsa->dmq1, d, r2, ctx)) { -+ BN_free(d); -+ goto err; -+ } -+ /* We MUST free d before any further use of rsa->d */ -+ BN_free(d); -+ } -+ -+ /* calculate inverse of q mod p */ -+ if (!BN_mod_inverse(rsa->iqmp, rsa->q, rsa->p, ctx)) -+ goto err; -+ -+ if (!fips_check_rsa(rsa)) -+ goto err; -+ -+ ok = 1; -+ err: -+ if (ok == -1) { -+ RSAerr(RSA_F_FIPS_RSA_BUILTIN_KEYGEN, ERR_LIB_BN); -+ ok = 0; -+ } -+ if (ctx != NULL) { -+ BN_CTX_end(ctx); -+ BN_CTX_free(ctx); -+ } -+ -+ return ok; -+} -+#endif -+ - static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, - BN_GENCB *cb) - { -diff -up openssl-1.1.1j/crypto/rsa/rsa_lib.c.fips openssl-1.1.1j/crypto/rsa/rsa_lib.c ---- openssl-1.1.1j/crypto/rsa/rsa_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/rsa/rsa_lib.c 2021-03-03 12:57:42.203734558 +0100 -@@ -34,6 +34,12 @@ int RSA_set_method(RSA *rsa, const RSA_M - * to deal with which ENGINE it comes from. - */ - const RSA_METHOD *mtmp; -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) { -+ RSAerr(RSA_F_RSA_SET_METHOD, RSA_R_NON_FIPS_RSA_METHOD); -+ return 0; -+ } -+#endif - mtmp = rsa->meth; - if (mtmp->finish) - mtmp->finish(rsa); -@@ -66,7 +72,6 @@ RSA *RSA_new_method(ENGINE *engine) - - ret->meth = RSA_get_default_method(); - #ifndef OPENSSL_NO_ENGINE -- ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; - if (engine) { - if (!ENGINE_init(engine)) { - RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); -@@ -84,8 +89,19 @@ RSA *RSA_new_method(ENGINE *engine) - } - } - #endif -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(ret->meth->flags & RSA_FLAG_FIPS_METHOD)) { -+ RSAerr(RSA_F_RSA_NEW_METHOD, RSA_R_NON_FIPS_RSA_METHOD); -+# ifndef OPENSSL_NO_ENGINE -+ if (ret->engine) -+ ENGINE_finish(ret->engine); -+# endif -+ OPENSSL_free(ret); -+ return NULL; -+ } -+#endif - -- ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; -+ ret->flags = ret->meth->flags; - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) { - goto err; - } -diff -up openssl-1.1.1j/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1j/crypto/rsa/rsa_ossl.c ---- openssl-1.1.1j/crypto/rsa/rsa_ossl.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/rsa/rsa_ossl.c 2021-03-03 12:57:42.203734558 +0100 -@@ -12,6 +12,10 @@ - #include "rsa_local.h" - #include "internal/constant_time.h" - -+#ifdef OPENSSL_FIPS -+# include -+#endif -+ - static int rsa_ossl_public_encrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - static int rsa_ossl_private_encrypt(int flen, const unsigned char *from, -@@ -47,6 +51,12 @@ static const RSA_METHOD *default_RSA_met - - void RSA_set_default_method(const RSA_METHOD *meth) - { -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) { -+ RSAerr(RSA_F_RSA_SET_DEFAULT_METHOD, RSA_R_NON_FIPS_RSA_METHOD); -+ return; -+ } -+#endif - default_RSA_meth = meth; - } - -@@ -73,6 +83,22 @@ static int rsa_ossl_public_encrypt(int f - unsigned char *buf = NULL; - BN_CTX *ctx = NULL; - -+# ifdef OPENSSL_FIPS -+ if (FIPS_mode()) { -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT, -+ FIPS_R_FIPS_SELFTEST_FAILED); -+ goto err; -+ } -+ -+ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) -+ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { -+ RSAerr(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); -+ return -1; -+ } -+ } -+# endif -+ - if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { - RSAerr(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE); - return -1; -@@ -246,6 +272,22 @@ static int rsa_ossl_private_encrypt(int - BIGNUM *unblind = NULL; - BN_BLINDING *blinding = NULL; - -+# ifdef OPENSSL_FIPS -+ if (FIPS_mode()) { -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT, -+ FIPS_R_FIPS_SELFTEST_FAILED); -+ return -1; -+ } -+ -+ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) -+ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { -+ RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); -+ return -1; -+ } -+ } -+# endif -+ - if ((ctx = BN_CTX_new()) == NULL) - goto err; - BN_CTX_start(ctx); -@@ -380,6 +422,22 @@ static int rsa_ossl_private_decrypt(int - BIGNUM *unblind = NULL; - BN_BLINDING *blinding = NULL; - -+# ifdef OPENSSL_FIPS -+ if (FIPS_mode()) { -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_RSA_OSSL_PRIVATE_DECRYPT, -+ FIPS_R_FIPS_SELFTEST_FAILED); -+ return -1; -+ } -+ -+ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) -+ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { -+ RSAerr(RSA_F_RSA_OSSL_PRIVATE_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL); -+ return -1; -+ } -+ } -+# endif -+ - if ((ctx = BN_CTX_new()) == NULL) - goto err; - BN_CTX_start(ctx); -@@ -507,6 +565,22 @@ static int rsa_ossl_public_decrypt(int f - unsigned char *buf = NULL; - BN_CTX *ctx = NULL; - -+# ifdef OPENSSL_FIPS -+ if (FIPS_mode()) { -+ if (FIPS_selftest_failed()) { -+ FIPSerr(FIPS_F_RSA_OSSL_PUBLIC_DECRYPT, -+ FIPS_R_FIPS_SELFTEST_FAILED); -+ goto err; -+ } -+ -+ if (!(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) -+ && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) { -+ RSAerr(RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL); -+ return -1; -+ } -+ } -+# endif -+ - if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { - RSAerr(RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); - return -1; -diff -up openssl-1.1.1j/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1j/crypto/rsa/rsa_pmeth.c ---- openssl-1.1.1j/crypto/rsa/rsa_pmeth.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/rsa/rsa_pmeth.c 2021-03-03 12:57:42.203734558 +0100 -@@ -756,7 +756,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX - - const EVP_PKEY_METHOD rsa_pkey_meth = { - EVP_PKEY_RSA, -- EVP_PKEY_FLAG_AUTOARGLEN, -+ EVP_PKEY_FLAG_AUTOARGLEN | EVP_PKEY_FLAG_FIPS, - pkey_rsa_init, - pkey_rsa_copy, - pkey_rsa_cleanup, -@@ -838,7 +838,7 @@ static int pkey_pss_init(EVP_PKEY_CTX *c - - const EVP_PKEY_METHOD rsa_pss_pkey_meth = { - EVP_PKEY_RSA_PSS, -- EVP_PKEY_FLAG_AUTOARGLEN, -+ EVP_PKEY_FLAG_AUTOARGLEN | EVP_PKEY_FLAG_FIPS, - pkey_rsa_init, - pkey_rsa_copy, - pkey_rsa_cleanup, -diff -up openssl-1.1.1j/crypto/rsa/rsa_sign.c.fips openssl-1.1.1j/crypto/rsa/rsa_sign.c ---- openssl-1.1.1j/crypto/rsa/rsa_sign.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/rsa/rsa_sign.c 2021-03-03 12:57:42.203734558 +0100 -@@ -73,6 +73,13 @@ int RSA_sign(int type, const unsigned ch - unsigned char *tmps = NULL; - const unsigned char *encoded = NULL; - -+#ifdef OPENSSL_FIPS -+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) -+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) { -+ RSAerr(RSA_F_RSA_SIGN, RSA_R_NON_FIPS_RSA_METHOD); -+ return 0; -+ } -+#endif - if (rsa->meth->rsa_sign) { - return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa); - } -@@ -100,8 +107,9 @@ int RSA_sign(int type, const unsigned ch - RSAerr(RSA_F_RSA_SIGN, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); - goto err; - } -- encrypt_len = RSA_private_encrypt(encoded_len, encoded, sigret, rsa, -- RSA_PKCS1_PADDING); -+ /* NB: call underlying method directly to avoid FIPS blocking */ -+ encrypt_len = rsa->meth->rsa_priv_enc ? rsa->meth->rsa_priv_enc(encoded_len, encoded, sigret, rsa, -+ RSA_PKCS1_PADDING) : 0; - if (encrypt_len <= 0) - goto err; - -diff -up openssl-1.1.1j/crypto/sha/sha256.c.fips openssl-1.1.1j/crypto/sha/sha256.c ---- openssl-1.1.1j/crypto/sha/sha256.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/sha/sha256.c 2021-03-03 12:57:42.203734558 +0100 -@@ -18,6 +18,9 @@ - - int SHA224_Init(SHA256_CTX *c) - { -+# ifdef OPENSSL_FIPS -+ FIPS_selftest_check(); -+# endif - memset(c, 0, sizeof(*c)); - c->h[0] = 0xc1059ed8UL; - c->h[1] = 0x367cd507UL; -@@ -33,6 +36,9 @@ int SHA224_Init(SHA256_CTX *c) - - int SHA256_Init(SHA256_CTX *c) - { -+# ifdef OPENSSL_FIPS -+ FIPS_selftest_check(); -+# endif - memset(c, 0, sizeof(*c)); - c->h[0] = 0x6a09e667UL; - c->h[1] = 0xbb67ae85UL; -diff -up openssl-1.1.1j/crypto/sha/sha512.c.fips openssl-1.1.1j/crypto/sha/sha512.c ---- openssl-1.1.1j/crypto/sha/sha512.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/crypto/sha/sha512.c 2021-03-03 12:57:42.203734558 +0100 -@@ -98,6 +98,9 @@ int sha512_256_init(SHA512_CTX *c) - - int SHA384_Init(SHA512_CTX *c) - { -+# ifdef OPENSSL_FIPS -+ FIPS_selftest_check(); -+# endif - c->h[0] = U64(0xcbbb9d5dc1059ed8); - c->h[1] = U64(0x629a292a367cd507); - c->h[2] = U64(0x9159015a3070dd17); -@@ -116,6 +119,9 @@ int SHA384_Init(SHA512_CTX *c) - - int SHA512_Init(SHA512_CTX *c) - { -+# ifdef OPENSSL_FIPS -+ FIPS_selftest_check(); -+# endif - c->h[0] = U64(0x6a09e667f3bcc908); - c->h[1] = U64(0xbb67ae8584caa73b); - c->h[2] = U64(0x3c6ef372fe94f82b); -diff -up openssl-1.1.1j/crypto/sha/sha_local.h.fips openssl-1.1.1j/crypto/sha/sha_local.h ---- openssl-1.1.1j/crypto/sha/sha_local.h.fips 2021-03-03 12:57:41.941732391 +0100 -+++ openssl-1.1.1j/crypto/sha/sha_local.h 2021-03-03 12:57:42.203734558 +0100 -@@ -52,6 +52,9 @@ void sha1_block_data_order(SHA_CTX *c, c - - int HASH_INIT(SHA_CTX *c) - { -+#if defined(OPENSSL_FIPS) -+ FIPS_selftest_check(); -+#endif - memset(c, 0, sizeof(*c)); - c->h0 = INIT_DATA_h0; - c->h1 = INIT_DATA_h1; -diff -up openssl-1.1.1j/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1j/doc/man3/DSA_generate_parameters.pod ---- openssl-1.1.1j/doc/man3/DSA_generate_parameters.pod.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/doc/man3/DSA_generate_parameters.pod 2021-03-03 12:57:42.203734558 +0100 -@@ -30,8 +30,10 @@ B is the length of the prime p to - For lengths under 2048 bits, the length of q is 160 bits; for lengths - greater than or equal to 2048 bits, the length of q is set to 256 bits. - --If B is NULL, the primes will be generated at random. --If B is less than the length of q, an error is returned. -+If B is NULL, or it does not generate primes, the primes will be -+generated at random. -+If B is less than the length of q, an error is returned -+if old DSA parameter generation method is used as a backend. - - DSA_generate_parameters_ex() places the iteration count in - *B and a counter used for finding a generator in -diff -up openssl-1.1.1j/include/crypto/fips.h.fips openssl-1.1.1j/include/crypto/fips.h ---- openssl-1.1.1j/include/crypto/fips.h.fips 2021-03-03 12:57:42.202734550 +0100 -+++ openssl-1.1.1j/include/crypto/fips.h 2021-03-03 12:57:42.202734550 +0100 -@@ -0,0 +1,98 @@ -+/* ==================================================================== -+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+ -+#ifndef OPENSSL_FIPS -+# error FIPS is disabled. -+#endif -+ -+#ifdef OPENSSL_FIPS -+ -+int FIPS_module_mode_set(int onoff); -+int FIPS_module_mode(void); -+int FIPS_module_installed(void); -+int FIPS_selftest_sha1(void); -+int FIPS_selftest_sha2(void); -+int FIPS_selftest_sha3(void); -+int FIPS_selftest_aes_ccm(void); -+int FIPS_selftest_aes_gcm(void); -+int FIPS_selftest_aes_xts(void); -+int FIPS_selftest_aes(void); -+int FIPS_selftest_des(void); -+int FIPS_selftest_rsa(void); -+int FIPS_selftest_dsa(void); -+int FIPS_selftest_ecdsa(void); -+int FIPS_selftest_ecdh(void); -+int FIPS_selftest_dh(void); -+void FIPS_drbg_stick(int onoff); -+int FIPS_selftest_hmac(void); -+int FIPS_selftest_drbg(void); -+int FIPS_selftest_cmac(void); -+ -+int fips_pkey_signature_test(EVP_PKEY *pkey, -+ const unsigned char *tbs, int tbslen, -+ const unsigned char *kat, -+ unsigned int katlen, -+ const EVP_MD *digest, -+ unsigned int md_flags, const char *fail_str); -+ -+int fips_cipher_test(EVP_CIPHER_CTX *ctx, -+ const EVP_CIPHER *cipher, -+ const unsigned char *key, -+ const unsigned char *iv, -+ const unsigned char *plaintext, -+ const unsigned char *ciphertext, int len); -+ -+void fips_set_selftest_fail(void); -+ -+void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); -+ -+#endif -diff -up openssl-1.1.1j/include/openssl/crypto.h.fips openssl-1.1.1j/include/openssl/crypto.h ---- openssl-1.1.1j/include/openssl/crypto.h.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/crypto.h 2021-03-03 12:57:42.204734567 +0100 -@@ -331,6 +331,11 @@ int OPENSSL_isservice(void); - int FIPS_mode(void); - int FIPS_mode_set(int r); - -+# ifdef OPENSSL_FIPS -+/* die if FIPS selftest failed */ -+void FIPS_selftest_check(void); -+# endif -+ - void OPENSSL_init(void); - # ifdef OPENSSL_SYS_UNIX - void OPENSSL_fork_prepare(void); -diff -up openssl-1.1.1j/include/openssl/dherr.h.fips openssl-1.1.1j/include/openssl/dherr.h ---- openssl-1.1.1j/include/openssl/dherr.h.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/dherr.h 2021-03-03 12:57:42.204734567 +0100 -@@ -36,6 +36,9 @@ int ERR_load_DH_strings(void); - # define DH_F_DH_CMS_DECRYPT 114 - # define DH_F_DH_CMS_SET_PEERKEY 115 - # define DH_F_DH_CMS_SET_SHARED_INFO 116 -+# define DH_F_DH_COMPUTE_KEY 203 -+# define DH_F_DH_GENERATE_KEY 202 -+# define DH_F_DH_GENERATE_PARAMETERS_EX 201 - # define DH_F_DH_METH_DUP 117 - # define DH_F_DH_METH_NEW 118 - # define DH_F_DH_METH_SET1_NAME 119 -@@ -73,12 +76,14 @@ int ERR_load_DH_strings(void); - # define DH_R_INVALID_PARAMETER_NID 114 - # define DH_R_INVALID_PUBKEY 102 - # define DH_R_KDF_PARAMETER_ERROR 112 -+# define DH_R_KEY_SIZE_TOO_SMALL 201 - # define DH_R_KEYS_NOT_SET 108 - # define DH_R_MISSING_PUBKEY 125 - # define DH_R_MODULUS_TOO_LARGE 103 - # define DH_R_NOT_SUITABLE_GENERATOR 120 - # define DH_R_NO_PARAMETERS_SET 107 - # define DH_R_NO_PRIVATE_VALUE 100 -+# define DH_R_NON_FIPS_METHOD 202 - # define DH_R_PARAMETER_ENCODING_ERROR 105 - # define DH_R_PEER_KEY_ERROR 111 - # define DH_R_SHARED_INFO_ERROR 113 -diff -up openssl-1.1.1j/include/openssl/dh.h.fips openssl-1.1.1j/include/openssl/dh.h ---- openssl-1.1.1j/include/openssl/dh.h.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/dh.h 2021-03-03 12:57:42.204734567 +0100 -@@ -31,6 +31,7 @@ extern "C" { - # endif - - # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 -+# define OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN 2048 - - # define DH_FLAG_CACHE_MONT_P 0x01 - -diff -up openssl-1.1.1j/include/openssl/dsaerr.h.fips openssl-1.1.1j/include/openssl/dsaerr.h ---- openssl-1.1.1j/include/openssl/dsaerr.h.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/dsaerr.h 2021-03-03 12:57:42.204734567 +0100 -@@ -29,8 +29,11 @@ int ERR_load_DSA_strings(void); - */ - # define DSA_F_DSAPARAMS_PRINT 100 - # define DSA_F_DSAPARAMS_PRINT_FP 101 -+# define DSA_F_DSA_BUILTIN_KEYGEN 202 - # define DSA_F_DSA_BUILTIN_PARAMGEN 125 - # define DSA_F_DSA_BUILTIN_PARAMGEN2 126 -+# define DSA_F_DSA_GENERATE_KEY 201 -+# define DSA_F_DSA_GENERATE_PARAMETERS_EX 200 - # define DSA_F_DSA_DO_SIGN 112 - # define DSA_F_DSA_DO_VERIFY 113 - # define DSA_F_DSA_METH_DUP 127 -@@ -60,10 +63,13 @@ int ERR_load_DSA_strings(void); - # define DSA_R_DECODE_ERROR 104 - # define DSA_R_INVALID_DIGEST_TYPE 106 - # define DSA_R_INVALID_PARAMETERS 112 -+# define DSA_R_KEY_SIZE_INVALID 201 -+# define DSA_R_KEY_SIZE_TOO_SMALL 202 - # define DSA_R_MISSING_PARAMETERS 101 - # define DSA_R_MISSING_PRIVATE_KEY 111 - # define DSA_R_MODULUS_TOO_LARGE 103 - # define DSA_R_NO_PARAMETERS_SET 107 -+# define DSA_R_NON_FIPS_DSA_METHOD 200 - # define DSA_R_PARAMETER_ENCODING_ERROR 105 - # define DSA_R_Q_NOT_PRIME 113 - # define DSA_R_SEED_LEN_SMALL 110 -diff -up openssl-1.1.1j/include/openssl/dsa.h.fips openssl-1.1.1j/include/openssl/dsa.h ---- openssl-1.1.1j/include/openssl/dsa.h.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/dsa.h 2021-03-03 12:57:42.204734567 +0100 -@@ -31,6 +31,7 @@ extern "C" { - # endif - - # define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024 -+# define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS_GEN 2048 - - # define DSA_FLAG_CACHE_MONT_P 0x01 - # if OPENSSL_API_COMPAT < 0x10100000L -diff -up openssl-1.1.1j/include/openssl/evperr.h.fips openssl-1.1.1j/include/openssl/evperr.h ---- openssl-1.1.1j/include/openssl/evperr.h.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/evperr.h 2021-03-03 12:57:42.204734567 +0100 -@@ -22,14 +22,15 @@ int ERR_load_EVP_strings(void); - * EVP function codes. - */ - # define EVP_F_AESNI_INIT_KEY 165 --# define EVP_F_AESNI_XTS_INIT_KEY 207 -+# define EVP_F_AESNI_XTS_INIT_KEY 233 - # define EVP_F_AES_GCM_CTRL 196 - # define EVP_F_AES_INIT_KEY 133 - # define EVP_F_AES_OCB_CIPHER 169 - # define EVP_F_AES_T4_INIT_KEY 178 --# define EVP_F_AES_T4_XTS_INIT_KEY 208 -+# define EVP_F_AES_T4_XTS_INIT_KEY 234 - # define EVP_F_AES_WRAP_CIPHER 170 --# define EVP_F_AES_XTS_INIT_KEY 209 -+# define EVP_F_AES_XTS_CIPHER 229 -+# define EVP_F_AES_XTS_INIT_KEY 235 - # define EVP_F_ALG_MODULE_INIT 177 - # define EVP_F_ARIA_CCM_INIT_KEY 175 - # define EVP_F_ARIA_GCM_CTRL 197 -@@ -140,6 +141,7 @@ int ERR_load_EVP_strings(void); - # define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 - # define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 - # define EVP_R_DECODE_ERROR 114 -+# define EVP_R_DISABLED_FOR_FIPS 200 - # define EVP_R_DIFFERENT_KEY_TYPES 101 - # define EVP_R_DIFFERENT_PARAMETERS 153 - # define EVP_R_ERROR_LOADING_SECTION 165 -@@ -184,6 +186,7 @@ int ERR_load_EVP_strings(void); - # define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 - # define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 - # define EVP_R_PUBLIC_KEY_NOT_RSA 106 -+# define EVP_R_TOO_LARGE 201 - # define EVP_R_UNKNOWN_CIPHER 160 - # define EVP_R_UNKNOWN_DIGEST 161 - # define EVP_R_UNKNOWN_OPTION 169 -@@ -199,6 +202,7 @@ int ERR_load_EVP_strings(void); - # define EVP_R_UNSUPPORTED_SALT_TYPE 126 - # define EVP_R_WRAP_MODE_NOT_ALLOWED 170 - # define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 --# define EVP_R_XTS_DUPLICATED_KEYS 183 -+# define EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE 191 -+# define EVP_R_XTS_DUPLICATED_KEYS 192 - - #endif -diff -up openssl-1.1.1j/include/openssl/evp.h.fips openssl-1.1.1j/include/openssl/evp.h ---- openssl-1.1.1j/include/openssl/evp.h.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/evp.h 2021-03-03 12:57:42.204734567 +0100 -@@ -1324,6 +1324,9 @@ void EVP_PKEY_asn1_set_security_bits(EVP - */ - # define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 - -+/* Downstream modification, large value to avoid conflict */ -+# define EVP_PKEY_FLAG_FIPS 0x4000 -+ - const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); - EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags); - void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, -diff -up openssl-1.1.1j/include/openssl/fips.h.fips openssl-1.1.1j/include/openssl/fips.h ---- openssl-1.1.1j/include/openssl/fips.h.fips 2021-03-03 12:57:42.204734567 +0100 -+++ openssl-1.1.1j/include/openssl/fips.h 2021-03-03 12:57:42.204734567 +0100 -@@ -0,0 +1,187 @@ -+/* ==================================================================== -+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+ -+#ifndef OPENSSL_FIPS -+# error FIPS is disabled. -+#endif -+ -+#ifdef OPENSSL_FIPS -+ -+# ifdef __cplusplus -+extern "C" { -+# endif -+ -+ int FIPS_selftest(void); -+ int FIPS_selftest_failed(void); -+ int FIPS_selftest_drbg_all(void); -+ -+ int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, -+ const EVP_MD *evpmd, const unsigned char *seed_in, -+ size_t seed_len, int idx, unsigned char *seed_out, -+ int *counter_ret, unsigned long *h_ret, -+ BN_GENCB *cb); -+ int FIPS_dsa_paramgen_check_g(DSA *dsa); -+ -+/* BEGIN ERROR CODES */ -+/* The following lines are auto generated by the script mkerr.pl. Any changes -+ * made after this point may be overwritten when the script is next run. -+ */ -+ int ERR_load_FIPS_strings(void); -+ -+/* Error codes for the FIPS functions. */ -+ -+/* Function codes. */ -+# define FIPS_F_DH_BUILTIN_GENPARAMS 100 -+# define FIPS_F_DRBG_RESEED 121 -+# define FIPS_F_DSA_BUILTIN_PARAMGEN2 107 -+# define FIPS_F_DSA_DO_SIGN 102 -+# define FIPS_F_DSA_DO_VERIFY 103 -+# define FIPS_F_EVP_CIPHER_CTX_NEW 137 -+# define FIPS_F_EVP_CIPHER_CTX_RESET 122 -+# define FIPS_F_ECDH_COMPUTE_KEY 123 -+# define FIPS_F_EVP_CIPHERINIT_EX 124 -+# define FIPS_F_EVP_DIGESTINIT_EX 125 -+# define FIPS_F_FIPS_CHECK_DSA 104 -+# define FIPS_F_FIPS_CHECK_EC 142 -+# define FIPS_F_FIPS_CHECK_RSA 106 -+# define FIPS_F_FIPS_DRBG_BYTES 131 -+# define FIPS_F_FIPS_DRBG_CHECK 146 -+# define FIPS_F_FIPS_DRBG_CPRNG_TEST 132 -+# define FIPS_F_FIPS_DRBG_ERROR_CHECK 136 -+# define FIPS_F_FIPS_DRBG_GENERATE 134 -+# define FIPS_F_FIPS_DRBG_INIT 135 -+# define FIPS_F_FIPS_DRBG_INSTANTIATE 138 -+# define FIPS_F_FIPS_DRBG_NEW 139 -+# define FIPS_F_FIPS_DRBG_RESEED 140 -+# define FIPS_F_FIPS_DRBG_SINGLE_KAT 141 -+# define FIPS_F_FIPS_GET_ENTROPY 147 -+# define FIPS_F_FIPS_MODULE_MODE_SET 108 -+# define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109 -+# define FIPS_F_FIPS_RAND_BYTES 114 -+# define FIPS_F_FIPS_RAND_SEED 128 -+# define FIPS_F_FIPS_RAND_SET_METHOD 126 -+# define FIPS_F_FIPS_RAND_STATUS 127 -+# define FIPS_F_FIPS_RSA_BUILTIN_KEYGEN 101 -+# define FIPS_F_FIPS_SELFTEST 150 -+# define FIPS_F_FIPS_SELFTEST_AES 110 -+# define FIPS_F_FIPS_SELFTEST_AES_CCM 145 -+# define FIPS_F_FIPS_SELFTEST_AES_GCM 129 -+# define FIPS_F_FIPS_SELFTEST_AES_XTS 144 -+# define FIPS_F_FIPS_SELFTEST_CMAC 130 -+# define FIPS_F_FIPS_SELFTEST_DES 111 -+# define FIPS_F_FIPS_SELFTEST_DSA 112 -+# define FIPS_F_FIPS_SELFTEST_ECDSA 133 -+# define FIPS_F_FIPS_SELFTEST_HMAC 113 -+# define FIPS_F_FIPS_SELFTEST_SHA1 115 -+# define FIPS_F_FIPS_SELFTEST_SHA2 105 -+# define FIPS_F_OSSL_ECDSA_SIGN_SIG 143 -+# define FIPS_F_OSSL_ECDSA_VERIFY_SIG 148 -+# define FIPS_F_RSA_BUILTIN_KEYGEN 116 -+# define FIPS_F_RSA_OSSL_INIT 149 -+# define FIPS_F_RSA_OSSL_PRIVATE_DECRYPT 117 -+# define FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT 118 -+# define FIPS_F_RSA_OSSL_PUBLIC_DECRYPT 119 -+# define FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT 120 -+ -+/* Reason codes. */ -+# define FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED 150 -+# define FIPS_R_ADDITIONAL_INPUT_TOO_LONG 125 -+# define FIPS_R_ALREADY_INSTANTIATED 134 -+# define FIPS_R_DRBG_NOT_INITIALISED 152 -+# define FIPS_R_DRBG_STUCK 103 -+# define FIPS_R_ENTROPY_ERROR_UNDETECTED 104 -+# define FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED 105 -+# define FIPS_R_ENTROPY_SOURCE_STUCK 142 -+# define FIPS_R_ERROR_INITIALISING_DRBG 115 -+# define FIPS_R_ERROR_INSTANTIATING_DRBG 127 -+# define FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT 124 -+# define FIPS_R_ERROR_RETRIEVING_ENTROPY 122 -+# define FIPS_R_ERROR_RETRIEVING_NONCE 140 -+# define FIPS_R_FINGERPRINT_DOES_NOT_MATCH 110 -+# define FIPS_R_FIPS_MODE_ALREADY_SET 102 -+# define FIPS_R_FIPS_SELFTEST_FAILED 106 -+# define FIPS_R_FUNCTION_ERROR 116 -+# define FIPS_R_GENERATE_ERROR 137 -+# define FIPS_R_GENERATE_ERROR_UNDETECTED 118 -+# define FIPS_R_INSTANTIATE_ERROR 119 -+# define FIPS_R_INTERNAL_ERROR 121 -+# define FIPS_R_INVALID_KEY_LENGTH 109 -+# define FIPS_R_IN_ERROR_STATE 123 -+# define FIPS_R_KEY_TOO_SHORT 108 -+# define FIPS_R_NONCE_ERROR_UNDETECTED 149 -+# define FIPS_R_NON_FIPS_METHOD 100 -+# define FIPS_R_NOPR_TEST1_FAILURE 145 -+# define FIPS_R_NOPR_TEST2_FAILURE 146 -+# define FIPS_R_NOT_INSTANTIATED 126 -+# define FIPS_R_PAIRWISE_TEST_FAILED 107 -+# define FIPS_R_PERSONALISATION_ERROR_UNDETECTED 128 -+# define FIPS_R_PERSONALISATION_STRING_TOO_LONG 129 -+# define FIPS_R_PR_TEST1_FAILURE 147 -+# define FIPS_R_PR_TEST2_FAILURE 148 -+# define FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED 130 -+# define FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG 131 -+# define FIPS_R_RESEED_COUNTER_ERROR 132 -+# define FIPS_R_RESEED_ERROR 133 -+# define FIPS_R_SELFTEST_FAILED 101 -+# define FIPS_R_SELFTEST_FAILURE 135 -+# define FIPS_R_TEST_FAILURE 117 -+# define FIPS_R_UNINSTANTIATE_ERROR 141 -+# define FIPS_R_UNINSTANTIATE_ZEROISE_ERROR 138 -+# define FIPS_R_UNSUPPORTED_DRBG_TYPE 139 -+# define FIPS_R_UNSUPPORTED_PLATFORM 113 -+ -+# ifdef __cplusplus -+} -+# endif -+#endif -diff -up openssl-1.1.1j/include/openssl/fips_rand.h.fips openssl-1.1.1j/include/openssl/fips_rand.h ---- openssl-1.1.1j/include/openssl/fips_rand.h.fips 2021-03-03 12:57:42.204734567 +0100 -+++ openssl-1.1.1j/include/openssl/fips_rand.h 2021-03-03 12:57:42.204734567 +0100 -@@ -0,0 +1,145 @@ -+/* ==================================================================== -+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ */ -+ -+#ifndef HEADER_FIPS_RAND_H -+# define HEADER_FIPS_RAND_H -+ -+# include -+# include -+# include -+# include -+ -+# ifdef OPENSSL_FIPS -+ -+# ifdef __cplusplus -+extern "C" { -+# endif -+ typedef struct drbg_ctx_st DRBG_CTX; -+/* DRBG external flags */ -+/* Flag for CTR mode only: use derivation function ctr_df */ -+# define DRBG_FLAG_CTR_USE_DF 0x1 -+/* PRNG is in test state */ -+# define DRBG_FLAG_TEST 0x2 -+ -+ DRBG_CTX *FIPS_drbg_new(int type, unsigned int flags); -+ int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags); -+ int FIPS_drbg_instantiate(DRBG_CTX *dctx, -+ const unsigned char *pers, size_t perslen); -+ int FIPS_drbg_reseed(DRBG_CTX *dctx, const unsigned char *adin, -+ size_t adinlen); -+ int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, -+ int prediction_resistance, -+ const unsigned char *adin, size_t adinlen); -+ -+ int FIPS_drbg_uninstantiate(DRBG_CTX *dctx); -+ void FIPS_drbg_free(DRBG_CTX *dctx); -+ -+ int FIPS_drbg_set_callbacks(DRBG_CTX *dctx, -+ size_t (*get_entropy) (DRBG_CTX *ctx, -+ unsigned char **pout, -+ int entropy, -+ size_t min_len, -+ size_t max_len), -+ void (*cleanup_entropy) (DRBG_CTX *ctx, -+ unsigned char *out, -+ size_t olen), -+ size_t entropy_blocklen, -+ size_t (*get_nonce) (DRBG_CTX *ctx, -+ unsigned char **pout, -+ int entropy, -+ size_t min_len, -+ size_t max_len), -+ void (*cleanup_nonce) (DRBG_CTX *ctx, -+ unsigned char *out, -+ size_t olen)); -+ -+ int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx, -+ size_t (*get_adin) (DRBG_CTX *ctx, -+ unsigned char -+ **pout), -+ void (*cleanup_adin) (DRBG_CTX *ctx, -+ unsigned char *out, -+ size_t olen), -+ int (*rand_seed_cb) (DRBG_CTX *ctx, -+ const void *buf, -+ int num), -+ int (*rand_add_cb) (DRBG_CTX *ctx, -+ const void *buf, -+ int num, -+ double entropy)); -+ -+ void *FIPS_drbg_get_app_data(DRBG_CTX *ctx); -+ void FIPS_drbg_set_app_data(DRBG_CTX *ctx, void *app_data); -+ size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx); -+ int FIPS_drbg_get_strength(DRBG_CTX *dctx); -+ void FIPS_drbg_set_check_interval(DRBG_CTX *dctx, int interval); -+ void FIPS_drbg_set_reseed_interval(DRBG_CTX *dctx, int interval); -+ -+ int FIPS_drbg_health_check(DRBG_CTX *dctx); -+ -+ DRBG_CTX *FIPS_get_default_drbg(void); -+ const RAND_METHOD *FIPS_drbg_method(void); -+ -+ int FIPS_rand_set_method(const RAND_METHOD *meth); -+ const RAND_METHOD *FIPS_rand_get_method(void); -+ -+ void FIPS_rand_set_bits(int nbits); -+ -+ int FIPS_rand_strength(void); -+ -+/* 1.0.0 compat functions */ -+ int FIPS_rand_seed(const void *buf, int num); -+ int FIPS_rand_bytes(unsigned char *out, int outlen); -+ void FIPS_rand_reset(void); -+ int FIPS_rand_status(void); -+# ifdef __cplusplus -+} -+# endif -+# endif -+#endif -diff -up openssl-1.1.1j/include/openssl/opensslconf.h.in.fips openssl-1.1.1j/include/openssl/opensslconf.h.in ---- openssl-1.1.1j/include/openssl/opensslconf.h.in.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/opensslconf.h.in 2021-03-03 12:57:42.205734575 +0100 -@@ -155,6 +155,11 @@ extern "C" { - - #define RC4_INT {- $config{rc4_int} -} - -+/* Always build FIPS module */ -+#ifndef OPENSSL_FIPS -+# define OPENSSL_FIPS -+#endif -+ - #ifdef __cplusplus - } - #endif -diff -up openssl-1.1.1j/include/openssl/randerr.h.fips openssl-1.1.1j/include/openssl/randerr.h ---- openssl-1.1.1j/include/openssl/randerr.h.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/randerr.h 2021-03-03 12:57:42.205734575 +0100 -@@ -38,6 +38,7 @@ int ERR_load_RAND_strings(void); - # define RAND_F_RAND_DRBG_SET 104 - # define RAND_F_RAND_DRBG_SET_DEFAULTS 121 - # define RAND_F_RAND_DRBG_UNINSTANTIATE 118 -+# define RAND_F_RAND_INIT_FIPS 200 - # define RAND_F_RAND_LOAD_FILE 111 - # define RAND_F_RAND_POOL_ACQUIRE_ENTROPY 122 - # define RAND_F_RAND_POOL_ADD 103 -diff -up openssl-1.1.1j/include/openssl/rand.h.fips openssl-1.1.1j/include/openssl/rand.h ---- openssl-1.1.1j/include/openssl/rand.h.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/rand.h 2021-03-03 12:57:42.205734575 +0100 -@@ -69,6 +69,11 @@ DEPRECATEDIN_1_1_0(void RAND_screen(void - DEPRECATEDIN_1_1_0(int RAND_event(UINT, WPARAM, LPARAM)) - # endif - -+# ifdef OPENSSL_FIPS -+/* just stubs for API compatibility */ -+void RAND_set_fips_drbg_type(int type, int flags); -+int RAND_init_fips(void); -+# endif - - #ifdef __cplusplus - } -diff -up openssl-1.1.1j/include/openssl/rsaerr.h.fips openssl-1.1.1j/include/openssl/rsaerr.h ---- openssl-1.1.1j/include/openssl/rsaerr.h.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/include/openssl/rsaerr.h 2021-03-03 12:57:42.205734575 +0100 -@@ -25,6 +25,7 @@ int ERR_load_RSA_strings(void); - */ - # define RSA_F_CHECK_PADDING_MD 140 - # define RSA_F_ENCODE_PKCS1 146 -+# define RSA_F_FIPS_RSA_BUILTIN_KEYGEN 206 - # define RSA_F_INT_RSA_VERIFY 145 - # define RSA_F_OLD_RSA_PRIV_DECODE 147 - # define RSA_F_PKEY_PSS_INIT 165 -@@ -39,6 +40,8 @@ int ERR_load_RSA_strings(void); - # define RSA_F_RSA_CHECK_KEY_EX 160 - # define RSA_F_RSA_CMS_DECRYPT 159 - # define RSA_F_RSA_CMS_VERIFY 158 -+# define RSA_F_RSA_GENERATE_KEY_EX 204 -+# define RSA_F_RSA_GENERATE_MULTI_PRIME_KEY 207 - # define RSA_F_RSA_ITEM_VERIFY 148 - # define RSA_F_RSA_METH_DUP 161 - # define RSA_F_RSA_METH_NEW 162 -@@ -76,10 +79,16 @@ int ERR_load_RSA_strings(void); - # define RSA_F_RSA_PRINT_FP 116 - # define RSA_F_RSA_PRIV_DECODE 150 - # define RSA_F_RSA_PRIV_ENCODE 138 -+# define RSA_F_RSA_PRIVATE_DECRYPT 200 -+# define RSA_F_RSA_PRIVATE_ENCRYPT 201 - # define RSA_F_RSA_PSS_GET_PARAM 151 - # define RSA_F_RSA_PSS_TO_CTX 155 - # define RSA_F_RSA_PUB_DECODE 139 -+# define RSA_F_RSA_PUBLIC_DECRYPT 202 -+# define RSA_F_RSA_PUBLIC_ENCRYPT 203 - # define RSA_F_RSA_SETUP_BLINDING 136 -+# define RSA_F_RSA_SET_DEFAULT_METHOD 205 -+# define RSA_F_RSA_SET_METHOD 204 - # define RSA_F_RSA_SIGN 117 - # define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 - # define RSA_F_RSA_VERIFY 119 -@@ -137,10 +146,12 @@ int ERR_load_RSA_strings(void); - # define RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D 169 - # define RSA_R_MP_R_NOT_PRIME 170 - # define RSA_R_NO_PUBLIC_EXPONENT 140 -+# define RSA_R_NON_FIPS_RSA_METHOD 200 - # define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 - # define RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES 172 - # define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 - # define RSA_R_OAEP_DECODING_ERROR 121 -+# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 201 - # define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 - # define RSA_R_PADDING_CHECK_FAILED 114 - # define RSA_R_PKCS_DECODING_ERROR 159 -@@ -160,6 +171,7 @@ int ERR_load_RSA_strings(void); - # define RSA_R_UNSUPPORTED_LABEL_SOURCE 163 - # define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153 - # define RSA_R_UNSUPPORTED_MASK_PARAMETER 154 -+# define RSA_R_UNSUPPORTED_PARAMETERS 202 - # define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155 - # define RSA_R_VALUE_MISSING 147 - # define RSA_R_WRONG_SIGNATURE_LENGTH 119 -diff -up openssl-1.1.1j/ssl/s3_lib.c.fips openssl-1.1.1j/ssl/s3_lib.c ---- openssl-1.1.1j/ssl/s3_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/ssl/s3_lib.c 2021-03-03 12:57:42.205734575 +0100 -@@ -43,7 +43,7 @@ static SSL_CIPHER tls13_ciphers[] = { - SSL_AEAD, - TLS1_3_VERSION, TLS1_3_VERSION, - 0, 0, -- SSL_HIGH, -+ SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA256, - 128, - 128, -@@ -58,7 +58,7 @@ static SSL_CIPHER tls13_ciphers[] = { - SSL_AEAD, - TLS1_3_VERSION, TLS1_3_VERSION, - 0, 0, -- SSL_HIGH, -+ SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA384, - 256, - 256, -@@ -92,7 +92,7 @@ static SSL_CIPHER tls13_ciphers[] = { - SSL_AEAD, - TLS1_3_VERSION, TLS1_3_VERSION, - 0, 0, -- SSL_NOT_DEFAULT | SSL_HIGH, -+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA256, - 128, - 128, -@@ -634,7 +634,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - SSL_AEAD, - TLS1_2_VERSION, TLS1_2_VERSION, - DTLS1_2_VERSION, DTLS1_2_VERSION, -- SSL_NOT_DEFAULT | SSL_HIGH, -+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, - 128, - 128, -@@ -650,7 +650,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - SSL_AEAD, - TLS1_2_VERSION, TLS1_2_VERSION, - DTLS1_2_VERSION, DTLS1_2_VERSION, -- SSL_NOT_DEFAULT | SSL_HIGH, -+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, - 256, - 256, -@@ -666,7 +666,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - SSL_AEAD, - TLS1_2_VERSION, TLS1_2_VERSION, - DTLS1_2_VERSION, DTLS1_2_VERSION, -- SSL_NOT_DEFAULT | SSL_HIGH, -+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, - 128, - 128, -@@ -682,7 +682,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - SSL_AEAD, - TLS1_2_VERSION, TLS1_2_VERSION, - DTLS1_2_VERSION, DTLS1_2_VERSION, -- SSL_NOT_DEFAULT | SSL_HIGH, -+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, - 256, - 256, -@@ -794,7 +794,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - SSL_AEAD, - TLS1_2_VERSION, TLS1_2_VERSION, - DTLS1_2_VERSION, DTLS1_2_VERSION, -- SSL_NOT_DEFAULT | SSL_HIGH, -+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, - 128, - 128, -@@ -810,7 +810,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - SSL_AEAD, - TLS1_2_VERSION, TLS1_2_VERSION, - DTLS1_2_VERSION, DTLS1_2_VERSION, -- SSL_NOT_DEFAULT | SSL_HIGH, -+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, - 256, - 256, -@@ -890,7 +890,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - SSL_AEAD, - TLS1_2_VERSION, TLS1_2_VERSION, - DTLS1_2_VERSION, DTLS1_2_VERSION, -- SSL_NOT_DEFAULT | SSL_HIGH, -+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, - 128, - 128, -@@ -906,7 +906,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - SSL_AEAD, - TLS1_2_VERSION, TLS1_2_VERSION, - DTLS1_2_VERSION, DTLS1_2_VERSION, -- SSL_NOT_DEFAULT | SSL_HIGH, -+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, - SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, - 256, - 256, -diff -up openssl-1.1.1j/ssl/ssl_ciph.c.fips openssl-1.1.1j/ssl/ssl_ciph.c ---- openssl-1.1.1j/ssl/ssl_ciph.c.fips 2021-03-03 12:57:42.193734476 +0100 -+++ openssl-1.1.1j/ssl/ssl_ciph.c 2021-03-03 12:57:42.206734583 +0100 -@@ -387,7 +387,7 @@ int ssl_load_ciphers(void) - } - } - /* Make sure we can access MD5 and SHA1 */ -- if (!ossl_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL)) -+ if (!FIPS_mode() && !ossl_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL)) - return 0; - if (!ossl_assert(ssl_digest_methods[SSL_MD_SHA1_IDX] != NULL)) - return 0; -@@ -559,6 +559,9 @@ int ssl_cipher_get_evp(const SSL_SESSION - s->ssl_version < TLS1_VERSION) - return 1; - -+ if (FIPS_mode()) -+ return 1; -+ - if (c->algorithm_enc == SSL_RC4 && - c->algorithm_mac == SSL_MD5 && - (evp = EVP_get_cipherbyname("RC4-HMAC-MD5"))) -@@ -667,6 +670,8 @@ static void ssl_cipher_collect_ciphers(c - /* drop those that use any of that is not available */ - if (c == NULL || !c->valid) - continue; -+ if (FIPS_mode() && !(c->algo_strength & SSL_FIPS)) -+ continue; - if ((c->algorithm_mkey & disabled_mkey) || - (c->algorithm_auth & disabled_auth) || - (c->algorithm_enc & disabled_enc) || -@@ -1671,7 +1676,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ - * to the resulting precedence to the STACK_OF(SSL_CIPHER). - */ - for (curr = head; curr != NULL; curr = curr->next) { -- if (curr->active) { -+ if (curr->active -+ && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS)) { - if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) { - OPENSSL_free(co_list); - sk_SSL_CIPHER_free(cipherstack); -diff -up openssl-1.1.1j/ssl/ssl_init.c.fips openssl-1.1.1j/ssl/ssl_init.c ---- openssl-1.1.1j/ssl/ssl_init.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/ssl/ssl_init.c 2021-03-03 12:57:42.206734583 +0100 -@@ -27,6 +27,10 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_bas - fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " - "Adding SSL ciphers and digests\n"); - #endif -+#ifdef OPENSSL_FIPS -+ if (!FIPS_mode()) { -+#endif -+ - #ifndef OPENSSL_NO_DES - EVP_add_cipher(EVP_des_cbc()); - EVP_add_cipher(EVP_des_ede3_cbc()); -@@ -87,6 +91,31 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_bas - EVP_add_digest(EVP_sha256()); - EVP_add_digest(EVP_sha384()); - EVP_add_digest(EVP_sha512()); -+#ifdef OPENSSL_FIPS -+ } else { -+# ifndef OPENSSL_NO_DES -+ EVP_add_cipher(EVP_des_ede3_cbc()); -+# endif -+ EVP_add_cipher(EVP_aes_128_cbc()); -+ EVP_add_cipher(EVP_aes_192_cbc()); -+ EVP_add_cipher(EVP_aes_256_cbc()); -+ EVP_add_cipher(EVP_aes_128_gcm()); -+ EVP_add_cipher(EVP_aes_256_gcm()); -+ EVP_add_cipher(EVP_aes_128_ccm()); -+ EVP_add_cipher(EVP_aes_256_ccm()); -+# ifndef OPENSSL_NO_MD5 -+ /* needed even in the FIPS mode for TLS-1.0 */ -+ EVP_add_digest(EVP_md5_sha1()); -+# endif -+ EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ -+ EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); -+ EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); -+ EVP_add_digest(EVP_sha224()); -+ EVP_add_digest(EVP_sha256()); -+ EVP_add_digest(EVP_sha384()); -+ EVP_add_digest(EVP_sha512()); -+ } -+#endif - #ifndef OPENSSL_NO_COMP - # ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " -diff -up openssl-1.1.1j/ssl/ssl_lib.c.fips openssl-1.1.1j/ssl/ssl_lib.c ---- openssl-1.1.1j/ssl/ssl_lib.c.fips 2021-03-03 12:57:42.193734476 +0100 -+++ openssl-1.1.1j/ssl/ssl_lib.c 2021-03-03 12:57:42.206734583 +0100 -@@ -2973,6 +2973,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m - if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL)) - return NULL; - -+ if (FIPS_mode() && (meth->version < TLS1_VERSION)) { -+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE); -+ return NULL; -+ } -+ - if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { - SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); - goto err; -@@ -3029,13 +3034,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m - if (ret->param == NULL) - goto err; - -- if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { -- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); -- goto err2; -- } -- if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { -- SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); -- goto err2; -+ if (!FIPS_mode()) { -+ if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { -+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); -+ goto err2; -+ } -+ if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { -+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); -+ goto err2; -+ } -+ } else { -+ ret->min_proto_version = TLS1_VERSION; - } - - if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) -diff -up openssl-1.1.1j/ssl/ssl_local.h.fips openssl-1.1.1j/ssl/ssl_local.h ---- openssl-1.1.1j/ssl/ssl_local.h.fips 2021-03-03 12:57:42.100733706 +0100 -+++ openssl-1.1.1j/ssl/ssl_local.h 2021-03-03 12:57:42.206734583 +0100 -@@ -1515,6 +1515,7 @@ typedef struct tls_group_info_st { - # define TLS_CURVE_PRIME 0x0 - # define TLS_CURVE_CHAR2 0x1 - # define TLS_CURVE_CUSTOM 0x2 -+# define TLS_CURVE_FIPS 0x80 - - typedef struct cert_pkey_st CERT_PKEY; - -diff -up openssl-1.1.1j/ssl/t1_lib.c.fips openssl-1.1.1j/ssl/t1_lib.c ---- openssl-1.1.1j/ssl/t1_lib.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/ssl/t1_lib.c 2021-03-03 12:57:42.207734591 +0100 -@@ -159,11 +159,11 @@ static const TLS_GROUP_INFO nid_list[] = - {NID_secp192k1, 80, TLS_CURVE_PRIME}, /* secp192k1 (18) */ - {NID_X9_62_prime192v1, 80, TLS_CURVE_PRIME}, /* secp192r1 (19) */ - {NID_secp224k1, 112, TLS_CURVE_PRIME}, /* secp224k1 (20) */ -- {NID_secp224r1, 112, TLS_CURVE_PRIME}, /* secp224r1 (21) */ -+ {NID_secp224r1, 112, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp224r1 (21) */ - {NID_secp256k1, 128, TLS_CURVE_PRIME}, /* secp256k1 (22) */ -- {NID_X9_62_prime256v1, 128, TLS_CURVE_PRIME}, /* secp256r1 (23) */ -- {NID_secp384r1, 192, TLS_CURVE_PRIME}, /* secp384r1 (24) */ -- {NID_secp521r1, 256, TLS_CURVE_PRIME}, /* secp521r1 (25) */ -+ {NID_X9_62_prime256v1, 128, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp256r1 (23) */ -+ {NID_secp384r1, 192, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp384r1 (24) */ -+ {NID_secp521r1, 256, TLS_CURVE_PRIME | TLS_CURVE_FIPS}, /* secp521r1 (25) */ - {NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */ - {NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */ - {NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */ -@@ -258,6 +258,8 @@ int tls_curve_allowed(SSL *s, uint16_t c - if (cinfo->flags & TLS_CURVE_CHAR2) - return 0; - # endif -+ if (FIPS_mode() && !(cinfo->flags & TLS_CURVE_FIPS)) -+ return 0; - ctmp[0] = curve >> 8; - ctmp[1] = curve & 0xff; - return ssl_security(s, op, cinfo->secbits, cinfo->nid, (void *)ctmp); -diff -up openssl-1.1.1j/test/dsatest.c.fips openssl-1.1.1j/test/dsatest.c ---- openssl-1.1.1j/test/dsatest.c.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/test/dsatest.c 2021-03-03 12:57:42.207734591 +0100 -@@ -24,41 +24,42 @@ - #ifndef OPENSSL_NO_DSA - static int dsa_cb(int p, int n, BN_GENCB *arg); - --/* -- * seed, out_p, out_q, out_g are taken from the updated Appendix 5 to FIPS -- * PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 -- */ - static unsigned char seed[20] = { -- 0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8, 0xb6, 0x21, 0x1b, 0x40, -- 0x62, 0xba, 0x32, 0x24, 0xe0, 0x42, 0x7d, 0xd3, -+ 0x02, 0x47, 0x11, 0x92, 0x11, 0x88, 0xC8, 0xFB, 0xAF, 0x48, 0x4C, 0x62, -+ 0xDF, 0xA5, 0xBE, 0xA0, 0xA4, 0x3C, 0x56, 0xE3, - }; - - static unsigned char out_p[] = { -- 0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76, 0xaa, -- 0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69, 0xcb, -- 0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c, 0xf7, -- 0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82, 0xe5, -- 0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e, 0xaf, -- 0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a, 0xac, -- 0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24, 0xc2, -- 0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02, 0x91, -+ 0xAC, 0xCB, 0x1E, 0x63, 0x60, 0x69, 0x0C, 0xFB, 0x06, 0x19, 0x68, 0x3E, -+ 0xA5, 0x01, 0x5A, 0xA2, 0x15, 0x5C, 0xE2, 0x99, 0x2D, 0xD5, 0x30, 0x99, -+ 0x7E, 0x5F, 0x8D, 0xE2, 0xF7, 0xC6, 0x2E, 0x8D, 0xA3, 0x9F, 0x58, 0xAD, -+ 0xD6, 0xA9, 0x7D, 0x0E, 0x0D, 0x95, 0x53, 0xA6, 0x71, 0x3A, 0xDE, 0xAB, -+ 0xAC, 0xE9, 0xF4, 0x36, 0x55, 0x9E, 0xB9, 0xD6, 0x93, 0xBF, 0xF3, 0x18, -+ 0x1C, 0x14, 0x7B, 0xA5, 0x42, 0x2E, 0xCD, 0x00, 0xEB, 0x35, 0x3B, 0x1B, -+ 0xA8, 0x51, 0xBB, 0xE1, 0x58, 0x42, 0x85, 0x84, 0x22, 0xA7, 0x97, 0x5E, -+ 0x99, 0x6F, 0x38, 0x20, 0xBD, 0x9D, 0xB6, 0xD9, 0x33, 0x37, 0x2A, 0xFD, -+ 0xBB, 0xD4, 0xBC, 0x0C, 0x2A, 0x67, 0xCB, 0x9F, 0xBB, 0xDF, 0xF9, 0x93, -+ 0xAA, 0xD6, 0xF0, 0xD6, 0x95, 0x0B, 0x5D, 0x65, 0x14, 0xD0, 0x18, 0x9D, -+ 0xC6, 0xAF, 0xF0, 0xC6, 0x37, 0x7C, 0xF3, 0x5F, - }; - - static unsigned char out_q[] = { -- 0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8, 0xee, -- 0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4, 0x8e, -- 0xda, 0xce, 0x91, 0x5f, -+ 0xE3, 0x8E, 0x5E, 0x6D, 0xBF, 0x2B, 0x79, 0xF8, 0xC5, 0x4B, 0x89, 0x8B, -+ 0xBA, 0x2D, 0x91, 0xC3, 0x6C, 0x80, 0xAC, 0x87, - }; - - static unsigned char out_g[] = { -- 0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a, 0x13, -- 0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5, 0x00, -- 0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef, 0xcb, -- 0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c, 0x2e, -- 0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba, 0xbf, -- 0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c, 0x9c, -- 0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08, 0x8c, -- 0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88, 0x02, -+ 0x42, 0x4A, 0x04, 0x4E, 0x79, 0xB4, 0x99, 0x7F, 0xFD, 0x58, 0x36, 0x2C, -+ 0x1B, 0x5F, 0x18, 0x7E, 0x0D, 0xCC, 0xAB, 0x81, 0xC9, 0x5D, 0x10, 0xCE, -+ 0x4E, 0x80, 0x7E, 0x58, 0xB4, 0x34, 0x3F, 0xA7, 0x45, 0xC7, 0xAA, 0x36, -+ 0x24, 0x42, 0xA9, 0x3B, 0xE8, 0x0E, 0x04, 0x02, 0x2D, 0xFB, 0xA6, 0x13, -+ 0xB9, 0xB5, 0x15, 0xA5, 0x56, 0x07, 0x35, 0xE4, 0x03, 0xB6, 0x79, 0x7C, -+ 0x62, 0xDD, 0xDF, 0x3F, 0x71, 0x3A, 0x9D, 0x8B, 0xC4, 0xF6, 0xE7, 0x1D, -+ 0x52, 0xA8, 0xA9, 0x43, 0x1D, 0x33, 0x51, 0x88, 0x39, 0xBD, 0x73, 0xE9, -+ 0x5F, 0xBE, 0x82, 0x49, 0x27, 0xE6, 0xB5, 0x53, 0xC1, 0x38, 0xAC, 0x2F, -+ 0x6D, 0x97, 0x6C, 0xEB, 0x67, 0xC1, 0x5F, 0x67, 0xF8, 0x35, 0x05, 0x5E, -+ 0xD5, 0x68, 0x80, 0xAA, 0x96, 0xCA, 0x0B, 0x8A, 0xE6, 0xF1, 0xB1, 0x41, -+ 0xC6, 0x75, 0x94, 0x0A, 0x0A, 0x2A, 0xFA, 0x29, - }; - - static const unsigned char str1[] = "12345678901234567890"; -@@ -79,11 +80,11 @@ static int dsa_test(void) - - BN_GENCB_set(cb, dsa_cb, NULL); - if (!TEST_ptr(dsa = DSA_new()) -- || !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20, -+ || !TEST_true(DSA_generate_parameters_ex(dsa, 1024, seed, 20, - &counter, &h, cb))) - goto end; - -- if (!TEST_int_eq(counter, 105)) -+ if (!TEST_int_eq(counter, 239)) - goto end; - if (!TEST_int_eq(h, 2)) - goto end; -diff -up openssl-1.1.1j/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1.1.1j/test/recipes/30-test_evp_data/evpciph.txt ---- openssl-1.1.1j/test/recipes/30-test_evp_data/evpciph.txt.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/test/recipes/30-test_evp_data/evpciph.txt 2021-03-03 12:57:42.207734591 +0100 -@@ -1206,6 +1206,7 @@ Key = 0000000000000000000000000000000000 - IV = 00000000000000000000000000000000 - Plaintext = 0000000000000000000000000000000000000000000000000000000000000000 - Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e -+Result = KEY_SET_ERROR - - Cipher = aes-128-xts - Key = 1111111111111111111111111111111122222222222222222222222222222222 -diff -up openssl-1.1.1j/util/libcrypto.num.fips openssl-1.1.1j/util/libcrypto.num ---- openssl-1.1.1j/util/libcrypto.num.fips 2021-02-16 16:24:01.000000000 +0100 -+++ openssl-1.1.1j/util/libcrypto.num 2021-03-03 12:57:42.208734600 +0100 -@@ -4591,3 +4591,38 @@ X509_ALGOR_copy - X509_REQ_set0_signature 4545 1_1_1h EXIST::FUNCTION: - X509_REQ_set1_signature_algo 4546 1_1_1h EXIST::FUNCTION: - EC_KEY_decoded_from_explicit_params 4547 1_1_1h EXIST::FUNCTION:EC -+FIPS_drbg_reseed 6348 1_1_0g EXIST::FUNCTION: -+FIPS_selftest_check 6349 1_1_0g EXIST::FUNCTION: -+FIPS_rand_set_method 6350 1_1_0g EXIST::FUNCTION: -+FIPS_get_default_drbg 6351 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_set_reseed_interval 6352 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_set_app_data 6353 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_method 6354 1_1_0g EXIST::FUNCTION: -+FIPS_rand_status 6355 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_instantiate 6356 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_set_callbacks 6357 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_new 6358 1_1_0g EXIST::FUNCTION: -+FIPS_dsa_paramgen_check_g 6359 1_1_0g EXIST::FUNCTION: -+FIPS_selftest 6360 1_1_0g EXIST::FUNCTION: -+FIPS_rand_set_bits 6361 1_1_0g EXIST::FUNCTION: -+FIPS_rand_bytes 6362 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_get_app_data 6363 1_1_0g EXIST::FUNCTION: -+FIPS_selftest_failed 6364 1_1_0g EXIST::FUNCTION: -+FIPS_dsa_builtin_paramgen2 6365 1_1_0g EXIST::FUNCTION: -+FIPS_rand_reset 6366 1_1_0g EXIST::FUNCTION: -+ERR_load_FIPS_strings 6367 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_generate 6368 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_uninstantiate 6369 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_set_check_interval 6370 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_free 6371 1_1_0g EXIST::FUNCTION: -+FIPS_selftest_drbg_all 6372 1_1_0g EXIST::FUNCTION: -+FIPS_rand_get_method 6373 1_1_0g EXIST::FUNCTION: -+RAND_set_fips_drbg_type 6374 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_health_check 6375 1_1_0g EXIST::FUNCTION: -+RAND_init_fips 6376 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_set_rand_callbacks 6377 1_1_0g EXIST::FUNCTION: -+FIPS_rand_seed 6378 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_get_strength 6379 1_1_0g EXIST::FUNCTION: -+FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION: -+FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION: diff --git a/openssl-1.1.1-intel-cet.patch b/openssl-1.1.1-intel-cet.patch deleted file mode 100644 index a95bf9c..0000000 --- a/openssl-1.1.1-intel-cet.patch +++ /dev/null @@ -1,500 +0,0 @@ -diff -up openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl ---- openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl 2020-03-19 17:07:02.626522694 +0100 -@@ -275,6 +275,7 @@ $code.=<<___; - .align 16 - ${PREFIX}_encrypt: - .cfi_startproc -+ endbranch - movups ($inp),$inout0 # load input - mov 240($key),$rounds # key->rounds - ___ -@@ -293,6 +294,7 @@ $code.=<<___; - .align 16 - ${PREFIX}_decrypt: - .cfi_startproc -+ endbranch - movups ($inp),$inout0 # load input - mov 240($key),$rounds # key->rounds - ___ -@@ -613,6 +615,7 @@ $code.=<<___; - .align 16 - aesni_ecb_encrypt: - .cfi_startproc -+ endbranch - ___ - $code.=<<___ if ($win64); - lea -0x58(%rsp),%rsp -@@ -985,6 +988,7 @@ $code.=<<___; - .align 16 - aesni_ccm64_encrypt_blocks: - .cfi_startproc -+ endbranch - ___ - $code.=<<___ if ($win64); - lea -0x58(%rsp),%rsp -@@ -1077,6 +1081,7 @@ $code.=<<___; - .align 16 - aesni_ccm64_decrypt_blocks: - .cfi_startproc -+ endbranch - ___ - $code.=<<___ if ($win64); - lea -0x58(%rsp),%rsp -@@ -1203,6 +1208,7 @@ $code.=<<___; - .align 16 - aesni_ctr32_encrypt_blocks: - .cfi_startproc -+ endbranch - cmp \$1,$len - jne .Lctr32_bulk - -@@ -1775,6 +1781,7 @@ $code.=<<___; - .align 16 - aesni_xts_encrypt: - .cfi_startproc -+ endbranch - lea (%rsp),%r11 # frame pointer - .cfi_def_cfa_register %r11 - push %rbp -@@ -2258,6 +2265,7 @@ $code.=<<___; - .align 16 - aesni_xts_decrypt: - .cfi_startproc -+ endbranch - lea (%rsp),%r11 # frame pointer - .cfi_def_cfa_register %r11 - push %rbp -@@ -2783,6 +2791,7 @@ $code.=<<___; - .align 32 - aesni_ocb_encrypt: - .cfi_startproc -+ endbranch - lea (%rsp),%rax - push %rbx - .cfi_push %rbx -@@ -3249,6 +3258,7 @@ __ocb_encrypt1: - .align 32 - aesni_ocb_decrypt: - .cfi_startproc -+ endbranch - lea (%rsp),%rax - push %rbx - .cfi_push %rbx -@@ -3737,6 +3747,7 @@ $code.=<<___; - .align 16 - ${PREFIX}_cbc_encrypt: - .cfi_startproc -+ endbranch - test $len,$len # check length - jz .Lcbc_ret - -diff -up openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl ---- openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl 2020-03-19 17:00:15.974621757 +0100 -@@ -696,6 +696,7 @@ _vpaes_schedule_mangle: - .align 16 - ${PREFIX}_set_encrypt_key: - .cfi_startproc -+ endbranch - ___ - $code.=<<___ if ($win64); - lea -0xb8(%rsp),%rsp -@@ -746,6 +747,7 @@ $code.=<<___; - .align 16 - ${PREFIX}_set_decrypt_key: - .cfi_startproc -+ endbranch - ___ - $code.=<<___ if ($win64); - lea -0xb8(%rsp),%rsp -@@ -801,6 +803,7 @@ $code.=<<___; - .align 16 - ${PREFIX}_encrypt: - .cfi_startproc -+ endbranch - ___ - $code.=<<___ if ($win64); - lea -0xb8(%rsp),%rsp -@@ -846,6 +849,7 @@ $code.=<<___; - .align 16 - ${PREFIX}_decrypt: - .cfi_startproc -+ endbranch - ___ - $code.=<<___ if ($win64); - lea -0xb8(%rsp),%rsp -@@ -897,6 +901,7 @@ $code.=<<___; - .align 16 - ${PREFIX}_cbc_encrypt: - .cfi_startproc -+ endbranch - xchg $key,$len - ___ - ($len,$key)=($key,$len); -diff -up openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.c ---- openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/async/arch/async_posix.c 2020-03-19 17:00:15.974621757 +0100 -@@ -34,7 +34,9 @@ void async_local_cleanup(void) - - int async_fibre_makecontext(async_fibre *fibre) - { -+#ifndef USE_SWAPCONTEXT - fibre->env_init = 0; -+#endif - if (getcontext(&fibre->fibre) == 0) { - fibre->fibre.uc_stack.ss_sp = OPENSSL_malloc(STACKSIZE); - if (fibre->fibre.uc_stack.ss_sp != NULL) { -diff -up openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.h ---- openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet 2020-03-19 17:00:15.435631166 +0100 -+++ openssl-1.1.1e/crypto/async/arch/async_posix.h 2020-03-19 17:00:15.975621739 +0100 -@@ -25,17 +25,33 @@ - # define ASYNC_POSIX - # define ASYNC_ARCH - -+# ifdef __CET__ -+/* -+ * When Intel CET is enabled, makecontext will create a different -+ * shadow stack for each context. async_fibre_swapcontext cannot -+ * use _longjmp. It must call swapcontext to swap shadow stack as -+ * well as normal stack. -+ */ -+# define USE_SWAPCONTEXT -+# endif - # include --# include -+# ifndef USE_SWAPCONTEXT -+# include -+# endif - - typedef struct async_fibre_st { - ucontext_t fibre; -+# ifndef USE_SWAPCONTEXT - jmp_buf env; - int env_init; -+# endif - } async_fibre; - - static ossl_inline int async_fibre_swapcontext(async_fibre *o, async_fibre *n, int r) - { -+# ifdef USE_SWAPCONTEXT -+ swapcontext(&o->fibre, &n->fibre); -+# else - o->env_init = 1; - - if (!r || !_setjmp(o->env)) { -@@ -44,6 +60,7 @@ static ossl_inline int async_fibre_swapc - else - setcontext(&n->fibre); - } -+# endif - - return 1; - } -diff -up openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl ---- openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl 2020-03-19 17:00:15.975621739 +0100 -@@ -685,6 +685,7 @@ $code.=<<___; - .align 16 - Camellia_cbc_encrypt: - .cfi_startproc -+ endbranch - cmp \$0,%rdx - je .Lcbc_abort - push %rbx -diff -up openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl ---- openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl 2020-03-19 17:00:15.975621739 +0100 -@@ -239,6 +239,7 @@ $code=<<___; - .align 16 - gcm_gmult_4bit: - .cfi_startproc -+ endbranch - push %rbx - .cfi_push %rbx - push %rbp # %rbp and others are pushed exclusively in -@@ -286,6 +287,7 @@ $code.=<<___; - .align 16 - gcm_ghash_4bit: - .cfi_startproc -+ endbranch - push %rbx - .cfi_push %rbx - push %rbp -@@ -612,6 +614,7 @@ $code.=<<___; - .align 16 - gcm_gmult_clmul: - .cfi_startproc -+ endbranch - .L_gmult_clmul: - movdqu ($Xip),$Xi - movdqa .Lbswap_mask(%rip),$T3 -@@ -663,6 +666,7 @@ $code.=<<___; - .align 32 - gcm_ghash_clmul: - .cfi_startproc -+ endbranch - .L_ghash_clmul: - ___ - $code.=<<___ if ($win64); -@@ -1166,6 +1170,7 @@ $code.=<<___; - .align 32 - gcm_gmult_avx: - .cfi_startproc -+ endbranch - jmp .L_gmult_clmul - .cfi_endproc - .size gcm_gmult_avx,.-gcm_gmult_avx -@@ -1177,6 +1182,7 @@ $code.=<<___; - .align 32 - gcm_ghash_avx: - .cfi_startproc -+ endbranch - ___ - if ($avx) { - my ($Xip,$Htbl,$inp,$len)=@_4args; -diff -up openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet openssl-1.1.1e/crypto/perlasm/cbc.pl ---- openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/perlasm/cbc.pl 2020-03-19 17:00:15.976621722 +0100 -@@ -165,21 +165,28 @@ sub cbc - &jmp_ptr($count); - - &set_label("ej7"); -+ &endbranch() - &movb(&HB("edx"), &BP(6,$in,"",0)); - &shl("edx",8); - &set_label("ej6"); -+ &endbranch() - &movb(&HB("edx"), &BP(5,$in,"",0)); - &set_label("ej5"); -+ &endbranch() - &movb(&LB("edx"), &BP(4,$in,"",0)); - &set_label("ej4"); -+ &endbranch() - &mov("ecx", &DWP(0,$in,"",0)); - &jmp(&label("ejend")); - &set_label("ej3"); -+ &endbranch() - &movb(&HB("ecx"), &BP(2,$in,"",0)); - &shl("ecx",8); - &set_label("ej2"); -+ &endbranch() - &movb(&HB("ecx"), &BP(1,$in,"",0)); - &set_label("ej1"); -+ &endbranch() - &movb(&LB("ecx"), &BP(0,$in,"",0)); - &set_label("ejend"); - -diff -up openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl ---- openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl 2020-03-19 17:00:15.984621582 +0100 -@@ -101,6 +101,33 @@ elsif (!$gas) - $decor="\$L\$"; - } - -+my $cet_property; -+if ($flavour =~ /elf/) { -+ # Always generate .note.gnu.property section for ELF outputs to -+ # mark Intel CET support since all input files must be marked -+ # with Intel CET support in order for linker to mark output with -+ # Intel CET support. -+ my $p2align=3; $p2align=2 if ($flavour eq "elf32"); -+ $cet_property = <<_____; -+ .section ".note.gnu.property", "a" -+ .p2align $p2align -+ .long 1f - 0f -+ .long 4f - 1f -+ .long 5 -+0: -+ .asciz "GNU" -+1: -+ .p2align $p2align -+ .long 0xc0000002 -+ .long 3f - 2f -+2: -+ .long 3 -+3: -+ .p2align $p2align -+4: -+_____ -+} -+ - my $current_segment; - my $current_function; - my %globals; -@@ -1213,6 +1240,7 @@ while(defined(my $line=<>)) { - print $line,"\n"; - } - -+print "$cet_property" if ($cet_property); - print "\n$current_segment\tENDS\n" if ($current_segment && $masm); - print "END\n" if ($masm); - -diff -up openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86gas.pl ---- openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/perlasm/x86gas.pl 2020-03-19 17:00:15.985621565 +0100 -@@ -124,6 +124,7 @@ sub ::function_begin_B - push(@out,".align\t$align\n"); - push(@out,"$func:\n"); - push(@out,"$begin:\n") if ($global); -+ &::endbranch(); - $::stack=4; - } - -@@ -172,6 +173,26 @@ sub ::file_end - else { push (@out,"$tmp\n"); } - } - push(@out,$initseg) if ($initseg); -+ if ($::elf) { -+ push(@out," -+ .section \".note.gnu.property\", \"a\" -+ .p2align 2 -+ .long 1f - 0f -+ .long 4f - 1f -+ .long 5 -+0: -+ .asciz \"GNU\" -+1: -+ .p2align 2 -+ .long 0xc0000002 -+ .long 3f - 2f -+2: -+ .long 3 -+3: -+ .p2align 2 -+4: -+"); -+ } - } - - sub ::data_byte { push(@out,".byte\t".join(',',@_)."\n"); } -diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl ---- openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet 2020-03-19 17:00:38.185234015 +0100 -+++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl 2020-03-19 17:05:46.575850341 +0100 -@@ -2806,6 +2806,7 @@ $code.=<<___; - .align 32 - poly1305_blocks_vpmadd52: - .cfi_startproc -+ endbranch - shr \$4,$len - jz .Lno_data_vpmadd52 # too short - -@@ -3739,6 +3740,7 @@ $code.=<<___; - .align 32 - poly1305_emit_base2_44: - .cfi_startproc -+ endbranch - mov 0($ctx),%r8 # load hash value - mov 8($ctx),%r9 - mov 16($ctx),%r10 -diff -up openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl ---- openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet 2020-03-19 17:00:38.190233928 +0100 -+++ openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl 2020-03-19 17:05:02.598618064 +0100 -@@ -140,6 +140,7 @@ $code=<<___; - .align 16 - RC4: - .cfi_startproc -+ endbranch - or $len,$len - jne .Lentry - ret -@@ -455,6 +456,7 @@ $code.=<<___; - .align 16 - RC4_set_key: - .cfi_startproc -+ endbranch - lea 8($dat),$dat - lea ($inp,$len),$inp - neg $len -@@ -529,6 +531,7 @@ RC4_set_key: - .align 16 - RC4_options: - .cfi_startproc -+ endbranch - lea .Lopts(%rip),%rax - mov OPENSSL_ia32cap_P(%rip),%edx - bt \$20,%edx -diff -up openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet openssl-1.1.1e/crypto/x86_64cpuid.pl ---- openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/x86_64cpuid.pl 2020-03-19 17:03:58.172742775 +0100 -@@ -40,6 +40,7 @@ print<<___; - .align 16 - OPENSSL_atomic_add: - .cfi_startproc -+ endbranch - movl ($arg1),%eax - .Lspin: leaq ($arg2,%rax),%r8 - .byte 0xf0 # lock -@@ -56,6 +57,7 @@ OPENSSL_atomic_add: - .align 16 - OPENSSL_rdtsc: - .cfi_startproc -+ endbranch - rdtsc - shl \$32,%rdx - or %rdx,%rax -@@ -68,6 +70,7 @@ OPENSSL_rdtsc: - .align 16 - OPENSSL_ia32_cpuid: - .cfi_startproc -+ endbranch - mov %rbx,%r8 # save %rbx - .cfi_register %rbx,%r8 - -@@ -237,6 +240,7 @@ OPENSSL_ia32_cpuid: - .align 16 - OPENSSL_cleanse: - .cfi_startproc -+ endbranch - xor %rax,%rax - cmp \$15,$arg2 - jae .Lot -@@ -274,6 +278,7 @@ OPENSSL_cleanse: - .align 16 - CRYPTO_memcmp: - .cfi_startproc -+ endbranch - xor %rax,%rax - xor %r10,%r10 - cmp \$0,$arg3 -@@ -312,6 +317,7 @@ print<<___ if (!$win64); - .align 16 - OPENSSL_wipe_cpu: - .cfi_startproc -+ endbranch - pxor %xmm0,%xmm0 - pxor %xmm1,%xmm1 - pxor %xmm2,%xmm2 -@@ -346,6 +352,8 @@ print<<___ if ($win64); - .type OPENSSL_wipe_cpu,\@abi-omnipotent - .align 16 - OPENSSL_wipe_cpu: -+.cfi_startproc -+ endbranch - pxor %xmm0,%xmm0 - pxor %xmm1,%xmm1 - pxor %xmm2,%xmm2 -@@ -376,6 +384,7 @@ print<<___; - .align 16 - OPENSSL_instrument_bus: - .cfi_startproc -+ endbranch - mov $arg1,$out # tribute to Win64 - mov $arg2,$cnt - mov $arg2,$max -@@ -410,6 +419,7 @@ OPENSSL_instrument_bus: - .align 16 - OPENSSL_instrument_bus2: - .cfi_startproc -+ endbranch - mov $arg1,$out # tribute to Win64 - mov $arg2,$cnt - mov $arg3,$max -@@ -465,6 +475,7 @@ print<<___; - .align 16 - OPENSSL_ia32_${rdop}_bytes: - .cfi_startproc -+ endbranch - xor %rax, %rax # return value - cmp \$0,$arg2 - je .Ldone_${rdop}_bytes diff --git a/openssl-1.1.1-kdf-selftest.patch b/openssl-1.1.1-kdf-selftest.patch deleted file mode 100644 index 3cb3718..0000000 --- a/openssl-1.1.1-kdf-selftest.patch +++ /dev/null @@ -1,170 +0,0 @@ -diff -up openssl-1.1.1g/crypto/fips/build.info.kdf-selftest openssl-1.1.1g/crypto/fips/build.info ---- openssl-1.1.1g/crypto/fips/build.info.kdf-selftest 2020-06-03 16:08:36.274849058 +0200 -+++ openssl-1.1.1g/crypto/fips/build.info 2020-06-03 16:11:05.609079372 +0200 -@@ -5,7 +5,7 @@ SOURCE[../../libcrypto]=\ - fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \ - fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \ - fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \ -- fips_dh_selftest.c fips_ers.c -+ fips_dh_selftest.c fips_kdf_selftest.c fips_ers.c - - PROGRAMS_NO_INST=\ - fips_standalone_hmac -diff -up openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c ---- openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest 2020-06-03 16:08:36.337849577 +0200 -+++ openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c 2020-06-03 16:08:36.337849577 +0200 -@@ -0,0 +1,117 @@ -+/* -+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include -+#include -+#include -+#include "crypto/fips.h" -+ -+#include -+#include -+ -+#ifdef OPENSSL_FIPS -+int FIPS_selftest_pbkdf2(void) -+{ -+ int ret = 0; -+ EVP_KDF_CTX *kctx; -+ unsigned char out[32]; -+ -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) { -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) { -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) { -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) { -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { -+ goto err; -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { -+ goto err; -+ } -+ -+ { -+ const unsigned char expected[sizeof(out)] = { -+ 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3, -+ 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0, -+ 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf, -+ 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43 -+ }; -+ if (memcmp(out, expected, sizeof(expected))) { -+ goto err; -+ } -+ } -+ ret = 1; -+ -+err: -+ if (!ret) -+ FIPSerr(FIPS_F_FIPS_SELFTEST_PBKDF2, FIPS_R_SELFTEST_FAILED); -+ EVP_KDF_CTX_free(kctx); -+ return ret; -+} -+ -+/* Test vector from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos -+ * 5) appendix A. */ -+int FIPS_selftest_kbkdf(void) -+{ -+ int ret = 0; -+ EVP_KDF_CTX *kctx; -+ char *label = "prf", *prf_input = "test"; -+ static unsigned char input_key[] = { -+ 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28, -+ 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C, -+ }; -+ static unsigned char output[] = { -+ 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE, -+ 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86, -+ 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B, -+ 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95, -+ }; -+ unsigned char result[sizeof(output)] = { 0 }; -+ -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) { -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) { -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) { -+ goto err; -+ } -+ ret = EVP_KDF_derive(kctx, result, sizeof(result)) > 0 -+ && memcmp(result, output, sizeof(output)) == 0; -+err: -+ -+ if (!ret) -+ FIPSerr(FIPS_F_FIPS_SELFTEST_KBKDF, FIPS_R_SELFTEST_FAILED); -+ EVP_KDF_CTX_free(kctx); -+ return ret; -+} -+ -+int FIPS_selftest_kdf(void) -+{ -+ return FIPS_selftest_pbkdf2() && FIPS_selftest_kbkdf(); -+} -+ -+#endif -diff -up openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_post.c ---- openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest 2020-06-03 16:08:36.332849536 +0200 -+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-03 16:08:36.338849585 +0200 -@@ -111,6 +111,8 @@ int FIPS_selftest(void) - rv = 0; - if (!FIPS_selftest_ecdh()) - rv = 0; -+ if (!FIPS_selftest_kdf()) -+ rv = 0; - return rv; - } - -diff -up openssl-1.1.1g/include/crypto/fips.h.kdf-selftest openssl-1.1.1g/include/crypto/fips.h ---- openssl-1.1.1g/include/crypto/fips.h.kdf-selftest 2020-06-03 16:08:36.330849519 +0200 -+++ openssl-1.1.1g/include/crypto/fips.h 2020-06-03 16:08:36.338849585 +0200 -@@ -72,6 +72,9 @@ void FIPS_drbg_stick(int onoff); - int FIPS_selftest_hmac(void); - int FIPS_selftest_drbg(void); - int FIPS_selftest_cmac(void); -+int FIPS_selftest_kbkdf(void); -+int FIPS_selftest_pbkdf2(void); -+int FIPS_selftest_kdf(void); - - int fips_in_post(void); - -diff -up openssl-1.1.1g/include/openssl/fips.h.kdf-selftest openssl-1.1.1g/include/openssl/fips.h ---- openssl-1.1.1g/include/openssl/fips.h.kdf-selftest 2020-06-03 16:08:36.282849124 +0200 -+++ openssl-1.1.1g/include/openssl/fips.h 2020-06-03 16:08:36.338849585 +0200 -@@ -123,6 +123,8 @@ extern "C" { - # define FIPS_F_FIPS_SELFTEST_DSA 112 - # define FIPS_F_FIPS_SELFTEST_ECDSA 133 - # define FIPS_F_FIPS_SELFTEST_HMAC 113 -+# define FIPS_F_FIPS_SELFTEST_KBKDF 151 -+# define FIPS_F_FIPS_SELFTEST_PBKDF2 152 - # define FIPS_F_FIPS_SELFTEST_SHA1 115 - # define FIPS_F_FIPS_SELFTEST_SHA2 105 - # define FIPS_F_OSSL_ECDSA_SIGN_SIG 143 diff --git a/openssl-1.1.1-krb5-kdf.patch b/openssl-1.1.1-krb5-kdf.patch deleted file mode 100644 index 249a5c5..0000000 --- a/openssl-1.1.1-krb5-kdf.patch +++ /dev/null @@ -1,3030 +0,0 @@ -diff -up openssl-1.1.1d/crypto/err/openssl.txt.krb5-kdf openssl-1.1.1d/crypto/err/openssl.txt ---- openssl-1.1.1d/crypto/err/openssl.txt.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 -+++ openssl-1.1.1d/crypto/err/openssl.txt 2019-11-14 15:07:05.342094129 +0100 -@@ -821,6 +821,11 @@ EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_g - EVP_F_SCRYPT_ALG:228:scrypt_alg - EVP_F_UPDATE:173:update - KDF_F_HKDF_EXTRACT:112:HKDF_Extract -+KDF_F_KBKDF_CTRL:134:kbkdf_ctrl -+KDF_F_KBKDF_CTRL_STR:135:kbkdf_ctrl_str -+KDF_F_KBKDF_DERIVE:136:kbkdf_derive -+KDF_F_KBKDF_NEW:137:kbkdf_new -+KDF_F_KDF_CIPHER2CTRL:138:kdf_cipher2ctrl - KDF_F_KDF_HKDF_DERIVE:113:kdf_hkdf_derive - KDF_F_KDF_HKDF_NEW:114:kdf_hkdf_new - KDF_F_KDF_HKDF_SIZE:115:kdf_hkdf_size -@@ -840,6 +845,8 @@ KDF_F_KDF_SSHKDF_NEW:133:kdf_sshkdf_new - KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str - KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive - KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new -+KDF_F_KRB5KDF:139:KRB5KDF -+KDF_F_KRB5KDF_DERIVE:140:krb5kdf_derive - KDF_F_PBKDF2_SET_MEMBUF:128:pbkdf2_set_membuf - KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str - KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive -@@ -853,6 +860,9 @@ KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tl - KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive - KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init - KDF_F_SCRYPT_SET_MEMBUF:129:scrypt_set_membuf -+KDF_F_SSKDF_DERIVE:141:sskdf_derive -+KDF_F_SSKDF_NEW:142:sskdf_new -+KDF_F_SSKDF_SIZE:143:sskdf_size - KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg - OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object - OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid -@@ -2325,7 +2335,13 @@ EVP_R_UNSUPPORTED_SALT_TYPE:126:unsuppor - EVP_R_WRAP_MODE_NOT_ALLOWED:170:wrap mode not allowed - EVP_R_WRONG_FINAL_BLOCK_LENGTH:109:wrong final block length - EVP_R_XTS_DUPLICATED_KEYS:183:xts duplicated keys -+KDF_R_FAILED_TO_GENERATE_KEY:118:failed to generate key -+KDF_R_INVALID_CIPHER:116:invalid cipher -+KDF_R_INVALID_CONSTANT_LENGTH:119:invalid constant length - KDF_R_INVALID_DIGEST:100:invalid digest -+KDF_R_INVALID_SEED_LENGTH:117:invalid seed length -+KDF_R_MISSING_CIPHER:120:missing cipher -+KDF_R_MISSING_CONSTANT:121:missing constant - KDF_R_MISSING_ITERATION_COUNT:109:missing iteration count - KDF_R_MISSING_KEY:104:missing key - KDF_R_MISSING_MESSAGE_DIGEST:105:missing message digest -@@ -2340,6 +2356,7 @@ KDF_R_MISSING_XCGHASH:115:missing xcghas - KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type - KDF_R_VALUE_ERROR:108:value error - KDF_R_VALUE_MISSING:102:value missing -+KDF_R_WRONG_FINAL_BLOCK_LENGTH:120:wrong final block length - KDF_R_WRONG_OUTPUT_BUFFER_SIZE:112:wrong output buffer size - OBJ_R_OID_EXISTS:102:oid exists - OBJ_R_UNKNOWN_NID:101:unknown nid -diff -up openssl-1.1.1d/crypto/evp/kdf_lib.c.krb5-kdf openssl-1.1.1d/crypto/evp/kdf_lib.c ---- openssl-1.1.1d/crypto/evp/kdf_lib.c.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 -+++ openssl-1.1.1d/crypto/evp/kdf_lib.c 2019-11-14 15:07:05.342094129 +0100 -@@ -31,6 +31,9 @@ static const EVP_KDF_METHOD *standard_me - &tls1_prf_kdf_meth, - &hkdf_kdf_meth, - &sshkdf_kdf_meth, -+ &kb_kdf_meth, -+ &krb5kdf_kdf_meth, -+ &ss_kdf_meth - }; - - DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, -diff -up openssl-1.1.1d/include/crypto/evp.h.krb5-kdf openssl-1.1.1d/include/crypto/evp.h ---- openssl-1.1.1d/include/crypto/evp.h.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 -+++ openssl-1.1.1d/include/crypto/evp.h 2019-11-14 15:07:05.342094129 +0100 -@@ -130,6 +130,9 @@ extern const EVP_KDF_METHOD scrypt_kdf_m - extern const EVP_KDF_METHOD tls1_prf_kdf_meth; - extern const EVP_KDF_METHOD hkdf_kdf_meth; - extern const EVP_KDF_METHOD sshkdf_kdf_meth; -+extern const EVP_KDF_METHOD kb_kdf_meth; -+extern const EVP_KDF_METHOD krb5kdf_kdf_meth; -+extern const EVP_KDF_METHOD ss_kdf_meth; - - struct evp_md_st { - int type; -diff -up openssl-1.1.1d/crypto/kdf/build.info.krb5-kdf openssl-1.1.1d/crypto/kdf/build.info ---- openssl-1.1.1d/crypto/kdf/build.info.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 -+++ openssl-1.1.1d/crypto/kdf/build.info 2019-11-14 15:07:05.342094129 +0100 -@@ -1,3 +1,3 @@ - LIBS=../../libcrypto - SOURCE[../../libcrypto]=\ -- tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c -+ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c kbkdf.c krb5kdf.c sskdf.c -diff -up openssl-1.1.1d/crypto/kdf/kbkdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kbkdf.c ---- openssl-1.1.1d/crypto/kdf/kbkdf.c.krb5-kdf 2019-11-14 15:07:05.343094112 +0100 -+++ openssl-1.1.1d/crypto/kdf/kbkdf.c 2019-11-18 17:21:58.326635901 +0100 -@@ -0,0 +1,540 @@ -+/* -+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 2019 Red Hat, Inc. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+/* -+ * This implements https://csrc.nist.gov/publications/detail/sp/800-108/final -+ * section 5.1 ("counter mode") and section 5.2 ("feedback mode") in both HMAC -+ * and CMAC. That document does not name the KDFs it defines; the name is -+ * derived from -+ * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Key-Derivation -+ * -+ * Note that section 5.3 ("double-pipeline mode") is not implemented, though -+ * it would be possible to do so in the future. -+ * -+ * These versions all assume the counter is used. It would be relatively -+ * straightforward to expose a configuration handle should the need arise. -+ * -+ * Variable names attempt to match those of SP800-108. -+ */ -+ -+#include -+#include -+#include -+ -+#include -+#include -+#include -+#include -+ -+#include "internal/numbers.h" -+#include "internal/cryptlib.h" -+#include "crypto/evp.h" -+#include "kdf_local.h" -+ -+#include "e_os.h" -+ -+#ifdef MIN -+# undef MIN -+#endif -+#define MIN(a, b) ((a) < (b)) ? (a) : (b) -+ -+typedef struct { -+ int mac_type; -+ union { -+ HMAC_CTX *hmac; -+ CMAC_CTX *cmac; -+ } m; -+} MAC_CTX; -+ -+/* Our context structure. */ -+struct evp_kdf_impl_st { -+ int mode; -+ -+ MAC_CTX *ctx_init; -+ -+ const EVP_CIPHER *cipher; -+ const EVP_MD *md; -+ -+ /* Names are lowercased versions of those found in SP800-108. */ -+ unsigned char *ki; -+ size_t ki_len; -+ unsigned char *label; -+ size_t label_len; -+ unsigned char *context; -+ size_t context_len; -+ unsigned char *iv; -+ size_t iv_len; -+}; -+ -+static MAC_CTX *EVP_MAC_CTX_new(int mac_type) -+{ -+ MAC_CTX *ctx; -+ -+ ctx = OPENSSL_zalloc(sizeof(*ctx)); -+ if (ctx == NULL) -+ return NULL; -+ -+ ctx->mac_type = mac_type; -+ if (mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { -+ if ((ctx->m.hmac = HMAC_CTX_new()) == NULL) -+ goto err; -+ } else { -+ if ((ctx->m.cmac = CMAC_CTX_new()) == NULL) -+ goto err; -+ } -+ return ctx; -+ -+err: -+ OPENSSL_free(ctx); -+ return NULL; -+} -+ -+static void EVP_MAC_CTX_free(MAC_CTX *ctx) -+{ -+ if (ctx == NULL) -+ return; -+ -+ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) -+ HMAC_CTX_free(ctx->m.hmac); -+ else -+ CMAC_CTX_free(ctx->m.cmac); -+ OPENSSL_free(ctx); -+} -+ -+static MAC_CTX *EVP_MAC_CTX_dup(MAC_CTX *sctx) -+{ -+ MAC_CTX *ctx; -+ -+ ctx = OPENSSL_zalloc(sizeof(*sctx)); -+ if (ctx == NULL) -+ return NULL; -+ -+ ctx->mac_type = sctx->mac_type; -+ if (sctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { -+ if ((ctx->m.hmac = HMAC_CTX_new()) == NULL -+ || HMAC_CTX_copy(ctx->m.hmac, sctx->m.hmac) <= 0) -+ goto err; -+ } else { -+ if ((ctx->m.cmac = CMAC_CTX_new()) == NULL -+ || CMAC_CTX_copy(ctx->m.cmac, sctx->m.cmac) <= 0) -+ goto err; -+ } -+ return ctx; -+ -+err: -+ EVP_MAC_CTX_free(ctx); -+ return NULL; -+} -+ -+static size_t EVP_MAC_size(MAC_CTX *ctx) -+{ -+ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { -+ const EVP_MD *md; -+ -+ if (ctx->m.hmac == NULL) -+ return 0; -+ if ((md = HMAC_CTX_get_md(ctx->m.hmac)) == NULL) -+ return 0; -+ return (size_t)EVP_MD_size(md); -+ } else { -+ const EVP_CIPHER_CTX *cctx; -+ -+ if (ctx->m.cmac == NULL) -+ return 0; -+ if ((cctx = CMAC_CTX_get0_cipher_ctx(ctx->m.cmac)) == NULL) -+ return 0; -+ return EVP_CIPHER_CTX_block_size(cctx); -+ } -+} -+ -+static int EVP_MAC_update(MAC_CTX *ctx, const unsigned char *data, -+ size_t datalen) -+{ -+ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) -+ return HMAC_Update(ctx->m.hmac, data, datalen); -+ else -+ return CMAC_Update(ctx->m.cmac, data, datalen); -+} -+ -+static int EVP_MAC_final(MAC_CTX *ctx, unsigned char *out, -+ size_t *outl, size_t outsize) -+{ -+ if (outsize != EVP_MAC_size(ctx)) -+ /* we do not cope with anything else */ -+ return 0; -+ -+ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { -+ unsigned int intsize = (unsigned int)outsize; -+ int ret; -+ -+ ret = HMAC_Final(ctx->m.hmac, out, &intsize); -+ if (outl != NULL) -+ *outl = intsize; -+ return ret; -+ } else { -+ size_t size = outsize; -+ int ret; -+ -+ ret = CMAC_Final(ctx->m.cmac, out, &size); -+ if (outl != NULL) -+ *outl = size; -+ return ret; -+ } -+} -+ -+static int evp_mac_init(MAC_CTX *ctx, const EVP_MD *md, -+ const EVP_CIPHER *cipher, unsigned char *key, size_t keylen) -+{ -+ if (ctx->mac_type == EVP_KDF_KB_MAC_TYPE_HMAC) { -+ if (md == NULL) -+ return 0; -+ return HMAC_Init_ex(ctx->m.hmac, key, (int)keylen, md, NULL); -+ } else { -+ if (cipher == NULL) -+ return 0; -+ return CMAC_Init(ctx->m.cmac, key, keylen, cipher, NULL); -+ } -+} -+ -+static void kbkdf_reset(EVP_KDF_IMPL *ctx); -+ -+/* Not all platforms have htobe32(). */ -+static uint32_t be32(uint32_t host) -+{ -+ uint32_t big = 0; -+ const union { -+ long one; -+ char little; -+ } is_endian = { 1 }; -+ -+ if (!is_endian.little) -+ return host; -+ -+ big |= (host & 0xff000000) >> 24; -+ big |= (host & 0x00ff0000) >> 8; -+ big |= (host & 0x0000ff00) << 8; -+ big |= (host & 0x000000ff) << 24; -+ return big; -+} -+ -+static EVP_KDF_IMPL *kbkdf_new(void) -+{ -+ EVP_KDF_IMPL *ctx; -+ -+ ctx = OPENSSL_zalloc(sizeof(*ctx)); -+ if (ctx == NULL) { -+ KDFerr(KDF_F_KBKDF_NEW, ERR_R_MALLOC_FAILURE); -+ return NULL; -+ } -+ -+ return ctx; -+} -+ -+static void kbkdf_free(EVP_KDF_IMPL *ctx) -+{ -+ kbkdf_reset(ctx); -+ OPENSSL_free(ctx); -+} -+ -+static void kbkdf_reset(EVP_KDF_IMPL *ctx) -+{ -+ EVP_MAC_CTX_free(ctx->ctx_init); -+ OPENSSL_clear_free(ctx->context, ctx->context_len); -+ OPENSSL_clear_free(ctx->label, ctx->label_len); -+ OPENSSL_clear_free(ctx->ki, ctx->ki_len); -+ OPENSSL_clear_free(ctx->iv, ctx->iv_len); -+ memset(ctx, 0, sizeof(*ctx)); -+} -+ -+/* SP800-108 section 5.1 or section 5.2 depending on mode. */ -+static int derive(MAC_CTX *ctx_init, int mode, unsigned char *iv, -+ size_t iv_len, unsigned char *label, size_t label_len, -+ unsigned char *context, size_t context_len, -+ unsigned char *k_i, size_t h, uint32_t l, unsigned char *ko, -+ size_t ko_len) -+{ -+ int ret = 0; -+ MAC_CTX *ctx = NULL; -+ size_t written = 0, to_write, k_i_len = iv_len; -+ const unsigned char zero = 0; -+ uint32_t counter, i; -+ -+ /* Setup K(0) for feedback mode. */ -+ if (iv_len > 0) -+ memcpy(k_i, iv, iv_len); -+ -+ for (counter = 1; written < ko_len; counter++) { -+ i = be32(counter); -+ -+ ctx = EVP_MAC_CTX_dup(ctx_init); -+ if (ctx == NULL) -+ goto done; -+ -+ /* Perform feedback, if appropriate. */ -+ if (mode == EVP_KDF_KB_MODE_FEEDBACK && !EVP_MAC_update(ctx, k_i, k_i_len)) -+ goto done; -+ -+ if (!EVP_MAC_update(ctx, (unsigned char *)&i, 4) -+ || !EVP_MAC_update(ctx, label, label_len) -+ || !EVP_MAC_update(ctx, &zero, 1) -+ || !EVP_MAC_update(ctx, context, context_len) -+ || !EVP_MAC_update(ctx, (unsigned char *)&l, 4) -+ || !EVP_MAC_final(ctx, k_i, NULL, h)) -+ goto done; -+ -+ to_write = ko_len - written; -+ memcpy(ko + written, k_i, MIN(to_write, h)); -+ written += h; -+ -+ k_i_len = h; -+ EVP_MAC_CTX_free(ctx); -+ ctx = NULL; -+ } -+ -+ ret = 1; -+done: -+ EVP_MAC_CTX_free(ctx); -+ return ret; -+} -+ -+static int kbkdf_derive(EVP_KDF_IMPL *ctx, unsigned char *key, size_t keylen) -+{ -+ int ret = 0; -+ unsigned char *k_i = NULL; -+ uint32_t l = be32(keylen * 8); -+ size_t h = 0; -+ -+ /* label, context, and iv are permitted to be empty. Check everything -+ * else. */ -+ if (ctx->ctx_init == NULL -+ || evp_mac_init(ctx->ctx_init, ctx->md, ctx->cipher, ctx->ki, ctx->ki_len) <= 0) { -+ if (ctx->ki_len == 0 || ctx->ki == NULL) { -+ KDFerr(KDF_F_KBKDF_DERIVE, KDF_R_MISSING_KEY); -+ return 0; -+ } -+ /* Could either be missing MAC or missing message digest or missing -+ * cipher - arbitrarily, I pick this one. */ -+ KDFerr(KDF_F_KBKDF_DERIVE, KDF_R_MISSING_PARAMETER); -+ return 0; -+ } -+ -+ h = EVP_MAC_size(ctx->ctx_init); -+ if (h == 0) -+ goto done; -+ if (ctx->iv_len != 0 && ctx->iv_len != h) { -+ KDFerr(KDF_F_KBKDF_DERIVE, KDF_R_INVALID_SEED_LENGTH); -+ goto done; -+ } -+ -+ k_i = OPENSSL_zalloc(h); -+ if (k_i == NULL) -+ goto done; -+ -+ ret = derive(ctx->ctx_init, ctx->mode, ctx->iv, ctx->iv_len, ctx->label, -+ ctx->label_len, ctx->context, ctx->context_len, k_i, h, l, -+ key, keylen); -+done: -+ if (ret != 1) -+ OPENSSL_cleanse(key, keylen); -+ OPENSSL_clear_free(k_i, h); -+ return ret; -+} -+ -+static size_t kbkdf_size(EVP_KDF_IMPL *ctx) -+{ -+ return UINT32_MAX/8; -+} -+ -+static int kbkdf_parse_buffer_arg(unsigned char **dst, size_t *dst_len, -+ va_list args) -+{ -+ const unsigned char *p; -+ size_t len; -+ -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ OPENSSL_clear_free(*dst, *dst_len); -+ if (len == 0) { -+ *dst = NULL; -+ *dst_len = 0; -+ return 1; -+ } -+ -+ *dst = OPENSSL_memdup(p, len); -+ if (*dst == NULL) -+ return 0; -+ -+ *dst_len = len; -+ return 1; -+} -+ -+static int kbkdf_ctrl(EVP_KDF_IMPL *ctx, int cmd, va_list args) -+{ -+ int t; -+ -+ switch (cmd) { -+ case EVP_KDF_CTRL_SET_MD: -+ ctx->md = va_arg(args, const EVP_MD *); -+ if (ctx->md == NULL) -+ return 0; -+ -+ return 1; -+ -+ case EVP_KDF_CTRL_SET_CIPHER: -+ ctx->cipher = va_arg(args, const EVP_CIPHER *); -+ if (ctx->cipher == NULL) -+ return 0; -+ -+ return 1; -+ -+ case EVP_KDF_CTRL_SET_KEY: -+ return kbkdf_parse_buffer_arg(&ctx->ki, -+ &ctx->ki_len, args); -+ -+ case EVP_KDF_CTRL_SET_SALT: -+ return kbkdf_parse_buffer_arg(&ctx->label, -+ &ctx->label_len, args); -+ -+ case EVP_KDF_CTRL_SET_KB_INFO: -+ return kbkdf_parse_buffer_arg(&ctx->context, -+ &ctx->context_len, args); -+ -+ case EVP_KDF_CTRL_SET_KB_SEED: -+ return kbkdf_parse_buffer_arg(&ctx->iv, -+ &ctx->iv_len, args); -+ -+ case EVP_KDF_CTRL_SET_KB_MODE: -+ t = va_arg(args, int); -+ if (t != EVP_KDF_KB_MODE_COUNTER && t != EVP_KDF_KB_MODE_FEEDBACK ) { -+ KDFerr(KDF_F_KBKDF_CTRL, KDF_R_VALUE_ERROR); -+ return 0; -+ } -+ ctx->mode = t; -+ return 1; -+ -+ case EVP_KDF_CTRL_SET_KB_MAC_TYPE: -+ t = va_arg(args, int); -+ if (t != EVP_KDF_KB_MAC_TYPE_HMAC && t != EVP_KDF_KB_MAC_TYPE_CMAC ) { -+ KDFerr(KDF_F_KBKDF_CTRL, KDF_R_VALUE_ERROR); -+ return 0; -+ } -+ -+ if (ctx->ctx_init != NULL) { -+ EVP_MAC_CTX_free(ctx->ctx_init); -+ } -+ ctx->ctx_init = EVP_MAC_CTX_new(t); -+ if (ctx->ctx_init == NULL) { -+ KDFerr(KDF_F_KBKDF_CTRL, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ return 1; -+ -+ default: -+ return -2; -+ -+ } -+} -+ -+static int kbkdf_ctrl_str(EVP_KDF_IMPL *ctx, const char *type, -+ const char *value) -+{ -+ if (value == NULL) { -+ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_MISSING); -+ return 0; -+ } -+ -+ if (strcmp(type, "digest") == 0) -+ return kdf_md2ctrl(ctx, kbkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); -+ /* alias, for historical reasons */ -+ if (strcmp(type, "md") == 0) -+ return kdf_md2ctrl(ctx, kbkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); -+ -+ if (strcmp(type, "cipher") == 0) -+ return kdf_cipher2ctrl(ctx, kbkdf_ctrl, EVP_KDF_CTRL_SET_CIPHER, value); -+ -+ if (strcmp(type, "key") == 0) -+ return kdf_str2ctrl(ctx, kbkdf_ctrl, -+ EVP_KDF_CTRL_SET_KEY, value); -+ -+ if (strcmp(type, "hexkey") == 0) -+ return kdf_hex2ctrl(ctx, kbkdf_ctrl, -+ EVP_KDF_CTRL_SET_KEY, value); -+ -+ if (strcmp(type, "salt") == 0) -+ return kdf_str2ctrl(ctx, kbkdf_ctrl, -+ EVP_KDF_CTRL_SET_SALT, value); -+ -+ if (strcmp(type, "hexsalt") == 0) -+ return kdf_hex2ctrl(ctx, kbkdf_ctrl, -+ EVP_KDF_CTRL_SET_SALT, value); -+ -+ if (strcmp(type, "info") == 0) -+ return kdf_str2ctrl(ctx, kbkdf_ctrl, -+ EVP_KDF_CTRL_SET_KB_INFO, value); -+ -+ if (strcmp(type, "hexinfo") == 0) -+ return kdf_hex2ctrl(ctx, kbkdf_ctrl, -+ EVP_KDF_CTRL_SET_KB_INFO, value); -+ -+ if (strcmp(type, "seed") == 0) -+ return kdf_str2ctrl(ctx, kbkdf_ctrl, -+ EVP_KDF_CTRL_SET_KB_SEED, value); -+ -+ if (strcmp(type, "hexseed") == 0) -+ return kdf_hex2ctrl(ctx, kbkdf_ctrl, -+ EVP_KDF_CTRL_SET_KB_SEED, value); -+ -+ if (strcmp(type, "mode") == 0) { -+ int mode; -+ -+ if (strcasecmp(value, "counter") == 0) { -+ mode = EVP_KDF_KB_MODE_COUNTER; -+ } else if (strcasecmp(value, "feedback") == 0) { -+ mode = EVP_KDF_KB_MODE_FEEDBACK; -+ } else { -+ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_VALUE_ERROR); -+ return 0; -+ } -+ -+ return call_ctrl(kbkdf_ctrl, ctx, EVP_KDF_CTRL_SET_KB_MODE, -+ mode); -+ } -+ -+ if (strcmp(type, "mac_type") == 0) { -+ int mac_type; -+ -+ if (strcasecmp(value, "hmac") == 0) { -+ mac_type = EVP_KDF_KB_MAC_TYPE_HMAC; -+ } else if (strcasecmp(value, "cmac") == 0) { -+ mac_type = EVP_KDF_KB_MAC_TYPE_CMAC; -+ } else { -+ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_VALUE_ERROR); -+ return 0; -+ } -+ -+ return call_ctrl(kbkdf_ctrl, ctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, -+ mac_type); -+ } -+ -+ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); -+ return -2; -+} -+ -+const EVP_KDF_METHOD kb_kdf_meth = { -+ EVP_KDF_KB, -+ kbkdf_new, -+ kbkdf_free, -+ kbkdf_reset, -+ kbkdf_ctrl, -+ kbkdf_ctrl_str, -+ kbkdf_size, -+ kbkdf_derive, -+}; -+ -diff -up openssl-1.1.1d/crypto/kdf/kdf_err.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_err.c ---- openssl-1.1.1d/crypto/kdf/kdf_err.c.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 -+++ openssl-1.1.1d/crypto/kdf/kdf_err.c 2019-11-14 15:07:05.343094112 +0100 -@@ -15,6 +15,11 @@ - - static const ERR_STRING_DATA KDF_str_functs[] = { - {ERR_PACK(ERR_LIB_KDF, KDF_F_HKDF_EXTRACT, 0), "HKDF_Extract"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_CTRL, 0), "kbkdf_ctrl"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_CTRL_STR, 0), "kbkdf_ctrl_str"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_DERIVE, 0), "kbkdf_derive"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KBKDF_NEW, 0), "kbkdf_new"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_CIPHER2CTRL, 0), "kdf_cipher2ctrl"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_DERIVE, 0), "kdf_hkdf_derive"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_NEW, 0), "kdf_hkdf_new"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_HKDF_SIZE, 0), "kdf_hkdf_size"}, -@@ -41,6 +46,8 @@ static const ERR_STRING_DATA KDF_str_fun - {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_DERIVE, 0), - "kdf_tls1_prf_derive"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_NEW, 0), "kdf_tls1_prf_new"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KRB5KDF, 0), "KRB5KDF"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KRB5KDF_DERIVE, 0), "krb5kdf_derive"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PBKDF2_SET_MEMBUF, 0), "pbkdf2_set_membuf"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, -@@ -59,12 +66,22 @@ static const ERR_STRING_DATA KDF_str_fun - "pkey_tls1_prf_derive"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_SCRYPT_SET_MEMBUF, 0), "scrypt_set_membuf"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_SSKDF_DERIVE, 0), "sskdf_derive"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_SSKDF_NEW, 0), "sskdf_new"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_SSKDF_SIZE, 0), "sskdf_size"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "tls1_prf_alg"}, - {0, NULL} - }; - - static const ERR_STRING_DATA KDF_str_reasons[] = { -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_FAILED_TO_GENERATE_KEY), -+ "failed to generate key"}, -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_CIPHER), "invalid cipher"}, -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_CONSTANT_LENGTH), "invalid constant length"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"}, -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_SEED_LENGTH), "invalid seed length"}, -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_CIPHER), "missing cipher"}, -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_CONSTANT), "missing constant"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_ITERATION_COUNT), - "missing iteration count"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"}, -@@ -82,6 +99,8 @@ static const ERR_STRING_DATA KDF_str_rea - "unknown parameter type"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_FINAL_BLOCK_LENGTH), -+ "wrong final block length"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_OUTPUT_BUFFER_SIZE), - "wrong output buffer size"}, - {0, NULL} -diff -up openssl-1.1.1d/crypto/kdf/kdf_local.h.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_local.h ---- openssl-1.1.1d/crypto/kdf/kdf_local.h.krb5-kdf 2019-11-14 15:07:05.313094646 +0100 -+++ openssl-1.1.1d/crypto/kdf/kdf_local.h 2019-11-14 15:07:05.344094093 +0100 -@@ -19,4 +19,6 @@ int kdf_hex2ctrl(EVP_KDF_IMPL *impl, - int kdf_md2ctrl(EVP_KDF_IMPL *impl, - int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), - int cmd, const char *md_name); -- -+int kdf_cipher2ctrl(EVP_KDF_IMPL *impl, -+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), -+ int cmd, const char *cipher_name); -diff -up openssl-1.1.1d/crypto/kdf/kdf_util.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_util.c ---- openssl-1.1.1d/crypto/kdf/kdf_util.c.krb5-kdf 2019-11-14 15:07:05.313094646 +0100 -+++ openssl-1.1.1d/crypto/kdf/kdf_util.c 2019-11-14 15:07:05.344094093 +0100 -@@ -71,3 +71,16 @@ int kdf_md2ctrl(EVP_KDF_IMPL *impl, - return call_ctrl(ctrl, impl, cmd, md); - } - -+/* Pass a cipher to a ctrl */ -+int kdf_cipher2ctrl(EVP_KDF_IMPL *impl, -+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), -+ int cmd, const char *cipher_name) -+{ -+ const EVP_CIPHER *cipher; -+ -+ if (cipher_name == NULL || (cipher = EVP_get_cipherbyname(cipher_name)) == NULL) { -+ KDFerr(KDF_F_KDF_CIPHER2CTRL, KDF_R_INVALID_CIPHER); -+ return 0; -+ } -+ return call_ctrl(ctrl, impl, cmd, cipher); -+} -diff -up openssl-1.1.1d/crypto/kdf/krb5kdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/krb5kdf.c ---- openssl-1.1.1d/crypto/kdf/krb5kdf.c.krb5-kdf 2019-11-14 15:07:05.344094093 +0100 -+++ openssl-1.1.1d/crypto/kdf/krb5kdf.c 2019-11-18 17:18:13.056604404 +0100 -@@ -0,0 +1,423 @@ -+/* -+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the OpenSSL license (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include -+#include -+#include -+ -+#include -+#include -+#include -+ -+#include "internal/cryptlib.h" -+#include "crypto/evp.h" -+#include "kdf_local.h" -+ -+/* KRB5 KDF defined in RFC 3961, Section 5.1 */ -+ -+static int KRB5KDF(const EVP_CIPHER *cipher, -+ const unsigned char *key, size_t key_len, -+ const unsigned char *constant, size_t constant_len, -+ unsigned char *okey, size_t okey_len); -+ -+struct evp_kdf_impl_st { -+ const EVP_CIPHER *cipher; -+ unsigned char *key; -+ size_t key_len; -+ unsigned char *constant; -+ size_t constant_len; -+}; -+ -+static void krb5kdf_reset(EVP_KDF_IMPL *ctx); -+ -+static EVP_KDF_IMPL *krb5kdf_new(void) -+{ -+ EVP_KDF_IMPL *ctx; -+ -+ if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) -+ KDFerr(KDF_F_KBKDF_NEW, ERR_R_MALLOC_FAILURE); -+ return ctx; -+} -+ -+static void krb5kdf_free(EVP_KDF_IMPL *ctx) -+{ -+ krb5kdf_reset(ctx); -+ OPENSSL_free(ctx); -+} -+ -+static void krb5kdf_reset(EVP_KDF_IMPL *ctx) -+{ -+ OPENSSL_clear_free(ctx->key, ctx->key_len); -+ OPENSSL_clear_free(ctx->constant, ctx->constant_len); -+ memset(ctx, 0, sizeof(*ctx)); -+} -+ -+static int krb5kdf_derive(EVP_KDF_IMPL *ctx, unsigned char *key, -+ size_t keylen) -+{ -+ if (ctx->cipher == NULL) { -+ KDFerr(KDF_F_KRB5KDF_DERIVE, KDF_R_MISSING_CIPHER); -+ return 0; -+ } -+ if (ctx->key == NULL) { -+ KDFerr(KDF_F_KRB5KDF_DERIVE, KDF_R_MISSING_KEY); -+ return 0; -+ } -+ if (ctx->constant == NULL) { -+ KDFerr(KDF_F_KRB5KDF_DERIVE, KDF_R_MISSING_CONSTANT); -+ return 0; -+ } -+ return KRB5KDF(ctx->cipher, ctx->key, ctx->key_len, -+ ctx->constant, ctx->constant_len, -+ key, keylen); -+} -+ -+static size_t krb5kdf_size(EVP_KDF_IMPL *ctx) -+{ -+ if (ctx->cipher != NULL) -+ return EVP_CIPHER_key_length(ctx->cipher); -+ else -+ return EVP_MAX_KEY_LENGTH; -+} -+ -+ -+static int krb5kdf_parse_buffer_arg(unsigned char **dst, size_t *dst_len, -+ va_list args) -+{ -+ const unsigned char *p; -+ size_t len; -+ -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ OPENSSL_clear_free(*dst, *dst_len); -+ if (len == 0) { -+ *dst = NULL; -+ *dst_len = 0; -+ return 1; -+ } -+ -+ *dst = OPENSSL_memdup(p, len); -+ if (*dst == NULL) -+ return 0; -+ -+ *dst_len = len; -+ return 1; -+} -+ -+static int krb5kdf_ctrl(EVP_KDF_IMPL *ctx, int cmd, va_list args) -+{ -+ switch (cmd) { -+ case EVP_KDF_CTRL_SET_CIPHER: -+ ctx->cipher = va_arg(args, const EVP_CIPHER *); -+ if (ctx->cipher == NULL) -+ return 0; -+ -+ return 1; -+ -+ case EVP_KDF_CTRL_SET_KEY: -+ return krb5kdf_parse_buffer_arg(&ctx->key, -+ &ctx->key_len, args); -+ -+ case EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT: -+ return krb5kdf_parse_buffer_arg(&ctx->constant, -+ &ctx->constant_len, args); -+ default: -+ return -2; -+ -+ } -+} -+ -+static int krb5kdf_ctrl_str(EVP_KDF_IMPL *ctx, const char *type, -+ const char *value) -+{ -+ if (value == NULL) { -+ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_MISSING); -+ return 0; -+ } -+ -+ if (strcmp(type, "cipher") == 0) -+ return kdf_cipher2ctrl(ctx, krb5kdf_ctrl, EVP_KDF_CTRL_SET_CIPHER, value); -+ -+ if (strcmp(type, "key") == 0) -+ return kdf_str2ctrl(ctx, krb5kdf_ctrl, -+ EVP_KDF_CTRL_SET_KEY, value); -+ -+ if (strcmp(type, "hexkey") == 0) -+ return kdf_hex2ctrl(ctx, krb5kdf_ctrl, -+ EVP_KDF_CTRL_SET_KEY, value); -+ -+ if (strcmp(type, "constant") == 0) -+ return kdf_str2ctrl(ctx, krb5kdf_ctrl, -+ EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, value); -+ -+ if (strcmp(type, "hexconstant") == 0) -+ return kdf_hex2ctrl(ctx, krb5kdf_ctrl, -+ EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, value); -+ -+ KDFerr(KDF_F_KBKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); -+ return -2; -+} -+ -+ -+#ifndef OPENSSL_NO_DES -+/* -+ * DES3 is a special case, it requires a random-to-key function and its -+ * input truncated to 21 bytes of the 24 produced by the cipher. -+ * See RFC3961 6.3.1 -+ */ -+static int fixup_des3_key(unsigned char *key) -+{ -+ unsigned char *cblock; -+ int i, j; -+ -+ for (i = 2; i >= 0; i--) { -+ cblock = &key[i * 8]; -+ memmove(cblock, &key[i * 7], 7); -+ cblock[7] = 0; -+ for (j = 0; j < 7; j++) -+ cblock[7] |= (cblock[j] & 1) << (j + 1); -+ DES_set_odd_parity((DES_cblock *)cblock); -+ } -+ -+ /* fail if keys are such that triple des degrades to single des */ -+ if (CRYPTO_memcmp(&key[0], &key[8], 8) == 0 || -+ CRYPTO_memcmp(&key[8], &key[16], 8) == 0) { -+ return 0; -+ } -+ -+ return 1; -+} -+#endif -+ -+/* -+ * N-fold(K) where blocksize is N, and constant_len is K -+ * Note: Here |= denotes concatenation -+ * -+ * L = lcm(N,K) -+ * R = L/K -+ * -+ * for r: 1 -> R -+ * s |= constant rot 13*(r-1)) -+ * -+ * block = 0 -+ * for k: 1 -> K -+ * block += s[N(k-1)..(N-1)k] (one's complement addition) -+ * -+ * Optimizing for space we compute: -+ * for each l in L-1 -> 0: -+ * s[l] = (constant rot 13*(l/K))[l%k] -+ * block[l % N] += s[l] (with carry) -+ * finally add carry if any -+ */ -+static void n_fold(unsigned char *block, unsigned int blocksize, -+ const unsigned char *constant, size_t constant_len) -+{ -+ unsigned int tmp, gcd, remainder, lcm, carry; -+ int b, l; -+ -+ if (constant_len == blocksize) { -+ memcpy(block, constant, constant_len); -+ return; -+ } -+ -+ /* Least Common Multiple of lengths: LCM(a,b)*/ -+ gcd = blocksize; -+ remainder = constant_len; -+ /* Calculate Great Common Divisor first GCD(a,b) */ -+ while (remainder != 0) { -+ tmp = gcd % remainder; -+ gcd = remainder; -+ remainder = tmp; -+ } -+ /* resulting a is the GCD, LCM(a,b) = |a*b|/GCD(a,b) */ -+ lcm = blocksize * constant_len / gcd; -+ -+ /* now spread out the bits */ -+ memset(block, 0, blocksize); -+ -+ /* last to first to be able to bring carry forward */ -+ carry = 0; -+ for (l = lcm - 1; l >= 0; l--) { -+ unsigned int rotbits, rshift, rbyte; -+ -+ /* destination byte in block is l % N */ -+ b = l % blocksize; -+ /* Our virtual s buffer is R = L/K long (K = constant_len) */ -+ /* So we rotate backwards from R-1 to 0 (none) rotations */ -+ rotbits = 13 * (l / constant_len); -+ /* find the byte on s where rotbits falls onto */ -+ rbyte = l - (rotbits / 8); -+ /* calculate how much shift on that byte */ -+ rshift = rotbits & 0x07; -+ /* rbyte % constant_len gives us the unrotated byte in the -+ * constant buffer, get also the previous byte then -+ * appropriately shift them to get the rotated byte we need */ -+ tmp = (constant[(rbyte-1) % constant_len] << (8 - rshift) -+ | constant[rbyte % constant_len] >> rshift) -+ & 0xff; -+ /* add with carry to any value placed by previous passes */ -+ tmp += carry + block[b]; -+ block[b] = tmp & 0xff; -+ /* save any carry that may be left */ -+ carry = tmp >> 8; -+ } -+ -+ /* if any carry is left at the end, add it through the number */ -+ for (b = blocksize - 1; b >= 0 && carry != 0; b--) { -+ carry += block[b]; -+ block[b] = carry & 0xff; -+ carry >>= 8; -+ } -+} -+ -+static int cipher_init(EVP_CIPHER_CTX *ctx, -+ const EVP_CIPHER *cipher, -+ const unsigned char *key, size_t key_len) -+{ -+ int klen, ret; -+ -+ ret = EVP_EncryptInit_ex(ctx, cipher, NULL, key, NULL); -+ if (!ret) -+ goto out; -+ /* set the key len for the odd variable key len cipher */ -+ klen = EVP_CIPHER_CTX_key_length(ctx); -+ if (key_len != (size_t)klen) { -+ ret = EVP_CIPHER_CTX_set_key_length(ctx, key_len); -+ if (!ret) -+ goto out; -+ } -+ /* we never want padding, either the length requested is a multiple of -+ * the cipher block size or we are passed a cipher that can cope with -+ * partial blocks via techniques like cipher text stealing */ -+ ret = EVP_CIPHER_CTX_set_padding(ctx, 0); -+ if (!ret) -+ goto out; -+ -+out: -+ return ret; -+} -+ -+static int KRB5KDF(const EVP_CIPHER *cipher, -+ const unsigned char *key, size_t key_len, -+ const unsigned char *constant, size_t constant_len, -+ unsigned char *okey, size_t okey_len) -+{ -+ EVP_CIPHER_CTX *ctx = NULL; -+ unsigned char block[EVP_MAX_BLOCK_LENGTH * 2]; -+ unsigned char *plainblock, *cipherblock; -+ size_t blocksize; -+ size_t cipherlen; -+ size_t osize; -+ int des3_no_fixup = 0; -+ int ret; -+ -+ if (key_len != okey_len) { -+ /* special case for 3des, where the caller may be requesting -+ * the random raw key, instead of the fixed up key */ -+ if (EVP_CIPHER_nid(cipher) == NID_des_ede3_cbc && -+ key_len == 24 && okey_len == 21) { -+ des3_no_fixup = 1; -+ } else { -+ KDFerr(KDF_F_KRB5KDF, KDF_R_WRONG_OUTPUT_BUFFER_SIZE); -+ return 0; -+ } -+ } -+ -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) -+ return 0; -+ -+ ret = cipher_init(ctx, cipher, key, key_len); -+ if (!ret) -+ goto out; -+ -+ /* Initialize input block */ -+ blocksize = EVP_CIPHER_CTX_block_size(ctx); -+ -+ if (constant_len == 0 || constant_len > blocksize) { -+ KDFerr(KDF_F_KRB5KDF, KDF_R_INVALID_CONSTANT_LENGTH); -+ ret = 0; -+ goto out; -+ } -+ -+ n_fold(block, blocksize, constant, constant_len); -+ plainblock = block; -+ cipherblock = block + EVP_MAX_BLOCK_LENGTH; -+ -+ for (osize = 0; osize < okey_len; osize += cipherlen) { -+ int olen; -+ -+ ret = EVP_EncryptUpdate(ctx, cipherblock, &olen, -+ plainblock, blocksize); -+ if (!ret) -+ goto out; -+ cipherlen = olen; -+ ret = EVP_EncryptFinal_ex(ctx, cipherblock, &olen); -+ if (!ret) -+ goto out; -+ if (olen != 0) { -+ KDFerr(KDF_F_KRB5KDF, KDF_R_WRONG_FINAL_BLOCK_LENGTH); -+ ret = 0; -+ goto out; -+ } -+ -+ /* write cipherblock out */ -+ if (cipherlen > okey_len - osize) -+ cipherlen = okey_len - osize; -+ memcpy(okey + osize, cipherblock, cipherlen); -+ -+ if (okey_len > osize + cipherlen) { -+ /* we need to reinitialize cipher context per spec */ -+ ret = EVP_CIPHER_CTX_reset(ctx); -+ if (!ret) -+ goto out; -+ ret = cipher_init(ctx, cipher, key, key_len); -+ if (!ret) -+ goto out; -+ -+ /* also swap block offsets so last ciphertext becomes new -+ * plaintext */ -+ plainblock = cipherblock; -+ if (cipherblock == block) { -+ cipherblock += EVP_MAX_BLOCK_LENGTH; -+ } else { -+ cipherblock = block; -+ } -+ } -+ } -+ -+#ifndef OPENSSL_NO_DES -+ if (EVP_CIPHER_nid(cipher) == NID_des_ede3_cbc && !des3_no_fixup) { -+ ret = fixup_des3_key(okey); -+ if (!ret) { -+ KDFerr(KDF_F_KRB5KDF, KDF_R_FAILED_TO_GENERATE_KEY); -+ goto out; -+ } -+ } -+#endif -+ -+ ret = 1; -+ -+out: -+ EVP_CIPHER_CTX_free(ctx); -+ OPENSSL_cleanse(block, EVP_MAX_BLOCK_LENGTH * 2); -+ return ret; -+} -+ -+const EVP_KDF_METHOD krb5kdf_kdf_meth = { -+ EVP_KDF_KRB5KDF, -+ krb5kdf_new, -+ krb5kdf_free, -+ krb5kdf_reset, -+ krb5kdf_ctrl, -+ krb5kdf_ctrl_str, -+ krb5kdf_size, -+ krb5kdf_derive, -+}; -+ -diff -up openssl-1.1.1d/crypto/kdf/sshkdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/sshkdf.c ---- openssl-1.1.1d/crypto/kdf/sshkdf.c.krb5-kdf 2019-11-14 15:07:05.327094396 +0100 -+++ openssl-1.1.1d/crypto/kdf/sshkdf.c 2019-11-18 17:18:25.343388314 +0100 -@@ -12,6 +12,7 @@ - #include - #include - #include -+#include "internal/numbers.h" - #include "internal/cryptlib.h" - #include "crypto/evp.h" - #include "kdf_local.h" -@@ -68,6 +69,12 @@ static int kdf_sshkdf_parse_buffer_arg(u - p = va_arg(args, const unsigned char *); - len = va_arg(args, size_t); - OPENSSL_clear_free(*dst, *dst_len); -+ if (len == 0) { -+ *dst = NULL; -+ *dst_len = 0; -+ return 1; -+ } -+ - *dst = OPENSSL_memdup(p, len); - if (*dst == NULL) - return 0; -diff -up openssl-1.1.1d/crypto/kdf/sskdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/sskdf.c ---- openssl-1.1.1d/crypto/kdf/sskdf.c.krb5-kdf 2019-11-14 15:07:05.344094093 +0100 -+++ openssl-1.1.1d/crypto/kdf/sskdf.c 2019-11-18 17:21:40.349952802 +0100 -@@ -0,0 +1,255 @@ -+/* -+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+/* -+ * Refer to https://csrc.nist.gov/publications/detail/sp/800-56c/rev-1/final -+ * Section 4.1. -+ * -+ * The Single Step KDF algorithm is given by: -+ * -+ * Result(0) = empty bit string (i.e., the null string). -+ * For i = 1 to reps, do the following: -+ * Increment counter by 1. -+ * Result(i) = Result(i – 1) || H(counter || Z || FixedInfo). -+ * DKM = LeftmostBits(Result(reps), L)) -+ * -+ * NOTES: -+ * Z is a shared secret required to produce the derived key material. -+ * counter is a 4 byte buffer. -+ * FixedInfo is a bit string containing context specific data. -+ * DKM is the output derived key material. -+ * L is the required size of the DKM. -+ * reps = [L / H_outputBits] -+ * H(x) is the auxiliary function that can be either a hash, HMAC or KMAC. -+ * This backported version supports only a hash. -+ * H_outputBits is the length of the output of the auxiliary function H(x). -+ * -+ * Currently there is not a comprehensive list of test vectors for this -+ * algorithm, especially for H(x) = HMAC and H(x) = KMAC. -+ * Test vectors for H(x) = Hash are indirectly used by CAVS KAS tests. -+ */ -+#include -+#include -+#include -+#include -+#include -+#include -+#include "internal/cryptlib.h" -+#include "crypto/evp.h" -+#include "kdf_local.h" -+ -+struct evp_kdf_impl_st { -+ const EVP_MD *md; /* H(x) = hash */ -+ unsigned char *secret; -+ size_t secret_len; -+ unsigned char *info; -+ size_t info_len; -+}; -+ -+#define SSKDF_MAX_INLEN (1<<30) -+ -+/* -+ * Refer to https://csrc.nist.gov/publications/detail/sp/800-56c/rev-1/final -+ * Section 4. One-Step Key Derivation using H(x) = hash(x) -+ */ -+static int SSKDF_hash_kdm(const EVP_MD *kdf_md, -+ const unsigned char *z, size_t z_len, -+ const unsigned char *info, size_t info_len, -+ unsigned char *derived_key, size_t derived_key_len) -+{ -+ int ret = 0, hlen; -+ size_t counter, out_len, len = derived_key_len; -+ unsigned char c[4]; -+ unsigned char mac[EVP_MAX_MD_SIZE]; -+ unsigned char *out = derived_key; -+ EVP_MD_CTX *ctx = NULL, *ctx_init = NULL; -+ -+ if (z_len > SSKDF_MAX_INLEN || info_len > SSKDF_MAX_INLEN -+ || derived_key_len > SSKDF_MAX_INLEN -+ || derived_key_len == 0) -+ return 0; -+ -+ hlen = EVP_MD_size(kdf_md); -+ if (hlen <= 0) -+ return 0; -+ out_len = (size_t)hlen; -+ -+ ctx = EVP_MD_CTX_create(); -+ ctx_init = EVP_MD_CTX_create(); -+ if (ctx == NULL || ctx_init == NULL) -+ goto end; -+ -+ if (!EVP_DigestInit(ctx_init, kdf_md)) -+ goto end; -+ -+ for (counter = 1;; counter++) { -+ c[0] = (unsigned char)((counter >> 24) & 0xff); -+ c[1] = (unsigned char)((counter >> 16) & 0xff); -+ c[2] = (unsigned char)((counter >> 8) & 0xff); -+ c[3] = (unsigned char)(counter & 0xff); -+ -+ if (!(EVP_MD_CTX_copy_ex(ctx, ctx_init) -+ && EVP_DigestUpdate(ctx, c, sizeof(c)) -+ && EVP_DigestUpdate(ctx, z, z_len) -+ && EVP_DigestUpdate(ctx, info, info_len))) -+ goto end; -+ if (len >= out_len) { -+ if (!EVP_DigestFinal_ex(ctx, out, NULL)) -+ goto end; -+ out += out_len; -+ len -= out_len; -+ if (len == 0) -+ break; -+ } else { -+ if (!EVP_DigestFinal_ex(ctx, mac, NULL)) -+ goto end; -+ memcpy(out, mac, len); -+ break; -+ } -+ } -+ ret = 1; -+end: -+ EVP_MD_CTX_destroy(ctx); -+ EVP_MD_CTX_destroy(ctx_init); -+ OPENSSL_cleanse(mac, sizeof(mac)); -+ return ret; -+} -+ -+static EVP_KDF_IMPL *sskdf_new(void) -+{ -+ EVP_KDF_IMPL *impl; -+ -+ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) -+ KDFerr(KDF_F_SSKDF_NEW, ERR_R_MALLOC_FAILURE); -+ return impl; -+} -+ -+static void sskdf_reset(EVP_KDF_IMPL *impl) -+{ -+ OPENSSL_clear_free(impl->secret, impl->secret_len); -+ OPENSSL_clear_free(impl->info, impl->info_len); -+ memset(impl, 0, sizeof(*impl)); -+} -+ -+static void sskdf_free(EVP_KDF_IMPL *impl) -+{ -+ sskdf_reset(impl); -+ OPENSSL_free(impl); -+} -+ -+static int sskdf_set_buffer(va_list args, unsigned char **out, size_t *out_len) -+{ -+ const unsigned char *p; -+ size_t len; -+ -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ OPENSSL_clear_free(*out, *out_len); -+ if (len == 0) { -+ *out = NULL; -+ *out_len = 0; -+ return 1; -+ } -+ -+ *out = OPENSSL_memdup(p, len); -+ if (*out == NULL) -+ return 0; -+ -+ *out_len = len; -+ return 1; -+} -+ -+static int sskdf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) -+{ -+ const EVP_MD *md; -+ -+ switch (cmd) { -+ case EVP_KDF_CTRL_SET_KEY: -+ return sskdf_set_buffer(args, &impl->secret, &impl->secret_len); -+ -+ case EVP_KDF_CTRL_SET_SSKDF_INFO: -+ return sskdf_set_buffer(args, &impl->info, &impl->info_len); -+ -+ case EVP_KDF_CTRL_SET_MD: -+ md = va_arg(args, const EVP_MD *); -+ if (md == NULL) -+ return 0; -+ -+ impl->md = md; -+ return 1; -+ -+ default: -+ return -2; -+ } -+} -+ -+static int sskdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, -+ const char *value) -+{ -+ if (strcmp(type, "secret") == 0 || strcmp(type, "key") == 0) -+ return kdf_str2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_KEY, -+ value); -+ -+ if (strcmp(type, "hexsecret") == 0 || strcmp(type, "hexkey") == 0) -+ return kdf_hex2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_KEY, -+ value); -+ -+ if (strcmp(type, "info") == 0) -+ return kdf_str2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_SSKDF_INFO, -+ value); -+ -+ if (strcmp(type, "hexinfo") == 0) -+ return kdf_hex2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_SSKDF_INFO, -+ value); -+ -+ if (strcmp(type, "digest") == 0) -+ return kdf_md2ctrl(impl, sskdf_ctrl, EVP_KDF_CTRL_SET_MD, value); -+ -+ return -2; -+} -+ -+static size_t sskdf_size(EVP_KDF_IMPL *impl) -+{ -+ int len; -+ -+ if (impl->md == NULL) { -+ KDFerr(KDF_F_SSKDF_SIZE, KDF_R_MISSING_MESSAGE_DIGEST); -+ return 0; -+ } -+ len = EVP_MD_size(impl->md); -+ return (len <= 0) ? 0 : (size_t)len; -+} -+ -+static int sskdf_derive(EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen) -+{ -+ if (impl->secret == NULL) { -+ KDFerr(KDF_F_SSKDF_DERIVE, KDF_R_MISSING_SECRET); -+ return 0; -+ } -+ -+ /* H(x) = hash */ -+ if (impl->md == NULL) { -+ KDFerr(KDF_F_SSKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); -+ return 0; -+ } -+ return SSKDF_hash_kdm(impl->md, impl->secret, impl->secret_len, -+ impl->info, impl->info_len, key, keylen); -+} -+ -+const EVP_KDF_METHOD ss_kdf_meth = { -+ EVP_KDF_SS, -+ sskdf_new, -+ sskdf_free, -+ sskdf_reset, -+ sskdf_ctrl, -+ sskdf_ctrl_str, -+ sskdf_size, -+ sskdf_derive -+}; -diff -up openssl-1.1.1d/crypto/objects/obj_dat.h.krb5-kdf openssl-1.1.1d/crypto/objects/obj_dat.h ---- openssl-1.1.1d/crypto/objects/obj_dat.h.krb5-kdf 2019-11-14 15:07:05.322094485 +0100 -+++ openssl-1.1.1d/crypto/objects/obj_dat.h 2019-11-14 15:07:05.345094076 +0100 -@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = { - 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ - }; - --#define NUM_NID 1196 -+#define NUM_NID 1199 - static const ASN1_OBJECT nid_objs[NUM_NID] = { - {"UNDEF", "undefined", NID_undef}, - {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, -@@ -2276,9 +2276,12 @@ static const ASN1_OBJECT nid_objs[NUM_NI - {"hmacWithSHA512-224", "hmacWithSHA512-224", NID_hmacWithSHA512_224, 8, &so[7745]}, - {"hmacWithSHA512-256", "hmacWithSHA512-256", NID_hmacWithSHA512_256, 8, &so[7753]}, - {"SSHKDF", "sshkdf", NID_sshkdf}, -+ {"KBKDF", "kbkdf", NID_kbkdf}, -+ {"KRB5KDF", "krb5kdf", NID_krb5kdf}, -+ {"SSKDF", "sskdf", NID_sskdf}, - }; - --#define NUM_SN 1187 -+#define NUM_SN 1190 - static const unsigned int sn_objs[NUM_SN] = { - 364, /* "AD_DVCS" */ - 419, /* "AES-128-CBC" */ -@@ -2442,7 +2445,9 @@ static const unsigned int sn_objs[NUM_SN - 183, /* "ISO-US" */ - 645, /* "ITU-T" */ - 646, /* "JOINT-ISO-ITU-T" */ -+ 1196, /* "KBKDF" */ - 773, /* "KISA" */ -+ 1197, /* "KRB5KDF" */ - 1063, /* "KxANY" */ - 1039, /* "KxDHE" */ - 1041, /* "KxDHE-PSK" */ -@@ -2557,6 +2562,7 @@ static const unsigned int sn_objs[NUM_SN - 100, /* "SN" */ - 1006, /* "SNILS" */ - 1195, /* "SSHKDF" */ -+ 1198, /* "SSKDF" */ - 16, /* "ST" */ - 143, /* "SXNetID" */ - 1062, /* "SipHash" */ -@@ -3469,7 +3475,7 @@ static const unsigned int sn_objs[NUM_SN - 1093, /* "x509ExtAdmission" */ - }; - --#define NUM_LN 1187 -+#define NUM_LN 1190 - static const unsigned int ln_objs[NUM_LN] = { - 363, /* "AD Time Stamping" */ - 405, /* "ANSI X9.62" */ -@@ -4262,8 +4268,10 @@ static const unsigned int ln_objs[NUM_LN - 957, /* "jurisdictionCountryName" */ - 955, /* "jurisdictionLocalityName" */ - 956, /* "jurisdictionStateOrProvinceName" */ -+ 1196, /* "kbkdf" */ - 150, /* "keyBag" */ - 773, /* "kisa" */ -+ 1197, /* "krb5kdf" */ - 1063, /* "kx-any" */ - 1039, /* "kx-dhe" */ - 1041, /* "kx-dhe-psk" */ -@@ -4612,6 +4620,7 @@ static const unsigned int ln_objs[NUM_LN - 1133, /* "sm4-ecb" */ - 1135, /* "sm4-ofb" */ - 1195, /* "sshkdf" */ -+ 1198, /* "sskdf" */ - 16, /* "stateOrProvinceName" */ - 660, /* "streetAddress" */ - 498, /* "subtreeMaximumQuality" */ -diff -up openssl-1.1.1d/crypto/objects/objects.txt.krb5-kdf openssl-1.1.1d/crypto/objects/objects.txt ---- openssl-1.1.1d/crypto/objects/objects.txt.krb5-kdf 2019-11-14 15:07:05.322094485 +0100 -+++ openssl-1.1.1d/crypto/objects/objects.txt 2019-11-14 15:07:05.345094076 +0100 -@@ -1603,6 +1603,15 @@ secg-scheme 14 3 : dhSinglePass-cofactor - # NID for SSHKDF - : SSHKDF : sshkdf - -+# NID for KBKDF -+ : KBKDF : kbkdf -+ -+# NID for KRB5KDF -+ : KRB5KDF : krb5kdf -+ -+# NID for SSKDF -+ : SSKDF : sskdf -+ - # RFC 4556 - 1 3 6 1 5 2 3 : id-pkinit - id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth -diff -up openssl-1.1.1d/crypto/objects/obj_mac.num.krb5-kdf openssl-1.1.1d/crypto/objects/obj_mac.num ---- openssl-1.1.1d/crypto/objects/obj_mac.num.krb5-kdf 2019-11-14 15:07:05.322094485 +0100 -+++ openssl-1.1.1d/crypto/objects/obj_mac.num 2019-11-14 15:07:05.346094058 +0100 -@@ -1193,3 +1193,6 @@ magma_mac 1192 - hmacWithSHA512_224 1193 - hmacWithSHA512_256 1194 - sshkdf 1195 -+kbkdf 1196 -+krb5kdf 1197 -+sskdf 1198 -diff -up openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.krb5-kdf openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod ---- openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.krb5-kdf 2019-11-14 15:07:05.314094628 +0100 -+++ openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod 2019-11-14 15:07:05.346094058 +0100 -@@ -140,7 +140,14 @@ The value string is expected to be a dec - This control expects one argument: C - - For MAC implementations that use a message digest as an underlying computation --algorithm, this control set what the digest algorithm should be. -+algorithm, this control sets what the digest algorithm should be. -+ -+=item B -+ -+This control expects one argument: C -+ -+For MAC implementations that use a cipher as an underlying computation -+algorithm, this control sets what the cipher algorithm should be. - - EVP_KDF_ctrl_str() type string: "md" - -diff -up openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod ---- openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100 -+++ openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod 2019-11-14 15:07:05.346094058 +0100 -@@ -0,0 +1,173 @@ -+=pod -+ -+=head1 NAME -+ -+EVP_KDF_KB - The Key-Based EVP_KDF implementation -+ -+=head1 DESCRIPTION -+ -+The EVP_KDF_KB algorithm implements the Key-Based key derivation function -+(KBKDF). KBKDF derives a key from repeated application of a keyed MAC to an -+input secret (and other optional values). -+ -+=head2 Numeric identity -+ -+B is the numeric identity for this implementation; it can be used with the -+EVP_KDF_CTX_new_id() function. -+ -+=head2 Supported controls -+ -+The supported controls are: -+ -+=over 4 -+ -+=item B -+ -+This control expects one argument: C -+ -+Sets the mode for the KBKDF operation. There are two supported modes: -+ -+=over 4 -+ -+=item B -+ -+The counter mode of KBKDF should be used. This is the default. -+ -+=item B -+ -+The feedback mode of KBKDF should be used. -+ -+=back -+ -+=item B -+ -+This control expects one argument: C -+ -+Sets the mac type for the KBKDF operation. There are two supported mac types: -+ -+=over 4 -+ -+=item B -+ -+The HMAC with the digest set by B should be used as the mac. -+ -+=item B -+ -+The CMAC with the cipher set by B should be used as the mac. -+ -+=back -+ -+=item B -+ -+=item B -+ -+=item B -+ -+=item B -+ -+These controls work as described in L. -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+It is used only in the feedback mode and the length must be the same -+as the block length of the cipher in CMAC or the size of the digest in HMAC. -+ -+=back -+ -+The controls B, B, -+B, and B -+correspond to KI, Label, Context, and IV (respectively) in SP800-108. -+As in that document, salt, info, and seed are optional and may be -+omitted. -+ -+Depending on whether mac is CMAC or HMAC, either digest or cipher is -+required (respectively) and the other is unused. -+ -+=head1 NOTES -+ -+A context for KBKDF can be obtained by calling: -+ -+ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB); -+ -+The output length of an KBKDF is specified via the C -+parameter to the L function. -+ -+Note that currently OpenSSL only implements counter and feedback modes. Other -+variants may be supported in the future. -+ -+=head1 EXAMPLES -+ -+This example derives 10 bytes using COUNTER-HMAC-SHA256, with KI "secret", -+Label "label", and Context "context". -+ -+ EVP_KDF_CTX *kctx; -+ unsigned char out[10]; -+ -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB); -+ -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", strlen("secret")); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "label", strlen("label")); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, "context", strlen("context")); -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) -+ error("EVP_KDF_derive"); -+ -+ EVP_KDF_CTX_free(kctx); -+ -+This example derives 10 bytes using FEEDBACK-CMAC-AES256, with KI "secret", -+Label "label", Context "context", and IV "sixteen bytes iv". -+ -+ EVP_KDF_CTX *kctx; -+ unsigned char out[10]; -+ unsigned char *iv = "sixteen bytes iv"; -+ -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB); -+ -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_aes_256_cbc()); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_CMAC); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MODE, EVP_KDF_KB_MODE_FEEDBACK); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", strlen("secret")); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "label", strlen("label")); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, "context", strlen("context")); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_SEED, iv, strlen(iv)); -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) -+ error("EVP_KDF_derive"); -+ -+ EVP_KDF_CTX_free(kctx); -+ -+=head1 CONFORMING TO -+ -+NIST SP800-108, IETF RFC 6803, IETF RFC 8009. -+ -+=head1 SEE ALSO -+ -+L, -+L, -+L, -+L, -+L, -+L, -+L -+ -+=head1 HISTORY -+ -+This functionality was added to OpenSSL 3.0. -+ -+=head1 COPYRIGHT -+ -+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. -+Copyright 2019 Red Hat, Inc. -+ -+Licensed under the Apache License 2.0 (the "License"). You may not use -+this file except in compliance with the License. You can obtain a copy -+in the file LICENSE in the source distribution or at -+L. -+ -+=cut -diff -up openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod ---- openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100 -+++ openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod 2019-11-14 15:07:05.346094058 +0100 -@@ -0,0 +1,107 @@ -+=pod -+ -+=head1 NAME -+ -+EVP_KDF_KRB5KDF - The RFC3961 Krb5 KDF EVP_KDF implementation -+ -+=head1 DESCRIPTION -+ -+Support for computing the B KDF through the B API. -+ -+The B algorithm implements the key derivation function defined -+in RFC 3961, section 5.1 and is used by Krb5 to derive session keys. -+Three inputs are required to perform key derivation: a cipher, (for example -+AES-128-CBC), the initial key, and a constant. -+ -+=head2 Numeric identity -+ -+B is the numeric identity for this implementation; it can be used with the -+EVP_KDF_CTX_new_id() function. -+ -+=head2 Supported controls -+ -+The supported controls are: -+ -+=over 4 -+ -+=item B -+ -+=item B -+ -+These controls work as described in L. -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+This control sets the I value for the KDF. -+If a value is already set, the contents are replaced. -+ -+=back -+ -+ -+=head1 NOTES -+ -+A context for KRB5KDF can be obtained by calling: -+ -+ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_KRB5KDF); -+ -+The output length of the KRB5KDF derivation is specified via the I -+parameter to the L function, and MUST match the key -+length for the chosen cipher or an error is returned. Moreover the -+I's length must not exceed the block size of the cipher. -+Since the KRB5KDF output length depends on the chosen cipher, calling -+L to obtain the requisite length returns the correct length -+only after the cipher is set. Prior to that B is returned. -+The caller must allocate a buffer of the correct length for the chosen -+cipher, and pass that buffer to the L function along -+with that length. -+ -+=head1 EXAMPLES -+ -+This example derives a key using the AES-128-CBC cipher: -+ -+ EVP_KDF_CTX *kctx; -+ unsigned char key[16] = "01234..."; -+ unsigned char constant[] = "I'm a constant"; -+ unsigned char out[16]; -+ size_t outlen = sizeof(out); -+ -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_KRB5KDF); -+ -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_aes_128_cbc()); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key, (size_t)16); -+ EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, constant, strlen(constant)); -+ if (EVP_KDF_derive(kctx, out, outlen) <= 0) -+ /* Error */ -+ EVP_KDF_CTX_free(kctx); -+ -+=head1 CONFORMING TO -+ -+RFC 3961 -+ -+=head1 SEE ALSO -+ -+L, -+L, -+L, -+L, -+L, -+L, -+L -+ -+=head1 HISTORY -+ -+This functionality was added to OpenSSL 3.0. -+ -+=head1 COPYRIGHT -+ -+Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. -+ -+Licensed under the OpenSSL license (the "License"). You may not use -+this file except in compliance with the License. You can obtain a copy -+in the file LICENSE in the source distribution or at -+L. -+ -+=cut -+ -diff -up openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod ---- openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100 -+++ openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod 2019-11-14 15:07:05.346094058 +0100 -@@ -0,0 +1,146 @@ -+=pod -+ -+=head1 NAME -+ -+EVP_KDF_SS - The Single Step / One Step EVP_KDF implementation -+ -+=head1 DESCRIPTION -+ -+The EVP_KDF_SS algorithm implements the Single Step key derivation function (SSKDF). -+SSKDF derives a key using input such as a shared secret key (that was generated -+during the execution of a key establishment scheme) and fixedinfo. -+SSKDF is also informally referred to as 'Concat KDF'. -+ -+=head2 Auxilary function -+ -+The implementation uses a selectable auxiliary function H, which can be in the -+backported version only a: -+ -+=over 4 -+ -+=item B -+ -+=back -+ -+=head2 Numeric identity -+ -+B is the numeric identity for this implementation; it -+can be used with the EVP_KDF_CTX_new_id() function. -+ -+=head2 Supported controls -+ -+The supported controls are: -+ -+=over 4 -+ -+=item B -+ -+This control works as described in L. -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+The shared secret used for key derivation. This control sets the secret. -+ -+EVP_KDF_ctrl_str() takes two type strings for this control: -+ -+=over 4 -+ -+=item "secret" -+ -+The value string is used as is. -+ -+=item "hexsecret" -+ -+The value string is expected to be a hexadecimal number, which will be -+decoded before being passed on as the control value. -+ -+=back -+ -+=item B -+ -+This control expects two arguments: C, C -+ -+An optional value for fixedinfo, also known as otherinfo. This control sets the fixedinfo. -+ -+EVP_KDF_ctrl_str() takes two type strings for this control: -+ -+=over 4 -+ -+=item "info" -+ -+The value string is used as is. -+ -+=item "hexinfo" -+ -+The value string is expected to be a hexadecimal number, which will be -+decoded before being passed on as the control value. -+ -+=back -+ -+=back -+ -+=head1 NOTES -+ -+A context for SSKDF can be obtained by calling: -+ -+EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); -+ -+The output length of an SSKDF is specified via the C -+parameter to the L function. -+ -+=head1 EXAMPLE -+ -+This example derives 10 bytes using H(x) = SHA-256, with the secret key "secret" -+and fixedinfo value "label": -+ -+ EVP_KDF_CTX *kctx; -+ unsigned char out[10]; -+ -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); -+ -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { -+ error("EVP_KDF_CTRL_SET_MD"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret", (size_t)6) <= 0) { -+ error("EVP_KDF_CTRL_SET_KEY"); -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, "label", (size_t)5) <= 0) { -+ error("EVP_KDF_CTRL_SET_SSKDF_INFO"); -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { -+ error("EVP_KDF_derive"); -+ } -+ -+ EVP_KDF_CTX_free(kctx); -+ -+=head1 CONFORMING TO -+ -+NIST SP800-56Cr1. -+ -+=head1 SEE ALSO -+ -+L, -+L, -+L, -+L, -+L, -+L, -+L -+ -+=head1 HISTORY -+ -+This functionality was added to OpenSSL 3.0.0. -+ -+=head1 COPYRIGHT -+ -+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. Copyright -+(c) 2019, Oracle and/or its affiliates. All rights reserved. -+ -+Licensed under the Apache License 2.0 (the "License"). You may not use -+this file except in compliance with the License. You can obtain a copy -+in the file LICENSE in the source distribution or at -+L. -+ -+=cut -diff -up openssl-1.1.1d/include/openssl/kdferr.h.krb5-kdf openssl-1.1.1d/include/openssl/kdferr.h ---- openssl-1.1.1d/include/openssl/kdferr.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100 -+++ openssl-1.1.1d/include/openssl/kdferr.h 2019-11-14 15:07:05.347094040 +0100 -@@ -24,6 +24,11 @@ int ERR_load_KDF_strings(void); - * KDF function codes. - */ - # define KDF_F_HKDF_EXTRACT 112 -+# define KDF_F_KBKDF_CTRL 134 -+# define KDF_F_KBKDF_CTRL_STR 135 -+# define KDF_F_KBKDF_DERIVE 136 -+# define KDF_F_KBKDF_NEW 137 -+# define KDF_F_KDF_CIPHER2CTRL 138 - # define KDF_F_KDF_HKDF_DERIVE 113 - # define KDF_F_KDF_HKDF_NEW 114 - # define KDF_F_KDF_HKDF_SIZE 115 -@@ -43,6 +48,8 @@ int ERR_load_KDF_strings(void); - # define KDF_F_KDF_TLS1_PRF_CTRL_STR 125 - # define KDF_F_KDF_TLS1_PRF_DERIVE 126 - # define KDF_F_KDF_TLS1_PRF_NEW 127 -+# define KDF_F_KRB5KDF 139 -+# define KDF_F_KRB5KDF_DERIVE 140 - # define KDF_F_PBKDF2_SET_MEMBUF 128 - # define KDF_F_PKEY_HKDF_CTRL_STR 103 - # define KDF_F_PKEY_HKDF_DERIVE 102 -@@ -56,12 +63,21 @@ int ERR_load_KDF_strings(void); - # define KDF_F_PKEY_TLS1_PRF_DERIVE 101 - # define KDF_F_PKEY_TLS1_PRF_INIT 110 - # define KDF_F_SCRYPT_SET_MEMBUF 129 -+# define KDF_F_SSKDF_DERIVE 141 -+# define KDF_F_SSKDF_NEW 142 -+# define KDF_F_SSKDF_SIZE 143 - # define KDF_F_TLS1_PRF_ALG 111 - - /* - * KDF reason codes. - */ -+# define KDF_R_FAILED_TO_GENERATE_KEY 118 -+# define KDF_R_INVALID_CIPHER 116 -+# define KDF_R_INVALID_CONSTANT_LENGTH 119 - # define KDF_R_INVALID_DIGEST 100 -+# define KDF_R_INVALID_SEED_LENGTH 117 -+# define KDF_R_MISSING_CIPHER 120 -+# define KDF_R_MISSING_CONSTANT 121 - # define KDF_R_MISSING_ITERATION_COUNT 109 - # define KDF_R_MISSING_KEY 104 - # define KDF_R_MISSING_MESSAGE_DIGEST 105 -@@ -76,6 +92,7 @@ int ERR_load_KDF_strings(void); - # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 - # define KDF_R_VALUE_ERROR 108 - # define KDF_R_VALUE_MISSING 102 -+# define KDF_R_WRONG_FINAL_BLOCK_LENGTH 122 - # define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112 - - #endif -diff -up openssl-1.1.1d/include/openssl/kdf.h.krb5-kdf openssl-1.1.1d/include/openssl/kdf.h ---- openssl-1.1.1d/include/openssl/kdf.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100 -+++ openssl-1.1.1d/include/openssl/kdf.h 2019-11-14 15:07:05.347094040 +0100 -@@ -21,6 +21,9 @@ extern "C" { - # define EVP_KDF_TLS1_PRF NID_tls1_prf - # define EVP_KDF_HKDF NID_hkdf - # define EVP_KDF_SSHKDF NID_sshkdf -+# define EVP_KDF_KB NID_kbkdf -+# define EVP_KDF_KRB5KDF NID_krb5kdf -+# define EVP_KDF_SS NID_sskdf - - EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); - void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); -@@ -51,6 +54,13 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, uns - # define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x10 /* unsigned char *, size_t */ - # define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x11 /* unsigned char *, size_t */ - # define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x12 /* int */ -+# define EVP_KDF_CTRL_SET_KB_MODE 0x13 /* int */ -+# define EVP_KDF_CTRL_SET_KB_MAC_TYPE 0x14 /* int */ -+# define EVP_KDF_CTRL_SET_CIPHER 0x15 /* EVP_CIPHER * */ -+# define EVP_KDF_CTRL_SET_KB_INFO 0x16 /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_SET_KB_SEED 0x17 /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT 0x18 /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_SET_SSKDF_INFO 0x19 /* unsigned char *, size_t */ - - # define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 - # define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 -@@ -63,6 +73,12 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, uns - #define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV 69 - #define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI 70 - -+#define EVP_KDF_KB_MODE_COUNTER 0 -+#define EVP_KDF_KB_MODE_FEEDBACK 1 -+ -+#define EVP_KDF_KB_MAC_TYPE_HMAC 0 -+#define EVP_KDF_KB_MAC_TYPE_CMAC 1 -+ - /**** The legacy PKEY-based KDF API follows. ****/ - - # define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL) -diff -up openssl-1.1.1d/include/openssl/obj_mac.h.krb5-kdf openssl-1.1.1d/include/openssl/obj_mac.h ---- openssl-1.1.1d/include/openssl/obj_mac.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100 -+++ openssl-1.1.1d/include/openssl/obj_mac.h 2019-11-14 15:07:05.347094040 +0100 -@@ -4974,6 +4974,18 @@ - #define LN_sshkdf "sshkdf" - #define NID_sshkdf 1203 - -+#define SN_kbkdf "KBKDF" -+#define LN_kbkdf "kbkdf" -+#define NID_kbkdf 1204 -+ -+#define SN_krb5kdf "KRB5KDF" -+#define LN_krb5kdf "krb5kdf" -+#define NID_krb5kdf 1205 -+ -+#define SN_sskdf "SSKDF" -+#define LN_sskdf "sskdf" -+#define NID_sskdf 1206 -+ - #define SN_id_pkinit "id-pkinit" - #define NID_id_pkinit 1031 - #define OBJ_id_pkinit 1L,3L,6L,1L,5L,2L,3L -diff -up openssl-1.1.1d/test/evp_kdf_test.c.krb5-kdf openssl-1.1.1d/test/evp_kdf_test.c ---- openssl-1.1.1d/test/evp_kdf_test.c.krb5-kdf 2019-11-14 15:07:05.315094610 +0100 -+++ openssl-1.1.1d/test/evp_kdf_test.c 2019-11-14 15:07:05.348094022 +0100 -@@ -225,13 +225,358 @@ err: - } - #endif - -+/* -+ * KBKDF test vectors from RFC 6803 (Camellia Encryption for Kerberos 5) -+ * section 10. -+ */ -+static int test_kdf_kbkdf_6803_128(void) -+{ -+ int ret = 0, i; -+ EVP_KDF_CTX *kctx; -+ static unsigned char input_key[] = { -+ 0x57, 0xD0, 0x29, 0x72, 0x98, 0xFF, 0xD9, 0xD3, -+ 0x5D, 0xE5, 0xA4, 0x7F, 0xB4, 0xBD, 0xE2, 0x4B, -+ }; -+ static unsigned char constants[][5] = { -+ { 0x00, 0x00, 0x00, 0x02, 0x99 }, -+ { 0x00, 0x00, 0x00, 0x02, 0xaa }, -+ { 0x00, 0x00, 0x00, 0x02, 0x55 }, -+ }; -+ static unsigned char outputs[][16] = { -+ {0xD1, 0x55, 0x77, 0x5A, 0x20, 0x9D, 0x05, 0xF0, -+ 0x2B, 0x38, 0xD4, 0x2A, 0x38, 0x9E, 0x5A, 0x56}, -+ {0x64, 0xDF, 0x83, 0xF8, 0x5A, 0x53, 0x2F, 0x17, -+ 0x57, 0x7D, 0x8C, 0x37, 0x03, 0x57, 0x96, 0xAB}, -+ {0x3E, 0x4F, 0xBD, 0xF3, 0x0F, 0xB8, 0x25, 0x9C, -+ 0x42, 0x5C, 0xB6, 0xC9, 0x6F, 0x1F, 0x46, 0x35} -+ }; -+ static unsigned char iv[16] = { 0 }; -+ unsigned char result[16] = { 0 }; -+ -+ for (i = 0; i < 3; i++) { -+ ret = 0; -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { -+ TEST_error("EVP_KDF_KB"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_CMAC) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MODE, EVP_KDF_KB_MODE_FEEDBACK) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KB_MODE"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_camellia_128_cbc()) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_CIPHER"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KEY"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, constants[i], sizeof(constants[i])) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SALT"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_SEED, iv, sizeof(iv)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KB_SEED"); -+ goto err; -+ } -+ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) -+ && TEST_mem_eq(result, sizeof(result), outputs[i], -+ sizeof(outputs[i])); -+err: -+ EVP_KDF_CTX_free(kctx); -+ if (ret != 1) -+ return ret; -+ } -+ return ret; -+} -+ -+static int test_kdf_kbkdf_6803_256(void) -+{ -+ int ret = 0, i; -+ EVP_KDF_CTX *kctx; -+ static unsigned char input_key[] = { -+ 0xB9, 0xD6, 0x82, 0x8B, 0x20, 0x56, 0xB7, 0xBE, -+ 0x65, 0x6D, 0x88, 0xA1, 0x23, 0xB1, 0xFA, 0xC6, -+ 0x82, 0x14, 0xAC, 0x2B, 0x72, 0x7E, 0xCF, 0x5F, -+ 0x69, 0xAF, 0xE0, 0xC4, 0xDF, 0x2A, 0x6D, 0x2C, -+ }; -+ static unsigned char constants[][5] = { -+ { 0x00, 0x00, 0x00, 0x02, 0x99 }, -+ { 0x00, 0x00, 0x00, 0x02, 0xaa }, -+ { 0x00, 0x00, 0x00, 0x02, 0x55 }, -+ }; -+ static unsigned char outputs[][32] = { -+ {0xE4, 0x67, 0xF9, 0xA9, 0x55, 0x2B, 0xC7, 0xD3, -+ 0x15, 0x5A, 0x62, 0x20, 0xAF, 0x9C, 0x19, 0x22, -+ 0x0E, 0xEE, 0xD4, 0xFF, 0x78, 0xB0, 0xD1, 0xE6, -+ 0xA1, 0x54, 0x49, 0x91, 0x46, 0x1A, 0x9E, 0x50, -+ }, -+ {0x41, 0x2A, 0xEF, 0xC3, 0x62, 0xA7, 0x28, 0x5F, -+ 0xC3, 0x96, 0x6C, 0x6A, 0x51, 0x81, 0xE7, 0x60, -+ 0x5A, 0xE6, 0x75, 0x23, 0x5B, 0x6D, 0x54, 0x9F, -+ 0xBF, 0xC9, 0xAB, 0x66, 0x30, 0xA4, 0xC6, 0x04, -+ }, -+ {0xFA, 0x62, 0x4F, 0xA0, 0xE5, 0x23, 0x99, 0x3F, -+ 0xA3, 0x88, 0xAE, 0xFD, 0xC6, 0x7E, 0x67, 0xEB, -+ 0xCD, 0x8C, 0x08, 0xE8, 0xA0, 0x24, 0x6B, 0x1D, -+ 0x73, 0xB0, 0xD1, 0xDD, 0x9F, 0xC5, 0x82, 0xB0, -+ }, -+ }; -+ static unsigned char iv[16] = { 0 }; -+ unsigned char result[32] = { 0 }; -+ -+ for (i = 0; i < 3; i++) { -+ ret = 0; -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { -+ TEST_error("EVP_KDF_KB"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_CMAC) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MODE, EVP_KDF_KB_MODE_FEEDBACK) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KB_MODE"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_camellia_256_cbc()) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_CIPHER"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KEY"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, constants[i], sizeof(constants[i])) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SALT"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_SEED, iv, sizeof(iv)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KB_SEED"); -+ goto err; -+ } -+ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) -+ && TEST_mem_eq(result, sizeof(result), outputs[i], -+ sizeof(outputs[i])); -+err: -+ EVP_KDF_CTX_free(kctx); -+ if (ret != 1) -+ return ret; -+ } -+ return ret; -+} -+ -+/* Two test vectors from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos -+ * 5) appendix A. */ -+static int test_kdf_kbkdf_8009_prf1(void) -+{ -+ int ret = 0; -+ EVP_KDF_CTX *kctx; -+ char *label = "prf", *prf_input = "test"; -+ static unsigned char input_key[] = { -+ 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28, -+ 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C, -+ }; -+ static unsigned char output[] = { -+ 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE, -+ 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86, -+ 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B, -+ 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95, -+ }; -+ unsigned char result[sizeof(output)] = { 0 }; -+ -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { -+ TEST_error("EVP_KDF_KB"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_MD"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KEY"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SALT"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KB_INFO"); -+ goto err; -+ } -+ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) -+ && TEST_mem_eq(result, sizeof(result), output, -+ sizeof(output)); -+err: -+ EVP_KDF_CTX_free(kctx); -+ return ret; -+} -+ -+static int test_kdf_kbkdf_8009_prf2(void) -+{ -+ int ret = 0; -+ EVP_KDF_CTX *kctx; -+ char *label = "prf", *prf_input = "test"; -+ static unsigned char input_key[] = { -+ 0x6D, 0x40, 0x4D, 0x37, 0xFA, 0xF7, 0x9F, 0x9D, -+ 0xF0, 0xD3, 0x35, 0x68, 0xD3, 0x20, 0x66, 0x98, -+ 0x00, 0xEB, 0x48, 0x36, 0x47, 0x2E, 0xA8, 0xA0, -+ 0x26, 0xD1, 0x6B, 0x71, 0x82, 0x46, 0x0C, 0x52, -+ }; -+ static unsigned char output[] = { -+ 0x98, 0x01, 0xF6, 0x9A, 0x36, 0x8C, 0x2B, 0xF6, -+ 0x75, 0xE5, 0x95, 0x21, 0xE1, 0x77, 0xD9, 0xA0, -+ 0x7F, 0x67, 0xEF, 0xE1, 0xCF, 0xDE, 0x8D, 0x3C, -+ 0x8D, 0x6F, 0x6A, 0x02, 0x56, 0xE3, 0xB1, 0x7D, -+ 0xB3, 0xC1, 0xB6, 0x2A, 0xD1, 0xB8, 0x55, 0x33, -+ 0x60, 0xD1, 0x73, 0x67, 0xEB, 0x15, 0x14, 0xD2, -+ }; -+ unsigned char result[sizeof(output)] = { 0 }; -+ -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) { -+ TEST_error("EVP_KDF_KB"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KB_MAC_TYPE"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha384()) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_MD"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KEY"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SALT"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KB_INFO"); -+ goto err; -+ } -+ ret = TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0) -+ && TEST_mem_eq(result, sizeof(result), output, -+ sizeof(output)); -+err: -+ EVP_KDF_CTX_free(kctx); -+ return ret; -+} -+ -+static int test_kdf_krb5kdf(void) -+{ -+ int ret = 0; -+ EVP_KDF_CTX *kctx; -+ unsigned char out[16]; -+ static unsigned char key[] = { -+ 0x42, 0x26, 0x3C, 0x6E, 0x89, 0xF4, 0xFC, 0x28, -+ 0xB8, 0xDF, 0x68, 0xEE, 0x09, 0x79, 0x9F, 0x15 -+ }; -+ static unsigned char constant[] = { -+ 0x00, 0x00, 0x00, 0x02, 0x99 -+ }; -+ static const unsigned char expected[sizeof(out)] = { -+ 0x34, 0x28, 0x0A, 0x38, 0x2B, 0xC9, 0x27, 0x69, -+ 0xB2, 0xDA, 0x2F, 0x9E, 0xF0, 0x66, 0x85, 0x4B -+ }; -+ -+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KRB5KDF)) == NULL) { -+ TEST_error("EVP_KDF_KRB5KDF"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CIPHER, EVP_aes_128_cbc()) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_CIPHER"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key, sizeof(key)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KEY"); -+ goto err; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT, constant, sizeof(constant)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KRB5KDF_CONSTANT"); -+ goto err; -+ } -+ -+ ret = -+ TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0) -+ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)); -+ -+err: -+ EVP_KDF_CTX_free(kctx); -+ return ret; -+} -+ -+static int test_kdf_ss_hash(void) -+{ -+ EVP_KDF_CTX *kctx; -+ const unsigned char z[] = { -+ 0x6d,0xbd,0xc2,0x3f,0x04,0x54,0x88,0xe4,0x06,0x27,0x57,0xb0,0x6b,0x9e, -+ 0xba,0xe1,0x83,0xfc,0x5a,0x59,0x46,0xd8,0x0d,0xb9,0x3f,0xec,0x6f,0x62, -+ 0xec,0x07,0xe3,0x72,0x7f,0x01,0x26,0xae,0xd1,0x2c,0xe4,0xb2,0x62,0xf4, -+ 0x7d,0x48,0xd5,0x42,0x87,0xf8,0x1d,0x47,0x4c,0x7c,0x3b,0x18,0x50,0xe9 -+ }; -+ const unsigned char other[] = { -+ 0xa1,0xb2,0xc3,0xd4,0xe5,0x43,0x41,0x56,0x53,0x69,0x64,0x3c,0x83,0x2e, -+ 0x98,0x49,0xdc,0xdb,0xa7,0x1e,0x9a,0x31,0x39,0xe6,0x06,0xe0,0x95,0xde, -+ 0x3c,0x26,0x4a,0x66,0xe9,0x8a,0x16,0x58,0x54,0xcd,0x07,0x98,0x9b,0x1e, -+ 0xe0,0xec,0x3f,0x8d,0xbe -+ }; -+ const unsigned char expected[] = { -+ 0xa4,0x62,0xde,0x16,0xa8,0x9d,0xe8,0x46,0x6e,0xf5,0x46,0x0b,0x47,0xb8 -+ }; -+ unsigned char out[14]; -+ -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS); -+ -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha224()) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_MD"); -+ return 0; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_KEY"); -+ return 0; -+ } -+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other, -+ sizeof(other)) <= 0) { -+ TEST_error("EVP_KDF_CTRL_SET_SSKDF_INFO"); -+ return 0; -+ } -+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { -+ TEST_error("EVP_KDF_derive"); -+ return 0; -+ } -+ -+ if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) -+ return 0; -+ -+ EVP_KDF_CTX_free(kctx); -+ return 1; -+} -+ - int setup_tests(void) - { -+ ADD_TEST(test_kdf_kbkdf_6803_128); -+ ADD_TEST(test_kdf_kbkdf_6803_256); -+ ADD_TEST(test_kdf_kbkdf_8009_prf1); -+ ADD_TEST(test_kdf_kbkdf_8009_prf2); - ADD_TEST(test_kdf_tls1_prf); - ADD_TEST(test_kdf_hkdf); - ADD_TEST(test_kdf_pbkdf2); - #ifndef OPENSSL_NO_SCRYPT - ADD_TEST(test_kdf_scrypt); - #endif -+ ADD_TEST(test_kdf_krb5kdf); -+ ADD_TEST(test_kdf_ss_hash); - return 1; - } -diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.krb5-kdf openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt ---- openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.krb5-kdf 2019-11-14 15:07:05.327094396 +0100 -+++ openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt 2019-11-14 15:07:05.349094005 +0100 -@@ -5286,3 +5286,559 @@ Ctrl.hexsession_id = hexsession_id:a4ebd - Ctrl.type = type:A - Output = FF - Result = KDF_MISMATCH -+ -+Title = KRB5KDF tests (from RFC 3961 test vectors and krb5 sources) -+ -+#RFC3961 -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92 -+Ctrl.hexconstant = hexconstant:0000000155 -+Output = 925179d04591a79b5d3192c4a7e9c289b049c71f6ee604cd -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:5e13d31c70ef765746578531cb51c15bf11ca82c97cee9f2 -+Ctrl.hexconstant = hexconstant:00000001aa -+Output = 9e58e5a146d9942a101c469845d67a20e3c4259ed913f207 -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:98e6fd8a04a4b6859b75a176540b9752bad3ecd610a252bc -+Ctrl.hexconstant = hexconstant:0000000155 -+Output = 13fef80d763e94ec6d13fd2ca1d085070249dad39808eabf -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:622aec25a2fe2cad7094680b7c64940280084c1a7cec92b5 -+Ctrl.hexconstant = hexconstant:00000001aa -+Output = f8dfbf04b097e6d9dc0702686bcb3489d91fd9a4516b703e -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:d3f8298ccb166438dcb9b93ee5a7629286a491f838f802fb -+Ctrl.hexconstant = hexconstant:6b65726265726f73 -+Output = 2370da575d2a3da864cebfdc5204d56df779a7df43d9da43 -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:c1081649ada74362e6a1459d01dfd30d67c2234c940704da -+Ctrl.hexconstant = hexconstant:0000000155 -+Output = 348057ec98fdc48016161c2a4c7a943e92ae492c989175f7 -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:5d154af238f46713155719d55e2f1f790dd661f279a7917c -+Ctrl.hexconstant = hexconstant:00000001aa -+Output = a8808ac267dada3dcbe9a7c84626fbc761c294b01315e5c1 -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:798562e049852f57dc8c343ba17f2ca1d97394efc8adc443 -+Ctrl.hexconstant = hexconstant:0000000155 -+Output = c813f88a3be3b334f75425ce9175fbe3c8493b89c8703b49 -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:26dce334b545292f2feab9a8701a89a4b99eb9942cecd016 -+Ctrl.hexconstant = hexconstant:00000001aa -+Output = f48ffd6e83f83e7354e694fd252cf83bfe58f7d5ba37ec5d -+ -+#Krb5 sources -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E -+Ctrl.hexconstant = hexconstant:0000000299 -+Output = F78C496D16E6C2DAE0E0B6C24057A84C0426AEEF26FD6DCE -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E -+Ctrl.hexconstant = hexconstant:00000002AA -+Output = 5B5723D0B634CB684C3EBA5264E9A70D52E683231AD3C4CE -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E -+Ctrl.hexconstant = hexconstant:0000000255 -+Output = A77C94980E9B7345A81525C423A737CE67F4CD91B6B3DA45 -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:AES-128-CBC -+Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15 -+Ctrl.hexconstant = hexconstant:0000000299 -+Output = 34280A382BC92769B2DA2F9EF066854B -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:AES-128-CBC -+Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15 -+Ctrl.hexconstant = hexconstant:00000002AA -+Output = 5B14FC4E250E14DDF9DCCF1AF6674F53 -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:AES-128-CBC -+Ctrl.hexkey = hexkey:42263C6E89F4FC28B8DF68EE09799F15 -+Ctrl.hexconstant = hexconstant:0000000255 -+Output = 4ED31063621684F09AE8D89991AF3E8F -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:AES-256-CBC -+Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161 -+Ctrl.hexconstant = hexconstant:0000000299 -+Output = BFAB388BDCB238E9F9C98D6A878304F04D30C82556375AC507A7A852790F4674 -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:AES-256-CBC -+Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161 -+Ctrl.hexconstant = hexconstant:00000002AA -+Output = C7CFD9CD75FE793A586A542D87E0D1396F1134A104BB1A9190B8C90ADA3DDF37 -+ -+KDF = KRB5KDF -+Ctrl.cipher = cipher:AES-256-CBC -+Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161 -+Ctrl.hexconstant = hexconstant:0000000255 -+Output = 97151B4C76945063E2EB0529DC067D97D7BBA90776D8126D91F34F3101AEA8BA -+ -+#Same as the first but with no "fixup" -+KDF = KRB5KDF -+Ctrl.cipher = cipher:DES-EDE3-CBC -+Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92 -+Ctrl.hexconstant = hexconstant:0000000155 -+Output = 935079d14490a75c3093c4a6e8c3b049c71e6ee705 -+ -+#There are currently no official test vectors for Single Step KDF -+#https://github.com/patrickfav/singlestep-kdf/wiki/NIST-SP-800-56C-Rev1:-Non-Official-Test-Vectors -+Title = Single Step KDF tests -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:d09a6b1a472f930db4f5e6b967900744 -+Ctrl.hexinfo = hexinfo:b117255ab5f1b6b96fc434b0 -+Output = b5a3c52e97ae6e8c5069954354eab3c7 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:343666c0dd34b756e70f759f14c304f5 -+Ctrl.hexinfo = hexinfo:722b28448d7eab85491bce09 -+Output = 1003b650ddd3f0891a15166db5ec881d -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:b84acf03ab08652dd7f82fa956933261 -+Ctrl.hexinfo = hexinfo:3d8773ec068c86053a918565 -+Output = 1635dcd1ce698f736831b4badb68ab2b -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:8cc24ca3f1d1a8b34783780b79890430 -+Ctrl.hexinfo = hexinfo:f08d4f2d9a8e6d7105c0bc16 -+Output = b8e716fb84a420aed4812cd76d9700ee -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:b616905a6f7562cd2689142ce21e42a3 -+Ctrl.hexinfo = hexinfo:ead310159a909da87e7b4b40 -+Output = 1b9201358c50fe5d5d42907c4a9fce78 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:3f57fd3fd56199b3eb33890f7ee28180 -+Ctrl.hexinfo = hexinfo:7a5056ba4fdb034c7cb6c4fe -+Output = e51ebd30a8c4b8449b0fb29d9adc11af -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:fb9fb108d104e9f662d6593fc84cde69 -+Ctrl.hexinfo = hexinfo:5faf29211c1bdbf1b2696a7c -+Output = 7a3a7e670656e48c390cdd7c51e167e0 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:237a39981794f4516dccffc3dda28396 -+Ctrl.hexinfo = hexinfo:62ed9528d104c241e0f66275 -+Output = 0c26fc9e90e1c5c5f943428301682045 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:b9b6c45f7279218fa09894e06366a3a1 -+Ctrl.hexinfo = hexinfo:0f384339670aaed4b89ecb7e -+Output = ee5fad414e32fad5d52a2bf61a7f6c72 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:08b7140e2cd0a4abd79171e4d5a71cad -+Ctrl.hexinfo = hexinfo:099211f0d8a2e02dbb5958c0 -+Output = 6162f5142e057efafd2c4f2bad5985a1 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a2 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f4853 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493d -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759a -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac704 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbe -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf1050 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f3 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8b -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f22 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f227688 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abf -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d480d -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:ebe28edbae5a410b87a479243db3f690 -+Ctrl.hexinfo = hexinfo:e60dd8b28228ce5b9be74d3b -+Output = b4a23963e07f485382cb358a493daec1759ac7043dbeac37152c6ddf105031f0f239f270b7f30616166f10e5d2b4cb11ba8bf4ba3f2276885abfbc3e811a568d480d9192 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:d7e6 -+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff -+Output = 31e798e9931b612a3ad1b9b1008faa8c -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:4646779d -+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff -+Output = 139f68bcca879b490e268e569087d04d -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:d9811c81d4c6 -+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff -+Output = 914dc4f09cb633a76e6c389e04c64485 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:8838f9d99ec46f09 -+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff -+Output = 4f07dfb6f7a5bf348689e08b2e29c948 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:3e0939b33f34e779f30e -+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff -+Output = b42c7a98c23be19d1187ff960e87557f -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:f36230cacca4d245d303058c -+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff -+Output = 50f2068d8010d355d56c5e34aaffbc67 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:7005d32c3d4284c73c3aefc70438 -+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff -+Output = 66fd712ccf5462bbd41e89041ea7ea26 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:c01c83150b7734f8dbd6efd6f54d7365 -+Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff -+Output = 5c5edb0ceda9cd0c7f1f3d9e239c67d5 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 -+Ctrl.hexinfo = hexinfo:9949 -+Output = 33c83f54ed00fb1bccd2113e88550941 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 -+Ctrl.hexinfo = hexinfo:17144da6 -+Output = a999c28961424cab35ec06015e8c376a -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 -+Ctrl.hexinfo = hexinfo:dffdee1062eb -+Output = 4101ad50e626ed6f957bff926dfbb7db -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 -+Ctrl.hexinfo = hexinfo:9f365043e23b4648 -+Output = 4d3e4b971b88771f229df9f564984832 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 -+Ctrl.hexinfo = hexinfo:a885a0c4567ddc4f96da -+Output = bebbc30f5a83df5e9c9b57db33c0c879 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 -+Ctrl.hexinfo = hexinfo:c9d86183295bfe4c3d85f0fd -+Output = 87c947e45407db63eb94cbaa02d14e94 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 -+Ctrl.hexinfo = hexinfo:825fadce46964236a486732c5dad -+Output = 192370a85ff78e3c0245129d9b398558 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:da69f1dbbebc837480af692e7e9ee6b9 -+Ctrl.hexinfo = hexinfo:5c0b5eb3ac9f342347d73d7a521723aa -+Output = c7b7634fd809383e87c4b1b3e728be56 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:8d7a4e7d5cf34b3f74873b862aeb33b7 -+Output = 6a5594f402f74f69 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:9b208e7ee1e641fac1dff48fc1beb2d2 -+Output = 556ed67e24ac0c7c46cc432da8bdb23c -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:4d2572539fed433211da28c8a0eebac3 -+Output = 5a4054c59c5b92814025578f43c1b79fe84968fc284e240b -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:4e1e70c9886819a31bc29a537911add9 -+Output = ddbfc440449aab4131c6d8aec08ce1496f2702241d0e27cc155c5c7c3cda75b5 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:68f144c952528e540c686dc353b766f2 -+Output = 59ed66bb6f54a9688a0b891d0b2ea6743621d9e1b5cc098cf3a55e6f864f9af8a95e4d945d2f987f -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:b66c9d507c9f837fbe60b6675fdbf38b -+Output = c282787ddf421a72fc88811be81b08d0d6ab66c92d1011974aa58335a6bbbd62e9e982bfae5929865ea1d517247089d2 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:34e730b49e46c7ed2fb25975a4cccd2d -+Output = 39e76e6571cb00740260b9070accbdcc4a492c295cbef33d9e37dac21e5e9d07e0f12dc7063d2172641475d4e08b8e3712fb26a10c8376b8 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:e340d87e2d7adbc1b95ec2dbdc3b82be -+Output = a660c0037a53f76f1e7667043f5869348ad07ac0e272e615ce31f16d4ab90d4b35fe5c370c0010ce79aff45682c6fb8b97f9a05b7d40b5af3c62999a10df9c6d -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA256 -+Ctrl.hexsecret = hexsecret:afc4e154498d4770aa8365f6903dc83b -+Ctrl.hexinfo = hexinfo:662af20379b29d5ef813e655 -+Output = f0b80d6ae4c1e19e2105a37024e35dc6 -+ -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA512 -+Ctrl.hexsecret = hexsecret:108cf63318555c787fa578731dd4f037 -+Ctrl.hexinfo = hexinfo:53191b1dd3f94d83084d61d6 -+Output = 0ad475c1826da3007637970c8b92b993 -+ -+Title = SSKDF Test vectors from RFC 8636 Section 8 (With precoumputed ASN.1 info) -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA1 -+Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -+Ctrl.hexinfo = hexinfo:307e300a06082b06010502030601a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020112a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb -+Output = e6ab38c9413e035bb079201ed0b6b73d8d49a814a737c04ee6649614206f73ad -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA256 -+Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -+Ctrl.hexinfo = hexinfo:307e300a06082b06010502030602a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020112a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb -+Output = 77ef4e48c420ae3fec75109d7981697eed5d295c90c62564f7bfd101fa9bc1d5 -+ -+KDF = SSKDF -+Ctrl.digest = digest:SHA512 -+Ctrl.hexsecret = hexsecret:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -+Ctrl.hexinfo = hexinfo:307e300a06082b06010502030603a01f041d301ba0071b0553552e5345a110300ea003020101a10730051b036c6861a12904273025a0071b0553552e5345a11a3018a003020101a111300f1b066b72627467741b0553552e5345a22404223020a003020110a10c040aaaaaaaaaaaaaaaaaaaaaa20b0409bbbbbbbbbbbbbbbbbb -+Output = d3c78b78d75313e9a926f75dfb012363fa17fa01db diff --git a/openssl-1.1.1-man-rename.patch b/openssl-1.1.1-man-rename.patch deleted file mode 100644 index 4e504b4..0000000 --- a/openssl-1.1.1-man-rename.patch +++ /dev/null @@ -1,19 +0,0 @@ -diff -up openssl-1.1.1-pre9/doc/man1/openssl.pod.man-rename openssl-1.1.1-pre9/doc/man1/openssl.pod ---- openssl-1.1.1-pre9/doc/man1/openssl.pod.man-rename 2018-08-21 14:14:13.000000000 +0200 -+++ openssl-1.1.1-pre9/doc/man1/openssl.pod 2018-08-22 12:13:04.092568064 +0200 -@@ -482,13 +482,13 @@ L, L, L - L, L, - L, L, L, L, L, - L, L, L, --L, - L, L, L, - L, L, L, L, --L, L, L, L, -+L, L, L, - L, L, - L, L, L, - L, L, L, L, L, -+L, L, - L, - L, L, L, - L, L, L diff --git a/openssl-1.1.1-no-brainpool.patch b/openssl-1.1.1-no-brainpool.patch deleted file mode 100644 index 90c87a8..0000000 --- a/openssl-1.1.1-no-brainpool.patch +++ /dev/null @@ -1,112 +0,0 @@ -diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in ---- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in 2019-09-13 15:11:07.358687169 +0200 -@@ -147,22 +147,22 @@ our @tests = ( - { - name => "ECDSA with brainpool", - server => { -- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), -- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), -- "Groups" => "brainpoolP256r1", -+ "Certificate" => test_pem("server-ecdsa-cert.pem"), -+ "PrivateKey" => test_pem("server-ecdsa-key.pem"), -+# "Groups" => "brainpoolP256r1", - }, - client => { - #We don't restrict this to TLSv1.2, although use of brainpool - #should force this anyway so that this should succeed - "CipherString" => "aECDSA", - "RequestCAFile" => test_pem("root-cert.pem"), -- "Groups" => "brainpoolP256r1", -+# "Groups" => "brainpoolP256r1", - }, - test => { -- "ExpectedServerCertType" =>, "brainpoolP256r1", -- "ExpectedServerSignType" =>, "EC", -+# "ExpectedServerCertType" =>, "brainpoolP256r1", -+# "ExpectedServerSignType" =>, "EC", - # Note: certificate_authorities not sent for TLS < 1.3 -- "ExpectedServerCANames" =>, "empty", -+# "ExpectedServerCANames" =>, "empty", - "ExpectedResult" => "Success" - }, - }, -@@ -853,18 +853,18 @@ my @tests_tls_1_3 = ( - { - name => "TLS 1.3 ECDSA with brainpool", - server => { -- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), -- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), -- "Groups" => "brainpoolP256r1", -+ "Certificate" => test_pem("server-ecdsa-cert.pem"), -+ "PrivateKey" => test_pem("server-ecdsa-key.pem"), -+# "Groups" => "brainpoolP256r1", - }, - client => { - "RequestCAFile" => test_pem("root-cert.pem"), -- "Groups" => "brainpoolP256r1", -+# "Groups" => "brainpoolP256r1", - "MinProtocol" => "TLSv1.3", - "MaxProtocol" => "TLSv1.3" - }, - test => { -- "ExpectedResult" => "ServerFail" -+ "ExpectedResult" => "Success" - }, - }, - ); -diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf ---- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf 2019-09-13 15:12:27.380288469 +0200 -@@ -238,23 +238,18 @@ server = 5-ECDSA with brainpool-server - client = 5-ECDSA with brainpool-client - - [5-ECDSA with brainpool-server] --Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem -+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem - CipherString = DEFAULT --Groups = brainpoolP256r1 --PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem -+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem - - [5-ECDSA with brainpool-client] - CipherString = aECDSA --Groups = brainpoolP256r1 - RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem - VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem - VerifyMode = Peer - - [test-5] - ExpectedResult = Success --ExpectedServerCANames = empty --ExpectedServerCertType = brainpoolP256r1 --ExpectedServerSignType = EC - - - # =========================================================== -@@ -1713,14 +1708,12 @@ server = 52-TLS 1.3 ECDSA with brainpool - client = 52-TLS 1.3 ECDSA with brainpool-client - - [52-TLS 1.3 ECDSA with brainpool-server] --Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem -+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem - CipherString = DEFAULT --Groups = brainpoolP256r1 --PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem -+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem - - [52-TLS 1.3 ECDSA with brainpool-client] - CipherString = DEFAULT --Groups = brainpoolP256r1 - MaxProtocol = TLSv1.3 - MinProtocol = TLSv1.3 - RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem -@@ -1728,7 +1721,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro - VerifyMode = Peer - - [test-52] --ExpectedResult = ServerFail -+ExpectedResult = Success - - - # =========================================================== diff --git a/openssl-1.1.1-no-html.patch b/openssl-1.1.1-no-html.patch deleted file mode 100644 index d0e335e..0000000 --- a/openssl-1.1.1-no-html.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html openssl-1.1.1f/Configurations/unix-Makefile.tmpl ---- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html 2020-04-07 16:45:21.904083989 +0200 -+++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-04-07 16:45:56.218461895 +0200 -@@ -544,7 +544,7 @@ install_sw: install_dev install_engines - - uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev - --install_docs: install_man_docs install_html_docs -+install_docs: install_man_docs - - uninstall_docs: uninstall_man_docs uninstall_html_docs - $(RM) -r "$(DESTDIR)$(DOCDIR)" diff --git a/openssl-1.1.1-no-weak-verify.patch b/openssl-1.1.1-no-weak-verify.patch deleted file mode 100644 index 5756c68..0000000 --- a/openssl-1.1.1-no-weak-verify.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -up openssl-1.1.1b/crypto/asn1/a_verify.c.no-weak-verify openssl-1.1.1b/crypto/asn1/a_verify.c ---- openssl-1.1.1b/crypto/asn1/a_verify.c.no-weak-verify 2019-02-26 15:15:30.000000000 +0100 -+++ openssl-1.1.1b/crypto/asn1/a_verify.c 2019-02-28 11:25:31.531862873 +0100 -@@ -7,6 +7,9 @@ - * https://www.openssl.org/source/license.html - */ - -+/* for secure_getenv */ -+#define _GNU_SOURCE -+ - #include - #include - #include -@@ -130,6 +133,12 @@ int ASN1_item_verify(const ASN1_ITEM *it - if (ret != 2) - goto err; - ret = -1; -+ } else if ((mdnid == NID_md5 -+ && secure_getenv("OPENSSL_ENABLE_MD5_VERIFY") == NULL) || -+ mdnid == NID_md4 || mdnid == NID_md2 || mdnid == NID_sha) { -+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, -+ ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); -+ goto err; - } else { - const EVP_MD *type = EVP_get_digestbynid(mdnid); - diff --git a/openssl-1.1.1-rewire-fips-drbg.patch b/openssl-1.1.1-rewire-fips-drbg.patch deleted file mode 100644 index 4d04d37..0000000 --- a/openssl-1.1.1-rewire-fips-drbg.patch +++ /dev/null @@ -1,170 +0,0 @@ -diff -up openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_lib.c ---- openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200 -+++ openssl-1.1.1g/crypto/fips/fips_drbg_lib.c 2020-06-22 13:32:47.675852917 +0200 -@@ -337,6 +337,19 @@ static int drbg_reseed(DRBG_CTX *dctx, - int FIPS_drbg_reseed(DRBG_CTX *dctx, - const unsigned char *adin, size_t adinlen) - { -+ int len = (int)adinlen; -+ -+ if (len < 0 || (size_t)len != adinlen) { -+ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG); -+ return 0; -+ } -+ RAND_seed(adin, len); -+ return 1; -+} -+ -+int FIPS_drbg_reseed_internal(DRBG_CTX *dctx, -+ const unsigned char *adin, size_t adinlen) -+{ - return drbg_reseed(dctx, adin, adinlen, 1); - } - -@@ -358,6 +371,19 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, u - int prediction_resistance, - const unsigned char *adin, size_t adinlen) - { -+ int len = (int)outlen; -+ -+ if (len < 0 || (size_t)len != outlen) { -+ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG); -+ return 0; -+ } -+ return RAND_bytes(out, len); -+} -+ -+int FIPS_drbg_generate_internal(DRBG_CTX *dctx, unsigned char *out, size_t outlen, -+ int prediction_resistance, -+ const unsigned char *adin, size_t adinlen) -+{ - int r = 0; - - if (FIPS_selftest_failed()) { -diff -up openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_rand.c ---- openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200 -+++ openssl-1.1.1g/crypto/fips/fips_drbg_rand.c 2020-06-22 13:32:47.675852917 +0200 -@@ -57,6 +57,8 @@ - #include - #include - #include -+#define FIPS_DRBG_generate FIPS_DRBG_generate_internal -+#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal - #include - #include "fips_rand_lcl.h" - -diff -up openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c ---- openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg 2020-06-22 13:32:47.612852927 +0200 -+++ openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c 2020-06-22 13:32:47.675852917 +0200 -@@ -55,6 +55,8 @@ - #include - #include - #include -+#define FIPS_DRBG_generate FIPS_DRBG_generate_internal -+#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal - #include - #include "fips_rand_lcl.h" - #include "fips_locl.h" -diff -up openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_post.c ---- openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200 -+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-22 13:32:47.675852917 +0200 -@@ -79,8 +79,6 @@ int FIPS_selftest(void) - ERR_add_error_data(2, "Type=", "rand_drbg_selftest"); - rv = 0; - } -- if (!FIPS_selftest_drbg()) -- rv = 0; - if (!FIPS_selftest_sha1()) - rv = 0; - if (!FIPS_selftest_sha2()) -diff -up openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_rand_lib.c ---- openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.613852927 +0200 -+++ openssl-1.1.1g/crypto/fips/fips_rand_lib.c 2020-06-22 13:36:28.722817967 +0200 -@@ -120,6 +120,7 @@ void FIPS_rand_reset(void) - - int FIPS_rand_seed(const void *buf, int num) - { -+#if 0 - if (!fips_approved_rand_meth && FIPS_module_mode()) { - FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD); - return 0; -@@ -127,10 +128,15 @@ int FIPS_rand_seed(const void *buf, int - if (fips_rand_meth && fips_rand_meth->seed) - fips_rand_meth->seed(buf, num); - return 1; -+#else -+ RAND_seed(buf, num); -+ return 1; -+#endif - } - - int FIPS_rand_bytes(unsigned char *buf, int num) - { -+#if 0 - if (!fips_approved_rand_meth && FIPS_module_mode()) { - FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD); - return 0; -@@ -138,10 +144,14 @@ int FIPS_rand_bytes(unsigned char *buf, - if (fips_rand_meth && fips_rand_meth->bytes) - return fips_rand_meth->bytes(buf, num); - return 0; -+#else -+ return RAND_bytes(buf, num); -+#endif - } - - int FIPS_rand_status(void) - { -+#if 0 - if (!fips_approved_rand_meth && FIPS_module_mode()) { - FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD); - return 0; -@@ -149,6 +159,9 @@ int FIPS_rand_status(void) - if (fips_rand_meth && fips_rand_meth->status) - return fips_rand_meth->status(); - return 0; -+#else -+ return RAND_status(); -+#endif - } - - /* Return instantiated strength of PRNG. For DRBG this is an internal -diff -up openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips.h ---- openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200 -+++ openssl-1.1.1g/include/openssl/fips.h 2020-06-22 13:32:47.675852917 +0200 -@@ -64,6 +64,11 @@ extern "C" { - - int FIPS_selftest(void); - int FIPS_selftest_failed(void); -+ -+ /* -+ * This function is deprecated as it performs selftest of the old FIPS drbg -+ * implementation that is not validated. -+ */ - int FIPS_selftest_drbg_all(void); - - int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, -diff -up openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips_rand.h ---- openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg 2020-06-22 13:32:47.617852926 +0200 -+++ openssl-1.1.1g/include/openssl/fips_rand.h 2020-06-22 13:32:47.675852917 +0200 -@@ -60,6 +60,20 @@ - # ifdef __cplusplus - extern "C" { - # endif -+ -+/* -+ * IMPORTANT NOTE: -+ * All functions in this header file are deprecated and should not be used -+ * as they use the old FIPS_drbg implementation that is not FIPS validated -+ * anymore. -+ * To provide backwards compatibility for applications that need FIPS compliant -+ * RNG number generation and use FIPS_drbg_generate, this function was -+ * re-wired to call the FIPS validated DRBG instance instead through -+ * the RAND_bytes() call. -+ * -+ * All these functions will be removed in future. -+ */ -+ - typedef struct drbg_ctx_st DRBG_CTX; - /* DRBG external flags */ - /* Flag for CTR mode only: use derivation function ctr_df */ diff --git a/openssl-1.1.1-s390x-ecc.patch b/openssl-1.1.1-s390x-ecc.patch deleted file mode 100644 index 6b5963f..0000000 --- a/openssl-1.1.1-s390x-ecc.patch +++ /dev/null @@ -1,2306 +0,0 @@ -diff -up openssl-1.1.1g/Configurations/00-base-templates.conf.s390x-ecc openssl-1.1.1g/Configurations/00-base-templates.conf ---- openssl-1.1.1g/Configurations/00-base-templates.conf.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/Configurations/00-base-templates.conf 2020-05-18 12:45:40.855234262 +0200 -@@ -289,6 +289,7 @@ my %targets=( - template => 1, - cpuid_asm_src => "s390xcap.c s390xcpuid.S", - bn_asm_src => "asm/s390x.S s390x-mont.S s390x-gf2m.s", -+ ec_asm_src => "ecp_s390x_nistp.c", - aes_asm_src => "aes-s390x.S aes-ctr.fake aes-xts.fake", - sha1_asm_src => "sha1-s390x.S sha256-s390x.S sha512-s390x.S", - rc4_asm_src => "rc4-s390x.s", -diff -up openssl-1.1.1g/Configure.s390x-ecc openssl-1.1.1g/Configure ---- openssl-1.1.1g/Configure.s390x-ecc 2020-05-18 12:45:40.781233618 +0200 -+++ openssl-1.1.1g/Configure 2020-05-18 12:45:40.856234270 +0200 -@@ -1398,6 +1398,9 @@ unless ($disabled{asm}) { - if ($target{ec_asm_src} =~ /ecp_nistz256/) { - push @{$config{lib_defines}}, "ECP_NISTZ256_ASM"; - } -+ if ($target{ec_asm_src} =~ /ecp_s390x_nistp/) { -+ push @{$config{lib_defines}}, "S390X_EC_ASM"; -+ } - if ($target{ec_asm_src} =~ /x25519/) { - push @{$config{lib_defines}}, "X25519_ASM"; - } -diff -up openssl-1.1.1g/crypto/cmac/cm_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/cmac/cm_pmeth.c ---- openssl-1.1.1g/crypto/cmac/cm_pmeth.c.s390x-ecc 2020-05-18 12:45:40.782233627 +0200 -+++ openssl-1.1.1g/crypto/cmac/cm_pmeth.c 2020-05-18 12:45:42.661249957 +0200 -@@ -159,3 +159,8 @@ const EVP_PKEY_METHOD cmac_pkey_meth = { - pkey_cmac_ctrl, - pkey_cmac_ctrl_str - }; -+ -+const EVP_PKEY_METHOD *cmac_pkey_method(void) -+{ -+ return &cmac_pkey_meth; -+} -diff -up openssl-1.1.1g/crypto/dh/dh_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/dh/dh_pmeth.c ---- openssl-1.1.1g/crypto/dh/dh_pmeth.c.s390x-ecc 2020-05-18 12:45:40.782233627 +0200 -+++ openssl-1.1.1g/crypto/dh/dh_pmeth.c 2020-05-18 12:45:42.661249957 +0200 -@@ -512,6 +512,11 @@ const EVP_PKEY_METHOD dh_pkey_meth = { - pkey_dh_ctrl_str - }; - -+const EVP_PKEY_METHOD *dh_pkey_method(void) -+{ -+ return &dh_pkey_meth; -+} -+ - const EVP_PKEY_METHOD dhx_pkey_meth = { - EVP_PKEY_DHX, - EVP_PKEY_FLAG_FIPS, -@@ -545,3 +550,8 @@ const EVP_PKEY_METHOD dhx_pkey_meth = { - pkey_dh_ctrl, - pkey_dh_ctrl_str - }; -+ -+const EVP_PKEY_METHOD *dhx_pkey_method(void) -+{ -+ return &dhx_pkey_meth; -+} -diff -up openssl-1.1.1g/crypto/dsa/dsa_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/dsa/dsa_pmeth.c ---- openssl-1.1.1g/crypto/dsa/dsa_pmeth.c.s390x-ecc 2020-05-18 12:45:40.783233636 +0200 -+++ openssl-1.1.1g/crypto/dsa/dsa_pmeth.c 2020-05-18 12:45:42.662249966 +0200 -@@ -271,3 +271,8 @@ const EVP_PKEY_METHOD dsa_pkey_meth = { - pkey_dsa_ctrl, - pkey_dsa_ctrl_str - }; -+ -+const EVP_PKEY_METHOD *dsa_pkey_method(void) -+{ -+ return &dsa_pkey_meth; -+} -diff -up openssl-1.1.1g/crypto/ec/build.info.s390x-ecc openssl-1.1.1g/crypto/ec/build.info ---- openssl-1.1.1g/crypto/ec/build.info.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/ec/build.info 2020-05-18 12:45:42.662249966 +0200 -@@ -26,6 +26,9 @@ GENERATE[ecp_nistz256-armv8.S]=asm/ecp_n - INCLUDE[ecp_nistz256-armv8.o]=.. - GENERATE[ecp_nistz256-ppc64.s]=asm/ecp_nistz256-ppc64.pl $(PERLASM_SCHEME) - -+INCLUDE[ecp_s390x_nistp.o]=.. -+INCLUDE[ecx_meth.o]=.. -+ - GENERATE[x25519-x86_64.s]=asm/x25519-x86_64.pl $(PERLASM_SCHEME) - GENERATE[x25519-ppc64.s]=asm/x25519-ppc64.pl $(PERLASM_SCHEME) - -diff -up openssl-1.1.1g/crypto/ec/ec_curve.c.s390x-ecc openssl-1.1.1g/crypto/ec/ec_curve.c ---- openssl-1.1.1g/crypto/ec/ec_curve.c.s390x-ecc 2020-05-18 12:45:40.753233375 +0200 -+++ openssl-1.1.1g/crypto/ec/ec_curve.c 2020-05-18 12:45:42.663249975 +0200 -@@ -255,20 +255,29 @@ static const ec_list_element curve_list[ - {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, - "SECG curve over a 256 bit prime field"}, - /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ -- {NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, -+ {NID_secp384r1, &_EC_NIST_PRIME_384.h, -+# if defined(S390X_EC_ASM) -+ EC_GFp_s390x_nistp384_method, -+# else -+ 0, -+# endif - "NIST/SECG curve over a 384 bit prime field"}, --#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 -- {NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method, -- "NIST/SECG curve over a 521 bit prime field"}, --#else -- {NID_secp521r1, &_EC_NIST_PRIME_521.h, 0, -+ {NID_secp521r1, &_EC_NIST_PRIME_521.h, -+# if defined(S390X_EC_ASM) -+ EC_GFp_s390x_nistp521_method, -+# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) -+ EC_GFp_nistp521_method, -+# else -+ 0, -+# endif - "NIST/SECG curve over a 521 bit prime field"}, --#endif - /* X9.62 curves */ - {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, - #if defined(ECP_NISTZ256_ASM) - EC_GFp_nistz256_method, --#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) -+# elif defined(S390X_EC_ASM) -+ EC_GFp_s390x_nistp256_method, -+# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) - EC_GFp_nistp256_method, - #else - 0, -diff -up openssl-1.1.1g/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecdsa_ossl.c ---- openssl-1.1.1g/crypto/ec/ecdsa_ossl.c.s390x-ecc 2020-05-18 12:45:40.784233644 +0200 -+++ openssl-1.1.1g/crypto/ec/ecdsa_ossl.c 2020-05-18 12:45:42.664249983 +0200 -@@ -18,6 +18,41 @@ - # include - #endif - -+int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, -+ BIGNUM **rp) -+{ -+ if (eckey->group->meth->ecdsa_sign_setup == NULL) { -+ ECerr(EC_F_OSSL_ECDSA_SIGN_SETUP, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA); -+ return 0; -+ } -+ -+ return eckey->group->meth->ecdsa_sign_setup(eckey, ctx_in, kinvp, rp); -+} -+ -+ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, -+ const BIGNUM *in_kinv, const BIGNUM *in_r, -+ EC_KEY *eckey) -+{ -+ if (eckey->group->meth->ecdsa_sign_sig == NULL) { -+ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA); -+ return NULL; -+ } -+ -+ return eckey->group->meth->ecdsa_sign_sig(dgst, dgst_len, -+ in_kinv, in_r, eckey); -+} -+ -+int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, -+ const ECDSA_SIG *sig, EC_KEY *eckey) -+{ -+ if (eckey->group->meth->ecdsa_verify_sig == NULL) { -+ ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA); -+ return 0; -+ } -+ -+ return eckey->group->meth->ecdsa_verify_sig(dgst, dgst_len, sig, eckey); -+} -+ - int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, - unsigned char *sig, unsigned int *siglen, - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) -@@ -149,15 +184,15 @@ static int ecdsa_sign_setup(EC_KEY *ecke - return ret; - } - --int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, -- BIGNUM **rp) -+int ecdsa_simple_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, -+ BIGNUM **rp) - { - return ecdsa_sign_setup(eckey, ctx_in, kinvp, rp, NULL, 0); - } - --ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, -- const BIGNUM *in_kinv, const BIGNUM *in_r, -- EC_KEY *eckey) -+ECDSA_SIG *ecdsa_simple_sign_sig(const unsigned char *dgst, int dgst_len, -+ const BIGNUM *in_kinv, const BIGNUM *in_r, -+ EC_KEY *eckey) - { - int ok = 0, i; - BIGNUM *kinv = NULL, *s, *m = NULL; -@@ -218,25 +253,25 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns - if (8 * dgst_len > i) - dgst_len = (i + 7) / 8; - if (!BN_bin2bn(dgst, dgst_len, m)) { -- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_BN_LIB); - goto err; - } - /* If still too long, truncate remaining bits with a shift */ - if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { -- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_BN_LIB); - goto err; - } - do { - if (in_kinv == NULL || in_r == NULL) { - if (!ecdsa_sign_setup(eckey, ctx, &kinv, &ret->r, dgst, dgst_len)) { -- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_ECDSA_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_ECDSA_LIB); - goto err; - } - ckinv = kinv; - } else { - ckinv = in_kinv; - if (BN_copy(ret->r, in_r) == NULL) { -- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE); -+ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_MALLOC_FAILURE); - goto err; - } - } -@@ -250,11 +285,11 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns - */ - if (!bn_to_mont_fixed_top(s, ret->r, group->mont_data, ctx) - || !bn_mul_mont_fixed_top(s, s, priv_key, group->mont_data, ctx)) { -- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_BN_LIB); - goto err; - } - if (!bn_mod_add_fixed_top(s, s, m, order)) { -- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_BN_LIB); - goto err; - } - /* -@@ -263,7 +298,7 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns - */ - if (!bn_to_mont_fixed_top(s, s, group->mont_data, ctx) - || !BN_mod_mul_montgomery(s, s, ckinv, group->mont_data, ctx)) { -- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, ERR_R_BN_LIB); - goto err; - } - -@@ -273,7 +308,7 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns - * generate new kinv and r values - */ - if (in_kinv != NULL && in_r != NULL) { -- ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, EC_R_NEED_NEW_SETUP_VALUES); -+ ECerr(EC_F_ECDSA_SIMPLE_SIGN_SIG, EC_R_NEED_NEW_SETUP_VALUES); - goto err; - } - } else { -@@ -325,8 +360,8 @@ int ossl_ecdsa_verify(int type, const un - return ret; - } - --int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, -- const ECDSA_SIG *sig, EC_KEY *eckey) -+int ecdsa_simple_verify_sig(const unsigned char *dgst, int dgst_len, -+ const ECDSA_SIG *sig, EC_KEY *eckey) - { - int ret = -1, i; - BN_CTX *ctx; -@@ -346,18 +381,18 @@ int ossl_ecdsa_verify_sig(const unsigned - /* check input values */ - if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || - (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, EC_R_MISSING_PARAMETERS); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, EC_R_MISSING_PARAMETERS); - return -1; - } - - if (!EC_KEY_can_sign(eckey)) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); - return -1; - } - - ctx = BN_CTX_new(); - if (ctx == NULL) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_MALLOC_FAILURE); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_MALLOC_FAILURE); - return -1; - } - BN_CTX_start(ctx); -@@ -366,26 +401,26 @@ int ossl_ecdsa_verify_sig(const unsigned - m = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - if (X == NULL) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); - goto err; - } - - order = EC_GROUP_get0_order(group); - if (order == NULL) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_EC_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_EC_LIB); - goto err; - } - - if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || - BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) || - BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, EC_R_BAD_SIGNATURE); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, EC_R_BAD_SIGNATURE); - ret = 0; /* signature is invalid */ - goto err; - } - /* calculate tmp1 = inv(S) mod order */ - if (!ec_group_do_inverse_ord(group, u2, sig->s, ctx)) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); - goto err; - } - /* digest -> m */ -@@ -396,41 +431,41 @@ int ossl_ecdsa_verify_sig(const unsigned - if (8 * dgst_len > i) - dgst_len = (i + 7) / 8; - if (!BN_bin2bn(dgst, dgst_len, m)) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); - goto err; - } - /* If still too long truncate remaining bits with a shift */ - if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); - goto err; - } - /* u1 = m * tmp mod order */ - if (!BN_mod_mul(u1, m, u2, order, ctx)) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); - goto err; - } - /* u2 = r * w mod q */ - if (!BN_mod_mul(u2, sig->r, u2, order, ctx)) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); - goto err; - } - - if ((point = EC_POINT_new(group)) == NULL) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_MALLOC_FAILURE); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_EC_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_EC_LIB); - goto err; - } - - if (!EC_POINT_get_affine_coordinates(group, point, X, NULL, ctx)) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_EC_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_EC_LIB); - goto err; - } - - if (!BN_nnmod(u1, X, order, ctx)) { -- ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB); -+ ECerr(EC_F_ECDSA_SIMPLE_VERIFY_SIG, ERR_R_BN_LIB); - goto err; - } - /* if the signature is correct u1 is equal to sig->r */ -diff -up openssl-1.1.1g/crypto/ec/ec_err.c.s390x-ecc openssl-1.1.1g/crypto/ec/ec_err.c ---- openssl-1.1.1g/crypto/ec/ec_err.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/ec/ec_err.c 2020-05-18 12:45:42.664249983 +0200 -@@ -31,6 +31,11 @@ static const ERR_STRING_DATA EC_str_func - {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIGN_SETUP, 0), "ECDSA_sign_setup"}, - {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIG_NEW, 0), "ECDSA_SIG_new"}, - {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_VERIFY, 0), "ECDSA_verify"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_SIGN_SETUP, 0), "ecdsa_simple_sign_setup"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_SIGN_SIG, 0), "ecdsa_simple_sign_sig"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_VERIFY_SIG, 0), "ecdsa_simple_verify_sig"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_S390X_NISTP_SIGN_SIG, 0), "ecdsa_s390x_nistp_sign_sig"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, 0), "ecdsa_s390x_nistp_verify_sig"}, - {ERR_PACK(ERR_LIB_EC, EC_F_ECD_ITEM_VERIFY, 0), "ecd_item_verify"}, - {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PARAM2TYPE, 0), "eckey_param2type"}, - {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PARAM_DECODE, 0), "eckey_param_decode"}, -@@ -266,6 +271,7 @@ static const ERR_STRING_DATA EC_str_func - {ERR_PACK(ERR_LIB_EC, EC_F_OLD_EC_PRIV_DECODE, 0), "old_ec_priv_decode"}, - {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDH_COMPUTE_KEY, 0), - "ossl_ecdh_compute_key"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_SIGN_SETUP, 0), "ossl_ecdsa_sign_setup"}, - {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_SIGN_SIG, 0), "ossl_ecdsa_sign_sig"}, - {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_VERIFY_SIG, 0), - "ossl_ecdsa_verify_sig"}, -@@ -284,6 +290,12 @@ static const ERR_STRING_DATA EC_str_func - {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_KEYGEN, 0), "pkey_ec_keygen"}, - {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_PARAMGEN, 0), "pkey_ec_paramgen"}, - {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_SIGN, 0), "pkey_ec_sign"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_DIGESTSIGN25519, 0), "s390x_pkey_ecd_digestsign25519"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_DIGESTSIGN448, 0), "s390x_pkey_ecd_digestsign448"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_KEYGEN25519, 0), "s390x_pkey_ecd_keygen25519"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_KEYGEN448, 0), "s390x_pkey_ecd_keygen448"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECX_KEYGEN25519, 0), "s390x_pkey_ecx_keygen25519"}, -+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECX_KEYGEN448, 0), "s390x_pkey_ecx_keygen448"}, - {ERR_PACK(ERR_LIB_EC, EC_F_VALIDATE_ECX_DERIVE, 0), "validate_ecx_derive"}, - {0, NULL} - }; -@@ -298,6 +310,8 @@ static const ERR_STRING_DATA EC_str_reas - "coordinates out of range"}, - {ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH), - "curve does not support ecdh"}, -+ {ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA), -+ "curve does not support ecdsa"}, - {ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING), - "curve does not support signing"}, - {ERR_PACK(ERR_LIB_EC, 0, EC_R_D2I_ECPKPARAMETERS_FAILURE), -diff -up openssl-1.1.1g/crypto/ec/ec_local.h.s390x-ecc openssl-1.1.1g/crypto/ec/ec_local.h ---- openssl-1.1.1g/crypto/ec/ec_local.h.s390x-ecc 2020-05-18 12:45:40.554231646 +0200 -+++ openssl-1.1.1g/crypto/ec/ec_local.h 2020-05-18 12:45:44.564266496 +0200 -@@ -179,6 +179,14 @@ struct ec_method_st { - /* custom ECDH operation */ - int (*ecdh_compute_key)(unsigned char **pout, size_t *poutlen, - const EC_POINT *pub_key, const EC_KEY *ecdh); -+ /* custom ECDSA */ -+ int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinvp, -+ BIGNUM **rp); -+ ECDSA_SIG *(*ecdsa_sign_sig)(const unsigned char *dgst, int dgstlen, -+ const BIGNUM *kinv, const BIGNUM *r, -+ EC_KEY *eckey); -+ int (*ecdsa_verify_sig)(const unsigned char *dgst, int dgstlen, -+ const ECDSA_SIG *sig, EC_KEY *eckey); - /* Inverse modulo order */ - int (*field_inverse_mod_ord)(const EC_GROUP *, BIGNUM *r, - const BIGNUM *x, BN_CTX *); -@@ -587,6 +595,11 @@ int ec_group_simple_order_bits(const EC_ - */ - const EC_METHOD *EC_GFp_nistz256_method(void); - #endif -+#ifdef S390X_EC_ASM -+const EC_METHOD *EC_GFp_s390x_nistp256_method(void); -+const EC_METHOD *EC_GFp_s390x_nistp384_method(void); -+const EC_METHOD *EC_GFp_s390x_nistp521_method(void); -+#endif - - size_t ec_key_simple_priv2oct(const EC_KEY *eckey, - unsigned char *buf, size_t len); -@@ -651,6 +664,13 @@ int ossl_ecdsa_verify(int type, const un - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey); - int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey); -+int ecdsa_simple_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, -+ BIGNUM **rp); -+ECDSA_SIG *ecdsa_simple_sign_sig(const unsigned char *dgst, int dgst_len, -+ const BIGNUM *in_kinv, const BIGNUM *in_r, -+ EC_KEY *eckey); -+int ecdsa_simple_verify_sig(const unsigned char *dgst, int dgst_len, -+ const ECDSA_SIG *sig, EC_KEY *eckey); - - int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, - const uint8_t public_key[32], const uint8_t private_key[32]); -diff -up openssl-1.1.1g/crypto/ec/ec_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/ec/ec_pmeth.c ---- openssl-1.1.1g/crypto/ec/ec_pmeth.c.s390x-ecc 2020-05-18 12:45:40.784233644 +0200 -+++ openssl-1.1.1g/crypto/ec/ec_pmeth.c 2020-05-18 12:45:44.565266505 +0200 -@@ -474,3 +474,8 @@ const EVP_PKEY_METHOD ec_pkey_meth = { - pkey_ec_ctrl, - pkey_ec_ctrl_str - }; -+ -+const EVP_PKEY_METHOD *ec_pkey_method(void) -+{ -+ return &ec_pkey_meth; -+} -diff -up openssl-1.1.1g/crypto/ec/ecp_mont.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_mont.c ---- openssl-1.1.1g/crypto/ec/ecp_mont.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/ec/ecp_mont.c 2020-05-18 12:45:44.567266523 +0200 -@@ -63,6 +63,9 @@ const EC_METHOD *EC_GFp_mont_method(void - 0, /* keycopy */ - 0, /* keyfinish */ - ecdh_simple_compute_key, -+ ecdsa_simple_sign_setup, -+ ecdsa_simple_sign_sig, -+ ecdsa_simple_verify_sig, - 0, /* field_inverse_mod_ord */ - ec_GFp_simple_blind_coordinates, - ec_GFp_simple_ladder_pre, -diff -up openssl-1.1.1g/crypto/ec/ecp_nist.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nist.c ---- openssl-1.1.1g/crypto/ec/ecp_nist.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/ec/ecp_nist.c 2020-05-18 12:45:44.567266523 +0200 -@@ -65,6 +65,9 @@ const EC_METHOD *EC_GFp_nist_method(void - 0, /* keycopy */ - 0, /* keyfinish */ - ecdh_simple_compute_key, -+ ecdsa_simple_sign_setup, -+ ecdsa_simple_sign_sig, -+ ecdsa_simple_verify_sig, - 0, /* field_inverse_mod_ord */ - ec_GFp_simple_blind_coordinates, - ec_GFp_simple_ladder_pre, -diff -up openssl-1.1.1g/crypto/ec/ecp_nistp224.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistp224.c ---- openssl-1.1.1g/crypto/ec/ecp_nistp224.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/ec/ecp_nistp224.c 2020-05-18 12:45:44.568266531 +0200 -@@ -292,6 +292,9 @@ const EC_METHOD *EC_GFp_nistp224_method( - 0, /* keycopy */ - 0, /* keyfinish */ - ecdh_simple_compute_key, -+ ecdsa_simple_sign_setup, -+ ecdsa_simple_sign_sig, -+ ecdsa_simple_verify_sig, - 0, /* field_inverse_mod_ord */ - 0, /* blind_coordinates */ - 0, /* ladder_pre */ -diff -up openssl-1.1.1g/crypto/ec/ecp_nistp256.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistp256.c ---- openssl-1.1.1g/crypto/ec/ecp_nistp256.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/ec/ecp_nistp256.c 2020-05-18 12:45:44.568266531 +0200 -@@ -1829,6 +1829,9 @@ const EC_METHOD *EC_GFp_nistp256_method( - 0, /* keycopy */ - 0, /* keyfinish */ - ecdh_simple_compute_key, -+ ecdsa_simple_sign_setup, -+ ecdsa_simple_sign_sig, -+ ecdsa_simple_verify_sig, - 0, /* field_inverse_mod_ord */ - 0, /* blind_coordinates */ - 0, /* ladder_pre */ -diff -up openssl-1.1.1g/crypto/ec/ecp_nistp521.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistp521.c ---- openssl-1.1.1g/crypto/ec/ecp_nistp521.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/ec/ecp_nistp521.c 2020-05-18 12:45:44.569266540 +0200 -@@ -1669,6 +1669,9 @@ const EC_METHOD *EC_GFp_nistp521_method( - 0, /* keycopy */ - 0, /* keyfinish */ - ecdh_simple_compute_key, -+ ecdsa_simple_sign_setup, -+ ecdsa_simple_sign_sig, -+ ecdsa_simple_verify_sig, - 0, /* field_inverse_mod_ord */ - 0, /* blind_coordinates */ - 0, /* ladder_pre */ -diff -up openssl-1.1.1g/crypto/ec/ecp_nistz256.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistz256.c ---- openssl-1.1.1g/crypto/ec/ecp_nistz256.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/ec/ecp_nistz256.c 2020-05-18 12:45:44.570266549 +0200 -@@ -1720,6 +1720,9 @@ const EC_METHOD *EC_GFp_nistz256_method( - 0, /* keycopy */ - 0, /* keyfinish */ - ecdh_simple_compute_key, -+ ecdsa_simple_sign_setup, -+ ecdsa_simple_sign_sig, -+ ecdsa_simple_verify_sig, - ecp_nistz256_inv_mod_ord, /* can be #define-d NULL */ - 0, /* blind_coordinates */ - 0, /* ladder_pre */ -diff -up openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c ---- openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c.s390x-ecc 2020-05-18 12:45:44.571266557 +0200 -+++ openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c 2020-05-18 12:45:44.571266557 +0200 -@@ -0,0 +1,394 @@ -+/* -+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include -+#include -+#include -+#include -+#include "ec_local.h" -+#include "s390x_arch.h" -+ -+/* Size of parameter blocks */ -+#define S390X_SIZE_PARAM 4096 -+ -+/* Size of fields in parameter blocks */ -+#define S390X_SIZE_P256 32 -+#define S390X_SIZE_P384 48 -+#define S390X_SIZE_P521 80 -+ -+/* Offsets of fields in PCC parameter blocks */ -+#define S390X_OFF_RES_X(n) (0 * n) -+#define S390X_OFF_RES_Y(n) (1 * n) -+#define S390X_OFF_SRC_X(n) (2 * n) -+#define S390X_OFF_SRC_Y(n) (3 * n) -+#define S390X_OFF_SCALAR(n) (4 * n) -+ -+/* Offsets of fields in KDSA parameter blocks */ -+#define S390X_OFF_R(n) (0 * n) -+#define S390X_OFF_S(n) (1 * n) -+#define S390X_OFF_H(n) (2 * n) -+#define S390X_OFF_K(n) (3 * n) -+#define S390X_OFF_X(n) (3 * n) -+#define S390X_OFF_RN(n) (4 * n) -+#define S390X_OFF_Y(n) (4 * n) -+ -+static int ec_GFp_s390x_nistp_mul(const EC_GROUP *group, EC_POINT *r, -+ const BIGNUM *scalar, -+ size_t num, const EC_POINT *points[], -+ const BIGNUM *scalars[], -+ BN_CTX *ctx, unsigned int fc, int len) -+{ -+ unsigned char param[S390X_SIZE_PARAM]; -+ BIGNUM *x, *y; -+ const EC_POINT *point_ptr = NULL; -+ const BIGNUM *scalar_ptr = NULL; -+ BN_CTX *new_ctx = NULL; -+ int rc = -1; -+ -+ if (ctx == NULL) { -+ ctx = new_ctx = BN_CTX_new(); -+ if (ctx == NULL) -+ return 0; -+ } -+ -+ BN_CTX_start(ctx); -+ -+ x = BN_CTX_get(ctx); -+ y = BN_CTX_get(ctx); -+ if (x == NULL || y == NULL) { -+ rc = 0; -+ goto ret; -+ } -+ -+ /* -+ * Use PCC for EC keygen and ECDH key derivation: -+ * scalar * generator and scalar * peer public key, -+ * scalar in [0,order). -+ */ -+ if ((scalar != NULL && num == 0 && BN_is_negative(scalar) == 0) -+ || (scalar == NULL && num == 1 && BN_is_negative(scalars[0]) == 0)) { -+ -+ if (num == 0) { -+ point_ptr = EC_GROUP_get0_generator(group); -+ scalar_ptr = scalar; -+ } else { -+ point_ptr = points[0]; -+ scalar_ptr = scalars[0]; -+ } -+ -+ if (EC_POINT_is_at_infinity(group, point_ptr) == 1 -+ || BN_is_zero(scalar_ptr)) { -+ rc = EC_POINT_set_to_infinity(group, r); -+ goto ret; -+ } -+ -+ memset(¶m, 0, sizeof(param)); -+ -+ if (group->meth->point_get_affine_coordinates(group, point_ptr, -+ x, y, ctx) != 1 -+ || BN_bn2binpad(x, param + S390X_OFF_SRC_X(len), len) == -1 -+ || BN_bn2binpad(y, param + S390X_OFF_SRC_Y(len), len) == -1 -+ || BN_bn2binpad(scalar_ptr, -+ param + S390X_OFF_SCALAR(len), len) == -1 -+ || s390x_pcc(fc, param) != 0 -+ || BN_bin2bn(param + S390X_OFF_RES_X(len), len, x) == NULL -+ || BN_bin2bn(param + S390X_OFF_RES_Y(len), len, y) == NULL -+ || group->meth->point_set_affine_coordinates(group, r, -+ x, y, ctx) != 1) -+ goto ret; -+ -+ rc = 1; -+ } -+ -+ret: -+ /* Otherwise use default. */ -+ if (rc == -1) -+ rc = ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx); -+ OPENSSL_cleanse(param + S390X_OFF_SCALAR(len), len); -+ BN_CTX_end(ctx); -+ BN_CTX_free(new_ctx); -+ return rc; -+} -+ -+static ECDSA_SIG *ecdsa_s390x_nistp_sign_sig(const unsigned char *dgst, -+ int dgstlen, -+ const BIGNUM *kinv, -+ const BIGNUM *r, -+ EC_KEY *eckey, -+ unsigned int fc, int len) -+{ -+ unsigned char param[S390X_SIZE_PARAM]; -+ int ok = 0; -+ BIGNUM *k; -+ ECDSA_SIG *sig; -+ const EC_GROUP *group; -+ const BIGNUM *privkey; -+ int off; -+ -+ group = EC_KEY_get0_group(eckey); -+ privkey = EC_KEY_get0_private_key(eckey); -+ if (group == NULL || privkey == NULL) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, EC_R_MISSING_PARAMETERS); -+ return NULL; -+ } -+ -+ if (!EC_KEY_can_sign(eckey)) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, -+ EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); -+ return NULL; -+ } -+ -+ k = BN_secure_new(); -+ sig = ECDSA_SIG_new(); -+ if (k == NULL || sig == NULL) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_MALLOC_FAILURE); -+ goto ret; -+ } -+ -+ sig->r = BN_new(); -+ sig->s = BN_new(); -+ if (sig->r == NULL || sig->s == NULL) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_MALLOC_FAILURE); -+ goto ret; -+ } -+ -+ memset(param, 0, sizeof(param)); -+ off = len - (dgstlen > len ? len : dgstlen); -+ memcpy(param + S390X_OFF_H(len) + off, dgst, len - off); -+ -+ if (BN_bn2binpad(privkey, param + S390X_OFF_K(len), len) == -1) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_BN_LIB); -+ goto ret; -+ } -+ -+ if (r == NULL || kinv == NULL) { -+ /* -+ * Generate random k and copy to param param block. RAND_priv_bytes -+ * is used instead of BN_priv_rand_range or BN_generate_dsa_nonce -+ * because kdsa instruction constructs an in-range, invertible nonce -+ * internally implementing counter-measures for RNG weakness. -+ */ -+ if (RAND_priv_bytes(param + S390X_OFF_RN(len), len) != 1) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, -+ EC_R_RANDOM_NUMBER_GENERATION_FAILED); -+ goto ret; -+ } -+ } else { -+ /* Reconstruct k = (k^-1)^-1. */ -+ if (ec_group_do_inverse_ord(group, k, kinv, NULL) == 0 -+ || BN_bn2binpad(k, param + S390X_OFF_RN(len), len) == -1) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_BN_LIB); -+ goto ret; -+ } -+ /* Turns KDSA internal nonce-generation off. */ -+ fc |= S390X_KDSA_D; -+ } -+ -+ if (s390x_kdsa(fc, param, NULL, 0) != 0) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_ECDSA_LIB); -+ goto ret; -+ } -+ -+ if (BN_bin2bn(param + S390X_OFF_R(len), len, sig->r) == NULL -+ || BN_bin2bn(param + S390X_OFF_S(len), len, sig->s) == NULL) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_SIGN_SIG, ERR_R_BN_LIB); -+ goto ret; -+ } -+ -+ ok = 1; -+ret: -+ OPENSSL_cleanse(param + S390X_OFF_K(len), 2 * len); -+ if (ok != 1) { -+ ECDSA_SIG_free(sig); -+ sig = NULL; -+ } -+ BN_clear_free(k); -+ return sig; -+} -+ -+static int ecdsa_s390x_nistp_verify_sig(const unsigned char *dgst, int dgstlen, -+ const ECDSA_SIG *sig, EC_KEY *eckey, -+ unsigned int fc, int len) -+{ -+ unsigned char param[S390X_SIZE_PARAM]; -+ int rc = -1; -+ BN_CTX *ctx; -+ BIGNUM *x, *y; -+ const EC_GROUP *group; -+ const EC_POINT *pubkey; -+ int off; -+ -+ group = EC_KEY_get0_group(eckey); -+ pubkey = EC_KEY_get0_public_key(eckey); -+ if (eckey == NULL || group == NULL || pubkey == NULL || sig == NULL) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, EC_R_MISSING_PARAMETERS); -+ return -1; -+ } -+ -+ if (!EC_KEY_can_sign(eckey)) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, -+ EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); -+ return -1; -+ } -+ -+ ctx = BN_CTX_new(); -+ if (ctx == NULL) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, ERR_R_MALLOC_FAILURE); -+ return -1; -+ } -+ -+ BN_CTX_start(ctx); -+ -+ x = BN_CTX_get(ctx); -+ y = BN_CTX_get(ctx); -+ if (x == NULL || y == NULL) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, ERR_R_MALLOC_FAILURE); -+ goto ret; -+ } -+ -+ memset(param, 0, sizeof(param)); -+ off = len - (dgstlen > len ? len : dgstlen); -+ memcpy(param + S390X_OFF_H(len) + off, dgst, len - off); -+ -+ if (group->meth->point_get_affine_coordinates(group, pubkey, -+ x, y, ctx) != 1 -+ || BN_bn2binpad(sig->r, param + S390X_OFF_R(len), len) == -1 -+ || BN_bn2binpad(sig->s, param + S390X_OFF_S(len), len) == -1 -+ || BN_bn2binpad(x, param + S390X_OFF_X(len), len) == -1 -+ || BN_bn2binpad(y, param + S390X_OFF_Y(len), len) == -1) { -+ ECerr(EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, ERR_R_BN_LIB); -+ goto ret; -+ } -+ -+ rc = s390x_kdsa(fc, param, NULL, 0) == 0 ? 1 : 0; -+ret: -+ BN_CTX_end(ctx); -+ BN_CTX_free(ctx); -+ return rc; -+} -+ -+#define EC_GFP_S390X_NISTP_METHOD(bits) \ -+ \ -+static int ec_GFp_s390x_nistp##bits##_mul(const EC_GROUP *group, \ -+ EC_POINT *r, \ -+ const BIGNUM *scalar, \ -+ size_t num, \ -+ const EC_POINT *points[], \ -+ const BIGNUM *scalars[], \ -+ BN_CTX *ctx) \ -+{ \ -+ return ec_GFp_s390x_nistp_mul(group, r, scalar, num, points, \ -+ scalars, ctx, \ -+ S390X_SCALAR_MULTIPLY_P##bits, \ -+ S390X_SIZE_P##bits); \ -+} \ -+ \ -+static ECDSA_SIG *ecdsa_s390x_nistp##bits##_sign_sig(const unsigned \ -+ char *dgst, \ -+ int dgstlen, \ -+ const BIGNUM *kinv,\ -+ const BIGNUM *r, \ -+ EC_KEY *eckey) \ -+{ \ -+ return ecdsa_s390x_nistp_sign_sig(dgst, dgstlen, kinv, r, eckey, \ -+ S390X_ECDSA_SIGN_P##bits, \ -+ S390X_SIZE_P##bits); \ -+} \ -+ \ -+static int ecdsa_s390x_nistp##bits##_verify_sig(const \ -+ unsigned char *dgst, \ -+ int dgstlen, \ -+ const ECDSA_SIG *sig, \ -+ EC_KEY *eckey) \ -+{ \ -+ return ecdsa_s390x_nistp_verify_sig(dgst, dgstlen, sig, eckey, \ -+ S390X_ECDSA_VERIFY_P##bits, \ -+ S390X_SIZE_P##bits); \ -+} \ -+ \ -+const EC_METHOD *EC_GFp_s390x_nistp##bits##_method(void) \ -+{ \ -+ static const EC_METHOD EC_GFp_s390x_nistp##bits##_meth = { \ -+ EC_FLAGS_DEFAULT_OCT, \ -+ NID_X9_62_prime_field, \ -+ ec_GFp_simple_group_init, \ -+ ec_GFp_simple_group_finish, \ -+ ec_GFp_simple_group_clear_finish, \ -+ ec_GFp_simple_group_copy, \ -+ ec_GFp_simple_group_set_curve, \ -+ ec_GFp_simple_group_get_curve, \ -+ ec_GFp_simple_group_get_degree, \ -+ ec_group_simple_order_bits, \ -+ ec_GFp_simple_group_check_discriminant, \ -+ ec_GFp_simple_point_init, \ -+ ec_GFp_simple_point_finish, \ -+ ec_GFp_simple_point_clear_finish, \ -+ ec_GFp_simple_point_copy, \ -+ ec_GFp_simple_point_set_to_infinity, \ -+ ec_GFp_simple_set_Jprojective_coordinates_GFp, \ -+ ec_GFp_simple_get_Jprojective_coordinates_GFp, \ -+ ec_GFp_simple_point_set_affine_coordinates, \ -+ ec_GFp_simple_point_get_affine_coordinates, \ -+ NULL, /* point_set_compressed_coordinates */ \ -+ NULL, /* point2oct */ \ -+ NULL, /* oct2point */ \ -+ ec_GFp_simple_add, \ -+ ec_GFp_simple_dbl, \ -+ ec_GFp_simple_invert, \ -+ ec_GFp_simple_is_at_infinity, \ -+ ec_GFp_simple_is_on_curve, \ -+ ec_GFp_simple_cmp, \ -+ ec_GFp_simple_make_affine, \ -+ ec_GFp_simple_points_make_affine, \ -+ ec_GFp_s390x_nistp##bits##_mul, \ -+ NULL, /* precompute_mult */ \ -+ NULL, /* have_precompute_mult */ \ -+ ec_GFp_simple_field_mul, \ -+ ec_GFp_simple_field_sqr, \ -+ NULL, /* field_div */ \ -+ ec_GFp_simple_field_inv, \ -+ NULL, /* field_encode */ \ -+ NULL, /* field_decode */ \ -+ NULL, /* field_set_to_one */ \ -+ ec_key_simple_priv2oct, \ -+ ec_key_simple_oct2priv, \ -+ NULL, /* set_private */ \ -+ ec_key_simple_generate_key, \ -+ ec_key_simple_check_key, \ -+ ec_key_simple_generate_public_key, \ -+ NULL, /* keycopy */ \ -+ NULL, /* keyfinish */ \ -+ ecdh_simple_compute_key, \ -+ ecdsa_simple_sign_setup, \ -+ ecdsa_s390x_nistp##bits##_sign_sig, \ -+ ecdsa_s390x_nistp##bits##_verify_sig, \ -+ NULL, /* field_inverse_mod_ord */ \ -+ ec_GFp_simple_blind_coordinates, \ -+ ec_GFp_simple_ladder_pre, \ -+ ec_GFp_simple_ladder_step, \ -+ ec_GFp_simple_ladder_post \ -+ }; \ -+ static const EC_METHOD *ret; \ -+ \ -+ if ((OPENSSL_s390xcap_P.pcc[1] \ -+ & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_P##bits)) \ -+ && (OPENSSL_s390xcap_P.kdsa[0] \ -+ & S390X_CAPBIT(S390X_ECDSA_VERIFY_P##bits)) \ -+ && (OPENSSL_s390xcap_P.kdsa[0] \ -+ & S390X_CAPBIT(S390X_ECDSA_SIGN_P##bits))) \ -+ ret = &EC_GFp_s390x_nistp##bits##_meth; \ -+ else \ -+ ret = EC_GFp_mont_method(); \ -+ \ -+ return ret; \ -+} -+ -+EC_GFP_S390X_NISTP_METHOD(256) -+EC_GFP_S390X_NISTP_METHOD(384) -+EC_GFP_S390X_NISTP_METHOD(521) -diff -up openssl-1.1.1g/crypto/ec/ecp_smpl.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_smpl.c ---- openssl-1.1.1g/crypto/ec/ecp_smpl.c.s390x-ecc 2020-05-18 12:45:40.769233514 +0200 -+++ openssl-1.1.1g/crypto/ec/ecp_smpl.c 2020-05-18 12:45:44.572266566 +0200 -@@ -64,6 +64,9 @@ const EC_METHOD *EC_GFp_simple_method(vo - 0, /* keycopy */ - 0, /* keyfinish */ - ecdh_simple_compute_key, -+ ecdsa_simple_sign_setup, -+ ecdsa_simple_sign_sig, -+ ecdsa_simple_verify_sig, - 0, /* field_inverse_mod_ord */ - ec_GFp_simple_blind_coordinates, - ec_GFp_simple_ladder_pre, -diff -up openssl-1.1.1g/crypto/ec/ecx_meth.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecx_meth.c ---- openssl-1.1.1g/crypto/ec/ecx_meth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/ec/ecx_meth.c 2020-05-18 12:45:44.573266575 +0200 -@@ -20,6 +20,7 @@ - #define X25519_BITS 253 - #define X25519_SECURITY_BITS 128 - -+#define ED25519_KEYLEN 32 - #define ED25519_SIGSIZE 64 - - #define X448_BITS 448 -@@ -839,3 +840,666 @@ const EVP_PKEY_METHOD ed448_pkey_meth = - pkey_ecd_digestsign448, - pkey_ecd_digestverify448 - }; -+ -+#ifdef S390X_EC_ASM -+# include "s390x_arch.h" -+# include "internal/constant_time.h" -+ -+static void s390x_x25519_mod_p(unsigned char u[32]) -+{ -+ unsigned char u_red[32]; -+ unsigned int c = 0; -+ int i; -+ -+ memcpy(u_red, u, sizeof(u_red)); -+ -+ c += (unsigned int)u_red[31] + 19; -+ u_red[31] = (unsigned char)c; -+ c >>= 8; -+ -+ for (i = 30; i >= 0; i--) { -+ c += (unsigned int)u_red[i]; -+ u_red[i] = (unsigned char)c; -+ c >>= 8; -+ } -+ -+ c = (u_red[0] & 0x80) >> 7; -+ u_red[0] &= 0x7f; -+ constant_time_cond_swap_buff(0 - (unsigned char)c, -+ u, u_red, sizeof(u_red)); -+} -+ -+static void s390x_x448_mod_p(unsigned char u[56]) -+{ -+ unsigned char u_red[56]; -+ unsigned int c = 0; -+ int i; -+ -+ memcpy(u_red, u, sizeof(u_red)); -+ -+ c += (unsigned int)u_red[55] + 1; -+ u_red[55] = (unsigned char)c; -+ c >>= 8; -+ -+ for (i = 54; i >= 28; i--) { -+ c += (unsigned int)u_red[i]; -+ u_red[i] = (unsigned char)c; -+ c >>= 8; -+ } -+ -+ c += (unsigned int)u_red[27] + 1; -+ u_red[27] = (unsigned char)c; -+ c >>= 8; -+ -+ for (i = 26; i >= 0; i--) { -+ c += (unsigned int)u_red[i]; -+ u_red[i] = (unsigned char)c; -+ c >>= 8; -+ } -+ -+ constant_time_cond_swap_buff(0 - (unsigned char)c, -+ u, u_red, sizeof(u_red)); -+} -+ -+static int s390x_x25519_mul(unsigned char u_dst[32], -+ const unsigned char u_src[32], -+ const unsigned char d_src[32]) -+{ -+ union { -+ struct { -+ unsigned char u_dst[32]; -+ unsigned char u_src[32]; -+ unsigned char d_src[32]; -+ } x25519; -+ unsigned long long buff[512]; -+ } param; -+ int rc; -+ -+ memset(¶m, 0, sizeof(param)); -+ -+ s390x_flip_endian32(param.x25519.u_src, u_src); -+ param.x25519.u_src[0] &= 0x7f; -+ s390x_x25519_mod_p(param.x25519.u_src); -+ -+ s390x_flip_endian32(param.x25519.d_src, d_src); -+ param.x25519.d_src[31] &= 248; -+ param.x25519.d_src[0] &= 127; -+ param.x25519.d_src[0] |= 64; -+ -+ rc = s390x_pcc(S390X_SCALAR_MULTIPLY_X25519, ¶m.x25519) ? 0 : 1; -+ if (rc == 1) -+ s390x_flip_endian32(u_dst, param.x25519.u_dst); -+ -+ OPENSSL_cleanse(param.x25519.d_src, sizeof(param.x25519.d_src)); -+ return rc; -+} -+ -+static int s390x_x448_mul(unsigned char u_dst[56], -+ const unsigned char u_src[56], -+ const unsigned char d_src[56]) -+{ -+ union { -+ struct { -+ unsigned char u_dst[64]; -+ unsigned char u_src[64]; -+ unsigned char d_src[64]; -+ } x448; -+ unsigned long long buff[512]; -+ } param; -+ int rc; -+ -+ memset(¶m, 0, sizeof(param)); -+ -+ memcpy(param.x448.u_src, u_src, 56); -+ memcpy(param.x448.d_src, d_src, 56); -+ -+ s390x_flip_endian64(param.x448.u_src, param.x448.u_src); -+ s390x_x448_mod_p(param.x448.u_src + 8); -+ -+ s390x_flip_endian64(param.x448.d_src, param.x448.d_src); -+ param.x448.d_src[63] &= 252; -+ param.x448.d_src[8] |= 128; -+ -+ rc = s390x_pcc(S390X_SCALAR_MULTIPLY_X448, ¶m.x448) ? 0 : 1; -+ if (rc == 1) { -+ s390x_flip_endian64(param.x448.u_dst, param.x448.u_dst); -+ memcpy(u_dst, param.x448.u_dst, 56); -+ } -+ -+ OPENSSL_cleanse(param.x448.d_src, sizeof(param.x448.d_src)); -+ return rc; -+} -+ -+static int s390x_ed25519_mul(unsigned char x_dst[32], -+ unsigned char y_dst[32], -+ const unsigned char x_src[32], -+ const unsigned char y_src[32], -+ const unsigned char d_src[32]) -+{ -+ union { -+ struct { -+ unsigned char x_dst[32]; -+ unsigned char y_dst[32]; -+ unsigned char x_src[32]; -+ unsigned char y_src[32]; -+ unsigned char d_src[32]; -+ } ed25519; -+ unsigned long long buff[512]; -+ } param; -+ int rc; -+ -+ memset(¶m, 0, sizeof(param)); -+ -+ s390x_flip_endian32(param.ed25519.x_src, x_src); -+ s390x_flip_endian32(param.ed25519.y_src, y_src); -+ s390x_flip_endian32(param.ed25519.d_src, d_src); -+ -+ rc = s390x_pcc(S390X_SCALAR_MULTIPLY_ED25519, ¶m.ed25519) ? 0 : 1; -+ if (rc == 1) { -+ s390x_flip_endian32(x_dst, param.ed25519.x_dst); -+ s390x_flip_endian32(y_dst, param.ed25519.y_dst); -+ } -+ -+ OPENSSL_cleanse(param.ed25519.d_src, sizeof(param.ed25519.d_src)); -+ return rc; -+} -+ -+static int s390x_ed448_mul(unsigned char x_dst[57], -+ unsigned char y_dst[57], -+ const unsigned char x_src[57], -+ const unsigned char y_src[57], -+ const unsigned char d_src[57]) -+{ -+ union { -+ struct { -+ unsigned char x_dst[64]; -+ unsigned char y_dst[64]; -+ unsigned char x_src[64]; -+ unsigned char y_src[64]; -+ unsigned char d_src[64]; -+ } ed448; -+ unsigned long long buff[512]; -+ } param; -+ int rc; -+ -+ memset(¶m, 0, sizeof(param)); -+ -+ memcpy(param.ed448.x_src, x_src, 57); -+ memcpy(param.ed448.y_src, y_src, 57); -+ memcpy(param.ed448.d_src, d_src, 57); -+ s390x_flip_endian64(param.ed448.x_src, param.ed448.x_src); -+ s390x_flip_endian64(param.ed448.y_src, param.ed448.y_src); -+ s390x_flip_endian64(param.ed448.d_src, param.ed448.d_src); -+ -+ rc = s390x_pcc(S390X_SCALAR_MULTIPLY_ED448, ¶m.ed448) ? 0 : 1; -+ if (rc == 1) { -+ s390x_flip_endian64(param.ed448.x_dst, param.ed448.x_dst); -+ s390x_flip_endian64(param.ed448.y_dst, param.ed448.y_dst); -+ memcpy(x_dst, param.ed448.x_dst, 57); -+ memcpy(y_dst, param.ed448.y_dst, 57); -+ } -+ -+ OPENSSL_cleanse(param.ed448.d_src, sizeof(param.ed448.d_src)); -+ return rc; -+} -+ -+static int s390x_pkey_ecx_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -+{ -+ static const unsigned char generator[] = { -+ 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -+ }; -+ ECX_KEY *key; -+ unsigned char *privkey = NULL, *pubkey; -+ -+ key = OPENSSL_zalloc(sizeof(*key)); -+ if (key == NULL) { -+ ECerr(EC_F_S390X_PKEY_ECX_KEYGEN25519, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ pubkey = key->pubkey; -+ -+ privkey = key->privkey = OPENSSL_secure_malloc(X25519_KEYLEN); -+ if (privkey == NULL) { -+ ECerr(EC_F_S390X_PKEY_ECX_KEYGEN25519, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (RAND_priv_bytes(privkey, X25519_KEYLEN) <= 0) -+ goto err; -+ -+ privkey[0] &= 248; -+ privkey[31] &= 127; -+ privkey[31] |= 64; -+ -+ if (s390x_x25519_mul(pubkey, generator, privkey) != 1) -+ goto err; -+ -+ EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); -+ return 1; -+ err: -+ OPENSSL_secure_clear_free(privkey, X25519_KEYLEN); -+ key->privkey = NULL; -+ OPENSSL_free(key); -+ return 0; -+} -+ -+static int s390x_pkey_ecx_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -+{ -+ static const unsigned char generator[] = { -+ 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -+ }; -+ ECX_KEY *key; -+ unsigned char *privkey = NULL, *pubkey; -+ -+ key = OPENSSL_zalloc(sizeof(*key)); -+ if (key == NULL) { -+ ECerr(EC_F_S390X_PKEY_ECX_KEYGEN448, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ pubkey = key->pubkey; -+ -+ privkey = key->privkey = OPENSSL_secure_malloc(X448_KEYLEN); -+ if (privkey == NULL) { -+ ECerr(EC_F_S390X_PKEY_ECX_KEYGEN448, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (RAND_priv_bytes(privkey, X448_KEYLEN) <= 0) -+ goto err; -+ -+ privkey[0] &= 252; -+ privkey[55] |= 128; -+ -+ if (s390x_x448_mul(pubkey, generator, privkey) != 1) -+ goto err; -+ -+ EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); -+ return 1; -+ err: -+ OPENSSL_secure_clear_free(privkey, X448_KEYLEN); -+ key->privkey = NULL; -+ OPENSSL_free(key); -+ return 0; -+} -+ -+static int s390x_pkey_ecd_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -+{ -+ static const unsigned char generator_x[] = { -+ 0x1a, 0xd5, 0x25, 0x8f, 0x60, 0x2d, 0x56, 0xc9, 0xb2, 0xa7, 0x25, 0x95, -+ 0x60, 0xc7, 0x2c, 0x69, 0x5c, 0xdc, 0xd6, 0xfd, 0x31, 0xe2, 0xa4, 0xc0, -+ 0xfe, 0x53, 0x6e, 0xcd, 0xd3, 0x36, 0x69, 0x21 -+ }; -+ static const unsigned char generator_y[] = { -+ 0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, -+ 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, -+ 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, -+ }; -+ unsigned char x_dst[32], buff[SHA512_DIGEST_LENGTH]; -+ ECX_KEY *key; -+ unsigned char *privkey = NULL, *pubkey; -+ -+ key = OPENSSL_zalloc(sizeof(*key)); -+ if (key == NULL) { -+ ECerr(EC_F_S390X_PKEY_ECD_KEYGEN25519, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ pubkey = key->pubkey; -+ -+ privkey = key->privkey = OPENSSL_secure_malloc(ED25519_KEYLEN); -+ if (privkey == NULL) { -+ ECerr(EC_F_S390X_PKEY_ECD_KEYGEN25519, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (RAND_priv_bytes(privkey, ED25519_KEYLEN) <= 0) -+ goto err; -+ -+ SHA512(privkey, 32, buff); -+ buff[0] &= 248; -+ buff[31] &= 63; -+ buff[31] |= 64; -+ -+ if (s390x_ed25519_mul(x_dst, pubkey, -+ generator_x, generator_y, buff) != 1) -+ goto err; -+ -+ pubkey[31] |= ((x_dst[0] & 0x01) << 7); -+ -+ EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); -+ return 1; -+ err: -+ OPENSSL_secure_clear_free(privkey, ED25519_KEYLEN); -+ key->privkey = NULL; -+ OPENSSL_free(key); -+ return 0; -+} -+ -+static int s390x_pkey_ecd_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -+{ -+ static const unsigned char generator_x[] = { -+ 0x5e, 0xc0, 0x0c, 0xc7, 0x2b, 0xa8, 0x26, 0x26, 0x8e, 0x93, 0x00, 0x8b, -+ 0xe1, 0x80, 0x3b, 0x43, 0x11, 0x65, 0xb6, 0x2a, 0xf7, 0x1a, 0xae, 0x12, -+ 0x64, 0xa4, 0xd3, 0xa3, 0x24, 0xe3, 0x6d, 0xea, 0x67, 0x17, 0x0f, 0x47, -+ 0x70, 0x65, 0x14, 0x9e, 0xda, 0x36, 0xbf, 0x22, 0xa6, 0x15, 0x1d, 0x22, -+ 0xed, 0x0d, 0xed, 0x6b, 0xc6, 0x70, 0x19, 0x4f, 0x00 -+ }; -+ static const unsigned char generator_y[] = { -+ 0x14, 0xfa, 0x30, 0xf2, 0x5b, 0x79, 0x08, 0x98, 0xad, 0xc8, 0xd7, 0x4e, -+ 0x2c, 0x13, 0xbd, 0xfd, 0xc4, 0x39, 0x7c, 0xe6, 0x1c, 0xff, 0xd3, 0x3a, -+ 0xd7, 0xc2, 0xa0, 0x05, 0x1e, 0x9c, 0x78, 0x87, 0x40, 0x98, 0xa3, 0x6c, -+ 0x73, 0x73, 0xea, 0x4b, 0x62, 0xc7, 0xc9, 0x56, 0x37, 0x20, 0x76, 0x88, -+ 0x24, 0xbc, 0xb6, 0x6e, 0x71, 0x46, 0x3f, 0x69, 0x00 -+ }; -+ unsigned char x_dst[57], buff[114]; -+ ECX_KEY *key; -+ unsigned char *privkey = NULL, *pubkey; -+ EVP_MD_CTX *hashctx = NULL; -+ -+ key = OPENSSL_zalloc(sizeof(*key)); -+ if (key == NULL) { -+ ECerr(EC_F_S390X_PKEY_ECD_KEYGEN448, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ pubkey = key->pubkey; -+ -+ privkey = key->privkey = OPENSSL_secure_malloc(ED448_KEYLEN); -+ if (privkey == NULL) { -+ ECerr(EC_F_S390X_PKEY_ECD_KEYGEN448, ERR_R_MALLOC_FAILURE); -+ goto err; -+ } -+ -+ if (RAND_priv_bytes(privkey, ED448_KEYLEN) <= 0) -+ goto err; -+ -+ hashctx = EVP_MD_CTX_new(); -+ if (hashctx == NULL) -+ goto err; -+ if (EVP_DigestInit_ex(hashctx, EVP_shake256(), NULL) != 1) -+ goto err; -+ if (EVP_DigestUpdate(hashctx, privkey, 57) != 1) -+ goto err; -+ if (EVP_DigestFinalXOF(hashctx, buff, sizeof(buff)) != 1) -+ goto err; -+ -+ buff[0] &= -4; -+ buff[55] |= 0x80; -+ buff[56] = 0; -+ -+ if (s390x_ed448_mul(x_dst, pubkey, -+ generator_x, generator_y, buff) != 1) -+ goto err; -+ -+ pubkey[56] |= ((x_dst[0] & 0x01) << 7); -+ -+ EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); -+ EVP_MD_CTX_free(hashctx); -+ return 1; -+ err: -+ OPENSSL_secure_clear_free(privkey, ED448_KEYLEN); -+ key->privkey = NULL; -+ OPENSSL_free(key); -+ EVP_MD_CTX_free(hashctx); -+ return 0; -+} -+ -+static int s390x_pkey_ecx_derive25519(EVP_PKEY_CTX *ctx, unsigned char *key, -+ size_t *keylen) -+{ -+ const unsigned char *privkey, *pubkey; -+ -+ if (!validate_ecx_derive(ctx, key, keylen, &privkey, &pubkey)) -+ return 0; -+ -+ if (key != NULL) -+ return s390x_x25519_mul(key, pubkey, privkey); -+ -+ *keylen = X25519_KEYLEN; -+ return 1; -+} -+ -+static int s390x_pkey_ecx_derive448(EVP_PKEY_CTX *ctx, unsigned char *key, -+ size_t *keylen) -+{ -+ const unsigned char *privkey, *pubkey; -+ -+ if (!validate_ecx_derive(ctx, key, keylen, &privkey, &pubkey)) -+ return 0; -+ -+ if (key != NULL) -+ return s390x_x448_mul(key, pubkey, privkey); -+ -+ *keylen = X448_KEYLEN; -+ return 1; -+} -+ -+static int s390x_pkey_ecd_digestsign25519(EVP_MD_CTX *ctx, -+ unsigned char *sig, size_t *siglen, -+ const unsigned char *tbs, -+ size_t tbslen) -+{ -+ union { -+ struct { -+ unsigned char sig[64]; -+ unsigned char priv[32]; -+ } ed25519; -+ unsigned long long buff[512]; -+ } param; -+ const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx; -+ int rc; -+ -+ if (sig == NULL) { -+ *siglen = ED25519_SIGSIZE; -+ return 1; -+ } -+ -+ if (*siglen < ED25519_SIGSIZE) { -+ ECerr(EC_F_S390X_PKEY_ECD_DIGESTSIGN25519, EC_R_BUFFER_TOO_SMALL); -+ return 0; -+ } -+ -+ memset(¶m, 0, sizeof(param)); -+ memcpy(param.ed25519.priv, edkey->privkey, sizeof(param.ed25519.priv)); -+ -+ rc = s390x_kdsa(S390X_EDDSA_SIGN_ED25519, ¶m.ed25519, tbs, tbslen); -+ OPENSSL_cleanse(param.ed25519.priv, sizeof(param.ed25519.priv)); -+ if (rc != 0) -+ return 0; -+ -+ s390x_flip_endian32(sig, param.ed25519.sig); -+ s390x_flip_endian32(sig + 32, param.ed25519.sig + 32); -+ -+ *siglen = ED25519_SIGSIZE; -+ return 1; -+} -+ -+static int s390x_pkey_ecd_digestsign448(EVP_MD_CTX *ctx, -+ unsigned char *sig, size_t *siglen, -+ const unsigned char *tbs, -+ size_t tbslen) -+{ -+ union { -+ struct { -+ unsigned char sig[128]; -+ unsigned char priv[64]; -+ } ed448; -+ unsigned long long buff[512]; -+ } param; -+ const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx; -+ int rc; -+ -+ if (sig == NULL) { -+ *siglen = ED448_SIGSIZE; -+ return 1; -+ } -+ -+ if (*siglen < ED448_SIGSIZE) { -+ ECerr(EC_F_S390X_PKEY_ECD_DIGESTSIGN448, EC_R_BUFFER_TOO_SMALL); -+ return 0; -+ } -+ -+ memset(¶m, 0, sizeof(param)); -+ memcpy(param.ed448.priv + 64 - 57, edkey->privkey, 57); -+ -+ rc = s390x_kdsa(S390X_EDDSA_SIGN_ED448, ¶m.ed448, tbs, tbslen); -+ OPENSSL_cleanse(param.ed448.priv, sizeof(param.ed448.priv)); -+ if (rc != 0) -+ return 0; -+ -+ s390x_flip_endian64(param.ed448.sig, param.ed448.sig); -+ s390x_flip_endian64(param.ed448.sig + 64, param.ed448.sig + 64); -+ memcpy(sig, param.ed448.sig, 57); -+ memcpy(sig + 57, param.ed448.sig + 64, 57); -+ -+ *siglen = ED448_SIGSIZE; -+ return 1; -+} -+ -+static int s390x_pkey_ecd_digestverify25519(EVP_MD_CTX *ctx, -+ const unsigned char *sig, -+ size_t siglen, -+ const unsigned char *tbs, -+ size_t tbslen) -+{ -+ union { -+ struct { -+ unsigned char sig[64]; -+ unsigned char pub[32]; -+ } ed25519; -+ unsigned long long buff[512]; -+ } param; -+ const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx; -+ -+ if (siglen != ED25519_SIGSIZE) -+ return 0; -+ -+ memset(¶m, 0, sizeof(param)); -+ s390x_flip_endian32(param.ed25519.sig, sig); -+ s390x_flip_endian32(param.ed25519.sig + 32, sig + 32); -+ s390x_flip_endian32(param.ed25519.pub, edkey->pubkey); -+ -+ return s390x_kdsa(S390X_EDDSA_VERIFY_ED25519, -+ ¶m.ed25519, tbs, tbslen) == 0 ? 1 : 0; -+} -+ -+static int s390x_pkey_ecd_digestverify448(EVP_MD_CTX *ctx, -+ const unsigned char *sig, -+ size_t siglen, -+ const unsigned char *tbs, -+ size_t tbslen) -+{ -+ union { -+ struct { -+ unsigned char sig[128]; -+ unsigned char pub[64]; -+ } ed448; -+ unsigned long long buff[512]; -+ } param; -+ const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx; -+ -+ if (siglen != ED448_SIGSIZE) -+ return 0; -+ -+ memset(¶m, 0, sizeof(param)); -+ memcpy(param.ed448.sig, sig, 57); -+ s390x_flip_endian64(param.ed448.sig, param.ed448.sig); -+ memcpy(param.ed448.sig + 64, sig + 57, 57); -+ s390x_flip_endian64(param.ed448.sig + 64, param.ed448.sig + 64); -+ memcpy(param.ed448.pub, edkey->pubkey, 57); -+ s390x_flip_endian64(param.ed448.pub, param.ed448.pub); -+ -+ return s390x_kdsa(S390X_EDDSA_VERIFY_ED448, -+ ¶m.ed448, tbs, tbslen) == 0 ? 1 : 0; -+} -+ -+static const EVP_PKEY_METHOD ecx25519_s390x_pkey_meth = { -+ EVP_PKEY_X25519, -+ 0, 0, 0, 0, 0, 0, 0, -+ s390x_pkey_ecx_keygen25519, -+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -+ s390x_pkey_ecx_derive25519, -+ pkey_ecx_ctrl, -+ 0 -+}; -+ -+static const EVP_PKEY_METHOD ecx448_s390x_pkey_meth = { -+ EVP_PKEY_X448, -+ 0, 0, 0, 0, 0, 0, 0, -+ s390x_pkey_ecx_keygen448, -+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -+ s390x_pkey_ecx_derive448, -+ pkey_ecx_ctrl, -+ 0 -+}; -+static const EVP_PKEY_METHOD ed25519_s390x_pkey_meth = { -+ EVP_PKEY_ED25519, EVP_PKEY_FLAG_SIGCTX_CUSTOM, -+ 0, 0, 0, 0, 0, 0, -+ s390x_pkey_ecd_keygen25519, -+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -+ pkey_ecd_ctrl, -+ 0, -+ s390x_pkey_ecd_digestsign25519, -+ s390x_pkey_ecd_digestverify25519 -+}; -+ -+static const EVP_PKEY_METHOD ed448_s390x_pkey_meth = { -+ EVP_PKEY_ED448, EVP_PKEY_FLAG_SIGCTX_CUSTOM, -+ 0, 0, 0, 0, 0, 0, -+ s390x_pkey_ecd_keygen448, -+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -+ pkey_ecd_ctrl, -+ 0, -+ s390x_pkey_ecd_digestsign448, -+ s390x_pkey_ecd_digestverify448 -+}; -+#endif -+ -+const EVP_PKEY_METHOD *ecx25519_pkey_method(void) -+{ -+#ifdef S390X_EC_ASM -+ if (OPENSSL_s390xcap_P.pcc[1] & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X25519)) -+ return &ecx25519_s390x_pkey_meth; -+#endif -+ return &ecx25519_pkey_meth; -+} -+ -+const EVP_PKEY_METHOD *ecx448_pkey_method(void) -+{ -+#ifdef S390X_EC_ASM -+ if (OPENSSL_s390xcap_P.pcc[1] & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) -+ return &ecx448_s390x_pkey_meth; -+#endif -+ return &ecx448_pkey_meth; -+} -+ -+const EVP_PKEY_METHOD *ed25519_pkey_method(void) -+{ -+#ifdef S390X_EC_ASM -+ if (OPENSSL_s390xcap_P.pcc[1] & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_ED25519) -+ && OPENSSL_s390xcap_P.kdsa[0] & S390X_CAPBIT(S390X_EDDSA_SIGN_ED25519) -+ && OPENSSL_s390xcap_P.kdsa[0] -+ & S390X_CAPBIT(S390X_EDDSA_VERIFY_ED25519)) -+ return &ed25519_s390x_pkey_meth; -+#endif -+ return &ed25519_pkey_meth; -+} -+ -+const EVP_PKEY_METHOD *ed448_pkey_method(void) -+{ -+#ifdef S390X_EC_ASM -+ if (OPENSSL_s390xcap_P.pcc[1] & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_ED448) -+ && OPENSSL_s390xcap_P.kdsa[0] & S390X_CAPBIT(S390X_EDDSA_SIGN_ED448) -+ && OPENSSL_s390xcap_P.kdsa[0] & S390X_CAPBIT(S390X_EDDSA_VERIFY_ED448)) -+ return &ed448_s390x_pkey_meth; -+#endif -+ return &ed448_pkey_meth; -+} -diff -up openssl-1.1.1g/crypto/err/openssl.txt.s390x-ecc openssl-1.1.1g/crypto/err/openssl.txt ---- openssl-1.1.1g/crypto/err/openssl.txt.s390x-ecc 2020-05-18 12:45:40.834234079 +0200 -+++ openssl-1.1.1g/crypto/err/openssl.txt 2020-05-18 12:45:44.575266592 +0200 -@@ -496,6 +496,11 @@ EC_F_ECDSA_SIGN_EX:254:ECDSA_sign_ex - EC_F_ECDSA_SIGN_SETUP:248:ECDSA_sign_setup - EC_F_ECDSA_SIG_NEW:265:ECDSA_SIG_new - EC_F_ECDSA_VERIFY:253:ECDSA_verify -+EC_F_ECDSA_SIMPLE_SIGN_SETUP:310:ecdsa_simple_sign_setup -+EC_F_ECDSA_SIMPLE_SIGN_SIG:311:ecdsa_simple_sign_sig -+EC_F_ECDSA_SIMPLE_VERIFY_SIG:312:ecdsa_simple_verify_sig -+EC_F_ECDSA_S390X_NISTP_SIGN_SIG:313:ecdsa_s390x_nistp_sign_sig -+EC_F_ECDSA_S390X_NISTP_VERIFY_SIG:314:ecdsa_s390x_nistp_verify_sig - EC_F_ECD_ITEM_VERIFY:270:ecd_item_verify - EC_F_ECKEY_PARAM2TYPE:223:eckey_param2type - EC_F_ECKEY_PARAM_DECODE:212:eckey_param_decode -@@ -657,6 +662,7 @@ EC_F_NISTP521_PRE_COMP_NEW:237:nistp521_ - EC_F_O2I_ECPUBLICKEY:152:o2i_ECPublicKey - EC_F_OLD_EC_PRIV_DECODE:222:old_ec_priv_decode - EC_F_OSSL_ECDH_COMPUTE_KEY:247:ossl_ecdh_compute_key -+EC_F_OSSL_ECDSA_SIGN_SETUP:300:ossl_ecdsa_sign_setup - EC_F_OSSL_ECDSA_SIGN_SIG:249:ossl_ecdsa_sign_sig - EC_F_OSSL_ECDSA_VERIFY_SIG:250:ossl_ecdsa_verify_sig - EC_F_PKEY_ECD_CTRL:271:pkey_ecd_ctrl -@@ -672,6 +678,12 @@ EC_F_PKEY_EC_KDF_DERIVE:283:pkey_ec_kdf_ - EC_F_PKEY_EC_KEYGEN:199:pkey_ec_keygen - EC_F_PKEY_EC_PARAMGEN:219:pkey_ec_paramgen - EC_F_PKEY_EC_SIGN:218:pkey_ec_sign -+EC_F_S390X_PKEY_ECD_DIGESTSIGN25519:303:s390x_pkey_ecd_digestsign25519 -+EC_F_S390X_PKEY_ECD_DIGESTSIGN448:304:s390x_pkey_ecd_digestsign448 -+EC_F_S390X_PKEY_ECD_KEYGEN25519:305:s390x_pkey_ecd_keygen25519 -+EC_F_S390X_PKEY_ECD_KEYGEN448:306:s390x_pkey_ecd_keygen448 -+EC_F_S390X_PKEY_ECX_KEYGEN25519:307:s390x_pkey_ecx_keygen25519 -+EC_F_S390X_PKEY_ECX_KEYGEN448:308:s390x_pkey_ecx_keygen448 - EC_F_VALIDATE_ECX_DERIVE:278:validate_ecx_derive - ENGINE_F_DIGEST_UPDATE:198:digest_update - ENGINE_F_DYNAMIC_CTRL:180:dynamic_ctrl -@@ -2160,6 +2172,7 @@ EC_R_BUFFER_TOO_SMALL:100:buffer too sma - EC_R_CANNOT_INVERT:165:cannot invert - EC_R_COORDINATES_OUT_OF_RANGE:146:coordinates out of range - EC_R_CURVE_DOES_NOT_SUPPORT_ECDH:160:curve does not support ecdh -+EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA:170:curve does not support ecdsa - EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING:159:curve does not support signing - EC_R_D2I_ECPKPARAMETERS_FAILURE:117:d2i ecpkparameters failure - EC_R_DECODE_ERROR:142:decode error -diff -up openssl-1.1.1g/crypto/evp/pmeth_lib.c.s390x-ecc openssl-1.1.1g/crypto/evp/pmeth_lib.c ---- openssl-1.1.1g/crypto/evp/pmeth_lib.c.s390x-ecc 2020-05-18 12:45:40.787233671 +0200 -+++ openssl-1.1.1g/crypto/evp/pmeth_lib.c 2020-05-18 12:45:44.576266601 +0200 -@@ -17,60 +17,67 @@ - #include "crypto/evp.h" - #include "internal/numbers.h" - -+typedef const EVP_PKEY_METHOD *(*pmeth_fn)(void); - typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); - - static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; - - /* This array needs to be in order of NIDs */ --static const EVP_PKEY_METHOD *standard_methods[] = { -+static pmeth_fn standard_methods[] = { - #ifndef OPENSSL_NO_RSA -- &rsa_pkey_meth, -+ rsa_pkey_method, - #endif - #ifndef OPENSSL_NO_DH -- &dh_pkey_meth, -+ dh_pkey_method, - #endif - #ifndef OPENSSL_NO_DSA -- &dsa_pkey_meth, -+ dsa_pkey_method, - #endif - #ifndef OPENSSL_NO_EC -- &ec_pkey_meth, -+ ec_pkey_method, - #endif -- &hmac_pkey_meth, -+ hmac_pkey_method, - #ifndef OPENSSL_NO_CMAC -- &cmac_pkey_meth, -+ cmac_pkey_method, - #endif - #ifndef OPENSSL_NO_RSA -- &rsa_pss_pkey_meth, -+ rsa_pss_pkey_method, - #endif - #ifndef OPENSSL_NO_DH -- &dhx_pkey_meth, -+ dhx_pkey_method, - #endif - #ifndef OPENSSL_NO_SCRYPT -- &scrypt_pkey_meth, -+ scrypt_pkey_method, - #endif -- &tls1_prf_pkey_meth, -+ tls1_prf_pkey_method, - #ifndef OPENSSL_NO_EC -- &ecx25519_pkey_meth, -- &ecx448_pkey_meth, -+ ecx25519_pkey_method, -+ ecx448_pkey_method, - #endif -- &hkdf_pkey_meth, -+ hkdf_pkey_method, - #ifndef OPENSSL_NO_POLY1305 -- &poly1305_pkey_meth, -+ poly1305_pkey_method, - #endif - #ifndef OPENSSL_NO_SIPHASH -- &siphash_pkey_meth, -+ siphash_pkey_method, - #endif - #ifndef OPENSSL_NO_EC -- &ed25519_pkey_meth, -- &ed448_pkey_meth, -+ ed25519_pkey_method, -+ ed448_pkey_method, - #endif - #ifndef OPENSSL_NO_SM2 -- &sm2_pkey_meth, -+ sm2_pkey_method, - #endif - }; - --DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *, -- pmeth); -+DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func); -+ -+static int pmeth_func_cmp(const EVP_PKEY_METHOD *const *a, pmeth_fn const *b) -+{ -+ return ((*a)->pkey_id - ((**b)())->pkey_id); -+} -+ -+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func); - - static int pmeth_cmp(const EVP_PKEY_METHOD *const *a, - const EVP_PKEY_METHOD *const *b) -@@ -78,13 +85,11 @@ static int pmeth_cmp(const EVP_PKEY_METH - return ((*a)->pkey_id - (*b)->pkey_id); - } - --IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *, -- pmeth); -- - const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type) - { -+ pmeth_fn *ret; - EVP_PKEY_METHOD tmp; -- const EVP_PKEY_METHOD *t = &tmp, **ret; -+ const EVP_PKEY_METHOD *t = &tmp; - tmp.pkey_id = type; - if (app_pkey_methods) { - int idx; -@@ -92,12 +97,12 @@ const EVP_PKEY_METHOD *EVP_PKEY_meth_fin - if (idx >= 0) - return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx); - } -- ret = OBJ_bsearch_pmeth(&t, standard_methods, -- sizeof(standard_methods) / -- sizeof(EVP_PKEY_METHOD *)); -+ ret = OBJ_bsearch_pmeth_func(&t, standard_methods, -+ sizeof(standard_methods) / -+ sizeof(pmeth_fn)); - if (!ret || !*ret) - return NULL; -- return *ret; -+ return (**ret)(); - } - - static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) -@@ -348,7 +353,7 @@ size_t EVP_PKEY_meth_get_count(void) - const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx) - { - if (idx < OSSL_NELEM(standard_methods)) -- return standard_methods[idx]; -+ return (standard_methods[idx])(); - if (app_pkey_methods == NULL) - return NULL; - idx -= OSSL_NELEM(standard_methods); -diff -up openssl-1.1.1g/crypto/hmac/hm_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/hmac/hm_pmeth.c ---- openssl-1.1.1g/crypto/hmac/hm_pmeth.c.s390x-ecc 2020-05-18 12:45:40.796233749 +0200 -+++ openssl-1.1.1g/crypto/hmac/hm_pmeth.c 2020-05-18 12:45:44.576266601 +0200 -@@ -210,3 +210,8 @@ const EVP_PKEY_METHOD hmac_pkey_meth = { - pkey_hmac_ctrl, - pkey_hmac_ctrl_str - }; -+ -+const EVP_PKEY_METHOD *hmac_pkey_method(void) -+{ -+ return &hmac_pkey_meth; -+} -diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.s390x-ecc openssl-1.1.1g/crypto/kdf/hkdf.c ---- openssl-1.1.1g/crypto/kdf/hkdf.c.s390x-ecc 2020-05-18 12:45:40.826234009 +0200 -+++ openssl-1.1.1g/crypto/kdf/hkdf.c 2020-05-18 12:45:44.577266609 +0200 -@@ -233,6 +233,11 @@ const EVP_KDF_METHOD hkdf_kdf_meth = { - kdf_hkdf_derive - }; - -+const EVP_PKEY_METHOD *hkdf_pkey_method(void) -+{ -+ return &hkdf_pkey_meth; -+} -+ - static int HKDF(const EVP_MD *evp_md, - const unsigned char *salt, size_t salt_len, - const unsigned char *key, size_t key_len, -diff -up openssl-1.1.1g/crypto/kdf/scrypt.c.s390x-ecc openssl-1.1.1g/crypto/kdf/scrypt.c ---- openssl-1.1.1g/crypto/kdf/scrypt.c.s390x-ecc 2020-05-18 12:45:40.827234018 +0200 -+++ openssl-1.1.1g/crypto/kdf/scrypt.c 2020-05-18 12:45:44.578266618 +0200 -@@ -504,4 +504,9 @@ static int scrypt_alg(const char *pass, - return rv; - } - -+const EVP_PKEY_METHOD *scrypt_pkey_method(void) -+{ -+ return &scrypt_pkey_meth; -+} -+ - #endif -diff -up openssl-1.1.1g/crypto/kdf/tls1_prf.c.s390x-ecc openssl-1.1.1g/crypto/kdf/tls1_prf.c ---- openssl-1.1.1g/crypto/kdf/tls1_prf.c.s390x-ecc 2020-05-18 12:45:40.828234027 +0200 -+++ openssl-1.1.1g/crypto/kdf/tls1_prf.c 2020-05-18 12:45:44.578266618 +0200 -@@ -168,6 +168,11 @@ const EVP_KDF_METHOD tls1_prf_kdf_meth = - kdf_tls1_prf_derive - }; - -+const EVP_PKEY_METHOD *tls1_prf_pkey_method(void) -+{ -+ return &tls1_prf_pkey_meth; -+} -+ - static int tls1_prf_P_hash(const EVP_MD *md, - const unsigned char *sec, size_t sec_len, - const unsigned char *seed, size_t seed_len, -diff -up openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c ---- openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c 2020-05-18 12:45:44.579266627 +0200 -@@ -192,3 +192,8 @@ const EVP_PKEY_METHOD poly1305_pkey_meth - pkey_poly1305_ctrl, - pkey_poly1305_ctrl_str - }; -+ -+const EVP_PKEY_METHOD *poly1305_pkey_method(void) -+{ -+ return &poly1305_pkey_meth; -+} -diff -up openssl-1.1.1g/crypto/rsa/rsa_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/rsa/rsa_pmeth.c ---- openssl-1.1.1g/crypto/rsa/rsa_pmeth.c.s390x-ecc 2020-05-18 12:45:40.798233766 +0200 -+++ openssl-1.1.1g/crypto/rsa/rsa_pmeth.c 2020-05-18 12:45:44.580266635 +0200 -@@ -789,6 +789,11 @@ const EVP_PKEY_METHOD rsa_pkey_meth = { - pkey_rsa_ctrl_str - }; - -+const EVP_PKEY_METHOD *rsa_pkey_method(void) -+{ -+ return &rsa_pkey_meth; -+} -+ - /* - * Called for PSS sign or verify initialisation: checks PSS parameter - * sanity and sets any restrictions on key usage. -@@ -859,3 +864,8 @@ const EVP_PKEY_METHOD rsa_pss_pkey_meth - pkey_rsa_ctrl, - pkey_rsa_ctrl_str - }; -+ -+const EVP_PKEY_METHOD *rsa_pss_pkey_method(void) -+{ -+ return &rsa_pss_pkey_meth; -+} -diff -up openssl-1.1.1g/crypto/s390x_arch.h.s390x-ecc openssl-1.1.1g/crypto/s390x_arch.h ---- openssl-1.1.1g/crypto/s390x_arch.h.s390x-ecc 2020-05-18 12:45:40.603232072 +0200 -+++ openssl-1.1.1g/crypto/s390x_arch.h 2020-05-18 12:45:44.580266635 +0200 -@@ -26,6 +26,12 @@ void s390x_kmf(const unsigned char *in, - unsigned int fc, void *param); - void s390x_kma(const unsigned char *aad, size_t alen, const unsigned char *in, - size_t len, unsigned char *out, unsigned int fc, void *param); -+int s390x_pcc(unsigned int fc, void *param); -+int s390x_kdsa(unsigned int fc, void *param, const unsigned char *in, -+ size_t len); -+ -+void s390x_flip_endian32(unsigned char dst[32], const unsigned char src[32]); -+void s390x_flip_endian64(unsigned char dst[64], const unsigned char src[64]); - - /* - * The field elements of OPENSSL_s390xcap_P are the 64-bit words returned by -@@ -45,6 +51,8 @@ struct OPENSSL_s390xcap_st { - unsigned long long kmf[2]; - unsigned long long prno[2]; - unsigned long long kma[2]; -+ unsigned long long pcc[2]; -+ unsigned long long kdsa[2]; - }; - - extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P; -@@ -66,11 +74,14 @@ extern struct OPENSSL_s390xcap_st OPENSS - # define S390X_KMF 0x90 - # define S390X_PRNO 0xa0 - # define S390X_KMA 0xb0 -+# define S390X_PCC 0xc0 -+# define S390X_KDSA 0xd0 - - /* Facility Bit Numbers */ - # define S390X_VX 129 - # define S390X_VXD 134 - # define S390X_VXE 135 -+# define S390X_MSA9 155 /* message-security-assist-ext. 9 */ - - /* Function Codes */ - -@@ -94,10 +105,32 @@ extern struct OPENSSL_s390xcap_st OPENSS - /* prno */ - # define S390X_TRNG 114 - -+/* pcc */ -+# define S390X_SCALAR_MULTIPLY_P256 64 -+# define S390X_SCALAR_MULTIPLY_P384 65 -+# define S390X_SCALAR_MULTIPLY_P521 66 -+# define S390X_SCALAR_MULTIPLY_ED25519 72 -+# define S390X_SCALAR_MULTIPLY_ED448 73 -+# define S390X_SCALAR_MULTIPLY_X25519 80 -+# define S390X_SCALAR_MULTIPLY_X448 81 -+ -+/* kdsa */ -+# define S390X_ECDSA_VERIFY_P256 1 -+# define S390X_ECDSA_VERIFY_P384 2 -+# define S390X_ECDSA_VERIFY_P521 3 -+# define S390X_ECDSA_SIGN_P256 9 -+# define S390X_ECDSA_SIGN_P384 10 -+# define S390X_ECDSA_SIGN_P521 11 -+# define S390X_EDDSA_VERIFY_ED25519 32 -+# define S390X_EDDSA_VERIFY_ED448 36 -+# define S390X_EDDSA_SIGN_ED25519 40 -+# define S390X_EDDSA_SIGN_ED448 44 -+ - /* Register 0 Flags */ - # define S390X_DECRYPT 0x80 - # define S390X_KMA_LPC 0x100 - # define S390X_KMA_LAAD 0x200 - # define S390X_KMA_HS 0x400 -+# define S390X_KDSA_D 0x80 - - #endif -diff -up openssl-1.1.1g/crypto/s390xcpuid.pl.s390x-ecc openssl-1.1.1g/crypto/s390xcpuid.pl ---- openssl-1.1.1g/crypto/s390xcpuid.pl.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/s390xcpuid.pl 2020-05-18 12:45:44.581266644 +0200 -@@ -58,6 +58,10 @@ OPENSSL_s390x_facilities: - stg %r0,S390X_PRNO+8(%r4) - stg %r0,S390X_KMA(%r4) - stg %r0,S390X_KMA+8(%r4) -+ stg %r0,S390X_PCC(%r4) -+ stg %r0,S390X_PCC+8(%r4) -+ stg %r0,S390X_KDSA(%r4) -+ stg %r0,S390X_KDSA+8(%r4) - - .long 0xb2b04000 # stfle 0(%r4) - brc 8,.Ldone -@@ -68,6 +72,7 @@ OPENSSL_s390x_facilities: - .long 0xb2b04000 # stfle 0(%r4) - .Ldone: - lmg %r2,%r3,S390X_STFLE(%r4) -+ - tmhl %r2,0x4000 # check for message-security-assist - jz .Lret - -@@ -91,6 +96,13 @@ OPENSSL_s390x_facilities: - la %r1,S390X_KMAC(%r4) - .long 0xb91e0042 # kmac %r4,%r2 - -+ tmhh %r3,0x0008 # check for message-security-assist-3 -+ jz .Lret -+ -+ lghi %r0,S390X_QUERY # query pcc capability vector -+ la %r1,S390X_PCC(%r4) -+ .long 0xb92c0000 # pcc -+ - tmhh %r3,0x0004 # check for message-security-assist-4 - jz .Lret - -@@ -114,6 +126,7 @@ OPENSSL_s390x_facilities: - .long 0xb93c0042 # prno %r4,%r2 - - lg %r2,S390X_STFLE+16(%r4) -+ - tmhl %r2,0x2000 # check for message-security-assist-8 - jz .Lret - -@@ -121,6 +134,13 @@ OPENSSL_s390x_facilities: - la %r1,S390X_KMA(%r4) - .long 0xb9294022 # kma %r2,%r4,%r2 - -+ tmhl %r2,0x0010 # check for message-security-assist-9 -+ jz .Lret -+ -+ lghi %r0,S390X_QUERY # query kdsa capability vector -+ la %r1,S390X_KDSA(%r4) -+ .long 0xb93a0002 # kdsa %r0,%r2 -+ - .Lret: - br $ra - .size OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities -@@ -411,6 +431,113 @@ s390x_kma: - ___ - } - -+################ -+# int s390x_pcc(unsigned int fc, void *param) -+{ -+my ($fc,$param) = map("%r$_",(2..3)); -+$code.=<<___; -+.globl s390x_pcc -+.type s390x_pcc,\@function -+.align 16 -+s390x_pcc: -+ lr %r0,$fc -+ l${g}r %r1,$param -+ lhi %r2,0 -+ -+ .long 0xb92c0000 # pcc -+ brc 1,.-4 # pay attention to "partial completion" -+ brc 7,.Lpcc_err # if CC==0 return 0, else return 1 -+.Lpcc_out: -+ br $ra -+.Lpcc_err: -+ lhi %r2,1 -+ j .Lpcc_out -+.size s390x_pcc,.-s390x_pcc -+___ -+} -+ -+################ -+# int s390x_kdsa(unsigned int fc, void *param, -+# const unsigned char *in, size_t len) -+{ -+my ($fc,$param,$in,$len) = map("%r$_",(2..5)); -+$code.=<<___; -+.globl s390x_kdsa -+.type s390x_kdsa,\@function -+.align 16 -+s390x_kdsa: -+ lr %r0,$fc -+ l${g}r %r1,$param -+ lhi %r2,0 -+ -+ .long 0xb93a0004 # kdsa %r0,$in -+ brc 1,.-4 # pay attention to "partial completion" -+ brc 7,.Lkdsa_err # if CC==0 return 0, else return 1 -+.Lkdsa_out: -+ br $ra -+.Lkdsa_err: -+ lhi %r2,1 -+ j .Lkdsa_out -+.size s390x_kdsa,.-s390x_kdsa -+___ -+} -+ -+################ -+# void s390x_flip_endian32(unsigned char dst[32], const unsigned char src[32]) -+{ -+my ($dst,$src) = map("%r$_",(2..3)); -+$code.=<<___; -+.globl s390x_flip_endian32 -+.type s390x_flip_endian32,\@function -+.align 16 -+s390x_flip_endian32: -+ lrvg %r0,0(%r0,$src) -+ lrvg %r1,8(%r0,$src) -+ lrvg %r4,16(%r0,$src) -+ lrvg %r5,24(%r0,$src) -+ stg %r0,24(%r0,$dst) -+ stg %r1,16(%r0,$dst) -+ stg %r4,8(%r0,$dst) -+ stg %r5,0(%r0,$dst) -+ br $ra -+.size s390x_flip_endian32,.-s390x_flip_endian32 -+___ -+} -+ -+################ -+# void s390x_flip_endian64(unsigned char dst[64], const unsigned char src[64]) -+{ -+my ($dst,$src) = map("%r$_",(2..3)); -+$code.=<<___; -+.globl s390x_flip_endian64 -+.type s390x_flip_endian64,\@function -+.align 16 -+s390x_flip_endian64: -+ stmg %r6,%r9,6*$SIZE_T($sp) -+ -+ lrvg %r0,0(%r0,$src) -+ lrvg %r1,8(%r0,$src) -+ lrvg %r4,16(%r0,$src) -+ lrvg %r5,24(%r0,$src) -+ lrvg %r6,32(%r0,$src) -+ lrvg %r7,40(%r0,$src) -+ lrvg %r8,48(%r0,$src) -+ lrvg %r9,56(%r0,$src) -+ stg %r0,56(%r0,$dst) -+ stg %r1,48(%r0,$dst) -+ stg %r4,40(%r0,$dst) -+ stg %r5,32(%r0,$dst) -+ stg %r6,24(%r0,$dst) -+ stg %r7,16(%r0,$dst) -+ stg %r8,8(%r0,$dst) -+ stg %r9,0(%r0,$dst) -+ -+ lmg %r6,%r9,6*$SIZE_T($sp) -+ br $ra -+.size s390x_flip_endian64,.-s390x_flip_endian64 -+___ -+} -+ - $code.=<<___; - .section .init - brasl $ra,OPENSSL_cpuid_setup -diff -up openssl-1.1.1g/crypto/siphash/siphash_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/siphash/siphash_pmeth.c ---- openssl-1.1.1g/crypto/siphash/siphash_pmeth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/siphash/siphash_pmeth.c 2020-05-18 12:45:44.581266644 +0200 -@@ -203,3 +203,8 @@ const EVP_PKEY_METHOD siphash_pkey_meth - pkey_siphash_ctrl, - pkey_siphash_ctrl_str - }; -+ -+const EVP_PKEY_METHOD *siphash_pkey_method(void) -+{ -+ return &siphash_pkey_meth; -+} -diff -up openssl-1.1.1g/crypto/sm2/sm2_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/sm2/sm2_pmeth.c ---- openssl-1.1.1g/crypto/sm2/sm2_pmeth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/sm2/sm2_pmeth.c 2020-05-18 12:45:44.582266653 +0200 -@@ -327,3 +327,8 @@ const EVP_PKEY_METHOD sm2_pkey_meth = { - - pkey_sm2_digest_custom - }; -+ -+const EVP_PKEY_METHOD *sm2_pkey_method(void) -+{ -+ return &sm2_pkey_meth; -+} -diff -up openssl-1.1.1g/include/crypto/evp.h.s390x-ecc openssl-1.1.1g/include/crypto/evp.h ---- openssl-1.1.1g/include/crypto/evp.h.s390x-ecc 2020-05-18 12:45:40.834234079 +0200 -+++ openssl-1.1.1g/include/crypto/evp.h 2020-05-18 12:45:44.577266609 +0200 -@@ -459,3 +459,22 @@ void evp_encode_ctx_set_flags(EVP_ENCODE - #define EVP_ENCODE_CTX_NO_NEWLINES 1 - /* Use the SRP base64 alphabet instead of the standard one */ - #define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2 -+ -+const EVP_PKEY_METHOD *cmac_pkey_method(void); -+const EVP_PKEY_METHOD *dh_pkey_method(void); -+const EVP_PKEY_METHOD *dhx_pkey_method(void); -+const EVP_PKEY_METHOD *dsa_pkey_method(void); -+const EVP_PKEY_METHOD *ec_pkey_method(void); -+const EVP_PKEY_METHOD *sm2_pkey_method(void); -+const EVP_PKEY_METHOD *ecx25519_pkey_method(void); -+const EVP_PKEY_METHOD *ecx448_pkey_method(void); -+const EVP_PKEY_METHOD *ed25519_pkey_method(void); -+const EVP_PKEY_METHOD *ed448_pkey_method(void); -+const EVP_PKEY_METHOD *hmac_pkey_method(void); -+const EVP_PKEY_METHOD *rsa_pkey_method(void); -+const EVP_PKEY_METHOD *rsa_pss_pkey_method(void); -+const EVP_PKEY_METHOD *scrypt_pkey_method(void); -+const EVP_PKEY_METHOD *tls1_prf_pkey_method(void); -+const EVP_PKEY_METHOD *hkdf_pkey_method(void); -+const EVP_PKEY_METHOD *poly1305_pkey_method(void); -+const EVP_PKEY_METHOD *siphash_pkey_method(void); -diff -up openssl-1.1.1g/include/internal/constant_time.h.s390x-ecc openssl-1.1.1g/include/internal/constant_time.h ---- openssl-1.1.1g/include/internal/constant_time.h.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/include/internal/constant_time.h 2020-05-18 12:45:44.582266653 +0200 -@@ -353,6 +353,34 @@ static ossl_inline void constant_time_co - } - - /* -+ * mask must be 0xFF or 0x00. -+ * "constant time" is per len. -+ * -+ * if (mask) { -+ * unsigned char tmp[len]; -+ * -+ * memcpy(tmp, a, len); -+ * memcpy(a, b); -+ * memcpy(b, tmp); -+ * } -+ */ -+static ossl_inline void constant_time_cond_swap_buff(unsigned char mask, -+ unsigned char *a, -+ unsigned char *b, -+ size_t len) -+{ -+ size_t i; -+ unsigned char tmp; -+ -+ for (i = 0; i < len; i++) { -+ tmp = a[i] ^ b[i]; -+ tmp &= mask; -+ a[i] ^= tmp; -+ b[i] ^= tmp; -+ } -+} -+ -+/* - * table is a two dimensional array of bytes. Each row has rowsize elements. - * Copies row number idx into out. rowsize and numrows are not considered - * private. -diff -up openssl-1.1.1g/include/openssl/ecerr.h.s390x-ecc openssl-1.1.1g/include/openssl/ecerr.h ---- openssl-1.1.1g/include/openssl/ecerr.h.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/include/openssl/ecerr.h 2020-05-18 12:45:44.583266662 +0200 -@@ -42,6 +42,11 @@ int ERR_load_EC_strings(void); - # define EC_F_ECDSA_SIGN_SETUP 248 - # define EC_F_ECDSA_SIG_NEW 265 - # define EC_F_ECDSA_VERIFY 253 -+# define EC_F_ECDSA_SIMPLE_SIGN_SETUP 310 -+# define EC_F_ECDSA_SIMPLE_SIGN_SIG 311 -+# define EC_F_ECDSA_SIMPLE_VERIFY_SIG 312 -+# define EC_F_ECDSA_S390X_NISTP_SIGN_SIG 313 -+# define EC_F_ECDSA_S390X_NISTP_VERIFY_SIG 314 - # define EC_F_ECD_ITEM_VERIFY 270 - # define EC_F_ECKEY_PARAM2TYPE 223 - # define EC_F_ECKEY_PARAM_DECODE 212 -@@ -185,6 +190,7 @@ int ERR_load_EC_strings(void); - # define EC_F_O2I_ECPUBLICKEY 152 - # define EC_F_OLD_EC_PRIV_DECODE 222 - # define EC_F_OSSL_ECDH_COMPUTE_KEY 247 -+# define EC_F_OSSL_ECDSA_SIGN_SETUP 300 - # define EC_F_OSSL_ECDSA_SIGN_SIG 249 - # define EC_F_OSSL_ECDSA_VERIFY_SIG 250 - # define EC_F_PKEY_ECD_CTRL 271 -@@ -200,6 +206,12 @@ int ERR_load_EC_strings(void); - # define EC_F_PKEY_EC_KEYGEN 199 - # define EC_F_PKEY_EC_PARAMGEN 219 - # define EC_F_PKEY_EC_SIGN 218 -+# define EC_F_S390X_PKEY_ECD_DIGESTSIGN25519 320 -+# define EC_F_S390X_PKEY_ECD_DIGESTSIGN448 321 -+# define EC_F_S390X_PKEY_ECD_KEYGEN25519 322 -+# define EC_F_S390X_PKEY_ECD_KEYGEN448 323 -+# define EC_F_S390X_PKEY_ECX_KEYGEN25519 324 -+# define EC_F_S390X_PKEY_ECX_KEYGEN448 325 - # define EC_F_VALIDATE_ECX_DERIVE 278 - - /* -@@ -212,6 +224,7 @@ int ERR_load_EC_strings(void); - # define EC_R_CANNOT_INVERT 165 - # define EC_R_COORDINATES_OUT_OF_RANGE 146 - # define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160 -+# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA 170 - # define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159 - # define EC_R_D2I_ECPKPARAMETERS_FAILURE 117 - # define EC_R_DECODE_ERROR 142 -diff -up openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt.s390x-ecc openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt ---- openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt.s390x-ecc 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt 2020-05-18 12:45:44.590266722 +0200 -@@ -814,6 +814,8 @@ PublicKeyRaw=Bob-448-PUBLIC-Raw:X448:3eb - - PrivPubKeyPair = Bob-448-Raw:Bob-448-PUBLIC-Raw - -+PublicKeyRaw=Bob-448-PUBLIC-Raw-NonCanonical:X448:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff -+ - Derive=Alice-448 - PeerKey=Bob-448-PUBLIC - SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d -@@ -830,6 +832,11 @@ Derive=Bob-448-Raw - PeerKey=Alice-448-PUBLIC-Raw - SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d - -+# Self-generated non-canonical -+Derive=Alice-448-Raw -+PeerKey=Bob-448-PUBLIC-Raw-NonCanonical -+SharedSecret=66e2e682b1f8e68c809f1bb3e406bd826921d9c1a5bfbfcbab7ae72feecee63660eabd54934f3382061d17607f581a90bdac917a064959fb -+ - # Illegal sign/verify operations with X448 key - - Sign=Alice-448 diff --git a/openssl-1.1.1-s390x-update.patch b/openssl-1.1.1-s390x-update.patch deleted file mode 100644 index 83061af..0000000 --- a/openssl-1.1.1-s390x-update.patch +++ /dev/null @@ -1,5502 +0,0 @@ -diff -up openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl.s390x-update openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl ---- openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl.s390x-update 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl 2020-03-19 16:45:05.483440129 +0100 -@@ -20,41 +20,53 @@ - # - # 3 times faster than compiler-generated code. - --$flavour = shift; -+# -+# August 2018 -+# -+# Add vx code path: 4x"vertical". -+# -+# Copyright IBM Corp. 2018 -+# Author: Patrick Steuer -+ -+# -+# February 2019 -+# -+# Add 6x"horizontal" VX implementation. It's ~25% faster than IBM's -+# 4x"vertical" submission [on z13] and >3 faster than scalar code. -+# But to harness overheads revert to transliteration of VSX code path -+# from chacha-ppc module, which is also 4x"vertical", to handle inputs -+# not longer than 256 bytes. -+ -+use strict; -+use FindBin qw($Bin); -+use lib "$Bin/../.."; -+use perlasm::s390x qw(:DEFAULT :VX AUTOLOAD LABEL INCLUDE); - -+my $flavour = shift; -+ -+my ($z,$SIZE_T); - if ($flavour =~ /3[12]/) { -+ $z=0; # S/390 ABI - $SIZE_T=4; -- $g=""; - } else { -+ $z=1; # zSeries ABI - $SIZE_T=8; -- $g="g"; - } - -+my $output; - while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {} --open STDOUT,">$output"; -- --sub AUTOLOAD() # thunk [simplified] x86-style perlasm --{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://; -- $code .= "\t$opcode\t".join(',',@_)."\n"; --} - - my $sp="%r15"; -- - my $stdframe=16*$SIZE_T+4*8; --my $frame=$stdframe+4*20; -- --my ($out,$inp,$len,$key,$counter)=map("%r$_",(2..6)); - -+sub ROUND { - my @x=map("%r$_",(0..7,"x","x","x","x",(10..13))); - my @t=map("%r$_",(8,9)); -- --sub ROUND { - my ($a0,$b0,$c0,$d0)=@_; - my ($a1,$b1,$c1,$d1)=map(($_&~3)+(($_+1)&3),($a0,$b0,$c0,$d0)); - my ($a2,$b2,$c2,$d2)=map(($_&~3)+(($_+1)&3),($a1,$b1,$c1,$d1)); - my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2)); --my ($xc,$xc_)=map("\"$_\"",@t); --my @x=map("\"$_\"",@x); -+my ($xc,$xc_)=map("$_",@t); - - # Consider order in which variables are addressed by their - # index: -@@ -78,249 +90,967 @@ my @x=map("\"$_\"",@x); - # 'c' stores and loads in the middle, but none in the beginning - # or end. - -- ( -- "&alr (@x[$a0],@x[$b0])", # Q1 -- "&alr (@x[$a1],@x[$b1])", # Q2 -- "&xr (@x[$d0],@x[$a0])", -- "&xr (@x[$d1],@x[$a1])", -- "&rll (@x[$d0],@x[$d0],16)", -- "&rll (@x[$d1],@x[$d1],16)", -- -- "&alr ($xc,@x[$d0])", -- "&alr ($xc_,@x[$d1])", -- "&xr (@x[$b0],$xc)", -- "&xr (@x[$b1],$xc_)", -- "&rll (@x[$b0],@x[$b0],12)", -- "&rll (@x[$b1],@x[$b1],12)", -- -- "&alr (@x[$a0],@x[$b0])", -- "&alr (@x[$a1],@x[$b1])", -- "&xr (@x[$d0],@x[$a0])", -- "&xr (@x[$d1],@x[$a1])", -- "&rll (@x[$d0],@x[$d0],8)", -- "&rll (@x[$d1],@x[$d1],8)", -- -- "&alr ($xc,@x[$d0])", -- "&alr ($xc_,@x[$d1])", -- "&xr (@x[$b0],$xc)", -- "&xr (@x[$b1],$xc_)", -- "&rll (@x[$b0],@x[$b0],7)", -- "&rll (@x[$b1],@x[$b1],7)", -- -- "&stm ($xc,$xc_,'$stdframe+4*8+4*$c0($sp)')", # reload pair of 'c's -- "&lm ($xc,$xc_,'$stdframe+4*8+4*$c2($sp)')", -- -- "&alr (@x[$a2],@x[$b2])", # Q3 -- "&alr (@x[$a3],@x[$b3])", # Q4 -- "&xr (@x[$d2],@x[$a2])", -- "&xr (@x[$d3],@x[$a3])", -- "&rll (@x[$d2],@x[$d2],16)", -- "&rll (@x[$d3],@x[$d3],16)", -- -- "&alr ($xc,@x[$d2])", -- "&alr ($xc_,@x[$d3])", -- "&xr (@x[$b2],$xc)", -- "&xr (@x[$b3],$xc_)", -- "&rll (@x[$b2],@x[$b2],12)", -- "&rll (@x[$b3],@x[$b3],12)", -- -- "&alr (@x[$a2],@x[$b2])", -- "&alr (@x[$a3],@x[$b3])", -- "&xr (@x[$d2],@x[$a2])", -- "&xr (@x[$d3],@x[$a3])", -- "&rll (@x[$d2],@x[$d2],8)", -- "&rll (@x[$d3],@x[$d3],8)", -- -- "&alr ($xc,@x[$d2])", -- "&alr ($xc_,@x[$d3])", -- "&xr (@x[$b2],$xc)", -- "&xr (@x[$b3],$xc_)", -- "&rll (@x[$b2],@x[$b2],7)", -- "&rll (@x[$b3],@x[$b3],7)" -- ); --} -- --$code.=<<___; --.text -- --.globl ChaCha20_ctr32 --.type ChaCha20_ctr32,\@function --.align 32 --ChaCha20_ctr32: -- lt${g}r $len,$len # $len==0? -- bzr %r14 -- a${g}hi $len,-64 -- l${g}hi %r1,-$frame -- stm${g} %r6,%r15,`6*$SIZE_T`($sp) -- sl${g}r $out,$inp # difference -- la $len,0($inp,$len) # end of input minus 64 -- larl %r7,.Lsigma -- lgr %r0,$sp -- la $sp,0(%r1,$sp) -- st${g} %r0,0($sp) -- -- lmg %r8,%r11,0($key) # load key -- lmg %r12,%r13,0($counter) # load counter -- lmg %r6,%r7,0(%r7) # load sigma constant -- -- la %r14,0($inp) -- st${g} $out,$frame+3*$SIZE_T($sp) -- st${g} $len,$frame+4*$SIZE_T($sp) -- stmg %r6,%r13,$stdframe($sp) # copy key schedule to stack -- srlg @x[12],%r12,32 # 32-bit counter value -- j .Loop_outer -- --.align 16 --.Loop_outer: -- lm @x[0],@x[7],$stdframe+4*0($sp) # load x[0]-x[7] -- lm @t[0],@t[1],$stdframe+4*10($sp) # load x[10]-x[11] -- lm @x[13],@x[15],$stdframe+4*13($sp) # load x[13]-x[15] -- stm @t[0],@t[1],$stdframe+4*8+4*10($sp) # offload x[10]-x[11] -- lm @t[0],@t[1],$stdframe+4*8($sp) # load x[8]-x[9] -- st @x[12],$stdframe+4*12($sp) # save counter -- st${g} %r14,$frame+2*$SIZE_T($sp) # save input pointer -- lhi %r14,10 -- j .Loop -- --.align 4 --.Loop: --___ -- foreach (&ROUND(0, 4, 8,12)) { eval; } -- foreach (&ROUND(0, 5,10,15)) { eval; } --$code.=<<___; -- brct %r14,.Loop -- -- l${g} %r14,$frame+2*$SIZE_T($sp) # pull input pointer -- stm @t[0],@t[1],$stdframe+4*8+4*8($sp) # offload x[8]-x[9] -- lm${g} @t[0],@t[1],$frame+3*$SIZE_T($sp) -- -- al @x[0],$stdframe+4*0($sp) # accumulate key schedule -- al @x[1],$stdframe+4*1($sp) -- al @x[2],$stdframe+4*2($sp) -- al @x[3],$stdframe+4*3($sp) -- al @x[4],$stdframe+4*4($sp) -- al @x[5],$stdframe+4*5($sp) -- al @x[6],$stdframe+4*6($sp) -- al @x[7],$stdframe+4*7($sp) -- lrvr @x[0],@x[0] -- lrvr @x[1],@x[1] -- lrvr @x[2],@x[2] -- lrvr @x[3],@x[3] -- lrvr @x[4],@x[4] -- lrvr @x[5],@x[5] -- lrvr @x[6],@x[6] -- lrvr @x[7],@x[7] -- al @x[12],$stdframe+4*12($sp) -- al @x[13],$stdframe+4*13($sp) -- al @x[14],$stdframe+4*14($sp) -- al @x[15],$stdframe+4*15($sp) -- lrvr @x[12],@x[12] -- lrvr @x[13],@x[13] -- lrvr @x[14],@x[14] -- lrvr @x[15],@x[15] -- -- la @t[0],0(@t[0],%r14) # reconstruct output pointer -- cl${g}r %r14,@t[1] -- jh .Ltail -- -- x @x[0],4*0(%r14) # xor with input -- x @x[1],4*1(%r14) -- st @x[0],4*0(@t[0]) # store output -- x @x[2],4*2(%r14) -- st @x[1],4*1(@t[0]) -- x @x[3],4*3(%r14) -- st @x[2],4*2(@t[0]) -- x @x[4],4*4(%r14) -- st @x[3],4*3(@t[0]) -- lm @x[0],@x[3],$stdframe+4*8+4*8($sp) # load x[8]-x[11] -- x @x[5],4*5(%r14) -- st @x[4],4*4(@t[0]) -- x @x[6],4*6(%r14) -- al @x[0],$stdframe+4*8($sp) -- st @x[5],4*5(@t[0]) -- x @x[7],4*7(%r14) -- al @x[1],$stdframe+4*9($sp) -- st @x[6],4*6(@t[0]) -- x @x[12],4*12(%r14) -- al @x[2],$stdframe+4*10($sp) -- st @x[7],4*7(@t[0]) -- x @x[13],4*13(%r14) -- al @x[3],$stdframe+4*11($sp) -- st @x[12],4*12(@t[0]) -- x @x[14],4*14(%r14) -- st @x[13],4*13(@t[0]) -- x @x[15],4*15(%r14) -- st @x[14],4*14(@t[0]) -- lrvr @x[0],@x[0] -- st @x[15],4*15(@t[0]) -- lrvr @x[1],@x[1] -- lrvr @x[2],@x[2] -- lrvr @x[3],@x[3] -- lhi @x[12],1 -- x @x[0],4*8(%r14) -- al @x[12],$stdframe+4*12($sp) # increment counter -- x @x[1],4*9(%r14) -- st @x[0],4*8(@t[0]) -- x @x[2],4*10(%r14) -- st @x[1],4*9(@t[0]) -- x @x[3],4*11(%r14) -- st @x[2],4*10(@t[0]) -- st @x[3],4*11(@t[0]) -- -- cl${g}r %r14,@t[1] # done yet? -- la %r14,64(%r14) -- jl .Loop_outer -- --.Ldone: -- xgr %r0,%r0 -- xgr %r1,%r1 -- xgr %r2,%r2 -- xgr %r3,%r3 -- stmg %r0,%r3,$stdframe+4*4($sp) # wipe key copy -- stmg %r0,%r3,$stdframe+4*12($sp) -- -- lm${g} %r6,%r15,`$frame+6*$SIZE_T`($sp) -- br %r14 -- --.align 16 --.Ltail: -- la @t[1],64($t[1]) -- stm @x[0],@x[7],$stdframe+4*0($sp) -- sl${g}r @t[1],%r14 -- lm @x[0],@x[3],$stdframe+4*8+4*8($sp) -- l${g}hi @x[6],0 -- stm @x[12],@x[15],$stdframe+4*12($sp) -- al @x[0],$stdframe+4*8($sp) -- al @x[1],$stdframe+4*9($sp) -- al @x[2],$stdframe+4*10($sp) -- al @x[3],$stdframe+4*11($sp) -- lrvr @x[0],@x[0] -- lrvr @x[1],@x[1] -- lrvr @x[2],@x[2] -- lrvr @x[3],@x[3] -- stm @x[0],@x[3],$stdframe+4*8($sp) -- --.Loop_tail: -- llgc @x[4],0(@x[6],%r14) -- llgc @x[5],$stdframe(@x[6],$sp) -- xr @x[5],@x[4] -- stc @x[5],0(@x[6],@t[0]) -- la @x[6],1(@x[6]) -- brct @t[1],.Loop_tail -- -- j .Ldone --.size ChaCha20_ctr32,.-ChaCha20_ctr32 -- --.align 32 --.Lsigma: --.long 0x61707865,0x3320646e,0x79622d32,0x6b206574 # endian-neutral --.asciz "ChaCha20 for s390x, CRYPTOGAMS by " --.align 4 --___ -+ alr (@x[$a0],@x[$b0]); # Q1 -+ alr (@x[$a1],@x[$b1]); # Q2 -+ xr (@x[$d0],@x[$a0]); -+ xr (@x[$d1],@x[$a1]); -+ rll (@x[$d0],@x[$d0],16); -+ rll (@x[$d1],@x[$d1],16); -+ -+ alr ($xc,@x[$d0]); -+ alr ($xc_,@x[$d1]); -+ xr (@x[$b0],$xc); -+ xr (@x[$b1],$xc_); -+ rll (@x[$b0],@x[$b0],12); -+ rll (@x[$b1],@x[$b1],12); -+ -+ alr (@x[$a0],@x[$b0]); -+ alr (@x[$a1],@x[$b1]); -+ xr (@x[$d0],@x[$a0]); -+ xr (@x[$d1],@x[$a1]); -+ rll (@x[$d0],@x[$d0],8); -+ rll (@x[$d1],@x[$d1],8); -+ -+ alr ($xc,@x[$d0]); -+ alr ($xc_,@x[$d1]); -+ xr (@x[$b0],$xc); -+ xr (@x[$b1],$xc_); -+ rll (@x[$b0],@x[$b0],7); -+ rll (@x[$b1],@x[$b1],7); -+ -+ stm ($xc,$xc_,"$stdframe+4*8+4*$c0($sp)"); # reload pair of 'c's -+ lm ($xc,$xc_,"$stdframe+4*8+4*$c2($sp)"); -+ -+ alr (@x[$a2],@x[$b2]); # Q3 -+ alr (@x[$a3],@x[$b3]); # Q4 -+ xr (@x[$d2],@x[$a2]); -+ xr (@x[$d3],@x[$a3]); -+ rll (@x[$d2],@x[$d2],16); -+ rll (@x[$d3],@x[$d3],16); -+ -+ alr ($xc,@x[$d2]); -+ alr ($xc_,@x[$d3]); -+ xr (@x[$b2],$xc); -+ xr (@x[$b3],$xc_); -+ rll (@x[$b2],@x[$b2],12); -+ rll (@x[$b3],@x[$b3],12); -+ -+ alr (@x[$a2],@x[$b2]); -+ alr (@x[$a3],@x[$b3]); -+ xr (@x[$d2],@x[$a2]); -+ xr (@x[$d3],@x[$a3]); -+ rll (@x[$d2],@x[$d2],8); -+ rll (@x[$d3],@x[$d3],8); -+ -+ alr ($xc,@x[$d2]); -+ alr ($xc_,@x[$d3]); -+ xr (@x[$b2],$xc); -+ xr (@x[$b3],$xc_); -+ rll (@x[$b2],@x[$b2],7); -+ rll (@x[$b3],@x[$b3],7); -+} -+ -+sub VX_lane_ROUND { -+my ($a0,$b0,$c0,$d0)=@_; -+my ($a1,$b1,$c1,$d1)=map(($_&~3)+(($_+1)&3),($a0,$b0,$c0,$d0)); -+my ($a2,$b2,$c2,$d2)=map(($_&~3)+(($_+1)&3),($a1,$b1,$c1,$d1)); -+my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2)); -+my @x=map("%v$_",(0..15)); - --foreach (split("\n",$code)) { -- s/\`([^\`]*)\`/eval $1/ge; -+ vaf (@x[$a0],@x[$a0],@x[$b0]); # Q1 -+ vx (@x[$d0],@x[$d0],@x[$a0]); -+ verllf (@x[$d0],@x[$d0],16); -+ vaf (@x[$a1],@x[$a1],@x[$b1]); # Q2 -+ vx (@x[$d1],@x[$d1],@x[$a1]); -+ verllf (@x[$d1],@x[$d1],16); -+ vaf (@x[$a2],@x[$a2],@x[$b2]); # Q3 -+ vx (@x[$d2],@x[$d2],@x[$a2]); -+ verllf (@x[$d2],@x[$d2],16); -+ vaf (@x[$a3],@x[$a3],@x[$b3]); # Q4 -+ vx (@x[$d3],@x[$d3],@x[$a3]); -+ verllf (@x[$d3],@x[$d3],16); -+ -+ vaf (@x[$c0],@x[$c0],@x[$d0]); -+ vx (@x[$b0],@x[$b0],@x[$c0]); -+ verllf (@x[$b0],@x[$b0],12); -+ vaf (@x[$c1],@x[$c1],@x[$d1]); -+ vx (@x[$b1],@x[$b1],@x[$c1]); -+ verllf (@x[$b1],@x[$b1],12); -+ vaf (@x[$c2],@x[$c2],@x[$d2]); -+ vx (@x[$b2],@x[$b2],@x[$c2]); -+ verllf (@x[$b2],@x[$b2],12); -+ vaf (@x[$c3],@x[$c3],@x[$d3]); -+ vx (@x[$b3],@x[$b3],@x[$c3]); -+ verllf (@x[$b3],@x[$b3],12); -+ -+ vaf (@x[$a0],@x[$a0],@x[$b0]); -+ vx (@x[$d0],@x[$d0],@x[$a0]); -+ verllf (@x[$d0],@x[$d0],8); -+ vaf (@x[$a1],@x[$a1],@x[$b1]); -+ vx (@x[$d1],@x[$d1],@x[$a1]); -+ verllf (@x[$d1],@x[$d1],8); -+ vaf (@x[$a2],@x[$a2],@x[$b2]); -+ vx (@x[$d2],@x[$d2],@x[$a2]); -+ verllf (@x[$d2],@x[$d2],8); -+ vaf (@x[$a3],@x[$a3],@x[$b3]); -+ vx (@x[$d3],@x[$d3],@x[$a3]); -+ verllf (@x[$d3],@x[$d3],8); -+ -+ vaf (@x[$c0],@x[$c0],@x[$d0]); -+ vx (@x[$b0],@x[$b0],@x[$c0]); -+ verllf (@x[$b0],@x[$b0],7); -+ vaf (@x[$c1],@x[$c1],@x[$d1]); -+ vx (@x[$b1],@x[$b1],@x[$c1]); -+ verllf (@x[$b1],@x[$b1],7); -+ vaf (@x[$c2],@x[$c2],@x[$d2]); -+ vx (@x[$b2],@x[$b2],@x[$c2]); -+ verllf (@x[$b2],@x[$b2],7); -+ vaf (@x[$c3],@x[$c3],@x[$d3]); -+ vx (@x[$b3],@x[$b3],@x[$c3]); -+ verllf (@x[$b3],@x[$b3],7); -+} - -- print $_,"\n"; -+sub VX_ROUND { -+my @a=@_[0..5]; -+my @b=@_[6..11]; -+my @c=@_[12..17]; -+my @d=@_[18..23]; -+my $odd=@_[24]; -+ -+ vaf (@a[$_],@a[$_],@b[$_]) for (0..5); -+ vx (@d[$_],@d[$_],@a[$_]) for (0..5); -+ verllf (@d[$_],@d[$_],16) for (0..5); -+ -+ vaf (@c[$_],@c[$_],@d[$_]) for (0..5); -+ vx (@b[$_],@b[$_],@c[$_]) for (0..5); -+ verllf (@b[$_],@b[$_],12) for (0..5); -+ -+ vaf (@a[$_],@a[$_],@b[$_]) for (0..5); -+ vx (@d[$_],@d[$_],@a[$_]) for (0..5); -+ verllf (@d[$_],@d[$_],8) for (0..5); -+ -+ vaf (@c[$_],@c[$_],@d[$_]) for (0..5); -+ vx (@b[$_],@b[$_],@c[$_]) for (0..5); -+ verllf (@b[$_],@b[$_],7) for (0..5); -+ -+ vsldb (@c[$_],@c[$_],@c[$_],8) for (0..5); -+ vsldb (@b[$_],@b[$_],@b[$_],$odd?12:4) for (0..5); -+ vsldb (@d[$_],@d[$_],@d[$_],$odd?4:12) for (0..5); - } --close STDOUT or die "error closing STDOUT: $!"; -+ -+PERLASM_BEGIN($output); -+ -+INCLUDE ("s390x_arch.h"); -+TEXT (); -+ -+################ -+# void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp, size_t len, -+# const unsigned int key[8], const unsigned int counter[4]) -+my ($out,$inp,$len,$key,$counter)=map("%r$_",(2..6)); -+{ -+my $frame=$stdframe+4*20; -+my @x=map("%r$_",(0..7,"x","x","x","x",(10..13))); -+my @t=map("%r$_",(8,9)); -+ -+GLOBL ("ChaCha20_ctr32"); -+TYPE ("ChaCha20_ctr32","\@function"); -+ALIGN (32); -+LABEL ("ChaCha20_ctr32"); -+ larl ("%r1","OPENSSL_s390xcap_P"); -+ -+ lghi ("%r0",64); -+&{$z? \<gr:\<r} ($len,$len); # len==0? -+ bzr ("%r14"); -+ lg ("%r1","S390X_STFLE+16(%r1)"); -+&{$z? \&clgr:\&clr} ($len,"%r0"); -+ jle (".Lshort"); -+ -+ tmhh ("%r1",0x4000); # check for vx bit -+ jnz (".LChaCha20_ctr32_vx"); -+ -+LABEL (".Lshort"); -+&{$z? \&aghi:\&ahi} ($len,-64); -+&{$z? \&lghi:\&lhi} ("%r1",-$frame); -+&{$z? \&stmg:\&stm} ("%r6","%r15","6*$SIZE_T($sp)"); -+&{$z? \&slgr:\&slr} ($out,$inp); # difference -+ la ($len,"0($inp,$len)"); # end of input minus 64 -+ larl ("%r7",".Lsigma"); -+ lgr ("%r0",$sp); -+ la ($sp,"0(%r1,$sp)"); -+&{$z? \&stg:\&st} ("%r0","0($sp)"); -+ -+ lmg ("%r8","%r11","0($key)"); # load key -+ lmg ("%r12","%r13","0($counter)"); # load counter -+ lmg ("%r6","%r7","0(%r7)"); # load sigma constant -+ -+ la ("%r14","0($inp)"); -+&{$z? \&stg:\&st} ($out,"$frame+3*$SIZE_T($sp)"); -+&{$z? \&stg:\&st} ($len,"$frame+4*$SIZE_T($sp)"); -+ stmg ("%r6","%r13","$stdframe($sp)");# copy key schedule to stack -+ srlg (@x[12],"%r12",32); # 32-bit counter value -+ j (".Loop_outer"); -+ -+ALIGN (16); -+LABEL (".Loop_outer"); -+ lm (@x[0],@x[7],"$stdframe+4*0($sp)"); # load x[0]-x[7] -+ lm (@t[0],@t[1],"$stdframe+4*10($sp)"); # load x[10]-x[11] -+ lm (@x[13],@x[15],"$stdframe+4*13($sp)"); # load x[13]-x[15] -+ stm (@t[0],@t[1],"$stdframe+4*8+4*10($sp)");# offload x[10]-x[11] -+ lm (@t[0],@t[1],"$stdframe+4*8($sp)"); # load x[8]-x[9] -+ st (@x[12],"$stdframe+4*12($sp)"); # save counter -+&{$z? \&stg:\&st} ("%r14","$frame+2*$SIZE_T($sp)");# save input pointer -+ lhi ("%r14",10); -+ j (".Loop"); -+ -+ALIGN (4); -+LABEL (".Loop"); -+ ROUND (0, 4, 8,12); -+ ROUND (0, 5,10,15); -+ brct ("%r14",".Loop"); -+ -+&{$z? \&lg:\&l} ("%r14","$frame+2*$SIZE_T($sp)");# pull input pointer -+ stm (@t[0],@t[1],"$stdframe+4*8+4*8($sp)"); # offload x[8]-x[9] -+&{$z? \&lmg:\&lm} (@t[0],@t[1],"$frame+3*$SIZE_T($sp)"); -+ -+ al (@x[0],"$stdframe+4*0($sp)"); # accumulate key schedule -+ al (@x[1],"$stdframe+4*1($sp)"); -+ al (@x[2],"$stdframe+4*2($sp)"); -+ al (@x[3],"$stdframe+4*3($sp)"); -+ al (@x[4],"$stdframe+4*4($sp)"); -+ al (@x[5],"$stdframe+4*5($sp)"); -+ al (@x[6],"$stdframe+4*6($sp)"); -+ al (@x[7],"$stdframe+4*7($sp)"); -+ lrvr (@x[0],@x[0]); -+ lrvr (@x[1],@x[1]); -+ lrvr (@x[2],@x[2]); -+ lrvr (@x[3],@x[3]); -+ lrvr (@x[4],@x[4]); -+ lrvr (@x[5],@x[5]); -+ lrvr (@x[6],@x[6]); -+ lrvr (@x[7],@x[7]); -+ al (@x[12],"$stdframe+4*12($sp)"); -+ al (@x[13],"$stdframe+4*13($sp)"); -+ al (@x[14],"$stdframe+4*14($sp)"); -+ al (@x[15],"$stdframe+4*15($sp)"); -+ lrvr (@x[12],@x[12]); -+ lrvr (@x[13],@x[13]); -+ lrvr (@x[14],@x[14]); -+ lrvr (@x[15],@x[15]); -+ -+ la (@t[0],"0(@t[0],%r14)"); # reconstruct output pointer -+&{$z? \&clgr:\&clr} ("%r14",@t[1]); -+ jh (".Ltail"); -+ -+ x (@x[0],"4*0(%r14)"); # xor with input -+ x (@x[1],"4*1(%r14)"); -+ st (@x[0],"4*0(@t[0])"); # store output -+ x (@x[2],"4*2(%r14)"); -+ st (@x[1],"4*1(@t[0])"); -+ x (@x[3],"4*3(%r14)"); -+ st (@x[2],"4*2(@t[0])"); -+ x (@x[4],"4*4(%r14)"); -+ st (@x[3],"4*3(@t[0])"); -+ lm (@x[0],@x[3],"$stdframe+4*8+4*8($sp)"); # load x[8]-x[11] -+ x (@x[5],"4*5(%r14)"); -+ st (@x[4],"4*4(@t[0])"); -+ x (@x[6],"4*6(%r14)"); -+ al (@x[0],"$stdframe+4*8($sp)"); -+ st (@x[5],"4*5(@t[0])"); -+ x (@x[7],"4*7(%r14)"); -+ al (@x[1],"$stdframe+4*9($sp)"); -+ st (@x[6],"4*6(@t[0])"); -+ x (@x[12],"4*12(%r14)"); -+ al (@x[2],"$stdframe+4*10($sp)"); -+ st (@x[7],"4*7(@t[0])"); -+ x (@x[13],"4*13(%r14)"); -+ al (@x[3],"$stdframe+4*11($sp)"); -+ st (@x[12],"4*12(@t[0])"); -+ x (@x[14],"4*14(%r14)"); -+ st (@x[13],"4*13(@t[0])"); -+ x (@x[15],"4*15(%r14)"); -+ st (@x[14],"4*14(@t[0])"); -+ lrvr (@x[0],@x[0]); -+ st (@x[15],"4*15(@t[0])"); -+ lrvr (@x[1],@x[1]); -+ lrvr (@x[2],@x[2]); -+ lrvr (@x[3],@x[3]); -+ lhi (@x[12],1); -+ x (@x[0],"4*8(%r14)"); -+ al (@x[12],"$stdframe+4*12($sp)"); # increment counter -+ x (@x[1],"4*9(%r14)"); -+ st (@x[0],"4*8(@t[0])"); -+ x (@x[2],"4*10(%r14)"); -+ st (@x[1],"4*9(@t[0])"); -+ x (@x[3],"4*11(%r14)"); -+ st (@x[2],"4*10(@t[0])"); -+ st (@x[3],"4*11(@t[0])"); -+ -+&{$z? \&clgr:\&clr} ("%r14",@t[1]); # done yet? -+ la ("%r14","64(%r14)"); -+ jl (".Loop_outer"); -+ -+LABEL (".Ldone"); -+ xgr ("%r0","%r0"); -+ xgr ("%r1","%r1"); -+ xgr ("%r2","%r2"); -+ xgr ("%r3","%r3"); -+ stmg ("%r0","%r3","$stdframe+4*4($sp)"); # wipe key copy -+ stmg ("%r0","%r3","$stdframe+4*12($sp)"); -+ -+&{$z? \&lmg:\&lm} ("%r6","%r15","$frame+6*$SIZE_T($sp)"); -+ br ("%r14"); -+ -+ALIGN (16); -+LABEL (".Ltail"); -+ la (@t[1],"64($t[1])"); -+ stm (@x[0],@x[7],"$stdframe+4*0($sp)"); -+&{$z? \&slgr:\&slr} (@t[1],"%r14"); -+ lm (@x[0],@x[3],"$stdframe+4*8+4*8($sp)"); -+&{$z? \&lghi:\&lhi} (@x[6],0); -+ stm (@x[12],@x[15],"$stdframe+4*12($sp)"); -+ al (@x[0],"$stdframe+4*8($sp)"); -+ al (@x[1],"$stdframe+4*9($sp)"); -+ al (@x[2],"$stdframe+4*10($sp)"); -+ al (@x[3],"$stdframe+4*11($sp)"); -+ lrvr (@x[0],@x[0]); -+ lrvr (@x[1],@x[1]); -+ lrvr (@x[2],@x[2]); -+ lrvr (@x[3],@x[3]); -+ stm (@x[0],@x[3],"$stdframe+4*8($sp)"); -+ -+LABEL (".Loop_tail"); -+ llgc (@x[4],"0(@x[6],%r14)"); -+ llgc (@x[5],"$stdframe(@x[6],$sp)"); -+ xr (@x[5],@x[4]); -+ stc (@x[5],"0(@x[6],@t[0])"); -+ la (@x[6],"1(@x[6])"); -+ brct (@t[1],".Loop_tail"); -+ -+ j (".Ldone"); -+SIZE ("ChaCha20_ctr32",".-ChaCha20_ctr32"); -+} -+ -+######################################################################## -+# 4x"vertical" layout minimizes amount of instructions, but pipeline -+# runs underutilized [because of vector instructions' high latency]. -+# On the other hand minimum amount of data it takes to fully utilize -+# the pipeline is higher, so that effectively, short inputs would be -+# processed slower. Hence this code path targeting <=256 bytes lengths. -+# -+{ -+my ($xa0,$xa1,$xa2,$xa3, $xb0,$xb1,$xb2,$xb3, -+ $xc0,$xc1,$xc2,$xc3, $xd0,$xd1,$xd2,$xd3)=map("%v$_",(0..15)); -+my @K=map("%v$_",(16..19)); -+my $CTR="%v26"; -+my ($xt0,$xt1,$xt2,$xt3)=map("%v$_",(27..30)); -+my $beperm="%v31"; -+my ($x00,$x10,$x20,$x30)=(0,map("r$_",(8..10))); -+my $FRAME=$stdframe+4*16; -+ -+ALIGN (32); -+LABEL ("ChaCha20_ctr32_4x"); -+LABEL (".LChaCha20_ctr32_4x"); -+&{$z? \&stmg:\&stm} ("%r6","%r7","6*$SIZE_T($sp)"); -+if (!$z) { -+ std ("%f4","16*$SIZE_T+2*8($sp)"); -+ std ("%f6","16*$SIZE_T+3*8($sp)"); -+} -+&{$z? \&lghi:\&lhi} ("%r1",-$FRAME); -+ lgr ("%r0",$sp); -+ la ($sp,"0(%r1,$sp)"); -+&{$z? \&stg:\&st} ("%r0","0($sp)"); # back-chain -+if ($z) { -+ std ("%f8","$stdframe+8*0($sp)"); -+ std ("%f9","$stdframe+8*1($sp)"); -+ std ("%f10","$stdframe+8*2($sp)"); -+ std ("%f11","$stdframe+8*3($sp)"); -+ std ("%f12","$stdframe+8*4($sp)"); -+ std ("%f13","$stdframe+8*5($sp)"); -+ std ("%f14","$stdframe+8*6($sp)"); -+ std ("%f15","$stdframe+8*7($sp)"); -+} -+ larl ("%r7",".Lsigma"); -+ lhi ("%r0",10); -+ lhi ("%r1",0); -+ -+ vl (@K[0],"0(%r7)"); # load sigma -+ vl (@K[1],"0($key)"); # load key -+ vl (@K[2],"16($key)"); -+ vl (@K[3],"0($counter)"); # load counter -+ -+ vl ($beperm,"0x40(%r7)"); -+ vl ($xt1,"0x50(%r7)"); -+ vrepf ($CTR,@K[3],0); -+ vlvgf (@K[3],"%r1",0); # clear @K[3].word[0] -+ vaf ($CTR,$CTR,$xt1); -+ -+#LABEL (".Loop_outer_4x"); -+ vlm ($xa0,$xa3,"0x60(%r7)"); # load [smashed] sigma -+ -+ vrepf ($xb0,@K[1],0); # smash the key -+ vrepf ($xb1,@K[1],1); -+ vrepf ($xb2,@K[1],2); -+ vrepf ($xb3,@K[1],3); -+ -+ vrepf ($xc0,@K[2],0); -+ vrepf ($xc1,@K[2],1); -+ vrepf ($xc2,@K[2],2); -+ vrepf ($xc3,@K[2],3); -+ -+ vlr ($xd0,$CTR); -+ vrepf ($xd1,@K[3],1); -+ vrepf ($xd2,@K[3],2); -+ vrepf ($xd3,@K[3],3); -+ -+LABEL (".Loop_4x"); -+ VX_lane_ROUND(0, 4, 8,12); -+ VX_lane_ROUND(0, 5,10,15); -+ brct ("%r0",".Loop_4x"); -+ -+ vaf ($xd0,$xd0,$CTR); -+ -+ vmrhf ($xt0,$xa0,$xa1); # transpose data -+ vmrhf ($xt1,$xa2,$xa3); -+ vmrlf ($xt2,$xa0,$xa1); -+ vmrlf ($xt3,$xa2,$xa3); -+ vpdi ($xa0,$xt0,$xt1,0b0000); -+ vpdi ($xa1,$xt0,$xt1,0b0101); -+ vpdi ($xa2,$xt2,$xt3,0b0000); -+ vpdi ($xa3,$xt2,$xt3,0b0101); -+ -+ vmrhf ($xt0,$xb0,$xb1); -+ vmrhf ($xt1,$xb2,$xb3); -+ vmrlf ($xt2,$xb0,$xb1); -+ vmrlf ($xt3,$xb2,$xb3); -+ vpdi ($xb0,$xt0,$xt1,0b0000); -+ vpdi ($xb1,$xt0,$xt1,0b0101); -+ vpdi ($xb2,$xt2,$xt3,0b0000); -+ vpdi ($xb3,$xt2,$xt3,0b0101); -+ -+ vmrhf ($xt0,$xc0,$xc1); -+ vmrhf ($xt1,$xc2,$xc3); -+ vmrlf ($xt2,$xc0,$xc1); -+ vmrlf ($xt3,$xc2,$xc3); -+ vpdi ($xc0,$xt0,$xt1,0b0000); -+ vpdi ($xc1,$xt0,$xt1,0b0101); -+ vpdi ($xc2,$xt2,$xt3,0b0000); -+ vpdi ($xc3,$xt2,$xt3,0b0101); -+ -+ vmrhf ($xt0,$xd0,$xd1); -+ vmrhf ($xt1,$xd2,$xd3); -+ vmrlf ($xt2,$xd0,$xd1); -+ vmrlf ($xt3,$xd2,$xd3); -+ vpdi ($xd0,$xt0,$xt1,0b0000); -+ vpdi ($xd1,$xt0,$xt1,0b0101); -+ vpdi ($xd2,$xt2,$xt3,0b0000); -+ vpdi ($xd3,$xt2,$xt3,0b0101); -+ -+ #vrepif ($xt0,4); -+ #vaf ($CTR,$CTR,$xt0); # next counter value -+ -+ vaf ($xa0,$xa0,@K[0]); -+ vaf ($xb0,$xb0,@K[1]); -+ vaf ($xc0,$xc0,@K[2]); -+ vaf ($xd0,$xd0,@K[3]); -+ -+ vperm ($xa0,$xa0,$xa0,$beperm); -+ vperm ($xb0,$xb0,$xb0,$beperm); -+ vperm ($xc0,$xc0,$xc0,$beperm); -+ vperm ($xd0,$xd0,$xd0,$beperm); -+ -+ #&{$z? \&clgfi:\&clfi} ($len,0x40); -+ #jl (".Ltail_4x"); -+ -+ vlm ($xt0,$xt3,"0($inp)"); -+ -+ vx ($xt0,$xt0,$xa0); -+ vx ($xt1,$xt1,$xb0); -+ vx ($xt2,$xt2,$xc0); -+ vx ($xt3,$xt3,$xd0); -+ -+ vstm ($xt0,$xt3,"0($out)"); -+ -+ la ($inp,"0x40($inp)"); -+ la ($out,"0x40($out)"); -+&{$z? \&aghi:\&ahi} ($len,-0x40); -+ #je (".Ldone_4x"); -+ -+ vaf ($xa0,$xa1,@K[0]); -+ vaf ($xb0,$xb1,@K[1]); -+ vaf ($xc0,$xc1,@K[2]); -+ vaf ($xd0,$xd1,@K[3]); -+ -+ vperm ($xa0,$xa0,$xa0,$beperm); -+ vperm ($xb0,$xb0,$xb0,$beperm); -+ vperm ($xc0,$xc0,$xc0,$beperm); -+ vperm ($xd0,$xd0,$xd0,$beperm); -+ -+&{$z? \&clgfi:\&clfi} ($len,0x40); -+ jl (".Ltail_4x"); -+ -+ vlm ($xt0,$xt3,"0($inp)"); -+ -+ vx ($xt0,$xt0,$xa0); -+ vx ($xt1,$xt1,$xb0); -+ vx ($xt2,$xt2,$xc0); -+ vx ($xt3,$xt3,$xd0); -+ -+ vstm ($xt0,$xt3,"0($out)"); -+ -+ la ($inp,"0x40($inp)"); -+ la ($out,"0x40($out)"); -+&{$z? \&aghi:\&ahi} ($len,-0x40); -+ je (".Ldone_4x"); -+ -+ vaf ($xa0,$xa2,@K[0]); -+ vaf ($xb0,$xb2,@K[1]); -+ vaf ($xc0,$xc2,@K[2]); -+ vaf ($xd0,$xd2,@K[3]); -+ -+ vperm ($xa0,$xa0,$xa0,$beperm); -+ vperm ($xb0,$xb0,$xb0,$beperm); -+ vperm ($xc0,$xc0,$xc0,$beperm); -+ vperm ($xd0,$xd0,$xd0,$beperm); -+ -+&{$z? \&clgfi:\&clfi} ($len,0x40); -+ jl (".Ltail_4x"); -+ -+ vlm ($xt0,$xt3,"0($inp)"); -+ -+ vx ($xt0,$xt0,$xa0); -+ vx ($xt1,$xt1,$xb0); -+ vx ($xt2,$xt2,$xc0); -+ vx ($xt3,$xt3,$xd0); -+ -+ vstm ($xt0,$xt3,"0($out)"); -+ -+ la ($inp,"0x40($inp)"); -+ la ($out,"0x40($out)"); -+&{$z? \&aghi:\&ahi} ($len,-0x40); -+ je (".Ldone_4x"); -+ -+ vaf ($xa0,$xa3,@K[0]); -+ vaf ($xb0,$xb3,@K[1]); -+ vaf ($xc0,$xc3,@K[2]); -+ vaf ($xd0,$xd3,@K[3]); -+ -+ vperm ($xa0,$xa0,$xa0,$beperm); -+ vperm ($xb0,$xb0,$xb0,$beperm); -+ vperm ($xc0,$xc0,$xc0,$beperm); -+ vperm ($xd0,$xd0,$xd0,$beperm); -+ -+&{$z? \&clgfi:\&clfi} ($len,0x40); -+ jl (".Ltail_4x"); -+ -+ vlm ($xt0,$xt3,"0($inp)"); -+ -+ vx ($xt0,$xt0,$xa0); -+ vx ($xt1,$xt1,$xb0); -+ vx ($xt2,$xt2,$xc0); -+ vx ($xt3,$xt3,$xd0); -+ -+ vstm ($xt0,$xt3,"0($out)"); -+ -+ #la $inp,0x40($inp)); -+ #la $out,0x40($out)); -+ #lhi %r0,10); -+ #&{$z? \&aghi:\&ahi} $len,-0x40); -+ #jne .Loop_outer_4x); -+ -+LABEL (".Ldone_4x"); -+if (!$z) { -+ ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); -+ ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); -+} else { -+ ld ("%f8","$stdframe+8*0($sp)"); -+ ld ("%f9","$stdframe+8*1($sp)"); -+ ld ("%f10","$stdframe+8*2($sp)"); -+ ld ("%f11","$stdframe+8*3($sp)"); -+ ld ("%f12","$stdframe+8*4($sp)"); -+ ld ("%f13","$stdframe+8*5($sp)"); -+ ld ("%f14","$stdframe+8*6($sp)"); -+ ld ("%f15","$stdframe+8*7($sp)"); -+} -+&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); -+ la ($sp,"$FRAME($sp)"); -+ br ("%r14"); -+ -+ALIGN (16); -+LABEL (".Ltail_4x"); -+if (!$z) { -+ vlr ($xt0,$xb0); -+ ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); -+ ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); -+ -+ vst ($xa0,"$stdframe+0x00($sp)"); -+ vst ($xt0,"$stdframe+0x10($sp)"); -+ vst ($xc0,"$stdframe+0x20($sp)"); -+ vst ($xd0,"$stdframe+0x30($sp)"); -+} else { -+ vlr ($xt0,$xc0); -+ ld ("%f8","$stdframe+8*0($sp)"); -+ ld ("%f9","$stdframe+8*1($sp)"); -+ ld ("%f10","$stdframe+8*2($sp)"); -+ ld ("%f11","$stdframe+8*3($sp)"); -+ vlr ($xt1,$xd0); -+ ld ("%f12","$stdframe+8*4($sp)"); -+ ld ("%f13","$stdframe+8*5($sp)"); -+ ld ("%f14","$stdframe+8*6($sp)"); -+ ld ("%f15","$stdframe+8*7($sp)"); -+ -+ vst ($xa0,"$stdframe+0x00($sp)"); -+ vst ($xb0,"$stdframe+0x10($sp)"); -+ vst ($xt0,"$stdframe+0x20($sp)"); -+ vst ($xt1,"$stdframe+0x30($sp)"); -+} -+ lghi ("%r1",0); -+ -+LABEL (".Loop_tail_4x"); -+ llgc ("%r5","0(%r1,$inp)"); -+ llgc ("%r6","$stdframe(%r1,$sp)"); -+ xr ("%r6","%r5"); -+ stc ("%r6","0(%r1,$out)"); -+ la ("%r1","1(%r1)"); -+ brct ($len,".Loop_tail_4x"); -+ -+&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); -+ la ($sp,"$FRAME($sp)"); -+ br ("%r14"); -+SIZE ("ChaCha20_ctr32_4x",".-ChaCha20_ctr32_4x"); -+} -+ -+######################################################################## -+# 6x"horizontal" layout is optimal fit for the platform in its current -+# shape, more specifically for given vector instructions' latency. Well, -+# computational part of 8x"vertical" would be faster, but it consumes -+# all registers and dealing with that will diminish the return... -+# -+{ -+my ($a0,$b0,$c0,$d0, $a1,$b1,$c1,$d1, -+ $a2,$b2,$c2,$d2, $a3,$b3,$c3,$d3, -+ $a4,$b4,$c4,$d4, $a5,$b5,$c5,$d5)=map("%v$_",(0..23)); -+my @K=map("%v$_",(27,24..26)); -+my ($t0,$t1,$t2,$t3)=map("%v$_",27..30); -+my $beperm="%v31"; -+my $FRAME=$stdframe + 4*16; -+ -+GLOBL ("ChaCha20_ctr32_vx"); -+ALIGN (32); -+LABEL ("ChaCha20_ctr32_vx"); -+LABEL (".LChaCha20_ctr32_vx"); -+&{$z? \&clgfi:\&clfi} ($len,256); -+ jle (".LChaCha20_ctr32_4x"); -+&{$z? \&stmg:\&stm} ("%r6","%r7","6*$SIZE_T($sp)"); -+if (!$z) { -+ std ("%f4","16*$SIZE_T+2*8($sp)"); -+ std ("%f6","16*$SIZE_T+3*8($sp)"); -+} -+&{$z? \&lghi:\&lhi} ("%r1",-$FRAME); -+ lgr ("%r0",$sp); -+ la ($sp,"0(%r1,$sp)"); -+&{$z? \&stg:\&st} ("%r0","0($sp)"); # back-chain -+if ($z) { -+ std ("%f8","$FRAME-8*8($sp)"); -+ std ("%f9","$FRAME-8*7($sp)"); -+ std ("%f10","$FRAME-8*6($sp)"); -+ std ("%f11","$FRAME-8*5($sp)"); -+ std ("%f12","$FRAME-8*4($sp)"); -+ std ("%f13","$FRAME-8*3($sp)"); -+ std ("%f14","$FRAME-8*2($sp)"); -+ std ("%f15","$FRAME-8*1($sp)"); -+} -+ larl ("%r7",".Lsigma"); -+ lhi ("%r0",10); -+ -+ vlm (@K[1],@K[2],"0($key)"); # load key -+ vl (@K[3],"0($counter)"); # load counter -+ -+ vlm (@K[0],"$beperm","0(%r7)"); # load sigma, increments, ... -+ -+LABEL (".Loop_outer_vx"); -+ vlr ($a0,@K[0]); -+ vlr ($b0,@K[1]); -+ vlr ($a1,@K[0]); -+ vlr ($b1,@K[1]); -+ vlr ($a2,@K[0]); -+ vlr ($b2,@K[1]); -+ vlr ($a3,@K[0]); -+ vlr ($b3,@K[1]); -+ vlr ($a4,@K[0]); -+ vlr ($b4,@K[1]); -+ vlr ($a5,@K[0]); -+ vlr ($b5,@K[1]); -+ -+ vlr ($d0,@K[3]); -+ vaf ($d1,@K[3],$t1); # K[3]+1 -+ vaf ($d2,@K[3],$t2); # K[3]+2 -+ vaf ($d3,@K[3],$t3); # K[3]+3 -+ vaf ($d4,$d2,$t2); # K[3]+4 -+ vaf ($d5,$d2,$t3); # K[3]+5 -+ -+ vlr ($c0,@K[2]); -+ vlr ($c1,@K[2]); -+ vlr ($c2,@K[2]); -+ vlr ($c3,@K[2]); -+ vlr ($c4,@K[2]); -+ vlr ($c5,@K[2]); -+ -+ vlr ($t1,$d1); -+ vlr ($t2,$d2); -+ vlr ($t3,$d3); -+ -+ALIGN (4); -+LABEL (".Loop_vx"); -+ -+ VX_ROUND($a0,$a1,$a2,$a3,$a4,$a5, -+ $b0,$b1,$b2,$b3,$b4,$b5, -+ $c0,$c1,$c2,$c3,$c4,$c5, -+ $d0,$d1,$d2,$d3,$d4,$d5, -+ 0); -+ -+ VX_ROUND($a0,$a1,$a2,$a3,$a4,$a5, -+ $b0,$b1,$b2,$b3,$b4,$b5, -+ $c0,$c1,$c2,$c3,$c4,$c5, -+ $d0,$d1,$d2,$d3,$d4,$d5, -+ 1); -+ -+ brct ("%r0",".Loop_vx"); -+ -+ vaf ($a0,$a0,@K[0]); -+ vaf ($b0,$b0,@K[1]); -+ vaf ($c0,$c0,@K[2]); -+ vaf ($d0,$d0,@K[3]); -+ vaf ($a1,$a1,@K[0]); -+ vaf ($d1,$d1,$t1); # +K[3]+1 -+ -+ vperm ($a0,$a0,$a0,$beperm); -+ vperm ($b0,$b0,$b0,$beperm); -+ vperm ($c0,$c0,$c0,$beperm); -+ vperm ($d0,$d0,$d0,$beperm); -+ -+&{$z? \&clgfi:\&clfi} ($len,0x40); -+ jl (".Ltail_vx"); -+ -+ vaf ($d2,$d2,$t2); # +K[3]+2 -+ vaf ($d3,$d3,$t3); # +K[3]+3 -+ vlm ($t0,$t3,"0($inp)"); -+ -+ vx ($a0,$a0,$t0); -+ vx ($b0,$b0,$t1); -+ vx ($c0,$c0,$t2); -+ vx ($d0,$d0,$t3); -+ -+ vlm (@K[0],$t3,"0(%r7)"); # re-load sigma and increments -+ -+ vstm ($a0,$d0,"0($out)"); -+ -+ la ($inp,"0x40($inp)"); -+ la ($out,"0x40($out)"); -+&{$z? \&aghi:\&ahi} ($len,-0x40); -+ je (".Ldone_vx"); -+ -+ vaf ($b1,$b1,@K[1]); -+ vaf ($c1,$c1,@K[2]); -+ -+ vperm ($a0,$a1,$a1,$beperm); -+ vperm ($b0,$b1,$b1,$beperm); -+ vperm ($c0,$c1,$c1,$beperm); -+ vperm ($d0,$d1,$d1,$beperm); -+ -+&{$z? \&clgfi:\&clfi} ($len,0x40); -+ jl (".Ltail_vx"); -+ -+ vlm ($a1,$d1,"0($inp)"); -+ -+ vx ($a0,$a0,$a1); -+ vx ($b0,$b0,$b1); -+ vx ($c0,$c0,$c1); -+ vx ($d0,$d0,$d1); -+ -+ vstm ($a0,$d0,"0($out)"); -+ -+ la ($inp,"0x40($inp)"); -+ la ($out,"0x40($out)"); -+&{$z? \&aghi:\&ahi} ($len,-0x40); -+ je (".Ldone_vx"); -+ -+ vaf ($a2,$a2,@K[0]); -+ vaf ($b2,$b2,@K[1]); -+ vaf ($c2,$c2,@K[2]); -+ -+ vperm ($a0,$a2,$a2,$beperm); -+ vperm ($b0,$b2,$b2,$beperm); -+ vperm ($c0,$c2,$c2,$beperm); -+ vperm ($d0,$d2,$d2,$beperm); -+ -+&{$z? \&clgfi:\&clfi} ($len,0x40); -+ jl (".Ltail_vx"); -+ -+ vlm ($a1,$d1,"0($inp)"); -+ -+ vx ($a0,$a0,$a1); -+ vx ($b0,$b0,$b1); -+ vx ($c0,$c0,$c1); -+ vx ($d0,$d0,$d1); -+ -+ vstm ($a0,$d0,"0($out)"); -+ -+ la ($inp,"0x40($inp)"); -+ la ($out,"0x40($out)"); -+&{$z? \&aghi:\&ahi} ($len,-0x40); -+ je (".Ldone_vx"); -+ -+ vaf ($a3,$a3,@K[0]); -+ vaf ($b3,$b3,@K[1]); -+ vaf ($c3,$c3,@K[2]); -+ vaf ($d2,@K[3],$t3); # K[3]+3 -+ -+ vperm ($a0,$a3,$a3,$beperm); -+ vperm ($b0,$b3,$b3,$beperm); -+ vperm ($c0,$c3,$c3,$beperm); -+ vperm ($d0,$d3,$d3,$beperm); -+ -+&{$z? \&clgfi:\&clfi} ($len,0x40); -+ jl (".Ltail_vx"); -+ -+ vaf ($d3,$d2,$t1); # K[3]+4 -+ vlm ($a1,$d1,"0($inp)"); -+ -+ vx ($a0,$a0,$a1); -+ vx ($b0,$b0,$b1); -+ vx ($c0,$c0,$c1); -+ vx ($d0,$d0,$d1); -+ -+ vstm ($a0,$d0,"0($out)"); -+ -+ la ($inp,"0x40($inp)"); -+ la ($out,"0x40($out)"); -+&{$z? \&aghi:\&ahi} ($len,-0x40); -+ je (".Ldone_vx"); -+ -+ vaf ($a4,$a4,@K[0]); -+ vaf ($b4,$b4,@K[1]); -+ vaf ($c4,$c4,@K[2]); -+ vaf ($d4,$d4,$d3); # +K[3]+4 -+ vaf ($d3,$d3,$t1); # K[3]+5 -+ vaf (@K[3],$d2,$t3); # K[3]+=6 -+ -+ vperm ($a0,$a4,$a4,$beperm); -+ vperm ($b0,$b4,$b4,$beperm); -+ vperm ($c0,$c4,$c4,$beperm); -+ vperm ($d0,$d4,$d4,$beperm); -+ -+&{$z? \&clgfi:\&clfi} ($len,0x40); -+ jl (".Ltail_vx"); -+ -+ vlm ($a1,$d1,"0($inp)"); -+ -+ vx ($a0,$a0,$a1); -+ vx ($b0,$b0,$b1); -+ vx ($c0,$c0,$c1); -+ vx ($d0,$d0,$d1); -+ -+ vstm ($a0,$d0,"0($out)"); -+ -+ la ($inp,"0x40($inp)"); -+ la ($out,"0x40($out)"); -+&{$z? \&aghi:\&ahi} ($len,-0x40); -+ je (".Ldone_vx"); -+ -+ vaf ($a5,$a5,@K[0]); -+ vaf ($b5,$b5,@K[1]); -+ vaf ($c5,$c5,@K[2]); -+ vaf ($d5,$d5,$d3); # +K[3]+5 -+ -+ vperm ($a0,$a5,$a5,$beperm); -+ vperm ($b0,$b5,$b5,$beperm); -+ vperm ($c0,$c5,$c5,$beperm); -+ vperm ($d0,$d5,$d5,$beperm); -+ -+&{$z? \&clgfi:\&clfi} ($len,0x40); -+ jl (".Ltail_vx"); -+ -+ vlm ($a1,$d1,"0($inp)"); -+ -+ vx ($a0,$a0,$a1); -+ vx ($b0,$b0,$b1); -+ vx ($c0,$c0,$c1); -+ vx ($d0,$d0,$d1); -+ -+ vstm ($a0,$d0,"0($out)"); -+ -+ la ($inp,"0x40($inp)"); -+ la ($out,"0x40($out)"); -+ lhi ("%r0",10); -+&{$z? \&aghi:\&ahi} ($len,-0x40); -+ jne (".Loop_outer_vx"); -+ -+LABEL (".Ldone_vx"); -+if (!$z) { -+ ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); -+ ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); -+} else { -+ ld ("%f8","$FRAME-8*8($sp)"); -+ ld ("%f9","$FRAME-8*7($sp)"); -+ ld ("%f10","$FRAME-8*6($sp)"); -+ ld ("%f11","$FRAME-8*5($sp)"); -+ ld ("%f12","$FRAME-8*4($sp)"); -+ ld ("%f13","$FRAME-8*3($sp)"); -+ ld ("%f14","$FRAME-8*2($sp)"); -+ ld ("%f15","$FRAME-8*1($sp)"); -+} -+&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); -+ la ($sp,"$FRAME($sp)"); -+ br ("%r14"); -+ -+ALIGN (16); -+LABEL (".Ltail_vx"); -+if (!$z) { -+ ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); -+ ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); -+} else { -+ ld ("%f8","$FRAME-8*8($sp)"); -+ ld ("%f9","$FRAME-8*7($sp)"); -+ ld ("%f10","$FRAME-8*6($sp)"); -+ ld ("%f11","$FRAME-8*5($sp)"); -+ ld ("%f12","$FRAME-8*4($sp)"); -+ ld ("%f13","$FRAME-8*3($sp)"); -+ ld ("%f14","$FRAME-8*2($sp)"); -+ ld ("%f15","$FRAME-8*1($sp)"); -+} -+ vstm ($a0,$d0,"$stdframe($sp)"); -+ lghi ("%r1",0); -+ -+LABEL (".Loop_tail_vx"); -+ llgc ("%r5","0(%r1,$inp)"); -+ llgc ("%r6","$stdframe(%r1,$sp)"); -+ xr ("%r6","%r5"); -+ stc ("%r6","0(%r1,$out)"); -+ la ("%r1","1(%r1)"); -+ brct ($len,".Loop_tail_vx"); -+ -+&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); -+ la ($sp,"$FRAME($sp)"); -+ br ("%r14"); -+SIZE ("ChaCha20_ctr32_vx",".-ChaCha20_ctr32_vx"); -+} -+################ -+ -+ALIGN (32); -+LABEL (".Lsigma"); -+LONG (0x61707865,0x3320646e,0x79622d32,0x6b206574); # endian-neutral sigma -+LONG (1,0,0,0); -+LONG (2,0,0,0); -+LONG (3,0,0,0); -+LONG (0x03020100,0x07060504,0x0b0a0908,0x0f0e0d0c); # byte swap -+ -+LONG (0,1,2,3); -+LONG (0x61707865,0x61707865,0x61707865,0x61707865); # smashed sigma -+LONG (0x3320646e,0x3320646e,0x3320646e,0x3320646e); -+LONG (0x79622d32,0x79622d32,0x79622d32,0x79622d32); -+LONG (0x6b206574,0x6b206574,0x6b206574,0x6b206574); -+ -+ASCIZ ("\"ChaCha20 for s390x, CRYPTOGAMS by \""); -+ALIGN (4); -+ -+PERLASM_END(); -diff -up openssl-1.1.1e/crypto/perlasm/s390x.pm.s390x-update openssl-1.1.1e/crypto/perlasm/s390x.pm ---- openssl-1.1.1e/crypto/perlasm/s390x.pm.s390x-update 2020-03-19 16:20:22.039227394 +0100 -+++ openssl-1.1.1e/crypto/perlasm/s390x.pm 2020-03-19 16:20:22.039227394 +0100 -@@ -0,0 +1,3060 @@ -+#!/usr/bin/env perl -+# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. -+# -+# Licensed under the OpenSSL license (the "License"). You may not use -+# this file except in compliance with the License. You can obtain a copy -+# in the file LICENSE in the source distribution or at -+# https://www.openssl.org/source/license.html -+ -+# Copyright IBM Corp. 2018 -+# Author: Patrick Steuer -+ -+package perlasm::s390x; -+ -+use strict; -+use warnings; -+use Carp qw(confess); -+use Exporter qw(import); -+ -+our @EXPORT=qw(PERLASM_BEGIN PERLASM_END); -+our @EXPORT_OK=qw(AUTOLOAD LABEL INCLUDE stfle); -+our %EXPORT_TAGS=( -+ MSA => [qw(kmac km kmc kimd klmd)], -+ MSA4 => [qw(kmf kmo pcc kmctr)], -+ MSA5 => [qw(ppno prno)], -+ MSA8 => [qw(kma)], -+ VX => [qw(vgef vgeg vgbm vzero vone vgm vgmb vgmh vgmf vgmg -+ vl vlr vlrep vlrepb vlreph vlrepf vlrepg vleb vleh vlef vleg vleib -+ vleih vleif vleig vlgv vlgvb vlgvh vlgvf vlgvg vllez vllezb vllezh -+ vllezf vllezg vlm vlbb vlvg vlvgb vlvgh vlvgf vlvgg vlvgp -+ vll vmrh vmrhb vmrhh vmrhf vmrhg vmrl vmrlb vmrlh vmrlf vmrlg vpk -+ vpkh vpkf vpkg vpks vpksh vpksf vpksg vpkshs vpksfs vpksgs vpkls -+ vpklsh vpklsf vpklsg vpklshs vpklsfs vpklsgs vperm vpdi vrep vrepb -+ vreph vrepf vrepg vrepi vrepib vrepih vrepif vrepig vscef vsceg -+ vsel vseg vsegb vsegh vsegf vst vsteb vsteh vstef vsteg vstm vstl -+ vuph vuphb vuphh vuphf vuplh vuplhb vuplhh vuplhf vupl vuplb vuplhw -+ vuplf vupll vupllb vupllh vupllf va vab vah vaf vag vaq vacc vaccb -+ vacch vaccf vaccg vaccq vac vacq vaccc vacccq vn vnc vavg vavgb -+ vavgh vavgf vavgg vavgl vavglb vavglh vavglf vavglg vcksm vec_ vecb -+ vech vecf vecg vecl veclb veclh veclf veclg vceq vceqb vceqh vceqf -+ vceqg vceqbs vceqhs vceqfs vceqgs vch vchb vchh vchf vchg vchbs -+ vchhs vchfs vchgs vchl vchlb vchlh vchlf vchlg vchlbs vchlhs vchlfs -+ vchlgs vclz vclzb vclzh vclzf vclzg vctz vctzb vctzh vctzf vctzg -+ vx vgfm vgfmb vgfmh vgfmf vgfmg vgfma vgfmab vgfmah vgfmaf vgfmag -+ vlc vlcb vlch vlcf vlcg vlp vlpb vlph vlpf vlpg vmx vmxb vmxh vmxf -+ vmxg vmxl vmxlb vmxlh vmxlf vmxlg vmn vmnb vmnh vmnf vmng vmnl -+ vmnlb vmnlh vmnlf vmnlg vmal vmalb vmalhw vmalf vmah vmahb vmahh -+ vmahf vmalh vmalhb vmalhh vmalhf vmae vmaeb vmaeh vmaef vmale -+ vmaleb vmaleh vmalef vmao vmaob vmaoh vmaof vmalo vmalob vmaloh -+ vmalof vmh vmhb vmhh vmhf vmlh vmlhb vmlhh vmlhf vml vmlb vmlhw -+ vmlf vme vmeb vmeh vmef vmle vmleb vmleh vmlef vmo vmob vmoh vmof -+ vmlo vmlob vmloh vmlof vno vnot vo vpopct verllv verllvb verllvh -+ verllvf verllvg verll verllb verllh verllf verllg verim verimb -+ verimh verimf verimg veslv veslvb veslvh veslvf veslvg vesl veslb -+ veslh veslf veslg vesrav vesravb vesravh vesravf vesravg vesra -+ vesrab vesrah vesraf vesrag vesrlv vesrlvb vesrlvh vesrlvf vesrlvg -+ vesrl vesrlb vesrlh vesrlf vesrlg vsl vslb vsldb vsra vsrab vsrl -+ vsrlb vs vsb vsh vsf vsg vsq vscbi vscbib vscbih vscbif vscbig -+ vscbiq vsbi vsbiq vsbcbi vsbcbiq vsumg vsumgh vsumgf vsumq vsumqf -+ vsumqg vsum vsumb vsumh vtm vfae vfaeb vfaeh vfaef vfaebs vfaehs -+ vfaefs vfaezb vfaezh vfaezf vfaezbs vfaezhs vfaezfs vfee vfeeb -+ vfeeh vfeef vfeebs vfeehs vfeefs vfeezb vfeezh vfeezf vfeezbs -+ vfeezhs vfeezfs vfene vfeneb vfeneh vfenef vfenebs vfenehs vfenefs -+ vfenezb vfenezh vfenezf vfenezbs vfenezhs vfenezfs vistr vistrb -+ vistrh vistrf vistrbs vistrhs vistrfs vstrc vstrcb vstrch vstrcf -+ vstrcbs vstrchs vstrcfs vstrczb vstrczh vstrczf vstrczbs vstrczhs -+ vstrczfs vfa vfadb wfadb wfc wfcdb wfk wfkdb vfce vfcedb wfcedb -+ vfcedbs wfcedbs vfch vfchdb wfchdb vfchdbs wfchdbs vfche vfchedb -+ wfchedb vfchedbs wfchedbs vcdg vcdgb wcdgb vcdlg vcdlgb wcdlgb vcgd -+ vcgdb wcgdb vclgd vclgdb wclgdb vfd vfddb wfddb vfi vfidb wfidb -+ vlde vldeb wldeb vled vledb wledb vfm vfmdb wfmdb vfma vfmadb -+ wfmadb vfms vfmsdb wfmsdb vfpso vfpsodb wfpsodb vflcdb wflcdb -+ vflndb wflndb vflpdb wflpdb vfsq vfsqdb wfsqdb vfs vfsdb wfsdb -+ vftci vftcidb wftcidb)], -+ VXE => [qw(vbperm vllezlf vmsl vmslg vnx vnn voc vpopctb vpopcth -+ vpopctf vpopctg vfasb wfasb wfaxb wfcsb wfcxb wfksb wfkxb vfcesb -+ vfcesbs wfcesb wfcesbs wfcexb wfcexbs vfchsb vfchsbs wfchsb wfchsbs -+ wfchxb wfchxbs vfchesb vfchesbs wfchesb wfchesbs wfchexb wfchexbs -+ vfdsb wfdsb wfdxb vfisb wfisb wfixb vfll vflls wflls wflld vflr -+ vflrd wflrd wflrx vfmax vfmaxsb vfmaxdb wfmaxsb wfmaxdb wfmaxxb -+ vfmin vfminsb vfmindb wfminsb wfmindb wfminxb vfmsb wfmsb wfmxb -+ vfnma vfnms vfmasb wfmasb wfmaxb vfmssb wfmssb wfmsxb vfnmasb -+ vfnmadb wfnmasb wfnmadb wfnmaxb vfnmssb vfnmsdb wfnmssb wfnmsdb -+ wfnmsxb vfpsosb wfpsosb vflcsb wflcsb vflnsb wflnsb vflpsb wflpsb -+ vfpsoxb wfpsoxb vflcxb wflcxb vflnxb wflnxb vflpxb wflpxb vfsqsb -+ wfsqsb wfsqxb vfssb wfssb wfsxb vftcisb wftcisb wftcixb)], -+ VXD => [qw(vlrlr vlrl vstrlr vstrl vap vcp vcvb vcvbg vcvd vcvdg vdp -+ vlip vmp vmsp vpkz vpsop vrp vsdp vsrp vsp vtp vupkz)], -+); -+Exporter::export_ok_tags(qw(MSA MSA4 MSA5 MSA8 VX VXE VXD)); -+ -+our $AUTOLOAD; -+ -+my $GR='(?:%r)?([0-9]|1[0-5])'; -+my $VR='(?:%v)?([0-9]|1[0-9]|2[0-9]|3[0-1])'; -+ -+my ($file,$out); -+ -+sub PERLASM_BEGIN -+{ -+ ($file,$out)=(shift,""); -+} -+sub PERLASM_END -+{ -+ if (defined($file)) { -+ open(my $fd,'>',$file)||die("can't open $file: $!"); -+ print({$fd}$out); -+ close($fd); -+ } else { -+ print($out); -+ } -+} -+ -+sub AUTOLOAD { -+ confess(err("PARSE")) if (grep(!defined($_),@_)); -+ my $token; -+ for ($AUTOLOAD) { -+ $token=".$1" if (/^.*::([A-Z_]+)$/); # uppercase: directive -+ $token="\t$1" if (/^.*::([a-z]+)$/); # lowercase: mnemonic -+ confess(err("PARSE")) if (!defined($token)); -+ } -+ $token.="\t" if ($#_>=0); -+ $out.=$token.join(',',@_)."\n"; -+} -+ -+sub LABEL { # label directive -+ confess(err("ARGNUM")) if ($#_!=0); -+ my ($label)=@_; -+ $out.="$label:\n"; -+} -+ -+sub INCLUDE { -+ confess(err("ARGNUM")) if ($#_!=0); -+ my ($file)=@_; -+ $out.="#include \"$file\"\n"; -+} -+ -+# -+# Mnemonics -+# -+ -+sub stfle { -+ confess(err("ARGNUM")) if ($#_!=0); -+ S(0xb2b0,@_); -+} -+ -+# MSA -+ -+sub kmac { -+ confess(err("ARGNUM")) if ($#_!=1); -+ RRE(0xb91e,@_); -+} -+ -+sub km { -+ confess(err("ARGNUM")) if ($#_!=1); -+ RRE(0xb92e,@_); -+} -+ -+sub kmc { -+ confess(err("ARGNUM")) if ($#_!=1); -+ RRE(0xb92f,@_); -+} -+ -+sub kimd { -+ confess(err("ARGNUM")) if ($#_!=1); -+ RRE(0xb93e,@_); -+} -+ -+sub klmd { -+ confess(err("ARGNUM")) if ($#_!=1); -+ RRE(0xb93f,@_); -+} -+ -+# MSA4 -+ -+sub kmf { -+ confess(err("ARGNUM")) if ($#_!=1); -+ RRE(0xb92a,@_); -+} -+ -+sub kmo { -+ confess(err("ARGNUM")) if ($#_!=1); -+ RRE(0xb92b,@_); -+} -+ -+sub pcc { -+ confess(err("ARGNUM")) if ($#_!=-1); -+ RRE(0xb92c,@_); -+} -+ -+sub kmctr { -+ confess(err("ARGNUM")) if ($#_!=2); -+ RRFb(0xb92d,@_); -+} -+ -+# MSA5 -+ -+sub prno { -+ ppno(@_); -+} -+ -+sub ppno { # deprecated, use prno -+ confess(err("ARGNUM")) if ($#_!=1); -+ RRE(0xb93c,@_); -+} -+ -+# MSA8 -+ -+sub kma { -+ confess(err("ARGNUM")) if ($#_!=2); -+ RRFb(0xb929,@_); -+} -+ -+# VX - Support Instructions -+ -+sub vgef { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRV(0xe713,@_); -+} -+sub vgeg { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRV(0xe712,@_); -+} -+ -+sub vgbm { -+ confess(err("ARGNUM")) if ($#_!=1); -+ VRIa(0xe744,@_); -+} -+sub vzero { -+ vgbm(@_,0); -+} -+sub vone { -+ vgbm(@_,0xffff); -+} -+ -+sub vgm { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRIb(0xe746,@_); -+} -+sub vgmb { -+ vgm(@_,0); -+} -+sub vgmh { -+ vgm(@_,1); -+} -+sub vgmf { -+ vgm(@_,2); -+} -+sub vgmg { -+ vgm(@_,3); -+} -+ -+sub vl { -+ confess(err("ARGNUM")) if ($#_<1||$#_>2); -+ VRX(0xe706,@_); -+} -+ -+sub vlr { -+ confess(err("ARGNUM")) if ($#_!=1); -+ VRRa(0xe756,@_); -+} -+ -+sub vlrep { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe705,@_); -+} -+sub vlrepb { -+ vlrep(@_,0); -+} -+sub vlreph { -+ vlrep(@_,1); -+} -+sub vlrepf { -+ vlrep(@_,2); -+} -+sub vlrepg { -+ vlrep(@_,3); -+} -+ -+sub vleb { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe700,@_); -+} -+sub vleh { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe701,@_); -+} -+sub vlef { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe703,@_); -+} -+sub vleg { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe702,@_); -+} -+ -+sub vleib { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRIa(0xe740,@_); -+} -+sub vleih { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRIa(0xe741,@_); -+} -+sub vleif { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRIa(0xe743,@_); -+} -+sub vleig { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRIa(0xe742,@_); -+} -+ -+sub vlgv { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRSc(0xe721,@_); -+} -+sub vlgvb { -+ vlgv(@_,0); -+} -+sub vlgvh { -+ vlgv(@_,1); -+} -+sub vlgvf { -+ vlgv(@_,2); -+} -+sub vlgvg { -+ vlgv(@_,3); -+} -+ -+sub vllez { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe704,@_); -+} -+sub vllezb { -+ vllez(@_,0); -+} -+sub vllezh { -+ vllez(@_,1); -+} -+sub vllezf { -+ vllez(@_,2); -+} -+sub vllezg { -+ vllez(@_,3); -+} -+ -+sub vlm { -+ confess(err("ARGNUM")) if ($#_<2||$#_>3); -+ VRSa(0xe736,@_); -+} -+ -+sub vlbb { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe707,@_); -+} -+ -+sub vlvg { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRSb(0xe722,@_); -+} -+sub vlvgb { -+ vlvg(@_,0); -+} -+sub vlvgh { -+ vlvg(@_,1); -+} -+sub vlvgf { -+ vlvg(@_,2); -+} -+sub vlvgg { -+ vlvg(@_,3); -+} -+ -+sub vlvgp { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRf(0xe762,@_); -+} -+ -+sub vll { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRSb(0xe737,@_); -+} -+ -+sub vmrh { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe761,@_); -+} -+sub vmrhb { -+ vmrh(@_,0); -+} -+sub vmrhh { -+ vmrh(@_,1); -+} -+sub vmrhf { -+ vmrh(@_,2); -+} -+sub vmrhg { -+ vmrh(@_,3); -+} -+ -+sub vmrl { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe760,@_); -+} -+sub vmrlb { -+ vmrl(@_,0); -+} -+sub vmrlh { -+ vmrl(@_,1); -+} -+sub vmrlf { -+ vmrl(@_,2); -+} -+sub vmrlg { -+ vmrl(@_,3); -+} -+ -+sub vpk { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe794,@_); -+} -+sub vpkh { -+ vpk(@_,1); -+} -+sub vpkf { -+ vpk(@_,2); -+} -+sub vpkg { -+ vpk(@_,3); -+} -+ -+sub vpks { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRb(0xe797,@_); -+} -+sub vpksh { -+ vpks(@_,1,0); -+} -+sub vpksf { -+ vpks(@_,2,0); -+} -+sub vpksg { -+ vpks(@_,3,0); -+} -+sub vpkshs { -+ vpks(@_,1,1); -+} -+sub vpksfs { -+ vpks(@_,2,1); -+} -+sub vpksgs { -+ vpks(@_,3,1); -+} -+ -+sub vpkls { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRb(0xe795,@_); -+} -+sub vpklsh { -+ vpkls(@_,1,0); -+} -+sub vpklsf { -+ vpkls(@_,2,0); -+} -+sub vpklsg { -+ vpkls(@_,3,0); -+} -+sub vpklshs { -+ vpkls(@_,1,1); -+} -+sub vpklsfs { -+ vpkls(@_,2,1); -+} -+sub vpklsgs { -+ vpkls(@_,3,1); -+} -+ -+sub vperm { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRe(0xe78c,@_); -+} -+ -+sub vpdi { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe784,@_); -+} -+ -+sub vrep { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRIc(0xe74d,@_); -+} -+sub vrepb { -+ vrep(@_,0); -+} -+sub vreph { -+ vrep(@_,1); -+} -+sub vrepf { -+ vrep(@_,2); -+} -+sub vrepg { -+ vrep(@_,3); -+} -+ -+sub vrepi { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRIa(0xe745,@_); -+} -+sub vrepib { -+ vrepi(@_,0); -+} -+sub vrepih { -+ vrepi(@_,1); -+} -+sub vrepif { -+ vrepi(@_,2); -+} -+sub vrepig { -+ vrepi(@_,3); -+} -+ -+sub vscef { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRV(0xe71b,@_); -+} -+sub vsceg { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRV(0xe71a,@_); -+} -+ -+sub vsel { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRe(0xe78d,@_); -+} -+ -+sub vseg { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe75f,@_); -+} -+sub vsegb { -+ vseg(@_,0); -+} -+sub vsegh { -+ vseg(@_,1); -+} -+sub vsegf { -+ vseg(@_,2); -+} -+ -+sub vst { -+ confess(err("ARGNUM")) if ($#_<1||$#_>2); -+ VRX(0xe70e,@_); -+} -+ -+sub vsteb { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe708,@_); -+} -+sub vsteh { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe709,@_); -+} -+sub vstef { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe70b,@_); -+} -+sub vsteg { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRX(0xe70a,@_); -+} -+ -+sub vstm { -+ confess(err("ARGNUM")) if ($#_<2||$#_>3); -+ VRSa(0xe73e,@_); -+} -+ -+sub vstl { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRSb(0xe73f,@_); -+} -+ -+sub vuph { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe7d7,@_); -+} -+sub vuphb { -+ vuph(@_,0); -+} -+sub vuphh { -+ vuph(@_,1); -+} -+sub vuphf { -+ vuph(@_,2); -+} -+ -+sub vuplh { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe7d5,@_); -+} -+sub vuplhb { -+ vuplh(@_,0); -+} -+sub vuplhh { -+ vuplh(@_,1); -+} -+sub vuplhf { -+ vuplh(@_,2); -+} -+ -+sub vupl { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe7d6,@_); -+} -+sub vuplb { -+ vupl(@_,0); -+} -+sub vuplhw { -+ vupl(@_,1); -+} -+sub vuplf { -+ vupl(@_,2); -+} -+ -+sub vupll { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe7d4,@_); -+} -+sub vupllb { -+ vupll(@_,0); -+} -+sub vupllh { -+ vupll(@_,1); -+} -+sub vupllf { -+ vupll(@_,2); -+} -+ -+# VX - Integer Instructions -+ -+sub va { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7f3,@_); -+} -+sub vab { -+ va(@_,0); -+} -+sub vah { -+ va(@_,1); -+} -+sub vaf { -+ va(@_,2); -+} -+sub vag { -+ va(@_,3); -+} -+sub vaq { -+ va(@_,4); -+} -+ -+sub vacc { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7f1,@_); -+} -+sub vaccb { -+ vacc(@_,0); -+} -+sub vacch { -+ vacc(@_,1); -+} -+sub vaccf { -+ vacc(@_,2); -+} -+sub vaccg { -+ vacc(@_,3); -+} -+sub vaccq { -+ vacc(@_,4); -+} -+ -+sub vac { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7bb,@_); -+} -+sub vacq { -+ vac(@_,4); -+} -+ -+sub vaccc { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7b9,@_); -+} -+sub vacccq { -+ vaccc(@_,4); -+} -+ -+sub vn { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe768,@_); -+} -+ -+sub vnc { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe769,@_); -+} -+ -+sub vavg { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7f2,@_); -+} -+sub vavgb { -+ vavg(@_,0); -+} -+sub vavgh { -+ vavg(@_,1); -+} -+sub vavgf { -+ vavg(@_,2); -+} -+sub vavgg { -+ vavg(@_,3); -+} -+ -+sub vavgl { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7f0,@_); -+} -+sub vavglb { -+ vavgl(@_,0); -+} -+sub vavglh { -+ vavgl(@_,1); -+} -+sub vavglf { -+ vavgl(@_,2); -+} -+sub vavglg { -+ vavgl(@_,3); -+} -+ -+sub vcksm { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe766,@_); -+} -+ -+sub vec_ { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe7db,@_); -+} -+sub vecb { -+ vec_(@_,0); -+} -+sub vech { -+ vec_(@_,1); -+} -+sub vecf { -+ vec_(@_,2); -+} -+sub vecg { -+ vec_(@_,3); -+} -+ -+sub vecl { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe7d9,@_); -+} -+sub veclb { -+ vecl(@_,0); -+} -+sub veclh { -+ vecl(@_,1); -+} -+sub veclf { -+ vecl(@_,2); -+} -+sub veclg { -+ vecl(@_,3); -+} -+ -+sub vceq { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRb(0xe7f8,@_); -+} -+sub vceqb { -+ vceq(@_,0,0); -+} -+sub vceqh { -+ vceq(@_,1,0); -+} -+sub vceqf { -+ vceq(@_,2,0); -+} -+sub vceqg { -+ vceq(@_,3,0); -+} -+sub vceqbs { -+ vceq(@_,0,1); -+} -+sub vceqhs { -+ vceq(@_,1,1); -+} -+sub vceqfs { -+ vceq(@_,2,1); -+} -+sub vceqgs { -+ vceq(@_,3,1); -+} -+ -+sub vch { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRb(0xe7fb,@_); -+} -+sub vchb { -+ vch(@_,0,0); -+} -+sub vchh { -+ vch(@_,1,0); -+} -+sub vchf { -+ vch(@_,2,0); -+} -+sub vchg { -+ vch(@_,3,0); -+} -+sub vchbs { -+ vch(@_,0,1); -+} -+sub vchhs { -+ vch(@_,1,1); -+} -+sub vchfs { -+ vch(@_,2,1); -+} -+sub vchgs { -+ vch(@_,3,1); -+} -+ -+sub vchl { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRb(0xe7f9,@_); -+} -+sub vchlb { -+ vchl(@_,0,0); -+} -+sub vchlh { -+ vchl(@_,1,0); -+} -+sub vchlf { -+ vchl(@_,2,0); -+} -+sub vchlg { -+ vchl(@_,3,0); -+} -+sub vchlbs { -+ vchl(@_,0,1); -+} -+sub vchlhs { -+ vchl(@_,1,1); -+} -+sub vchlfs { -+ vchl(@_,2,1); -+} -+sub vchlgs { -+ vchl(@_,3,1); -+} -+ -+sub vclz { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe753,@_); -+} -+sub vclzb { -+ vclz(@_,0); -+} -+sub vclzh { -+ vclz(@_,1); -+} -+sub vclzf { -+ vclz(@_,2); -+} -+sub vclzg { -+ vclz(@_,3); -+} -+ -+sub vctz { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe752,@_); -+} -+sub vctzb { -+ vctz(@_,0); -+} -+sub vctzh { -+ vctz(@_,1); -+} -+sub vctzf { -+ vctz(@_,2); -+} -+sub vctzg { -+ vctz(@_,3); -+} -+ -+sub vx { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe76d,@_); -+} -+ -+sub vgfm { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7b4,@_); -+} -+sub vgfmb { -+ vgfm(@_,0); -+} -+sub vgfmh { -+ vgfm(@_,1); -+} -+sub vgfmf { -+ vgfm(@_,2); -+} -+sub vgfmg { -+ vgfm(@_,3); -+} -+ -+sub vgfma { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7bc,@_); -+} -+sub vgfmab { -+ vgfma(@_,0); -+} -+sub vgfmah { -+ vgfma(@_,1); -+} -+sub vgfmaf { -+ vgfma(@_,2); -+} -+sub vgfmag { -+ vgfma(@_,3); -+} -+ -+sub vlc { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe7de,@_); -+} -+sub vlcb { -+ vlc(@_,0); -+} -+sub vlch { -+ vlc(@_,1); -+} -+sub vlcf { -+ vlc(@_,2); -+} -+sub vlcg { -+ vlc(@_,3); -+} -+ -+sub vlp { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe7df,@_); -+} -+sub vlpb { -+ vlp(@_,0); -+} -+sub vlph { -+ vlp(@_,1); -+} -+sub vlpf { -+ vlp(@_,2); -+} -+sub vlpg { -+ vlp(@_,3); -+} -+ -+sub vmx { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7ff,@_); -+} -+sub vmxb { -+ vmx(@_,0); -+} -+sub vmxh { -+ vmx(@_,1); -+} -+sub vmxf { -+ vmx(@_,2); -+} -+sub vmxg { -+ vmx(@_,3); -+} -+ -+sub vmxl { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7fd,@_); -+} -+sub vmxlb { -+ vmxl(@_,0); -+} -+sub vmxlh { -+ vmxl(@_,1); -+} -+sub vmxlf { -+ vmxl(@_,2); -+} -+sub vmxlg { -+ vmxl(@_,3); -+} -+ -+sub vmn { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7fe,@_); -+} -+sub vmnb { -+ vmn(@_,0); -+} -+sub vmnh { -+ vmn(@_,1); -+} -+sub vmnf { -+ vmn(@_,2); -+} -+sub vmng { -+ vmn(@_,3); -+} -+ -+sub vmnl { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7fc,@_); -+} -+sub vmnlb { -+ vmnl(@_,0); -+} -+sub vmnlh { -+ vmnl(@_,1); -+} -+sub vmnlf { -+ vmnl(@_,2); -+} -+sub vmnlg { -+ vmnl(@_,3); -+} -+ -+sub vmal { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7aa,@_); -+} -+sub vmalb { -+ vmal(@_,0); -+} -+sub vmalhw { -+ vmal(@_,1); -+} -+sub vmalf { -+ vmal(@_,2); -+} -+ -+sub vmah { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7ab,@_); -+} -+sub vmahb { -+ vmah(@_,0); -+} -+sub vmahh { -+ vmah(@_,1); -+} -+sub vmahf { -+ vmah(@_,2); -+} -+ -+sub vmalh { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7a9,@_); -+} -+sub vmalhb { -+ vmalh(@_,0); -+} -+sub vmalhh { -+ vmalh(@_,1); -+} -+sub vmalhf { -+ vmalh(@_,2); -+} -+ -+sub vmae { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7ae,@_); -+} -+sub vmaeb { -+ vmae(@_,0); -+} -+sub vmaeh { -+ vmae(@_,1); -+} -+sub vmaef { -+ vmae(@_,2); -+} -+ -+sub vmale { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7ac,@_); -+} -+sub vmaleb { -+ vmale(@_,0); -+} -+sub vmaleh { -+ vmale(@_,1); -+} -+sub vmalef { -+ vmale(@_,2); -+} -+ -+sub vmao { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7af,@_); -+} -+sub vmaob { -+ vmao(@_,0); -+} -+sub vmaoh { -+ vmao(@_,1); -+} -+sub vmaof { -+ vmao(@_,2); -+} -+ -+sub vmalo { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7ad,@_); -+} -+sub vmalob { -+ vmalo(@_,0); -+} -+sub vmaloh { -+ vmalo(@_,1); -+} -+sub vmalof { -+ vmalo(@_,2); -+} -+ -+sub vmh { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7a3,@_); -+} -+sub vmhb { -+ vmh(@_,0); -+} -+sub vmhh { -+ vmh(@_,1); -+} -+sub vmhf { -+ vmh(@_,2); -+} -+ -+sub vmlh { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7a1,@_); -+} -+sub vmlhb { -+ vmlh(@_,0); -+} -+sub vmlhh { -+ vmlh(@_,1); -+} -+sub vmlhf { -+ vmlh(@_,2); -+} -+ -+sub vml { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7a2,@_); -+} -+sub vmlb { -+ vml(@_,0); -+} -+sub vmlhw { -+ vml(@_,1); -+} -+sub vmlf { -+ vml(@_,2); -+} -+ -+sub vme { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7a6,@_); -+} -+sub vmeb { -+ vme(@_,0); -+} -+sub vmeh { -+ vme(@_,1); -+} -+sub vmef { -+ vme(@_,2); -+} -+ -+sub vmle { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7a4,@_); -+} -+sub vmleb { -+ vmle(@_,0); -+} -+sub vmleh { -+ vmle(@_,1); -+} -+sub vmlef { -+ vmle(@_,2); -+} -+ -+sub vmo { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7a7,@_); -+} -+sub vmob { -+ vmo(@_,0); -+} -+sub vmoh { -+ vmo(@_,1); -+} -+sub vmof { -+ vmo(@_,2); -+} -+ -+sub vmlo { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7a5,@_); -+} -+sub vmlob { -+ vmlo(@_,0); -+} -+sub vmloh { -+ vmlo(@_,1); -+} -+sub vmlof { -+ vmlo(@_,2); -+} -+ -+sub vno { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe76b,@_); -+} -+sub vnot { -+ vno(@_,$_[1]); -+} -+ -+sub vo { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe76a,@_); -+} -+ -+sub vpopct { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRa(0xe750,@_); -+} -+ -+sub verllv { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe773,@_); -+} -+sub verllvb { -+ verllv(@_,0); -+} -+sub verllvh { -+ verllv(@_,1); -+} -+sub verllvf { -+ verllv(@_,2); -+} -+sub verllvg { -+ verllv(@_,3); -+} -+ -+sub verll { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRSa(0xe733,@_); -+} -+sub verllb { -+ verll(@_,0); -+} -+sub verllh { -+ verll(@_,1); -+} -+sub verllf { -+ verll(@_,2); -+} -+sub verllg { -+ verll(@_,3); -+} -+ -+sub verim { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRId(0xe772,@_); -+} -+sub verimb { -+ verim(@_,0); -+} -+sub verimh { -+ verim(@_,1); -+} -+sub verimf { -+ verim(@_,2); -+} -+sub verimg { -+ verim(@_,3); -+} -+ -+sub veslv { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe770,@_); -+} -+sub veslvb { -+ veslv(@_,0); -+} -+sub veslvh { -+ veslv(@_,1); -+} -+sub veslvf { -+ veslv(@_,2); -+} -+sub veslvg { -+ veslv(@_,3); -+} -+ -+sub vesl { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRSa(0xe730,@_); -+} -+sub veslb { -+ vesl(@_,0); -+} -+sub veslh { -+ vesl(@_,1); -+} -+sub veslf { -+ vesl(@_,2); -+} -+sub veslg { -+ vesl(@_,3); -+} -+ -+sub vesrav { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe77a,@_); -+} -+sub vesravb { -+ vesrav(@_,0); -+} -+sub vesravh { -+ vesrav(@_,1); -+} -+sub vesravf { -+ vesrav(@_,2); -+} -+sub vesravg { -+ vesrav(@_,3); -+} -+ -+sub vesra { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRSa(0xe73a,@_); -+} -+sub vesrab { -+ vesra(@_,0); -+} -+sub vesrah { -+ vesra(@_,1); -+} -+sub vesraf { -+ vesra(@_,2); -+} -+sub vesrag { -+ vesra(@_,3); -+} -+ -+sub vesrlv { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe778,@_); -+} -+sub vesrlvb { -+ vesrlv(@_,0); -+} -+sub vesrlvh { -+ vesrlv(@_,1); -+} -+sub vesrlvf { -+ vesrlv(@_,2); -+} -+sub vesrlvg { -+ vesrlv(@_,3); -+} -+ -+sub vesrl { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRSa(0xe738,@_); -+} -+sub vesrlb { -+ vesrl(@_,0); -+} -+sub vesrlh { -+ vesrl(@_,1); -+} -+sub vesrlf { -+ vesrl(@_,2); -+} -+sub vesrlg { -+ vesrl(@_,3); -+} -+ -+sub vsl { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe774,@_); -+} -+ -+sub vslb { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe775,@_); -+} -+ -+sub vsldb { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRId(0xe777,@_); -+} -+ -+sub vsra { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe77e,@_); -+} -+ -+sub vsrab { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe77f,@_); -+} -+ -+sub vsrl { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe77c,@_); -+} -+ -+sub vsrlb { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe77d,@_); -+} -+ -+sub vs { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7f7,@_); -+} -+sub vsb { -+ vs(@_,0); -+} -+sub vsh { -+ vs(@_,1); -+} -+sub vsf { -+ vs(@_,2); -+} -+sub vsg { -+ vs(@_,3); -+} -+sub vsq { -+ vs(@_,4); -+} -+ -+sub vscbi { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe7f5,@_); -+} -+sub vscbib { -+ vscbi(@_,0); -+} -+sub vscbih { -+ vscbi(@_,1); -+} -+sub vscbif { -+ vscbi(@_,2); -+} -+sub vscbig { -+ vscbi(@_,3); -+} -+sub vscbiq { -+ vscbi(@_,4); -+} -+ -+sub vsbi { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7bf,@_); -+} -+sub vsbiq { -+ vsbi(@_,4); -+} -+ -+sub vsbcbi { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRd(0xe7bd,@_); -+} -+sub vsbcbiq { -+ vsbcbi(@_,4); -+} -+ -+sub vsumg { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe765,@_); -+} -+sub vsumgh { -+ vsumg(@_,1); -+} -+sub vsumgf { -+ vsumg(@_,2); -+} -+ -+sub vsumq { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe767,@_); -+} -+sub vsumqf { -+ vsumq(@_,2); -+} -+sub vsumqg { -+ vsumq(@_,3); -+} -+ -+sub vsum { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRc(0xe764,@_); -+} -+sub vsumb { -+ vsum(@_,0); -+} -+sub vsumh { -+ vsum(@_,1); -+} -+ -+sub vtm { -+ confess(err("ARGNUM")) if ($#_!=1); -+ VRRa(0xe7d8,@_); -+} -+ -+# VX - String Instructions -+ -+sub vfae { -+ confess(err("ARGNUM")) if ($#_<3||$#_>4); -+ VRRb(0xe782,@_); -+} -+sub vfaeb { -+ vfae(@_[0..2],0,$_[3]); -+} -+sub vfaeh { -+ vfae(@_[0..2],1,$_[3]); -+} -+sub vfaef { -+ vfae(@_[0..2],2,$_[3]); -+} -+sub vfaebs { -+ $_[3]=0 if (!defined($_[3])); -+ vfae(@_[0..2],0,0x1|$_[3]); -+} -+sub vfaehs { -+ $_[3]=0 if (!defined($_[3])); -+ vfae(@_[0..2],1,0x1|$_[3]); -+} -+sub vfaefs { -+ $_[3]=0 if (!defined($_[3])); -+ vfae(@_[0..2],2,0x1|$_[3]); -+} -+sub vfaezb { -+ $_[3]=0 if (!defined($_[3])); -+ vfae(@_[0..2],0,0x2|$_[3]); -+} -+sub vfaezh { -+ $_[3]=0 if (!defined($_[3])); -+ vfae(@_[0..2],1,0x2|$_[3]); -+} -+sub vfaezf { -+ $_[3]=0 if (!defined($_[3])); -+ vfae(@_[0..2],2,0x2|$_[3]); -+} -+sub vfaezbs { -+ $_[3]=0 if (!defined($_[3])); -+ vfae(@_[0..2],0,0x3|$_[3]); -+} -+sub vfaezhs { -+ $_[3]=0 if (!defined($_[3])); -+ vfae(@_[0..2],1,0x3|$_[3]); -+} -+sub vfaezfs { -+ $_[3]=0 if (!defined($_[3])); -+ vfae(@_[0..2],2,0x3|$_[3]); -+} -+ -+sub vfee { -+ confess(err("ARGNUM")) if ($#_<3||$#_>4); -+ VRRb(0xe780,@_); -+} -+sub vfeeb { -+ vfee(@_[0..2],0,$_[3]); -+} -+sub vfeeh { -+ vfee(@_[0..2],1,$_[3]); -+} -+sub vfeef { -+ vfee(@_[0..2],2,$_[3]); -+} -+sub vfeebs { -+ vfee(@_,0,1); -+} -+sub vfeehs { -+ vfee(@_,1,1); -+} -+sub vfeefs { -+ vfee(@_,2,1); -+} -+sub vfeezb { -+ vfee(@_,0,2); -+} -+sub vfeezh { -+ vfee(@_,1,2); -+} -+sub vfeezf { -+ vfee(@_,2,2); -+} -+sub vfeezbs { -+ vfee(@_,0,3); -+} -+sub vfeezhs { -+ vfee(@_,1,3); -+} -+sub vfeezfs { -+ vfee(@_,2,3); -+} -+ -+sub vfene { -+ confess(err("ARGNUM")) if ($#_<3||$#_>4); -+ VRRb(0xe781,@_); -+} -+sub vfeneb { -+ vfene(@_[0..2],0,$_[3]); -+} -+sub vfeneh { -+ vfene(@_[0..2],1,$_[3]); -+} -+sub vfenef { -+ vfene(@_[0..2],2,$_[3]); -+} -+sub vfenebs { -+ vfene(@_,0,1); -+} -+sub vfenehs { -+ vfene(@_,1,1); -+} -+sub vfenefs { -+ vfene(@_,2,1); -+} -+sub vfenezb { -+ vfene(@_,0,2); -+} -+sub vfenezh { -+ vfene(@_,1,2); -+} -+sub vfenezf { -+ vfene(@_,2,2); -+} -+sub vfenezbs { -+ vfene(@_,0,3); -+} -+sub vfenezhs { -+ vfene(@_,1,3); -+} -+sub vfenezfs { -+ vfene(@_,2,3); -+} -+ -+sub vistr { -+ confess(err("ARGNUM")) if ($#_<2||$#_>3); -+ VRRa(0xe75c,@_[0..2],0,$_[3]); -+} -+sub vistrb { -+ vistr(@_[0..1],0,$_[2]); -+} -+sub vistrh { -+ vistr(@_[0..1],1,$_[2]); -+} -+sub vistrf { -+ vistr(@_[0..1],2,$_[2]); -+} -+sub vistrbs { -+ vistr(@_,0,1); -+} -+sub vistrhs { -+ vistr(@_,1,1); -+} -+sub vistrfs { -+ vistr(@_,2,1); -+} -+ -+sub vstrc { -+ confess(err("ARGNUM")) if ($#_<4||$#_>5); -+ VRRd(0xe78a,@_); -+} -+sub vstrcb { -+ vstrc(@_[0..3],0,$_[4]); -+} -+sub vstrch { -+ vstrc(@_[0..3],1,$_[4]); -+} -+sub vstrcf { -+ vstrc(@_[0..3],2,$_[4]); -+} -+sub vstrcbs { -+ $_[4]=0 if (!defined($_[4])); -+ vstrc(@_[0..3],0,0x1|$_[4]); -+} -+sub vstrchs { -+ $_[4]=0 if (!defined($_[4])); -+ vstrc(@_[0..3],1,0x1|$_[4]); -+} -+sub vstrcfs { -+ $_[4]=0 if (!defined($_[4])); -+ vstrc(@_[0..3],2,0x1|$_[4]); -+} -+sub vstrczb { -+ $_[4]=0 if (!defined($_[4])); -+ vstrc(@_[0..3],0,0x2|$_[4]); -+} -+sub vstrczh { -+ $_[4]=0 if (!defined($_[4])); -+ vstrc(@_[0..3],1,0x2|$_[4]); -+} -+sub vstrczf { -+ $_[4]=0 if (!defined($_[4])); -+ vstrc(@_[0..3],2,0x2|$_[4]); -+} -+sub vstrczbs { -+ $_[4]=0 if (!defined($_[4])); -+ vstrc(@_[0..3],0,0x3|$_[4]); -+} -+sub vstrczhs { -+ $_[4]=0 if (!defined($_[4])); -+ vstrc(@_[0..3],1,0x3|$_[4]); -+} -+sub vstrczfs { -+ $_[4]=0 if (!defined($_[4])); -+ vstrc(@_[0..3],2,0x3|$_[4]); -+} -+ -+# VX - Floating-point Instructions -+ -+sub vfa { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRc(0xe7e3,@_); -+} -+sub vfadb { -+ vfa(@_,3,0); -+} -+sub wfadb { -+ vfa(@_,3,8); -+} -+ -+sub wfc { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRa(0xe7cb,@_); -+} -+sub wfcdb { -+ wfc(@_,3,0); -+} -+ -+sub wfk { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRa(0xe7ca,@_); -+} -+sub wfksb { -+ wfk(@_,2,0); -+} -+sub wfkdb { -+ wfk(@_,3,0); -+} -+sub wfkxb { -+ wfk(@_,4,0); -+} -+ -+sub vfce { -+ confess(err("ARGNUM")) if ($#_!=5); -+ VRRc(0xe7e8,@_); -+} -+sub vfcedb { -+ vfce(@_,3,0,0); -+} -+sub vfcedbs { -+ vfce(@_,3,0,1); -+} -+sub wfcedb { -+ vfce(@_,3,8,0); -+} -+sub wfcedbs { -+ vfce(@_,3,8,1); -+} -+ -+sub vfch { -+ confess(err("ARGNUM")) if ($#_!=5); -+ VRRc(0xe7eb,@_); -+} -+sub vfchdb { -+ vfch(@_,3,0,0); -+} -+sub vfchdbs { -+ vfch(@_,3,0,1); -+} -+sub wfchdb { -+ vfch(@_,3,8,0); -+} -+sub wfchdbs { -+ vfch(@_,3,8,1); -+} -+ -+sub vfche { -+ confess(err("ARGNUM")) if ($#_!=5); -+ VRRc(0xe7ea,@_); -+} -+sub vfchedb { -+ vfche(@_,3,0,0); -+} -+sub vfchedbs { -+ vfche(@_,3,0,1); -+} -+sub wfchedb { -+ vfche(@_,3,8,0); -+} -+sub wfchedbs { -+ vfche(@_,3,8,1); -+} -+ -+sub vcdg { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRa(0xe7c3,@_); -+} -+sub vcdgb { -+ vcdg(@_[0..1],3,@_[2..3]); -+} -+sub wcdgb { -+ vcdg(@_[0..1],3,0x8|$_[2],$_[3]); -+} -+ -+sub vcdlg { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRa(0xe7c1,@_); -+} -+sub vcdlgb { -+ vcdlg(@_[0..1],3,@_[2..3]); -+} -+sub wcdlgb { -+ vcdlg(@_[0..1],3,0x8|$_[2],$_[3]); -+} -+ -+sub vcgd { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRa(0xe7c2,@_); -+} -+sub vcgdb { -+ vcgd(@_[0..1],3,@_[2..3]); -+} -+sub wcgdb { -+ vcgd(@_[0..1],3,0x8|$_[2],$_[3]); -+} -+ -+sub vclgd { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRa(0xe7c0,@_); -+} -+sub vclgdb { -+ vclgd(@_[0..1],3,@_[2..3]); -+} -+sub wclgdb { -+ vclgd(@_[0..1],3,0x8|$_[2],$_[3]); -+} -+ -+sub vfd { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRc(0xe7e5,@_); -+} -+sub vfddb { -+ vfd(@_,3,0); -+} -+sub wfddb { -+ vfd(@_,3,8); -+} -+ -+sub vfi { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRa(0xe7c7,@_); -+} -+sub vfidb { -+ vfi(@_[0..1],3,@_[2..3]); -+} -+sub wfidb { -+ vfi(@_[0..1],3,0x8|$_[2],$_[3]); -+} -+ -+sub vlde { # deprecated, use vfll -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRa(0xe7c4,@_); -+} -+sub vldeb { # deprecated, use vflls -+ vlde(@_,2,0); -+} -+sub wldeb { # deprecated, use wflls -+ vlde(@_,2,8); -+} -+ -+sub vled { # deprecated, use vflr -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRa(0xe7c5,@_); -+} -+sub vledb { # deprecated, use vflrd -+ vled(@_[0..1],3,@_[2..3]); -+} -+sub wledb { # deprecated, use wflrd -+ vled(@_[0..1],3,0x8|$_[2],$_[3]); -+} -+ -+sub vfm { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRc(0xe7e7,@_); -+} -+sub vfmdb { -+ vfm(@_,3,0); -+} -+sub wfmdb { -+ vfm(@_,3,8); -+} -+ -+sub vfma { -+ confess(err("ARGNUM")) if ($#_!=5); -+ VRRe(0xe78f,@_); -+} -+sub vfmadb { -+ vfma(@_,0,3); -+} -+sub wfmadb { -+ vfma(@_,8,3); -+} -+ -+sub vfms { -+ confess(err("ARGNUM")) if ($#_!=5); -+ VRRe(0xe78e,@_); -+} -+sub vfmsdb { -+ vfms(@_,0,3); -+} -+sub wfmsdb { -+ vfms(@_,8,3); -+} -+ -+sub vfpso { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRa(0xe7cc,@_); -+} -+sub vfpsodb { -+ vfpso(@_[0..1],3,0,$_[2]); -+} -+sub wfpsodb { -+ vfpso(@_[0..1],3,8,$_[2]); -+} -+sub vflcdb { -+ vfpso(@_,3,0,0); -+} -+sub wflcdb { -+ vfpso(@_,3,8,0); -+} -+sub vflndb { -+ vfpso(@_,3,0,1); -+} -+sub wflndb { -+ vfpso(@_,3,8,1); -+} -+sub vflpdb { -+ vfpso(@_,3,0,2); -+} -+sub wflpdb { -+ vfpso(@_,3,8,2); -+} -+ -+sub vfsq { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRRa(0xe7ce,@_); -+} -+sub vfsqdb { -+ vfsq(@_,3,0); -+} -+sub wfsqdb { -+ vfsq(@_,3,8); -+} -+ -+sub vfs { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRRc(0xe7e2,@_); -+} -+sub vfsdb { -+ vfs(@_,3,0); -+} -+sub wfsdb { -+ vfs(@_,3,8); -+} -+ -+sub vftci { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRIe(0xe74a,@_); -+} -+sub vftcidb { -+ vftci(@_,3,0); -+} -+sub wftcidb { -+ vftci(@_,3,8); -+} -+ -+# VXE - Support Instructions -+ -+sub vbperm { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe785,@_); -+} -+ -+sub vllezlf { -+ vllez(@_,6); -+} -+ -+# VXE - Integer Instructions -+ -+sub vmsl { -+ confess(err("ARGNUM")) if ($#_!=5); -+ VRRd(0xe7b8,@_); -+} -+sub vmslg { -+ vmsl(@_[0..3],3,$_[4]); -+} -+ -+sub vnx { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe76c,@_); -+} -+ -+sub vnn { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe76e,@_); -+} -+ -+sub voc { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRc(0xe76f,@_); -+} -+ -+sub vpopctb { -+ vpopct(@_,0); -+} -+sub vpopcth { -+ vpopct(@_,1); -+} -+sub vpopctf { -+ vpopct(@_,2); -+} -+sub vpopctg { -+ vpopct(@_,3); -+} -+ -+# VXE - Floating-Point Instructions -+ -+sub vfasb { -+ vfa(@_,2,0); -+} -+sub wfasb { -+ vfa(@_,2,8); -+} -+sub wfaxb { -+ vfa(@_,4,8); -+} -+ -+sub wfcsb { -+ wfc(@_,2,0); -+} -+sub wfcxb { -+ wfc(@_,4,0); -+} -+ -+sub vfcesb { -+ vfce(@_,2,0,0); -+} -+sub vfcesbs { -+ vfce(@_,2,0,1); -+} -+sub wfcesb { -+ vfce(@_,2,8,0); -+} -+sub wfcesbs { -+ vfce(@_,2,8,1); -+} -+sub wfcexb { -+ vfce(@_,4,8,0); -+} -+sub wfcexbs { -+ vfce(@_,4,8,1); -+} -+ -+sub vfchsb { -+ vfch(@_,2,0,0); -+} -+sub vfchsbs { -+ vfch(@_,2,0,1); -+} -+sub wfchsb { -+ vfch(@_,2,8,0); -+} -+sub wfchsbs { -+ vfch(@_,2,8,1); -+} -+sub wfchxb { -+ vfch(@_,4,8,0); -+} -+sub wfchxbs { -+ vfch(@_,4,8,1); -+} -+ -+sub vfchesb { -+ vfche(@_,2,0,0); -+} -+sub vfchesbs { -+ vfche(@_,2,0,1); -+} -+sub wfchesb { -+ vfche(@_,2,8,0); -+} -+sub wfchesbs { -+ vfche(@_,2,8,1); -+} -+sub wfchexb { -+ vfche(@_,4,8,0); -+} -+sub wfchexbs { -+ vfche(@_,4,8,1); -+} -+ -+sub vfdsb { -+ vfd(@_,2,0); -+} -+sub wfdsb { -+ vfd(@_,2,8); -+} -+sub wfdxb { -+ vfd(@_,4,8); -+} -+ -+sub vfisb { -+ vfi(@_[0..1],2,@_[2..3]); -+} -+sub wfisb { -+ vfi(@_[0..1],2,0x8|$_[2],$_[3]); -+} -+sub wfixb { -+ vfi(@_[0..1],4,0x8|$_[2],$_[3]); -+} -+ -+sub vfll { -+ vlde(@_); -+} -+sub vflls { -+ vfll(@_,2,0); -+} -+sub wflls { -+ vfll(@_,2,8); -+} -+sub wflld { -+ vfll(@_,3,8); -+} -+ -+sub vflr { -+ vled(@_); -+} -+sub vflrd { -+ vflr(@_[0..1],3,@_[2..3]); -+} -+sub wflrd { -+ vflr(@_[0..1],3,0x8|$_[2],$_[3]); -+} -+sub wflrx { -+ vflr(@_[0..1],4,0x8|$_[2],$_[3]); -+} -+ -+sub vfmax { -+ confess(err("ARGNUM")) if ($#_!=5); -+ VRRc(0xe7ef,@_); -+} -+sub vfmaxsb { -+ vfmax(@_[0..2],2,0,$_[3]); -+} -+sub vfmaxdb { -+ vfmax(@_[0..2],3,0,$_[3]); -+} -+sub wfmaxsb { -+ vfmax(@_[0..2],2,8,$_[3]); -+} -+sub wfmaxdb { -+ vfmax(@_[0..2],3,8,$_[3]); -+} -+sub wfmaxxb { -+ vfmax(@_[0..2],4,8,$_[3]); -+} -+ -+sub vfmin { -+ confess(err("ARGNUM")) if ($#_!=5); -+ VRRc(0xe7ee,@_); -+} -+sub vfminsb { -+ vfmin(@_[0..2],2,0,$_[5]); -+} -+sub vfmindb { -+ vfmin(@_[0..2],3,0,$_[5]); -+} -+sub wfminsb { -+ vfmin(@_[0..2],2,8,$_[5]); -+} -+sub wfmindb { -+ vfmin(@_[0..2],3,8,$_[5]); -+} -+sub wfminxb { -+ vfmin(@_[0..2],4,8,$_[5]); -+} -+ -+sub vfmsb { -+ vfm(@_,2,0); -+} -+sub wfmsb { -+ vfm(@_,2,8); -+} -+sub wfmxb { -+ vfm(@_,4,8); -+} -+ -+sub vfmasb { -+ vfma(@_,0,2); -+} -+sub wfmasb { -+ vfma(@_,8,2); -+} -+sub wfmaxb { -+ vfma(@_,8,4); -+} -+ -+sub vfmssb { -+ vfms(@_,0,2); -+} -+sub wfmssb { -+ vfms(@_,8,2); -+} -+sub wfmsxb { -+ vfms(@_,8,4); -+} -+ -+sub vfnma { -+ confess(err("ARGNUM")) if ($#_!=5); -+ VRRe(0xe79f,@_); -+} -+sub vfnmasb { -+ vfnma(@_,0,2); -+} -+sub vfnmadb { -+ vfnma(@_,0,3); -+} -+sub wfnmasb { -+ vfnma(@_,8,2); -+} -+sub wfnmadb { -+ vfnma(@_,8,3); -+} -+sub wfnmaxb { -+ vfnma(@_,8,4); -+} -+ -+sub vfnms { -+ confess(err("ARGNUM")) if ($#_!=5); -+ VRRe(0xe79e,@_); -+} -+sub vfnmssb { -+ vfnms(@_,0,2); -+} -+sub vfnmsdb { -+ vfnms(@_,0,3); -+} -+sub wfnmssb { -+ vfnms(@_,8,2); -+} -+sub wfnmsdb { -+ vfnms(@_,8,3); -+} -+sub wfnmsxb { -+ vfnms(@_,8,4); -+} -+ -+sub vfpsosb { -+ vfpso(@_[0..1],2,0,$_[2]); -+} -+sub wfpsosb { -+ vfpso(@_[0..1],2,8,$_[2]); -+} -+sub vflcsb { -+ vfpso(@_,2,0,0); -+} -+sub wflcsb { -+ vfpso(@_,2,8,0); -+} -+sub vflnsb { -+ vfpso(@_,2,0,1); -+} -+sub wflnsb { -+ vfpso(@_,2,8,1); -+} -+sub vflpsb { -+ vfpso(@_,2,0,2); -+} -+sub wflpsb { -+ vfpso(@_,2,8,2); -+} -+sub vfpsoxb { -+ vfpso(@_[0..1],4,0,$_[2]); -+} -+sub wfpsoxb { -+ vfpso(@_[0..1],4,8,$_[2]); -+} -+sub vflcxb { -+ vfpso(@_,4,0,0); -+} -+sub wflcxb { -+ vfpso(@_,4,8,0); -+} -+sub vflnxb { -+ vfpso(@_,4,0,1); -+} -+sub wflnxb { -+ vfpso(@_,4,8,1); -+} -+sub vflpxb { -+ vfpso(@_,4,0,2); -+} -+sub wflpxb { -+ vfpso(@_,4,8,2); -+} -+ -+sub vfsqsb { -+ vfsq(@_,2,0); -+} -+sub wfsqsb { -+ vfsq(@_,2,8); -+} -+sub wfsqxb { -+ vfsq(@_,4,8); -+} -+ -+sub vfssb { -+ vfs(@_,2,0); -+} -+sub wfssb { -+ vfs(@_,2,8); -+} -+sub wfsxb { -+ vfs(@_,4,8); -+} -+ -+sub vftcisb { -+ vftci(@_,2,0); -+} -+sub wftcisb { -+ vftci(@_,2,8); -+} -+sub wftcixb { -+ vftci(@_,4,8); -+} -+ -+# VXD - Support Instructions -+ -+sub vlrlr { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRSd(0xe637,@_); -+} -+ -+sub vlrl { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VSI(0xe635,@_); -+} -+ -+sub vstrlr { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRSd(0xe63f,@_); -+} -+ -+sub vstrl { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VSI(0xe63d,@_); -+} -+ -+sub vap { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRIf(0xe671,@_); -+} -+ -+sub vcp { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRh(0xe677,@_); -+} -+ -+sub vcvb { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRi(0xe650,@_); -+} -+ -+sub vcvbg { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRRi(0xe652,@_); -+} -+ -+sub vcvd { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRIi(0xe658,@_); -+} -+ -+sub vcvdg { -+ confess(err("ARGNUM")) if ($#_!=3); -+ VRIi(0xe65a,@_); -+} -+ -+sub vdp { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRIf(0xe67a,@_); -+} -+ -+sub vlip { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VRIh(0xe649,@_); -+} -+ -+sub vmp { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRIf(0xe678,@_); -+} -+ -+sub vmsp { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRIf(0xe679,@_); -+} -+ -+sub vpkz { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VSI(0xe634,@_); -+} -+ -+sub vpsop { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRIg(0xe65b,@_); -+} -+ -+sub vrp { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRIf(0xe67b,@_); -+} -+ -+sub vsdp { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRIf(0xe67e,@_); -+} -+ -+sub vsrp { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRIg(0xe659,@_); -+} -+ -+sub vsp { -+ confess(err("ARGNUM")) if ($#_!=4); -+ VRIf(0xe673,@_); -+} -+ -+sub vtp { -+ confess(err("ARGNUM")) if ($#_!=0); -+ VRRg(0xe65f,@_); -+} -+ -+sub vupkz { -+ confess(err("ARGNUM")) if ($#_!=2); -+ VSI(0xe63c,@_); -+} -+ -+# -+# Instruction Formats -+# -+ -+sub RRE { -+ confess(err("ARGNUM")) if ($#_<0||2<$#_); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$r1,$r2)=(shift,get_R(shift),get_R(shift)); -+ -+ $out.="\t.long\t".sprintf("%#010x",($opcode<<16|$r1<<4|$r2)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub RRFb { -+ confess(err("ARGNUM")) if ($#_<3||4<$#_); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$r1,$r3,$r2,$m4)=(shift,get_R(shift),get_R(shift) -+ ,get_R(shift),get_M(shift)); -+ -+ $out.="\t.long\t" -+ .sprintf("%#010x",($opcode<<16|$r3<<12|$m4<<8|$r1<<4|$r2)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub S { -+ confess(err("ARGNUM")) if ($#_<0||1<$#_); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$d2,$b2)=(shift,get_DB(shift)); -+ -+ $out.="\t.long\t".sprintf("%#010x",($opcode<<16|$b2<<12|$d2)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRIa { -+ confess(err("ARGNUM")) if ($#_<2||3<$#_); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$i2,$m3)=(shift,get_V(shift),get_I(shift,16), -+ get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)).","; -+ $out.=sprintf("%#06x",$i2).","; -+ $out.=sprintf("%#06x",($m3<<12|RXB($v1)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRIb { -+ confess(err("ARGNUM")) if ($#_!=4); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$i2,$i3,$m4)=(shift,get_V(shift),get_I(shift,8), -+ ,get_I(shift,8),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)).","; -+ $out.=sprintf("%#06x",($i2<<8|$i3)).","; -+ $out.=sprintf("%#06x",($m4<<12|RXB($v1)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRIc { -+ confess(err("ARGNUM")) if ($#_!=4); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v3,$i2,$m4)=(shift,get_V(shift),get_V(shift), -+ ,get_I(shift,16),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v3&0xf)).","; -+ $out.=sprintf("%#06x",$i2).","; -+ $out.=sprintf("%#06x",($m4<<12|RXB($v1,$v3)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRId { -+ confess(err("ARGNUM")) if ($#_<4||$#_>5); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v2,$v3,$i4,$m5)=(shift,get_V(shift),get_V(shift), -+ ,get_V(shift),get_I(shift,8),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf)).","; -+ $out.=sprintf("%#06x",(($v3&0xf)<<12|$i4)).","; -+ $out.=sprintf("%#06x",($m5<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRIe { -+ confess(err("ARGNUM")) if ($#_!=5); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v2,$i3,$m4,$m5)=(shift,get_V(shift),get_V(shift), -+ ,get_I(shift,12),get_M(shift),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf)).","; -+ $out.=sprintf("%#06x",($i3<<4|$m5)).","; -+ $out.=sprintf("%#06x",($m4<<12|RXB($v1,$v2)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRIf { -+ confess(err("ARGNUM")) if ($#_!=5); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v2,$v3,$i4,$m5)=(shift,get_V(shift),get_V(shift), -+ ,get_V(shift),get_I(shift,8),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf)).","; -+ $out.=sprintf("%#06x",(($v3&0xf)<<12|$m5<<4)|$i4>>4).","; -+ $out.=sprintf("%#06x",(($i4&0xf)<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRIg { -+ confess(err("ARGNUM")) if ($#_!=5); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v2,$i3,$i4,$m5)=(shift,get_V(shift),get_V(shift), -+ ,get_I(shift,8),get_I(shift,8),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|($v2&0xf)).","; -+ $out.=sprintf("%#06x",($i4<<8|$m5<<4|$i3>>4)).","; -+ $out.=sprintf("%#06x",(($i3&0xf)<<12|RXB($v1,$v2)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRIh { -+ confess(err("ARGNUM")) if ($#_!=3); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$i2,$i3)=(shift,get_V(shift),get_I(shift,16), -+ get_I(shift,4)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)).","; -+ $out.=sprintf("%#06x",$i2).","; -+ $out.=sprintf("%#06x",($i3<<12|RXB($v1)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRIi { -+ confess(err("ARGNUM")) if ($#_!=4); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$r2,$i3,$m4)=(shift,get_V(shift),get_R(shift), -+ ,get_I(shift,8),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4)|$r2).","; -+ $out.=sprintf("%#06x",($m4<<4|$i3>>4)).","; -+ $out.=sprintf("%#06x",(($i3&0xf)<<12|RXB($v1)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRRa { -+ confess(err("ARGNUM")) if ($#_<2||5<$#_); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v2,$m3,$m4,$m5)=(shift,get_V(shift),get_V(shift), -+ get_M(shift),get_M(shift),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; -+ $out.=sprintf("%#06x",($m5<<4|$m4)).","; -+ $out.=sprintf("%#06x",($m3<<12|RXB($v1,$v2)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRRb { -+ confess(err("ARGNUM")) if ($#_<3||5<$#_); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v2,$v3,$m4,$m5)=(shift,get_V(shift),get_V(shift), -+ get_V(shift),get_M(shift),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; -+ $out.=sprintf("%#06x",(($v3&0xf)<<12|$m5<<4)).","; -+ $out.=sprintf("%#06x",($m4<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRRc { -+ confess(err("ARGNUM")) if ($#_<3||6<$#_); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v2,$v3,$m4,$m5,$m6)=(shift,get_V(shift),get_V(shift), -+ get_V(shift),get_M(shift),get_M(shift),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; -+ $out.=sprintf("%#06x",(($v3&0xf)<<12|$m6<<4|$m5)).","; -+ $out.=sprintf("%#06x",($m4<<12|RXB($v1,$v2,$v3)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRRd { -+ confess(err("ARGNUM")) if ($#_<4||6<$#_); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v2,$v3,$v4,$m5,$m6)=(shift,get_V(shift),get_V(shift), -+ get_V(shift),get_V(shift),get_M(shift),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; -+ $out.=sprintf("%#06x",(($v3&0xf)<<12|$m5<<8|$m6<<4)).","; -+ $out.=sprintf("%#06x",(($v4&0xf)<<12|RXB($v1,$v2,$v3,$v4)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRRe { -+ confess(err("ARGNUM")) if ($#_<4||6<$#_); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v2,$v3,$v4,$m5,$m6)=(shift,get_V(shift),get_V(shift), -+ get_V(shift),get_V(shift),get_M(shift),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; -+ $out.=sprintf("%#06x",(($v3&0xf)<<12|$m6<<8|$m5)).","; -+ $out.=sprintf("%#06x",(($v4&0xf)<<12|RXB($v1,$v2,$v3,$v4)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRRf { -+ confess(err("ARGNUM")) if ($#_!=3); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$r2,$r3)=(shift,get_V(shift),get_R(shift), -+ get_R(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|$r2)).","; -+ $out.=sprintf("%#06x",($r3<<12)).","; -+ $out.=sprintf("%#06x",(RXB($v1)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRRg { -+ confess(err("ARGNUM")) if ($#_!=1); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1)=(shift,get_V(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf))).","; -+ $out.=sprintf("%#06x",0x0000).","; -+ $out.=sprintf("%#06x",(RXB(0,$v1)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRRh { -+ confess(err("ARGNUM")) if ($#_<2||$#_>3); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v2,$m3)=(shift,get_V(shift),get_V(shift), -+ get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf))).","; -+ $out.=sprintf("%#06x",(($v2&0xf)<<12|$m3<<4)).","; -+ $out.=sprintf("%#06x",(RXB(0,$v1,$v2)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRRi { -+ confess(err("ARGNUM")) if ($#_!=3); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$r1,$v2,$m3)=(shift,get_R(shift),get_V(shift), -+ get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|$r1<<4|($v2&0xf))).","; -+ $out.=sprintf("%#06x",($m3<<4))."\,"; -+ $out.=sprintf("%#06x",(RXB(0,$v2)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRSa { -+ confess(err("ARGNUM")) if ($#_<3||$#_>4); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$v3,$d2,$b2,$m4)=(shift,get_V(shift),get_V(shift), -+ get_DB(shift),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v3&0xf))).","; -+ $out.=sprintf("%#06x",($b2<<12|$d2)).","; -+ $out.=sprintf("%#06x",($m4<<12|RXB($v1,$v3)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRSb { -+ confess(err("ARGNUM")) if ($#_<3||$#_>4); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$r3,$d2,$b2,$m4)=(shift,get_V(shift),get_R(shift), -+ get_DB(shift),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|$r3)).","; -+ $out.=sprintf("%#06x",($b2<<12|$d2)).","; -+ $out.=sprintf("%#06x",($m4<<12|RXB($v1)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRSc { -+ confess(err("ARGNUM")) if ($#_!=4); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$r1,$v3,$d2,$b2,$m4)=(shift,get_R(shift),get_V(shift), -+ get_DB(shift),get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|$r1<<4|($v3&0xf))).","; -+ $out.=sprintf("%#06x",($b2<<12|$d2)).","; -+ $out.=sprintf("%#06x",($m4<<12|RXB(0,$v3)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRSd { -+ confess(err("ARGNUM")) if ($#_!=3); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$r3,$d2,$b2)=(shift,get_V(shift),get_R(shift), -+ get_DB(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|$r3)).","; -+ $out.=sprintf("%#06x",($b2<<12|$d2)).","; -+ $out.=sprintf("%#06x",(($v1&0xf)<<12|RXB(0,0,0,$v1)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRV { -+ confess(err("ARGNUM")) if ($#_<2||$#_>3); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$d2,$v2,$b2,$m3)=(shift,get_V(shift),get_DVB(shift), -+ get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($v2&0xf))).","; -+ $out.=sprintf("%#06x",($b2<<12|$d2)).","; -+ $out.=sprintf("%#06x",($m3<<12|RXB($v1,$v2)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VRX { -+ confess(err("ARGNUM")) if ($#_<2||$#_>3); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$d2,$x2,$b2,$m3)=(shift,get_V(shift),get_DXB(shift), -+ get_M(shift)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|($v1&0xf)<<4|($x2))).","; -+ $out.=sprintf("%#06x",($b2<<12|$d2)).","; -+ $out.=sprintf("%#06x",($m3<<12|RXB($v1)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+sub VSI { -+ confess(err("ARGNUM")) if ($#_!=3); -+ my $ops=join(',',@_[1..$#_]); -+ my $memn=(caller(1))[3]; -+ $memn=~s/^.*:://; -+ my ($opcode,$v1,$d2,$b2,$i3)=(shift,get_V(shift),get_DB(shift), -+ get_I(shift,8)); -+ -+ $out.="\t.word\t"; -+ $out.=sprintf("%#06x",($opcode&0xff00|$i3)).","; -+ $out.=sprintf("%#06x",($b2<<12|$d2)).","; -+ $out.=sprintf("%#06x",(($v1&0xf)<<12|RXB(0,0,0,$v1)<<8|$opcode&0xff)); -+ $out.="\t# $memn\t$ops\n" -+} -+ -+# -+# Internal -+# -+ -+sub get_R { -+ confess(err("ARGNUM")) if ($#_!=0); -+ my $r; -+ -+ for (shift) { -+ if (!defined) { -+ $r=0; -+ } elsif (/^$GR$/) { -+ $r=$1; -+ } else { -+ confess(err("PARSE")); -+ } -+ } -+ confess(err("ARGRANGE")) if ($r&~0xf); -+ -+ return $r; -+} -+ -+sub get_V { -+ confess(err("ARGNUM")) if ($#_!=0); -+ my $v; -+ -+ for (shift) { -+ if (!defined) { -+ $v=0; -+ } elsif (/^$VR$/) { -+ $v=$1; -+ } else { -+ confess(err("PARSE")); -+ } -+ } -+ confess(err("ARGRANGE")) if ($v&~0x1f); -+ -+ return $v; -+} -+ -+sub get_I { -+ confess(err("ARGNUM")) if ($#_!=1); -+ my ($i,$bits)=(shift,shift); -+ -+ $i=defined($i)?(eval($i)):(0); -+ confess(err("PARSE")) if (!defined($i)); -+ confess(err("ARGRANGE")) if (abs($i)&~(2**$bits-1)); -+ -+ return $i&(2**$bits-1); -+} -+ -+sub get_M { -+ confess(err("ARGNUM")) if ($#_!=0); -+ my $m=shift; -+ -+ $m=defined($m)?(eval($m)):(0); -+ confess(err("PARSE")) if (!defined($m)); -+ confess(err("ARGRANGE")) if ($m&~0xf); -+ -+ return $m; -+} -+ -+sub get_DB -+{ -+ confess(err("ARGNUM")) if ($#_!=0); -+ my ($d,$b); -+ -+ for (shift) { -+ if (!defined) { -+ ($d,$b)=(0,0); -+ } elsif (/^(.+)\($GR\)$/) { -+ ($d,$b)=(eval($1),$2); -+ confess(err("PARSE")) if (!defined($d)); -+ } elsif (/^(.+)$/) { -+ ($d,$b)=(eval($1),0); -+ confess(err("PARSE")) if (!defined($d)); -+ } else { -+ confess(err("PARSE")); -+ } -+ } -+ confess(err("ARGRANGE")) if ($d&~0xfff||$b&~0xf); -+ -+ return ($d,$b); -+} -+ -+sub get_DVB -+{ -+ confess(err("ARGNUM")) if ($#_!=0); -+ my ($d,$v,$b); -+ -+ for (shift) { -+ if (!defined) { -+ ($d,$v,$b)=(0,0,0); -+ } elsif (/^(.+)\($VR,$GR\)$/) { -+ ($d,$v,$b)=(eval($1),$2,$3); -+ confess(err("PARSE")) if (!defined($d)); -+ } elsif (/^(.+)\($GR\)$/) { -+ ($d,$v,$b)=(eval($1),0,$2); -+ confess(err("PARSE")) if (!defined($d)); -+ } elsif (/^(.+)$/) { -+ ($d,$v,$b)=(eval($1),0,0); -+ confess(err("PARSE")) if (!defined($d)); -+ } else { -+ confess(err("PARSE")); -+ } -+ } -+ confess(err("ARGRANGE")) if ($d&~0xfff||$v&~0x1f||$b&~0xf); -+ -+ return ($d,$v,$b); -+} -+ -+sub get_DXB -+{ -+ confess(err("ARGNUM")) if ($#_!=0); -+ my ($d,$x,$b); -+ -+ for (shift) { -+ if (!defined) { -+ ($d,$x,$b)=(0,0,0); -+ } elsif (/^(.+)\($GR,$GR\)$/) { -+ ($d,$x,$b)=(eval($1),$2,$3); -+ confess(err("PARSE")) if (!defined($d)); -+ } elsif (/^(.+)\($GR\)$/) { -+ ($d,$x,$b)=(eval($1),0,$2); -+ confess(err("PARSE")) if (!defined($d)); -+ } elsif (/^(.+)$/) { -+ ($d,$x,$b)=(eval($1),0,0); -+ confess(err("PARSE")) if (!defined($d)); -+ } else { -+ confess(err("PARSE")); -+ } -+ } -+ confess(err("ARGRANGE")) if ($d&~0xfff||$x&~0xf||$b&~0xf); -+ -+ return ($d,$x,$b); -+} -+ -+sub RXB -+{ -+ confess(err("ARGNUM")) if ($#_<0||3<$#_); -+ my $rxb=0; -+ -+ $rxb|=0x08 if (defined($_[0])&&($_[0]&0x10)); -+ $rxb|=0x04 if (defined($_[1])&&($_[1]&0x10)); -+ $rxb|=0x02 if (defined($_[2])&&($_[2]&0x10)); -+ $rxb|=0x01 if (defined($_[3])&&($_[3]&0x10)); -+ -+ return $rxb; -+} -+ -+sub err { -+ my %ERR = -+ ( -+ ARGNUM => 'Wrong number of arguments', -+ ARGRANGE=> 'Argument out of range', -+ PARSE => 'Parse error', -+ ); -+ confess($ERR{ARGNUM}) if ($#_!=0); -+ -+ return $ERR{$_[0]}; -+} -+ -+1; -diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl ---- openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update 2020-03-19 16:20:22.041227359 +0100 -+++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl 2020-03-19 16:23:22.364098257 +0100 -@@ -24,204 +24,961 @@ - # - # On side note, z13 enables vector base 2^26 implementation... - --$flavour = shift; -+# -+# January 2019 -+# -+# Add vx code path (base 2^26). -+# -+# Copyright IBM Corp. 2019 -+# Author: Patrick Steuer -+ -+# -+# January 2019 -+# -+# Add vector base 2^26 implementation. It's problematic to accurately -+# measure performance, because reference system is hardly idle. But -+# it's sub-cycle, i.e. less than 1 cycle per processed byte, and it's -+# >=20% faster than IBM's submission on long inputs, and much faster on -+# short ones, because calculation of key powers is postponed till we -+# know that input is long enough to justify the additional overhead. -+ -+use strict; -+use FindBin qw($Bin); -+use lib "$Bin/../.."; -+use perlasm::s390x qw(:DEFAULT :VX AUTOLOAD LABEL INCLUDE); -+ -+my $flavour = shift; - -+my ($z,$SIZE_T); - if ($flavour =~ /3[12]/) { -+ $z=0; # S/390 ABI - $SIZE_T=4; -- $g=""; - } else { -+ $z=1; # zSeries ABI - $SIZE_T=8; -- $g="g"; - } - -+my $output; - while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {} --open STDOUT,">$output"; - --$sp="%r15"; -+my $stdframe=16*$SIZE_T+4*8; -+my $sp="%r15"; - - my ($ctx,$inp,$len,$padbit) = map("%r$_",(2..5)); - --$code.=<<___; --.text -+PERLASM_BEGIN($output); - --.globl poly1305_init --.type poly1305_init,\@function --.align 16 --poly1305_init: -- lghi %r0,0 -- lghi %r1,-1 -- stg %r0,0($ctx) # zero hash value -- stg %r0,8($ctx) -- stg %r0,16($ctx) -- -- cl${g}r $inp,%r0 -- je .Lno_key -- -- lrvg %r4,0($inp) # load little-endian key -- lrvg %r5,8($inp) -- -- nihl %r1,0xffc0 # 0xffffffc0ffffffff -- srlg %r0,%r1,4 # 0x0ffffffc0fffffff -- srlg %r1,%r1,4 -- nill %r1,0xfffc # 0x0ffffffc0ffffffc -- -- ngr %r4,%r0 -- ngr %r5,%r1 -- -- stg %r4,32($ctx) -- stg %r5,40($ctx) -- --.Lno_key: -- lghi %r2,0 -- br %r14 --.size poly1305_init,.-poly1305_init --___ -+INCLUDE ("s390x_arch.h"); -+TEXT (); -+ -+################ -+# static void poly1305_init(void *ctx, const unsigned char key[16]) -+{ -+GLOBL ("poly1305_init"); -+TYPE ("poly1305_init","\@function"); -+ALIGN (16); -+LABEL ("poly1305_init"); -+ lghi ("%r0",0); -+ lghi ("%r1",-1); -+ stg ("%r0","0($ctx)"); # zero hash value -+ stg ("%r0","8($ctx)"); -+ stg ("%r0","16($ctx)"); -+ st ("%r0","24($ctx)"); # clear is_base2_26 -+ lgr ("%r5",$ctx); # reassign $ctx -+ lghi ("%r2",0); -+ -+&{$z? \&clgr:\&clr} ($inp,"%r0"); -+ je (".Lno_key"); -+ -+ lrvg ("%r2","0($inp)"); # load little-endian key -+ lrvg ("%r3","8($inp)"); -+ -+ nihl ("%r1",0xffc0); # 0xffffffc0ffffffff -+ srlg ("%r0","%r1",4); # 0x0ffffffc0fffffff -+ srlg ("%r1","%r1",4); -+ nill ("%r1",0xfffc); # 0x0ffffffc0ffffffc -+ -+ ngr ("%r2","%r0"); -+ ngr ("%r3","%r1"); -+ -+ stmg ("%r2","%r3","32(%r5)"); -+ -+ larl ("%r1","OPENSSL_s390xcap_P"); -+ lg ("%r0","16(%r1)"); -+ srlg ("%r0","%r0",62); -+ nill ("%r0",1); # extract vx bit -+ lcgr ("%r0","%r0"); -+ larl ("%r1",".Lpoly1305_blocks"); -+ larl ("%r2",".Lpoly1305_blocks_vx"); -+ larl ("%r3",".Lpoly1305_emit"); -+&{$z? \&xgr:\&xr} ("%r2","%r1"); # select between scalar and vector -+&{$z? \&ngr:\&nr} ("%r2","%r0"); -+&{$z? \&xgr:\&xr} ("%r2","%r1"); -+&{$z? \&stmg:\&stm} ("%r2","%r3","0(%r4)"); -+ lghi ("%r2",1); -+LABEL (".Lno_key"); -+ br ("%r14"); -+SIZE ("poly1305_init",".-poly1305_init"); -+} -+ -+################ -+# static void poly1305_blocks(void *ctx, const unsigned char *inp, -+# size_t len, u32 padbit) - { - my ($d0hi,$d0lo,$d1hi,$d1lo,$t0,$h0,$t1,$h1,$h2) = map("%r$_",(6..14)); - my ($r0,$r1,$s1) = map("%r$_",(0..2)); - --$code.=<<___; --.globl poly1305_blocks --.type poly1305_blocks,\@function --.align 16 --poly1305_blocks: -- srl${g} $len,4 # fixed-up in 64-bit build -- lghi %r0,0 -- cl${g}r $len,%r0 -- je .Lno_data -- -- stm${g} %r6,%r14,`6*$SIZE_T`($sp) -- -- llgfr $padbit,$padbit # clear upper half, much needed with -- # non-64-bit ABI -- lg $r0,32($ctx) # load key -- lg $r1,40($ctx) -- -- lg $h0,0($ctx) # load hash value -- lg $h1,8($ctx) -- lg $h2,16($ctx) -- -- st$g $ctx,`2*$SIZE_T`($sp) # off-load $ctx -- srlg $s1,$r1,2 -- algr $s1,$r1 # s1 = r1 + r1>>2 -- j .Loop -- --.align 16 --.Loop: -- lrvg $d0lo,0($inp) # load little-endian input -- lrvg $d1lo,8($inp) -- la $inp,16($inp) -- -- algr $d0lo,$h0 # accumulate input -- alcgr $d1lo,$h1 -- -- lgr $h0,$d0lo -- mlgr $d0hi,$r0 # h0*r0 -> $d0hi:$d0lo -- lgr $h1,$d1lo -- mlgr $d1hi,$s1 # h1*5*r1 -> $d1hi:$d1lo -- -- mlgr $t0,$r1 # h0*r1 -> $t0:$h0 -- mlgr $t1,$r0 # h1*r0 -> $t1:$h1 -- alcgr $h2,$padbit -- -- algr $d0lo,$d1lo -- lgr $d1lo,$h2 -- alcgr $d0hi,$d1hi -- lghi $d1hi,0 -- -- algr $h1,$h0 -- alcgr $t1,$t0 -- -- msgr $d1lo,$s1 # h2*s1 -- msgr $h2,$r0 # h2*r0 -- -- algr $h1,$d1lo -- alcgr $t1,$d1hi # $d1hi is zero -- -- algr $h1,$d0hi -- alcgr $h2,$t1 -- -- lghi $h0,-4 # final reduction step -- ngr $h0,$h2 -- srlg $t0,$h2,2 -- algr $h0,$t0 -- lghi $t1,3 -- ngr $h2,$t1 -- -- algr $h0,$d0lo -- alcgr $h1,$d1hi # $d1hi is still zero -- alcgr $h2,$d1hi # $d1hi is still zero -- -- brct$g $len,.Loop -- -- l$g $ctx,`2*$SIZE_T`($sp) # restore $ctx -- -- stg $h0,0($ctx) # store hash value -- stg $h1,8($ctx) -- stg $h2,16($ctx) -- -- lm${g} %r6,%r14,`6*$SIZE_T`($sp) --.Lno_data: -- br %r14 --.size poly1305_blocks,.-poly1305_blocks --___ -+GLOBL ("poly1305_blocks"); -+TYPE ("poly1305_blocks","\@function"); -+ALIGN (16); -+LABEL ("poly1305_blocks"); -+LABEL (".Lpoly1305_blocks"); -+&{$z? \<gr:\<r} ("%r0",$len); -+ jz (".Lno_data"); -+ -+&{$z? \&stmg:\&stm} ("%r6","%r14","6*$SIZE_T($sp)"); -+ -+ lg ($h0,"0($ctx)"); # load hash value -+ lg ($h1,"8($ctx)"); -+ lg ($h2,"16($ctx)"); -+ -+LABEL (".Lpoly1305_blocks_entry"); -+if ($z) { -+ srlg ($len,$len,4); -+} else { -+ srl ($len,4); -+} -+ llgfr ($padbit,$padbit); # clear upper half, much needed with -+ # non-64-bit ABI -+ lg ($r0,"32($ctx)"); # load key -+ lg ($r1,"40($ctx)"); -+ -+&{$z? \&stg:\&st} ($ctx,"2*$SIZE_T($sp)"); # off-load $ctx -+ srlg ($s1,$r1,2); -+ algr ($s1,$r1); # s1 = r1 + r1>>2 -+ j (".Loop"); -+ -+ALIGN (16); -+LABEL (".Loop"); -+ lrvg ($d0lo,"0($inp)"); # load little-endian input -+ lrvg ($d1lo,"8($inp)"); -+ la ($inp,"16($inp)"); -+ -+ algr ($d0lo,$h0); # accumulate input -+ alcgr ($d1lo,$h1); -+ alcgr ($h2,$padbit); -+ -+ lgr ($h0,$d0lo); -+ mlgr ($d0hi,$r0); # h0*r0 -> $d0hi:$d0lo -+ lgr ($h1,$d1lo); -+ mlgr ($d1hi,$s1); # h1*5*r1 -> $d1hi:$d1lo -+ -+ mlgr ($t0,$r1); # h0*r1 -> $t0:$h0 -+ mlgr ($t1,$r0); # h1*r0 -> $t1:$h1 -+ -+ algr ($d0lo,$d1lo); -+ lgr ($d1lo,$h2); -+ alcgr ($d0hi,$d1hi); -+ lghi ($d1hi,0); -+ -+ algr ($h1,$h0); -+ alcgr ($t1,$t0); -+ -+ msgr ($d1lo,$s1); # h2*s1 -+ msgr ($h2,$r0); # h2*r0 -+ -+ algr ($h1,$d1lo); -+ alcgr ($t1,$d1hi); # $d1hi is zero -+ -+ algr ($h1,$d0hi); -+ alcgr ($h2,$t1); -+ -+ lghi ($h0,-4); # final reduction step -+ ngr ($h0,$h2); -+ srlg ($t0,$h2,2); -+ algr ($h0,$t0); -+ lghi ($t1,3); -+ ngr ($h2,$t1); -+ -+ algr ($h0,$d0lo); -+ alcgr ($h1,$d1hi); # $d1hi is still zero -+ alcgr ($h2,$d1hi); # $d1hi is still zero -+ -+&{$z? \&brctg:\&brct} ($len,".Loop"); -+ -+&{$z? \&lg:\&l} ($ctx,"2*$SIZE_T($sp)");# restore $ctx -+ -+ stg ($h0,"0($ctx)"); # store hash value -+ stg ($h1,"8($ctx)"); -+ stg ($h2,"16($ctx)"); -+ -+&{$z? \&lmg:\&lm} ("%r6","%r14","6*$SIZE_T($sp)"); -+LABEL (".Lno_data"); -+ br ("%r14"); -+SIZE ("poly1305_blocks",".-poly1305_blocks"); - } -+ -+################ -+# static void poly1305_blocks_vx(void *ctx, const unsigned char *inp, -+# size_t len, u32 padbit) -+{ -+my ($H0, $H1, $H2, $H3, $H4) = map("%v$_",(0..4)); -+my ($I0, $I1, $I2, $I3, $I4) = map("%v$_",(5..9)); -+my ($R0, $R1, $S1, $R2, $S2) = map("%v$_",(10..14)); -+my ($R3, $S3, $R4, $S4) = map("%v$_",(15..18)); -+my ($ACC0, $ACC1, $ACC2, $ACC3, $ACC4) = map("%v$_",(19..23)); -+my ($T1, $T2, $T3, $T4) = map("%v$_",(24..27)); -+my ($mask26,$bswaplo,$bswaphi,$bswapmi) = map("%v$_",(28..31)); -+ -+my ($d2,$d0,$h0,$d1,$h1,$h2)=map("%r$_",(9..14)); -+ -+TYPE ("poly1305_blocks_vx","\@function"); -+ALIGN (16); -+LABEL ("poly1305_blocks_vx"); -+LABEL (".Lpoly1305_blocks_vx"); -+&{$z? \&clgfi:\&clfi} ($len,128); -+ jhe ("__poly1305_blocks_vx"); -+ -+&{$z? \&stmg:\&stm} ("%r6","%r14","6*$SIZE_T($sp)"); -+ -+ lg ($d0,"0($ctx)"); -+ lg ($d1,"8($ctx)"); -+ lg ($d2,"16($ctx)"); -+ -+ llgfr ("%r0",$d0); # base 2^26 -> base 2^64 -+ srlg ($h0,$d0,32); -+ llgfr ("%r1",$d1); -+ srlg ($h1,$d1,32); -+ srlg ($h2,$d2,32); -+ -+ sllg ("%r0","%r0",26); -+ algr ($h0,"%r0"); -+ sllg ("%r0",$h1,52); -+ srlg ($h1,$h1,12); -+ sllg ("%r1","%r1",14); -+ algr ($h0,"%r0"); -+ alcgr ($h1,"%r1"); -+ sllg ("%r0",$h2,40); -+ srlg ($h2,$h2,24); -+ lghi ("%r1",0); -+ algr ($h1,"%r0"); -+ alcgr ($h2,"%r1"); -+ -+ llgf ("%r0","24($ctx)"); # is_base2_26 -+ lcgr ("%r0","%r0"); -+ -+ xgr ($h0,$d0); # choose between radixes -+ xgr ($h1,$d1); -+ xgr ($h2,$d2); -+ ngr ($h0,"%r0"); -+ ngr ($h1,"%r0"); -+ ngr ($h2,"%r0"); -+ xgr ($h0,$d0); -+ xgr ($h1,$d1); -+ xgr ($h2,$d2); -+ -+ lhi ("%r0",0); -+ st ("%r0","24($ctx)"); # clear is_base2_26 -+ -+ j (".Lpoly1305_blocks_entry"); -+SIZE ("poly1305_blocks_vx",".-poly1305_blocks_vx"); -+ -+TYPE ("__poly1305_mul","\@function"); -+ALIGN (16); -+LABEL ("__poly1305_mul"); -+ vmlof ($ACC0,$H0,$R0); -+ vmlof ($ACC1,$H0,$R1); -+ vmlof ($ACC2,$H0,$R2); -+ vmlof ($ACC3,$H0,$R3); -+ vmlof ($ACC4,$H0,$R4); -+ -+ vmalof ($ACC0,$H1,$S4,$ACC0); -+ vmalof ($ACC1,$H1,$R0,$ACC1); -+ vmalof ($ACC2,$H1,$R1,$ACC2); -+ vmalof ($ACC3,$H1,$R2,$ACC3); -+ vmalof ($ACC4,$H1,$R3,$ACC4); -+ -+ vmalof ($ACC0,$H2,$S3,$ACC0); -+ vmalof ($ACC1,$H2,$S4,$ACC1); -+ vmalof ($ACC2,$H2,$R0,$ACC2); -+ vmalof ($ACC3,$H2,$R1,$ACC3); -+ vmalof ($ACC4,$H2,$R2,$ACC4); -+ -+ vmalof ($ACC0,$H3,$S2,$ACC0); -+ vmalof ($ACC1,$H3,$S3,$ACC1); -+ vmalof ($ACC2,$H3,$S4,$ACC2); -+ vmalof ($ACC3,$H3,$R0,$ACC3); -+ vmalof ($ACC4,$H3,$R1,$ACC4); -+ -+ vmalof ($ACC0,$H4,$S1,$ACC0); -+ vmalof ($ACC1,$H4,$S2,$ACC1); -+ vmalof ($ACC2,$H4,$S3,$ACC2); -+ vmalof ($ACC3,$H4,$S4,$ACC3); -+ vmalof ($ACC4,$H4,$R0,$ACC4); -+ -+ ################################################################ -+ # lazy reduction -+ -+ vesrlg ($H4,$ACC3,26); -+ vesrlg ($H1,$ACC0,26); -+ vn ($H3,$ACC3,$mask26); -+ vn ($H0,$ACC0,$mask26); -+ vag ($H4,$H4,$ACC4); # h3 -> h4 -+ vag ($H1,$H1,$ACC1); # h0 -> h1 -+ -+ vesrlg ($ACC4,$H4,26); -+ vesrlg ($ACC1,$H1,26); -+ vn ($H4,$H4,$mask26); -+ vn ($H1,$H1,$mask26); -+ vag ($H0,$H0,$ACC4); -+ vag ($H2,$ACC2,$ACC1); # h1 -> h2 -+ -+ veslg ($ACC4,$ACC4,2); # <<2 -+ vesrlg ($ACC2,$H2,26); -+ vn ($H2,$H2,$mask26); -+ vag ($H0,$H0,$ACC4); # h4 -> h0 -+ vag ($H3,$H3,$ACC2); # h2 -> h3 -+ -+ vesrlg ($ACC0,$H0,26); -+ vesrlg ($ACC3,$H3,26); -+ vn ($H0,$H0,$mask26); -+ vn ($H3,$H3,$mask26); -+ vag ($H1,$H1,$ACC0); # h0 -> h1 -+ vag ($H4,$H4,$ACC3); # h3 -> h4 -+ br ("%r14"); -+SIZE ("__poly1305_mul",".-__poly1305_mul"); -+ -+TYPE ("__poly1305_blocks_vx","\@function"); -+ALIGN (16); -+LABEL ("__poly1305_blocks_vx"); -+&{$z? \&lgr:\&lr} ("%r0",$sp); -+&{$z? \&stmg:\&stm} ("%r10","%r15","10*$SIZE_T($sp)"); -+if (!$z) { -+ std ("%f4","16*$SIZE_T+2*8($sp)"); -+ std ("%f6","16*$SIZE_T+3*8($sp)"); -+ ahi ($sp,-$stdframe); -+ st ("%r0","0($sp)"); # back-chain -+ -+ llgfr ($len,$len); # so that srlg works on $len -+} else { -+ aghi ($sp,"-($stdframe+8*8)"); -+ stg ("%r0","0($sp)"); # back-chain -+ -+ std ("%f8","$stdframe+0*8($sp)"); -+ std ("%f9","$stdframe+1*8($sp)"); -+ std ("%f10","$stdframe+2*8($sp)"); -+ std ("%f11","$stdframe+3*8($sp)"); -+ std ("%f12","$stdframe+4*8($sp)"); -+ std ("%f13","$stdframe+5*8($sp)"); -+ std ("%f14","$stdframe+6*8($sp)"); -+ std ("%f15","$stdframe+7*8($sp)"); -+} -+ larl ("%r1",".Lconst"); -+ vgmg ($mask26,38,63); -+ vlm ($bswaplo,$bswapmi,"16(%r1)"); -+ -+ < ("%r0","24($ctx)"); # is_base2_26? -+ jnz (".Lskip_init"); -+ -+ lg ($h0,"32($ctx)"); # load key base 2^64 -+ lg ($h1,"40($ctx)"); -+ -+ risbg ($d0,$h0,38,0x80+63,38); # base 2^64 -> 2^26 -+ srlg ($d1,$h0,52); -+ risbg ($h0,$h0,38,0x80+63,0); -+ vlvgg ($R0,$h0,0); -+ risbg ($d1,$h1,38,51,12); -+ vlvgg ($R1,$d0,0); -+ risbg ($d0,$h1,38,63,50); -+ vlvgg ($R2,$d1,0); -+ srlg ($d1,$h1,40); -+ vlvgg ($R3,$d0,0); -+ vlvgg ($R4,$d1,0); -+ -+ veslg ($S1,$R1,2); -+ veslg ($S2,$R2,2); -+ veslg ($S3,$R3,2); -+ veslg ($S4,$R4,2); -+ vlr ($H0,$R0); -+ vlr ($H1,$R1); -+ vlr ($H2,$R2); -+ vlr ($H3,$R3); -+ vlr ($H4,$R4); -+ vag ($S1,$S1,$R1); # * 5 -+ vag ($S2,$S2,$R2); -+ vag ($S3,$S3,$R3); -+ vag ($S4,$S4,$R4); -+ -+ brasl ("%r14","__poly1305_mul"); # r^1:- * r^1:- -+ -+ vpdi ($R0,$H0,$R0,0); # r^2:r^1 -+ vpdi ($R1,$H1,$R1,0); -+ vpdi ($R2,$H2,$R2,0); -+ vpdi ($R3,$H3,$R3,0); -+ vpdi ($R4,$H4,$R4,0); -+ vpdi ($H0,$H0,$H0,0); # r^2:r^2 -+ vpdi ($H1,$H1,$H1,0); -+ vpdi ($H2,$H2,$H2,0); -+ vpdi ($H3,$H3,$H3,0); -+ vpdi ($H4,$H4,$H4,0); -+ veslg ($S1,$R1,2); -+ veslg ($S2,$R2,2); -+ veslg ($S3,$R3,2); -+ veslg ($S4,$R4,2); -+ vag ($S1,$S1,$R1); # * 5 -+ vag ($S2,$S2,$R2); -+ vag ($S3,$S3,$R3); -+ vag ($S4,$S4,$R4); -+ -+ brasl ("%r14,__poly1305_mul"); # r^2:r^2 * r^2:r^1 -+ -+ vl ($I0,"0(%r1)"); # borrow $I0 -+ vperm ($R0,$R0,$H0,$I0); # r^2:r^4:r^1:r^3 -+ vperm ($R1,$R1,$H1,$I0); -+ vperm ($R2,$R2,$H2,$I0); -+ vperm ($R3,$R3,$H3,$I0); -+ vperm ($R4,$R4,$H4,$I0); -+ veslf ($S1,$R1,2); -+ veslf ($S2,$R2,2); -+ veslf ($S3,$R3,2); -+ veslf ($S4,$R4,2); -+ vaf ($S1,$S1,$R1); # * 5 -+ vaf ($S2,$S2,$R2); -+ vaf ($S3,$S3,$R3); -+ vaf ($S4,$S4,$R4); -+ -+ lg ($h0,"0($ctx)"); # load hash base 2^64 -+ lg ($h1,"8($ctx)"); -+ lg ($h2,"16($ctx)"); -+ -+ vzero ($H0); -+ vzero ($H1); -+ vzero ($H2); -+ vzero ($H3); -+ vzero ($H4); -+ -+ risbg ($d0,$h0,38,0x80+63,38); # base 2^64 -> 2^26 -+ srlg ($d1,$h0,52); -+ risbg ($h0,$h0,38,0x80+63,0); -+ vlvgg ($H0,$h0,0); -+ risbg ($d1,$h1,38,51,12); -+ vlvgg ($H1,$d0,0); -+ risbg ($d0,$h1,38,63,50); -+ vlvgg ($H2,$d1,0); -+ srlg ($d1,$h1,40); -+ vlvgg ($H3,$d0,0); -+ risbg ($d1,$h2,37,39,24); -+ vlvgg ($H4,$d1,0); -+ -+ lhi ("%r0",1); -+ st ("%r0","24($ctx)"); # set is_base2_26 -+ -+ vstm ($R0,$S4,"48($ctx)"); # save key schedule base 2^26 -+ -+ vpdi ($R0,$R0,$R0,0); # broadcast r^2:r^4 -+ vpdi ($R1,$R1,$R1,0); -+ vpdi ($S1,$S1,$S1,0); -+ vpdi ($R2,$R2,$R2,0); -+ vpdi ($S2,$S2,$S2,0); -+ vpdi ($R3,$R3,$R3,0); -+ vpdi ($S3,$S3,$S3,0); -+ vpdi ($R4,$R4,$R4,0); -+ vpdi ($S4,$S4,$S4,0); -+ -+ j (".Loaded_hash"); -+ -+ALIGN (16); -+LABEL (".Lskip_init"); -+ vllezf ($H0,"0($ctx)"); # load hash base 2^26 -+ vllezf ($H1,"4($ctx)"); -+ vllezf ($H2,"8($ctx)"); -+ vllezf ($H3,"12($ctx)"); -+ vllezf ($H4,"16($ctx)"); -+ -+ vlrepg ($R0,"0x30($ctx)"); # broadcast r^2:r^4 -+ vlrepg ($R1,"0x40($ctx)"); -+ vlrepg ($S1,"0x50($ctx)"); -+ vlrepg ($R2,"0x60($ctx)"); -+ vlrepg ($S2,"0x70($ctx)"); -+ vlrepg ($R3,"0x80($ctx)"); -+ vlrepg ($S3,"0x90($ctx)"); -+ vlrepg ($R4,"0xa0($ctx)"); -+ vlrepg ($S4,"0xb0($ctx)"); -+ -+LABEL (".Loaded_hash"); -+ vzero ($I1); -+ vzero ($I3); -+ -+ vlm ($T1,$T4,"0x00($inp)"); # load first input block -+ la ($inp,"0x40($inp)"); -+ vgmg ($mask26,6,31); -+ vgmf ($I4,5,5); # padbit<<2 -+ -+ vperm ($I0,$T3,$T4,$bswaplo); -+ vperm ($I2,$T3,$T4,$bswapmi); -+ vperm ($T3,$T3,$T4,$bswaphi); -+ -+ verimg ($I1,$I0,$mask26,6); # >>26 -+ veslg ($I0,$I0,32); -+ veslg ($I2,$I2,28); # >>4 -+ verimg ($I3,$T3,$mask26,18); # >>14 -+ verimg ($I4,$T3,$mask26,58); # >>38 -+ vn ($I0,$I0,$mask26); -+ vn ($I2,$I2,$mask26); -+ vesrlf ($I4,$I4,2); # >>2 -+ -+ vgmg ($mask26,38,63); -+ vperm ($T3,$T1,$T2,$bswaplo); -+ vperm ($T4,$T1,$T2,$bswaphi); -+ vperm ($T2,$T1,$T2,$bswapmi); -+ -+ verimg ($I0,$T3,$mask26,0); -+ verimg ($I1,$T3,$mask26,38); # >>26 -+ verimg ($I2,$T2,$mask26,60); # >>4 -+ verimg ($I3,$T4,$mask26,50); # >>14 -+ vesrlg ($T4,$T4,40); -+ vo ($I4,$I4,$T4); -+ -+ srlg ("%r0",$len,6); -+&{$z? \&aghi:\&ahi} ("%r0",-1); -+ -+ALIGN (16); -+LABEL (".Loop_vx"); -+ vmlef ($ACC0,$I0,$R0); -+ vmlef ($ACC1,$I0,$R1); -+ vmlef ($ACC2,$I0,$R2); -+ vmlef ($ACC3,$I0,$R3); -+ vmlef ($ACC4,$I0,$R4); -+ -+ vmalef ($ACC0,$I1,$S4,$ACC0); -+ vmalef ($ACC1,$I1,$R0,$ACC1); -+ vmalef ($ACC2,$I1,$R1,$ACC2); -+ vmalef ($ACC3,$I1,$R2,$ACC3); -+ vmalef ($ACC4,$I1,$R3,$ACC4); -+ -+ vaf ($H2,$H2,$I2); -+ vaf ($H0,$H0,$I0); -+ vaf ($H3,$H3,$I3); -+ vaf ($H1,$H1,$I1); -+ vaf ($H4,$H4,$I4); -+ -+ vmalef ($ACC0,$I2,$S3,$ACC0); -+ vmalef ($ACC1,$I2,$S4,$ACC1); -+ vmalef ($ACC2,$I2,$R0,$ACC2); -+ vmalef ($ACC3,$I2,$R1,$ACC3); -+ vmalef ($ACC4,$I2,$R2,$ACC4); -+ -+ vlm ($T1,$T4,"0x00($inp)"); # load next input block -+ la ($inp,"0x40($inp)"); -+ vgmg ($mask26,6,31); -+ -+ vmalef ($ACC0,$I3,$S2,$ACC0); -+ vmalef ($ACC1,$I3,$S3,$ACC1); -+ vmalef ($ACC2,$I3,$S4,$ACC2); -+ vmalef ($ACC3,$I3,$R0,$ACC3); -+ vmalef ($ACC4,$I3,$R1,$ACC4); -+ -+ vperm ($I0,$T3,$T4,$bswaplo); -+ vperm ($I2,$T3,$T4,$bswapmi); -+ vperm ($T3,$T3,$T4,$bswaphi); -+ -+ vmalef ($ACC0,$I4,$S1,$ACC0); -+ vmalef ($ACC1,$I4,$S2,$ACC1); -+ vmalef ($ACC2,$I4,$S3,$ACC2); -+ vmalef ($ACC3,$I4,$S4,$ACC3); -+ vmalef ($ACC4,$I4,$R0,$ACC4); -+ -+ verimg ($I1,$I0,$mask26,6); # >>26 -+ veslg ($I0,$I0,32); -+ veslg ($I2,$I2,28); # >>4 -+ verimg ($I3,$T3,$mask26,18); # >>14 -+ -+ vmalof ($ACC0,$H0,$R0,$ACC0); -+ vmalof ($ACC1,$H0,$R1,$ACC1); -+ vmalof ($ACC2,$H0,$R2,$ACC2); -+ vmalof ($ACC3,$H0,$R3,$ACC3); -+ vmalof ($ACC4,$H0,$R4,$ACC4); -+ -+ vgmf ($I4,5,5); # padbit<<2 -+ verimg ($I4,$T3,$mask26,58); # >>38 -+ vn ($I0,$I0,$mask26); -+ vn ($I2,$I2,$mask26); -+ vesrlf ($I4,$I4,2); # >>2 -+ -+ vmalof ($ACC0,$H1,$S4,$ACC0); -+ vmalof ($ACC1,$H1,$R0,$ACC1); -+ vmalof ($ACC2,$H1,$R1,$ACC2); -+ vmalof ($ACC3,$H1,$R2,$ACC3); -+ vmalof ($ACC4,$H1,$R3,$ACC4); -+ -+ vgmg ($mask26,38,63); -+ vperm ($T3,$T1,$T2,$bswaplo); -+ vperm ($T4,$T1,$T2,$bswaphi); -+ vperm ($T2,$T1,$T2,$bswapmi); -+ -+ vmalof ($ACC0,$H2,$S3,$ACC0); -+ vmalof ($ACC1,$H2,$S4,$ACC1); -+ vmalof ($ACC2,$H2,$R0,$ACC2); -+ vmalof ($ACC3,$H2,$R1,$ACC3); -+ vmalof ($ACC4,$H2,$R2,$ACC4); -+ -+ verimg ($I0,$T3,$mask26,0); -+ verimg ($I1,$T3,$mask26,38); # >>26 -+ verimg ($I2,$T2,$mask26,60); # >>4 -+ -+ vmalof ($ACC0,$H3,$S2,$ACC0); -+ vmalof ($ACC1,$H3,$S3,$ACC1); -+ vmalof ($ACC2,$H3,$S4,$ACC2); -+ vmalof ($ACC3,$H3,$R0,$ACC3); -+ vmalof ($ACC4,$H3,$R1,$ACC4); -+ -+ verimg ($I3,$T4,$mask26,50); # >>14 -+ vesrlg ($T4,$T4,40); -+ vo ($I4,$I4,$T4); -+ -+ vmalof ($ACC0,$H4,$S1,$ACC0); -+ vmalof ($ACC1,$H4,$S2,$ACC1); -+ vmalof ($ACC2,$H4,$S3,$ACC2); -+ vmalof ($ACC3,$H4,$S4,$ACC3); -+ vmalof ($ACC4,$H4,$R0,$ACC4); -+ -+ ################################################################ -+ # lazy reduction as discussed in "NEON crypto" by D.J. Bernstein -+ # and P. Schwabe -+ -+ vesrlg ($H4,$ACC3,26); -+ vesrlg ($H1,$ACC0,26); -+ vn ($H3,$ACC3,$mask26); -+ vn ($H0,$ACC0,$mask26); -+ vag ($H4,$H4,$ACC4); # h3 -> h4 -+ vag ($H1,$H1,$ACC1); # h0 -> h1 -+ -+ vesrlg ($ACC4,$H4,26); -+ vesrlg ($ACC1,$H1,26); -+ vn ($H4,$H4,$mask26); -+ vn ($H1,$H1,$mask26); -+ vag ($H0,$H0,$ACC4); -+ vag ($H2,$ACC2,$ACC1); # h1 -> h2 -+ -+ veslg ($ACC4,$ACC4,2); # <<2 -+ vesrlg ($ACC2,$H2,26); -+ vn ($H2,$H2,$mask26); -+ vag ($H0,$H0,$ACC4); # h4 -> h0 -+ vag ($H3,$H3,$ACC2); # h2 -> h3 -+ -+ vesrlg ($ACC0,$H0,26); -+ vesrlg ($ACC3,$H3,26); -+ vn ($H0,$H0,$mask26); -+ vn ($H3,$H3,$mask26); -+ vag ($H1,$H1,$ACC0); # h0 -> h1 -+ vag ($H4,$H4,$ACC3); # h3 -> h4 -+ -+&{$z? \&brctg:\&brct} ("%r0",".Loop_vx"); -+ -+ vlm ($R0,$S4,"48($ctx)"); # load all powers -+ -+ lghi ("%r0",0x30); -+&{$z? \&lcgr:\&lcr} ($len,$len); -+&{$z? \&ngr:\&nr} ($len,"%r0"); -+&{$z? \&slgr:\&slr} ($inp,$len); -+ -+LABEL (".Last"); -+ vmlef ($ACC0,$I0,$R0); -+ vmlef ($ACC1,$I0,$R1); -+ vmlef ($ACC2,$I0,$R2); -+ vmlef ($ACC3,$I0,$R3); -+ vmlef ($ACC4,$I0,$R4); -+ -+ vmalef ($ACC0,$I1,$S4,$ACC0); -+ vmalef ($ACC1,$I1,$R0,$ACC1); -+ vmalef ($ACC2,$I1,$R1,$ACC2); -+ vmalef ($ACC3,$I1,$R2,$ACC3); -+ vmalef ($ACC4,$I1,$R3,$ACC4); -+ -+ vaf ($H0,$H0,$I0); -+ vaf ($H1,$H1,$I1); -+ vaf ($H2,$H2,$I2); -+ vaf ($H3,$H3,$I3); -+ vaf ($H4,$H4,$I4); -+ -+ vmalef ($ACC0,$I2,$S3,$ACC0); -+ vmalef ($ACC1,$I2,$S4,$ACC1); -+ vmalef ($ACC2,$I2,$R0,$ACC2); -+ vmalef ($ACC3,$I2,$R1,$ACC3); -+ vmalef ($ACC4,$I2,$R2,$ACC4); -+ -+ vmalef ($ACC0,$I3,$S2,$ACC0); -+ vmalef ($ACC1,$I3,$S3,$ACC1); -+ vmalef ($ACC2,$I3,$S4,$ACC2); -+ vmalef ($ACC3,$I3,$R0,$ACC3); -+ vmalef ($ACC4,$I3,$R1,$ACC4); -+ -+ vmalef ($ACC0,$I4,$S1,$ACC0); -+ vmalef ($ACC1,$I4,$S2,$ACC1); -+ vmalef ($ACC2,$I4,$S3,$ACC2); -+ vmalef ($ACC3,$I4,$S4,$ACC3); -+ vmalef ($ACC4,$I4,$R0,$ACC4); -+ -+ vmalof ($ACC0,$H0,$R0,$ACC0); -+ vmalof ($ACC1,$H0,$R1,$ACC1); -+ vmalof ($ACC2,$H0,$R2,$ACC2); -+ vmalof ($ACC3,$H0,$R3,$ACC3); -+ vmalof ($ACC4,$H0,$R4,$ACC4); -+ -+ vmalof ($ACC0,$H1,$S4,$ACC0); -+ vmalof ($ACC1,$H1,$R0,$ACC1); -+ vmalof ($ACC2,$H1,$R1,$ACC2); -+ vmalof ($ACC3,$H1,$R2,$ACC3); -+ vmalof ($ACC4,$H1,$R3,$ACC4); -+ -+ vmalof ($ACC0,$H2,$S3,$ACC0); -+ vmalof ($ACC1,$H2,$S4,$ACC1); -+ vmalof ($ACC2,$H2,$R0,$ACC2); -+ vmalof ($ACC3,$H2,$R1,$ACC3); -+ vmalof ($ACC4,$H2,$R2,$ACC4); -+ -+ vmalof ($ACC0,$H3,$S2,$ACC0); -+ vmalof ($ACC1,$H3,$S3,$ACC1); -+ vmalof ($ACC2,$H3,$S4,$ACC2); -+ vmalof ($ACC3,$H3,$R0,$ACC3); -+ vmalof ($ACC4,$H3,$R1,$ACC4); -+ -+ vmalof ($ACC0,$H4,$S1,$ACC0); -+ vmalof ($ACC1,$H4,$S2,$ACC1); -+ vmalof ($ACC2,$H4,$S3,$ACC2); -+ vmalof ($ACC3,$H4,$S4,$ACC3); -+ vmalof ($ACC4,$H4,$R0,$ACC4); -+ -+ ################################################################ -+ # horizontal addition -+ -+ vzero ($H0); -+ vsumqg ($ACC0,$ACC0,$H0); -+ vsumqg ($ACC1,$ACC1,$H0); -+ vsumqg ($ACC2,$ACC2,$H0); -+ vsumqg ($ACC3,$ACC3,$H0); -+ vsumqg ($ACC4,$ACC4,$H0); -+ -+ ################################################################ -+ # lazy reduction -+ -+ vesrlg ($H4,$ACC3,26); -+ vesrlg ($H1,$ACC0,26); -+ vn ($H3,$ACC3,$mask26); -+ vn ($H0,$ACC0,$mask26); -+ vag ($H4,$H4,$ACC4); # h3 -> h4 -+ vag ($H1,$H1,$ACC1); # h0 -> h1 -+ -+ vesrlg ($ACC4,$H4,26); -+ vesrlg ($ACC1,$H1,26); -+ vn ($H4,$H4,$mask26); -+ vn ($H1,$H1,$mask26); -+ vag ($H0,$H0,$ACC4); -+ vag ($H2,$ACC2,$ACC1); # h1 -> h2 -+ -+ veslg ($ACC4,$ACC4,2); # <<2 -+ vesrlg ($ACC2,$H2,26); -+ vn ($H2,$H2,$mask26); -+ vag ($H0,$H0,$ACC4); # h4 -> h0 -+ vag ($H3,$H3,$ACC2); # h2 -> h3 -+ -+ vesrlg ($ACC0,$H0,26); -+ vesrlg ($ACC3,$H3,26); -+ vn ($H0,$H0,$mask26); -+ vn ($H3,$H3,$mask26); -+ vag ($H1,$H1,$ACC0); # h0 -> h1 -+ vag ($H4,$H4,$ACC3); # h3 -> h4 -+ -+&{$z? \&clgfi:\&clfi} ($len,0); -+ je (".Ldone"); -+ -+ vlm ($T1,$T4,"0x00($inp)"); # load last partial block -+ vgmg ($mask26,6,31); -+ vgmf ($I4,5,5); # padbit<<2 -+ -+ vperm ($I0,$T3,$T4,$bswaplo); -+ vperm ($I2,$T3,$T4,$bswapmi); -+ vperm ($T3,$T3,$T4,$bswaphi); -+ -+ vl ($ACC0,"0x30($len,%r1)"); # borrow $ACC0,1 -+ vl ($ACC1,"0x60($len,%r1)"); -+ -+ verimg ($I1,$I0,$mask26,6); # >>26 -+ veslg ($I0,$I0,32); -+ veslg ($I2,$I2,28); # >>4 -+ verimg ($I3,$T3,$mask26,18); # >>14 -+ verimg ($I4,$T3,$mask26,58); # >>38 -+ vn ($I0,$I0,$mask26); -+ vn ($I2,$I2,$mask26); -+ vesrlf ($I4,$I4,2); # >>2 -+ -+ vgmg ($mask26,38,63); -+ vperm ($T3,$T1,$T2,$bswaplo); -+ vperm ($T4,$T1,$T2,$bswaphi); -+ vperm ($T2,$T1,$T2,$bswapmi); -+ -+ verimg ($I0,$T3,$mask26,0); -+ verimg ($I1,$T3,$mask26,38); # >>26 -+ verimg ($I2,$T2,$mask26,60); # >>4 -+ verimg ($I3,$T4,$mask26,50); # >>14 -+ vesrlg ($T4,$T4,40); -+ vo ($I4,$I4,$T4); -+ -+ vperm ($H0,$H0,$H0,$ACC0); # move hash to right lane -+ vn ($I0,$I0,$ACC1); # mask redundant lane[s] -+ vperm ($H1,$H1,$H1,$ACC0); -+ vn ($I1,$I1,$ACC1); -+ vperm ($H2,$H2,$H2,$ACC0); -+ vn ($I2,$I2,$ACC1); -+ vperm ($H3,$H3,$H3,$ACC0); -+ vn ($I3,$I3,$ACC1); -+ vperm ($H4,$H4,$H4,$ACC0); -+ vn ($I4,$I4,$ACC1); -+ -+ vaf ($I0,$I0,$H0); # accumulate hash -+ vzero ($H0); # wipe hash value -+ vaf ($I1,$I1,$H1); -+ vzero ($H1); -+ vaf ($I2,$I2,$H2); -+ vzero ($H2); -+ vaf ($I3,$I3,$H3); -+ vzero ($H3); -+ vaf ($I4,$I4,$H4); -+ vzero ($H4); -+ -+&{$z? \&lghi:\&lhi} ($len,0); -+ j (".Last"); -+ # I don't bother to tell apart cases when only one multiplication -+ # pass is sufficient, because I argue that mispredicted branch -+ # penalties are comparable to overhead of sometimes redundant -+ # multiplication pass... -+ -+LABEL (".Ldone"); -+ vstef ($H0,"0($ctx)",3); # store hash base 2^26 -+ vstef ($H1,"4($ctx)",3); -+ vstef ($H2,"8($ctx)",3); -+ vstef ($H3,"12($ctx)",3); -+ vstef ($H4,"16($ctx)",3); -+ -+if ($z) { -+ ld ("%f8","$stdframe+0*8($sp)"); -+ ld ("%f9","$stdframe+1*8($sp)"); -+ ld ("%f10","$stdframe+2*8($sp)"); -+ ld ("%f11","$stdframe+3*8($sp)"); -+ ld ("%f12","$stdframe+4*8($sp)"); -+ ld ("%f13","$stdframe+5*8($sp)"); -+ ld ("%f14","$stdframe+6*8($sp)"); -+ ld ("%f15","$stdframe+7*8($sp)"); -+&{$z? \&lmg:\&lm} ("%r10","%r15","$stdframe+8*8+10*$SIZE_T($sp)"); -+} else { -+ ld ("%f4","$stdframe+16*$SIZE_T+2*8($sp)"); -+ ld ("%f6","$stdframe+16*$SIZE_T+3*8($sp)"); -+&{$z? \&lmg:\&lm} ("%r10","%r15","$stdframe+10*$SIZE_T($sp)"); -+} -+ br ("%r14"); -+SIZE ("__poly1305_blocks_vx",".-__poly1305_blocks_vx"); -+} -+ -+################ -+# static void poly1305_emit(void *ctx, unsigned char mac[16], -+# const u32 nonce[4]) - { - my ($mac,$nonce)=($inp,$len); --my ($h0,$h1,$h2,$d0,$d1)=map("%r$_",(5..9)); -+my ($h0,$h1,$h2,$d0,$d1,$d2)=map("%r$_",(5..10)); - --$code.=<<___; --.globl poly1305_emit --.type poly1305_emit,\@function --.align 16 --poly1305_emit: -- stm${g} %r6,%r9,`6*$SIZE_T`($sp) -- -- lg $h0,0($ctx) -- lg $h1,8($ctx) -- lg $h2,16($ctx) -- -- lghi %r0,5 -- lghi %r1,0 -- lgr $d0,$h0 -- lgr $d1,$h1 -- -- algr $h0,%r0 # compare to modulus -- alcgr $h1,%r1 -- alcgr $h2,%r1 -- -- srlg $h2,$h2,2 # did it borrow/carry? -- slgr %r1,$h2 # 0-$h2>>2 -- lg $h2,0($nonce) # load nonce -- lghi %r0,-1 -- lg $ctx,8($nonce) -- xgr %r0,%r1 # ~%r1 -- -- ngr $h0,%r1 -- ngr $d0,%r0 -- ngr $h1,%r1 -- ngr $d1,%r0 -- ogr $h0,$d0 -- rllg $d0,$h2,32 # flip nonce words -- ogr $h1,$d1 -- rllg $d1,$ctx,32 -- -- algr $h0,$d0 # accumulate nonce -- alcgr $h1,$d1 -- -- strvg $h0,0($mac) # write little-endian result -- strvg $h1,8($mac) -- -- lm${g} %r6,%r9,`6*$SIZE_T`($sp) -- br %r14 --.size poly1305_emit,.-poly1305_emit -- --.string "Poly1305 for s390x, CRYPTOGAMS by " --___ -+GLOBL ("poly1305_emit"); -+TYPE ("poly1305_emit","\@function"); -+ALIGN (16); -+LABEL ("poly1305_emit"); -+LABEL (".Lpoly1305_emit"); -+&{$z? \&stmg:\&stm} ("%r6","%r10","6*$SIZE_T($sp)"); -+ -+ lg ($d0,"0($ctx)"); -+ lg ($d1,"8($ctx)"); -+ lg ($d2,"16($ctx)"); -+ -+ llgfr ("%r0",$d0); # base 2^26 -> base 2^64 -+ srlg ($h0,$d0,32); -+ llgfr ("%r1",$d1); -+ srlg ($h1,$d1,32); -+ srlg ($h2,$d2,32); -+ -+ sllg ("%r0","%r0",26); -+ algr ($h0,"%r0"); -+ sllg ("%r0",$h1,52); -+ srlg ($h1,$h1,12); -+ sllg ("%r1","%r1",14); -+ algr ($h0,"%r0"); -+ alcgr ($h1,"%r1"); -+ sllg ("%r0",$h2,40); -+ srlg ($h2,$h2,24); -+ lghi ("%r1",0); -+ algr ($h1,"%r0"); -+ alcgr ($h2,"%r1"); -+ -+ llgf ("%r0","24($ctx)"); # is_base2_26 -+ lcgr ("%r0","%r0"); -+ -+ xgr ($h0,$d0); # choose between radixes -+ xgr ($h1,$d1); -+ xgr ($h2,$d2); -+ ngr ($h0,"%r0"); -+ ngr ($h1,"%r0"); -+ ngr ($h2,"%r0"); -+ xgr ($h0,$d0); -+ xgr ($h1,$d1); -+ xgr ($h2,$d2); -+ -+ lghi ("%r0",5); -+ lgr ($d0,$h0); -+ lgr ($d1,$h1); -+ -+ algr ($h0,"%r0"); # compare to modulus -+ alcgr ($h1,"%r1"); -+ alcgr ($h2,"%r1"); -+ -+ srlg ($h2,$h2,2); # did it borrow/carry? -+ slgr ("%r1",$h2); # 0-$h2>>2 -+ lg ($d2,"0($nonce)"); # load nonce -+ lg ($ctx,"8($nonce)"); -+ -+ xgr ($h0,$d0); -+ xgr ($h1,$d1); -+ ngr ($h0,"%r1"); -+ ngr ($h1,"%r1"); -+ xgr ($h0,$d0); -+ rllg ($d0,$d2,32); # flip nonce words -+ xgr ($h1,$d1); -+ rllg ($d1,$ctx,32); -+ -+ algr ($h0,$d0); # accumulate nonce -+ alcgr ($h1,$d1); -+ -+ strvg ($h0,"0($mac)"); # write little-endian result -+ strvg ($h1,"8($mac)"); -+ -+&{$z? \&lmg:\&lm} ("%r6","%r10","6*$SIZE_T($sp)"); -+ br ("%r14"); -+SIZE ("poly1305_emit",".-poly1305_emit"); - } - --$code =~ s/\`([^\`]*)\`/eval $1/gem; --$code =~ s/\b(srlg\s+)(%r[0-9]+\s*,)\s*([0-9]+)/$1$2$2$3/gm; -+################ -+ -+ALIGN (16); -+LABEL (".Lconst"); -+LONG (0x04050607,0x14151617,0x0c0d0e0f,0x1c1d1e1f); # merge odd -+LONG (0x07060504,0x03020100,0x17161514,0x13121110); # byte swap masks -+LONG (0x0f0e0d0c,0x0b0a0908,0x1f1e1d1c,0x1b1a1918); -+LONG (0x00000000,0x09080706,0x00000000,0x19181716); -+ -+LONG (0x00000000,0x00000000,0x00000000,0x0c0d0e0f); # magic tail masks -+LONG (0x0c0d0e0f,0x00000000,0x00000000,0x00000000); -+LONG (0x00000000,0x00000000,0x0c0d0e0f,0x00000000); -+ -+LONG (0xffffffff,0x00000000,0xffffffff,0xffffffff); -+LONG (0xffffffff,0x00000000,0xffffffff,0x00000000); -+LONG (0x00000000,0x00000000,0xffffffff,0x00000000); -+ -+STRING ("\"Poly1305 for s390x, CRYPTOGAMS by \""); - --print $code; --close STDOUT or die "error closing STDOUT: $!"; -+PERLASM_END(); -diff -up openssl-1.1.1e/crypto/poly1305/build.info.s390x-update openssl-1.1.1e/crypto/poly1305/build.info ---- openssl-1.1.1e/crypto/poly1305/build.info.s390x-update 2020-03-17 15:31:17.000000000 +0100 -+++ openssl-1.1.1e/crypto/poly1305/build.info 2020-03-19 16:20:22.042227342 +0100 -@@ -18,6 +18,7 @@ INCLUDE[poly1305-armv8.o]=.. - GENERATE[poly1305-mips.S]=asm/poly1305-mips.pl $(PERLASM_SCHEME) - INCLUDE[poly1305-mips.o]=.. - GENERATE[poly1305-s390x.S]=asm/poly1305-s390x.pl $(PERLASM_SCHEME) -+INCLUDE[poly1305-s390x.o]=.. - - BEGINRAW[Makefile(unix)] - {- $builddir -}/poly1305-%.S: {- $sourcedir -}/asm/poly1305-%.pl diff --git a/openssl-1.1.1-seclevel.patch b/openssl-1.1.1-seclevel.patch deleted file mode 100644 index c6751a5..0000000 --- a/openssl-1.1.1-seclevel.patch +++ /dev/null @@ -1,160 +0,0 @@ -diff -up openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1g/crypto/x509/x509_vfy.c ---- openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/crypto/x509/x509_vfy.c 2020-06-05 17:16:54.835536823 +0200 -@@ -3225,6 +3225,7 @@ static int build_chain(X509_STORE_CTX *c - } - - static const int minbits_table[] = { 80, 112, 128, 192, 256 }; -+static const int minbits_digest_table[] = { 80, 80, 128, 192, 256 }; - static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table); - - /* -@@ -3276,6 +3277,11 @@ static int check_sig_level(X509_STORE_CT - - if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL)) - return 0; -- -- return secbits >= minbits_table[level - 1]; -+ /* -+ * Allow SHA1 in SECLEVEL 2 in non-FIPS mode or when the magic -+ * disable SHA1 flag is not set. -+ */ -+ if ((ctx->param->flags & 0x40000000) || FIPS_mode()) -+ return secbits >= minbits_table[level - 1]; -+ return secbits >= minbits_digest_table[level - 1]; - } -diff -up openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod ---- openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod 2020-06-04 15:48:01.608178833 +0200 -@@ -81,8 +81,10 @@ using MD5 for the MAC is also prohibited - - =item B - --Security level set to 112 bits of security. As a result RSA, DSA and DH keys --shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. -+Security level set to 112 bits of security with the exception of SHA1 allowed -+for signatures. -+As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys -+shorter than 224 bits are prohibited. - In addition to the level 1 exclusions any cipher suite using RC4 is also - prohibited. SSL version 3 is also not allowed. Compression is disabled. - -diff -up openssl-1.1.1g/ssl/ssl_cert.c.seclevel openssl-1.1.1g/ssl/ssl_cert.c ---- openssl-1.1.1g/ssl/ssl_cert.c.seclevel 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/ssl/ssl_cert.c 2020-06-05 17:10:11.842198401 +0200 -@@ -27,6 +27,7 @@ - static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, - int op, int bits, int nid, void *other, - void *ex); -+static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx); - - static CRYPTO_ONCE ssl_x509_store_ctx_once = CRYPTO_ONCE_STATIC_INIT; - static volatile int ssl_x509_store_ctx_idx = -1; -@@ -396,7 +397,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_ - X509_VERIFY_PARAM_set_auth_level(param, SSL_get_security_level(s)); - - /* Set suite B flags if needed */ -- X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s)); -+ X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s) | sha1_disable(s, NULL)); - if (!X509_STORE_CTX_set_ex_data - (ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s)) { - goto end; -@@ -953,12 +954,33 @@ static int ssl_security_default_callback - return 0; - break; - default: -+ /* allow SHA1 in SECLEVEL 2 in non FIPS mode */ -+ if (nid == NID_sha1 && minbits == 112 && !sha1_disable(s, ctx)) -+ break; - if (bits < minbits) - return 0; - } - return 1; - } - -+static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx) -+{ -+ unsigned long ret = 0x40000000; /* a magical internal value used by X509_VERIFY_PARAM */ -+ const CERT *c; -+ -+ if (FIPS_mode()) -+ return ret; -+ -+ if (ctx != NULL) { -+ c = ctx->cert; -+ } else { -+ c = s->cert; -+ } -+ if (tls1_cert_sigalgs_have_sha1(c)) -+ return 0; -+ return ret; -+} -+ - int ssl_security(const SSL *s, int op, int bits, int nid, void *other) - { - return s->cert->sec_cb(s, NULL, op, bits, nid, other, s->cert->sec_ex); -diff -up openssl-1.1.1g/ssl/ssl_local.h.seclevel openssl-1.1.1g/ssl/ssl_local.h ---- openssl-1.1.1g/ssl/ssl_local.h.seclevel 2020-06-04 15:48:01.602178783 +0200 -+++ openssl-1.1.1g/ssl/ssl_local.h 2020-06-05 17:02:22.666313410 +0200 -@@ -2576,6 +2576,7 @@ __owur int tls1_save_sigalgs(SSL *s, PAC - __owur int tls1_process_sigalgs(SSL *s); - __owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey); - __owur int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd); -+int tls1_cert_sigalgs_have_sha1(const CERT *c); - __owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs); - # ifndef OPENSSL_NO_EC - __owur int tls_check_sigalg_curve(const SSL *s, int curve); -diff -up openssl-1.1.1g/ssl/t1_lib.c.seclevel openssl-1.1.1g/ssl/t1_lib.c ---- openssl-1.1.1g/ssl/t1_lib.c.seclevel 2020-06-04 15:48:01.654179221 +0200 -+++ openssl-1.1.1g/ssl/t1_lib.c 2020-06-05 17:02:40.268459157 +0200 -@@ -2145,6 +2145,36 @@ int tls1_set_sigalgs(CERT *c, const int - return 0; - } - -+static int tls1_sigalgs_have_sha1(const uint16_t *sigalgs, size_t sigalgslen) -+{ -+ size_t i; -+ -+ for (i = 0; i < sigalgslen; i++, sigalgs++) { -+ const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(*sigalgs); -+ -+ if (lu == NULL) -+ continue; -+ if (lu->hash == NID_sha1) -+ return 1; -+ } -+ return 0; -+} -+ -+ -+int tls1_cert_sigalgs_have_sha1(const CERT *c) -+{ -+ if (c->client_sigalgs != NULL) { -+ if (tls1_sigalgs_have_sha1(c->client_sigalgs, c->client_sigalgslen)) -+ return 1; -+ } -+ if (c->conf_sigalgs != NULL) { -+ if (tls1_sigalgs_have_sha1(c->conf_sigalgs, c->conf_sigalgslen)) -+ return 1; -+ return 0; -+ } -+ return 1; -+} -+ - static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid) - { - int sig_nid, use_pc_sigalgs = 0; -diff -up openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel openssl-1.1.1g/test/recipes/25-test_verify.t ---- openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel 2020-04-21 14:22:39.000000000 +0200 -+++ openssl-1.1.1g/test/recipes/25-test_verify.t 2020-06-04 15:48:01.608178833 +0200 -@@ -346,8 +346,8 @@ ok(verify("ee-pss-sha1-cert", "sslserver - ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ), - "CA with PSS signature using SHA256"); - --ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), -- "Reject PSS signature using SHA1 and auth level 2"); -+ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "3"), -+ "Reject PSS signature using SHA1 and auth level 3"); - - ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), - "PSS signature using SHA256 and auth level 2"); diff --git a/openssl-1.1.1-ssh-kdf.patch b/openssl-1.1.1-ssh-kdf.patch deleted file mode 100644 index 1bf71c4..0000000 --- a/openssl-1.1.1-ssh-kdf.patch +++ /dev/null @@ -1,5612 +0,0 @@ -commit 1e662a43f0420cfdc40d01cd70c27fa1c220a57e -Author: Simo Sorce -Date: Wed Sep 19 16:23:45 2018 -0400 - - Implement SSH KDF - - SSH's KDF is defined in RFC 4253 in Section 7.2 - - Signed-off-by: Simo Sorce - - Reviewed-by: Paul Dale - Reviewed-by: Matt Caswell - (Merged from https://github.com/openssl/openssl/pull/7290) - -diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt -index ae67dac7f6..e7ed2f8d63 100644 ---- a/crypto/err/openssl.txt -+++ b/crypto/err/openssl.txt -@@ -828,6 +828,10 @@ KDF_F_KDF_SCRYPT_CTRL_UINT32:121:kdf_scrypt_ctrl_uint32 - KDF_F_KDF_SCRYPT_CTRL_UINT64:122:kdf_scrypt_ctrl_uint64 - KDF_F_KDF_SCRYPT_DERIVE:123:kdf_scrypt_derive - KDF_F_KDF_SCRYPT_NEW:124:kdf_scrypt_new -+KDF_F_KDF_SSHKDF_CTRL:130:kdf_sshkdf_ctrl -+KDF_F_KDF_SSHKDF_CTRL_STR:131:kdf_sshkdf_ctrl_str -+KDF_F_KDF_SSHKDF_DERIVE:132:kdf_sshkdf_derive -+KDF_F_KDF_SSHKDF_NEW:133:kdf_sshkdf_new - KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str - KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive - KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new -@@ -2320,6 +2324,9 @@ KDF_R_MISSING_PASS:110:missing pass - KDF_R_MISSING_SALT:111:missing salt - KDF_R_MISSING_SECRET:107:missing secret - KDF_R_MISSING_SEED:106:missing seed -+KDF_R_MISSING_SESSION_ID:113:missing session id -+KDF_R_MISSING_TYPE:114:missing type -+KDF_R_MISSING_XCGHASH:115:missing xcghash - KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type - KDF_R_VALUE_ERROR:108:value error - KDF_R_VALUE_MISSING:102:value missing -diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c -index 05f5cec3a9..811fe727f6 100644 ---- a/crypto/evp/kdf_lib.c -+++ b/crypto/evp/kdf_lib.c -@@ -29,7 +29,8 @@ static const EVP_KDF_METHOD *standard_methods[] = { - &scrypt_kdf_meth, - #endif - &tls1_prf_kdf_meth, -- &hkdf_kdf_meth -+ &hkdf_kdf_meth, -+ &sshkdf_kdf_meth, - }; - - DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, -diff --git a/include/crypto/evp.h b/include/crypto/evp.h -index a109e561b3..8c313c65ac 100644 ---- a/include/crypto/evp.h -+++ b/include/crypto/evp.h -@@ -129,6 +129,7 @@ extern const EVP_KDF_METHOD pbkdf2_kdf_meth; - extern const EVP_KDF_METHOD scrypt_kdf_meth; - extern const EVP_KDF_METHOD tls1_prf_kdf_meth; - extern const EVP_KDF_METHOD hkdf_kdf_meth; -+extern const EVP_KDF_METHOD sshkdf_kdf_meth; - - struct evp_md_st { - int type; -diff --git a/crypto/kdf/build.info b/crypto/kdf/build.info -index dce960e9e1..f483c779dd 100644 ---- a/crypto/kdf/build.info -+++ b/crypto/kdf/build.info -@@ -1,3 +1,3 @@ - LIBS=../../libcrypto - SOURCE[../../libcrypto]=\ -- tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c -+ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c -diff --git a/crypto/kdf/kdf_err.c b/crypto/kdf/kdf_err.c -index b2a0c0ebfc..b4678775dd 100644 ---- a/crypto/kdf/kdf_err.c -+++ b/crypto/kdf/kdf_err.c -@@ -31,6 +31,11 @@ static const ERR_STRING_DATA KDF_str_functs[] = { - "kdf_scrypt_ctrl_uint64"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_DERIVE, 0), "kdf_scrypt_derive"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SCRYPT_NEW, 0), "kdf_scrypt_new"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_CTRL, 0), "kdf_sshkdf_ctrl"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_CTRL_STR, 0), -+ "kdf_sshkdf_ctrl_str"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_DERIVE, 0), "kdf_sshkdf_derive"}, -+ {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_SSHKDF_NEW, 0), "kdf_sshkdf_new"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_CTRL_STR, 0), - "kdf_tls1_prf_ctrl_str"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_KDF_TLS1_PRF_DERIVE, 0), -@@ -70,6 +75,9 @@ static const ERR_STRING_DATA KDF_str_reasons[] = { - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SALT), "missing salt"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"}, -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SESSION_ID), "missing session id"}, -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_TYPE), "missing type"}, -+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_XCGHASH), "missing xcghash"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE), - "unknown parameter type"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, -diff --git a/crypto/kdf/sshkdf.c b/crypto/kdf/sshkdf.c -new file mode 100644 -index 0000000000..24f37cbed4 ---- /dev/null -+++ b/crypto/kdf/sshkdf.c -@@ -0,0 +1,288 @@ -+/* -+ * Copyright 2018-2018 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the OpenSSL license (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include "internal/cryptlib.h" -+#include "crypto/evp.h" -+#include "kdf_local.h" -+ -+/* See RFC 4253, Section 7.2 */ -+ -+static void kdf_sshkdf_reset(EVP_KDF_IMPL *impl); -+static int SSHKDF(const EVP_MD *evp_md, -+ const unsigned char *key, size_t key_len, -+ const unsigned char *xcghash, size_t xcghash_len, -+ const unsigned char *session_id, size_t session_id_len, -+ char type, unsigned char *okey, size_t okey_len); -+ -+struct evp_kdf_impl_st { -+ const EVP_MD *md; -+ unsigned char *key; /* K */ -+ size_t key_len; -+ unsigned char *xcghash; /* H */ -+ size_t xcghash_len; -+ char type; /* X */ -+ unsigned char *session_id; -+ size_t session_id_len; -+}; -+ -+static EVP_KDF_IMPL *kdf_sshkdf_new(void) -+{ -+ EVP_KDF_IMPL *impl; -+ -+ if ((impl = OPENSSL_zalloc(sizeof(*impl))) == NULL) -+ KDFerr(KDF_F_KDF_SSHKDF_NEW, ERR_R_MALLOC_FAILURE); -+ return impl; -+} -+ -+static void kdf_sshkdf_free(EVP_KDF_IMPL *impl) -+{ -+ kdf_sshkdf_reset(impl); -+ OPENSSL_free(impl); -+} -+ -+static void kdf_sshkdf_reset(EVP_KDF_IMPL *impl) -+{ -+ OPENSSL_clear_free(impl->key, impl->key_len); -+ OPENSSL_clear_free(impl->xcghash, impl->xcghash_len); -+ OPENSSL_clear_free(impl->session_id, impl->session_id_len); -+ memset(impl, 0, sizeof(*impl)); -+} -+ -+static int kdf_sshkdf_parse_buffer_arg(unsigned char **dst, size_t *dst_len, -+ va_list args) -+{ -+ const unsigned char *p; -+ size_t len; -+ -+ p = va_arg(args, const unsigned char *); -+ len = va_arg(args, size_t); -+ OPENSSL_clear_free(*dst, *dst_len); -+ *dst = OPENSSL_memdup(p, len); -+ if (*dst == NULL) -+ return 0; -+ -+ *dst_len = len; -+ return 1; -+} -+ -+static int kdf_sshkdf_ctrl(EVP_KDF_IMPL *impl, int cmd, va_list args) -+{ -+ int t; -+ -+ switch (cmd) { -+ case EVP_KDF_CTRL_SET_MD: -+ impl->md = va_arg(args, const EVP_MD *); -+ if (impl->md == NULL) -+ return 0; -+ -+ return 1; -+ -+ case EVP_KDF_CTRL_SET_KEY: -+ return kdf_sshkdf_parse_buffer_arg(&impl->key, -+ &impl->key_len, args); -+ -+ case EVP_KDF_CTRL_SET_SSHKDF_XCGHASH: -+ return kdf_sshkdf_parse_buffer_arg(&impl->xcghash, -+ &impl->xcghash_len, args); -+ -+ case EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID: -+ return kdf_sshkdf_parse_buffer_arg(&impl->session_id, -+ &impl->session_id_len, args); -+ -+ case EVP_KDF_CTRL_SET_SSHKDF_TYPE: -+ t = va_arg(args, int); -+ if (t < 65 || t > 70) { -+ KDFerr(KDF_F_KDF_SSHKDF_CTRL, KDF_R_VALUE_ERROR); -+ return 0; -+ } -+ -+ impl->type = (char)t; -+ return 1; -+ -+ default: -+ return -2; -+ -+ } -+} -+ -+static int kdf_sshkdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, -+ const char *value) -+{ -+ if (value == NULL) { -+ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_MISSING); -+ return 0; -+ } -+ -+ if (strcmp(type, "md") == 0) -+ return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); -+ -+ if (strcmp(type, "key") == 0) -+ return kdf_str2ctrl(impl, kdf_sshkdf_ctrl, -+ EVP_KDF_CTRL_SET_KEY, value); -+ -+ if (strcmp(type, "hexkey") == 0) -+ return kdf_hex2ctrl(impl, kdf_sshkdf_ctrl, -+ EVP_KDF_CTRL_SET_KEY, value); -+ -+ if (strcmp(type, "xcghash") == 0) -+ return kdf_str2ctrl(impl, kdf_sshkdf_ctrl, -+ EVP_KDF_CTRL_SET_SSHKDF_XCGHASH, value); -+ -+ if (strcmp(type, "hexxcghash") == 0) -+ return kdf_hex2ctrl(impl, kdf_sshkdf_ctrl, -+ EVP_KDF_CTRL_SET_SSHKDF_XCGHASH, value); -+ -+ if (strcmp(type, "session_id") == 0) -+ return kdf_str2ctrl(impl, kdf_sshkdf_ctrl, -+ EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID, value); -+ -+ if (strcmp(type, "hexsession_id") == 0) -+ return kdf_hex2ctrl(impl, kdf_sshkdf_ctrl, -+ EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID, value); -+ -+ if (strcmp(type, "type") == 0) { -+ if (strlen(value) != 1) { -+ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_VALUE_ERROR); -+ return 0; -+ } -+ -+ return call_ctrl(kdf_sshkdf_ctrl, impl, EVP_KDF_CTRL_SET_SSHKDF_TYPE, -+ (int)value[0]); -+ } -+ -+ KDFerr(KDF_F_KDF_SSHKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); -+ return -2; -+} -+ -+static size_t kdf_sshkdf_size(EVP_KDF_IMPL *impl) -+{ -+ return SIZE_MAX; -+} -+ -+static int kdf_sshkdf_derive(EVP_KDF_IMPL *impl, unsigned char *key, -+ size_t keylen) -+{ -+ if (impl->md == NULL) { -+ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); -+ return 0; -+ } -+ if (impl->key == NULL) { -+ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_KEY); -+ return 0; -+ } -+ if (impl->xcghash == NULL) { -+ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_XCGHASH); -+ return 0; -+ } -+ if (impl->session_id == NULL) { -+ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_SESSION_ID); -+ return 0; -+ } -+ if (impl->type == 0) { -+ KDFerr(KDF_F_KDF_SSHKDF_DERIVE, KDF_R_MISSING_TYPE); -+ return 0; -+ } -+ return SSHKDF(impl->md, impl->key, impl->key_len, -+ impl->xcghash, impl->xcghash_len, -+ impl->session_id, impl->session_id_len, -+ impl->type, key, keylen); -+} -+ -+const EVP_KDF_METHOD sshkdf_kdf_meth = { -+ EVP_KDF_SSHKDF, -+ kdf_sshkdf_new, -+ kdf_sshkdf_free, -+ kdf_sshkdf_reset, -+ kdf_sshkdf_ctrl, -+ kdf_sshkdf_ctrl_str, -+ kdf_sshkdf_size, -+ kdf_sshkdf_derive, -+}; -+ -+static int SSHKDF(const EVP_MD *evp_md, -+ const unsigned char *key, size_t key_len, -+ const unsigned char *xcghash, size_t xcghash_len, -+ const unsigned char *session_id, size_t session_id_len, -+ char type, unsigned char *okey, size_t okey_len) -+{ -+ EVP_MD_CTX *md = NULL; -+ unsigned char digest[EVP_MAX_MD_SIZE]; -+ unsigned int dsize = 0; -+ size_t cursize = 0; -+ int ret = 0; -+ -+ md = EVP_MD_CTX_new(); -+ if (md == NULL) -+ return 0; -+ -+ if (!EVP_DigestInit_ex(md, evp_md, NULL)) -+ goto out; -+ -+ if (!EVP_DigestUpdate(md, key, key_len)) -+ goto out; -+ -+ if (!EVP_DigestUpdate(md, xcghash, xcghash_len)) -+ goto out; -+ -+ if (!EVP_DigestUpdate(md, &type, 1)) -+ goto out; -+ -+ if (!EVP_DigestUpdate(md, session_id, session_id_len)) -+ goto out; -+ -+ if (!EVP_DigestFinal_ex(md, digest, &dsize)) -+ goto out; -+ -+ if (okey_len < dsize) { -+ memcpy(okey, digest, okey_len); -+ ret = 1; -+ goto out; -+ } -+ -+ memcpy(okey, digest, dsize); -+ -+ for (cursize = dsize; cursize < okey_len; cursize += dsize) { -+ -+ if (!EVP_DigestInit_ex(md, evp_md, NULL)) -+ goto out; -+ -+ if (!EVP_DigestUpdate(md, key, key_len)) -+ goto out; -+ -+ if (!EVP_DigestUpdate(md, xcghash, xcghash_len)) -+ goto out; -+ -+ if (!EVP_DigestUpdate(md, okey, cursize)) -+ goto out; -+ -+ if (!EVP_DigestFinal_ex(md, digest, &dsize)) -+ goto out; -+ -+ if (okey_len < cursize + dsize) { -+ memcpy(okey + cursize, digest, okey_len - cursize); -+ ret = 1; -+ goto out; -+ } -+ -+ memcpy(okey + cursize, digest, dsize); -+ } -+ -+ ret = 1; -+ -+out: -+ EVP_MD_CTX_free(md); -+ OPENSSL_cleanse(digest, EVP_MAX_MD_SIZE); -+ return ret; -+} -+ -diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h -index 9ab1a14b9e..81646fda52 100644 ---- a/crypto/objects/obj_dat.h -+++ b/crypto/objects/obj_dat.h -@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = { - 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ - }; - --#define NUM_NID 1195 -+#define NUM_NID 1196 - static const ASN1_OBJECT nid_objs[NUM_NID] = { - {"UNDEF", "undefined", NID_undef}, - {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, -@@ -2275,9 +2275,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { - {"magma-mac", "magma-mac", NID_magma_mac}, - {"hmacWithSHA512-224", "hmacWithSHA512-224", NID_hmacWithSHA512_224, 8, &so[7745]}, - {"hmacWithSHA512-256", "hmacWithSHA512-256", NID_hmacWithSHA512_256, 8, &so[7753]}, -+ {"SSHKDF", "sshkdf", NID_sshkdf}, - }; - --#define NUM_SN 1186 -+#define NUM_SN 1187 - static const unsigned int sn_objs[NUM_SN] = { - 364, /* "AD_DVCS" */ - 419, /* "AES-128-CBC" */ -@@ -2555,6 +2556,7 @@ static const unsigned int sn_objs[NUM_SN] = { - 167, /* "SMIME-CAPS" */ - 100, /* "SN" */ - 1006, /* "SNILS" */ -+ 1195, /* "SSHKDF" */ - 16, /* "ST" */ - 143, /* "SXNetID" */ - 1062, /* "SipHash" */ -@@ -3467,7 +3469,7 @@ static const unsigned int sn_objs[NUM_SN] = { - 1093, /* "x509ExtAdmission" */ - }; - --#define NUM_LN 1186 -+#define NUM_LN 1187 - static const unsigned int ln_objs[NUM_LN] = { - 363, /* "AD Time Stamping" */ - 405, /* "ANSI X9.62" */ -@@ -4609,6 +4611,7 @@ static const unsigned int ln_objs[NUM_LN] = { - 1139, /* "sm4-ctr" */ - 1133, /* "sm4-ecb" */ - 1135, /* "sm4-ofb" */ -+ 1195, /* "sshkdf" */ - 16, /* "stateOrProvinceName" */ - 660, /* "streetAddress" */ - 498, /* "subtreeMaximumQuality" */ -diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num -index 1b6a9c61a1..231c18384a 100644 ---- a/crypto/objects/obj_mac.num -+++ b/crypto/objects/obj_mac.num -@@ -1192,3 +1192,4 @@ magma_cfb 1191 - magma_mac 1192 - hmacWithSHA512_224 1193 - hmacWithSHA512_256 1194 -+sshkdf 1195 -diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt -index 6dbc41ce37..5ded88e525 100644 ---- a/crypto/objects/objects.txt -+++ b/crypto/objects/objects.txt -@@ -1600,6 +1600,9 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme - # NID for HKDF - : HKDF : hkdf - -+# NID for SSHKDF -+ : SSHKDF : sshkdf -+ - # RFC 4556 - 1 3 6 1 5 2 3 : id-pkinit - id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth -diff --git a/doc/man7/EVP_KDF_SSHKDF.pod b/doc/man7/EVP_KDF_SSHKDF.pod -new file mode 100644 -index 0000000000..9c9734e7c3 ---- /dev/null -+++ b/doc/man7/EVP_KDF_SSHKDF.pod -@@ -0,0 +1,175 @@ -+=pod -+ -+=head1 NAME -+ -+EVP_KDF_SSHKDF - The SSHKDF EVP_KDF implementation -+ -+=head1 DESCRIPTION -+ -+Support for computing the B KDF through the B API. -+ -+The EVP_KDF_SSHKDF algorithm implements the SSHKDF key derivation function. -+It is defined in RFC 4253, section 7.2 and is used by SSH to derive IVs, -+encryption keys and integrity keys. -+Five inputs are required to perform key derivation: The hashing function -+(for example SHA256), the Initial Key, the Exchange Hash, the Session ID, -+and the derivation key type. -+ -+=head2 Numeric identity -+ -+B is the numeric identity for this implementation; it -+can be used with the EVP_KDF_CTX_new_id() function. -+ -+=head2 Supported controls -+ -+The supported controls are: -+ -+=over 4 -+ -+=item B -+ -+=item B -+ -+These controls work as described in L. -+ -+=item B -+ -+=item B -+ -+These controls expect two arguments: C, C -+ -+They set the respective values to the first B bytes of the buffer -+B. If a value is already set, the contents are replaced. -+ -+EVP_KDF_ctrl_str() takes two type strings for these controls: -+ -+=over 4 -+ -+=item "xcghash" -+ -+=item "session_id" -+ -+The value string is used as is. -+ -+=item "hexxcghash" -+ -+=item "hexsession_id" -+ -+The value string is expected to be a hexadecimal number, which will be -+decoded before being passed on as the control value. -+ -+=back -+ -+=item B -+ -+This control expects one argument: C -+ -+Sets the type for the SSHHKDF operation. There are six supported types: -+ -+=over 4 -+ -+=item EVP_KDF_SSHKDF_TYPE_ININITAL_IV_CLI_TO_SRV -+ -+The Initial IV from client to server. -+A single char of value 65 (ASCII char 'A'). -+ -+=item EVP_KDF_SSHKDF_TYPE_ININITAL_IV_SRV_TO_CLI -+ -+The Initial IV from server to client -+A single char of value 66 (ASCII char 'B'). -+ -+=item EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV -+ -+The Encryption Key from client to server -+A single char of value 67 (ASCII char 'C'). -+ -+=item EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI -+ -+The Encryption Key from server to client -+A single char of value 68 (ASCII char 'D'). -+ -+=item EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV -+ -+The Integrity Key from client to server -+A single char of value 69 (ASCII char 'E'). -+ -+=item EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI -+ -+The Integrity Key from client to server -+A single char of value 70 (ASCII char 'F'). -+ -+=back -+ -+EVP_KDF_ctrl_str() type string: "type" -+ -+The value is a string of length one character. The only valid values -+are the numerical values of the ASCII caracters: "A" (65) to "F" (70). -+ -+=back -+ -+=head1 NOTES -+ -+A context for SSHKDF can be obtained by calling: -+ -+ EVP_KDF_CTX *kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF); -+ -+The output length of the SSHKDF derivation is specified via the C -+parameter to the L function. -+Since the SSHKDF output length is variable, calling L -+to obtain the requisite length is not meaningful. The caller must -+allocate a buffer of the desired length, and pass that buffer to the -+L function along with the desired length. -+ -+=head1 EXAMPLE -+ -+This example derives an 8 byte IV using SHA-256 with a 1K "key" and appropriate -+"xcghash" and "session_id" values: -+ -+ EVP_KDF_CTX *kctx; -+ unsigned char key[1024] = "01234..."; -+ unsigned char xcghash[32] = "012345..."; -+ unsigned char session_id[32] = "012345..."; -+ unsigned char out[8]; -+ size_t outlen = sizeof(out); -+ kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF); -+ -+ if (EVP_KDF_CTX_set_md(kctx, EVP_sha256()) <= 0) -+ /* Error */ -+ if (EVP_KDF_CTX_set1_key(kctx, key, 1024) <= 0) -+ /* Error */ -+ if (EVP_KDF_CTX_set1_sshkdf_xcghash(kctx, xcghash, 32) <= 0) -+ /* Error */ -+ if (EVP_KDF_CTX_set1_sshkdf_session_id(kctx, session_id, 32) <= 0) -+ /* Error */ -+ if (EVP_KDF_CTX_set_sshkdf_type(kctx, -+ EVP_KDF_SSHKDF_TYPE_ININITAL_IV_CLI_TO_SRV) <= 0) -+ /* Error */ -+ if (EVP_KDF_derive(kctx, out, &outlen) <= 0) -+ /* Error */ -+ -+ -+=head1 CONFORMING TO -+ -+RFC 4253 -+ -+=head1 SEE ALSO -+ -+L, -+L, -+L, -+L, -+L, -+L, -+L -+ -+=head1 COPYRIGHT -+ -+Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. -+ -+Licensed under the OpenSSL license (the "License"). You may not use -+this file except in compliance with the License. You can obtain a copy -+in the file LICENSE in the source distribution or at -+L. -+ -+=cut -+ -diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h -index 16caed5273..362ab14cff 100644 ---- a/include/openssl/kdf.h -+++ b/include/openssl/kdf.h -@@ -20,6 +20,7 @@ extern "C" { - # define EVP_KDF_SCRYPT NID_id_scrypt - # define EVP_KDF_TLS1_PRF NID_tls1_prf - # define EVP_KDF_HKDF NID_hkdf -+# define EVP_KDF_SSHKDF NID_sshkdf - - EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); - void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); -@@ -47,11 +48,20 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); - # define EVP_KDF_CTRL_SET_SCRYPT_N 0x0d /* uint64_t */ - # define EVP_KDF_CTRL_SET_SCRYPT_R 0x0e /* uint32_t */ - # define EVP_KDF_CTRL_SET_SCRYPT_P 0x0f /* uint32_t */ -+# define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x10 /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x11 /* unsigned char *, size_t */ -+# define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x12 /* int */ - - # define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 - # define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 - # define EVP_KDF_HKDF_MODE_EXPAND_ONLY 2 - -+#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV 65 -+#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI 66 -+#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV 67 -+#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI 68 -+#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV 69 -+#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI 70 - - /**** The legacy PKEY-based KDF API follows. ****/ - -diff --git a/include/openssl/kdferr.h b/include/openssl/kdferr.h -index 0191f2b21d..ff13ccb649 100644 ---- a/include/openssl/kdferr.h -+++ b/include/openssl/kdferr.h -@@ -32,6 +32,10 @@ int ERR_load_KDF_strings(void); - # define KDF_F_KDF_SCRYPT_CTRL_UINT64 122 - # define KDF_F_KDF_SCRYPT_DERIVE 123 - # define KDF_F_KDF_SCRYPT_NEW 124 -+# define KDF_F_KDF_SSHKDF_CTRL 130 -+# define KDF_F_KDF_SSHKDF_CTRL_STR 131 -+# define KDF_F_KDF_SSHKDF_DERIVE 132 -+# define KDF_F_KDF_SSHKDF_NEW 133 - # define KDF_F_KDF_TLS1_PRF_CTRL_STR 125 - # define KDF_F_KDF_TLS1_PRF_DERIVE 126 - # define KDF_F_KDF_TLS1_PRF_NEW 127 -@@ -62,6 +66,9 @@ int ERR_load_KDF_strings(void); - # define KDF_R_MISSING_SALT 111 - # define KDF_R_MISSING_SECRET 107 - # define KDF_R_MISSING_SEED 106 -+# define KDF_R_MISSING_SESSION_ID 113 -+# define KDF_R_MISSING_TYPE 114 -+# define KDF_R_MISSING_XCGHASH 115 - # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 - # define KDF_R_VALUE_ERROR 108 - # define KDF_R_VALUE_MISSING 102 -diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h -index 31fad4640f..baf2bd8db4 100644 ---- a/include/openssl/obj_mac.h -+++ b/include/openssl/obj_mac.h -@@ -4970,6 +4970,10 @@ - #define LN_hkdf "hkdf" - #define NID_hkdf 1036 - -+#define SN_sshkdf "SSHKDF" -+#define LN_sshkdf "sshkdf" -+#define NID_sshkdf 1203 -+ - #define SN_id_pkinit "id-pkinit" - #define NID_id_pkinit 1031 - #define OBJ_id_pkinit 1L,3L,6L,1L,5L,2L,3L -diff --git a/test/recipes/30-test_evp_data/evpkdf.txt b/test/recipes/30-test_evp_data/evpkdf.txt -index 285c4311a6..7f2dcd2291 100644 ---- a/test/recipes/30-test_evp_data/evpkdf.txt -+++ b/test/recipes/30-test_evp_data/evpkdf.txt -@@ -433,3 +433,4856 @@ Ctrl.iter = iter:1 - Ctrl.digest = digest:sha512 - Output = 00ef42cdbfc98d29db20976608e455567fdddf14 - -+Title = SSHKDF tests (from NIST CAVS 14.1 test vectors) -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:A -+Output = e2f627c0b43f1ac1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:B -+Output = 58471445f342b181 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:C -+Output = 1ca9d310f86d51f6cb8e7007cb2b220d55c5281ce680b533 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:D -+Output = 2c60df8603d34cc1dbb03c11f725a44b44008851c73d6844 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:E -+Output = 472eb8a26166ae6aa8e06868e45c3b26e6eeed06 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:F -+Output = e3e2fdb9d7bc21165a3dbe47e1eceb7764390bab -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 -+Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 -+Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a -+Ctrl.type = type:A -+Output = 55a1015757de84cb -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 -+Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 -+Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a -+Ctrl.type = type:B -+Output = 7e57f61d5735f4fb -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 -+Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 -+Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a -+Ctrl.type = type:C -+Output = dd1c24bde1af845e82207541e3e173aec822fb904a94ae3c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 -+Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 -+Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a -+Ctrl.type = type:D -+Output = cbbfdc9442af6db7f8c4dcaa4b0b5d0163e0e204476aa2a0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 -+Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 -+Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a -+Ctrl.type = type:E -+Output = e153e04886c0dc446dde9a9b3b13efb77151764d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100ec6f2c5f0517fd92f730567bd783138302917c277552b1b3fdf2b67d6edb6fa81bd17f7ebbe339b54b171341e6522b91611f8274cc88652a458f8041261040818a268497e949e12f57271318b2b3194c29760cbb767c0fc8833b272994e18682da807e6c9f235d88ef89c203c6f756d25cc2bea199b02c955b8b40cbc04f9208 -+Ctrl.hexxcghash = hexxcghash:ee40eef61bea3da8c2b1cec40fc4cdac892a2626 -+Ctrl.hexsession_id = hexsession_id:ca9aad244e24797fd348d1250387c8aa45a0110a -+Ctrl.type = type:F -+Output = c8e4f61bd6b5abb2c6e06eca7b302349435e4842 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 -+Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 -+Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd -+Ctrl.type = type:A -+Output = 054eaf5d7dea31e7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 -+Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 -+Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd -+Ctrl.type = type:B -+Output = 6ce586c127da010f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 -+Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 -+Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd -+Ctrl.type = type:C -+Output = 7907bf3d7c58ce72714b2adb1a14f156194b14378a4a7c49 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 -+Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 -+Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd -+Ctrl.type = type:D -+Output = c34757dc104e7b811f6550bbc3888e1d4297578fd88b2ca5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 -+Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 -+Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd -+Ctrl.type = type:E -+Output = e463e05ef70e61f994ee3cd20d504cb6eddb9b1a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100a3beebff410a7cdc0ac56dad0152a7f6da6b1d4195285ce96f8b59930d8c3ccbc518bc043eb60362388ea87c20db3b490b490ba9b90f086004ba3e389cb3a715d477c2b1e480e3419c36cd83e237e241462ee79758f4ff5bf7a5e1eae58a6834778a658c60b2e157d36b16371f97660ad4abfd4a2703dba7cab055be4c778b62 -+Ctrl.hexxcghash = hexxcghash:b81915a9656128d2add5e5741914d765226f93e2 -+Ctrl.hexsession_id = hexsession_id:2872e0c92fc3074d4f40e408a2ebd83e2fc7bccd -+Ctrl.type = type:F -+Output = 676cf1dfc887e122353eead2b1e644f9d9def944 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 -+Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 -+Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 -+Ctrl.type = type:A -+Output = bc4b5164911bc87b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 -+Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 -+Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 -+Ctrl.type = type:B -+Output = d791c5986b27257e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 -+Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 -+Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 -+Ctrl.type = type:C -+Output = de8e99bb3f60ccf0583712528aa3dd0418fdb90d0a588012 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 -+Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 -+Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 -+Ctrl.type = type:D -+Output = f37f75a685f1eaf4fd270b946d84734e96aa3b4ed130afc6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 -+Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 -+Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 -+Ctrl.type = type:E -+Output = 658f04b0f59aab071b9e11ec9ff187ee10e80254 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008017357de60344a125ca41d9ea51eb304a571d7f0aa37a5e36d4b7a5473546f7226583cefe7c06f6f94b97da0da2517190fa02a0337a3bc9ddfeeb68b953613d4d5e473783f137a82246b8260fb3451363adda1813acdf6b10861e022e23a00db9b5a893fcefd6b647f6a73904aa9c3b53e5d879d7e84f052dfabe15a27c1f3aa9 -+Ctrl.hexxcghash = hexxcghash:28fcf3bc600f6bb0b9594b01283d085e149b2586 -+Ctrl.hexsession_id = hexsession_id:4d6b90988de45dfd08e8167504a6253a8552c200 -+Ctrl.type = type:F -+Output = b030809222ff7a12b0df35072d67f314ab1d5eda -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff -+Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 -+Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d -+Ctrl.type = type:A -+Output = 7a74ec799ef16865 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff -+Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 -+Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d -+Ctrl.type = type:B -+Output = 6e544fc6db0ca1ba -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff -+Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 -+Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d -+Ctrl.type = type:C -+Output = 658226b1b10b2033fa88838b619572b18e81e80c76507918 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff -+Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 -+Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d -+Ctrl.type = type:D -+Output = 327298c8660685efcb01c5c0df49faebb15c0e93b0f6c65d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff -+Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 -+Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d -+Ctrl.type = type:E -+Output = 6b618a10aeaa12c9a8d2bcb10e975605582c00e5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000000803c3ce2b19e0cadf8ad02438c695efcd3018c833657318bfaef7b9c278cd7e8d7b3a2249f9d586832c3dee727ada167056ff1febc9210186ba47cc1dfaaf08101fb89742ebf4f3e291a20c94a7a6f7877799151d177e163ce3e57ef863c0cda0311265fbac157879150a715e309392b3e521dcf03224717ff5e0030e480f20dff -+Ctrl.hexxcghash = hexxcghash:46a674c532460a80cdc5c6da9a8c3bdf4f3ff614 -+Ctrl.hexsession_id = hexsession_id:aedeb64df7119db53202e959dc84be3e5285512d -+Ctrl.type = type:F -+Output = 6d4ce50da9de90d6f746e812a2e74bcd921f5612 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 -+Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f -+Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a -+Ctrl.type = type:A -+Output = b655839abcb1a7b8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 -+Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f -+Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a -+Ctrl.type = type:B -+Output = 98f9ec980831a8bc -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 -+Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f -+Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a -+Ctrl.type = type:C -+Output = 31a63b64cfa8b6a12ba165096dad8d127cd3f3b67698b670 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 -+Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f -+Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a -+Ctrl.type = type:D -+Output = 8bd79633967b92f0039a38a2d421e12840ea5c31b43c4e90 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 -+Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f -+Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a -+Ctrl.type = type:E -+Output = 37eccade73b422d1108e390eaa28c646b554a721 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008075957f464f5a7985e1a3ffb7d5814ff9ceb8fb1584a3f5cc454c37139e9b880940442cce2aef94d9d0462c4dc313ed7a8cc3f9a58c38a98ef0236e3cc78fb63b6f82e9c503097b7a08ef2261dda68c7bfe9f83ac790d1f9ff57605d24f4bdfedde23cc5aabba248bc91d3fe1d4394485bc4421730a297694c09bdf024ac2eac3 -+Ctrl.hexxcghash = hexxcghash:0a70b4f26b1985d48ece540f1de6304fdb38212f -+Ctrl.hexsession_id = hexsession_id:2f0ce0e2da2e2bf11eae2ab98e9734412d47a19a -+Ctrl.type = type:F -+Output = 013a20fc8f53ef08aae0a836b9410153a877983a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef -+Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 -+Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 -+Ctrl.type = type:A -+Output = 12f6c3ac60d6ee3b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef -+Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 -+Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 -+Ctrl.type = type:B -+Output = 536d106e00aec6fd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef -+Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 -+Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 -+Ctrl.type = type:C -+Output = 26b8ec66854d0f0aa98f6888be628ebc75900c3738d47894 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef -+Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 -+Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 -+Ctrl.type = type:D -+Output = d5d3b3817214eeb3bf292dffc77daeab062ac7fcd2e3a2bd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef -+Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 -+Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 -+Ctrl.type = type:E -+Output = 014613aef22194307bc0678f6edd1ccff240adfa -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100c050aa3d848750af69d1c04d6cb0a1ef8a4f25be4b16c927ff7313e83680b1b7a92b6100fa773cea9958fc7efb1a475fc71eda8be8efc92ad198a34d6ae017f12b76f39c82b741994b0d42ada1807fa7803876d21d93b129d75dc9aba4811ef51925e49e4bf4f5313e8fee0625d8727da8bcb15eb15da2d237082fc5499621ef -+Ctrl.hexxcghash = hexxcghash:5ea2568ee7ddcdb3260dfdf54e15e4d494ca9023 -+Ctrl.hexsession_id = hexsession_id:bc8988ac5f9058ee76536472b1706c5c338bd114 -+Ctrl.type = type:F -+Output = 5057b4cc2c300f7546d358a75daf58233b71da1a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 -+Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 -+Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 -+Ctrl.type = type:A -+Output = d160f91f36027ff9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 -+Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 -+Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 -+Ctrl.type = type:B -+Output = 0d02ec310663bbcc -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 -+Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 -+Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 -+Ctrl.type = type:C -+Output = 03b66f451ad93a01914dd3372d980bea3de94993e176ea01 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 -+Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 -+Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 -+Ctrl.type = type:D -+Output = c2db767cbbdf2f839eb2f37ada87a041d220b9f58842d0db -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 -+Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 -+Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 -+Ctrl.type = type:E -+Output = 0b2944c26dcf4cc877cdc55c4e9b1b8155e3874b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100f00388418be28ae3235c5b640d000df44f6e65782cad783726a507e2c645a056307f1ab7b4cd24d38640118105d7415c2ecea77e33e7b8a9dc9d205e3fdfb718769754213c0782ee18c7db1408e780369bccfb8233581cda4fbb133b3c41d0a7afa6996f31f8dd36fa3dd82efb23dcaa1ec5e37caae3af639123190fe7795983 -+Ctrl.hexxcghash = hexxcghash:fc48c85ac48ee97be3ce45c10807a666e8e9b639 -+Ctrl.hexsession_id = hexsession_id:d36e8c070b97795dfb10a3c2e41e4d0d70382606 -+Ctrl.type = type:F -+Output = f7977d574c7d9e4f34ecd6b405c765963f0dfe57 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 -+Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 -+Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 -+Ctrl.type = type:A -+Output = e4387818ab7f4fa6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 -+Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 -+Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 -+Ctrl.type = type:B -+Output = 1daabebcc8a064df -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 -+Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 -+Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 -+Ctrl.type = type:C -+Output = 9fffad3aec53cd719c1d500850c2f38d8eea04606f78b402 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 -+Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 -+Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 -+Ctrl.type = type:D -+Output = 6b196bce2aa2bd912ffd67a94fc42dec1051376f73ec3ce2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 -+Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 -+Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 -+Ctrl.type = type:E -+Output = beab583906e6bed005558c102a5b5fd6ee71485f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:00000081009dc61278a79fdb00ee937c0418668ac0176fdfd0297ebc86ee391e3e8db147f01d782650f1e30391d3c1fe62425842119fe41b76243ed47f6c30370dd1cc1b10e3bdac2730287b0e5901e487563d700d56078ed88d20c300250a3da5f2128db56230d90bb99e90aca80da446d8dddac49e2f2db1b37f9e1b65834adf8fdbcd31 -+Ctrl.hexxcghash = hexxcghash:3c63a552ac5313d219ec30f1e926e2c52e992929 -+Ctrl.hexsession_id = hexsession_id:a17e0e9cc2741d861f4c7195c29c75e4c38e9ba0 -+Ctrl.type = type:F -+Output = 105140594b5b9061de7ff2afac09bce81b75d6c6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d -+Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 -+Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c -+Ctrl.type = type:A -+Output = ef982c8fd0fd464f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d -+Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 -+Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c -+Ctrl.type = type:B -+Output = 845ad3ba4d359326 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d -+Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 -+Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c -+Ctrl.type = type:C -+Output = d9e516001b6b1a17268e507fa6e13f6bc9c3ded0020ef841 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d -+Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 -+Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c -+Ctrl.type = type:D -+Output = d57d2f3c25b536442d8c7f36d62778d06fb6e7d4b5c7ab76 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d -+Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 -+Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c -+Ctrl.type = type:E -+Output = f0b75425b271eb82645b1f1424b2a838dbcf6f98 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008100df75bb7ce0b66431ca073a5768dbc6930b024b8d6804a5ef9f3f3c9341b8c8b7216eaf26536ac671ab360eff568502e596adbf41b795d329d136ebe44c60ff4ffd58ed99b40a228cab6c8ed9733702e75f7750e58f04cbb78402eec2877205a0ba3f48318543489dc4885dcdc51c4658acbc28f9a82c563ac20b582cff8c432d -+Ctrl.hexxcghash = hexxcghash:c08ddd40832cc96fe373b67a4850b86848e48f70 -+Ctrl.hexsession_id = hexsession_id:477c8d32e73a475707e0085cf235d605ed564a1c -+Ctrl.type = type:F -+Output = cdf59b2327588ffd18becfc0e5bb526014101401 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 -+Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.type = type:A -+Output = 79c9195e683ae10750960cb55c4d4c0b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 -+Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.type = type:B -+Output = ef00b448ab9fd6523bb5143a0a818750 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 -+Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.type = type:C -+Output = 51c8b4aaf5e42443be0aa3c50aa7e1dd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 -+Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.type = type:D -+Output = 4153a587397fb14dc3faad028fdb7ecc -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 -+Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.type = type:E -+Output = d23e36347052a1cfb4a7789df48627e8a31345c7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001010085a60bcca88b096c418e825f3de4fd8920ecce617afadda2ca8001e8eba07e58e60e70a9a05b8ddc29d5636d33c407d5f23952b65326e113f28d89bc6ba3a4c3b71ae239d6d1bd295466682d1c675bdb88a3259f474fe54a0f4004ddc46b442451654e1e66d0c93d7b310f28a8db7b95eee7abc61e71dee322b4e732baf9ec7ce189b889d536da1a55a2cc29e1666aa9c0e702f4412206bd207302fe84043c664394bde0e0a47d0a7a947c95997e1dbaeecd2efae12cacef8eab2f6b2478dedcebb3264827cf226e13f8082931db410fbc03352e7dde82fd1f58caab3115aa065ac6e2a1c7b1c1b2d5fa3447bf9839d76cfa5822b097bff9106f37eba1250145 -+Ctrl.hexxcghash = hexxcghash:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.hexsession_id = hexsession_id:dde6f8e070ef32a27ff04ad1045c65b2dfa33e03 -+Ctrl.type = type:F -+Output = c1286e92655912d923154c460702a31424bd6b01 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 -+Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e -+Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 -+Ctrl.type = type:A -+Output = 739ad52e454ba3457735b7c5304c6578 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 -+Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e -+Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 -+Ctrl.type = type:B -+Output = 3bd9f9d9f06aa521d2f53e40fc5d9f90 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 -+Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e -+Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 -+Ctrl.type = type:C -+Output = 335cd2813bebd3d5e1dda4c1e14c23de -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 -+Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e -+Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 -+Ctrl.type = type:D -+Output = fd25c5ae649645d8c0cfff0d4d8e7a47 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 -+Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e -+Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 -+Ctrl.type = type:E -+Output = 90e89773d04623553d4d298e6aa75781d8a6544b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100c0724e077d7237441eb79039debaa851c0bf411e69cd5314f3c72aa45760c9969985b34291fb64bf964b719d2b989e40a0e9fbccdb23536a78f1b55ebbda809f862e8ec3561c15c4288595546e09789cbc2491050073222397957c9090b7f8f96e3fefbc5f438c72ca8bb48f6337e208ee9b3f630a8c5b40b9fafca8e55be0a0cf4046884a0a049b4557da4ddb7a344226f4707c706e96467b1568ad4d10363aa9eb04b91efbada0c1c292475ce9893a27d4a1deb4a262d980141e63756adf3d5fbcf6ebde919cfd44052984704af6ba360e190fecfc730a5e470785d3061ee5f495cd697af97f90bbc11f2e4e41e57ce25f34b9c4ec9f3c051d964ad0c036b4 -+Ctrl.hexxcghash = hexxcghash:5ae93beda675546c8a783974925aca9b365a6d8e -+Ctrl.hexsession_id = hexsession_id:bb0bfeb33b78474b2d53232b3122506992c0cae4 -+Ctrl.type = type:F -+Output = 86a3f05a5f844b23d787cccbda37a3d773a4d049 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde -+Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 -+Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e -+Ctrl.type = type:A -+Output = d2d06d589e6e696556e3d44d7d05decb -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde -+Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 -+Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e -+Ctrl.type = type:B -+Output = 14e3a886b715206e837b70fe7c02b941 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde -+Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 -+Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e -+Ctrl.type = type:C -+Output = 98625cf9741819273a0d6852ca7ab592 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde -+Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 -+Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e -+Ctrl.type = type:D -+Output = a7b273f04d537856015e06075c94c398 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde -+Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 -+Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e -+Ctrl.type = type:E -+Output = 3e1afa980d05ec30e9a55331ac301c10305999e2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001004c48728c828a34a5ff90188cd749d5ccf849d8f96d78072bc8c3a766e4be2c4bfdb8d0310225f05b0373fa582b5a9e78b6a05d958a7b82d944d00697a1ef2119e7545bdf2c6dc2e8cb2215ff58a0163c116b0b326caa50e6384e4e4ab424bfada5d15af1d22f34dc5f8bfd5c823c4b9253fe858a9d7f17bf0be17951bce751b8c2f0b3be25bad6054b39fb2d687d4e69c07d79f4952e65315b1f712cee11707a4984f29df9aac7a7274772f60a2f207ec6a35e1478aa9ae8045dc53417b220bf60124d988e376bf18414400bbe2ac4654716fd26b3a90ae53215ff906364ef82a08686a1977126c64d6d3f381e8477d55f8e79a0e0719089e073fffdbf828cde -+Ctrl.hexxcghash = hexxcghash:edeac369fd19f7dd1e8e48d0c69f9df5fe5475b4 -+Ctrl.hexsession_id = hexsession_id:30d9cd8d63a203aeff4a99d8c299676f21a2c74e -+Ctrl.type = type:F -+Output = b993c4254669c7a51ed713ddaf7174fd5296fe57 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 -+Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 -+Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d -+Ctrl.type = type:A -+Output = d9c0ed6b7fbf066d4f3cff7d2585ef5b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 -+Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 -+Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d -+Ctrl.type = type:B -+Output = da13833aa2c086e5d76595132f4e5fc6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 -+Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 -+Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d -+Ctrl.type = type:C -+Output = 9e27400587b646397a7655be0e5763ec -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 -+Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 -+Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d -+Ctrl.type = type:D -+Output = 91b95d5cce7f2aec14776f49f652a305 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 -+Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 -+Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d -+Ctrl.type = type:E -+Output = a97dc9a99e37c983a4922cd2ecdfa394b71141ce -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010100f6fa934f303a9db720352fca5a6bae671857d44053d61132a6d36d76cee686fd31ea796407306ad3cb500f99b8881641ce304217910179ca03d3638c89419127542d2f6eea999c637070a3a2e2d17419fd2d53a23dc0bbad1333089a64c232c4328ca5d6db233777a93932407741a9fe4c8efd13e9f2f411368fd2035d05175f8710b79a77bd4749df3027eef44f1d050fd01458cd1c6d1fe67d774f4e056533305ad39ecf5a6e4898186b8b66e95c9546081c7df6df7a433887bb0333d0fb16418bb2d399b2be0b02978e5bbc97b57e67e88aa073ba3280a386209029bdc3d8f448eb18e29c87811142629827c54aa19d150b6eb6fb7a33d746b11d27d9d474 -+Ctrl.hexxcghash = hexxcghash:6dffed964fd4044cb99b5f8770abef82d02c1cd1 -+Ctrl.hexsession_id = hexsession_id:d98f1e884633c4632568e1dd0a54e4c8508c279d -+Ctrl.type = type:F -+Output = 173d846f9790c742ca86af4bff5f965c6088a05b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 -+Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 -+Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a -+Ctrl.type = type:A -+Output = 6fa496847cda7367cb32b8be9aae3f85 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 -+Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 -+Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a -+Ctrl.type = type:B -+Output = 702ac8636520b7c6169ddc660781de9f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 -+Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 -+Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a -+Ctrl.type = type:C -+Output = 6ffd703180af7c2207d5fa9e467272e3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 -+Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 -+Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a -+Ctrl.type = type:D -+Output = 7ae5281e377f230dcc9854cf995f663d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 -+Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 -+Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a -+Ctrl.type = type:E -+Output = fbcb152df7a3f12a8f174f9ca31bb31b124ae3c2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001000a341cb148554046ac79686473c7e924486ae79c9dd1878a647687d3562cc81e5379c20df44edd6bfa8b9a26cdc06c6eb5f02272f90992ef58c65fe3e98725e9434a8512aef4c2093d27c57a1aee5f5b6861025001d20b5bc8666c4930107f563035bca6ddc91ff9d15ebb56d2628146d3baa3c6f81dc73602518c2aef4906e08b2ffa67e4528d92b1b3bcbd3a9e421d86413bb355574bb68f94bf75221918ca4f6624445b0afa0c26e270788490cbab1abd41a42200ab9e76a2f8b8ffbe0c5ef7a230b5bf7018cfd170ccd009058092d2446ebe73c5f0bf2d9ceca311502af621880eb18e46edc7832765c00e2599fbb82402b039eb5c5ae376690a717c0344 -+Ctrl.hexxcghash = hexxcghash:4cee9b1867e94911e8f9fbd9ec3375d25c955f97 -+Ctrl.hexsession_id = hexsession_id:2aefdaa6f14ac3ec200a951fd74433cddc01193a -+Ctrl.type = type:F -+Output = 3f0c57fbccfb7306cff23bdaf69d70a8a394b34b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f -+Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b -+Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc -+Ctrl.type = type:A -+Output = 7e37ea52156fad1903709e1d3229721f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f -+Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b -+Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc -+Ctrl.type = type:B -+Output = c15569583de413e08293bf1689a9afe8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f -+Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b -+Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc -+Ctrl.type = type:C -+Output = 0c85227539f5e328c64172280759d9bf -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f -+Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b -+Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc -+Ctrl.type = type:D -+Output = 3dbc42d9e7128e861b87781546cedc8e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f -+Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b -+Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc -+Ctrl.type = type:E -+Output = 1ec0d15e38ea1b48da963837dbf30cef855a92c7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010011afb59055b4e8e0840d76a2d28a3ec1cf3fe7e436b585eab29cc3149e1fa610d979fcc1483a0ea2b426f8e25bc87bae94bdcbeaa80501a3c554d996f1656ac9be75ecefa46273b3ab8a66468cb4a16b3630cbc41df49ebe3917b5afba24d669264e11689f1a401abc557a0c4cf22ad9323056642c2bf7fea0907ba2274b7666dd144e66e1f39371a14ccafa030bad4c6e04f7b22f1e14f9a37ad6aaa3642f66068863a74ed4a07e87494f0ace772b682845fb27efd7f1a99f09b419f43d8443302534e4c59c0d3c59736e47375ff6e96c167247c5196a7c8849adb527e9ccbfae797ea311181978197f924dcf0db7367f84baa27db6e554ba6b764550d2834f -+Ctrl.hexxcghash = hexxcghash:7ced7b72644be681615e503ecafe0c8f7124c85b -+Ctrl.hexsession_id = hexsession_id:95d4ca5b0107d3d9f94ef857d7a64f685d3fecdc -+Ctrl.type = type:F -+Output = eea8ea042a079fcf8416a8b244fafab35adeca8a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 -+Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 -+Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a -+Ctrl.type = type:A -+Output = f2faef6e274814ed7ca544484ac21a3a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 -+Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 -+Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a -+Ctrl.type = type:B -+Output = 3ca9bc0f3c65c257fa160a4d1c5e3520 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 -+Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 -+Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a -+Ctrl.type = type:C -+Output = fcdf0545b51aca6515bccf6ed0ecb582 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 -+Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 -+Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a -+Ctrl.type = type:D -+Output = 86ea895a310c3bbd1aac209b2362d58a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 -+Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 -+Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a -+Ctrl.type = type:E -+Output = 12a4f2b749e2bf88c1f8437e5ff61de761fd48b3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001002f14b1acdf871bec4ea5720a3e921cf16a796559b2a094a0d1e45021dcabff152a0e3dca4115239454dc407a6474c8fcd395273a6487c6736710610aeb607707b7ef87203a081646af53ba037f29316a3dec4ce80ec04775b8697db46f7e4f4b38d69de832a25cf0a5484c9b36a48950d50dfe77ac5da63a1c2314ffa8cb68f0c201bbfb7a1a89837b9f57465d14635bda2abf601a06bbd8f70af0169c39209dcda9fb1416a9eadb5ea4deb358566190a62a44d6765d9a25b5157ed5e0f5317f0ed3f6eacebe07ba214e2ef9f654dbc2fa3dc2f227124a3f56a40905c9c86cd64b0ed80c4299d86f59d5f06b9c026a28feea5c5fafbe7ba90283de867dd55858 -+Ctrl.hexxcghash = hexxcghash:5fb6dff3272cb949856a57f2645a56d957dc4606 -+Ctrl.hexsession_id = hexsession_id:5160cab836d899193077dc67485ef41669ec5d8a -+Ctrl.type = type:F -+Output = a3a9276a120db379ec780e434879a54935db954d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e -+Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 -+Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 -+Ctrl.type = type:A -+Output = e53f2f61d8919e097cb99627fe668385 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e -+Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 -+Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 -+Ctrl.type = type:B -+Output = cea80fd8dc06654ed80b0ec150835537 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e -+Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 -+Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 -+Ctrl.type = type:C -+Output = d5ba475e737bed349b8931ba38d426e9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e -+Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 -+Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 -+Ctrl.type = type:D -+Output = f3ea92b4f365ab2fb8403ad8ecd2d17c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e -+Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 -+Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 -+Ctrl.type = type:E -+Output = 41fa718884738fd6fd9ee9fd5af05f0de9400952 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010060cc18ebbeb9b25cb16a58bfa47644110ceab67f274daf67157e923b70f775a4168bb7911d0e53075044366e503fbffcf3fcf9249e551d69211715b681ba3a28dd133dbada24dcf80d2bf67a1d6c0477f108f8763b30fe28c6d0b54e59e7e580692453d05a30d38e134d6117ca999ace80a57d088228b2a9f001e57d3a8b1cdffe55fda194f01189ec2bb0d99fc8570a9d822a94dddb22f4ba3c88f2ee1045dafa2d106e5c2c09519e47ad9eaf2301569c9258a2deda9d3ea5b0c73f00d8d12579e5931d5253220d60eeb12fcefc98bc8f390e52b3b407280a31283628963c1131b6fd584be948c3fb4d316fa4a1b135513a174cafb0d394bb4afbee6cbe796e -+Ctrl.hexxcghash = hexxcghash:501c76e6b5791e343fb6e7597e890c7dea7f04e5 -+Ctrl.hexsession_id = hexsession_id:68e1f225f2e63df7bedbab15112b3670f03eed56 -+Ctrl.type = type:F -+Output = 91395bbd90abb140d0984ed5e77836590bf44695 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 -+Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a -+Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c -+Ctrl.type = type:A -+Output = 04d3c0a3f5e33ae373c637ef45897779 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 -+Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a -+Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c -+Ctrl.type = type:B -+Output = c5a45bfbf6d7c14c5d3a953b4848e433 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 -+Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a -+Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c -+Ctrl.type = type:C -+Output = 3a16d0da2f785e2c325b45109778910a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 -+Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a -+Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c -+Ctrl.type = type:D -+Output = 902b38dd6c759945e671c1de7d99e918 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 -+Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a -+Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c -+Ctrl.type = type:E -+Output = b573244de3127f6aa5457e792219dc89defaaecd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000010072a106d13e5148877457b7a8c853cfabd151d1b1acde6d776b7affc23c653a3b1c893398c7d83e039fbea9dc739dc14f3a9348af154f840d2f88e3c1982758adeaeb78cff050046d26a9a13391099eea03e9fb853e95c117edaac5b36736e63cb5ad72b346cf1fb342169f5e538591988daec82e0e9a2f4a57db22df8af92424f63111d87991345fd4458abab42cdbfcb84abb222701575a50274a7c6cc38355740cc04bfaff33467c816a70242142fd5467b1713eeec1e0d0f2fcfaf66602dcc31c4105d928a7185ebf53a6e792f419f57573e6dc6d1221e6907f6ad958d2a0c8fe096ce43e403316ae92f93acd1cac7878c9011bc71eff81d4353d7b0c13b1 -+Ctrl.hexxcghash = hexxcghash:9acf1f808aeac5b11460192c8f191491b62fc66a -+Ctrl.hexsession_id = hexsession_id:4c662e4dc764cbcb1b3eed4de4375f85c8b2f56c -+Ctrl.type = type:F -+Output = 6cd221005dd1f0de4f472f48d15e61dcc2e91e99 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 -+Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 -+Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b -+Ctrl.type = type:A -+Output = 5f9deaf2ee4f05af0a8a813ef6bb9549 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 -+Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 -+Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b -+Ctrl.type = type:B -+Output = a2ea4b795f9c9de1d786d0c771df2b84 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 -+Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 -+Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b -+Ctrl.type = type:C -+Output = 13f828f8f1e5532a04f138681bc8259d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 -+Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 -+Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b -+Ctrl.type = type:D -+Output = 7231ce5fd725391e058cd78815f44625 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 -+Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 -+Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b -+Ctrl.type = type:E -+Output = 937b7e16ed0b2324203cdae904fc55cbe25067a1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:000001003644f9ee24c3ec2e2fe16cdece326cdf5c1309e931bc41f245d3b76f2bdbef0bae58e850e10dcbd0d18356b4f98957a3b95f64c85d1af12ab01fe967e52a632761074f27406a29618192f1cbebae2c25e42f6e9fc00a737e4c92398403ab946a6c33e675e529b5c7364f36d64f07ff65889866dee99293bd5bb5f6454a77bbe0cbfd746d54e5bc948c617c5a1d5d3d2b65fa6a86c5f42c5e01f92a8e97a96f848e50ecb1b495a0e87323b44f5b9dd25ab34a94c077b7490657d1d8f9a9acef2785de82b02ef9fb670faf841ae9b479d2d538ae8e38eaf6e74b884c18c9dafc19b6c9728ff3411537555b3b3b69f6f039958ffb0790e58b09bd8c63819ee50ea5 -+Ctrl.hexxcghash = hexxcghash:4d31fdb68c8f42f38cae260bf6402e47de93aac7 -+Ctrl.hexsession_id = hexsession_id:47caa2c09bb4dc9d6aeb697a76046bdf1fcd879b -+Ctrl.type = type:F -+Output = d7536b911dc79d5953455ba6e15cb5fec7c14025 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 -+Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.type = type:A -+Output = 9fff6c6a6d1f5c31 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 -+Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.type = type:B -+Output = 8e0ae78c64d2fe2a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 -+Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.type = type:C -+Output = 9044f963ffb56b94556a38aac5398a7072ffba60258500be -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 -+Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.type = type:D -+Output = a861a317ea42b050901aff367b5a1d0abd5c497c77311ba2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 -+Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.type = type:E -+Output = 43225d64b6da6f070925ad1c8b7ac88893f9a7cba0dfc55ddea42eec -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008de60df019c23966d215d9b8490ac493dfae59b99dbefdad81d2c9e761205c93a696dbd9e538cc57cd3e24c2798d2c56561d6803e8ee24e112babef84ad5a2c571c572339f2b38f1345164314f8f4714047f0c66650f10051044f8dcd256bfe8171302a81ce13f47f7375db80a6bbf8ce7d8f96e03fc6275fd5dacfbdd166792 -+Ctrl.hexxcghash = hexxcghash:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.hexsession_id = hexsession_id:e69fbbee90f0cb7c57996c6f3f9ec4c7de9f0c43b7c993ec3ec1d4ca -+Ctrl.type = type:F -+Output = eb31db29bbafca2773f815fa478d927943288588e371ae9ba0414d98 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f -+Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d -+Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 -+Ctrl.type = type:A -+Output = bf2d6e03ba930c71 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f -+Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d -+Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 -+Ctrl.type = type:B -+Output = ff14fadc19a0bd8a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f -+Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d -+Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 -+Ctrl.type = type:C -+Output = 34a70734eaebeb8608cbb91098fa13326f37ccc5d408584d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f -+Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d -+Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 -+Ctrl.type = type:D -+Output = f993da8f2e840b836c8980fa2d780a1b4eeef77046988eed -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f -+Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d -+Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 -+Ctrl.type = type:E -+Output = a274441c86dd146cfab25d87344bd5a880d374d300aa8e1fe4919378 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100a03d807fef48a50d8a04d9b6721979c5904412c3bcfe69ebd4c2554debe82a695a66fb9d844c6ef3aa4b745c2a4c8dbc4ba26742e0d1159ded83edca0bec61c7303e81f9d7f3169b7c97573b9184ec3c5286d9646e96595f064d61013431628f5c57bcb1bf79bcd1b0177ab4520c1a1a9b34b5067d9f465c9b03154d57f1b42f -+Ctrl.hexxcghash = hexxcghash:03af4bd15a37aa7816d826332dcd9daa1537770fd0bcafbafe30033d -+Ctrl.hexsession_id = hexsession_id:36084ca3dc535b37d533d034d891fabc20e3b0270bb8c008066bfac8 -+Ctrl.type = type:F -+Output = 7774dc48324cca24901bedc37224cb291d6202fb6b5e1d9315a9bd10 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e -+Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 -+Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b -+Ctrl.type = type:A -+Output = 75bc82b271311f53 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e -+Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 -+Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b -+Ctrl.type = type:B -+Output = 602d69e77b8c30b3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e -+Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 -+Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b -+Ctrl.type = type:C -+Output = e0c8856a26b2f4804e98809d5b81cdb360b43884a33d4fef -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e -+Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 -+Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b -+Ctrl.type = type:D -+Output = e661555415bcab0b1f2d4b4387cda213cdd93f8458a2ace4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e -+Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 -+Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b -+Ctrl.type = type:E -+Output = a368f66127573c79e2d936032f75c3d11c0131455eb9b6c5384582de -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d09e300c8b93b8c759f96910b319b8fd9c9c8c1b704b65649f525b6c16732ee37f499ac729bdce9ea493811954849e8eeb449cb2f4485fe78b0f538038178ad3e1b95ef13fcf0134f1199ad742b31d5f222ed7927283a008c970143af46965acde32139c2448db5cc11fd55e534779f1b5d7757b27e3a3881a3596b0b002ff7e -+Ctrl.hexxcghash = hexxcghash:be8559339a1b231a59a8feae904c00decaf970ff8e83018662c65fa8 -+Ctrl.hexsession_id = hexsession_id:a8378fd158677fac292c5cce8a9efdbd5c5c98ee6f056a5e6e771b6b -+Ctrl.type = type:F -+Output = 779f09f514bdf7ed4a01788f10146367ce2ddf2aacebb961524c002a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e -+Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b -+Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 -+Ctrl.type = type:A -+Output = 386bc0b99215c8fa -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e -+Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b -+Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 -+Ctrl.type = type:B -+Output = c793dba9a68f70a4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e -+Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b -+Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 -+Ctrl.type = type:C -+Output = 3dcaea7c946c2de76811482556299aa9bf96c8eef11fb2d6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e -+Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b -+Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 -+Ctrl.type = type:D -+Output = fd078ef65922006809729f9533c8742e9f973f7ff37ba987 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e -+Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b -+Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 -+Ctrl.type = type:E -+Output = 83a1924fa5f7ceffeba7f519ac51a86a2746a93eb194db51a4596ca1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008057352c4a26aa011e9b9e101736ab6b1369c73f553848d159b01bf2c7671074cdcdc73b8c697649dc7465197c2f17560d0045246410063f20d8d29518e7b25d871886346acccd9ec1b2d74b19b4aff16953714266d1440247859958f010f3fe616859c07315169c5bb5547c6dfdaf4a219daa3a78f546958f56e14fdf64c3b26e -+Ctrl.hexxcghash = hexxcghash:dca302cd4ee29d88b3f909f73e19d920099b8c18062e875cb762257b -+Ctrl.hexsession_id = hexsession_id:2f6368dd5f1a6a8db98f74331850c110aa0e58f06a10ca8178171d95 -+Ctrl.type = type:F -+Output = e16507d1bbd53b41f9bb2f0f21b5112eb6cd1eb0489fb5e754212390 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 -+Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b -+Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 -+Ctrl.type = type:A -+Output = 0e764ebe0d523aae -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 -+Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b -+Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 -+Ctrl.type = type:B -+Output = 24bd2eff86c2a8dc -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 -+Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b -+Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 -+Ctrl.type = type:C -+Output = 26c01e3d56c1b928f65aaa1b6a15f5b8d41de187b4bb5fdc -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 -+Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b -+Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 -+Ctrl.type = type:D -+Output = e0cc3bdb6d69d10893eeb73b892d746acea151f24247fd9c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 -+Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b -+Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 -+Ctrl.type = type:E -+Output = bf442ba6ec794f20584528686cedbaa568c13b895f642fe5cb3542bb -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:00000081008d372970f67a75a1748e6967c67a1f5665a3d6f71d6d24ab113bedb42ad544de34e67df7f644f78e5dcfd12e25b7cb8655aa9f07fef59058e42450aee5d4a733887535313e06c7e6426598284fdaa33ff88e1b6174c33199f2630ec42c8d7d9b92ea3d83a1bf8514b153fd9cf9c520636a0de9c6ba8b9318465ddcaa293367e5 -+Ctrl.hexxcghash = hexxcghash:683a0b23e8bf98e03178a032a65e743e429c805b8de04407f73ab21b -+Ctrl.hexsession_id = hexsession_id:0e9de6ef124b670db44ade438920db01b5e6fb69a482816a303fcef7 -+Ctrl.type = type:F -+Output = 65ab453e5ffd1b5e1540aa547766d7c177204c319642f93059bdf257 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 -+Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 -+Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff -+Ctrl.type = type:A -+Output = 45799bbb09fd8804 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 -+Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 -+Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff -+Ctrl.type = type:B -+Output = b787b009f3313be0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 -+Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 -+Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff -+Ctrl.type = type:C -+Output = c4cbb547c997e8fddb9e56ef5df91327766668a43a958a8e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 -+Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 -+Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff -+Ctrl.type = type:D -+Output = b55b7cca0a0363b84b40b79366b87db7c440dec5bf89e952 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 -+Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 -+Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff -+Ctrl.type = type:E -+Output = 9c6399e5f4db0fc7652268d7423230ee5ffc0a210c26568dc5c0ab7d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008004a70cf5e546c0920433bf16dcda3076d9195b5c35ad6b83b6a51e880f22fddaae0d358e35037bbe1e66f2422c29ff30a39822e067930b9faf59f844441dee6f233635a00c7cb71596f8589194016132ebbe204d98fc7f9bb0b7f4e6b6a68f488a59138d9859729d938de6ace9d08be86301bbd4e80d4650391ef3599a6f0bc0 -+Ctrl.hexxcghash = hexxcghash:a05a5c2d8beb394b7befaecfe3f4227cd81a28d90ac64ec78ce170b6 -+Ctrl.hexsession_id = hexsession_id:1380b38f6b6997a47ce234b7d3d6afb5960e721a348a725704c19cff -+Ctrl.type = type:F -+Output = 9824301c33daae0f1b75eb472d6f0b4ef2cea0b2f61e204b6aefb0bd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e -+Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df -+Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 -+Ctrl.type = type:A -+Output = 2958928e5fd3c6e4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e -+Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df -+Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 -+Ctrl.type = type:B -+Output = aa91bee1a3b3374c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e -+Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df -+Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 -+Ctrl.type = type:C -+Output = 6fdac559eb1d6af7fc7fbaa4f9a15fd4145b97b9418518d9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e -+Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df -+Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 -+Ctrl.type = type:D -+Output = 5a8271402756f7eac59f09b5020f7b05f6475fc3a2e2b482 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e -+Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df -+Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 -+Ctrl.type = type:E -+Output = 910de4a4a437cab056f7c38037f0196c524464237c5e332e79564a90 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100d07c8a0c16c5f000ff00db6161555ea6b6b400803fe250288a9b88b48ced381de3f46982210216dff4defdbb007e98ea47f891ae3f38e09f56c96913406c13ed35cade3f2f80c6c6402e7ab097decc9e7ecc377b9965991422b54b8fcf34b9635cdc6b1cb698c61cd8377f3fadf1ba9e289d83767ca24370661085461a0b348e -+Ctrl.hexxcghash = hexxcghash:45dfee14ec8160cb1ccd769d2db4785b9773aeedde0c6ca0f75324df -+Ctrl.hexsession_id = hexsession_id:0f15315853288a987cec1e0668f34fa54537304f7082673d74d4f970 -+Ctrl.type = type:F -+Output = 0bfa6ed5dc8ab0fc1bb9feb966d7107137ebf3f754ac71c2a16a9c22 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c -+Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 -+Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 -+Ctrl.type = type:A -+Output = 82204d79e13252f1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c -+Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 -+Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 -+Ctrl.type = type:B -+Output = a76ff923488c7bd3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c -+Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 -+Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 -+Ctrl.type = type:C -+Output = 8ba3bd224890bdd4dd07d2a5a98e5efcd95d82c66583d098 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c -+Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 -+Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 -+Ctrl.type = type:D -+Output = a04a3844933ca1bb45848bc1a7626e4c50dc46aa5376d027 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c -+Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 -+Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 -+Ctrl.type = type:E -+Output = 393f2f152d6c6d063f284cadd1fd9d700928188b7fea31f74b44fbc6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000807f046e0e1a0050fe544cd0bf194fdb0a07efe7708498a1b25aad90641e8befdef8f4aacb538ccc446d02d3896e1cc34d9a8becdcc48d10e73460f7c0c58eb51707d37f1eaa0008cb21c89e8b226a3e60c76f9f9f5af2a16abca346a81c66ec0199167b17e0d8cb3baea9a9c700632f585e0cd467e779eba02bc24eff22b6425c -+Ctrl.hexxcghash = hexxcghash:b63c992199e370cde19b640077bbbac92c6a8a0f206b4d560935cee5 -+Ctrl.hexsession_id = hexsession_id:ee00f86c7ecc4ce74a3ece1699802b7420ca4d49cc74b23399c23545 -+Ctrl.type = type:F -+Output = f27f2cd72b22e1719f91b912d6c9d180985121d32bd217e348cd2003 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 -+Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 -+Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 -+Ctrl.type = type:A -+Output = f843e3c6a1621998 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 -+Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 -+Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 -+Ctrl.type = type:B -+Output = 128b2d8968cfaad5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 -+Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 -+Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 -+Ctrl.type = type:C -+Output = d6c4d2685753580dea2c6a6eb6add592011356eb9e868d44 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 -+Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 -+Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 -+Ctrl.type = type:D -+Output = 92af60f4858f3d14efaac039130389ab9ae1237f0da09a29 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 -+Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 -+Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 -+Ctrl.type = type:E -+Output = a37af93c8f25e145def1c5397bec2ee2119cc0e0bd4854fe23b2e3d1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000008100b51d0e3d21612b3bde548bf3da6d474166972f602beb1b876b7045a595483ec0bfb707eaf7c0d416d028a3ed7cff460cad66e2284e3190a746d3304678c91b2654b3ab147aece57e3bb5f4d30d4d7c01e065f70b12b9270ebec306a178870d1fd814806c3dbdc16d4bd7e843de8e5414ff336e735bc5c8241ab0ae08197159d6 -+Ctrl.hexxcghash = hexxcghash:1eacc2c8e8ec2c3a5af31c6d498301e82664f60899223ef4348f4467 -+Ctrl.hexsession_id = hexsession_id:ddc879c0f221147bd70a1cedf5578fd8f196290357945fe75e551262 -+Ctrl.type = type:F -+Output = d44def5fcec300da5913ca109c0fd7a2c2cbcedd2c3e3216c5cb0d95 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a -+Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 -+Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e -+Ctrl.type = type:A -+Output = 4276fab65090b420 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a -+Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 -+Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e -+Ctrl.type = type:B -+Output = 00303ca4f9a5a6f8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a -+Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 -+Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e -+Ctrl.type = type:C -+Output = 3d67892281e9c6ed6535d7ae69e832f6723afd545763bd3d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a -+Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 -+Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e -+Ctrl.type = type:D -+Output = 5a5844e6c47eacc172e0012044037668a653758b96310350 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a -+Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 -+Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e -+Ctrl.type = type:E -+Output = 4783fb6e98db788f6594c2b82e751528590c41780adce2ffba234290 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000000810088a2add0cc5918c649c6bbc82930ae99326188faa20e2cfc8f819cc44bdd99d1638fbbd380197beda58c039c239fdcced533db7ea31635b835f5f92725490e7638d40a017b89f48406faab653aa03721af5d7c5c61d4519e7c07f99974c1f715b1ce3fcffc50b2a6cc9b4e45a76791b862ac87524d2b52fe6c706f5a73e5dc0a -+Ctrl.hexxcghash = hexxcghash:321ef6b92cae9df351c1b7d2253325536e659df52acd4a8787b45217 -+Ctrl.hexsession_id = hexsession_id:340edbc8aeec53501158ad2ea7650abcbb906348d57b14b61524469e -+Ctrl.type = type:F -+Output = 7c60752b0b5a0f0027507ecd88e6af2b78e462a98459bf0511152663 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 -+Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.type = type:A -+Output = 2512664639690af9f64afd16d9ccf3d3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 -+Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.type = type:B -+Output = c13223796f394c6d1ffd18c22c09f27a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 -+Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.type = type:C -+Output = 7be659a7cbeda28722315d96444a5c98 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 -+Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.type = type:D -+Output = bdfbd698c518aa45c35d7afd7bd91150 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 -+Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.type = type:E -+Output = dd38b79b081713ac3007ffd88d5cd67f43fbb36c983e0fc1cd273d84 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d62744a1ee5a4d03d761f48fb63ece42d9204e00016dad042ae7cbe600cb9e93535bc36d2f94d715cf8c2cd948caf876b4948429cb85ac73765949495af8380a56b68d1d3eeb4d9b310e2c53db5f51a7b8382759273c0be30862df81ca420f414c3ea8e6a1fb4875257ccc536e971c8dc07e600e265e642489266604f94ee995f96ef02eac771bb88bc66c57d229edfba1e484fd1c8b49e11e594aefa681f26ea28c348615d3e0a2dc76845d2d19543751ce444c7b65fa449a74639fa13c123d025200efa7012b209400746e03bd6a7bc938b926107da0491407bd952602d14a7fa743cbd51d5090a22c76a336f06b5e6dc5ecf70c803da8dcbff149c5013c36 -+Ctrl.hexxcghash = hexxcghash:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.hexsession_id = hexsession_id:273ab849318045321f672fdf9b4bc250c4b46717374bfb3322bc7701 -+Ctrl.type = type:F -+Output = edf713ecfb21b9e9c2d9d04c882d5ded433dcf459ff5b0fe7cd45bb1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 -+Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc -+Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e -+Ctrl.type = type:A -+Output = f3064d3f3ed09eefd34731a2c60c1a80 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 -+Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc -+Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e -+Ctrl.type = type:B -+Output = 1f7f508d9c4cf1004a220f26e0e6c184 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 -+Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc -+Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e -+Ctrl.type = type:C -+Output = 2ad48a77fa12fcb5d3d3e98d5bb87d76 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 -+Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc -+Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e -+Ctrl.type = type:D -+Output = 0433db7fd40d9d0dc9df6e9eed8059e4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 -+Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc -+Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e -+Ctrl.type = type:E -+Output = b07884f15910c6a083143ef9bda115d05c9e4c4057c1987c4f78a1b6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100d9b92844753a5eadc2ef7e84372a56bd096cc1d57a5c282811658d7df87564f202e800c774e75bbb53f47e835f207300ccd4661fd8a73b6ff87770c2c036346e99fadc5193171e1e732f3b6a017808a150ee02c4b6e70d87462e51825a94bda27fa9cbe18c7ef20d0b0201cb7526e0e9bac21b877e5064000290424387a9aa98da563ee2a5ef36af4b442a69eb631b88b8e3a0f073aa5dda589c4aa0e4e007e0d0036a231d52137d724fd60d41f42512214853e7acf8bde77e377842468f4216a15d0c8fe033c2b133bf651c82fda6d227e3c3f0cb7d0a9eba7c35eeefcf683ddde696fdeba5ec124e701f01bf5b0d59a667c75633dea07670b07baa20f313c3 -+Ctrl.hexxcghash = hexxcghash:a510774a9b07b05e4e0eaf9409d77028a511a9565784b69ab3c03ffc -+Ctrl.hexsession_id = hexsession_id:49c4ad412d13870d0e9c6855e2881fc032aab36fa3ab3598a7f1153e -+Ctrl.type = type:F -+Output = f838da7b26311dbd529f742d901709229482cea9d7ac9f0c2cd14200 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 -+Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 -+Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 -+Ctrl.type = type:A -+Output = d8c60bf582892d2cd03956774614b9f1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 -+Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 -+Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 -+Ctrl.type = type:B -+Output = bac1bef6d6dd92de55bc174c9db77a54 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 -+Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 -+Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 -+Ctrl.type = type:C -+Output = bdf96d88d7ac4f0daa62d29948a5c891 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 -+Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 -+Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 -+Ctrl.type = type:D -+Output = ef0dbe568b4f3fbcb8b2665ed7ed0f8d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 -+Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 -+Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 -+Ctrl.type = type:E -+Output = 315d50a1b29f9d556c983432b98bf437893c1a892cf69880353d9797 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010012641156f363edf89c1824532fcf379a846dd042ac173d6b9b75651d7aa911ebe75f5dd3b502a7d6ec331f095ed08505e86f51008242357b3d29d75db82619066c2ecb3ba78e8de8fceeb206bfa39ef3e6617d1f20e4a092ac6bd589904fe0ce4fac2d73c7396a54084bf71e929ae0c5c7e67e1795e73f9fab8c6ee90254f27dae6750e1f8769af5b235f9f7aef302f1fc4015f60af34656a1a8187159a4d6c4b3be40abe9ad5cb56a52f5407186b42fdce7a691b917550719fc7eef858030dcb2829a07a39ca279d9deb0487b893d4c7bbc41cde4eb366188f38bdb4289b8a95ae757864e963cbe4f5eced9aebf3b33ebb3c75b7e405816366e609e16f8bc56 -+Ctrl.hexxcghash = hexxcghash:d041364fa73e42f0c9c49d2ad25a758c3f4691761d9caf6dfd2ad690 -+Ctrl.hexsession_id = hexsession_id:1fea0e79508d3b2caf0e275c463626ad7d57c6cfc1da79a5bce2fa53 -+Ctrl.type = type:F -+Output = 612e3ac6651f9c7d99c532da0820f079292d9b33d36b684198665f5e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b -+Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a -+Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f -+Ctrl.type = type:A -+Output = e0d36ac1de6cc8514d25ff824bfaaa37 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b -+Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a -+Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f -+Ctrl.type = type:B -+Output = 58c896b4d1a9507e7da2234a1a538d78 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b -+Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a -+Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f -+Ctrl.type = type:C -+Output = 5966df5cb582234585b4c4312318f829 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b -+Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a -+Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f -+Ctrl.type = type:D -+Output = 40d8bdab78c9dac2b2d14d1c8bd41405 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b -+Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a -+Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f -+Ctrl.type = type:E -+Output = 1af4707570794ff6c718c817ccb9fca5edf22a3a8d493a861633fb7a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100ecfd38c0707d59db0b361a449a22ddc63f055678e253ffbc8324a306ff06e31590fcdf6fc271665335f01af804619f4367489d7829ca756cd14d2147f2c6b2c0355847955ebe89ed2133dc74283732c4f821a7cadcaa9abf661fa9fcf81b0596c454fdac23d79267c5a832979217df61f9bb04c0fa69f5fdae2407da763210f0b7c1097463505b0da86ad71c20c1c57accaae353919cb2708aa378a5ff598d0a4b21b7527b2dbd271957fbbf04f5787076fb7f8afdfb75ddb5fa142ab427e026c87033fe2c6f22454ebace3f77646d0ee447cd1d339c9a21ce86c0b233c7fcbd6d1d165e14d57908777cde654b7fc3c3db7e62951b359ec71fe475356dc6a58b -+Ctrl.hexxcghash = hexxcghash:7af5885d52c4173000c45dd2b0fbeb21fa5722aa65eecb1bf977248a -+Ctrl.hexsession_id = hexsession_id:122e2d181cca7dcec6f30a8b027b4d29275d342af5fd82794b24560f -+Ctrl.type = type:F -+Output = 4e6edd5d86f0a3b92595fb2d4f0f9b0f0ed1e850c84014224270bcbc -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 -+Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 -+Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d -+Ctrl.type = type:A -+Output = d30b7efda77a1008d78487fb1c9df511 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 -+Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 -+Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d -+Ctrl.type = type:B -+Output = 498b3d9f14446a028d1aed8bc4748e34 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 -+Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 -+Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d -+Ctrl.type = type:C -+Output = f4909273c39ef8819b353cde80f57cc9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 -+Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 -+Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d -+Ctrl.type = type:D -+Output = b31337a6ecd02f4beb9bf4af12ea4e11 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 -+Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 -+Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d -+Ctrl.type = type:E -+Output = 6f3da7bb4b64ad3e1171083a62eca5e755563e639594b848243760d8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001002dde91723fa969756f5a597683fa0ef938423ffcf3b3d0262f9ba0d69d72ffc3afbf2ccb9bbc42332f97d3857b44575e30849fe19e77688e9102d9909585d9e53835eee4127aee038deaf8501c70cfd209ef755f84613365d9b2150009f9055300b74c593f8204b84c7faaac87c781e7bdda8c54bf0ec170e4dbf71cd15825c949ebaa934797333124e63db50efe0f33f5224687c097b22d52de36045659622dd214effab378b6bff298c84436831f85540a5eac0b68d51fa1abd18d19ce5452aefe729b7d384e038927ee8f0c2ddffd1cb6ea537a90d9b06bce3bd01fdf4370d62d985ab80417d1256d38ab3874297163a020052b42e73e8ef64950851e7da2 -+Ctrl.hexxcghash = hexxcghash:590c8e3800ddfd382f0b3023c7a8753bd013e756855ffbca1dee0f01 -+Ctrl.hexsession_id = hexsession_id:5e4528c7ff85f2ed7d632c4355e2524438ee83ef0e1695524921408d -+Ctrl.type = type:F -+Output = e88506aa4a4ffa33675c4a296abf91e24450a496e56f8465e9a7525c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 -+Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 -+Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c -+Ctrl.type = type:A -+Output = c5cbb653102d99457c33c88921b5dbe4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 -+Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 -+Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c -+Ctrl.type = type:B -+Output = dd9b1c786c7f739832629f7666e4e21e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 -+Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 -+Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c -+Ctrl.type = type:C -+Output = c33d08d706ffac1811f157526b08086f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 -+Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 -+Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c -+Ctrl.type = type:D -+Output = 5750b617b71a239d99fc412796f6d986 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 -+Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 -+Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c -+Ctrl.type = type:E -+Output = 4c2edee4688119e17723fede94d81c141cb2dd632dde5e223fcd12c2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100be7e6428be4ff862e2b9fe69f055bbbeaa51b7666d51e1ad2e5fe12e2f7a171121147311780840e5d1345c6a24eb3e2d7bace8c88cddae9a062c7aacc7ae87d31ef7d4c52dc2e35f364266c9c34e1ff703a61a8fb39397344ac94e75a42fc956dcc887e50e67018d5a74c89c1a8555ebff4a4baf5b4916aea1dd95c126df390882143908821ecf68511e986bd379cf0871fe1a2679241b339f3317f76c65dc2b121e15a0b8891d9c0120b8a8a383a1dd5eb6fbd65d22a03b7987f843d454e4e1f09b9e2d37ef2be72b7f8accade301c772f74a582afab960dfa43a167275771f6a9be5a9f275cea55e9661a54b1c3210042f824fe783969fa60ad23b748a6b56 -+Ctrl.hexxcghash = hexxcghash:97e793420ceda1730dac88f0d7dc52d8713a79a0b48ddb2af45dd143 -+Ctrl.hexsession_id = hexsession_id:16dd0d6aca3757eec6e9dc3c4a5f590cb7911cd3cabc80815527b73c -+Ctrl.type = type:F -+Output = b48103cd81397bed3bf618b2ef30a44ea806b0ad07aa098a8a33273e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de -+Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 -+Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba -+Ctrl.type = type:A -+Output = c8bc1d232edd620e0282af630d596a6c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de -+Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 -+Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba -+Ctrl.type = type:B -+Output = 6a90269aab1a3e3612eec97a45db11e1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de -+Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 -+Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba -+Ctrl.type = type:C -+Output = ebb8a6227e789d33fa072355cb2851ac -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de -+Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 -+Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba -+Ctrl.type = type:D -+Output = 9662ff73b11bd2978ffceb7545f6054e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de -+Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 -+Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba -+Ctrl.type = type:E -+Output = 9eb35f9a8a6155b81b8dda117f5d631cc4eddea4b4912147513bc4ec -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100c810e36b6ae23b2dac234f36b4ddfe820762b53478eaea205cdab848c384f2c5fe262bc471971ff42a1ff8fdfff81cdc66371a75e9fda5d7d0bd656523603255c3e0970435f995948ec98d87942cefe2194e475a507e2928e0cfbba63962c75794aa53e8a385a5d1599d88dd1684a827914da576f9e06caaecc586bb98425621a5afaf86003cabe86fcd3964a390f47302bbbee8536f24024c5c31f031e80e6bcf2a3e24d4f0b6bd42250996f12a8a5c99b09a42a737e3cbf481e002c334fe3b7626419266e0036339b1592d3bf43245c449a65e43946e60112c1f8aff8963ff56e365c6f56c36b2208eadf591360554d2b116d3374341bd5779ebcdf7ba93de -+Ctrl.hexxcghash = hexxcghash:f8a7854ec21f252f679b924f0f3d34639fe976de146ddb8e93c4e4d9 -+Ctrl.hexsession_id = hexsession_id:6bebea19564c0f65dd96446496f7d7c7198a5b08bcdacf29449808ba -+Ctrl.type = type:F -+Output = 3e137e015973e21c37a8de81cc812683d506fc35699114b31c06797e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 -+Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 -+Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e -+Ctrl.type = type:A -+Output = cc22a730c15abf9628f749fac9d3f935 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 -+Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 -+Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e -+Ctrl.type = type:B -+Output = 188c477061a597384b1d1e417dc04f7d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 -+Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 -+Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e -+Ctrl.type = type:C -+Output = b309760dd9f0d65c6edcdee3a3457c33 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 -+Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 -+Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e -+Ctrl.type = type:D -+Output = 1b8674f603a78f16fb979d6db70f6795 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 -+Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 -+Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e -+Ctrl.type = type:E -+Output = d881ac0cf62ecff2eb7d3c8284cfd4b95e003c435f6a3121ab0c65b0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100940a3535b876a90210236f8571e20cb04d287ae7217b95d75c4170e8afea4d290bc41e736cdd1b470b02ce8b74ca4cdaa121bbb3b31df3f2c847455ef21b61e0c966bdb8cf58fb94819108c7feb9551c5dcacc37fec5fe4e9a59818e93ed08f3477632c62304fb2ba05f7fa8611970adb39379ab7159baa3731fb1fceba201a1858635b92d938b195a44612ffddac3f2b5db59b47c9f90b66e76b3e901887b27312e1043b000b5ff21d4fff4b5fc06203403387fe28837c4d367dbe2c73e1ec5c4e867cc99dca2bf8171aad1498b37bf0d17e5fd64e411386df72667d824e4514530cf6021ca8880154212884f5fdb44a0c8745a4049971de370eb31c959dac4 -+Ctrl.hexxcghash = hexxcghash:4688aa9bceb36ddab933675e6963357b2bd0daa5e1984a06fc7f3ff3 -+Ctrl.hexsession_id = hexsession_id:fb72bca26e61577066d7c5093ac9281fcf06ae3250b43228b067b86e -+Ctrl.type = type:F -+Output = 9a7560e7976c7fb0153fc94e51a7dead3b7f8954d1efa7ed6be77858 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 -+Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd -+Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c -+Ctrl.type = type:A -+Output = b842e2900a8c1f7d7c3fa465d46142fa -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 -+Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd -+Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c -+Ctrl.type = type:B -+Output = 5e96f771c176fafd18d4aa0bc07dc5d5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 -+Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd -+Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c -+Ctrl.type = type:C -+Output = fe5fca0a03e6f8ac95ba4e882c64fb8c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 -+Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd -+Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c -+Ctrl.type = type:D -+Output = b952b4e6f2010ebdac7ee10adb90f9ef -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 -+Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd -+Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c -+Ctrl.type = type:E -+Output = 819db930507c1f8e1617dc74e78de9f4abb02b7089d764cb20d14c56 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:000001004b9f55f17de634edb39218b30f224ae8ec64edd6e0c49dd00a52ac11e0a4089ccff931838ce5c02f449ffe33c14fd0a9f11da7d783787a03defc7931ce638a31aa11ddc4351e54480bea637857cae6cf30e03d392737fe2b3f234115903ab43f97d4fdb49fb987650610d9a0ca51b70839d0fc9980de371acc78ac6eaf5f5ac5008eec0f5aedd0f95496f27d2858477fc54d3113fe7884047596d5705d1dd974875872fc7c9111bdc5da73b317331c543f60687fc1ecb3f3853787a64fd94335b570a99fe2544acde49f99b96ef473dbcb16315b9e7ee8c3a20feb36636c1fa39567c2efd2b7827e38ab31607f6a3cff1fc7edf8612380e4af93c620bcd6ac36 -+Ctrl.hexxcghash = hexxcghash:0d18d069225d0db81b8bb979635dc9e89999a74ad6b02022189150fd -+Ctrl.hexsession_id = hexsession_id:1f42aa7a240d8b412fc26bd18f85ebefe59641d19a1e5e3681560a2c -+Ctrl.type = type:F -+Output = 79be1ec6ce722e98bca50a25bbca581318b6227c9fd346d67602958f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 -+Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 -+Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c -+Ctrl.type = type:A -+Output = 4d40be7041ac4c74d56d53855fead94f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 -+Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 -+Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c -+Ctrl.type = type:B -+Output = 501781a04c919226a9e2dd6d7a880568 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 -+Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 -+Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c -+Ctrl.type = type:C -+Output = fe183f0e31d4bf9ebc9364e19e422385 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 -+Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 -+Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c -+Ctrl.type = type:D -+Output = f12c0da703e5bedb2921a0e1795eb62f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 -+Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 -+Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c -+Ctrl.type = type:E -+Output = 1d34b1ae23af48c25db971fe0f95c2fdb4e269ca435b90e0e22ee720 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA224 -+Ctrl.hexkey = hexkey:0000010100a0216e73007c1b53dba18acb5592ea68ab7719d9fd2f24af3e2968024933a5e68fcb1aa8b187f42972815f12d5f995c15d2d3eab84cfb869db413dcb328d045df23646e65179a53e3cbe1babcd6e6a5e300e33be1f5ed5d7eb1661a0ae6d8e6dd8f156eed726b30df6b9eee7e9457189b140de7671a1c7790938617e1bc95b8ee8bb9229f98be158a569bcb799869c445484d30d6019db44d97dcfd9b47f5a36418e3d5ec88037c172104d44ac6e770cbec415fbfce8ac9257074ca5fe003a4836001c8331f1845c1069d0610a62378e1c32ae512ffa22032f28245ee7ae957348a484bef3d295463b293975d787d45c480903f3eb35dcfd140161606f270177 -+Ctrl.hexxcghash = hexxcghash:0f85b7ee92fe1a95c0aa0103f10092f04ba613a37e118f8fbb43e308 -+Ctrl.hexsession_id = hexsession_id:25d9a92c96b98ecc31e6aca945899e93607848caf2c332efc03f9a0c -+Ctrl.type = type:F -+Output = b77dce4e2211c8e2b4fba841ba45d7f136323999ed9a4d306fa411a8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e -+Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.type = type:A -+Output = 41ff2ead1683f1e6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e -+Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.type = type:B -+Output = e619ecfd9edb50cd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e -+Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.type = type:C -+Output = 4a6314d2f7511bf88fad39fb6892f3f218cafd530e72fe43 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e -+Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.type = type:D -+Output = 084c15fb7f99c65ff134eeb407cee5d540c341dea45a42a5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e -+Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.type = type:E -+Output = 41ec5a94fecce7707ea156a6ad29239a891621adacbedb8be70675008d6f9274 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100875c551cef526a4a8be1a7df27e9ed354bac9afb71f53dbae905679d14f9faf2469c53457cf80a366be278965ba6255276ca2d9f4a97d271f71e50d8a9ec46253a6a906ac2c5e4f48b27a63ce08d80390a492aa43bad9d882ccac23dac88bcada4b4d426a362083dab6569c54c224dd2d87643aa227693e141ad1630ce13144e -+Ctrl.hexxcghash = hexxcghash:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.hexsession_id = hexsession_id:0e683fc8a9ed7c2ff02def23b2745ebc99b267daa86a4aa7697239088253f642 -+Ctrl.type = type:F -+Output = 47d3c20aba60981e47b30533623613ff1cacbcf1642fb4ad86ee712f2aed9af8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f -+Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 -+Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed -+Ctrl.type = type:A -+Output = 99bae6531508705f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f -+Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 -+Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed -+Ctrl.type = type:B -+Output = f25786f02f199737 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f -+Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 -+Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed -+Ctrl.type = type:C -+Output = 97621bf882266f905da78cf193fc31f642acbb60957c41b7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f -+Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 -+Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed -+Ctrl.type = type:D -+Output = ad98a86a2386280912efea50f790e800a7758f7dade5d77e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f -+Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 -+Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed -+Ctrl.type = type:E -+Output = f92d052d3cdf34dfc69bc60a489c3a3553f4356596c191931d08fa20551273b3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000800faa172b8c287e372bb236ad34c733695c13d77f882adc0f47e5a7f6a3de07efb101207aa5d665b619826f756591f65310bbd2c92c9384e6c6a67b42dec382fdb24c591d79ff5e47737b0f5b8479694c3adc19401704912bbfec2704d4d5bebbfc1a7fc796e277634e40851851a187ec2d37ed3f351c4596a5a0892916b4c55f -+Ctrl.hexxcghash = hexxcghash:a347f5f1e191c35f212c9324d5867efdf83026be62c2b16ae006edb3378d4006 -+Ctrl.hexsession_id = hexsession_id:90befcef3ff8f920674a9fab94198cf3fd9dca24a21d3c9dba394daafbc621ed -+Ctrl.type = type:F -+Output = 147a771445123f846d8ae514d7ff9b3c93b2bceb7c7c9500942161b8e2d0110f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 -+Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 -+Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 -+Ctrl.type = type:A -+Output = 93da642974d71e52 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 -+Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 -+Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 -+Ctrl.type = type:B -+Output = df2035ad67457151 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 -+Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 -+Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 -+Ctrl.type = type:C -+Output = 42067bb0535da6701232a0f39ac7f436535af346c4786af5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 -+Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 -+Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 -+Ctrl.type = type:D -+Output = 08a0181a6c373d39540409dafb1b4e2359bc249af33bcfe0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 -+Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 -+Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 -+Ctrl.type = type:E -+Output = c043b5aece7cd2685c6dfb3788d7a562d6622d20f6d7e07b38aeb47c649dd99c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100db8205ad53a96bd4c111ad8dc8dab8196f04557d87a5ac90b1013eec71456ca80f0a59af26f9ac6eb91ee51cd601602fe9467550d1f09f417f94e4df2aa5fb941a33ff7764b4d57bcba77f549959ca4fe5d568ff5d20702fcfef904d07f9182bd9936da1fc63d0b11cd573bc0ed9c4e7bb07b5c77c4214d457ca5b0a4410d7b0 -+Ctrl.hexxcghash = hexxcghash:a85aa36aeae3f8a948ffa077509f183f2894b52930a79a06bf8783e501d9cae3 -+Ctrl.hexsession_id = hexsession_id:6629bb9f32e259935f946e73543bf65830e78ddab691a8b885f3444f976fd655 -+Ctrl.type = type:F -+Output = cbe67a93ac758d9f2a6ff580bad5a44bb1a1062c9e20d5c974decb7aa2b0faa0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c -+Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 -+Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 -+Ctrl.type = type:A -+Output = 320e807fab2b10f0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c -+Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 -+Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 -+Ctrl.type = type:B -+Output = 7b8f91be4dcd59b1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c -+Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 -+Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 -+Ctrl.type = type:C -+Output = dec6e67a94b3ddfcd32a24d6026c6951d00b6f4402d32c1a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c -+Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 -+Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 -+Ctrl.type = type:D -+Output = 2ef3cea4588ad928ac3e8874f3e1f613f2d50787495acc32 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c -+Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 -+Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 -+Ctrl.type = type:E -+Output = 72f93537328eebeec1b5ca88fedb41bf4d9c6279e4fe8d13c38da72a39739ed8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100d97164957831bbc57c91e0a5c9ece230b4625d14b9d07decdc971cee28d28c2938d2f8b682bc33bd67458fb90120dd6a2ca5255fbe3daeb0325029e15b5e3135aae5081894da98fb4e4d578890c5a4b6a359097bf5e2c403f77b0398d12795d6c895ed979e792d13f5aeb3cd62799d9a509cb4bd8e2bf5d8b08498abccc0790c -+Ctrl.hexxcghash = hexxcghash:81c3e6d1a6aeb3f3fc111a9e1467a7e569b9debbfef48fd31acd0d8b9b50a647 -+Ctrl.hexsession_id = hexsession_id:068d4a2ebf66a0a6f75d3e76659c72a7f70630f98872e6f48c45ad862fd9b2a4 -+Ctrl.type = type:F -+Output = 55dcf2c322b9c94686edbf9314d7c93bd9651e2ebc64f1a299d7176577d65b32 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 -+Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 -+Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e -+Ctrl.type = type:A -+Output = f4dbc41aa23e1621 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 -+Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 -+Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e -+Ctrl.type = type:B -+Output = e53b40c511180817 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 -+Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 -+Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e -+Ctrl.type = type:C -+Output = 70fed9412989cf5de908ad429cb92065fd5ccc081477abba -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 -+Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 -+Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e -+Ctrl.type = type:D -+Output = 3afdb0b4b4bc13e8731bb92e541b7d82a0b20d8878ce184b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 -+Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 -+Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e -+Ctrl.type = type:E -+Output = 59937f257aeef0806038543ced541990e5c2243881818edf2c522a54b64e9e93 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008001223839219fa4dbaf2b88deaa058bed95793bd6079e670e88eecf0a391ae7ce2d3bf129e11273aad0d0047b84960e6f73fa3de394042b4254c7850fddc7525dcf27fb9bdcafc604626aa25e08c938a27c80ca97a4c1a2662f4e8485e016c75e4f4e6861f5bbd694bbd6492cbffa95128dab52d8a3d0316bcabd5da2c789dd62 -+Ctrl.hexxcghash = hexxcghash:7817d37fe11f3499feda39bf21ce7755040a0091e61e8eb585e6299c6673db81 -+Ctrl.hexsession_id = hexsession_id:2b7ef879949594c35dbccdba0ba4959e3a2fad446c5ce35666e400b7214fe69e -+Ctrl.type = type:F -+Output = 187532105293274b841918e3ab51f5dd0453d4331e85f4e06b775dbce4979cdd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 -+Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 -+Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 -+Ctrl.type = type:A -+Output = 3cc220d5bb9b5346 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 -+Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 -+Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 -+Ctrl.type = type:B -+Output = 051e3c79aede7e41 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 -+Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 -+Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 -+Ctrl.type = type:C -+Output = 44c2b4725965ee9a2bce58d38e2e9a778263c415b21a25be -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 -+Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 -+Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 -+Ctrl.type = type:D -+Output = d5de7a801956b934d820f9aa51bf1dae2a7aec7ce5ce4e50 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 -+Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 -+Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 -+Ctrl.type = type:E -+Output = 7d2039a6505e3220535fde0ff71464f3971580f50711356760b225fc3053fc19 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000000807d3783ce1f598c3279e8a33f3e8bfe9c255979034f43d107bb3dd6cb21ff67d945594929f2fd7bef74679be81d3ad6c1b472293d1060242d720ed2fb250fde838064eec64d75cb9d5d2ec09c9e67e3bf48c0d0a92577f8bf6e05cfcbaafcd243369f30f14d24a4ad2c1aaff528e03198227135d26839fd45cd60678ae41307c2 -+Ctrl.hexxcghash = hexxcghash:2efc2c1be24e1259105757bbd2c518d62ae52400451347aa90e2aab00bc58864 -+Ctrl.hexsession_id = hexsession_id:2df7d0dbcb1beb17ef1a8b9884c9d6d8833b5039797a5fce61e7a2490405b323 -+Ctrl.type = type:F -+Output = b0972348a031ef2e87d42611e53cf0c4782d759ecdcc1390318eb11e1925ac35 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 -+Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 -+Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 -+Ctrl.type = type:A -+Output = cdb047beecd92d84 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 -+Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 -+Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 -+Ctrl.type = type:B -+Output = ef378e894d8f675e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 -+Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 -+Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 -+Ctrl.type = type:C -+Output = 23ee42a437801e87348b3999bde76147a8731e318db57752 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 -+Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 -+Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 -+Ctrl.type = type:D -+Output = a3f50e3d14498f15e1f111cc929648011d6abfb58e90df1c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 -+Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 -+Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 -+Ctrl.type = type:E -+Output = fb6a020561e46e521344cb671a50175afd63ded91eedaa1b2879c3a63761674d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b44b386751753bf1fbfe100b11761766aaef16b2786462ba9561d3b493581254a1c1556ef611fec70146a864f8860c6317f294d06aec94129740c78035411992492825554362d25bf2c43a2e8a4d22e5d4777c593c8686966684b95e8e4535fc0b4a0e53264f22cf568469e829a303cdd06c09d8f74ccef6b6028fde782a7285 -+Ctrl.hexxcghash = hexxcghash:8c691585cffd38a6ad0fd751da66c1a0f2b46ad6c12348b5a89cd24f39e76517 -+Ctrl.hexsession_id = hexsession_id:2d93238fe20a860db2fb8fb4c5a0525a2f8817abbb53773e4af9fb366a213506 -+Ctrl.type = type:F -+Output = 567a79e7c4b10d62a420ce2ea740661c08d9459ed636ecb4edebcedb17b0baba -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 -+Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df -+Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 -+Ctrl.type = type:A -+Output = 1f9e7ad5592ac73d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 -+Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df -+Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 -+Ctrl.type = type:B -+Output = 15b254fe3510dd77 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 -+Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df -+Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 -+Ctrl.type = type:C -+Output = 88eadd5802e1a748284684438eb1b1bdc9b20ea30c59950d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 -+Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df -+Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 -+Ctrl.type = type:D -+Output = 277c2c4ad3d4a3bec4bdc5329bb5f9d4e39aa06b1e115e77 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 -+Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df -+Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 -+Ctrl.type = type:E -+Output = 090d2f273a690ed1d67dd9919c34385b18a661f8657b84bef6832f2396771979 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100b3462ee942f026de0922ab88b6ebf5ee2c968a4e12cbf374593f3542c6eb619ea1ec29b958c65a83305c37008de3b691ec020cc989e6c5393dae36bbb3bf0d1a29ed0bab6d23f60e63e277119b7a4c0a5fa96d9c043a5ace58034052ffb71b8bf0eaea8a6bc9a9834c512d7470122c71908a44ef7f3227b512f6971c82436e96 -+Ctrl.hexxcghash = hexxcghash:3d5d7f742b08976755e2eb8457f1d9401d918bbf7e201fe0742f00ae799082df -+Ctrl.hexsession_id = hexsession_id:50bcad2970e07c3ad3f14db05d451d77304fe70927ba26815fcaf1f3a723af91 -+Ctrl.type = type:F -+Output = 1f3082fa5ac8ec565595c4c5b8a7ddbba88ed4936fca913bba6a8715dc856f30 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 -+Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 -+Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 -+Ctrl.type = type:A -+Output = 3aa08d67c81310b7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 -+Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 -+Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 -+Ctrl.type = type:B -+Output = cf46596878a17a87 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 -+Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 -+Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 -+Ctrl.type = type:C -+Output = 871db438b8b33c2102ddab0c1f7be51ee4c2cbdf52a01a58 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 -+Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 -+Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 -+Ctrl.type = type:D -+Output = 04ac13599b84c22be0f1e5f7b96def31598e6ad36be412e8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 -+Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 -+Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 -+Ctrl.type = type:E -+Output = f00c83a8afb5d1793749d4aae825b80e67ccd7f67e08f572222ccf42126ea2f0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000008100831889c603d4dc01d0d9f19f07ccadb6a9fa7662305277d59efbc872f38325de2ec2151f58649f5fd15ff3a099f0191dca69be0b9c88ef729fe74af849cc8e7479f8a5406842af88e12167607103cda449a1394c86b2c21d4083cdee216f74078d4e878b352df901727870815528ae99f74f25c21a8a39772940d871badb39a6 -+Ctrl.hexxcghash = hexxcghash:f77992d066bc305419a6c1b0879008856287b95ec20c2b1be5a5c8189cadbbb1 -+Ctrl.hexsession_id = hexsession_id:15bd2e8c86d23eace4a581377ef8a3f5266dbd081cfcd01ab2b68506438228a2 -+Ctrl.type = type:F -+Output = df0570749d67136095b0dda6d461676b7eeb9a386f126306d436cab16dfd1b3c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 -+Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f -+Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 -+Ctrl.type = type:A -+Output = fad800cbf8975a01 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 -+Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f -+Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 -+Ctrl.type = type:B -+Output = 679a118bda1f15a9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 -+Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f -+Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 -+Ctrl.type = type:C -+Output = 5193e9b3b10b7939b79b967b98e6cf3396758eaf8263edf2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 -+Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f -+Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 -+Ctrl.type = type:D -+Output = 3f5de8bec6d737836d3a91480ac76c19d0a90bc146f02d5c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 -+Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f -+Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 -+Ctrl.type = type:E -+Output = ce7be4fffd0ffd09ff45889d10c7be0edf922422d01cb71b737c6149bb1a2d05 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000081008fa89f9f89a2a2417a9461451a4b97343afd46552a8700e588638b0ef0ae568ffbaee2727ae3ae96271aa33b8439c1a4bad313ea42605ae0902817d91577b6a3c72fc576ee29544c1d6323bad205317d2265c533d82ed27a2dea64a8545c64e9772e81ce1cbfe265a51acfae74b72d5365366263541e50a567c3ffa594eac071 -+Ctrl.hexxcghash = hexxcghash:4d071ee398757c548fa72f77ed94d5b158a311d3655bb7a6e324c4e2a26be84f -+Ctrl.hexsession_id = hexsession_id:d1d34becf667002ace16be10726cab3c7d18ce7414759f62a83cb4cfaaed77f4 -+Ctrl.type = type:F -+Output = 60f413c9bcc42dcf0acc53d513dd8bc703f7e5d668f4e043f13028dcf40880b2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 -+Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.type = type:A -+Output = 81f0330ef6f05361b3823bfded6e1de9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 -+Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.type = type:B -+Output = 3f6fd2065eeb2b0b1d93195a1fed48a5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 -+Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.type = type:C -+Output = c35471034e6fd6547613178e23435f21 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 -+Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.type = type:D -+Output = 7e9d79032090d99f98b015634dd9f462 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 -+Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.type = type:E -+Output = 24ee559ad7ce712b685d0b2271e443c17ab1d1dceb5a360569d25d5dc243002f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001006ac382eaaca093e125e25c24bebc84640c11987507344b5c739ceb84a9e0b222b9a8b51c839e5ebe49cfadbfb39599764ed522099dc912751950dc7dc97fbdc06328b68f22781fd315af568009a5509e5b87a11bf527c056daffd82ab6cbc25cca37143459e7bc63bcde52757adeb7df01cf12173f1fef8102ec5ab142c213dd9d30696278a8d8bc32dde9592d28c078c6d92b947d825acaab6494846a49de24b9623f4889e8adc38e8c669effef176040ad945e90a7d3eec15efeee78ae71043c96511103a16ba7caf0acd0642efdbe809934faa1a5f1bd11043649b25ccd1fee2e38815d4d5f5fc6b4102969f21c22ae1b0e7d3603a556a13262ff628de222 -+Ctrl.hexxcghash = hexxcghash:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.hexsession_id = hexsession_id:7b7001185e256d4493445f39a55fb905e6321f4b5dd8bbf3100d51ba0bda3d2d -+Ctrl.type = type:F -+Output = c3419c2b966235869d714ba5ac48ddb7d9e35c8c19aac73422337a373453607e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 -+Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 -+Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc -+Ctrl.type = type:A -+Output = 36730bae8de5cb98898d6b4a00b37058 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 -+Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 -+Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc -+Ctrl.type = type:B -+Output = 5dfe446a83f40e8358d28cb97df8f340 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 -+Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 -+Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc -+Ctrl.type = type:C -+Output = 495b7afed0872b761437728e9e94e2b8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 -+Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 -+Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc -+Ctrl.type = type:D -+Output = c1474b3925bec36f0b7f6cc698e949c8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 -+Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 -+Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc -+Ctrl.type = type:E -+Output = b730f8df6a0697645be261169486c32a11612229276cbac5d8b3669afb2e4262 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010044708c76616f700bd31b0c155ef74e36390eeb39bc5c32cdc90e21922b0ed930b5b519c8afebef0f4e4fb5b41b81d649d2127506620b594e9899f7f0d442ecddd68308307b82f00065e9d75220a5a6f5641795772132215a236064ea965c6493c21f89879730ebbc3c20a22d8f5bfd07b525b194323b22d8a49944d1aa58502e756101ef1e8a91c9310e71f6db65a3ad0a542cfa751f83721a99e89f1dbe54971a3620ecffc967aa55eed1a42d6e7a138b853557ac84689889f6d0c8553575fb89b4e13eab5537da72ef16f0d72f5e8505d97f110745193d550fa315fe88f672db90d73843e97ba1f3d087ba8eb39025bbffad37589a6199227303d9d8e7f1e3 -+Ctrl.hexxcghash = hexxcghash:fe3727fd99a5ac7987c2cfbe062129e3027bf5e10310c6bccde9c916c8329dc2 -+Ctrl.hexsession_id = hexsession_id:fffa598bc0ad2ae84dc8dc05b1f72c5b0134025ae7edf8a2e8db11472e18e1fc -+Ctrl.type = type:F -+Output = 14a5ea98245fb058978b82a3cb092b1cca7ce0109a4f98c16e1529579d58b819 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc -+Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 -+Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 -+Ctrl.type = type:A -+Output = 32d20a3f5e92b20fe100f4f41a1ad53c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc -+Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 -+Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 -+Ctrl.type = type:B -+Output = c3a3ff57f99187ba011fd422100af577 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc -+Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 -+Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 -+Ctrl.type = type:C -+Output = 8517903c49d5a59ad8ef7cd8591c6b5e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc -+Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 -+Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 -+Ctrl.type = type:D -+Output = a5ad201101a617f1cd5b3a2baa3b27f7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc -+Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 -+Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 -+Ctrl.type = type:E -+Output = 16747a23fddd72f785c5d61dfb81a5a38555f5d8ff1dc5ae4fb423b82adfe05b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b1c637286720d11a9030260e35726621f54115560c443ded98d5622f4007cb65427ba8ae0831f34452349993c74933466f3307e11452150f4640010ed7d1ab87656232d9659d9982e8227c25d648189d2bdda3283aa5dec8a2105af0fa840592a21d96eebb932f8ff36f94a2e4fc3819d7c9f0d26a472fb5ae5a43a2d4906247d59c42512dda252205f60042e1900e1581127f25ace253b62a83f62d4703281a294f240df2aa34ddf437c9f278278120bc10e2cb99f7804ecd6741b1be5520c553cb89747f79b4e4efd3cf09b484eb1eb034d220da457546a2ebb28d7f2faf67de0630757b8ae05e27a761956d2e190fe3fb93b1c7c142f62baeb089721cedc -+Ctrl.hexxcghash = hexxcghash:cad407a823551726f9bdcb78e8f351536e4406e8ee64947ecc0074662c7c0462 -+Ctrl.hexsession_id = hexsession_id:a9c8207642627e6ee872999123b29e36abfdd071dba36ea6f0c11dd59ea46410 -+Ctrl.type = type:F -+Output = b1b1bba896b0fd75a90187eae6cdf744d23884caa5f4ca979ced327ca1239771 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 -+Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 -+Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d -+Ctrl.type = type:A -+Output = b5c636c93e002f1fac0b78eb423d92cf -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 -+Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 -+Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d -+Ctrl.type = type:B -+Output = 64d82bef35e924abf030fe42cda10e81 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 -+Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 -+Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d -+Ctrl.type = type:C -+Output = 76a1b8b85d0ea49c68f30d7448155901 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 -+Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 -+Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d -+Ctrl.type = type:D -+Output = f136e09324b1ef12b92bf35d5b3dd8e2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 -+Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 -+Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d -+Ctrl.type = type:E -+Output = 77abc45165b126f9127d59fbe655140cd3f768cd0498c29aa69cb5d65f7b0d50 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101008cd7061a3591b477989a4deb1bfc6debe874f753a4686eef11d1fa0e6796800db97c38497992b220d6e40d8f9154743b533666c8689db8cdffd38ac4009f85cfc6e48dc2fe94f78870138994ab4189e8d461a00b03425d8d838061b44e7ccd41e3a0332ab68afbf2919763c9f03747637db87a50d766504199fba6c34d216580fcd77756a6004ff485a79cdb646f0adde47a727e028261c808e0cb31928071701a0f2d2d237c293b93e80854f4e43243eaeb96cc25e00f74e2cd414c72774c7995757e93c0a9aac5ef5b0d23bef9ce475bfe697d14b815eeb0535d6e7e438bdb54aa2d8f50d05564d17c3ff2bc3451ca5b932f320c20f1c256c61ed503be2528 -+Ctrl.hexxcghash = hexxcghash:53fc521edf6dea9daf619676276766508d32c1964943e9bd40b4ed2cdefa7c20 -+Ctrl.hexsession_id = hexsession_id:14c6727d8e211c7632f930e716ab360e0916b1da3409367ef52d9e21512c700d -+Ctrl.type = type:F -+Output = d43f93faf692f59bc96fd480fb336033c94ee237ceece69691ffaa64bdd7fcc1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 -+Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 -+Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 -+Ctrl.type = type:A -+Output = 3b3c4416d3121a6838dd3f94a84b6ec6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 -+Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 -+Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 -+Ctrl.type = type:B -+Output = e0af22a9184e5cea74f3e90faf5212ba -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 -+Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 -+Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 -+Ctrl.type = type:C -+Output = a3a7a9e48cc09a927e2d6eddd7647368 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 -+Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 -+Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 -+Ctrl.type = type:D -+Output = b9411d2870e885e223a6b414ae6ac813 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 -+Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 -+Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 -+Ctrl.type = type:E -+Output = 7f11812c28229fd8e39367b8885045313fea6322f22a69b6436caa4fb6c2d915 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000101009b0b6fe41d565564f87ae984aadc75902d95828bdee0bba0ecc176afd5cc9c3ec79a34a9f7cf44ee6cbdcb5d8f027bb64c4c3b73e2f891ee06b781f3d7f02b59f95cbbfb2725b208856f3ebb8195fef1596248d56a371ed7acf3b973c627976e0cf156f340aa01acfbe9b574d4dedd4cbb66cb6ca5d9e76f16385be532fed8dd65735a3ecddeeb295133bb8a59499b4777242a4a7e463481d26baece4c7ef224aaf40af4d5108d024f5dd174cfdb91213939e355b0a1ca51ed6f7f584a4e47a0f1482d6a5768b1236e25d837cc8a2b49b2176bb54b2f77f4212ba394336e6a6046def9205fe482d98fcdd8d0a2643a39d753d2d481fe6689b0dc0d1c078335b7 -+Ctrl.hexxcghash = hexxcghash:27faf1b9a15e505a0b46c47e2bf6ab5fff37a6dadb09e96ea9562091f1d88ce0 -+Ctrl.hexsession_id = hexsession_id:6b52ddb87a66f0f1bb0dad39b462e7bd42bdeb99049d5a3581ca6f056c398228 -+Ctrl.type = type:F -+Output = 4fc39e2a1e7038f2664a48986e8227c213e577eafea082f46cb08d087e642fe4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b -+Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 -+Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 -+Ctrl.type = type:A -+Output = b71bd280b230b6fb9b326a3544ab9c90 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b -+Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 -+Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 -+Ctrl.type = type:B -+Output = ca38c1b5940e1417fb8caa6ab6deaf18 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b -+Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 -+Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 -+Ctrl.type = type:C -+Output = 5d02347e16760101a3689bf0087ed947 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b -+Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 -+Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 -+Ctrl.type = type:D -+Output = 2fb5e0eb5552f7e26ad9651bd22f1666 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b -+Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 -+Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 -+Ctrl.type = type:E -+Output = b7b7c4292a73e7d378284b12b318e0cd3ad714904b4ef9c83d44ee06ff49b1e1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100435266668e94e5f35d31f10f7b486bed8a88465cf30711e54f8c6550a917916fb7160c41880d364df5084446d7834e32917882c10eef49f8192fa6ff4c9498a12d87bbf710d4bba3e76a6681c7ac3470e6f5e80c55851dcca38a9ce48b015ab73b24e28e0553f3a1bbe1dfa9b67bb9cb9372ad0fb0aaf443c3a8927d00b9b2705f4d1b219c80f7caa637c986de79410c5924943128e64cf869491f19c1646cb403d8543d5aaaea7fbaaaa1a846b9851f4f708b14266e55839e1d61b67a60359c2c111841839225c0f940252506be02ba43fcc7c4be7cb01c64094fbd9a78cc331c6e7809e0be3a4b693adfeedd1b20ad36d321498b396fce7cf169b2fb10e54b -+Ctrl.hexxcghash = hexxcghash:d7303e57a2bf969f815c1b2fd08a879226c0e95c9897fb5586200c0f5e0a8a23 -+Ctrl.hexsession_id = hexsession_id:20ace711e8190f5bbd2168bc93061c903899acd41697b76d0f6667d2bf345725 -+Ctrl.type = type:F -+Output = c9884e71b158f2255fb204733e888bc5b2ee38a5493de9d0ef6700949159ac6a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc -+Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 -+Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a -+Ctrl.type = type:A -+Output = 88af3bdb49bd8e9d24489efc95dea1c1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc -+Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 -+Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a -+Ctrl.type = type:B -+Output = 5cf41e1d43f797c16a30e070f2f37dd4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc -+Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 -+Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a -+Ctrl.type = type:C -+Output = 7cc48e0f8b4bdd63f76e41ba411d7f37 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc -+Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 -+Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a -+Ctrl.type = type:D -+Output = 37d942416267be06cd1ff9498dcf1e6e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc -+Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 -+Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a -+Ctrl.type = type:E -+Output = c3c8b48e228a3a671ae8c48aa4e4f1fe32c1ad4d5ae48c904836d13e7350f72e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:00000100745f5abd8fb685eaae10854a96900806cd7d17d2d255990328594a4fdbb9fa28088ccb8fbf92ef23492a595f92c49d5fa32ea5ef6d76000635fb58496c9db824aaa41b67c3c2e8bdd525f6c6a224562c670076f6efd21fe49222c2627596b775c56dff5d477cd4cc008ef566086a495cf4ba634af20a42fb13fa52597dc252edebdfa57592494fd9cd44d0f7e27d6a6ff370876c42733977db656d7372d553c2ffc824fb02375e55069d5cccb493ec77001fb4cd73cbec6976bd45ae2cc0812c078784d917c0a0a54d8df6c745a2710828939be0685d7fc1657eee9c4dbc71615fab0174e62fb7971fa20f6d6b2da1c22c0a35c781c9dbdf009cec3d89891afc -+Ctrl.hexxcghash = hexxcghash:35f601a7877ef637d6c40b4f2e1d85b888eceac9f37e686254f9d707b22bd764 -+Ctrl.hexsession_id = hexsession_id:d04bce75141ed2a44942d98354ded46e861da28fc1175e5a22e8dddad4942f9a -+Ctrl.type = type:F -+Output = 605f7d3b3f28a8967402ba67ff916a61b0a4e9b736665c5e911fb33f60dc16fe -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 -+Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 -+Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 -+Ctrl.type = type:A -+Output = 7b91adc6eb48a6f82a8990efd2537903 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 -+Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 -+Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 -+Ctrl.type = type:B -+Output = 814c8fb54a535b38d4c2301aa49ad702 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 -+Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 -+Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 -+Ctrl.type = type:C -+Output = 3ec64c8571c7c7f39a9f37c0e1053324 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 -+Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 -+Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 -+Ctrl.type = type:D -+Output = 846d40dc45123f2710e27bd3140070c8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 -+Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 -+Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 -+Ctrl.type = type:E -+Output = c2199b9bd701c2f4ee82a145adc28f3e8fac0af8dd43cb7f3da173681bcad2e0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001010089b741b0b9a6704f56df9aafe5f4294828fdc67f4243e9aa9b1d83166ad892f2d970fdff65eba7fa5eddb954dd86bda5262e084752c69c6b93c729ad34e9728f7c838c49f0e87349ae35feef1610b83a345c64c5b190fb5857bf0aa8419efba35789c258f19e8713e2729c184eab9d9c33a32ab3731d77e207a91849625bb855e581ca0be5d9f961aab9d65b463e416ee3d636ece573ead0d088a2fe05d87dd5ed21031f4dbea831112d3bd0e1cc1087a8395430cde3cb54d22a5965dd825329bee8c62d4599fb67ff90260204c6e608e6246f768e29a60cb85f580d4751f9c017cbf4e6062a160c6ff1d0c9d303a2c862a4986e22f72da79b17b868cee189a2 -+Ctrl.hexxcghash = hexxcghash:61e49599eb3b01e3d7bc65415ce7004e20bf77805a4ff09681f3856adc129943 -+Ctrl.hexsession_id = hexsession_id:832400eb1c4031502f7249d0a4279a7cbe4d4d6979289d02837d98b9ca16ff46 -+Ctrl.type = type:F -+Output = 49f5fb8862a4f01900f9f76d6146f181483428beadb000d4f5097adf59c5eb99 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad -+Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 -+Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 -+Ctrl.type = type:A -+Output = 50afb2f3b8a3bc466b3a68f04da0d56c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad -+Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 -+Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 -+Ctrl.type = type:B -+Output = b8672a8cc59ee1316fb9a2c0a82ffd73 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad -+Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 -+Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 -+Ctrl.type = type:C -+Output = d854cbdb8f7544b796f982e4973d4de9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad -+Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 -+Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 -+Ctrl.type = type:D -+Output = bd6bde82c451ee39069d0794f7000f38 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad -+Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 -+Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 -+Ctrl.type = type:E -+Output = 270794ec70fcd9d742aad66c54001b4c218ae8cca813453560a9aeaacc6909ec -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:0000010100f7217049f9cc4f3d59ea109a06ac3cfb79fc05dc349e1c54482072c467e503494d845004c278dabd9338d3bdb3c2f3c58cb264d65575d9946961345dcda5b9ce59cc8fdfc994acb74fe8f3b1fc143abceedc541ae74d69cd543fa7438ac5b5c84168d6e6f7fba2722c279b7cd0c1e07cdd59bb231f17174d33b7c1a6eb199cfa093476cdd31292f3bff20ae224459caaec461c76d741f0e9269ba96676a3ccebe986a3843a36747a0998bb3feaba41671db20368867a13875f76136b2418b6c807335a7133b4e4fbc0e908516ce97458abec2a32355fb061237bada4e07b950a2b1c8d41201f1c0a41c771d990e4741fef6e2eb5cd106c3b4b6000ad07b482ad -+Ctrl.hexxcghash = hexxcghash:be79b302374817c2fd052704dfba5e98b05a8346db9269e6401265a1c7970d98 -+Ctrl.hexsession_id = hexsession_id:def8533bf220d0c632aa4f1b16168e51c0be904c6f299225b30bd7df7bbdc6f2 -+Ctrl.type = type:F -+Output = e967df7571a0eb82f59ddfead22c617beeefa25ce4afd80ac8320bc2635c70d0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 -+Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 -+Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 -+Ctrl.type = type:A -+Output = ebb3d10f461d8697a064461822f34507 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 -+Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 -+Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 -+Ctrl.type = type:B -+Output = bb95f9cbed695529fd7977281332100b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 -+Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 -+Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 -+Ctrl.type = type:C -+Output = da1318a6a34224cc86c9afa41991db4b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 -+Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 -+Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 -+Ctrl.type = type:D -+Output = 091f8fa87a01c5768de8d663ba8bf9d7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 -+Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 -+Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 -+Ctrl.type = type:E -+Output = cc09127a759000f3bd9724fbf5285cd680ee323ffc19cf2f495403f896587317 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA256 -+Ctrl.hexkey = hexkey:000001001b3a1cab1e87a29e229efcae0f569d855a61d6da6ea0ae5bed3491c7bdb5f70f6caf8dc305100160bbf6ecd726b11799da685ce4528ee689fe292043e318ad9f797bd5746399e007cf1f40d7918b85e4607f6e674da84709543dd0d50ad1d5c993770b4d0c045fdef89d5534c3d77edd8dc4536a10cc2b5d0bd14caa7e029ba8a81d5f5fb16524b56ddb9f35d96593955514b80d89b711ff717e11ad3d691424f6cefc5c613b04e5532d89f91383e4a6f45058604bb63876b1308dc7eb8f86cb5c032e6f1f061646e0bbf27b0c7eaa8216ba9381cb7734df24fe6691183c4823d3b645f3139a45b2b8ee3909bb431477f332ea3616b919724782fda8546a3235 -+Ctrl.hexxcghash = hexxcghash:fe491f41cdbcaec6b8821eda916eb03bc1a0e934c14850696f79bd30c73a18e2 -+Ctrl.hexsession_id = hexsession_id:df1c0910cf8b81ca157916b8ac0411b7363f62ce10ee23cbb69ddfe8c3f16be9 -+Ctrl.type = type:F -+Output = a3ceddafc49f7c0131ce2965945c3892be6605b465877bc0637685612ede242b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 -+Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.type = type:A -+Output = d31c16f67b17bc69 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 -+Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.type = type:B -+Output = 675340f27269e7ae -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 -+Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.type = type:C -+Output = 2ffed577a90d29872ea59f3782c3b406908d7394ff63c9d7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 -+Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.type = type:D -+Output = fae751987c1fa8665e4387e410297db58ff69b260a8fe85f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 -+Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.type = type:E -+Output = ff2db5975edf3824325b257455791869434c6af47fb0c8145253c2695abfd2b8c980565ad20e6b9313ba44ee488bafb0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100941456bd72267a90690ffc873528f4b76394431aceee1e24a7bed414568d9b97c84ce13d34a2b4a63ef735bac23af0b7fa634a9e56c2d775c741a61d63981332f9027d3f52c4a9a3adb83e96d39f7e6bb72514797da32f2f0edb59accfc58a49fc34b198e0285b31032ac9f06907def196f5748bd32ce22a5383a1bbdbd31f24 -+Ctrl.hexxcghash = hexxcghash:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.hexsession_id = hexsession_id:e0dee80ccc162884393930ad2073d92120c804254162446b7d048f85a1a4dd7b636a09b69252b80952a0581e9490ee5a -+Ctrl.type = type:F -+Output = 85a9463cd653c7619d4dc85006406d6ed3364220419ca13810301be0f0389d932ddeaebb0e504a0849e2e73a7d087db2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b -+Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e -+Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 -+Ctrl.type = type:A -+Output = 93323451441b761f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b -+Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e -+Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 -+Ctrl.type = type:B -+Output = 3dbfdc2364807ecc -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b -+Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e -+Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 -+Ctrl.type = type:C -+Output = c699e3488f825fb24c5e2adc699ec83a5d8fce339fa0e9b0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b -+Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e -+Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 -+Ctrl.type = type:D -+Output = a250b13da0716f2d4440cc4cac01a2d591002ebfaada9758 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b -+Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e -+Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 -+Ctrl.type = type:E -+Output = 76966a1b7d5f250eea3696077a373b9421e8294dd7cb0aedd172cf9c6879ef34c9deb9c208f11c5d4b6fd713b576894d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000080319534aabf1100b1ef3ec089ba6e5b25946bdf67cbc92493c29d0e63765ee38dc27e15720393d6aa5741b2129b24ee6a71c079190588232f4facadd034dd6e456bf45aedf72a059eca591ceb2d7c50f8ae918528872f40eaf62faa511d6bfbed4b8613163c42b99eb30c20ecce1c36a78b93fb0046467a0bcb41dfa1e609b61b -+Ctrl.hexxcghash = hexxcghash:0f831ff3e907b3f0922722bd8073b2c263c77c7f552c0b0b12be68f19520b1ae2bbf62a9dba0f582d5f0197c0d534f6e -+Ctrl.hexsession_id = hexsession_id:dede417f4b45d58d54cbe59e7d80bab3150ccd99583aa87f7ecde731462d074edf49907278819043341d1fe20e136563 -+Ctrl.type = type:F -+Output = 28a66e21fe7f8a070fe40ecf68a64f2a35a46b84ac38810902639906611053832179d5c07a8422993496059af67f585f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a -+Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 -+Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 -+Ctrl.type = type:A -+Output = b0db344b1e2e98d3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a -+Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 -+Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 -+Ctrl.type = type:B -+Output = 29fcd6a7d317f527 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a -+Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 -+Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 -+Ctrl.type = type:C -+Output = 156f9d4c58d7783959e785af3fefb133662009b93891bff7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a -+Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 -+Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 -+Ctrl.type = type:D -+Output = c4bc4471e2c7f04dbef9100977e222f4156a7118a122f6cd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a -+Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 -+Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 -+Ctrl.type = type:E -+Output = 5878fdbf693638430e31b287ad8cfab560d952d7a828167bd0454e0c8aa14274c7c0c1921a31575f77fd80144e6d2999 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000803b4fd086d25a4bf0b5347a2e323d45525b12a3df508b9129ae7d51637b6fc76aba743d7ee254888ee6d49314ebd8b82e25d187e80770ff6365fbfe96029e23b92ccbb2bfb4cf27e175cd09154b0e68d75a84c490f936ee0366180f781049ddcfefcb4bf25409ba8a8a9a3296cf0619bc51363abfd58cea3d0480673d8ac8370a -+Ctrl.hexxcghash = hexxcghash:8fbe46474bf6ccdad0f706492c4b534cf5698b38afc4b21a6af4a00c3ccda689cf5382e5de34a48bd798f083570ad411 -+Ctrl.hexsession_id = hexsession_id:a397aa78a58fcf619f1e8368018d6e40934d4befc96671a63aea4558d5e54c9f42bdca50f618ec84b2d19b539a1f10f1 -+Ctrl.type = type:F -+Output = 1fdb34ae9d2f12363350dd5aeefe728066500a083668ac2d48af671d7651a67acdf9b7a0581b922e67278d53f0b2fb17 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 -+Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 -+Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e -+Ctrl.type = type:A -+Output = c828150149eb433a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 -+Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 -+Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e -+Ctrl.type = type:B -+Output = 45636e088875de58 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 -+Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 -+Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e -+Ctrl.type = type:C -+Output = 75da9408e65f61dac9dafa496675214b0d84b0e66feb68fe -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 -+Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 -+Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e -+Ctrl.type = type:D -+Output = cb7897fdeb2c235be5812d1959cb55907ff02a9cf6c76c17 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 -+Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 -+Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e -+Ctrl.type = type:E -+Output = 13a8062561c28c1bc678a019b22da95aa462f82cfff6268876ffe2fddc86536fa4d19bdc15d90c1cff4d37e69f1fc021 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801a3eab3e516f776ab0a282861a42fec52223859d5af2da778727bd0363ba5983b5d883cd75132c94351a7b5b23fba10aec35a78ab03ba183682b4d3e72c67bd1e6b83afc5178c97624f718243d9377694f085e15cef33040fca144e856c74ab0e70dbf4a7766aa916e5edf184ae7dbd3f19d2491e45828fe5969d61075695e39 -+Ctrl.hexxcghash = hexxcghash:5e9be9089c8b952d8ffdb0cbdbe5bb6c1f336e6620292da1ab5eb92eef379655579e24cd6273bd4f552d46dfa87df917 -+Ctrl.hexsession_id = hexsession_id:c54542e32ba1ae8c266781c6d14c8356d6f548cfdb8a303c4f1c947318610eed8ae3d6d4350ab4dddc7f9202a510d32e -+Ctrl.type = type:F -+Output = 69437ec44d764caeb89faebf7b8577b433677abcb0c58f166a5e5724a4eb293d335004d412c983d4c7aca4df1b8328fd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 -+Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b -+Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a -+Ctrl.type = type:A -+Output = b669e05aa9706468 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 -+Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b -+Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a -+Ctrl.type = type:B -+Output = 57f943111ca01b15 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 -+Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b -+Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a -+Ctrl.type = type:C -+Output = e9aa354b6b85f357d6f982fcc18a6ca797bd7a125e786f8a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 -+Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b -+Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a -+Ctrl.type = type:D -+Output = 199d2b244689bfc4f807f225a7130a069c8a181f5b20d32a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 -+Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b -+Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a -+Ctrl.type = type:E -+Output = 69b55cc82d0429979a3832a3be35483596ff1d26a0c1a62944695764f0eb85c3467528be225db2f516e79f23c0c7c23c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000810091473fb24a9fca3fd1639c029c0e6ae6390c83b3278336017068771569d0957bf7ff80a8f188b936f7e238502efc86e518ebafcc4ecdf1b44f01bb070b3cc88c1b23937dcd04c456987a3b75df3874ca54a10e7f4a3123a7fb47365a7552c9e3f7070ec19d1ebb9922dd10aa0280222db770a71ce9541b60b53d9e7783350100 -+Ctrl.hexxcghash = hexxcghash:d0bbb1a81edca6ae7ac5c9e60bf447d198bf875b945fcba06b0074e640331b2205c2c055864c011913f6dad3e34ed44b -+Ctrl.hexsession_id = hexsession_id:58d7b77f0cc5480254c68e4e9cb06a1ea5389b39a3f9cba5c9ca03a091fb123aeb5934c519b60181d097b8cc9455b96a -+Ctrl.type = type:F -+Output = 6e06df643269751dfc9c8decefe466e1ab2ab99466661aa6f0dfab223c3b9bebcaed4c19cbc4109dfacda81cc8f902eb -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 -+Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 -+Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b -+Ctrl.type = type:A -+Output = b2ada53484907db5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 -+Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 -+Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b -+Ctrl.type = type:B -+Output = 89224486fcb33030 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 -+Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 -+Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b -+Ctrl.type = type:C -+Output = 38ccc00303d5aaf748f3c11d986b99f9bf36049a6f7ea92f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 -+Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 -+Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b -+Ctrl.type = type:D -+Output = f8a7a4b2e1d28c6a38e120a2cb876ed49f454ea2aabc3a99 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 -+Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 -+Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b -+Ctrl.type = type:E -+Output = 9f42ab15d0b041019960ff6a5a12e209c427dc334434126399fb8850ec8feda957b74f1976b4c8a97906d7d64c5c2a83 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000000801b8e7d2292f95d97c99e9c93fcc681f2a446437d7595137f761eb9351f50cfb71988aad2d9611a5e3d32c58b1efef596b2b495c12355b6caa5c647237670c7cbeb7b7ef5d39b600b44ab1cecc7ff454981f70366f5dc95f790c9744e55b0b5cee770df10dc3f081b8774b4735c86917384ed7da0b597bd932e676b7ef6fe2cd3 -+Ctrl.hexxcghash = hexxcghash:d1ecf201e213b656e7e002d26b263ead5ef6f265a2cfd05eb83985dbc1dd0620f729800a92f676e6c8219aadbea0a037 -+Ctrl.hexsession_id = hexsession_id:fc6bb80f9116c6746603327d5338e853f37b06593402e31bf5a43abd5e6de8f26166bb572ce0c88360a7bbbe83d0377b -+Ctrl.type = type:F -+Output = d383bedd3b80ddc470db9b819893e85dfab9e359e40bc77576e23ed8c5e73beecefb511ccdf1eb66416c271be5f90199 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 -+Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 -+Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 -+Ctrl.type = type:A -+Output = bac9e6c9553bba95 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 -+Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 -+Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 -+Ctrl.type = type:B -+Output = f29bdc017028a9ca -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 -+Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 -+Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 -+Ctrl.type = type:C -+Output = 840f7e966d633f57bf6cfb3e6aa6bb1435bbea5822c9db0c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 -+Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 -+Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 -+Ctrl.type = type:D -+Output = f78b485e49bf72584e45de78fbd75392e3e0b1ce2a57e7a3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 -+Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 -+Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 -+Ctrl.type = type:E -+Output = 9dcadff513667aee5e2fda86c4a198db4252a9311635d3659db957570e448f3689444dd3e10d6097a07dba923db349ba -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000081008efe3279e8fc51acceea0ad5958364c2a36315d92ce4d68f6f8486b3160293e4eff79998474b954431a6981864a34445b4bd68e5b598dbaba4de5661ef0b09d5dae9b1633da886f1540d1df601c1acaa139de540d3d8d0b01602559a833aab87730de5c6875b78f5ec6d19145db46e2a77cbb9ec39b1bdbd5ca3be193dcfd622 -+Ctrl.hexxcghash = hexxcghash:5f6f8bd8d664b1f31c615cf457a5c7eaa8733bba6557f15f300cfb364b0ea927bcfe406ea5fb7e03ac648fd18cd93372 -+Ctrl.hexsession_id = hexsession_id:a89ecfd6636423e8d5ba8da3aa8367092b1a662df5693c55cbc5bfabb97320d90692e6c9305af47c25e6617200648752 -+Ctrl.type = type:F -+Output = 5e7915ea90a0d81e3c2ada00c85890b6defbb64f45ac4f0e75b22cf6187978e630f356207c97362862389a1ef99fb51a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd -+Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e -+Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 -+Ctrl.type = type:A -+Output = 11811427eaa92d61 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd -+Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e -+Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 -+Ctrl.type = type:B -+Output = c13f22e0bd66a551 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd -+Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e -+Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 -+Ctrl.type = type:C -+Output = 2b9c9c8ecae95d75472495363ca2d46dc79babdb2e0fda40 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd -+Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e -+Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 -+Ctrl.type = type:D -+Output = f466d9b9871c1482c699a5d9f8636a041adb60920c6af855 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd -+Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e -+Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 -+Ctrl.type = type:E -+Output = 1ecda0252461bd08960c54ba7c570e80715780e5e99ca0f754a3d451409ed2df928daab91ed6b4044fcc68bd5f907c96 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100a89b3f9628a4f984336377edc37d3bed4aa748fa0b0a6bc80c366e8ffdf0ccbbe07229c5f02394b230759d5255e3a7d7f63a2395e2f07e2d31bf885abaea150e1f97808f26f8fe8c5113c12e4d137844160a433f8451faaf432bd7c0469dbe713304c8bed29c03cb7629cdffebc253d0a01362052f55576fdaf89702fa33cedd -+Ctrl.hexxcghash = hexxcghash:8467d0335e6e254eb02253f97cd14c0221f1b21431a4ffe1c20675039d0ac26fa70a0c4bad639834d88d01f6c1ea878e -+Ctrl.hexsession_id = hexsession_id:9a100a5b0ad81f1c603e05c5d24415f2aa7031c0d92f16de15cab350bb1a2cf3639c6906f4e220e057deb966813bbb35 -+Ctrl.type = type:F -+Output = 202e4e3dda18306c7fa518ea849cf3a4788dbc5305f71267ba69fe8920d3b18d9fc59853a4d03b18480269698e24c190 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 -+Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 -+Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 -+Ctrl.type = type:A -+Output = 86183fd862bf42af -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 -+Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 -+Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 -+Ctrl.type = type:B -+Output = 04e146b085c71253 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 -+Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 -+Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 -+Ctrl.type = type:C -+Output = c4364d4e0e38fe4c5fc2b2a3ad42e49a57106ffa962f4c5e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 -+Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 -+Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 -+Ctrl.type = type:D -+Output = b9d1549032bf336c8708f13d8f5d281d696b8bddc296e709 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 -+Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 -+Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 -+Ctrl.type = type:E -+Output = c7ee72c40b26fce673ff23edea3265dfeb7b7f6fd66362bbc91548fac1819a08682c65c7d69d5e54e1c48b05e7233adc -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008100f6e899f2b7542fd95e88e06ff0a68e43df6f3d913f1295922bd01b98f7078b67311e002cafcb41a65262585a78b22ec97c81278f3f329d726f08fff23f4ce5b90abc694c92195fe7bc140579f54c6b89d81b836a8d3998446aab9055904ef1e0bb7553739d2351c8cfae0fbf50d8ced4bbd3975450569d0f9e441a3ed3aac776 -+Ctrl.hexxcghash = hexxcghash:1853bb0d312eb00d1c700d25ddaed9680ecf28eeefe9323566dc91ef42a85b2e3049286621f43b928e2b821e5605bf60 -+Ctrl.hexsession_id = hexsession_id:da7d22e3c7815b6a6089f381ddd957df3ed78e97902133d62d3ff6119d8c174b69cd26e627d6ccd98f847521aa0e3896 -+Ctrl.type = type:F -+Output = 8b52078a6d45dfaa051193da8f9c8a18bfd0c058e7be145d0c4b5b677eec54a01f9e2a20c997e9c0a1ede9576800cfe5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 -+Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 -+Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 -+Ctrl.type = type:A -+Output = 54f4be4a33dfa102 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 -+Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 -+Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 -+Ctrl.type = type:B -+Output = bbb084483803aab4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 -+Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 -+Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 -+Ctrl.type = type:C -+Output = 466a038b3a5c0d72cf19cf33e5a551437933dad54bfed655 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 -+Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 -+Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 -+Ctrl.type = type:D -+Output = 44e09698e473edc642256e99bfbfbeab1db3e254d64a3ab7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 -+Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 -+Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 -+Ctrl.type = type:E -+Output = 8e35d767e738c4282ec1925ba5d59dad723b7220c10ae8b69c9eb3da124ac1bea8195f5ecc1c3b03953938cd1e0e190b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000008008483322bb2efee6320ba1fe14f296e0b170f9a0c6f76a49d0b23abb74251da468b53fb86ddbbc55a5c4881686d1aaa9b309b65907d92352c83597126cf7e3d367f543c8887105403d9b2ba86cf2bbafd4a984dfe8ebb7b8155c51d6416c89b4efb91ef5953b0e54dbcdbe76443a80e5cd011d7d6c9bc69ec81a19749b95f6c0 -+Ctrl.hexxcghash = hexxcghash:ed7b1464334bb8a04d128b791cd860c1546faaf860aff394872373f5ccac0835b47cfeb8c3d049b211cb7b570bcc1f83 -+Ctrl.hexsession_id = hexsession_id:cac7b46b66372be67b4ce198311faed9ddc8f8b95f6c61d8c71a1788724ab6b8d159e2ba61f937e6d87bbb9cb24a9fe7 -+Ctrl.type = type:F -+Output = 63e5c62c4e6f2700bfa5927ca2e730101c12a684808ddd6cf5f9da2bad3b49ba3d05d4f88a3a91f341ad2b63952e7db0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a -+Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.type = type:A -+Output = e46fdb8c912658c34b7d509f6acc1111 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a -+Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.type = type:B -+Output = 959c339aaff2e2ed46da46c5286ddf3b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a -+Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.type = type:C -+Output = a1cb0f9c7349d6443494df14b4bd9aad -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a -+Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.type = type:D -+Output = cdcd2c2ccbda238e184058b76757ed5d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a -+Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.type = type:E -+Output = 026ae927b4a5b63a513c02faac55534dae5c219779f08e239f67df78c52be743aab628607e5a103127450ea51833eb84 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:00000101008174aa2fab9372c253f3b993d723b55a2484430fb338095852b7a5099f9d609ca6afa6bff9d64a55f7ef0963c684f0d17ec6045ce57ce3382870d55fcac0e1341fb47a7f76f0d5d53b67fd5e0658ecb88ae2e2e42aa4b83b8cfcce9faae941450ace059a7f223623d1c8a9924638de7eebad35be9c9f1bf38aea041114351d585a1988ba53cccc6949150f367fd790fc427916afa2cccd1d2f1aa8583b948dfe56cf488b38ec2d2570a0e0441c07ccec8b5b4db5f60250741b1aeb0bf49a85cc779ad7465f0c197735698842be2a39af8591ab91c84b704e67e50cbcdb75c2799aaeba0184341dd520f6db8477f13d5815d37f191ccb20545e4a1eaca316370a -+Ctrl.hexxcghash = hexxcghash:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.hexsession_id = hexsession_id:09d74bd79b47ceb3ada0d8df640595ba861ccfa3cc0d6c640eaac21d2d5f3f9fe61fb2e585fb6cc90bde11967a563c4e -+Ctrl.type = type:F -+Output = 759fd6bd386f4825e644521edfce4187a7104ea7380f2c6c5e283f205c7c025be46c5ee73bc54a956f268c2031026bf6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db -+Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 -+Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 -+Ctrl.type = type:A -+Output = a433ac21ceda36a9d98abec722b2a5e7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db -+Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 -+Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 -+Ctrl.type = type:B -+Output = ed580c2c7890d5f3da87870d71d96300 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db -+Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 -+Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 -+Ctrl.type = type:C -+Output = b310304108476a31154febce2bfcf44e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db -+Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 -+Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 -+Ctrl.type = type:D -+Output = 63d729b0e32d9d7efe7efdc6111489b7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db -+Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 -+Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 -+Ctrl.type = type:E -+Output = 7443a278e0c47e4004ba1c534dfa5c460670d2dd4459a6dc7251664da187f633208f6c06470f6aed6148820187f35a25 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c10fff0a20858c36e41082abaa65b96c5424ab67563882a42237258e736b5cfbdb2867df55f8c40f81b34e8c4c55d39c4629dc2d833257dc68070a61d10417487ef0840b76169145402327ae81f35cbddae6c2a45d52f52f48a0c94acdb20db076393b5b1e3d1a7acee3f371bdaccfee696262eecd20238cc54322e6ca72e58708aeb19bf761054d9f7426e4ea0059bd252beee03dcad1a7d6d034b4d9d307218bb3d7bee3a57572ded304df1dd8f97ed9550ebb0f5c25ee3f8c6df3dfc2aac92f364ec91040d001c5cb1eee33c1d43112e5a289b46706c7f12a327620cd98fbce2e7fe7b7bd0e05ee0005182c35ded65ee1d86aefe816e5894e07536697a7db -+Ctrl.hexxcghash = hexxcghash:62b3155ba0c160f838a6949d0a99b144868a7b247c583a53f431129e39aebd40e2feb4dbac7527f993ccf1646d559134 -+Ctrl.hexsession_id = hexsession_id:7e4674330fb6987b64ef7f30335d171676c705a6b9ed958adc6b6fd16949830d3f586eec44812d0518cc3ebd4292b422 -+Ctrl.type = type:F -+Output = 37500b699935ab38b9185018d3676f221dcd6643ba4cf3dccf8ede7ba2f0513c27ad2324158ae98df4e7fb52ffb96526 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e -+Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a -+Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd -+Ctrl.type = type:A -+Output = 8ad38b03467ef0cac638f93b156e1c05 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e -+Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a -+Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd -+Ctrl.type = type:B -+Output = c9a867164cad7619621c2390039db88f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e -+Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a -+Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd -+Ctrl.type = type:C -+Output = 28d6e6a69e686b3b2ca02c7595b6a565 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e -+Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a -+Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd -+Ctrl.type = type:D -+Output = a3486f9014731b15530dba7498d4b2ff -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e -+Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a -+Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd -+Ctrl.type = type:E -+Output = 9640b7d6c1351a44dcd430f9728083949adbd8f3c47f1c7358b41d99730f0eeef9f8634cc99207b8d998c8aeb0085e4c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c9d019aa8ab57cdbd1600def08b92f4a90b8ddb1c3fd329475e28ad9388525d5a813756472458bed674332a649c56eecb6cbba726b9afcfd9ce1f490bf327de49978b34fb106ae1ab4ece2f241e0b67ddf03bf835aa2dcc5cde5aca913d2a5ed74d1ad0e945169f10772d830fa5c33c7f7d543e2d2ac09fa03ff1509b94977cc0dcb8a464104a3e8d9f99cbefac4361b92517f14eda2558d572ae7410a78962e596c542a20d3aeb49cf41b48b54b387dea7c24c72edfd656bcb64c605b741c7b03892020ca2ff34e0b13534228bd83c9c3ffbfa219602041ac4238904bd782da7e3c653f518891f7ac1e7b05b7e37baab18eb54e8de76dfa8c803a0df843a28e -+Ctrl.hexxcghash = hexxcghash:a970acc5597f7965dcc540dac7cefde594c0232180187a32364b42dbb8d0307f8c3f52678e303e2f315b2ba1cf62863a -+Ctrl.hexsession_id = hexsession_id:bad9943e089550d17b90f2a34409660c07a39be5d48a77d8e1ad25726c93096081831c24e876060cb96def95df9a7fcd -+Ctrl.type = type:F -+Output = cef923f7cbc47534d9a6da613eea02117b19800995f66df9e49291203ad15e5d29cc08df86200bf09ca091b37cc45432 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b -+Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 -+Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 -+Ctrl.type = type:A -+Output = 1e2fd838058e4569de0699e57eb9bb30 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b -+Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 -+Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 -+Ctrl.type = type:B -+Output = d338052b2288e99bfdd16b5df26e3d3c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b -+Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 -+Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 -+Ctrl.type = type:C -+Output = 020c58037db045fc2a20a9b12e34205d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b -+Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 -+Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 -+Ctrl.type = type:D -+Output = b1e7b4361aaea7f9656151723c21b9a2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b -+Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 -+Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 -+Ctrl.type = type:E -+Output = 67d80666ba420d07153530859fed5a3a2f4b6decd37575714d4826f41a96a1638b89399cdd752af7f6ffd3db0214f0c1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100ba6b819aa094b3b9a2e93d37eda5df776720cce40858790532b8ab0de613b8e20efcef330eaa9e4ab290fd670b8f8ab1e2fc217d575655a7c39740ce223675a4376bd039f24165d83268a3e3a5b6e05f1b077dc752c90781d0cd6877c91c1fc865586bf661f28cbded4266f1b9364ae7233e6003b47088cb50f81a631d4b1d200f8c38455ad2217eaf03b6e0a0861aeebe28ef0fcbac5526bd06ebcc44f67de9b908f0359076527f6ff7bb959b3adfc9ac82728d7627bf506ffb2f8742ae28ce3ca7402c25b1cd3dac6781776a35549480ff537c33f63796dd5de4c64e1ff5546689d8f398be911707e0b5d347b8456e89eb2262270ee1de85902b7deb60b02b -+Ctrl.hexxcghash = hexxcghash:e94db0c0969c8f09c1c0d63fcca9f316ae85a0c034f118958c714fa165ac71a86bbcc7a4c017c11b9558bda897455f99 -+Ctrl.hexsession_id = hexsession_id:a01426386ce69a9a9f101394e831dc9d17a6dc901349f3c3f4269788f5c5e20316c233d7632005b1771e5bc2f5ddf4c2 -+Ctrl.type = type:F -+Output = c3fb2ab670e39885cbb98a4609d69a90afd37d383512ad222d63c9c6f1009e2a42065a232ab5b39f55247f8bf9e6ab2c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 -+Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 -+Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 -+Ctrl.type = type:A -+Output = 6e9bb7681d56457fd93aea6d40860dd9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 -+Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 -+Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 -+Ctrl.type = type:B -+Output = 5d19ce6c6b16c5f2179753a7abdff3e4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 -+Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 -+Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 -+Ctrl.type = type:C -+Output = c550416e8ea0608a09051cfffe0494e7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 -+Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 -+Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 -+Ctrl.type = type:D -+Output = 33c9f3f03de395cef067684cb5b95200 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 -+Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 -+Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 -+Ctrl.type = type:E -+Output = 99071b0615bdec08d040e731828028fac9a16d367b86d2d1302b607cd39ac9678ae7f9f87eb619fe2ba75d54da3b07d1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001b9f110b05461796db3a0b751638b552e62a062d7b891591ac75e237d47f5f12d97a5d19be0718c8a2fbdd9100249c2d9ca59bf491b10afef75f61c53ae92455e8cb016e230408c869ea1c5f5d62e853ae84727e3d1f1bb0a0faa9ff575eede461f502b90ca38e8effae09478efedd16090202bf03530d03d0a2aa70825fb28c606b7545bdde26d606c059215a9f947e60c4b5de9b35a3704f73a5c8bc8811387431b7e90f1ddc71cf0696497fd640cb9b1b8866bff5d85e879e0a7848722d34cc62844afcc6318fe73ea80e484c3e62feb0cde9269c07edc0679683bc5427a163a4b4ac463802293f7c968e4188e7966b559c2581582c67ecda0c9b3b8eac94 -+Ctrl.hexxcghash = hexxcghash:8886115c2324dede13be6895605a439c6ec48ca46f3d82170b863dcf1acc26176769626df893ebb7ce8c9432058633d8 -+Ctrl.hexsession_id = hexsession_id:331f7e0103de46d90dbd885dadaf67c589bc6b3caf25e45e329d864c85b7c9ae17b27cb92a81c9b4421f431014cb0e03 -+Ctrl.type = type:F -+Output = a11fc539c46d9314645e1f7517e19794a6ba4bf7d7d5a6f71bcb4621bfdedeae3bbcaa62fb638d994d1f21d14f5777d7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df -+Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 -+Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 -+Ctrl.type = type:A -+Output = 876692595fbf1239e03b1eb28890cedf -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df -+Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 -+Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 -+Ctrl.type = type:B -+Output = 438afd7eae8454675ed5964122fcbb9e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df -+Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 -+Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 -+Ctrl.type = type:C -+Output = b9cc0e2718c5853e0aebb43409fcaaef -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df -+Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 -+Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 -+Ctrl.type = type:D -+Output = 8def9f93e633ac2d28a7c5b76567a4cb -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df -+Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 -+Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 -+Ctrl.type = type:E -+Output = 3d80ed20f0703857154bda8531b12b96cf73aedfc662df6faf277321be6e38c904bfbd5f9206607684ac331dfc92bbbb -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004db530516876fb9937bc2da16117f9675c721da6b80cd49e6b6eb0df6fe4af90ae755378e77e28dbc376e000903b1365a7b3cddfaf19410b31ae44e3e6641c5d47002ac5b261b1c4f7f301c8d16a917135c23bf7f84f15a6143e7e3466c52e1e3c30026f15d5254da11ced1b817739768de9913aca2d808acaa31e933763eb438238b347a6bd07834d4f661690cdb2372b4205aa9ad80df40340c1d0b1db320df1d1b13fa2ff4b9ee4500c9d03f45e75fb15a97b833ab9827708e4bca8fea562d69fea573ca7b5905c71e51dc9f24a74bd0c596051066acdeb66eb39c76fab66b10bdc88e1b72bba8aafa342088cd4a739a18e61c75be6b5df0904dc5094f0df -+Ctrl.hexxcghash = hexxcghash:12ce3e6a5407943831d65608c9fd59c972689136289af06071c015f8a41c9d1536d0afdad084322f832415fbf199d044 -+Ctrl.hexsession_id = hexsession_id:939c41734aa3db9d9dfac7a7db54c889da38d8bbe00326f559a3b0f92a96b5ac3a454d8355ccd0f31099021d0ee43063 -+Ctrl.type = type:F -+Output = 736e77ad5a8fac835795ab08522d834e34a4cbc48439db2845cb1d8636a4dcfd49a7ac5413713a8177c277eead96a0ff -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 -+Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 -+Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 -+Ctrl.type = type:A -+Output = c84a4fcd4ade28805b032174428a6f27 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 -+Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 -+Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 -+Ctrl.type = type:B -+Output = 27b0de69f3bc7d79d2f6b54101f3e10f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 -+Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 -+Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 -+Ctrl.type = type:C -+Output = 3200c39e6ed260f4f345cbd0c88cac1a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 -+Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 -+Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 -+Ctrl.type = type:D -+Output = 7b9e506a1baede9b80dff09253a9ab88 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 -+Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 -+Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 -+Ctrl.type = type:E -+Output = 3c860ae21a5dab865eb560ed9ddf51775d3b6603e4e06285cf5e9273115a77d8d5ddfb977fd21c0a70c35798a5ef596e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001004d7ba3e909e1e2886e00db333430d7cebe5107e9701672a2a1bc0bb5461c620c56fc8a8aa95a577cf48ac2e5b35d948e468bbc6232527f6a4e3bf5ea0b2f68b161ee3aadeef596c683e511bec1ff70df312d988eddd557952720f82f69882107f67880e38efcca68429374d85831eea3ac133a6a89b68a9ec27c71a67c87addfddb7040a7416ead43e29612dcdc5b7e6a82ad5cd243e8a6dd2997c44ad76a2a20145f89d7e6b2a26c2c0f2ce7d60b1f45410f9ebb79b52dde560f8c7c99b7a11d645f6ad6f94727cd2ea9d48ceb27467ee60371e6919a3ae044c8941a65182c94e8efd7b5c7eb45935baea722628d89d89de995d82b620059fe1054927864a91 -+Ctrl.hexxcghash = hexxcghash:f3cc38427adf01b9483d1f9e4e9acef554a8c7d0d8dc088d3865f05bc06a4ff11efbbdbca7ab0e0c0e2df55a93f0b4b9 -+Ctrl.hexsession_id = hexsession_id:aae879d8c0c6762d28c30fdc707b169a2155f8b8a943ced399a56419be89cc9f66ba9282d85ac4e53e0d5ae27adcf393 -+Ctrl.type = type:F -+Output = c53cfa0836ac21bb13c58ed15ddf593e8e01c7437587112ba013058d411d262d87a5e56c098b69146d9019803206ef91 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 -+Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc -+Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 -+Ctrl.type = type:A -+Output = e34b595f755ff42a33126d8efabe1ec0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 -+Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc -+Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 -+Ctrl.type = type:B -+Output = a873f52aa3b91a8dd019be8358c04de6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 -+Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc -+Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 -+Ctrl.type = type:C -+Output = fce5c490a769fbd4aa31b0f5c7aad86b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 -+Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc -+Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 -+Ctrl.type = type:D -+Output = d36a9b7d2c63675d2b250d5a97b0e628 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 -+Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc -+Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 -+Ctrl.type = type:E -+Output = 92c8f89f84575cebb9c37be3a488d0b0312a12d9253dbada7db1318f5a193d4f8f75a212a75c1123bca89d5de43cbf08 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:000001001cbe25a738580c94ae733a5d4e9e61860bf1a68dfac365edc5818814166cfaecf269d07293d656c8e99973934b5f14eb4bcd1ac3c388596221f65f66e1193463bd41fcff389e458ef7f1ef858439b600bca422cd29c84d2cbc684c7a85d8b44f6a43a5fc53bbaa4ad1a6b0f2b841278efb1fbdd2513e6603984027efb81c72d8c4cbadc8dec51089dcd43ed3109ddbc6db29534186a237c5d8c3a66dedbb51b09937b1c7d4cf6cac682ba2dd1c9cf901d66f1a995f945d5ad12bd7bfdd3fcc5b0852376b9834f0bee3f7a666f587bd2a3b562ccf129b6132c902738fd0dfea3ff9538961bf5f59ac1779dd4ed68986059881f5e08be5ecd1a59380392e81f0a6 -+Ctrl.hexxcghash = hexxcghash:b32d4e6b47772e651b867558a03f488fc00c715c196c7abb1abf3ebc24a638edd058e77aeadd9aade5ce34f43e19f1fc -+Ctrl.hexsession_id = hexsession_id:5d2a819b135d8d985643ceab3461ede24ed192c60471676031b4b1f8ae71dec657547fdb3a43f75112855ffce72b60f4 -+Ctrl.type = type:F -+Output = 16dcf1bd1aa4d5d6edc2d2b23792872f53767d6b2589e4700469a9bbbbb659c1c8716393fe1ed717833f491cd32d874b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa -+Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 -+Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 -+Ctrl.type = type:A -+Output = bbdc47242c877cc70585a5d9f0b8067d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa -+Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 -+Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 -+Ctrl.type = type:B -+Output = 6dcc6458af049a81a6d3139c2725f67d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa -+Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 -+Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 -+Ctrl.type = type:C -+Output = f788d0b9ea5373031d44972fad39d8e6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa -+Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 -+Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 -+Ctrl.type = type:D -+Output = e939b1367ea35c67ea990988c3c0c474 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa -+Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 -+Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 -+Ctrl.type = type:E -+Output = 069629f693b4d291ea6f16355eb4c57eef7824217d22651af095aadac27a789314fee4e86efa9bc63085a8ebfc606548 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100c7f8bcaf17cb17db3d5c2c9e8db37fa77685463d604e6b577ace9ada1b5a7fb54a299684a5405973352262ed66a7e47e4cf9ba7981f76a0aa6bf407be5fc48f70869b6913f7d9b2395f73eda2f08ad5469df982bd82242c19bba0dbcc28fa5869bab99b84015a313cebcc3e86ec3fd15513e329a236487e909a6b37134bc75b03dbda7f9196738ae5f04ac3cae6a3c93150271eeed62f8c019f433df888acec09e947dee6537c4fee5e0dc37d3b4ae4ff77309382148f0127cd01b882f128ee844046c9f3052ff7fff81876c261ad6cdad0a9ebfc769a4308f124d2422f03c1b171ac3404d4d690e9c1d94fc3de479bda663c207120a18f1947a68179d19ecaa -+Ctrl.hexxcghash = hexxcghash:ce996d2b1198f069c24193526be1dd0d08a95d0b0a144da5a1303e84de4eb864d49ca71fa5a59f51c10b9d4257787626 -+Ctrl.hexsession_id = hexsession_id:ed906230bdcff56bd239a8c52f3cb1e4e16d1249284162ca85b320e543f62a82d7270131231cf49e1b0c0b1e87643719 -+Ctrl.type = type:F -+Output = 731107905e3b9b36ba3dca504b35f1a51e75e2a3ee2595ade882c21410d439ec1ec31fbc62e64362a5fddc0f39e76da0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 -+Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 -+Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc -+Ctrl.type = type:A -+Output = 8e1af4ce3b9aa9f1e7493775f8846ac0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 -+Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 -+Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc -+Ctrl.type = type:B -+Output = 1796cee0aeb39eb1fbbaeaf15d600832 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 -+Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 -+Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc -+Ctrl.type = type:C -+Output = 7a7485045a2f8cc86f82c8486f8e9f59 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 -+Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 -+Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc -+Ctrl.type = type:D -+Output = 00a9d893e8c14aa3a316163d50d83378 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 -+Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 -+Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc -+Ctrl.type = type:E -+Output = 46133b1cbab3e04043a1b336db99575183d5be76f9d56556493a8d4a8da37a020ae379ff2d470a99ca7e9d2b1cf85cb4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA384 -+Ctrl.hexkey = hexkey:0000010100b41b41585296e85cce723619b40609b21799fb244d72fd87afa3088073819b232de7d9ab45ceaab3014099475e9314cff74149b5e4558962f31d3d2a84f24500558af928ff785dc32627f5062ea2d5bf6ff085edf6d200daca91037abda71b5c9c1660cbf60cfc3ec1fe590c3d6300aa279e42383f98f4000031bf57a2bb612c7a212bc0ec5057817b0843e01c14a9b353c26699670873db05de7049ac44951094c8b231713dab09ca641d3cea65c5e3b01d41d93351635b08a767afadfd7865388ebbe29e8f47033d1fe530d7d45fa1c266705b26d67282872da9551256d88708e1ec69ce9b94db6c7f3e6b7ae06418b36537b7839454c539b2bdd758af9c19 -+Ctrl.hexxcghash = hexxcghash:5b168cac1113de12bac95aac34501866abd610c6ce0d51520f83c865db8d0c688b27af11e08deb4a2673c160edd1da93 -+Ctrl.hexsession_id = hexsession_id:32dc32821483ed98f696813e712d229b6ff5a9e0f7f8e582a26f0a5204fa7655040ddbc791e00e7a979dded9354ea2dc -+Ctrl.type = type:F -+Output = 9221abcc3db5a557cca60408e65528e937cc3673b548c350924cd9e6387de526f5cb35a0bbe4020c47318b59d1a0527d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd -+Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.type = type:A -+Output = 0e2693ade0524af8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd -+Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.type = type:B -+Output = b13144de02295bb8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd -+Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.type = type:C -+Output = 7e4a721fb7379ebb423306464d57db46afa3cca10a1d7feb -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd -+Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.type = type:D -+Output = bb84123b1fac400e0df4767d78d011427e1edd4d4c934b95 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd -+Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.type = type:E -+Output = 00fb0a45c650dd9c95666b0c7fcea8c98f0562f61b862054ee400aec875dbbc2bdef4806c09217709a5050569312efe3af513e7aa733c72457abe1607ac01c13 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000080575308ca395798bb21ec5438c46a88ffa3f7f7671c06f924abf7c3cfb46c78c025596e4aba50c3271089184a447a571abb7f4a1b1c41f5d5ca8062940d4369778589fde81a71b2228f018c4c836cf389f854f86de71a68b1693fe8ffa1c59ce7e9f9223debada2566d2b0e5678a48bfb530e7bee42bd2ac7304a0a5ae339a2cd -+Ctrl.hexxcghash = hexxcghash:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.hexsession_id = hexsession_id:a4125aa9898092ca50c3c1631c03dcbc9df95cebb409881e580108b6cc4704b76cc77b8795fd5940561e3224cc75848518992bd8d9b70fe0fc977a476063c8bf -+Ctrl.type = type:F -+Output = 70a8005e711fb96dea5991cb68831b9e86005821b45ceaf958c13d5c87cbd2953d0877c267796edf8c7fb3d768bb26b74e542f40bf9ac9f6a9d217077e85f511 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 -+Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 -+Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 -+Ctrl.type = type:A -+Output = c75c77791f7b67c2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 -+Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 -+Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 -+Ctrl.type = type:B -+Output = dae1e8bfab1b4b7e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 -+Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 -+Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 -+Ctrl.type = type:C -+Output = 0e79f5b685ebe77ae6d62c344a5dd0f53502523a28e2b408 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 -+Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 -+Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 -+Ctrl.type = type:D -+Output = c5ec1aae5d26c2c5fe769576eb1b75c53d3dc67d452dca1c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 -+Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 -+Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 -+Ctrl.type = type:E -+Output = 6bc4e5d6049c69a8ffbf93c7617b6a168bd0f14d71471d199b81729250117272ad102772761a8c0b5d5240e589e48a4f85ab8c3e1bd030327e7c87428ee44d13 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000802b2e6f7545fa66e1078c67c5457dbf5ee03801edef4421d4f0e797b947b79e293ef724253ec4adb53977f027a2d577d7779e96be4e093b0c36be62778c5bd48dbb0bff1335470e10cdec4df88e8feb00d322426baf3035e9fda1aaf819be48dacc640d52eb8750cc6fd8031d0cba0ef0a11973d43138dd2d11d2eef1fc926327 -+Ctrl.hexxcghash = hexxcghash:4dc005dc6ad5075cf6abbedb53a0407104659cd168b58d014fb2465d6f1d1140d5fef634f345c6c38ac2a8db3771e4b0c71c51faf85a297bbdf7ddf8228c3159 -+Ctrl.hexsession_id = hexsession_id:a674aaced8345324221bbd8356ab8355fd3d3e410ae974c0da196f4cd58cc0236a85900626da696dab8be23aaa529458ac6ccf64058fd2fd140ca1a1a0c57988 -+Ctrl.type = type:F -+Output = ce109babe86778542856e3934be12decd239120a4dcb948a0154c4cb7b8ac0a4a3cbd682698086123e6c0481ee351bd9fedfba58d37f7814ba9c2b584f6cfedf -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 -+Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f -+Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 -+Ctrl.type = type:A -+Output = 6a71fc98f044591d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 -+Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f -+Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 -+Ctrl.type = type:B -+Output = 9f1a35a5c79014c0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 -+Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f -+Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 -+Ctrl.type = type:C -+Output = 377901cc72e4c06e30e27b03902f65c4a58b9d3f5cf43431 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 -+Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f -+Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 -+Ctrl.type = type:D -+Output = 82a9db94ea5c15dff736c3074a34951e828c8dfa3fef8596 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 -+Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f -+Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 -+Ctrl.type = type:E -+Output = b3ce0202c966df307a0729a4bb3fcd0ee55d4c521a144ecd285a470830f60685b2d751883d85ccd29fcc2481f3f442fdedd58d17528e8c4fb28473ee5e539706 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810085874b95394d5ca3096b0a7e6444e129544e4acd8dd7078c46dc74633df1737986e7dc6f58ac09c7d734fd68378f1ee6df60c48bde343e55ab2a5796ca3ec295f15a75500f476a8a6f1725fdade3339cd7da0a2528449652d7ea21a834e42961ede8477f63bac84ccdba933c276512d3670477d2696402175208526276712541 -+Ctrl.hexxcghash = hexxcghash:8540955867f6580e9c1e7e3dfaef9c4f810dbf3364e54f66c471b51d11686598fabff6c3f78a7ac1c90710ab991aa00980f9d5948d462662f6c439fa7b80483f -+Ctrl.hexsession_id = hexsession_id:f2ebb7479c714402275075725c4712994f04485c048fad37d1505f1ce2cd6e32051782848afbea4399231fea5b8d39ec596e118dcc95ea35ffddd8c5611f5298 -+Ctrl.type = type:F -+Output = c1ab7227f919cbda46cd6ac2bd4bb2ee5bd586cc55c7c1cb067df4c9a23209f716ff5e97ed76ebbc0354d683c5369937ca8db4cecf9e6c40886a186d9c4e2366 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 -+Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 -+Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 -+Ctrl.type = type:A -+Output = 3832bf21b907daa3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 -+Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 -+Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 -+Ctrl.type = type:B -+Output = 4e04d7787ba7fa68 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 -+Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 -+Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 -+Ctrl.type = type:C -+Output = d7be949edcfe4e4b877de1cc6a861fa721e137bf3dd1bb27 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 -+Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 -+Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 -+Ctrl.type = type:D -+Output = 5361fc87e24ec3031d97f0099766ac9ff7b8f91ea87666de -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 -+Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 -+Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 -+Ctrl.type = type:E -+Output = 40a6897606035ebb04907fa15e1545a8973b9b09423f3786be4bcb8db9e4561e0385bcf1e3c0cece5a788e9852ed1da56963f36bad78fede21405ce3ea92a3b8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100e1436b5ef714092a6a0c8cc1593682a7ca4c05de423fb5f57c1d225943d8e4a5b526288a46a9a0fdb10b59c0beb8c1dc5b4d2bdf34eec2525df84bca2f8b769897183a45c7e61171ecea6e2be80d3becec8355ac3853bd8d077697af6e774133143265bdd538b4fb64786aaaa33e45138fd8697ff1c77b50f63dd8e9476a74c0 -+Ctrl.hexxcghash = hexxcghash:367c80484d7e01e0915959e9fcb5124fa674489cf0ec4b0fee6a62dd77f677db901d9fb417cecf2a98f0b24bc24edbb1f34ab19f8d4d2976958f7d99ae2c78b3 -+Ctrl.hexsession_id = hexsession_id:0a1bbfb890087ef260a88fafb92f16765444adc4dcb00efd4750d59f1d8f4b6662edd379d812ddc822cea79675731a5e5791f29ebd17f3f83e675e9e9f6af3e3 -+Ctrl.type = type:F -+Output = 727f9bade9334f97486f479c88614ce96b8cbc803a544fbfaf5fcaf0499a1b8edeb59daa1a824ca9b165879c63d9f0b6464bcd3121fb1ad29b38864fbaac7741 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f -+Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 -+Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 -+Ctrl.type = type:A -+Output = 3f077a02dc957eb1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f -+Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 -+Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 -+Ctrl.type = type:B -+Output = 3cc158e348e64a0a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f -+Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 -+Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 -+Ctrl.type = type:C -+Output = 8770fb6792c2fc16a60c9f45c8d40db684fe52de7c60b482 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f -+Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 -+Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 -+Ctrl.type = type:D -+Output = d417a07f1070a2e628424fa990ef436f137725a7cde43f1b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f -+Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 -+Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 -+Ctrl.type = type:E -+Output = 20b810e4f6a540724f269194e37969a10e340d45c557eabe72c41f08a9fad85ab44a9c362e7fc5eea9ed5dd9b84cc837d2aaa46ee71b355cb1dfefa8dc544d1e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100f8cf4795508e2aba0d9c007ee0afb38a7d570e26d4ebe97d3b9cb46dfc05b9b18396054fa91f856758b036195a9b360ee48b65dcec1f2fcb901d5faa308125b30b804e53ac15b2f43c2a12fdbc987707af58c36ecdcd89376117f9655e14da7f1808baeaab020a47ac35166a4868dab970ce79de592c69164045fce4eb55872f -+Ctrl.hexxcghash = hexxcghash:40d59c8836500e523e6404ac03d9895b105c7feceaac52dc3c5e4113e256c0057fbc770b805f7a2f18bf0be13357eb99db906efc5fb772f96e5fe76088e2e6f2 -+Ctrl.hexsession_id = hexsession_id:a619290ad553a2b0924f3ea6152883685e3f2cf6063487616f083fadae950451df5f6e8a144cd951b2d853c7ec2d1aece9c438a89850788edc6bd5e2a7a98a47 -+Ctrl.type = type:F -+Output = acd292ab652b49c7c2a5a35b93c31a71eeef8a629cbc6b1c782994ebc7566f7b0ae536cc0ccfe881bfd8cbfaff391fe23568fa5692198f188deff0c6d0808160 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 -+Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 -+Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 -+Ctrl.type = type:A -+Output = 7cf213cec41701ff -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 -+Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 -+Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 -+Ctrl.type = type:B -+Output = 81a44f6f95fff954 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 -+Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 -+Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 -+Ctrl.type = type:C -+Output = e1610d85ea2c24b4af18076c2d7dc0c3f3b3bf1c8df232a4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 -+Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 -+Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 -+Ctrl.type = type:D -+Output = db146cbf4923693449b857fa927d112f3c8bd1bac73f618a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 -+Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 -+Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 -+Ctrl.type = type:E -+Output = fac257f4544a0aa77659642c33a421cf27b2216a57399ff8ff48baab37519ce9c27f93bf447a02b3c10d9f9c6201745ed6ae28a13ff85e949e0e8048bf31e0c8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000803105020875f56db2960579efb7509964f256c2b81009e5be554bcc8ebe84c492f0cd0990e78ef4e8582a45457712be71d6f6c0b33315668984f0a41cf45fb9a459193c710919b752be3b80b2c8c7de3be570f76df6fe1cbb9dc81085fff2ad1bbfb307c6fb21f434cf7c0b96ee9eb6bc0f9677136a6db91f5d953f8b104b3497 -+Ctrl.hexxcghash = hexxcghash:5f45d483ef27aeb00ec7baef96f4b4d1b254260bf60671dbd00e35a32fdcb7ae06215d59e742158782e0626bd5e2e8bada1fd7ec5056679f4a1412eaa2ef10e5 -+Ctrl.hexsession_id = hexsession_id:8ddcd28d02f2cb50661cf2111953c697c0e578e43a77dfeb593b2bf05189bb429f306bcb0bcb41219d5428c1795c84665bb1f0db33e55f52edbff2b781c7eb79 -+Ctrl.type = type:F -+Output = 8532a1014a5a2feba5730823b0fb1781a7782a73f95a97697aedf60997e6cdf5107387be820b74c0e43e8caf42e83bbc703c6cd9d37b0e720aeacc115ce4633e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 -+Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 -+Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 -+Ctrl.type = type:A -+Output = c5dffc4eb99a1c36 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 -+Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 -+Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 -+Ctrl.type = type:B -+Output = 13cb7467ddf8ea7d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 -+Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 -+Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 -+Ctrl.type = type:C -+Output = 4d77a9a1a36500d9ea0389e3813a201fb9b30751d1fcf0b3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 -+Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 -+Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 -+Ctrl.type = type:D -+Output = a0e4ec099492c752b98013d2176af6e601eeef3cdc2029a9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 -+Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 -+Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 -+Ctrl.type = type:E -+Output = b4035effa78e6da307f4c096226150e5cab92794192bba492ff8576da3fdbbfdc87fbf79721de0e8f38647261dcad096fd536c4f724f09782a4b684902a4b979 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008045cafef6acb29ea351ad025a32cb0fb88fe52f138ac3cd7718140c883cffbc10778c2e6c573bdbfaf32eceaa2fc1e106170dadcdf1cb0e1653f2361c76f5153262295b16371daf9ae2015dfb407f4920240eb10293c48971d2086723507d2eb7e1481f2b737df223628ee602a49bb7f1ac52068f5c1a24b445786e35042fc6c0 -+Ctrl.hexxcghash = hexxcghash:b1ce6e766a7340f40cec52585087c60e456cc390d0ee294bbc460d50b93c2170344cca3dd2e3067ebefe3efbd002ec4ed7f0fc1a8771eaffbc1fd4d5800aec21 -+Ctrl.hexsession_id = hexsession_id:85ae5c53a8286dfddf295dd0b31237bc8c54e9858647e222db29a4f60ffb74a175e5de22c132a1a06826c6e0122e63aa657fc670ca44943159560ce1c48b6906 -+Ctrl.type = type:F -+Output = eae8776eddb75cd4d14d2db129172bab92f0c8d2c8a439d4b63824c23e7481af502a45d2ebee77f3a801d658b59f6cbbdb797f479787ae4d5839b7ddf49ff908 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f -+Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a -+Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 -+Ctrl.type = type:A -+Output = 31ef8e737ec154c0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f -+Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a -+Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 -+Ctrl.type = type:B -+Output = c0bb41f2c51a0503 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f -+Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a -+Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 -+Ctrl.type = type:C -+Output = 3f9058812f36f302dc5ada7de8f4271c435dfe4589f22a00 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f -+Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a -+Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 -+Ctrl.type = type:D -+Output = b342a447abcb67f6819a19b8b300946c89739fabd049a6e0 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f -+Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a -+Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 -+Ctrl.type = type:E -+Output = a5d70cb0a3e351be09b9600c9b97f2781236bf549209a1fbf3304af145af0941c6cd9923f1f30cec946e8dea96332d284e01a4d8bcc90721fe2e515504073cb8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000081008b735b1cc9a88529c0d0faea307f79142abc920248b3495e56b7987605b5a7a93354c638752ae7ce47b2869600dc2ab8f240c0ce4e35147e00f8e69fbe940d6236daf01b38f3e74d7bff07d01111569e213cd8475e77de026c81dac6e40242cfc2df5af9d37e520c2d7aee165de9cc314750e856d7514b0b80c568e2292c733f -+Ctrl.hexxcghash = hexxcghash:c226bd264f49cba006b4806afa4edaf42c2c48992ec66c78ce3a982cb5b1d923344107eb77884b0d996af71997611fdffba499da38d5206db0d0a17c438d4d8a -+Ctrl.hexsession_id = hexsession_id:ae0f9a407aae7a964a900b1f5b7060a2e7d4c9de4e422fec063829a9ea1fcb74a6ae83b9eb08f8663e171bdf036bf0c263b23f8eff3053d617484cc3efd99990 -+Ctrl.type = type:F -+Output = dbc3ea086a49e220306cbe57b942d9409cbd205dec20c7b79fd6998906d173bcb2bc2eb5b7eea4c1d84f3926836bd15e0565a17af735596050d6161d9682f2e7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 -+Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c -+Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 -+Ctrl.type = type:A -+Output = 19d6bc79713a4622 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 -+Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c -+Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 -+Ctrl.type = type:B -+Output = 7de9caf89d325dcd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 -+Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c -+Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 -+Ctrl.type = type:C -+Output = 1d5391d658abb9ec1b8df32cbf1db9a302a1301984ab06d4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 -+Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c -+Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 -+Ctrl.type = type:D -+Output = 5d37dab50814543d8d8674f4f491d73d21973f20844c96a7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 -+Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c -+Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 -+Ctrl.type = type:E -+Output = 3e882ae390a64c34f509bc9845df581987ae2524b2ff92d9243580168f32fa68750f3f732c8c5544c98fc585582fe743efbf55dd6c487fb5f9ffac1a156fa31c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000008100c41430e9dfce9301082a4d034e0e1ffe73133e4c97afbd325d6bbe1f3a4f5a9103f57a05f66b1ac63a5f1724b3315daf7171f334e77eff356366daf4e23e55751422734d4d22e6dcac783bba0edc1be8fcc4c7c0d5a69d047291e33167057c774e46362dfb6f8432b427cf21c01304b23e2b49b664fd50dc463c17efffa146a0 -+Ctrl.hexxcghash = hexxcghash:04aeff766f08c065092fdd7be43531f83d73682601069477ee10407821a0f0e8bf614e775dfab6f889a8d5120c2e39d96e38de4cda6f673fb7cb343de1e17b9c -+Ctrl.hexsession_id = hexsession_id:15f5653a107aee694bd1680d423c8da2dab8c1ec8e23c5208100ce3d8d4821b52bbb1d14791476253db4b07ebb715ae095b8b49e1545be3c92a3adcf39970be5 -+Ctrl.type = type:F -+Output = ce4bcf9cabe7ee7c0e216e64e5427ebd38cb41ba9e9a6d9ae441ca47d9278347a59afdf758ae7f7fd667ed3830bf9a33d7badfd40e2112580af514da9464a6d1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 -+Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 -+Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 -+Ctrl.type = type:A -+Output = 93fbb01815b63533 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 -+Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 -+Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 -+Ctrl.type = type:B -+Output = aea76dfe77a87471 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 -+Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 -+Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 -+Ctrl.type = type:C -+Output = 73a55e25a0a8ec0899c1074bf0845fefd84e42f741897a3f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 -+Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 -+Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 -+Ctrl.type = type:D -+Output = fead3a851502aa3c58734065eeaf3e63ed4c59c8f450bb1a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 -+Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 -+Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 -+Ctrl.type = type:E -+Output = 55bde99a692820ad809eb0a62311f8f3e9469ba2ee4d782d5432628ca52d829b9c5bffc41b58232363f97c5dab603268b1997fbe9b9b34ab2aca3da27467b0c8 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000000810088181aaaa6b17924ced0033b1e4a3d007a464d4d53871f4da4689d477437b42f873d4b7d5f5c52909b6cca8be7a01d1a7a806f745500bb00b4fd6e6f8d0e1c9ad08d934c7d680a57ac5a4ed77f73182065f9295d745e1d50b8da0626f3e9ccb6651aad3b0c5c2cecd90c521318778f570333c011f02d5e2a406eb8b3d6036537 -+Ctrl.hexxcghash = hexxcghash:3c4ecb173c39cedecbcd19ba0fc38454176b81b6451911b4422907b1b670dcedaabebaaa261fbac23b3b5738264c5eee3dccfd9e050a1cef17ac997527dd7095 -+Ctrl.hexsession_id = hexsession_id:3b05253d9e5ab2f7f4ba2998bea5ed7d05afdf02b7499ac2dd554833b886b73d92e929316a366147e9af50201dbb4e54c123418d1a623bc2dc52766211dbe614 -+Ctrl.type = type:F -+Output = 756f65746c861f0985f3dd7d2f08004897ccb22be2f1d3b4791ca0c51d5ee0da776dd03d7dfb7f4db6c6cd37899871e63d75f7f60dff8348c313e99409ad2db5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb -+Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.type = type:A -+Output = a626c34c0a74b56262110185a34cd810 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb -+Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.type = type:B -+Output = 223d6fc57263da9ad61dad9759454e0f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb -+Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.type = type:C -+Output = 7c803e07506969666f446400b2372eee -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb -+Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.type = type:D -+Output = 4ad705fbc9e89c03c15f9dbbf34981df -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb -+Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.type = type:E -+Output = 36cac32cab8b943cd9d2142559c467593bfaf30d0be71560245c8b38a5671901a858ccc637b0ef6966a2bbfb1a7f51f2cf6d52c4165ca000d52bd908405c305f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100e8d52da494d198252b87189223bffb0bc1b68335ae987df15bf7cf95bd74a951b5eaa87b1739f91efc97f28f5a7f0a206fdbcf33e39003e154b334009563abd62a4169462865ba931ca3f8f4d70611e8bcb46228ee74983d2ec79c690d86329c2daac8dbdafe4573f114313f29c7507bd4aa50d87bb83b1cebb628e37b2501ffc9b1200d8d360e1b46bf6fdecd486fae790352eb79aa3f37e4964963a84dbd80fb3b80491210565d9449599bc9306ee76a932a764070702cd09c87e1f26095b1b78042bcc37d5f097e3f7b2db6cb6f7b3e2a332021f756fe1784edd2a82802c1274b9944dff99fb1c181f41d6d2f4eac5aa33c619c48167dce1eb47ddafbe5eb -+Ctrl.hexxcghash = hexxcghash:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.hexsession_id = hexsession_id:3e81bd3b4b609955df0deaab293876592122e2d7fdc719ecd503b572c5e98cfaaac1f7e085d4097c76515f5b70413944a464ce346ada6d85d7c39a8009d4b121 -+Ctrl.type = type:F -+Output = 67d42301ce629c0f2a34b9dfb24ec60c138b4edc71f7123bb0db9447b3c915ebd8c54d3b20af04e30b484be3a2d4136f5d5c46f9c56de189b91fec78ecd53e1c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a -+Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 -+Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 -+Ctrl.type = type:A -+Output = 8ebbf0e9afd9f108498f1543104ba8e2 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a -+Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 -+Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 -+Ctrl.type = type:B -+Output = 38bfe6bed75f77675fa36d76b63816a4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a -+Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 -+Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 -+Ctrl.type = type:C -+Output = f759f0ad2d72980f6b12f0fb317222f3 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a -+Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 -+Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 -+Ctrl.type = type:D -+Output = 39f294ec25afb520f5d7f1064b7078c9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a -+Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 -+Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 -+Ctrl.type = type:E -+Output = ff2ad139997ff26e7f4393e49d57d5fc973ddb6225d8f4b5fe990e46b9943772f0d33aa98d01089ff0aeb5740bd388ada35dc44240180c99e522c817dedfc2cd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010034a5d2784c99976fb3b615c5b1bfacc9a749330d22bcf5a7c404c10f886e2a3115660a399d7c721d5dd141f458b0d27e0e6709a8290f9ef6f61681a11d876eb7bd52b930f79fb9516f5d2137c5bfa95a893890d26d7712fc9ecc4dc82a5171341b41a9f2c4a8f0c14efe82ef2a4db60a8a0b8e43d3f92992f8dcc2d6bae3759aea86a4f14f809fe648021fc4aa79936bd687450e801916d7d267dfab66bd86f9424b3460fa75b16af37151918cb2f8ba8ac33df5b0ccf7fb21c3ea9fb0ed2917a4eb9d6ed345c42a5a67a66fca7b7e69c1ad5c45c51866692f058ad537c0f59c83a2788ef9b9610cc06aa155aa1115f23fa36d7734152a0da209244c32d37e3a -+Ctrl.hexxcghash = hexxcghash:ab6f9c04514ae3f6591039c9cc6a9919279282d7c95971b4c27957e31cced5ef5b1c59a4418402203ab50a46df7dc03bd67d42a62592708b0581617a42ea6d71 -+Ctrl.hexsession_id = hexsession_id:4e226639facaccf9894367cb1008663e989eb31757b912bd1cb3bd51058c7adf56e9a54eef87b63299a5cc092c047991dc9a380e749c7c5657bb99424bcce6d6 -+Ctrl.type = type:F -+Output = a670c9583c71f403207a192700d5e4fd7a007b60a4617b7f93708399a0cb771af08b9e5f4237e6975f055d6f0a4d91523fa0805013df6ae4a19f077646f1cd4b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 -+Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 -+Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 -+Ctrl.type = type:A -+Output = f68353f802d39a43c728641e44087cc5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 -+Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 -+Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 -+Ctrl.type = type:B -+Output = 23c2377f826f77519871941b62cb9fdd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 -+Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 -+Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 -+Ctrl.type = type:C -+Output = c92b86a099e2605037d531746a6af7cb -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 -+Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 -+Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 -+Ctrl.type = type:D -+Output = 1517de253a5b9f7d9c4c3f234b27392e -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 -+Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 -+Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 -+Ctrl.type = type:E -+Output = be48a82cd246cf4d6ddb397a39f1ed62d98b5265e75190624a523033796d05046d63e0810b4b7a6efe9b834cb043871203638557063968910ad1cfa0abe62bb1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:00000100192471d29d9fbc8b61570e4efa053a5f17b2efc0aa5415b3309f7dc3971c64d9f1093f6114941d4912f7bfb771db41d1f166d4bdaec8dde214aeb058e2227277393e3c0b12adc1b6a445870bc26e753e05e27b90b97d781e3e8493eb5e717c243213de4dcdd5a11d467b8d26759118692b10357c28b0efb0228cbe257b9ee0cb77bb7bc8b072edf418768c977e485635b4ab61078587128e9a8b3c6deca2a4e64cf9fd6eca880aebd1043deaf94447ea50b0c11b574259cdcafd208d9657c7177cf394de26dd8364b615786198c38e63c568e22b5263be41d6dd8843ad5254f61cf01b7162948652568c2b42833a95619fa5072adb0bfbf38e3eace7e1596066 -+Ctrl.hexxcghash = hexxcghash:a0a53cb8bcc48ffe44fd9e50e0f7532d3e326f93d7ecb10135d4385dab550cd7be03a7374dfc2a92794be13e40c794811a9916c3d1c4e7ea31ed5269537c1c22 -+Ctrl.hexsession_id = hexsession_id:9bcf3f3397ff464126cb2a99c04908721871354b842ffd3d873d49407db0382f98cc54d66665d950ec8277c374f19e9f0dd2e727f8759017c49b5b80baa87c63 -+Ctrl.type = type:F -+Output = 0c9af3775d5dc49a1b9b85fa18420ce1ca10d5159f83f9e078c217289688639dbce5f85665f866d8f93b2c6823bc7b2655830d8bb51fba945ce6eac2b0e6ce8a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda -+Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 -+Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 -+Ctrl.type = type:A -+Output = 7b802a74d216a41f7708c597b9053223 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda -+Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 -+Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 -+Ctrl.type = type:B -+Output = 355223971bed70b804d191b64cde39e6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda -+Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 -+Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 -+Ctrl.type = type:C -+Output = 925f2b036ac2682e20f022377499c3e1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda -+Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 -+Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 -+Ctrl.type = type:D -+Output = 37ae2bbbb1603c07d5274fc8f57126dc -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda -+Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 -+Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 -+Ctrl.type = type:E -+Output = 8b36c7e175797bf7bbb079ac5d06e6f7f62fc5a957e0fefab7df565eb72ae0586dbebad978975aaa35846de667b44b7174315b2b932f0be538fba76b92531019 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010015b3157b538e31a14797d981a6ef62814cd55fbea25ea88a16a5839484c7624d7befccc82d91e2ff2b6f402daba861b77c1016bab9e3d58bab985563f32d663407f9f3582856ee0aa3a56680c221ecddc48af6de71fd34626b716d9efe530df470c0b7b1e4131861bc4f12e44de7f1d1910047465c0eb95f7232d6e71d639d75ac58e6848e560210a5dc2e6996c1d96f9f688fb86558ba96422d1a69cf795ea67e66d534bef2160f4e9d4351c9c2faaad7c2ad2476ace5556c9b3c4c2d3bdac82bfb54d2e54eb6ed398b813c5928aa560b442c585a038571c4db98a44d8c8cdb02fa731b400adb859b591c1846900791d791927363d745042a38597ef883cbda -+Ctrl.hexxcghash = hexxcghash:651bdee255eef5fb47c7733df03d4346bc335cf1de2bfbd453f4ff18c775de475719a6ec4c5c55badadda4822e3fbf5ae3c0e6e9608a893fea68bfcc0af86d73 -+Ctrl.hexsession_id = hexsession_id:ee603130d0bdec24952cd3392272dbd7a536c2e76c794cc2f678ca9dd789670453e6bcd330dbf4e93930ec0b3e506e4c629b3d156ab1171d247d0ba44217d292 -+Ctrl.type = type:F -+Output = 388ef310bce13188df3fd6285576041754a281548fcc6a212e0de564db661640320130e4df4a6ff31162edaa7ced5b7f05f3456f674ee8be0b03424142058795 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 -+Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 -+Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 -+Ctrl.type = type:A -+Output = efeb5305eda69b0bd6999b4a27479667 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 -+Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 -+Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 -+Ctrl.type = type:B -+Output = 806fca9189c02e7ec2a6459387b03506 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 -+Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 -+Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 -+Ctrl.type = type:C -+Output = 9e542282d0db345a6ba20eba7c5de531 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 -+Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 -+Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 -+Ctrl.type = type:D -+Output = 41e7962b57a67f75072f15a5ba405d15 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 -+Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 -+Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 -+Ctrl.type = type:E -+Output = 7bf8f25fd155e41d1dc85cc814704dd8732275b3a53dc1b8c6b330c08f307b5c0da31606cb7eaa1b37b2721f4a1bf70a6885c30d17d7acd32fcc894768fe4106 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100b41c0bdf180d02ff459079925b32e54299128298da864be28b4c02532244b057219e3fa5fea09841351604ab713021622e6a6d0748f354fc3f29a9ac8bb64fdd984b725f00f56df3cf16d3bac786524a29105096f96f387422361bcc24774fd4d5b71bd6f757a8193fd691411b8e0aa14307e6ed1e97907925d93cee9ed266f387af66cd3da3e99d543e4baaf8a7fdb36c10869267767d80509717b5666e3fcdf8cca6486a1c18e3d3c15ba0c6773dcbe374d83de1c108a400998b25afa4d3b60917594a1120e449a57db1f3b2e048c3c64a408ed41bb32145364932f105788cd0b198522f0c59b1d774b1ac80cd76d18e06b53c3d599f625c72f38b15745478 -+Ctrl.hexxcghash = hexxcghash:94ce7876dd7d98475ff8dd634b9b48e0e3416d1afd633637b49a49c525ee905ad8a17c12194746e210207c54628c453287a77515575a79ad40b270b5115030b8 -+Ctrl.hexsession_id = hexsession_id:d2e7ea215f35381164a1382533f752eb21e6fa9f25d399b7914c0317998f2b7820f893557459f0773eca3dbafd8375021b955a8dfe7ad659dfe480e3107724f8 -+Ctrl.type = type:F -+Output = 66b8f8c1a38120c73cc55950455a69c426fda44b9c66c3becaf259dd57a620e5ed3a749a486d05eab52c289f489581cb655865d4388a81e79b06bd105e3ae858 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce -+Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 -+Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b -+Ctrl.type = type:A -+Output = 8f6ac18ff5300849be34602630bb4102 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce -+Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 -+Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b -+Ctrl.type = type:B -+Output = f2b45df2508656758529a1f4679839fd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce -+Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 -+Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b -+Ctrl.type = type:C -+Output = 3356d58f61bcca506058e0990c9821f5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce -+Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 -+Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b -+Ctrl.type = type:D -+Output = 78495438a5326cca5351a239545941c1 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce -+Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 -+Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b -+Ctrl.type = type:E -+Output = dcfc5d099f5040513f76b012ab62ee45d5d8271aec9cbbdd1e1f7e0806f363d21c2eca730f9489ee70fbc7490a1901587b1d418c0e4f429c8098cd793c6d285c -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:000001003ba71746e4622911dbcd76359dbd01a3958175cac500fac87146f4a2616782ac0328ea32046762f62080df8fe76ff112acbf4e4c7a36fa648ec60c50d4a0f7b27b67cdcd725ed2d51c3b5c438c45c8f46d953845a899e89378e981aa270bd6cc190a5ab53e9516f5c194f9b61ef782573b417702337b32776765e75d6efb371a3af98c1b0eaa90ee43a99e58d803bc645a65100371cda8316d51618e4ada4d9a46cd049673cbfcf6ce3ec66c964902eb9bd28514d1fce32ebf8ee2ae3c8e46f4bf18f153a6f1031cefc7e736d82105dbeb60db422b79f4c4f3f4838fee891341cc982e79917aefb82529d134648847de15cf3ba1d7b5000e74b78198d6a3efce -+Ctrl.hexxcghash = hexxcghash:327a1cfc89837c90fb7141ad3a7df293af5c9e2fd482fb77f6769db8e91417377fe0a0a30c072f8276e824975afdc0f73e1a1cbeda86d5c70c2799912602ee78 -+Ctrl.hexsession_id = hexsession_id:46282b8a6dea1654de89199972c414ee512f33ab832e7284547cfc345af6eea9fbafb75f4646789755078a174c98c5aa1d740af1cf40844ae680cdd80466086b -+Ctrl.type = type:F -+Output = a75817465c73517bd7884dcd230464583ae491ae5e39330873cd7a967188022cad63e712c7ec261abdb34c01bddd8989dfce8f5d8a8cdbdcc305429b3fd93c76 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 -+Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 -+Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 -+Ctrl.type = type:A -+Output = 4fa1b8c53d25f7c1adb4810c46b48ae7 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 -+Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 -+Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 -+Ctrl.type = type:B -+Output = 3c453d0f50b7f41826e74e5cce5b5996 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 -+Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 -+Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 -+Ctrl.type = type:C -+Output = 22f47a00a5de0f56b3e586357eeebe57 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 -+Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 -+Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 -+Ctrl.type = type:D -+Output = 8d32d1945e93c4982bd106567f8e481f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 -+Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 -+Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 -+Ctrl.type = type:E -+Output = 9eefe581b1514160f81c94193d374d8f85879136e9ae494c487119b1974aac3e143948f656c1c1e837ff1368ef0d997cd3ca9f46c71056269eb8a1da8daf5678 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100f3a28f9574691777f2a9e05a882295e5ae272a6af486e53a8574e0ce7633a5c6871a39e6ba3176a41ce3fe6c80aa8469df71401583987e34374586ec56268b37d42bc047cc898750379aa7ddc5549cc069fa10d29fca303e6063a2cb800322a84a63480d91606db0244d2dd456005bb4a4b33f91ddf33335ec4d4d519e430542e087d5b1e952b183a32b3f7b118c410c46dc44b7ad669e7d98b934e48830e61ddd2e6094e0d1fa39b9041b9ca9dc768af4da702f912b2e82738cf506479c68fa9a5f2a9153189cf83bd11a05a92428d7c7124094f684f7c848114dc272d8a308d7b65e47b1d3c2c70d5a63efbc191ff5f0359356f706ac703445778b2b43a8d6 -+Ctrl.hexxcghash = hexxcghash:4f3aaea9ade34a07f46c11a4480461e2c523a740492b23b0bfa2a9e2e2c2ce542a09644154a4b3ab0e8b71ea950444a9954a156c0530a1436aa98951af7e1972 -+Ctrl.hexsession_id = hexsession_id:c778cdc03ecc941ff7d37c41fe67dc84df375117abd62d099129f38d37375f3cde4e75a0160fb05edf392d1eac509d5a6796f635623794d81df9b4cf81021738 -+Ctrl.type = type:F -+Output = 8dd76f59e6692ff642894ee1bb147f3e1490cac944af29de6b2b5abcc4ab9eb41d236e9cd2f40cf83935097f307a246d7b35005dd302bacfe7e4fed37d2f46e9 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 -+Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 -+Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 -+Ctrl.type = type:A -+Output = f335b3ab270d7e686c5e023b3a2da75b -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 -+Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 -+Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 -+Ctrl.type = type:B -+Output = 857c9245c67bad84b7377c424c5e7e7a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 -+Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 -+Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 -+Ctrl.type = type:C -+Output = 1c44ef56440f5856bdfd951305fd81e4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 -+Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 -+Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 -+Ctrl.type = type:D -+Output = 8d3496ac631bb3588abbb13d4ae2dc2d -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 -+Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 -+Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 -+Ctrl.type = type:E -+Output = ac7899494cfcebbdaa8ee7c343a0a458228a0a5e59730c928e9c8775487e57c3a5f34fdb72c1b3b57cc35e0356e4b7c6a56368e74c68a017538a5b484886ec81 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010012c99d1e0542b3b71e287b1ea15e54a3197f95cfbf7f6a209ada41fce3a6faad9bc4d569b690223e5d668019c11204716bb96a858c36c853bd41b28c1505ddce9df22b31dbdaa014b07ec53a79cfeb5b540902669c7a283f3647c1a9f685b5027bfb18e827818a76c23fa6ad20760f228a4239a4d558240130b5cc389d2be41b806cafd24d1d425c26a61508c974d62aae6f6830459c79e7a9ff5610291661bf03528fbafe47cf4c2e51f4856749ef543eb7cd8f72e84a4075fa7df9ad12565e5b3810c6d6292ff878ee8499611688989f0a04f4dc7275e01c0444a0321f0a0327fbe8a55689307b1bfd66d5d27ade78df5c1dfcef8868ebbe339d7efdae1973 -+Ctrl.hexxcghash = hexxcghash:7317f576ce95d5bed93d08c65eb814d037ecd42f09b2d514fad58335e8e8bec807b9cf74b9044f449581c792ebb08843f2b80da87d91625e20f25de91b4d5d23 -+Ctrl.hexsession_id = hexsession_id:7d153fda85bd3488962bdf03b8d0f26cf61f737173587ac6ee3d6f601a00f6474f5401370ef04720c620ea2b9668ab72cb6c40dc96057fc4537e7a6b0e79e9c5 -+Ctrl.type = type:F -+Output = d32d849b488594d0b8efce91604296393b2240121f2ed51fb7c0bb5b371c33775d184ffaf3028306bc8040b21887f6885e5916ae158ef74a3ba09a1f30654f1a -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 -+Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa -+Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 -+Ctrl.type = type:A -+Output = 5aa8ed531557a1dc934ed667029e062f -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 -+Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa -+Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 -+Ctrl.type = type:B -+Output = 11a810c69785949d5a0ef6eeff960fb4 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 -+Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa -+Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 -+Ctrl.type = type:C -+Output = 54e9402e4f85b08c271b2a9f15d56c75 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 -+Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa -+Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 -+Ctrl.type = type:D -+Output = 838209e0ebe7626cf6482f25c7774bfd -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 -+Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa -+Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 -+Ctrl.type = type:E -+Output = bc62048ddb762ac50336ae0e91a402cc78e73472fe180756a4686299967d2904318b8ad1b8dc622edd75e9ff0e74f7fcb8a1f8acb86e2567a5167084c648c7ef -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100c6c401e7a417025fce8ca5d5e654de6cac8eb1bf24fffa1eefaba828f425b5df93323ad62565d9e74c0b45619c3e97a8e006a9b28a42e96e13ea2f3807319ac587850731f64c86a3a9acd4aaa04e8a586833faeb902f95177d27e89ce25307365b22b7bf444c8e72ef2bb0fce86fe326a90b787948085fd101f04a7311ed6cf65d5073a6a29c7d99fe9fa0b915fac1d9bb6b95143ca8936e10e6e319201112ba52823dbaad935972842361394999e5a67356076e9f0b528d62325181f80d66e9b3288ba7482458c737806f474867036a234201253a91a6246c8c2876d210d2579951dd12cbc153dcec403156739be9c7d291e4904f079a5a71c01b9a84481800 -+Ctrl.hexxcghash = hexxcghash:b060195095692352bde81e90c1b648ec46d57476892e79489d42cb8e0da2027ec41fd2e62da8e8e2a9e1ebcb8eecfaadef75e6714008ed6a2cbdef6c321bbaaa -+Ctrl.hexsession_id = hexsession_id:5c910a53cafca6f8c0d97c4748f67aecd9a54c8ba96bf33327565f6f68ae0a2e7a62733a9051364ff9f68bdb416176522a0e5a2f28fe27a3f5ec402b3d99da13 -+Ctrl.type = type:F -+Output = 4e9644a01a3fe6c3f4f5aceddb00e2584e277354aee6392a1a5aef05024d37fcf25ff46fdd8fe52e7d1dd9a96e77328aadf44b8fc92ac22a14f63d64ad0db621 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e -+Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 -+Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 -+Ctrl.type = type:A -+Output = 77cb432c67bf0ae658aa4e34376d01b5 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e -+Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 -+Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 -+Ctrl.type = type:B -+Output = f55c74d112746001d8908edd347d7e69 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e -+Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 -+Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 -+Ctrl.type = type:C -+Output = 34a48ab90890b385198ea6bf8c50c3f6 -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e -+Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 -+Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 -+Ctrl.type = type:D -+Output = f2b6046d3439c50a9000a63909146abc -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e -+Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 -+Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 -+Ctrl.type = type:E -+Output = 70357486ca57c93418c6705b731b054bc41be03289c25a5ed29a937732807ae10a3604486c53d1f2431411808d87bfbaa6b25971fa2e4ec3719b5d2622aed2ff -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA512 -+Ctrl.hexkey = hexkey:0000010100a82ae4062baef678d20dd9cf1704cdc69e9e78eea5faa435e4dffec06976ff73bd1e2ebd206658a26fb85a0911e2034eede31e7df2d7b87aa9700cf301b6b38502ba4db2b9723505455a7da0c6e0cf374b063921179d1bc69508f660bbb26d05ab16a2325716dbd0a733809cac36660d9a73ff0f61e09f55d1ff0652474130be7fcd2d37ebd1203960d788a1307fae48ec4e1042ab85f037a01bfd17f15725ee929d6e6246bbda00fe7105461ee873b0190c2f44692845e464949f909df46309a8eb72037278f792c87249897a0564d290bec1e09b2c9d3ad3011710fc4dcfabfa435611794dc7d1507b657229a2aab65ce2e789305d5d24ed955e89d8eb4f7e -+Ctrl.hexxcghash = hexxcghash:a6ef8e3102b16ce51b2a2fe17e8dc711a964c195ca4d597aabecce595187344ccb2ea37dc4cac0a77a47e7ea1b9055b1c9948e6e09793a9121f120b3bd07c5f2 -+Ctrl.hexsession_id = hexsession_id:cc85cf95e29a5991306b21c1738de9a6612b8cb09f12b1738a4873c29f971e8d204aeb98bb7a7502cdab952eaaa6ec1e3a9655db3e5217afbff63ad588fbbf85 -+Ctrl.type = type:F -+Output = 4e6428f7a87455bdef6026cdf68a2f6d93d6cda5145d6bca60ee4eb2d6248b399f6568c65ec92cee8d9b0c7fd83053c91c5be72bf96b5904080624a348243899 -+ -+Title = SSHKDF test error conditions -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:A -+Output = FF -+Result = KDF_DERIVE_ERROR -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:A -+Output = FF -+Result = KDF_DERIVE_ERROR -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:A -+Output = FF -+Result = KDF_DERIVE_ERROR -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Output = FF -+Result = KDF_DERIVE_ERROR -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:X -+Output = FF -+Result = KDF_CTRL_ERROR -+ -+KDF = SSHKDF -+Ctrl.md = md:SHA1 -+Ctrl.hexkey = hexkey:0000008055bae931c07fd824bf10add1902b6fbc7c665347383498a686929ff5a25f8e40cb6645ea814fb1a5e0a11f852f86255641e5ed986e83a78bc8269480eac0b0dfd770cab92e7a28dd87ff452466d6ae867cead63b366b1c286e6c4811a9f14c27aea14c5171d49b78c06e3735d36e6a3be321dd5fc82308f34ee1cb17fba94a59 -+Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 -+Ctrl.type = type:A -+Output = FF -+Result = KDF_MISMATCH -From 148cc5ee246e108b1e7332035037bab53574b0a9 Mon Sep 17 00:00:00 2001 -From: Simo Sorce -Date: Thu, 18 Apr 2019 08:26:29 -0400 -Subject: [PATCH] Change the digest string from "md" to "digest" - -Conform to other modules which were changed at the last minute and this -discrepancy was not noticed. -Retain "md" as an alias so not to break 3rd party backports/tests scripts. - -Signed-off-by: Simo Sorce ---- - crypto/kdf/sshkdf.c | 3 +++ - test/recipes/20-test_kdf.t | 2 +- - 2 files changed, 4 insertions(+), 1 deletion(-) - mode change 100644 => 100755 test/recipes/20-test_kdf.t - -diff --git a/crypto/kdf/sshkdf.c b/crypto/kdf/sshkdf.c -index 300e1adbb23..f585e8a0d6d 100644 ---- a/crypto/kdf/sshkdf.c -+++ b/crypto/kdf/sshkdf.c -@@ -125,6 +125,9 @@ static int kdf_sshkdf_ctrl_str(EVP_KDF_IMPL *impl, const char *type, - return 0; - } - -+ if (strcmp(type, "digest") == 0) -+ return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); -+ /* alias, for historical reasons */ - if (strcmp(type, "md") == 0) - return kdf_md2ctrl(impl, kdf_sshkdf_ctrl, EVP_KDF_CTRL_SET_MD, value); - diff --git a/openssl-1.1.1-ts-sha256-default.patch b/openssl-1.1.1-ts-sha256-default.patch deleted file mode 100644 index 2a1dd6c..0000000 --- a/openssl-1.1.1-ts-sha256-default.patch +++ /dev/null @@ -1,70 +0,0 @@ -diff -up openssl-1.1.1h/apps/openssl.cnf.ts-sha256-default openssl-1.1.1h/apps/openssl.cnf ---- openssl-1.1.1h/apps/openssl.cnf.ts-sha256-default 2020-11-06 11:07:28.850100899 +0100 -+++ openssl-1.1.1h/apps/openssl.cnf 2020-11-06 11:11:28.042913791 +0100 -@@ -364,5 +348,5 @@ tsa_name = yes # Must the TSA name be i - # (optional, default: no) - ess_cert_id_chain = no # Must the ESS cert id chain be included? - # (optional, default: no) --ess_cert_id_alg = sha1 # algorithm to compute certificate -+ess_cert_id_alg = sha256 # algorithm to compute certificate - # identifier (optional, default: sha1) -diff -up openssl-1.1.1h/apps/ts.c.ts-sha256-default openssl-1.1.1h/apps/ts.c ---- openssl-1.1.1h/apps/ts.c.ts-sha256-default 2020-09-22 14:55:07.000000000 +0200 -+++ openssl-1.1.1h/apps/ts.c 2020-11-06 11:07:28.883101220 +0100 -@@ -423,7 +423,7 @@ static TS_REQ *create_query(BIO *data_bi - ASN1_OBJECT *policy_obj = NULL; - ASN1_INTEGER *nonce_asn1 = NULL; - -- if (md == NULL && (md = EVP_get_digestbyname("sha1")) == NULL) -+ if (md == NULL && (md = EVP_get_digestbyname("sha256")) == NULL) - goto err; - if ((ts_req = TS_REQ_new()) == NULL) - goto err; -diff -up openssl-1.1.1h/crypto/ts/ts_conf.c.ts-sha256-default openssl-1.1.1h/crypto/ts/ts_conf.c ---- openssl-1.1.1h/crypto/ts/ts_conf.c.ts-sha256-default 2020-11-06 12:03:51.226372867 +0100 -+++ openssl-1.1.1h/crypto/ts/ts_conf.c 2020-11-06 12:04:01.713488990 +0100 -@@ -476,7 +476,7 @@ int TS_CONF_set_ess_cert_id_digest(CONF - const char *md = NCONF_get_string(conf, section, ENV_ESS_CERT_ID_ALG); - - if (md == NULL) -- md = "sha1"; -+ md = "sha256"; - - cert_md = EVP_get_digestbyname(md); - if (cert_md == NULL) { -diff -up openssl-1.1.1h/doc/man1/ts.pod.ts-sha256-default openssl-1.1.1h/doc/man1/ts.pod ---- openssl-1.1.1h/doc/man1/ts.pod.ts-sha256-default 2020-09-22 14:55:07.000000000 +0200 -+++ openssl-1.1.1h/doc/man1/ts.pod 2020-11-06 11:07:28.883101220 +0100 -@@ -518,7 +518,7 @@ included. Default is no. (Optional) - =item B - - This option specifies the hash function to be used to calculate the TSA's --public key certificate identifier. Default is sha1. (Optional) -+public key certificate identifier. Default is sha256. (Optional) - - =back - -@@ -530,7 +530,7 @@ openssl/apps/openssl.cnf will do. - - =head2 Time Stamp Request - --To create a timestamp request for design1.txt with SHA-1 -+To create a timestamp request for design1.txt with SHA-256 - without nonce and policy and no certificate is required in the response: - - openssl ts -query -data design1.txt -no_nonce \ -@@ -546,12 +546,12 @@ To print the content of the previous req - - openssl ts -query -in design1.tsq -text - --To create a timestamp request which includes the MD-5 digest -+To create a timestamp request which includes the SHA-512 digest - of design2.txt, requests the signer certificate and nonce, - specifies a policy id (assuming the tsa_policy1 name is defined in the - OID section of the config file): - -- openssl ts -query -data design2.txt -md5 \ -+ openssl ts -query -data design2.txt -sha512 \ - -tspolicy tsa_policy1 -cert -out design2.tsq - - =head2 Time Stamp Response diff --git a/openssl-1.1.1-version-add-engines.patch b/openssl-1.1.1-version-add-engines.patch deleted file mode 100644 index 3c3f58e..0000000 --- a/openssl-1.1.1-version-add-engines.patch +++ /dev/null @@ -1,38 +0,0 @@ -diff -up openssl-1.1.1-pre8/apps/version.c.version-add-engines openssl-1.1.1-pre8/apps/version.c ---- openssl-1.1.1-pre8/apps/version.c.version-add-engines 2018-06-20 16:48:09.000000000 +0200 -+++ openssl-1.1.1-pre8/apps/version.c 2018-07-16 18:00:40.608624346 +0200 -@@ -64,7 +64,7 @@ int version_main(int argc, char **argv) - { - int ret = 1, dirty = 0, seed = 0; - int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0; -- int engdir = 0; -+ int engdir = 0, engines = 0; - char *prog; - OPTION_CHOICE o; - -@@ -106,7 +106,7 @@ opthelp: - break; - case OPT_A: - seed = options = cflags = version = date = platform = dir = engdir -- = 1; -+ = engines = 1; - break; - } - } -@@ -188,6 +188,16 @@ opthelp: - #endif - printf("\n"); - } -+ if (engines) { -+ ENGINE *e; -+ printf("engines: "); -+ e = ENGINE_get_first(); -+ while (e) { -+ printf("%s ", ENGINE_get_id(e)); -+ e = ENGINE_get_next(e); -+ } -+ printf("\n"); -+ } - ret = 0; - end: - return ret; diff --git a/openssl-1.1.1-version-override.patch b/openssl-1.1.1-version-override.patch deleted file mode 100644 index b89ebc6..0000000 --- a/openssl-1.1.1-version-override.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openssl-1.1.1i/include/openssl/opensslv.h.version-override openssl-1.1.1i/include/openssl/opensslv.h ---- openssl-1.1.1i/include/openssl/opensslv.h.version-override 2020-12-09 10:25:12.042374409 +0100 -+++ openssl-1.1.1i/include/openssl/opensslv.h 2020-12-09 10:26:00.362769170 +0100 -@@ -40,7 +40,7 @@ extern "C" { - * major minor fix final patch/beta) - */ - # define OPENSSL_VERSION_NUMBER 0x101010bfL --# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1k 25 Mar 2021" -+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1k FIPS 25 Mar 2021" - - /*- - * The macros below are to be used for shared library (.so, .dll, ...) diff --git a/openssl-1.1.1-weak-ciphers.patch b/openssl-1.1.1-weak-ciphers.patch deleted file mode 100644 index 0083643..0000000 --- a/openssl-1.1.1-weak-ciphers.patch +++ /dev/null @@ -1,57 +0,0 @@ -diff -up openssl-1.1.1/ssl/s3_lib.c.weak-ciphers openssl-1.1.1/ssl/s3_lib.c ---- openssl-1.1.1/ssl/s3_lib.c.weak-ciphers 2018-09-11 14:48:23.000000000 +0200 -+++ openssl-1.1.1/ssl/s3_lib.c 2018-09-17 12:53:33.850637181 +0200 -@@ -2612,7 +2612,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - SSL_GOST89MAC, - TLS1_VERSION, TLS1_2_VERSION, - 0, 0, -- SSL_HIGH, -+ SSL_MEDIUM, - SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, - 256, - 256, -@@ -2644,7 +2644,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - SSL_GOST89MAC12, - TLS1_VERSION, TLS1_2_VERSION, - 0, 0, -- SSL_HIGH, -+ SSL_MEDIUM, - SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC, - 256, - 256, -@@ -2753,7 +2753,7 @@ static SSL_CIPHER ssl3_ciphers[] = { - }, - #endif /* OPENSSL_NO_SEED */ - --#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS -+#if 0 /* No MD5 ciphersuites */ - { - 1, - SSL3_TXT_RSA_RC4_128_MD5, -@@ -2770,6 +2770,8 @@ static SSL_CIPHER ssl3_ciphers[] = { - 128, - 128, - }, -+#endif -+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS - { - 1, - SSL3_TXT_RSA_RC4_128_SHA, -@@ -2786,6 +2788,8 @@ static SSL_CIPHER ssl3_ciphers[] = { - 128, - 128, - }, -+#endif -+#if 0 - { - 1, - SSL3_TXT_ADH_RC4_128_MD5, -@@ -2802,6 +2806,8 @@ static SSL_CIPHER ssl3_ciphers[] = { - 128, - 128, - }, -+#endif -+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS - { - 1, - TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA, diff --git a/openssl.spec b/openssl.spec index 03638aa..2be384c 100644 --- a/openssl.spec +++ b/openssl.spec @@ -1,17 +1,10 @@ # For the curious: -# 0.9.5a soversion = 0 -# 0.9.6 soversion = 1 -# 0.9.6a soversion = 2 -# 0.9.6c soversion = 3 -# 0.9.7a soversion = 4 -# 0.9.7ef soversion = 5 -# 0.9.8ab soversion = 6 -# 0.9.8g soversion = 7 # 0.9.8jk + EAP-FAST soversion = 8 # 1.0.0 soversion = 10 # 1.1.0 soversion = 1.1 (same as upstream although presence of some symbols # depends on build configuration options) -%define soversion 1.1 +# 3.0.0 soversion = 3 (same as upstream) +%define soversion 3 # Arches on which we need to prevent arch conflicts on opensslconf.h, must # also be handled in opensslconf-new.h. @@ -21,8 +14,8 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl -Version: 1.1.1k -Release: 1%{?dist} +Version: 3.0.0 +Release: 0.alpha13.1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -30,54 +23,40 @@ Epoch: 1 Source: openssl-%{version}-hobbled.tar.xz Source1: hobble-openssl Source2: Makefile.certificate +Source3: genpatches Source6: make-dummy-cert Source7: renew-dummy-cert -Source9: opensslconf-new.h -Source10: opensslconf-new-warning.h -Source11: README.FIPS +Source9: configuration-switch.h +Source10: configuration-prefix.h Source12: ec_curve.c Source13: ectest.c -# Build changes -Patch1: openssl-1.1.1-build.patch -Patch2: openssl-1.1.1-defaults.patch -Patch3: openssl-1.1.1-no-html.patch -Patch4: openssl-1.1.1-man-rename.patch -# Functionality changes -Patch31: openssl-1.1.1-conf-paths.patch -Patch32: openssl-1.1.1-version-add-engines.patch -Patch33: openssl-1.1.1-apps-dgst.patch -Patch36: openssl-1.1.1-no-brainpool.patch -Patch37: openssl-1.1.1-ec-curves.patch -Patch38: openssl-1.1.1-no-weak-verify.patch -Patch40: openssl-1.1.1-disable-ssl3.patch -Patch41: openssl-1.1.1-system-cipherlist.patch -Patch42: openssl-1.1.1-fips.patch -Patch44: openssl-1.1.1-version-override.patch -Patch45: openssl-1.1.1-weak-ciphers.patch -Patch46: openssl-1.1.1-seclevel.patch -Patch47: openssl-1.1.1-ts-sha256-default.patch -Patch48: openssl-1.1.1-fips-post-rand.patch -Patch49: openssl-1.1.1-evp-kdf.patch -Patch50: openssl-1.1.1-ssh-kdf.patch -Patch51: openssl-1.1.1-intel-cet.patch -Patch60: openssl-1.1.1-krb5-kdf.patch -Patch61: openssl-1.1.1-edk2-build.patch -Patch62: openssl-1.1.1-fips-curves.patch -Patch65: openssl-1.1.1-fips-drbg-selftest.patch -Patch66: openssl-1.1.1-fips-dh.patch -Patch67: openssl-1.1.1-kdf-selftest.patch -Patch69: openssl-1.1.1-alpn-cb.patch -Patch70: openssl-1.1.1-rewire-fips-drbg.patch -# Backported fixes including security fixes -Patch52: openssl-1.1.1-s390x-update.patch -Patch53: openssl-1.1.1-fips-crng-test.patch -Patch55: openssl-1.1.1-arm-update.patch -Patch56: openssl-1.1.1-s390x-ecc.patch - -License: OpenSSL and ASL 2.0 +# Patches exported from source git +# Aarch64 and ppc64le use lib64 +Patch1: 0001-Aarch64-and-ppc64le-use-lib64.patch +# Use more general default values in openssl.cnf +Patch2: 0002-Use-more-general-default-values-in-openssl.cnf.patch +# Do not install html docs +Patch3: 0003-Do-not-install-html-docs.patch +# Override default paths for the CA directory tree +Patch4: 0004-Override-default-paths-for-the-CA-directory-tree.patch +# apps/ca: fix md option help text +Patch5: 0005-apps-ca-fix-md-option-help-text.patch +# Disable signature verification with totally unsafe hash algorithms +Patch6: 0006-Disable-signature-verification-with-totally-unsafe-h.patch +# Add support for PROFILE=SYSTEM system default cipherlist +Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +# Add FIPS_mode() compatibility macro +Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch +# Add check to see if fips flag is enabled in kernel +Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch +# Fixes EVP extra test by removing 7 unsupported curves +Patch10: 0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch +# remove unsupported EC curves +Patch11: 0011-Remove-EC-curves.patch + +License: ASL 2.0 and OpenSSL URL: http://www.openssl.org/ -BuildRequires: make BuildRequires: gcc BuildRequires: coreutils, perl-interpreter, sed, zlib-devel, /usr/bin/cmp BuildRequires: lksctp-tools-devel @@ -86,8 +65,9 @@ BuildRequires: /usr/bin/pod2man BuildRequires: /usr/sbin/sysctl BuildRequires: perl(Test::Harness), perl(Test::More), perl(Math::BigInt) BuildRequires: perl(Module::Load::Conditional), perl(File::Temp) -BuildRequires: perl(Time::HiRes) -BuildRequires: perl(FindBin), perl(lib), perl(File::Compare), perl(File::Copy) +BuildRequires: perl(Time::HiRes), perl(IPC::Cmd), perl(Pod::Html) +BuildRequires: perl(FindBin), perl(lib), perl(File::Compare), perl(File::Copy), perl(bigint) +BuildRequires: git-core Requires: coreutils Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} @@ -102,7 +82,6 @@ Summary: A general purpose cryptography library with TLS implementation Requires: ca-certificates >= 2008-5 Requires: crypto-policies >= 20180730 Recommends: openssl-pkcs11%{?_isa} -Provides: openssl-fips = %{epoch}:%{version}-%{release} %description libs OpenSSL is a toolkit for supporting cryptography. The openssl-libs @@ -119,16 +98,6 @@ OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols. -%package static -Summary: Libraries for static linking of applications which will use OpenSSL -Requires: %{name}-devel%{?_isa} = %{epoch}:%{version}-%{release} - -%description static -OpenSSL is a toolkit for supporting cryptography. The openssl-static -package contains static libraries needed for static linking of -applications which support various cryptographic algorithms and -protocols. - %package perl Summary: Perl scripts provided with OpenSSL Requires: perl-interpreter @@ -140,7 +109,7 @@ package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit. %prep -%setup -q -n %{name}-%{version} +%autosetup -S git -n %{name}-%{version}-alpha13 # The hobble_openssl is called here redundantly, just to be sure. # The tarball has already the sources removed. @@ -149,42 +118,6 @@ from other formats to the formats used by the OpenSSL toolkit. cp %{SOURCE12} crypto/ec/ cp %{SOURCE13} test/ -%patch1 -p1 -b .build %{?_rawbuild} -%patch2 -p1 -b .defaults -%patch3 -p1 -b .no-html %{?_rawbuild} -%patch4 -p1 -b .man-rename - -%patch31 -p1 -b .conf-paths -%patch32 -p1 -b .version-add-engines -%patch33 -p1 -b .dgst -%patch36 -p1 -b .no-brainpool -%patch37 -p1 -b .curves -%patch38 -p1 -b .no-weak-verify -%patch40 -p1 -b .disable-ssl3 -%patch41 -p1 -b .system-cipherlist -%patch42 -p1 -b .fips -%patch44 -p1 -b .version-override -%patch45 -p1 -b .weak-ciphers -%patch46 -p1 -b .seclevel -%patch47 -p1 -b .ts-sha256-default -%patch48 -p1 -b .fips-post-rand -%patch49 -p1 -b .evp-kdf -%patch50 -p1 -b .ssh-kdf -%patch51 -p1 -b .intel-cet -%patch52 -p1 -b .s390x-update -%patch53 -p1 -b .crng-test -%patch55 -p1 -b .arm-update -%patch56 -p1 -b .s390x-ecc -%patch60 -p1 -b .krb5-kdf -%patch61 -p1 -b .edk2-build -%patch62 -p1 -b .fips-curves -%patch65 -p1 -b .drbg-selftest -%patch66 -p1 -b .fips-dh -%patch67 -p1 -b .kdf-selftest -%patch69 -p1 -b .alpn-cb -%patch70 -p1 -b .rewire-fips-drbg - - %build # Figure out which flags we want to use. # default @@ -261,9 +194,8 @@ export HASHBANGPERL=/usr/bin/perl --prefix=%{_prefix} --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \ --system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \ zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \ - enable-cms enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method \ - enable-weak-ssl-ciphers \ - no-mdc2 no-ec2m no-sm2 no-sm4 \ + enable-cms enable-md2 enable-rc5 enable-ktls \ + no-idea no-mdc2 no-ec2m no-sm2 no-sm4 \ shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\""' # Do not run this in a production package the FIPS symbols must be patched-in @@ -271,9 +203,6 @@ export HASHBANGPERL=/usr/bin/perl make all -# Overwrite FIPS README -cp -f %{SOURCE11} . - # Clean up the .pc files for i in libcrypto.pc libssl.pc openssl.pc ; do sed -i '/^Libs.private:/{s/-L[^ ]* //;s/-Wl[^ ]* //}' $i @@ -285,19 +214,13 @@ done # Hack - either enable SCTP AUTH chunks in kernel or disable sctp for check (sysctl net.sctp.addip_enable=1 && sysctl net.sctp.auth_enable=1) || \ (echo 'Failed to enable SCTP AUTH chunks, disabling SCTP for tests...' && - sed '/"zlib-dynamic" => "default",/a\ \ "sctp" => "default",' configdata.pm > configdata.pm.new && \ + sed '/"msan" => "default",/a\ \ "sctp" => "default",' configdata.pm > configdata.pm.new && \ touch -r configdata.pm configdata.pm.new && \ mv -f configdata.pm.new configdata.pm) -# We must revert patch31 before tests otherwise they will fail -patch -p1 -R < %{PATCH31} +# We must revert patch4 before tests otherwise they will fail +patch -p1 -R < %{PATCH4} -LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}} -export LD_LIBRARY_PATH -crypto/fips/fips_standalone_hmac libcrypto.so.%{soversion} >.libcrypto.so.%{soversion}.hmac -ln -s .libcrypto.so.%{soversion}.hmac .libcrypto.so.hmac -crypto/fips/fips_standalone_hmac libssl.so.%{soversion} >.libssl.so.%{soversion}.hmac -ln -s .libssl.so.%{soversion}.hmac .libssl.so.hmac OPENSSL_ENABLE_MD5_VERIFY= export OPENSSL_ENABLE_MD5_VERIFY OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file @@ -305,15 +228,15 @@ export OPENSSL_SYSTEM_CIPHERS_OVERRIDE make test # Add generation of HMAC checksum of the final stripped library -%define __spec_install_post \ - %{?__debug_package:%{__debug_install_post}} \ - %{__arch_install_post} \ - %{__os_install_post} \ - crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{version}.hmac \ - ln -sf .libcrypto.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{soversion}.hmac \ - crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{version}.hmac \ - ln -sf .libssl.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{soversion}.hmac \ -%{nil} +#%define __spec_install_post \ +# %{?__debug_package:%{__debug_install_post}} \ +# %{__arch_install_post} \ +# %{__os_install_post} \ +# crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{version}.hmac \ +# ln -sf .libcrypto.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{soversion}.hmac \ +# crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{version}.hmac \ +# ln -sf .libssl.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{soversion}.hmac \ +#%{nil} %define __provides_exclude_from %{_libdir}/openssl @@ -329,6 +252,11 @@ for lib in $RPM_BUILD_ROOT%{_libdir}/*.so.%{version} ; do ln -s -f `basename ${lib}` $RPM_BUILD_ROOT%{_libdir}/`basename ${lib} .%{version}`.%{soversion} done +# Remove static libraries +for lib in $RPM_BUILD_ROOT%{_libdir}/*.a ; do + rm -f ${lib} +done + # Install a makefile for generating keys and self-signed certs, and a script # for generating them on the fly. mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/certs @@ -342,24 +270,7 @@ mv $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/misc/tsget $RPM_BUILD_ROOT%{_bindir} # Rename man pages so that they don't conflict with other system man pages. pushd $RPM_BUILD_ROOT%{_mandir} -ln -s -f config.5 man5/openssl.cnf.5 -for manpage in man*/* ; do - if [ -L ${manpage} ]; then - TARGET=`ls -l ${manpage} | awk '{ print $NF }'` - ln -snf ${TARGET}ssl ${manpage}ssl - rm -f ${manpage} - else - mv ${manpage} ${manpage}ssl - fi -done -for conflict in passwd rand ; do - rename ${conflict} ssl${conflict} man*/${conflict}* -# Fix dangling symlinks - manpage=man1/openssl-${conflict}.* - if [ -L ${manpage} ] ; then - ln -snf ssl${conflict}.1ssl ${manpage} - fi -done +mv man5/config.5 man5/openssl.cnf.5 popd mkdir -m755 $RPM_BUILD_ROOT%{_sysconfdir}/pki/CA @@ -396,39 +307,36 @@ sed -i '/^\#ifndef OPENSSL_NO_SSL_TRACE/i\ #endif' $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf.h %ifarch %{multilib_arches} -# Do an opensslconf.h switcheroo to avoid file conflicts on systems where you +# Do an configuration.h switcheroo to avoid file conflicts on systems where you # can have both a 32- and 64-bit version of the library, and they each need # their own correct-but-different versions of opensslconf.h to be usable. install -m644 %{SOURCE10} \ - $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf-${basearch}.h -cat $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf.h >> \ - $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf-${basearch}.h + $RPM_BUILD_ROOT/%{_prefix}/include/openssl/configuration-${basearch}.h +cat $RPM_BUILD_ROOT/%{_prefix}/include/openssl/configuration.h >> \ + $RPM_BUILD_ROOT/%{_prefix}/include/openssl/configuration-${basearch}.h install -m644 %{SOURCE9} \ - $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf.h + $RPM_BUILD_ROOT/%{_prefix}/include/openssl/configuration.h %endif LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}} export LD_LIBRARY_PATH %files %{!?_licensedir:%global license %%doc} -%license LICENSE -%doc FAQ NEWS README README.FIPS +%license LICENSE.txt +%doc NEWS.md README.md %{_bindir}/make-dummy-cert %{_bindir}/renew-dummy-cert %{_bindir}/openssl -%{_mandir}/man1*/* -%{_mandir}/man5*/* -%{_mandir}/man7*/* +%{_mandir}/man1/* +%{_mandir}/man5/* +%{_mandir}/man7/* %{_pkgdocdir}/Makefile.certificate -%exclude %{_mandir}/man1*/*.pl* -%exclude %{_mandir}/man1*/c_rehash* -%exclude %{_mandir}/man1*/openssl-c_rehash* -%exclude %{_mandir}/man1*/tsget* -%exclude %{_mandir}/man1*/openssl-tsget* +%exclude %{_mandir}/man1/*.pl* +%exclude %{_mandir}/man1/tsget* %files libs %{!?_licensedir:%global license %%doc} -%license LICENSE +%license LICENSE.txt %dir %{_sysconfdir}/pki/tls %dir %{_sysconfdir}/pki/tls/certs %dir %{_sysconfdir}/pki/tls/misc @@ -436,32 +344,25 @@ export LD_LIBRARY_PATH %config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf %config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf %attr(0755,root,root) %{_libdir}/libcrypto.so.%{version} -%attr(0755,root,root) %{_libdir}/libcrypto.so.%{soversion} +%{_libdir}/libcrypto.so.%{soversion} %attr(0755,root,root) %{_libdir}/libssl.so.%{version} -%attr(0755,root,root) %{_libdir}/libssl.so.%{soversion} -%attr(0644,root,root) %{_libdir}/.libcrypto.so.*.hmac -%attr(0644,root,root) %{_libdir}/.libssl.so.*.hmac +%{_libdir}/libssl.so.%{soversion} %attr(0755,root,root) %{_libdir}/engines-%{soversion} +%attr(0755,root,root) %{_libdir}/ossl-modules %files devel -%doc CHANGES doc/dir-locals.example.el doc/openssl-c-indent.el +%doc CHANGES.md doc/dir-locals.example.el doc/openssl-c-indent.el %{_prefix}/include/openssl %{_libdir}/*.so -%{_mandir}/man3*/* +%{_mandir}/man3/* %{_libdir}/pkgconfig/*.pc -%files static -%{_libdir}/*.a - %files perl %{_bindir}/c_rehash %{_bindir}/*.pl %{_bindir}/tsget -%{_mandir}/man1*/*.pl* -%{_mandir}/man1*/c_rehash* -%{_mandir}/man1*/openssl-c_rehash* -%{_mandir}/man1*/tsget* -%{_mandir}/man1*/openssl-tsget* +%{_mandir}/man1/*.pl* +%{_mandir}/man1/tsget* %dir %{_sysconfdir}/pki/CA %dir %{_sysconfdir}/pki/CA/private %dir %{_sysconfdir}/pki/CA/certs @@ -471,1750 +372,6 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog -* Fri Mar 26 2021 Sahana Prasad - 1:1.1.1k-1 -- Upgrade to version 1.1.1.k - -* Tue Feb 23 2021 Sahana Prasad - 1:1.1.1j-1 -- Upgrade to version 1.1.1.j - -* Wed Feb 10 2021 Sahana Prasad - 1:1.1.1i-3 -- Fix regression in X509_verify_cert() (bz1916594) - -* Tue Jan 26 2021 Fedora Release Engineering - 1:1.1.1i-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - -* Wed Dec 9 2020 Tomáš Mráz 1.1.1i-1 -- Update to the 1.1.1i release fixing CVE-2020-1971 - -* Mon Nov 9 2020 Sahana Prasad - 1.1.1h-1 -- Upgrade to version 1.1.1.h - -* Tue Jul 28 2020 Fedora Release Engineering - 1:1.1.1g-15 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Tue Jul 21 2020 Tom Stellard - 1:1.1.1g-14 -- Use make macros -- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro - -* Mon Jul 20 2020 Tomáš Mráz 1.1.1g-13 -- Additional FIPS mode check for EC key generation - -* Fri Jul 17 2020 Tomáš Mráz 1.1.1g-12 -- Further changes for SP 800-56A rev3 requirements - -* Mon Jun 22 2020 Tomáš Mráz 1.1.1g-11 -- Drop long ago obsolete part of the FIPS patch - -* Mon Jun 22 2020 Tomáš Mráz 1.1.1g-10 -- Rewire FIPS_drbg API to use the RAND_DRBG - -* Fri Jun 5 2020 Tomáš Mráz 1.1.1g-9 -- Disallow dropping Extended Master Secret extension - on renegotiation -- Return alert from s_server if ALPN protocol does not match -- SHA1 is allowed in @SECLEVEL=2 only if allowed by - TLS SigAlgs configuration - -* Wed Jun 3 2020 Tomáš Mráz 1.1.1g-8 -- Add FIPS selftest for PBKDF2 and KBKDF - -* Tue May 26 2020 Tomáš Mráz 1.1.1g-7 -- Use the well known DH groups in TLS - -* Mon May 25 2020 Tomáš Mráz 1.1.1g-6 -- Allow only well known DH groups in the FIPS mode - -* Thu May 21 2020 Adam Williamson - 1.1.1g-5 -- Re-apply the change from -2 now we have fixed nosync to work with it - -* Tue May 19 2020 Adam Williamson - 1.1.1g-4 -- Revert the change from -2 as it seems to cause segfaults in systemd - -* Mon May 18 2020 Tomáš Mráz 1.1.1g-3 -- pull some fixes and improvements from RHEL-8 - -* Fri May 15 2020 Tomáš Mráz 1.1.1g-2 -- FIPS module installed state definition is modified - -* Thu Apr 23 2020 Tomáš Mráz 1.1.1g-1 -- update to the 1.1.1g release - -* Tue Apr 7 2020 Tomáš Mráz 1.1.1f-1 -- update to the 1.1.1f release - -* Thu Mar 26 2020 Tomáš Mráz 1.1.1e-2 -- revert the unexpected EOF error reporting change as it is - too disruptive for the stable release branch - -* Fri Mar 20 2020 Tomáš Mráz 1.1.1e-1 -- update to the 1.1.1e release -- add selftest of the RAND_DRBG implementation -- fix incorrect error return value from FIPS_selftest_dsa - -* Mon Feb 17 2020 Tomáš Mráz 1.1.1d-7 -- apply Intel CET support patches by hjl (#1788699) - -* Wed Jan 29 2020 Fedora Release Engineering - 1:1.1.1d-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Thu Nov 21 2019 Tomáš Mráz 1.1.1d-5 -- allow zero length parameters in KDF_CTX_ctrl() - -* Thu Nov 14 2019 Tomáš Mráz 1.1.1d-4 -- backport of SSKDF from master - -* Wed Nov 13 2019 Tomáš Mráz 1.1.1d-3 -- backport of KBKDF and KRB5KDF from master - -* Thu Oct 3 2019 Tomáš Mráz 1.1.1d-2 -- re-enable the stitched AES-CBC-SHA implementations -- make AES-GCM work in FIPS mode again -- enable TLS-1.2 AES-CCM ciphers in FIPS mode -- fix openssl speed errors in FIPS mode - -* Fri Sep 13 2019 Tomáš Mráz 1.1.1d-1 -- update to the 1.1.1d release - -* Fri Sep 6 2019 Tomáš Mráz 1.1.1c-6 -- upstream fix for status request extension non-compliance (#1737471) - -* Thu Jul 25 2019 Fedora Release Engineering - 1:1.1.1c-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Mon Jun 24 2019 Tomáš Mráz 1.1.1c-4 -- do not try to use EC groups disallowed in FIPS mode - in TLS -- fix Valgrind regression with constant-time code - -* Mon Jun 3 2019 Tomáš Mráz 1.1.1c-3 -- add upstream patch to defer sending KeyUpdate after - pending writes are complete - -* Thu May 30 2019 Tomáš Mráz 1.1.1c-2 -- fix use of uninitialized memory - -* Wed May 29 2019 Tomáš Mráz 1.1.1c-1 -- update to the 1.1.1c release - -* Fri May 10 2019 Tomáš Mráz 1.1.1b-10 -- Another attempt at the AES-CCM regression fix - -* Fri May 10 2019 Tomáš Mráz 1.1.1b-9 -- Fix two small regressions -- Change the ts application default hash to SHA256 - -* Tue May 7 2019 Tomáš Mráz 1.1.1b-8 -- FIPS compliance fixes - -* Mon May 6 2019 Tomáš Mráz 1.1.1b-7 -- add S390x chacha20-poly1305 assembler support from master branch - -* Fri May 3 2019 Tomáš Mráz 1.1.1b-6 -- apply new bugfixes from upstream 1.1.1 branch - -* Tue Apr 16 2019 Tomáš Mráz 1.1.1b-5 -- fix for BIO_get_mem_ptr() regression in 1.1.1b (#1691853) - -* Wed Mar 27 2019 Tomáš Mráz 1.1.1b-4 -- drop unused BuildRequires and Requires in the -devel subpackage - -* Fri Mar 15 2019 Tomáš Mráz 1.1.1b-3 -- fix regression in EVP_PBE_scrypt() (#1688284) -- fix incorrect help message in ca app (#1553206) - -* Fri Mar 1 2019 Tomáš Mráz 1.1.1b-2 -- use .include = syntax in the config file to allow it - to be parsed by 1.0.2 version (#1668916) - -* Thu Feb 28 2019 Tomáš Mráz 1.1.1b-1 -- update to the 1.1.1b release -- EVP_KDF API backport from master -- SSH KDF implementation for EVP_KDF API backport from master - -* Fri Feb 01 2019 Fedora Release Engineering - 1:1.1.1a-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Tue Jan 15 2019 Tomáš Mráz 1.1.1a-1 -- update to the 1.1.1a release - -* Fri Nov 9 2018 Tomáš Mráz 1.1.1-7 -- use /dev/urandom for seeding the RNG in FIPS POST - -* Fri Oct 12 2018 Tomáš Mráz 1.1.1-6 -- fix SECLEVEL 3 support -- fix some issues found in Coverity scan - -* Thu Sep 27 2018 Charalampos Stratakis - 1:1.1.1-5 -- Correctly invoke sed for defining OPENSSL_NO_SSL3 - -* Thu Sep 27 2018 Tomáš Mráz 1.1.1-4 -- define OPENSSL_NO_SSL3 so the newly built dependencies do not - have access to SSL3 API calls anymore - -* Mon Sep 17 2018 Tomáš Mráz 1.1.1-3 -- reinstate accidentally dropped patch for weak ciphersuites - -* Fri Sep 14 2018 Tomáš Mráz 1.1.1-2 -- for consistent support of security policies we build - RC4 support in TLS (not default) and allow SHA1 in SECLEVEL 2 - -* Thu Sep 13 2018 Tomáš Mráz 1.1.1-1 -- update to the final 1.1.1 version - -* Thu Sep 6 2018 Tomáš Mráz 1.1.1-0.pre9.3 -- do not try to initialize RNG in cleanup if it was not initialized - before (#1624554) -- use only /dev/urandom if getrandom() is not available -- disable SM4 - -* Wed Aug 29 2018 Tomáš Mráz 1.1.1-0.pre9.2 -- fix dangling symlinks to manual pages -- make SSLv3_method work - -* Wed Aug 22 2018 Tomáš Mráz 1.1.1-0.pre9.1 -- update to the latest 1.1.1 beta version - -* Mon Aug 13 2018 Tomáš Mráz 1.1.1-0.pre8.4 -- bidirectional shutdown fixes from upstream - -* Mon Aug 13 2018 Tomáš Mráz 1.1.1-0.pre8.3 -- do not put error on stack when using fixed protocol version - with the default config (#1615098) - -* Fri Jul 27 2018 Tomáš Mráz 1.1.1-0.pre8.2 -- load crypto policy config file from the default config - -* Wed Jul 25 2018 Tomáš Mráz 1.1.1-0.pre8 -- update to the latest 1.1.1 beta version - -* Fri Jul 13 2018 Fedora Release Engineering - 1:1.1.0h-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Tue Jun 19 2018 Tomáš Mráz 1.1.0h-5 -- fix FIPS RSA key generation failure - -* Mon Jun 4 2018 Tomáš Mráz 1.1.0h-4 -- ppc64le is not multilib arch (#1584994) - -* Tue Apr 3 2018 Tomáš Mráz 1.1.0h-3 -- fix regression of c_rehash (#1562953) - -* Thu Mar 29 2018 Tomáš Mráz 1.1.0h-2 -- fix FIPS symbol versions - -* Thu Mar 29 2018 Tomáš Mráz 1.1.0h-1 -- update to upstream version 1.1.0h -- add Recommends for openssl-pkcs11 - -* Fri Feb 23 2018 Tomáš Mráz 1.1.0g-6 -- one more try to apply RPM_LD_FLAGS properly (#1541033) -- dropped unneeded starttls xmpp patch (#1417017) - -* Thu Feb 08 2018 Fedora Release Engineering - 1:1.1.0g-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild - -* Thu Feb 1 2018 Tomáš Mráz 1.1.0g-4 -- apply RPM_LD_FLAGS properly (#1541033) - -* Thu Jan 11 2018 Tomáš Mráz 1.1.0g-3 -- silence the .rnd write failure as that is auxiliary functionality (#1524833) - -* Thu Dec 14 2017 Tomáš Mráz 1.1.0g-2 -- put the Makefile.certificate in pkgdocdir and drop the requirement on make - -* Fri Nov 3 2017 Tomáš Mráz 1.1.0g-1 -- update to upstream version 1.1.0g - -* Thu Aug 03 2017 Fedora Release Engineering - 1:1.1.0f-9 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild - -* Thu Jul 27 2017 Fedora Release Engineering - 1:1.1.0f-8 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - -* Mon Jul 17 2017 Tomáš Mráz 1:1.1.0f-7 -- make s_client and s_server work with -ssl3 option (#1471783) - -* Thu Jul 13 2017 Petr Pisar - 1:1.1.0f-6 -- perl dependency renamed to perl-interpreter - - -* Mon Jun 26 2017 Tomáš Mráz 1.1.0f-5 -- disable verification of all insecure hashes - -* Fri Jun 23 2017 Tomáš Mráz 1.1.0f-4 -- make DTLS work (#1462541) - -* Thu Jun 15 2017 Tomáš Mráz 1.1.0f-3 -- enable 3DES SSL ciphersuites, RC4 is kept disabled (#1453066) - -* Mon Jun 5 2017 Tomáš Mráz 1.1.0f-2 -- only release thread-local key if we created it (from upstream) (#1458775) - -* Fri Jun 2 2017 Tomáš Mráz 1.1.0f-1 -- update to upstream version 1.1.0f -- SRP and GOST is now allowed, note that GOST support requires - adding GOST engine which is not part of openssl anymore - -* Thu Feb 16 2017 Tomáš Mráz 1.1.0e-1 -- update to upstream version 1.1.0e -- add documentation of the PROFILE=SYSTEM special cipher string (#1420232) - -* Sat Feb 11 2017 Fedora Release Engineering - 1:1.1.0d-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - -* Wed Feb 1 2017 Tomáš Mráz 1.1.0d-2 -- applied upstream fixes (fix regression in X509_CRL_digest) - -* Thu Jan 26 2017 Tomáš Mráz 1.1.0d-1 -- update to upstream version 1.1.0d - -* Thu Dec 22 2016 Tomáš Mráz 1.1.0c-5 -- preserve new line in fd BIO BIO_gets() as other BIOs do - -* Fri Dec 2 2016 Tomáš Mráz 1.1.0c-4 -- FIPS mode fixes for TLS - -* Wed Nov 30 2016 Tomáš Mráz 1.1.0c-3 -- revert SSL_read() behavior change - patch from upstream (#1394677) -- fix behavior on client certificate request in renegotiation (#1393579) - -* Tue Nov 22 2016 Tomáš Mráz 1.1.0c-2 -- EC curve NIST P-224 is now allowed, still kept disabled in TLS due - to less than optimal security - -* Fri Nov 11 2016 Tomáš Mráz 1.1.0c-1 -- update to upstream version 1.1.0c - -* Fri Nov 4 2016 Tomáš Mráz 1.1.0b-4 -- use a random seed if the supplied one did not generate valid - parameters in dsa_builtin_paramgen2() - -* Wed Oct 12 2016 Tomáš Mráz 1.1.0b-3 -- do not break contract on return value when using dsa_builtin_paramgen2() - -* Wed Oct 12 2016 Tomáš Mráz 1.1.0b-2 -- fix afalg failure on big endian - -* Tue Oct 11 2016 Tomáš Mráz 1.1.0b-1 -- update to upstream version 1.1.0b - -* Fri Oct 07 2016 Richard W.M. Jones - 1:1.0.2j-2 -- Add flags for riscv64. - -* Mon Sep 26 2016 Tomáš Mráz 1.0.2j-1 -- minor upstream release 1.0.2j fixing regression from previous release - -* Sat Sep 24 2016 David Woodhouse 1.0.2i-2 -- Fix enginesdir in libcrypto.c (#1375361) - -* Thu Sep 22 2016 Tomáš Mráz 1.0.2i-1 -- minor upstream release 1.0.2i fixing security issues -- move man pages for perl based scripts to perl subpackage (#1377617) - -* Wed Aug 10 2016 Tomáš Mráz 1.0.2h-3 -- fix regression in Cisco AnyConnect VPN support (#1354588) - -* Mon Jun 27 2016 Tomáš Mráz 1.0.2h-2 -- require libcrypto in libssl.pc (#1301301) - -* Tue May 3 2016 Tomáš Mráz 1.0.2h-1 -- minor upstream release 1.0.2h fixing security issues - -* Tue Mar 29 2016 Tomáš Mráz 1.0.2g-4 -- disable SSLv2 support altogether (without ABI break) - -* Mon Mar 7 2016 Tom Callaway - 1.0.2g-3 -- enable RC5 - -* Wed Mar 2 2016 Tomáš Mráz 1.0.2g-2 -- reenable SSL2 in the build to avoid ABI break (it does not - make the openssl vulnerable to DROWN attack) - -* Tue Mar 1 2016 Tomáš Mráz 1.0.2g-1 -- minor upstream release 1.0.2g fixing security issues - -* Thu Feb 04 2016 Fedora Release Engineering - 1:1.0.2f-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild - -* Thu Jan 28 2016 Tomáš Mráz 1.0.2f-1 -- minor upstream release 1.0.2f fixing security issues -- add support for MIPS secondary architecture - -* Fri Jan 15 2016 Tomáš Mráz 1.0.2e-5 -- document some options of openssl speed command - -* Fri Dec 18 2015 Tomáš Mráz 1.0.2e-4 -- enable sctp support in DTLS - -* Tue Dec 8 2015 Tomáš Mráz 1.0.2e-3 -- remove unimplemented EC method from header (#1289599) - -* Mon Dec 7 2015 Tomáš Mráz 1.0.2e-2 -- the fast nistp implementation works only on little endian architectures - -* Fri Dec 4 2015 Tomáš Mráz 1.0.2e-1 -- minor upstream release 1.0.2e fixing moderate severity security issues -- enable fast assembler implementation for NIST P-256 and P-521 - elliptic curves (#1164210) -- filter out unwanted link options from the .pc files (#1257836) -- do not set serial to 0 in Makefile.certificate (#1135719) - -* Mon Nov 16 2015 Tomáš Mráz 1.0.2d-3 -- fix sigill on some AMD CPUs (#1278194) - -* Wed Aug 12 2015 Tom Callaway 1.0.2d-2 -- re-enable secp256k1 (bz1021898) - -* Thu Jul 9 2015 Tomáš Mráz 1.0.2d-1 -- minor upstream release 1.0.2d fixing a high severity security issue - -* Tue Jul 7 2015 Tomáš Mráz 1.0.2c-3 -- fix the aarch64 build - -* Thu Jun 18 2015 Fedora Release Engineering - 1:1.0.2c-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - -* Mon Jun 15 2015 Tomáš Mráz 1.0.2c-1 -- minor upstream release 1.0.2c fixing multiple security issues - -* Thu May 7 2015 Peter Robinson 1.0.2a-4 -- Add aarch64 sslarch details - -* Thu May 7 2015 Tomáš Mráz 1.0.2a-3 -- fix some 64 bit build targets - -* Tue Apr 28 2015 Tomáš Mráz 1.0.2a-2 -- add alternative certificate chain discovery support from upstream - -* Thu Apr 23 2015 Tomáš Mráz 1.0.2a-1 -- rebase to 1.0.2 branch - -* Thu Apr 9 2015 Tomáš Mráz 1.0.1k-7 -- drop the AES-GCM restriction of 2^32 operations because the IV is - always 96 bits (32 bit fixed field + 64 bit invocation field) - -* Thu Mar 19 2015 Tomáš Mráz 1.0.1k-6 -- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() -- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison -- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption -- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data -- fix CVE-2015-0293 - triggerable assert in SSLv2 server - -* Mon Mar 16 2015 Tomáš Mráz 1.0.1k-5 -- fix bug in the CRYPTO_128_unwrap() - -* Fri Feb 27 2015 Tomáš Mráz 1.0.1k-4 -- fix bug in the RFC 5649 support (#1185878) - -* Sat Feb 21 2015 Till Maas - 1:1.0.1k-3 -- Rebuilt for Fedora 23 Change - https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code - -* Thu Jan 15 2015 Tomáš Mráz 1.0.1k-2 -- test in the non-FIPS RSA keygen for minimal distance of p and q - similarly to the FIPS RSA keygen - -* Fri Jan 9 2015 Tomáš Mráz 1.0.1k-1 -- new upstream release fixing multiple security issues - -* Thu Nov 20 2014 Tomáš Mráz 1.0.1j-3 -- disable SSLv3 by default again (mail servers and possibly - LDAP servers should probably allow it explicitly for legacy - clients) - -* Tue Oct 21 2014 Tomáš Mráz 1.0.1j-2 -- update the FIPS RSA keygen to be FIPS 186-4 compliant - -* Thu Oct 16 2014 Tomáš Mráz 1.0.1j-1 -- new upstream release fixing multiple security issues - -* Fri Oct 10 2014 Tomáš Mráz 1.0.1i-5 -- copy negotiated digests when switching certs by SNI (#1150032) - -* Mon Sep 8 2014 Tomáš Mráz 1.0.1i-4 -- add support for RFC 5649 - -* Sun Aug 17 2014 Fedora Release Engineering - 1:1.0.1i-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - -* Wed Aug 13 2014 Tomáš Mráz 1.0.1i-2 -- drop RSA X9.31 from RSA FIPS selftests -- add Power 8 optimalizations - -* Thu Aug 7 2014 Tomáš Mráz 1.0.1i-1 -- new upstream release fixing multiple moderate security issues -- for now disable only SSLv2 by default - -* Fri Jul 18 2014 Tom Callaway 1.0.1h-6 -- fix license handling - -* Mon Jun 30 2014 Tomáš Mráz 1.0.1h-5 -- disable SSLv2 and SSLv3 protocols by default (can be enabled - via appropriate SSL_CTX_clear_options() call) - -* Wed Jun 11 2014 Tomáš Mráz 1.0.1h-4 -- use system profile for default cipher list - -* Tue Jun 10 2014 Tomáš Mráz 1.0.1h-3 -- make FIPS mode keygen bit length restriction enforced only when - OPENSSL_ENFORCE_MODULUS_BITS is set -- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support - -* Sat Jun 07 2014 Fedora Release Engineering - 1:1.0.1h-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - -* Thu Jun 5 2014 Tomáš Mráz 1.0.1h-1 -- new upstream release 1.0.1h - -* Sat May 31 2014 Peter Robinson 1.0.1g-2 -- Drop obsolete and irrelevant docs -- Move devel docs to appropriate package - -* Wed May 7 2014 Tomáš Mráz 1.0.1g-1 -- new upstream release 1.0.1g -- do not include ECC ciphersuites in SSLv2 client hello (#1090952) -- fail on hmac integrity check if the .hmac file is empty - -* Mon Apr 07 2014 Dennis Gilmore - 1.0.1e-44 -- pull in upstream patch for CVE-2014-0160 -- removed CHANGES file portion from patch for expediency - -* Thu Apr 3 2014 Tomáš Mráz 1.0.1e-43 -- add support for ppc64le architecture (#1072633) - -* Mon Mar 17 2014 Tomáš Mráz 1.0.1e-42 -- properly detect encryption failure in BIO -- use 2048 bit RSA key in FIPS selftests - -* Fri Feb 14 2014 Tomáš Mráz 1.0.1e-41 -- use the key length from configuration file if req -newkey rsa is invoked - -* Thu Feb 13 2014 Tomáš Mráz 1.0.1e-40 -- print ephemeral key size negotiated in TLS handshake (#1057715) -- add DH_compute_key_padded needed for FIPS CAVS testing - -* Thu Feb 6 2014 Tomáš Mráz 1.0.1e-39 -- make expiration and key length changeable by DAYS and KEYLEN - variables in the certificate Makefile (#1058108) -- change default hash to sha256 (#1062325) - -* Wed Jan 22 2014 Tomáš Mráz 1.0.1e-38 -- make 3des strength to be 128 bits instead of 168 (#1056616) - -* Tue Jan 7 2014 Tomáš Mráz 1.0.1e-37 -- fix CVE-2013-4353 - Invalid TLS handshake crash -- fix CVE-2013-6450 - possible MiTM attack on DTLS1 - -* Fri Dec 20 2013 Tomáš Mráz 1.0.1e-36 -- fix CVE-2013-6449 - crash when version in SSL structure is incorrect -- more FIPS validation requirement changes - -* Wed Dec 18 2013 Tomáš Mráz 1.0.1e-35 -- drop weak ciphers from the default TLS ciphersuite list -- add back some symbols that were dropped with update to 1.0.1 branch -- more FIPS validation requirement changes - -* Tue Nov 19 2013 Tomáš Mráz 1.0.1e-34 -- fix locking and reseeding problems with FIPS drbg - -* Fri Nov 15 2013 Tomáš Mráz 1.0.1e-33 -- additional changes required for FIPS validation - -* Wed Nov 13 2013 Tomáš Mráz 1.0.1e-32 -- disable verification of certificate, CRL, and OCSP signatures - using MD5 if OPENSSL_ENABLE_MD5_VERIFY environment variable - is not set - -* Fri Nov 8 2013 Tomáš Mráz 1.0.1e-31 -- add back support for secp521r1 EC curve -- add aarch64 to Configure (#969692) - -* Tue Oct 29 2013 Tomáš Mráz 1.0.1e-30 -- fix misdetection of RDRAND support on Cyrix CPUS (from upstream) (#1022346) - -* Thu Oct 24 2013 Tomáš Mráz 1.0.1e-29 -- do not advertise ECC curves we do not support (#1022493) - -* Wed Oct 16 2013 Tomáš Mráz 1.0.1e-28 -- only ECC NIST Suite B curves support -- drop -fips subpackage - -* Mon Oct 14 2013 Tom Callaway - 1.0.1e-27 -- resolve bugzilla 319901 (phew! only took 6 years & 9 days) - -* Fri Sep 27 2013 Tomáš Mráz 1.0.1e-26 -- make DTLS1 work in FIPS mode -- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode - -* Mon Sep 23 2013 Tomáš Mráz 1.0.1e-25 -- avoid dlopening libssl.so from libcrypto (#1010357) - -* Fri Sep 20 2013 Tomáš Mráz 1.0.1e-24 -- fix small memory leak in FIPS aes selftest - -* Thu Sep 19 2013 Tomáš Mráz 1.0.1e-23 -- fix segfault in openssl speed hmac in the FIPS mode - -* Thu Sep 12 2013 Tomáš Mráz 1.0.1e-22 -- document the nextprotoneg option in manual pages - original patch by Hubert Kario - -* Tue Sep 10 2013 Kyle McMartin 1.0.1e-21 -- [arm] use elf auxv to figure out armcap.c instead of playing silly - games with SIGILL handlers. (#1006474) - -* Wed Sep 4 2013 Tomas Mraz 1.0.1e-20 -- try to avoid some races when updating the -fips subpackage - -* Mon Sep 2 2013 Tomas Mraz 1.0.1e-19 -- use version-release in .hmac suffix to avoid overwrite - during upgrade - -* Thu Aug 29 2013 Tomas Mraz 1.0.1e-18 -- allow deinitialization of the FIPS mode - -* Thu Aug 29 2013 Tomas Mraz 1.0.1e-17 -- always perform the FIPS selftests in library constructor - if FIPS module is installed - -* Tue Aug 27 2013 Tomas Mraz 1.0.1e-16 -- add -fips subpackage that contains the FIPS module files - -* Fri Aug 16 2013 Tomas Mraz 1.0.1e-15 -- fix use of rdrand if available -- more commits cherry picked from upstream -- documentation fixes - -* Sat Aug 03 2013 Petr Pisar - 1:1.0.1e-14 -- Perl 5.18 rebuild - -* Fri Jul 26 2013 Tomas Mraz 1.0.1e-13 -- additional manual page fix -- use symbol versioning also for the textual version - -* Thu Jul 25 2013 Tomas Mraz 1.0.1e-12 -- additional manual page fixes - -* Fri Jul 19 2013 Tomas Mraz 1.0.1e-11 -- use _prefix macro - -* Wed Jul 17 2013 Petr Pisar - 1:1.0.1e-10 -- Perl 5.18 rebuild - -* Thu Jul 11 2013 Tomas Mraz 1.0.1e-9 -- add openssl.cnf.5 manpage symlink to config.5 - -* Wed Jul 10 2013 Tomas Mraz 1.0.1e-8 -- add relro linking flag - -* Wed Jul 10 2013 Tomas Mraz 1.0.1e-7 -- add support for the -trusted_first option for certificate chain verification - -* Fri May 3 2013 Tomas Mraz 1.0.1e-6 -- fix build of manual pages with current pod2man (#959439) - -* Sun Apr 21 2013 Peter Robinson 1.0.1e-5 -- Enable ARM optimised build - -* Mon Mar 18 2013 Tomas Mraz 1.0.1e-4 -- fix random bad record mac errors (#918981) - -* Tue Feb 19 2013 Tomas Mraz 1.0.1e-3 -- fix up the SHLIB_VERSION_NUMBER - -* Tue Feb 19 2013 Tomas Mraz 1.0.1e-2 -- disable ZLIB loading by default (due to CRIME attack) - -* Tue Feb 19 2013 Tomas Mraz 1.0.1e-1 -- new upstream version - -* Wed Jan 30 2013 Tomas Mraz 1.0.1c-12 -- more fixes from upstream -- fix errors in manual causing build failure (#904777) - -* Fri Dec 21 2012 Tomas Mraz 1.0.1c-11 -- add script for renewal of a self-signed cert by Philip Prindeville (#871566) -- allow X509_issuer_and_serial_hash() produce correct result in - the FIPS mode (#881336) - -* Thu Dec 6 2012 Tomas Mraz 1.0.1c-10 -- do not load default verify paths if CApath or CAfile specified (#884305) - -* Tue Nov 20 2012 Tomas Mraz 1.0.1c-9 -- more fixes from upstream CVS -- fix DSA key pairwise check (#878597) - -* Thu Nov 15 2012 Tomas Mraz 1.0.1c-8 -- use 1024 bit DH parameters in s_server as 512 bit is not allowed - in FIPS mode and it is quite weak anyway - -* Mon Sep 10 2012 Tomas Mraz 1.0.1c-7 -- add missing initialization of str in aes_ccm_init_key (#853963) -- add important patches from upstream CVS -- use the secure_getenv() with new glibc - -* Fri Jul 20 2012 Fedora Release Engineering - 1:1.0.1c-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - -* Fri Jul 13 2012 Tomas Mraz 1.0.1c-5 -- use __getenv_secure() instead of __libc_enable_secure - -* Fri Jul 13 2012 Tomas Mraz 1.0.1c-4 -- do not move libcrypto to /lib -- do not use environment variables if __libc_enable_secure is on -- fix strict aliasing problems in modes - -* Thu Jul 12 2012 Tomas Mraz 1.0.1c-3 -- fix DSA key generation in FIPS mode (#833866) -- allow duplicate FIPS_mode_set(1) -- enable build on ppc64 subarch (#834652) - -* Wed Jul 11 2012 Tomas Mraz 1.0.1c-2 -- fix s_server with new glibc when no global IPv6 address (#839031) -- make it build with new Perl - -* Tue May 15 2012 Tomas Mraz 1.0.1c-1 -- new upstream version - -* Thu Apr 26 2012 Tomas Mraz 1.0.1b-1 -- new upstream version - -* Fri Apr 20 2012 Tomas Mraz 1.0.1a-1 -- new upstream version fixing CVE-2012-2110 - -* Wed Apr 11 2012 Tomas Mraz 1.0.1-3 -- add Kerberos 5 libraries to pkgconfig for static linking (#807050) - -* Thu Apr 5 2012 Tomas Mraz 1.0.1-2 -- backports from upstream CVS -- fix segfault when /dev/urandom is not available (#809586) - -* Wed Mar 14 2012 Tomas Mraz 1.0.1-1 -- new upstream release - -* Mon Mar 5 2012 Tomas Mraz 1.0.1-0.3.beta3 -- add obsoletes to assist multilib updates (#799636) - -* Wed Feb 29 2012 Tomas Mraz 1.0.1-0.2.beta3 -- epoch bumped to 1 due to revert to 1.0.0g on Fedora 17 -- new upstream release from the 1.0.1 branch -- fix s390x build (#798411) -- versioning for the SSLeay symbol (#794950) -- add -DPURIFY to build flags (#797323) -- filter engine provides -- split the libraries to a separate -libs package -- add make to requires on the base package (#783446) - -* Tue Feb 7 2012 Tomas Mraz 1.0.1-0.1.beta2 -- new upstream release from the 1.0.1 branch, ABI compatible -- add documentation for the -no_ign_eof option - -* Thu Jan 19 2012 Tomas Mraz 1.0.0g-1 -- new upstream release fixing CVE-2012-0050 - DoS regression in - DTLS support introduced by the previous release (#782795) - -* Thu Jan 5 2012 Tomas Mraz 1.0.0f-1 -- new upstream release fixing multiple CVEs - -* Tue Nov 22 2011 Tomas Mraz 1.0.0e-4 -- move the libraries needed for static linking to Libs.private - -* Thu Nov 3 2011 Tomas Mraz 1.0.0e-3 -- do not use AVX instructions when osxsave bit not set -- add direct known answer tests for SHA2 algorithms - -* Wed Sep 21 2011 Tomas Mraz 1.0.0e-2 -- fix missing initialization of variable in CHIL engine - -* Wed Sep 7 2011 Tomas Mraz 1.0.0e-1 -- new upstream release fixing CVE-2011-3207 (#736088) - -* Wed Aug 24 2011 Tomas Mraz 1.0.0d-8 -- drop the separate engine for Intel acceleration improvements - and merge in the AES-NI, SHA1, and RC4 optimizations -- add support for OPENSSL_DISABLE_AES_NI environment variable - that disables the AES-NI support - -* Tue Jul 26 2011 Tomas Mraz 1.0.0d-7 -- correct openssl cms help output (#636266) -- more tolerant starttls detection in XMPP protocol (#608239) - -* Wed Jul 20 2011 Tomas Mraz 1.0.0d-6 -- add support for newest Intel acceleration improvements backported - from upstream by Intel in form of a separate engine - -* Thu Jun 9 2011 Tomas Mraz 1.0.0d-5 -- allow the AES-NI engine in the FIPS mode - -* Tue May 24 2011 Tomas Mraz 1.0.0d-4 -- add API necessary for CAVS testing of the new DSA parameter generation - -* Thu Apr 28 2011 Tomas Mraz 1.0.0d-3 -- add support for VIA Padlock on 64bit arch from upstream (#617539) -- do not return bogus values from load_certs (#652286) - -* Tue Apr 5 2011 Tomas Mraz 1.0.0d-2 -- clarify apps help texts for available digest algorithms (#693858) - -* Thu Feb 10 2011 Tomas Mraz 1.0.0d-1 -- new upstream release fixing CVE-2011-0014 (OCSP stapling vulnerability) - -* Tue Feb 08 2011 Fedora Release Engineering - 1.0.0c-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - -* Fri Feb 4 2011 Tomas Mraz 1.0.0c-3 -- add -x931 parameter to openssl genrsa command to use the ANSI X9.31 - key generation method -- use FIPS-186-3 method for DSA parameter generation -- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable - to allow using MD5 when the system is in the maintenance state - even if the /proc fips flag is on -- make openssl pkcs12 command work by default in the FIPS mode - -* Mon Jan 24 2011 Tomas Mraz 1.0.0c-2 -- listen on ipv6 wildcard in s_server so we accept connections - from both ipv4 and ipv6 (#601612) -- fix openssl speed command so it can be used in the FIPS mode - with FIPS allowed ciphers - -* Fri Dec 3 2010 Tomas Mraz 1.0.0c-1 -- new upstream version fixing CVE-2010-4180 - -* Tue Nov 23 2010 Tomas Mraz 1.0.0b-3 -- replace the revert for the s390x bignum asm routines with - fix from upstream - -* Mon Nov 22 2010 Tomas Mraz 1.0.0b-2 -- revert upstream change in s390x bignum asm routines - -* Tue Nov 16 2010 Tomas Mraz 1.0.0b-1 -- new upstream version fixing CVE-2010-3864 (#649304) - -* Tue Sep 7 2010 Tomas Mraz 1.0.0a-3 -- make SHLIB_VERSION reflect the library suffix - -* Wed Jun 30 2010 Tomas Mraz 1.0.0a-2 -- openssl man page fix (#609484) - -* Fri Jun 4 2010 Tomas Mraz 1.0.0a-1 -- new upstream patch release, fixes CVE-2010-0742 (#598738) - and CVE-2010-1633 (#598732) - -* Wed May 19 2010 Tomas Mraz 1.0.0-5 -- pkgconfig files now contain the correct libdir (#593723) - -* Tue May 18 2010 Tomas Mraz 1.0.0-4 -- make CA dir readable - the private keys are in private subdir (#584810) - -* Fri Apr 9 2010 Tomas Mraz 1.0.0-3 -- a few fixes from upstream CVS -- move libcrypto to /lib (#559953) - -* Tue Apr 6 2010 Tomas Mraz 1.0.0-2 -- set UTC timezone on pod2man run (#578842) -- make X509_NAME_hash_old work in FIPS mode - -* Tue Mar 30 2010 Tomas Mraz 1.0.0-1 -- update to final 1.0.0 upstream release - -* Tue Feb 16 2010 Tomas Mraz 1.0.0-0.22.beta5 -- make TLS work in the FIPS mode - -* Fri Feb 12 2010 Tomas Mraz 1.0.0-0.21.beta5 -- gracefully handle zero length in assembler implementations of - OPENSSL_cleanse (#564029) -- do not fail in s_server if client hostname not resolvable (#561260) - -* Wed Jan 20 2010 Tomas Mraz 1.0.0-0.20.beta5 -- new upstream release - -* Thu Jan 14 2010 Tomas Mraz 1.0.0-0.19.beta4 -- fix CVE-2009-4355 - leak in applications incorrectly calling - CRYPTO_free_all_ex_data() before application exit (#546707) -- upstream fix for future TLS protocol version handling - -* Wed Jan 13 2010 Tomas Mraz 1.0.0-0.18.beta4 -- add support for Intel AES-NI - -* Thu Jan 7 2010 Tomas Mraz 1.0.0-0.17.beta4 -- upstream fix compression handling on session resumption -- various null checks and other small fixes from upstream -- upstream changes for the renegotiation info according to the latest draft - -* Mon Nov 23 2009 Tomas Mraz 1.0.0-0.16.beta4 -- fix non-fips mingw build (patch by Kalev Lember) -- add IPV6 fix for DTLS - -* Fri Nov 20 2009 Tomas Mraz 1.0.0-0.15.beta4 -- add better error reporting for the unsafe renegotiation - -* Fri Nov 20 2009 Tomas Mraz 1.0.0-0.14.beta4 -- fix build on s390x - -* Wed Nov 18 2009 Tomas Mraz 1.0.0-0.13.beta4 -- disable enforcement of the renegotiation extension on the client (#537962) -- add fixes from the current upstream snapshot - -* Fri Nov 13 2009 Tomas Mraz 1.0.0-0.12.beta4 -- keep the beta status in version number at 3 so we do not have to rebuild - openssh and possibly other dependencies with too strict version check - -* Thu Nov 12 2009 Tomas Mraz 1.0.0-0.11.beta4 -- update to new upstream version, no soname bump needed -- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used - so the compatibility with unfixed clients is not broken. The - protocol extension is also not final. - -* Fri Oct 16 2009 Tomas Mraz 1.0.0-0.10.beta3 -- fix use of freed memory if SSL_CTX_free() is called before - SSL_free() (#521342) - -* Thu Oct 8 2009 Tomas Mraz 1.0.0-0.9.beta3 -- fix typo in DTLS1 code (#527015) -- fix leak in error handling of d2i_SSL_SESSION() - -* Wed Sep 30 2009 Tomas Mraz 1.0.0-0.8.beta3 -- fix RSA and DSA FIPS selftests -- reenable fixed x86_64 camellia assembler code (#521127) - -* Fri Sep 4 2009 Tomas Mraz 1.0.0-0.7.beta3 -- temporarily disable x86_64 camellia assembler code (#521127) - -* Mon Aug 31 2009 Tomas Mraz 1.0.0-0.6.beta3 -- fix openssl dgst -dss1 (#520152) - -* Wed Aug 26 2009 Tomas Mraz 1.0.0-0.5.beta3 -- drop the compat symlink hacks - -* Sat Aug 22 2009 Tomas Mraz 1.0.0-0.4.beta3 -- constify SSL_CIPHER_description() - -* Fri Aug 21 2009 Tomas Mraz 1.0.0-0.3.beta3 -- fix WWW:Curl:Easy reference in tsget - -* Fri Aug 21 2009 Tomas Mraz 1.0.0-0.2.beta3 -- enable MD-2 - -* Thu Aug 20 2009 Tomas Mraz 1.0.0-0.1.beta3 -- update to new major upstream release - -* Sat Jul 25 2009 Fedora Release Engineering - 0.9.8k-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - -* Wed Jul 22 2009 Bill Nottingham -- do not build special 'optimized' versions for i686, as that's the base - arch in Fedora now - -* Tue Jun 30 2009 Tomas Mraz 0.9.8k-6 -- abort if selftests failed and random number generator is polled -- mention EVP_aes and EVP_sha2xx routines in the manpages -- add README.FIPS -- make CA dir absolute path (#445344) -- change default length for RSA key generation to 2048 (#484101) - -* Thu May 21 2009 Tomas Mraz 0.9.8k-5 -- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 - (DTLS DoS problems) (#501253, #501254, #501572) - -* Tue Apr 21 2009 Tomas Mraz 0.9.8k-4 -- support compatibility DTLS mode for CISCO AnyConnect (#464629) - -* Fri Apr 17 2009 Tomas Mraz 0.9.8k-3 -- correct the SHLIB_VERSION define - -* Wed Apr 15 2009 Tomas Mraz 0.9.8k-2 -- add support for multiple CRLs with same subject -- load only dynamic engine support in FIPS mode - -* Wed Mar 25 2009 Tomas Mraz 0.9.8k-1 -- update to new upstream release (minor bug fixes, security - fixes and machine code optimizations only) - -* Thu Mar 19 2009 Tomas Mraz 0.9.8j-10 -- move libraries to /usr/lib (#239375) - -* Fri Mar 13 2009 Tomas Mraz 0.9.8j-9 -- add a static subpackage - -* Thu Feb 26 2009 Fedora Release Engineering - 0.9.8j-8 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - -* Mon Feb 2 2009 Tomas Mraz 0.9.8j-7 -- must also verify checksum of libssl.so in the FIPS mode -- obtain the seed for FIPS rng directly from the kernel device -- drop the temporary symlinks - -* Mon Jan 26 2009 Tomas Mraz 0.9.8j-6 -- drop the temporary triggerpostun and symlinking in post -- fix the pkgconfig files and drop the unnecessary buildrequires - on pkgconfig as it is a rpmbuild dependency (#481419) - -* Sat Jan 17 2009 Tomas Mraz 0.9.8j-5 -- add temporary triggerpostun to reinstate the symlinks - -* Sat Jan 17 2009 Tomas Mraz 0.9.8j-4 -- no pairwise key tests in non-fips mode (#479817) - -* Fri Jan 16 2009 Tomas Mraz 0.9.8j-3 -- even more robust test for the temporary symlinks - -* Fri Jan 16 2009 Tomas Mraz 0.9.8j-2 -- try to ensure the temporary symlinks exist - -* Thu Jan 15 2009 Tomas Mraz 0.9.8j-1 -- new upstream version with necessary soname bump (#455753) -- temporarily provide symlink to old soname to make it possible to rebuild - the dependent packages in rawhide -- add eap-fast support (#428181) -- add possibility to disable zlib by setting -- add fips mode support for testing purposes -- do not null dereference on some invalid smime files -- add buildrequires pkgconfig (#479493) - -* Sun Aug 10 2008 Tomas Mraz 0.9.8g-11 -- do not add tls extensions to server hello for SSLv3 either - -* Mon Jun 2 2008 Joe Orton 0.9.8g-10 -- move root CA bundle to ca-certificates package - -* Wed May 28 2008 Tomas Mraz 0.9.8g-9 -- fix CVE-2008-0891 - server name extension crash (#448492) -- fix CVE-2008-1672 - server key exchange message omit crash (#448495) - -* Tue May 27 2008 Tomas Mraz 0.9.8g-8 -- super-H arch support -- drop workaround for bug 199604 as it should be fixed in gcc-4.3 - -* Mon May 19 2008 Tom "spot" Callaway 0.9.8g-7 -- sparc handling - -* Mon Mar 10 2008 Joe Orton 0.9.8g-6 -- update to new root CA bundle from mozilla.org (r1.45) - -* Wed Feb 20 2008 Fedora Release Engineering - 0.9.8g-5 -- Autorebuild for GCC 4.3 - -* Thu Jan 24 2008 Tomas Mraz 0.9.8g-4 -- merge review fixes (#226220) -- adjust the SHLIB_VERSION_NUMBER to reflect library name (#429846) - -* Thu Dec 13 2007 Tomas Mraz 0.9.8g-3 -- set default paths when no explicit paths are set (#418771) -- do not add tls extensions to client hello for SSLv3 (#422081) - -* Tue Dec 4 2007 Tomas Mraz 0.9.8g-2 -- enable some new crypto algorithms and features -- add some more important bug fixes from openssl CVS - -* Mon Dec 3 2007 Tomas Mraz 0.9.8g-1 -- update to latest upstream release, SONAME bumped to 7 - -* Mon Oct 15 2007 Joe Orton 0.9.8b-17 -- update to new CA bundle from mozilla.org - -* Fri Oct 12 2007 Tomas Mraz 0.9.8b-16 -- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801) -- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191) -- add alpha sub-archs (#296031) - -* Tue Aug 21 2007 Tomas Mraz 0.9.8b-15 -- rebuild - -* Fri Aug 3 2007 Tomas Mraz 0.9.8b-14 -- use localhost in testsuite, hopefully fixes slow build in koji -- CVE-2007-3108 - fix side channel attack on private keys (#250577) -- make ssl session cache id matching strict (#233599) - -* Wed Jul 25 2007 Tomas Mraz 0.9.8b-13 -- allow building on ARM architectures (#245417) -- use reference timestamps to prevent multilib conflicts (#218064) -- -devel package must require pkgconfig (#241031) - -* Mon Dec 11 2006 Tomas Mraz 0.9.8b-12 -- detect duplicates in add_dir properly (#206346) - -* Thu Nov 30 2006 Tomas Mraz 0.9.8b-11 -- the previous change still didn't make X509_NAME_cmp transitive - -* Thu Nov 23 2006 Tomas Mraz 0.9.8b-10 -- make X509_NAME_cmp transitive otherwise certificate lookup - is broken (#216050) - -* Thu Nov 2 2006 Tomas Mraz 0.9.8b-9 -- aliasing bug in engine loading, patch by IBM (#213216) - -* Mon Oct 2 2006 Tomas Mraz 0.9.8b-8 -- CVE-2006-2940 fix was incorrect (#208744) - -* Mon Sep 25 2006 Tomas Mraz 0.9.8b-7 -- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276) -- fix CVE-2006-2940 - parasitic public keys DoS (#207274) -- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940) -- fix CVE-2006-4343 - sslv2 client DoS (#206940) - -* Tue Sep 5 2006 Tomas Mraz 0.9.8b-6 -- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180) - -* Wed Aug 2 2006 Tomas Mraz - 0.9.8b-5 -- set buffering to none on stdio/stdout FILE when bufsize is set (#200580) - patch by IBM - -* Fri Jul 28 2006 Alexandre Oliva - 0.9.8b-4.1 -- rebuild with new binutils (#200330) - -* Fri Jul 21 2006 Tomas Mraz - 0.9.8b-4 -- add a temporary workaround for sha512 test failure on s390 (#199604) - -* Thu Jul 20 2006 Tomas Mraz -- add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737) -- add patches for BN threadsafety, AES cache collision attack hazard fix and - pkcs7 code memleak fix from upstream CVS - -* Wed Jul 12 2006 Jesse Keating - 0.9.8b-3.1 -- rebuild - -* Wed Jun 21 2006 Tomas Mraz - 0.9.8b-3 -- dropped libica and ica engine from build - -* Wed Jun 21 2006 Joe Orton -- update to new CA bundle from mozilla.org; adds CA certificates - from netlock.hu and startcom.org - -* Mon Jun 5 2006 Tomas Mraz - 0.9.8b-2 -- fixed a few rpmlint warnings -- better fix for #173399 from upstream -- upstream fix for pkcs12 - -* Thu May 11 2006 Tomas Mraz - 0.9.8b-1 -- upgrade to new version, stays ABI compatible -- there is no more linux/config.h (it was empty anyway) - -* Tue Apr 4 2006 Tomas Mraz - 0.9.8a-6 -- fix stale open handles in libica (#177155) -- fix build if 'rand' or 'passwd' in buildroot path (#178782) -- initialize VIA Padlock engine (#186857) - -* Fri Feb 10 2006 Jesse Keating - 0.9.8a-5.2 -- bump again for double-long bug on ppc(64) - -* Tue Feb 07 2006 Jesse Keating - 0.9.8a-5.1 -- rebuilt for new gcc4.1 snapshot and glibc changes - -* Thu Dec 15 2005 Tomas Mraz 0.9.8a-5 -- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - in SSL_OP_ALL (#175779) - -* Fri Dec 09 2005 Jesse Keating -- rebuilt - -* Tue Nov 29 2005 Tomas Mraz 0.9.8a-4 -- fix build (-lcrypto was erroneusly dropped) of the updated libica -- updated ICA engine to 1.3.6-rc3 - -* Tue Nov 22 2005 Tomas Mraz 0.9.8a-3 -- disable builtin compression methods for now until they work - properly (#173399) - -* Wed Nov 16 2005 Tomas Mraz 0.9.8a-2 -- don't set -rpath for openssl binary - -* Tue Nov 8 2005 Tomas Mraz 0.9.8a-1 -- new upstream version -- patches partially renumbered - -* Fri Oct 21 2005 Tomas Mraz 0.9.7f-11 -- updated IBM ICA engine library and patch to latest upstream version - -* Wed Oct 12 2005 Tomas Mraz 0.9.7f-10 -- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which - disables the countermeasure against man in the middle attack in SSLv2 - (#169863) -- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803) - -* Tue Aug 23 2005 Tomas Mraz 0.9.7f-9 -- add *.so.soversion as symlinks in /lib (#165264) -- remove unpackaged symlinks (#159595) -- fixes from upstream (constant time fixes for DSA, - bn assembler div on ppc arch, initialize memory on realloc) - -* Thu Aug 11 2005 Phil Knirsch 0.9.7f-8 -- Updated ICA engine IBM patch to latest upstream version. - -* Thu May 19 2005 Tomas Mraz 0.9.7f-7 -- fix CAN-2005-0109 - use constant time/memory access mod_exp - so bits of private key aren't leaked by cache eviction (#157631) -- a few more fixes from upstream 0.9.7g - -* Wed Apr 27 2005 Tomas Mraz 0.9.7f-6 -- use poll instead of select in rand (#128285) -- fix Makefile.certificate to point to /etc/pki/tls -- change the default string mask in ASN1 to PrintableString+UTF8String - -* Mon Apr 25 2005 Joe Orton 0.9.7f-5 -- update to revision 1.37 of Mozilla CA bundle - -* Thu Apr 21 2005 Tomas Mraz 0.9.7f-4 -- move certificates to _sysconfdir/pki/tls (#143392) -- move CA directories to _sysconfdir/pki/CA -- patch the CA script and the default config so it points to the - CA directories - -* Fri Apr 1 2005 Tomas Mraz 0.9.7f-3 -- uninitialized variable mustn't be used as input in inline - assembly -- reenable the x86_64 assembly again - -* Thu Mar 31 2005 Tomas Mraz 0.9.7f-2 -- add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken -- disable broken bignum assembly on x86_64 - -* Wed Mar 30 2005 Tomas Mraz 0.9.7f-1 -- reenable optimizations on ppc64 and assembly code on ia64 -- upgrade to new upstream version (no soname bump needed) -- disable thread test - it was testing the backport of the - RSA blinding - no longer needed -- added support for changing serial number to - Makefile.certificate (#151188) -- make ca-bundle.crt a config file (#118903) - -* Tue Mar 1 2005 Tomas Mraz 0.9.7e-3 -- libcrypto shouldn't depend on libkrb5 (#135961) - -* Mon Feb 28 2005 Tomas Mraz 0.9.7e-2 -- rebuild - -* Mon Feb 28 2005 Tomas Mraz 0.9.7e-1 -- new upstream source, updated patches -- added patch so we are hopefully ABI compatible with upcoming - 0.9.7f - -* Thu Feb 10 2005 Tomas Mraz -- Support UTF-8 charset in the Makefile.certificate (#134944) -- Added cmp to BuildPrereq - -* Thu Jan 27 2005 Joe Orton 0.9.7a-46 -- generate new ca-bundle.crt from Mozilla certdata.txt (revision 1.32) - -* Thu Dec 23 2004 Phil Knirsch 0.9.7a-45 -- Fixed and updated libica-1.3.4-urandom.patch patch (#122967) - -* Fri Nov 19 2004 Nalin Dahyabhai 0.9.7a-44 -- rebuild - -* Fri Nov 19 2004 Nalin Dahyabhai 0.9.7a-43 -- rebuild - -* Fri Nov 19 2004 Nalin Dahyabhai 0.9.7a-42 -- rebuild - -* Fri Nov 19 2004 Nalin Dahyabhai 0.9.7a-41 -- remove der_chop, as upstream cvs has done (CAN-2004-0975, #140040) - -* Tue Oct 05 2004 Phil Knirsch 0.9.7a-40 -- Include latest libica version with important bugfixes - -* Tue Jun 15 2004 Elliot Lee -- rebuilt - -* Mon Jun 14 2004 Phil Knirsch 0.9.7a-38 -- Updated ICA engine IBM patch to latest upstream version. - -* Mon Jun 7 2004 Nalin Dahyabhai 0.9.7a-37 -- build for linux-alpha-gcc instead of alpha-gcc on alpha (Jeff Garzik) - -* Tue May 25 2004 Nalin Dahyabhai 0.9.7a-36 -- handle %%{_arch}=i486/i586/i686/athlon cases in the intermediate - header (#124303) - -* Thu Mar 25 2004 Joe Orton 0.9.7a-35 -- add security fixes for CAN-2004-0079, CAN-2004-0112 - -* Tue Mar 16 2004 Phil Knirsch -- Fixed libica filespec. - -* Thu Mar 11 2004 Nalin Dahyabhai 0.9.7a-34 -- ppc/ppc64 define __powerpc__/__powerpc64__, not __ppc__/__ppc64__, fix - the intermediate header - -* Wed Mar 10 2004 Nalin Dahyabhai 0.9.7a-33 -- add an intermediate which points to the right - arch-specific opensslconf.h on multilib arches - -* Tue Mar 02 2004 Elliot Lee -- rebuilt - -* Thu Feb 26 2004 Phil Knirsch 0.9.7a-32 -- Updated libica to latest upstream version 1.3.5. - -* Tue Feb 17 2004 Phil Knirsch 0.9.7a-31 -- Update ICA crypto engine patch from IBM to latest version. - -* Fri Feb 13 2004 Elliot Lee -- rebuilt - -* Fri Feb 13 2004 Phil Knirsch 0.9.7a-29 -- rebuilt - -* Wed Feb 11 2004 Phil Knirsch 0.9.7a-28 -- Fixed libica build. - -* Wed Feb 4 2004 Nalin Dahyabhai -- add "-ldl" to link flags added for Linux-on-ARM (#99313) - -* Wed Feb 4 2004 Joe Orton 0.9.7a-27 -- updated ca-bundle.crt: removed expired GeoTrust roots, added - freessl.com root, removed trustcenter.de Class 0 root - -* Sun Nov 30 2003 Tim Waugh 0.9.7a-26 -- Fix link line for libssl (bug #111154). - -* Fri Oct 24 2003 Nalin Dahyabhai 0.9.7a-25 -- add dependency on zlib-devel for the -devel package, which depends on zlib - symbols because we enable zlib for libssl (#102962) - -* Fri Oct 24 2003 Phil Knirsch 0.9.7a-24 -- Use /dev/urandom instead of PRNG for libica. -- Apply libica-1.3.5 fix for /dev/urandom in icalinux.c -- Use latest ICA engine patch from IBM. - -* Sat Oct 4 2003 Nalin Dahyabhai 0.9.7a-22.1 -- rebuild - -* Wed Oct 1 2003 Nalin Dahyabhai 0.9.7a-22 -- rebuild (22 wasn't actually built, fun eh?) - -* Tue Sep 30 2003 Nalin Dahyabhai 0.9.7a-23 -- re-disable optimizations on ppc64 - -* Tue Sep 30 2003 Joe Orton -- add a_mbstr.c fix for 64-bit platforms from CVS - -* Tue Sep 30 2003 Nalin Dahyabhai 0.9.7a-22 -- add -Wa,--noexecstack to RPM_OPT_FLAGS so that assembled modules get tagged - as not needing executable stacks - -* Mon Sep 29 2003 Nalin Dahyabhai 0.9.7a-21 -- rebuild - -* Thu Sep 25 2003 Nalin Dahyabhai -- re-enable optimizations on ppc64 - -* Thu Sep 25 2003 Nalin Dahyabhai -- remove exclusivearch - -* Wed Sep 24 2003 Nalin Dahyabhai 0.9.7a-20 -- only parse a client cert if one was requested -- temporarily exclusivearch for %%{ix86} - -* Tue Sep 23 2003 Nalin Dahyabhai -- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544) - and heap corruption (CAN-2003-0545) -- update RHNS-CA-CERT files -- ease back on the number of threads used in the threading test - -* Wed Sep 17 2003 Matt Wilson 0.9.7a-19 -- rebuild to fix gzipped file md5sums (#91211) - -* Mon Aug 25 2003 Phil Knirsch 0.9.7a-18 -- Updated libica to version 1.3.4. - -* Thu Jul 17 2003 Nalin Dahyabhai 0.9.7a-17 -- rebuild - -* Tue Jul 15 2003 Nalin Dahyabhai 0.9.7a-10.9 -- free the kssl_ctx structure when we free an SSL structure (#99066) - -* Fri Jul 11 2003 Nalin Dahyabhai 0.9.7a-16 -- rebuild - -* Thu Jul 10 2003 Nalin Dahyabhai 0.9.7a-15 -- lower thread test count on s390x - -* Tue Jul 8 2003 Nalin Dahyabhai 0.9.7a-14 -- rebuild - -* Thu Jun 26 2003 Nalin Dahyabhai 0.9.7a-13 -- disable assembly on arches where it seems to conflict with threading - -* Thu Jun 26 2003 Phil Knirsch 0.9.7a-12 -- Updated libica to latest upstream version 1.3.0 - -* Wed Jun 11 2003 Nalin Dahyabhai 0.9.7a-9.9 -- rebuild - -* Wed Jun 11 2003 Nalin Dahyabhai 0.9.7a-11 -- rebuild - -* Tue Jun 10 2003 Nalin Dahyabhai 0.9.7a-10 -- ubsec: don't stomp on output data which might also be input data - -* Tue Jun 10 2003 Nalin Dahyabhai 0.9.7a-9 -- temporarily disable optimizations on ppc64 - -* Mon Jun 9 2003 Nalin Dahyabhai -- backport fix for engine-used-for-everything from 0.9.7b -- backport fix for prng not being seeded causing problems, also from 0.9.7b -- add a check at build-time to ensure that RSA is thread-safe -- keep perlpath from stomping on the libica configure scripts - -* Fri Jun 6 2003 Nalin Dahyabhai -- thread-safety fix for RSA blinding - -* Wed Jun 04 2003 Elliot Lee 0.9.7a-8 -- rebuilt - -* Fri May 30 2003 Phil Knirsch 0.9.7a-7 -- Added libica-1.2 to openssl (featurerequest). - -* Wed Apr 16 2003 Nalin Dahyabhai 0.9.7a-6 -- fix building with incorrect flags on ppc64 - -* Wed Mar 19 2003 Nalin Dahyabhai 0.9.7a-5 -- add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's - attack (CAN-2003-0131) - -* Mon Mar 17 2003 Nalin Dahyabhai 0.9.7a-4 -- add patch to enable RSA blinding by default, closing a timing attack - (CAN-2003-0147) - -* Wed Mar 5 2003 Nalin Dahyabhai 0.9.7a-3 -- disable use of BN assembly module on x86_64, but continue to allow inline - assembly (#83403) - -* Thu Feb 27 2003 Nalin Dahyabhai 0.9.7a-2 -- disable EC algorithms - -* Wed Feb 19 2003 Nalin Dahyabhai 0.9.7a-1 -- update to 0.9.7a - -* Wed Feb 19 2003 Nalin Dahyabhai 0.9.7-8 -- add fix to guard against attempts to allocate negative amounts of memory -- add patch for CAN-2003-0078, fixing a timing attack - -* Thu Feb 13 2003 Elliot Lee 0.9.7-7 -- Add openssl-ppc64.patch - -* Mon Feb 10 2003 Nalin Dahyabhai 0.9.7-6 -- EVP_DecryptInit should call EVP_CipherInit() instead of EVP_CipherInit_ex(), - to get the right behavior when passed uninitialized context structures - (#83766) -- build with -mcpu=ev5 on alpha family (#83828) - -* Wed Jan 22 2003 Tim Powers -- rebuilt - -* Fri Jan 17 2003 Phil Knirsch 0.9.7-4 -- Added IBM hw crypto support patch. - -* Wed Jan 15 2003 Nalin Dahyabhai -- add missing builddep on sed - -* Thu Jan 9 2003 Bill Nottingham 0.9.7-3 -- debloat -- fix broken manpage symlinks - -* Wed Jan 8 2003 Nalin Dahyabhai 0.9.7-2 -- fix double-free in 'openssl ca' - -* Fri Jan 3 2003 Nalin Dahyabhai 0.9.7-1 -- update to 0.9.7 final - -* Tue Dec 17 2002 Nalin Dahyabhai 0.9.7-0 -- update to 0.9.7 beta6 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7) - -* Wed Dec 11 2002 Nalin Dahyabhai -- update to 0.9.7 beta5 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7) - -* Tue Oct 22 2002 Nalin Dahyabhai 0.9.6b-30 -- add configuration stanza for x86_64 and use it on x86_64 -- build for linux-ppc on ppc -- start running the self-tests again - -* Wed Oct 02 2002 Elliot Lee 0.9.6b-29hammer.3 -- Merge fixes from previous hammer packages, including general x86-64 and - multilib - -* Tue Aug 6 2002 Nalin Dahyabhai 0.9.6b-29 -- rebuild - -* Thu Aug 1 2002 Nalin Dahyabhai 0.9.6b-28 -- update asn patch to fix accidental reversal of a logic check - -* Wed Jul 31 2002 Nalin Dahyabhai 0.9.6b-27 -- update asn patch to reduce chance that compiler optimization will remove - one of the added tests - -* Wed Jul 31 2002 Nalin Dahyabhai 0.9.6b-26 -- rebuild - -* Mon Jul 29 2002 Nalin Dahyabhai 0.9.6b-25 -- add patch to fix ASN.1 vulnerabilities - -* Thu Jul 25 2002 Nalin Dahyabhai 0.9.6b-24 -- add backport of Ben Laurie's patches for OpenSSL 0.9.6d - -* Wed Jul 17 2002 Nalin Dahyabhai 0.9.6b-23 -- own {_datadir}/ssl/misc - -* Fri Jun 21 2002 Tim Powers -- automated rebuild - -* Sun May 26 2002 Tim Powers -- automated rebuild - -* Fri May 17 2002 Nalin Dahyabhai 0.9.6b-20 -- free ride through the build system (whee!) - -* Thu May 16 2002 Nalin Dahyabhai 0.9.6b-19 -- rebuild in new environment - -* Thu Apr 4 2002 Nalin Dahyabhai 0.9.6b-17, 0.9.6b-18 -- merge RHL-specific bits into stronghold package, rename - -* Tue Apr 02 2002 Gary Benson stronghold-0.9.6c-2 -- add support for Chrysalis Luna token - -* Tue Mar 26 2002 Gary Benson -- disable AEP random number generation, other AEP fixes - -* Fri Mar 15 2002 Nalin Dahyabhai 0.9.6b-15 -- only build subpackages on primary arches - -* Thu Mar 14 2002 Nalin Dahyabhai 0.9.6b-13 -- on ia32, only disable use of assembler on i386 -- enable assembly on ia64 - -* Mon Jan 7 2002 Florian La Roche 0.9.6b-11 -- fix sparcv9 entry - -* Mon Jan 7 2002 Gary Benson stronghold-0.9.6c-1 -- upgrade to 0.9.6c -- bump BuildArch to i686 and enable assembler on all platforms -- synchronise with shrimpy and rawhide -- bump soversion to 3 - -* Wed Oct 10 2001 Florian La Roche -- delete BN_LLONG for s390x, patch from Oliver Paukstadt - -* Mon Sep 17 2001 Nalin Dahyabhai 0.9.6b-9 -- update AEP driver patch - -* Mon Sep 10 2001 Nalin Dahyabhai -- adjust RNG disabling patch to match version of patch from Broadcom - -* Fri Sep 7 2001 Nalin Dahyabhai 0.9.6b-8 -- disable the RNG in the ubsec engine driver - -* Tue Aug 28 2001 Nalin Dahyabhai 0.9.6b-7 -- tweaks to the ubsec engine driver - -* Fri Aug 24 2001 Nalin Dahyabhai 0.9.6b-6 -- tweaks to the ubsec engine driver - -* Thu Aug 23 2001 Nalin Dahyabhai 0.9.6b-5 -- update ubsec engine driver from Broadcom - -* Fri Aug 10 2001 Nalin Dahyabhai 0.9.6b-4 -- move man pages back to %%{_mandir}/man?/foo.?ssl from - %%{_mandir}/man?ssl/foo.? -- add an [ engine ] section to the default configuration file - -* Thu Aug 9 2001 Nalin Dahyabhai -- add a patch for selecting a default engine in SSL_library_init() - -* Mon Jul 23 2001 Nalin Dahyabhai 0.9.6b-3 -- add patches for AEP hardware support -- add patch to keep trying when we fail to load a cert from a file and - there are more in the file -- add missing prototype for ENGINE_ubsec() in engine_int.h - -* Wed Jul 18 2001 Nalin Dahyabhai 0.9.6b-2 -- actually add hw_ubsec to the engine list - -* Tue Jul 17 2001 Nalin Dahyabhai -- add in the hw_ubsec driver from CVS - -* Wed Jul 11 2001 Nalin Dahyabhai 0.9.6b-1 -- update to 0.9.6b - -* Thu Jul 5 2001 Nalin Dahyabhai -- move .so symlinks back to %%{_libdir} - -* Tue Jul 3 2001 Nalin Dahyabhai -- move shared libraries to /lib (#38410) - -* Mon Jun 25 2001 Nalin Dahyabhai -- switch to engine code base - -* Mon Jun 18 2001 Nalin Dahyabhai -- add a script for creating dummy certificates -- move man pages from %%{_mandir}/man?/foo.?ssl to %%{_mandir}/man?ssl/foo.? - -* Thu Jun 07 2001 Florian La Roche -- add s390x support - -* Fri Jun 1 2001 Nalin Dahyabhai -- change two memcpy() calls to memmove() -- don't define L_ENDIAN on alpha - -* Wed May 23 2001 Joe Orton stronghold-0.9.6a-1 -- Add 'stronghold-' prefix to package names. -- Obsolete standard openssl packages. - -* Wed May 16 2001 Joe Orton -- Add BuildArch: i586 as per Nalin's advice. - -* Tue May 15 2001 Joe Orton -- Enable assembler on ix86 (using new .tar.bz2 which does - include the asm directories). - -* Tue May 15 2001 Nalin Dahyabhai -- make subpackages depend on the main package - -* Tue May 1 2001 Nalin Dahyabhai -- adjust the hobble script to not disturb symlinks in include/ (fix from - Joe Orton) - -* Fri Apr 27 2001 Nalin Dahyabhai -- drop the m2crypo patch we weren't using - -* Tue Apr 24 2001 Nalin Dahyabhai -- configure using "shared" as well - -* Sun Apr 8 2001 Nalin Dahyabhai -- update to 0.9.6a -- use the build-shared target to build shared libraries -- bump the soversion to 2 because we're no longer compatible with - our 0.9.5a packages or our 0.9.6 packages -- drop the patch for making rsatest a no-op when rsa null support is used -- put all man pages into
ssl instead of
-- break the m2crypto modules into a separate package - -* Tue Mar 13 2001 Nalin Dahyabhai -- use BN_LLONG on s390 - -* Mon Mar 12 2001 Nalin Dahyabhai -- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit) - -* Sat Mar 3 2001 Nalin Dahyabhai -- move c_rehash to the perl subpackage, because it's a perl script now - -* Fri Mar 2 2001 Nalin Dahyabhai -- update to 0.9.6 -- enable MD2 -- use the libcrypto.so and libssl.so targets to build shared libs with -- bump the soversion to 1 because we're no longer compatible with any of - the various 0.9.5a packages circulating around, which provide lib*.so.0 - -* Wed Feb 28 2001 Florian La Roche -- change hobble-openssl for disabling MD2 again - -* Tue Feb 27 2001 Nalin Dahyabhai -- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152 - bytes or so, causing EVP_DigestInit() to zero out stack variables in - apps built against a version of the library without it - -* Mon Feb 26 2001 Nalin Dahyabhai -- disable some inline assembly, which on x86 is Pentium-specific -- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all) - -* Thu Feb 08 2001 Florian La Roche -- fix s390 patch - -* Fri Dec 8 2000 Than Ngo -- added support s390 - -* Mon Nov 20 2000 Nalin Dahyabhai -- remove -Wa,* and -m* compiler flags from the default Configure file (#20656) -- add the CA.pl man page to the perl subpackage - -* Thu Nov 2 2000 Nalin Dahyabhai -- always build with -mcpu=ev5 on alpha - -* Tue Oct 31 2000 Nalin Dahyabhai -- add a symlink from cert.pem to ca-bundle.crt - -* Wed Oct 25 2000 Nalin Dahyabhai -- add a ca-bundle file for packages like Samba to reference for CA certificates - -* Tue Oct 24 2000 Nalin Dahyabhai -- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295) - -* Mon Oct 2 2000 Nalin Dahyabhai -- add unzip as a buildprereq (#17662) -- update m2crypto to 0.05-snap4 - -* Tue Sep 26 2000 Bill Nottingham -- fix some issues in building when it's not installed - -* Wed Sep 6 2000 Nalin Dahyabhai -- make sure the headers we include are the ones we built with (aaaaarrgh!) - -* Fri Sep 1 2000 Nalin Dahyabhai -- add Richard Henderson's patch for BN on ia64 -- clean up the changelog - -* Tue Aug 29 2000 Nalin Dahyabhai -- fix the building of python modules without openssl-devel already installed - -* Wed Aug 23 2000 Nalin Dahyabhai -- byte-compile python extensions without the build-root -- adjust the makefile to not remove temporary files (like .key files when - building .csr files) by marking them as .PRECIOUS - -* Sat Aug 19 2000 Nalin Dahyabhai -- break out python extensions into a subpackage - -* Mon Jul 17 2000 Nalin Dahyabhai -- tweak the makefile some more - -* Tue Jul 11 2000 Nalin Dahyabhai -- disable MD2 support - -* Thu Jul 6 2000 Nalin Dahyabhai -- disable MDC2 support - -* Sun Jul 2 2000 Nalin Dahyabhai -- tweak the disabling of RC5, IDEA support -- tweak the makefile - -* Thu Jun 29 2000 Nalin Dahyabhai -- strip binaries and libraries -- rework certificate makefile to have the right parts for Apache - -* Wed Jun 28 2000 Nalin Dahyabhai -- use %%{_perl} instead of /usr/bin/perl -- disable alpha until it passes its own test suite - -* Fri Jun 9 2000 Nalin Dahyabhai -- move the passwd.1 man page out of the passwd package's way - -* Fri Jun 2 2000 Nalin Dahyabhai -- update to 0.9.5a, modified for U.S. -- add perl as a build-time requirement -- move certificate makefile to another package -- disable RC5, IDEA, RSA support -- remove optimizations for now - -* Wed Mar 1 2000 Florian La Roche -- Bero told me to move the Makefile into this package - -* Wed Mar 1 2000 Florian La Roche -- add lib*.so symlinks to link dynamically against shared libs - -* Tue Feb 29 2000 Florian La Roche -- update to 0.9.5 -- run ldconfig directly in post/postun -- add FAQ - -* Sat Dec 18 1999 Bernhard Rosenkrdnzer -- Fix build on non-x86 platforms - -* Fri Nov 12 1999 Bernhard Rosenkrdnzer -- move /usr/share/ssl/* from -devel to main package - -* Tue Oct 26 1999 Bernhard Rosenkrdnzer -- inital packaging -- changes from base: - - Move /usr/local/ssl to /usr/share/ssl for FHS compliance - - handle RPM_OPT_FLAGS +* Fri Apr 09 2021 Sahana Prasad 3.0.0-0.alpha13.1 +- Update to new major release OpenSSL 3.0.0 alpha 13 + Resolves: rhbz#1903209 diff --git a/opensslconf-new.h b/opensslconf-new.h deleted file mode 100644 index 04363c3..0000000 --- a/opensslconf-new.h +++ /dev/null @@ -1,47 +0,0 @@ -/* This file is here to prevent a file conflict on multiarch systems. A - * conflict will frequently occur because arch-specific build-time - * configuration options are stored (and used, so they can't just be stripped - * out) in opensslconf.h. The original opensslconf.h has been renamed. - * DO NOT INCLUDE THE NEW FILE DIRECTLY -- ALWAYS INCLUDE THIS ONE INSTEAD. */ - -#ifdef openssl_opensslconf_multilib_redirection_h -#error "Do not define openssl_opensslconf_multilib_redirection_h!" -#endif -#define openssl_opensslconf_multilib_redirection_h - -#if defined(__i386__) -#include "opensslconf-i386.h" -#elif defined(__ia64__) -#include "opensslconf-ia64.h" -#elif defined(__mips64) && defined(__MIPSEL__) -#include "opensslconf-mips64el.h" -#elif defined(__mips64) -#include "opensslconf-mips64.h" -#elif defined(__mips) && defined(__MIPSEL__) -#include "opensslconf-mipsel.h" -#elif defined(__mips) -#include "opensslconf-mips.h" -#elif defined(__powerpc64__) -#include -#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ -#include "opensslconf-ppc64.h" -#else -#include "opensslconf-ppc64le.h" -#endif -#elif defined(__powerpc__) -#include "opensslconf-ppc.h" -#elif defined(__s390x__) -#include "opensslconf-s390x.h" -#elif defined(__s390__) -#include "opensslconf-s390.h" -#elif defined(__sparc__) && defined(__arch64__) -#include "opensslconf-sparc64.h" -#elif defined(__sparc__) -#include "opensslconf-sparc.h" -#elif defined(__x86_64__) -#include "opensslconf-x86_64.h" -#else -#error "This openssl-devel package does not work your architecture?" -#endif - -#undef openssl_opensslconf_multilib_redirection_h diff --git a/sources b/sources index cc9f962..d8f2826 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-1.1.1k-hobbled.tar.xz) = b5282e40af8f28f7a859dfddeb269f3a4b0f4fb535de330dfd3ad14a123b57fe66e3880c6c9aacf49865175b1f7f6c88cae31451a99d4ac2b2cb1c5135d4ada9 +SHA512 (openssl-3.0.0-hobbled.tar.xz) = c5837020f7fc395d283673ab8cb2b14a858edb1fe53b5b46d47d61225881724d675d3aadc37782e43937b015cb26e88002915065f02a78217e11d9964bf79c0c diff --git a/tests/simple-rsapss-test/Makefile b/tests/simple-rsapss-test/Makefile deleted file mode 100644 index 13a123d..0000000 --- a/tests/simple-rsapss-test/Makefile +++ /dev/null @@ -1,63 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/openssl/Sanity/simple-rsapss-test -# Description: Test if RSA-PSS signature scheme is supported -# Author: Hubert Kario -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2013 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/openssl/Sanity/simple-rsapss-test -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - --include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Hubert Kario " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: Test if RSA-PSS signature scheme is supported" >> $(METADATA) - @echo "Type: Sanity" >> $(METADATA) - @echo "TestTime: 1m" >> $(METADATA) - @echo "RunFor: openssl" >> $(METADATA) - @echo "Requires: openssl man man-db" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/tests/simple-rsapss-test/PURPOSE b/tests/simple-rsapss-test/PURPOSE deleted file mode 100644 index 66848e7..0000000 --- a/tests/simple-rsapss-test/PURPOSE +++ /dev/null @@ -1,3 +0,0 @@ -PURPOSE of /CoreOS/openssl/Sanity/simple-rsapss-test -Description: Test if RSA-PSS signature scheme is supported -Author: Hubert Kario diff --git a/tests/simple-rsapss-test/runtest.sh b/tests/simple-rsapss-test/runtest.sh deleted file mode 100755 index 8b60e2f..0000000 --- a/tests/simple-rsapss-test/runtest.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash -# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/openssl/Sanity/simple-rsapss-test -# Description: Test if RSA-PSS signature scheme is supported -# Author: Hubert Kario -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2013 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="openssl" - -PUB_KEY="rsa_pubkey.pem" -PRIV_KEY="rsa_key.pem" -FILE="text.txt" -SIG="text.sig" - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm $PACKAGE - rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlRun "openssl genrsa -out $PRIV_KEY 2048" 0 "Generate RSA key" - rlRun "openssl rsa -in $PRIV_KEY -out $PUB_KEY -pubout" 0 "Split the public key from private key" - rlRun "echo 'sign me!' > $FILE" 0 "Create file for signing" - rlAssertExists $FILE - rlAssertExists $PRIV_KEY - rlAssertExists $PUB_KEY - rlPhaseEnd - - rlPhaseStartTest "Test RSA-PSS padding mode" - set -o pipefail - rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -out $SIG -sign $PRIV_KEY $FILE" 0 "Sign the file" - rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -prverify $PRIV_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using the private key file" - rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -verify $PUB_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using public key file" - rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -prverify $PRIV_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using the private key file without specifying salt length" - rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -verify $PUB_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using public key file without specifying salt length" - set +o pipefail - rlRun "sed -i 's/sign/Sign/' $FILE" 0 "Modify signed file" - rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -verify $PUB_KEY -signature $SIG $FILE | grep 'Verification Failure'" 0 "Verify that the signature is no longer valid" - rlPhaseEnd - - rlPhaseStartTest "Documentation check" - [ -e "$(rpm -ql openssl | grep dgst)"] && rlRun "man dgst | col -b | grep -- -sigopt" 0 "Check if -sigopt option is described in man page" - rlRun "openssl dgst -help 2>&1 | grep -- -sigopt" 0 "Check if -sigopt option is present in help message" - rlPhaseEnd - - rlPhaseStartCleanup - rlRun "popd" - rlRun "rm -r $TmpDir" 0 "Removing tmp directory" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/tests.yml b/tests/tests.yml deleted file mode 100644 index 4b71d56..0000000 --- a/tests/tests.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -# This first play always runs on the local staging system -- hosts: localhost - roles: - - role: standard-test-beakerlib - tags: - - classic - - container - tests: - - simple-rsapss-test - required_packages: - - findutils # beakerlib needs find command - - man # needed by simple-rsapss-test - - man-db # needed by simple-rsapss-test - - openssl # needed by simple-rsapss-test diff --git a/tests/tests_python.yml b/tests/tests_python.yml deleted file mode 100644 index 5341446..0000000 --- a/tests/tests_python.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- hosts: localhost - roles: - - role: standard-test-basic - tags: - - classic - repositories: - - repo: "https://src.fedoraproject.org/tests/python.git" - dest: "python" - tests: - - python_selftest: - dir: python/selftest - run: X="test_ssl test_asyncio test_hashlib test_ftplib test_httplib test_imaplib test_logging test_nntplib test_poplib test_urllib2_localnet test_urllib test_xmlrpc" ./parallel.sh - required_packages: - - gcc # for extension building in venv and selftest - - python3-tkinter # for selftest - - python3-test # for selftest - - python3-rpm-macros # for dynamic python version From 620c6977405dc09c174dcb359bd310bc8775e77f Mon Sep 17 00:00:00 2001 From: Mohan Boddu Date: Fri, 16 Apr 2021 02:42:42 +0000 Subject: [PATCH 11/41] - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 Signed-off-by: Mohan Boddu --- openssl.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/openssl.spec b/openssl.spec index 2be384c..7c585f3 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha13.1%{?dist} +Release: 0.alpha13.1%{?dist}.1 Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -372,6 +372,9 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Fri Apr 16 2021 Mohan Boddu - 1:3.0.0-0.alpha13.1.1 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + * Fri Apr 09 2021 Sahana Prasad 3.0.0-0.alpha13.1 - Update to new major release OpenSSL 3.0.0 alpha 13 Resolves: rhbz#1903209 From 007b0e01a960243b665c2cfeeef3a19e24d9dc48 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Mon, 26 Apr 2021 19:31:15 +0200 Subject: [PATCH 12/41] Update to alpha 15 version Resolves: openssl speed crashes rhbz#1952598 Resolves: rhbz#1903209 Signed-off-by: Sahana Prasad --- ...PROFILE-SYSTEM-system-default-cipher.patch | 6 +- 0009-Add-Kernel-FIPS-mode-flag-support.patch | 2 +- 0011-Remove-EC-curves.patch | 63 +++++++++++++------ ectest.c | 6 +- openssl.spec | 12 ++-- sources | 2 +- 6 files changed, 60 insertions(+), 31 deletions(-) diff --git a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch index 6b8117e..8a873ba 100644 --- a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +++ b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch @@ -322,9 +322,9 @@ index 404a706fab..e81fa9ec3e 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION: - RAND_set_DRBG_type ? 3_0_0 EXIST::FUNCTION: - RAND_set_seed_source_type ? 3_0_0 EXIST::FUNCTION: - BIO_f_readbuffer ? 3_0_0 EXIST::FUNCTION: + EVP_CIPHER_CTX_get0_cipher ? 3_0_0 EXIST::FUNCTION: + EVP_CIPHER_CTX_get1_cipher ? 3_0_0 EXIST::FUNCTION: + OSSL_LIB_CTX_get0_global_default ? 3_0_0 EXIST::FUNCTION: +ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: -- 2.26.2 diff --git a/0009-Add-Kernel-FIPS-mode-flag-support.patch b/0009-Add-Kernel-FIPS-mode-flag-support.patch index c05febf..c56b427 100644 --- a/0009-Add-Kernel-FIPS-mode-flag-support.patch +++ b/0009-Add-Kernel-FIPS-mode-flag-support.patch @@ -2,8 +2,8 @@ diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha1 --- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100 +++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100 @@ -12,11 +12,54 @@ - #include "internal/thread_once.h" #include "internal/property.h" + #include "internal/core.h" +#ifndef FIPS_MODULE +# include diff --git a/0011-Remove-EC-curves.patch b/0011-Remove-EC-curves.patch index ba86314..1f43bf0 100644 --- a/0011-Remove-EC-curves.patch +++ b/0011-Remove-EC-curves.patch @@ -306,25 +306,6 @@ diff -up openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in.ec-curves op }, }, ); -diff -up openssl-3.0.0-alpha13/test/evp_extra_test.c.ec-curves openssl-3.0.0-alpha13/test/evp_extra_test.c ---- openssl-3.0.0-alpha13/test/evp_extra_test.c.ec-curves 2021-04-10 13:49:53.381742691 +0200 -+++ openssl-3.0.0-alpha13/test/evp_extra_test.c 2021-04-10 13:56:11.742776705 +0200 -@@ -2414,13 +2414,13 @@ err: - } - - #ifndef OPENSSL_NO_EC --static int ecpub_nids[] = { NID_brainpoolP256r1, NID_X9_62_prime256v1, -+static int ecpub_nids[] = {NID_X9_62_prime256v1, - NID_secp384r1, NID_secp521r1, - #ifndef OPENSSL_NO_EC2M - NID_sect233k1, NID_sect233r1, NID_sect283r1, - NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, - #endif -- NID_brainpoolP384r1, NID_brainpoolP512r1}; -+ }; - - static int test_ecpub(int idx) - { diff -up openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t --- openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves 2021-04-10 14:00:22.482782216 +0200 +++ openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t 2021-04-10 14:08:50.769727651 +0200 @@ -619,3 +600,47 @@ diff -up openssl-3.0.0-alpha13/test/recipes/65-test_cmp_vfy.t.ec-curves openssl- my @basic_cmd = ("cmp_vfy_test", data_file("server.crt"), data_file("client.crt"), +diff -up openssl-3.0.0-alpha15/crypto/evp/ec_support.c.ec-curves openssl-3.0.0-alpha15/crypto/evp/ec_support.c +--- openssl-3.0.0-alpha15/crypto/evp/ec_support.c.ec-curves 2021-04-23 18:15:12.571691284 +0200 ++++ openssl-3.0.0-alpha15/crypto/evp/ec_support.c 2021-04-23 18:16:00.803087403 +0200 +@@ -28,7 +28,6 @@ static const EC_NAME2NID curve_list[] = + static const EC_NAME2NID curve_list[] = { + /* prime field curves */ + /* secg curves */ +- {"secp224k1", NID_secp224k1 }, + {"secp224r1", NID_secp224r1 }, + {"secp256k1", NID_secp256k1 }, + {"secp384r1", NID_secp384r1 }, +diff -up openssl-3.0.0-alpha15/test/evp_extra_test.c.ec-curves openssl-3.0.0-alpha15/test/evp_extra_test.c +--- openssl-3.0.0-alpha15/test/evp_extra_test.c.ec-curves 2021-04-23 18:11:06.508670408 +0200 ++++ openssl-3.0.0-alpha15/test/evp_extra_test.c 2021-04-23 18:12:44.833477933 +0200 +@@ -2693,13 +2693,13 @@ err: + #endif + + #ifndef OPENSSL_NO_EC +-static int ecpub_nids[] = { NID_brainpoolP256r1, NID_X9_62_prime256v1, ++static int ecpub_nids[] = { NID_X9_62_prime256v1, + NID_secp384r1, NID_secp521r1, + #ifndef OPENSSL_NO_EC2M + NID_sect233k1, NID_sect233r1, NID_sect283r1, + NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, + #endif +- NID_brainpoolP384r1, NID_brainpoolP512r1}; ++ }; + + static int test_ecpub(int idx) + { +diff -up openssl-3.0.0-alpha15/apps/speed.c.ec-curves openssl-3.0.0-alpha15/apps/speed.c +--- openssl-3.0.0-alpha15/apps/speed.c.ec-curves 2021-04-26 14:25:44.049991942 +0200 ++++ openssl-3.0.0-alpha15/apps/speed.c 2021-04-26 14:36:10.643570273 +0200 +@@ -1439,8 +1439,8 @@ int speed_main(int argc, char **argv) + OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448); + OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0); + +- OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1); +- OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0); ++ OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_secp521r1); ++ OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsap521") == 0); + + #ifndef OPENSSL_NO_SM2 + OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2); diff --git a/ectest.c b/ectest.c index 8e64f36..a4481dc 100644 --- a/ectest.c +++ b/ectest.c @@ -1908,7 +1908,7 @@ err: BN_free(a_out); BN_free(b_out); BN_free(p_out); - OSSL_PARAM_BLD_free_params(params); + OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); EVP_PKEY_free(pkeyparam); EVP_PKEY_CTX_free(pctx); @@ -2255,8 +2255,8 @@ static int custom_params_test(int id) BN_CTX_end(ctx); BN_CTX_free(ctx); OSSL_PARAM_BLD_free(param_bld); - OSSL_PARAM_BLD_free_params(params1); - OSSL_PARAM_BLD_free_params(params2); + OSSL_PARAM_free(params1); + OSSL_PARAM_free(params2); EC_POINT_free(Q1); EC_POINT_free(Q2); EC_POINT_free(G2); diff --git a/openssl.spec b/openssl.spec index 2be384c..aed2925 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha13.1%{?dist} +Release: 0.alpha15.1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -55,7 +55,7 @@ Patch10: 0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch # remove unsupported EC curves Patch11: 0011-Remove-EC-curves.patch -License: ASL 2.0 and OpenSSL +License: ASL 2.0 URL: http://www.openssl.org/ BuildRequires: gcc BuildRequires: coreutils, perl-interpreter, sed, zlib-devel, /usr/bin/cmp @@ -109,7 +109,7 @@ package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit. %prep -%autosetup -S git -n %{name}-%{version}-alpha13 +%autosetup -S git -n %{name}-%{version}-alpha15 # The hobble_openssl is called here redundantly, just to be sure. # The tarball has already the sources removed. @@ -270,7 +270,7 @@ mv $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/misc/tsget $RPM_BUILD_ROOT%{_bindir} # Rename man pages so that they don't conflict with other system man pages. pushd $RPM_BUILD_ROOT%{_mandir} -mv man5/config.5 man5/openssl.cnf.5 +mv man5/config.5ossl man5/openssl.cnf.5 popd mkdir -m755 $RPM_BUILD_ROOT%{_sysconfdir}/pki/CA @@ -372,6 +372,10 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Mon Apr 26 2021 Sahana Prasad 3.0.0-0.alpha15.1 +- Update to alpha 15 version + Resolves: rhbz#1903209, rhbz#1952598, + * Fri Apr 09 2021 Sahana Prasad 3.0.0-0.alpha13.1 - Update to new major release OpenSSL 3.0.0 alpha 13 Resolves: rhbz#1903209 diff --git a/sources b/sources index d8f2826..b0a8d8f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-3.0.0-hobbled.tar.xz) = c5837020f7fc395d283673ab8cb2b14a858edb1fe53b5b46d47d61225881724d675d3aadc37782e43937b015cb26e88002915065f02a78217e11d9964bf79c0c +SHA512 (openssl-3.0.0-hobbled.tar.xz) = aeb95ea4781cf18d61150abe2e8307d4985928b0385170da62504eaf30370d3a564642028b362c4bc366acffa043c3f136d67bd2401719bb3c2cdf79a86511ba From ef962954ab149cdac3100345c98065e2739c3de4 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Mon, 17 May 2021 11:30:32 +0200 Subject: [PATCH 13/41] Update to alpha 16 version Avoids sending alert after orderly connection close Resolves: rhbz#1952901, rhbz#1903209 Signed-off-by: Sahana Prasad --- ...PROFILE-SYSTEM-system-default-cipher.patch | 6 +- 0009-Add-Kernel-FIPS-mode-flag-support.patch | 2 +- 0010-Avoid-sending-alert-after-shutdown.patch | 12 + ...-EVP-extra-test-with-OPENSSL_NO_EC2M.patch | 16 - 0011-Remove-EC-curves.patch | 15864 +++++++++++++++- openssl.spec | 12 +- sources | 2 +- 7 files changed, 15870 insertions(+), 44 deletions(-) create mode 100644 0010-Avoid-sending-alert-after-shutdown.patch delete mode 100644 0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch diff --git a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch index 8a873ba..0608974 100644 --- a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +++ b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch @@ -322,9 +322,9 @@ index 404a706fab..e81fa9ec3e 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION: - EVP_CIPHER_CTX_get0_cipher ? 3_0_0 EXIST::FUNCTION: - EVP_CIPHER_CTX_get1_cipher ? 3_0_0 EXIST::FUNCTION: - OSSL_LIB_CTX_get0_global_default ? 3_0_0 EXIST::FUNCTION: + BIO_new_ex ? 3_0_0 EXIST::FUNCTION: + BIO_s_core ? 3_0_0 EXIST::FUNCTION: + OSSL_LIB_CTX_new_from_dispatch ? 3_0_0 EXIST::FUNCTION: +ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: -- 2.26.2 diff --git a/0009-Add-Kernel-FIPS-mode-flag-support.patch b/0009-Add-Kernel-FIPS-mode-flag-support.patch index c56b427..95a32a9 100644 --- a/0009-Add-Kernel-FIPS-mode-flag-support.patch +++ b/0009-Add-Kernel-FIPS-mode-flag-support.patch @@ -2,8 +2,8 @@ diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha1 --- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100 +++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100 @@ -12,11 +12,54 @@ - #include "internal/property.h" #include "internal/core.h" + #include "internal/bio.h" +#ifndef FIPS_MODULE +# include diff --git a/0010-Avoid-sending-alert-after-shutdown.patch b/0010-Avoid-sending-alert-after-shutdown.patch new file mode 100644 index 0000000..1d2b6cb --- /dev/null +++ b/0010-Avoid-sending-alert-after-shutdown.patch @@ -0,0 +1,12 @@ +diff -up openssl-3.0.0-alpha16/ssl/s3_msg.c.shut-down openssl-3.0.0-alpha16/ssl/s3_msg.c +--- openssl-3.0.0-alpha16/ssl/s3_msg.c.shut-down 2021-05-17 11:11:11.050702699 +0200 ++++ openssl-3.0.0-alpha16/ssl/s3_msg.c 2021-05-17 11:12:37.741526784 +0200 +@@ -52,6 +52,8 @@ int ssl3_send_alert(SSL *s, int level, i + * protocol_version alerts */ + if (desc < 0) + return -1; ++ if (s->shutdown & SSL_SENT_SHUTDOWN && desc != SSL_AD_CLOSE_NOTIFY) ++ return -1; + /* If a fatal one, remove from cache */ + if ((level == SSL3_AL_FATAL) && (s->session != NULL)) + SSL_CTX_remove_session(s->session_ctx, s->session); diff --git a/0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch b/0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch deleted file mode 100644 index d82d757..0000000 --- a/0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff -up openssl-3.0.0-alpha13/test/evp_extra_test.c.diff openssl-3.0.0-alpha13/test/evp_extra_test.c ---- openssl-3.0.0-alpha13/test/evp_extra_test.c.diff 2021-04-01 17:59:42.096566581 +0200 -+++ openssl-3.0.0-alpha13/test/evp_extra_test.c 2021-04-01 18:21:38.433182330 +0200 -@@ -2415,8 +2415,11 @@ err: - - #ifndef OPENSSL_NO_EC - static int ecpub_nids[] = { NID_brainpoolP256r1, NID_X9_62_prime256v1, -- NID_secp384r1, NID_secp521r1, NID_sect233k1, NID_sect233r1, NID_sect283r1, -+ NID_secp384r1, NID_secp521r1, -+#ifndef OPENSSL_NO_EC2M -+ NID_sect233k1, NID_sect233r1, NID_sect283r1, - NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, -+#endif - NID_brainpoolP384r1, NID_brainpoolP512r1}; - - static int test_ecpub(int idx) diff --git a/0011-Remove-EC-curves.patch b/0011-Remove-EC-curves.patch index 1f43bf0..18cc3a1 100644 --- a/0011-Remove-EC-curves.patch +++ b/0011-Remove-EC-curves.patch @@ -611,25 +611,6 @@ diff -up openssl-3.0.0-alpha15/crypto/evp/ec_support.c.ec-curves openssl-3.0.0-a {"secp224r1", NID_secp224r1 }, {"secp256k1", NID_secp256k1 }, {"secp384r1", NID_secp384r1 }, -diff -up openssl-3.0.0-alpha15/test/evp_extra_test.c.ec-curves openssl-3.0.0-alpha15/test/evp_extra_test.c ---- openssl-3.0.0-alpha15/test/evp_extra_test.c.ec-curves 2021-04-23 18:11:06.508670408 +0200 -+++ openssl-3.0.0-alpha15/test/evp_extra_test.c 2021-04-23 18:12:44.833477933 +0200 -@@ -2693,13 +2693,13 @@ err: - #endif - - #ifndef OPENSSL_NO_EC --static int ecpub_nids[] = { NID_brainpoolP256r1, NID_X9_62_prime256v1, -+static int ecpub_nids[] = { NID_X9_62_prime256v1, - NID_secp384r1, NID_secp521r1, - #ifndef OPENSSL_NO_EC2M - NID_sect233k1, NID_sect233r1, NID_sect283r1, - NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, - #endif -- NID_brainpoolP384r1, NID_brainpoolP512r1}; -+ }; - - static int test_ecpub(int idx) - { diff -up openssl-3.0.0-alpha15/apps/speed.c.ec-curves openssl-3.0.0-alpha15/apps/speed.c --- openssl-3.0.0-alpha15/apps/speed.c.ec-curves 2021-04-26 14:25:44.049991942 +0200 +++ openssl-3.0.0-alpha15/apps/speed.c 2021-04-26 14:36:10.643570273 +0200 @@ -644,3 +625,15848 @@ diff -up openssl-3.0.0-alpha15/apps/speed.c.ec-curves openssl-3.0.0-alpha15/apps #ifndef OPENSSL_NO_SM2 OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2); +diff -up openssl-3.0.0-alpha16/test/evp_extra_test.c.ec-curves openssl-3.0.0-alpha16/test/evp_extra_test.c +--- openssl-3.0.0-alpha16/test/evp_extra_test.c.ec-curves 2021-05-10 14:44:28.932751551 +0200 ++++ openssl-3.0.0-alpha16/test/evp_extra_test.c 2021-05-10 14:45:21.537238883 +0200 +@@ -2701,13 +2701,12 @@ err: + + #ifndef OPENSSL_NO_EC + static int ecpub_nids[] = { +- NID_brainpoolP256r1, NID_X9_62_prime256v1, ++ NID_X9_62_prime256v1, + NID_secp384r1, NID_secp521r1, + # ifndef OPENSSL_NO_EC2M + NID_sect233k1, NID_sect233r1, NID_sect283r1, + NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, + # endif +- NID_brainpoolP384r1, NID_brainpoolP512r1 + }; + + static int test_ecpub(int idx) +diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt +--- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec-curves 2021-05-17 09:51:31.697274957 +0200 ++++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt 2021-05-17 09:51:30.274262807 +0200 +@@ -11,1889 +11,6 @@ + # PrivPubKeyPair Sign Verify VerifyRecover + # and continue until a blank line. Lines starting with a pound sign are ignored. + +-Title=c2pnb163v1 curve tests +- +-PrivateKey=ALICE_cf_c2pnb163v1 +------BEGIN PRIVATE KEY----- +-MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEEHDAaAgEBBBUD1JfG8cLNP9418YW+hVhriqH6O5Y= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2pnb163v1_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEBXgoOgVlWTLQnrQZXgQuSBcIS3bQAlXQ+yJhS03B +-4G8rKQXbrc0mvWsF +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2pnb163v1:ALICE_cf_c2pnb163v1_PUB +- +-PrivateKey=BOB_cf_c2pnb163v1 +------BEGIN PRIVATE KEY----- +-MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEEHDAaAgEBBBUAc3EaoMmMORTzQhMkhPIXY+/jUSI= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2pnb163v1_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEBn9J0jo39aFVZqhBsAKZ6bViAu6zBC8WaFGExnpZ +-KuBh8tP8VSTHPCHF +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2pnb163v1:BOB_cf_c2pnb163v1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb163v1 +-PeerKey=BOB_cf_c2pnb163v1_PUB +-SharedSecret=065dd38fb6de7f394778e1bf65d840a2c0e7219acd +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb163v1 +-PeerKey=ALICE_cf_c2pnb163v1_PUB +-SharedSecret=065dd38fb6de7f394778e1bf65d840a2c0e7219acd +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb163v1 +-PeerKey=BOB_cf_c2pnb163v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=066fc46e8cc4327634dd127748020f2de6aab67585 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb163v1 +-PeerKey=ALICE_cf_c2pnb163v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=066fc46e8cc4327634dd127748020f2de6aab67585 +- +-PublicKey=MALICE_cf_c2pnb163v1_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8JxepS05nN +-/piKdhDD3dDKXUih +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2pnb163v1 +-PeerKey=MALICE_cf_c2pnb163v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2pnb163v1 +-PeerKey=MALICE_cf_c2pnb163v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2pnb163v2 curve tests +- +-PrivateKey=ALICE_cf_c2pnb163v2 +------BEGIN PRIVATE KEY----- +-MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIEHDAaAgEBBBUA4KFv7c1dygtVbdp/g2z2TqLAHkI= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2pnb163v2_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEAVnlL7lMBaASwCIJaf9x2LgNPVmEAb43huHQlo3Q +-4PzawHXQoYm/qgDd +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2pnb163v2:ALICE_cf_c2pnb163v2_PUB +- +-PrivateKey=BOB_cf_c2pnb163v2 +------BEGIN PRIVATE KEY----- +-MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIEHDAaAgEBBBUCEdYqClRWIl2m+X34e+DB2iZSxmQ= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2pnb163v2_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEAVWNIKn7/WMfzuNnd5ws9J0DI2CfBkEJizZHAFqy +-kBF3juAQuARgxuT6 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2pnb163v2:BOB_cf_c2pnb163v2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb163v2 +-PeerKey=BOB_cf_c2pnb163v2_PUB +-SharedSecret=0078ebb986d4f9b0aa0bc4af99e82c2bd24130f3f4 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb163v2 +-PeerKey=ALICE_cf_c2pnb163v2_PUB +-SharedSecret=0078ebb986d4f9b0aa0bc4af99e82c2bd24130f3f4 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb163v2 +-PeerKey=BOB_cf_c2pnb163v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=069a80bcd45987fd1c874cd9dc5453207a09b61d41 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb163v2 +-PeerKey=ALICE_cf_c2pnb163v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=069a80bcd45987fd1c874cd9dc5453207a09b61d41 +- +-PublicKey=MALICE_cf_c2pnb163v2_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAABuVBl1V5uysY +-n6HANPEoMoK+7Sv0 +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2pnb163v2 +-PeerKey=MALICE_cf_c2pnb163v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2pnb163v2 +-PeerKey=MALICE_cf_c2pnb163v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2pnb163v3 curve tests +- +-PrivateKey=ALICE_cf_c2pnb163v3 +------BEGIN PRIVATE KEY----- +-MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMEHDAaAgEBBBUBItB0y/QeJ+cCh9yoHf0zqLVyMZc= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2pnb163v3_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEBx1HRyjuBMjt+vlbWaQbKOpNvWKFAslzEbPv6MpK +-YnObLnq34LRuWznb +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2pnb163v3:ALICE_cf_c2pnb163v3_PUB +- +-PrivateKey=BOB_cf_c2pnb163v3 +------BEGIN PRIVATE KEY----- +-MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMEHDAaAgEBBBUAXVHUHeP8Ioz7IqXOWbjaUXEHE5M= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2pnb163v3_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEAqXF7rsAZ40Z1PT4TeeC45RKTxP4AJBAdfuknJ/J +-DZnBLhxBwtqnfUpA +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2pnb163v3:BOB_cf_c2pnb163v3_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb163v3 +-PeerKey=BOB_cf_c2pnb163v3_PUB +-SharedSecret=07fd2ffe9b18973c51caeadbc2154b97a9a0390be9 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb163v3 +-PeerKey=ALICE_cf_c2pnb163v3_PUB +-SharedSecret=07fd2ffe9b18973c51caeadbc2154b97a9a0390be9 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb163v3 +-PeerKey=BOB_cf_c2pnb163v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=06f7daf1c963594e1a13f9f17b62aaab2934872c16 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb163v3 +-PeerKey=ALICE_cf_c2pnb163v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=06f7daf1c963594e1a13f9f17b62aaab2934872c16 +- +-PublicKey=MALICE_cf_c2pnb163v3_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7jRlUg9oaLK +-LwAuHF8g5Y0JjJnI +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2pnb163v3 +-PeerKey=MALICE_cf_c2pnb163v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2pnb163v3 +-PeerKey=MALICE_cf_c2pnb163v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2pnb176v1 curve tests +- +-PrivateKey=ALICE_cf_c2pnb176v1 +------BEGIN PRIVATE KEY----- +-MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQEHDAaAgEBBBUAaZ1jV1jM9meV5iiNGPU/WMSfWOM= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2pnb176v1_PUB +------BEGIN PUBLIC KEY----- +-MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAEPjME7IV6Tuz2P++wIT60hRxTkk0M0PNgvqYcUoCI +-iw3girDLhNzOu3IQ8Ac= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2pnb176v1:ALICE_cf_c2pnb176v1_PUB +- +-PrivateKey=BOB_cf_c2pnb176v1 +------BEGIN PRIVATE KEY----- +-MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQEHDAaAgEBBBUAreyYbcF+ONIf64KmeSzV82OI/50= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2pnb176v1_PUB +------BEGIN PUBLIC KEY----- +-MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAEpJn1IDmFj5LceLGfY2wlhI1VHq5vJ+qNIAOXVZhX +-uMtp6pzy63rCEK53bgs= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2pnb176v1:BOB_cf_c2pnb176v1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb176v1 +-PeerKey=BOB_cf_c2pnb176v1_PUB +-SharedSecret=3a8021848ee0b2c1c377404267a515225781c181e6ab +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb176v1 +-PeerKey=ALICE_cf_c2pnb176v1_PUB +-SharedSecret=3a8021848ee0b2c1c377404267a515225781c181e6ab +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb176v1 +-PeerKey=BOB_cf_c2pnb176v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=b06cdc633b56e813d63326c69d2cfa335352279540ac +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb176v1 +-PeerKey=ALICE_cf_c2pnb176v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=b06cdc633b56e813d63326c69d2cfa335352279540ac +- +-PublicKey=MALICE_cf_c2pnb176v1_PUB +------BEGIN PUBLIC KEY----- +-MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAE4ePri2opCoAUJIUQnaQlvDaxZd9bsdKnjWSvh+FL +-zXV3l5j8K3pow+GJBE4= +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2pnb176v1 +-PeerKey=MALICE_cf_c2pnb176v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2pnb176v1 +-PeerKey=MALICE_cf_c2pnb176v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2pnb208w1 curve tests +- +-PrivateKey=ALICE_cf_c2pnb208w1 +------BEGIN PRIVATE KEY----- +-MDoCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEIDAeAgEBBBkAiENroXMYNbK/7DQQwCpbXk00gnVd +-XF2k +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2pnb208w1_PUB +------BEGIN PUBLIC KEY----- +-ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEL+IHOL2IfeLRiE6Wqsc0Frqjq7t/JnBmhN1lMB9Y +-Yj3+Btcne4CPWf8KvfGjAdMs6JKP4A== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2pnb208w1:ALICE_cf_c2pnb208w1_PUB +- +-PrivateKey=BOB_cf_c2pnb208w1 +------BEGIN PRIVATE KEY----- +-MDoCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEIDAeAgEBBBkAY1GZLynO/IDWwOOjEWUE7k+I/MkP +-cJot +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2pnb208w1_PUB +------BEGIN PUBLIC KEY----- +-ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAENBvdzCDOIvu9zo7reJq1ummhR+0jaDc+EoSlW984 +-cl9FTi/JJznwC+RNgwVfJ1WKJun1YA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2pnb208w1:BOB_cf_c2pnb208w1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb208w1 +-PeerKey=BOB_cf_c2pnb208w1_PUB +-SharedSecret=ba32bf80c0f7ab53cb083f267a902a1ad6396eb283237fad91cd +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb208w1 +-PeerKey=ALICE_cf_c2pnb208w1_PUB +-SharedSecret=ba32bf80c0f7ab53cb083f267a902a1ad6396eb283237fad91cd +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb208w1 +-PeerKey=BOB_cf_c2pnb208w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=f09f5fc8bf20677558bc65939bf1b7fbbbe2579702729304258b +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb208w1 +-PeerKey=ALICE_cf_c2pnb208w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=f09f5fc8bf20677558bc65939bf1b7fbbbe2579702729304258b +- +-PublicKey=MALICE_cf_c2pnb208w1_PUB +------BEGIN PUBLIC KEY----- +-ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEfuWB9pBZQin+VnmqgYVpbUpKxSQsnXxNqiDtVwqJ +-oPkHxRWnu5e7qI2idMcqaKDeeniUaA== +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2pnb208w1 +-PeerKey=MALICE_cf_c2pnb208w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2pnb208w1 +-PeerKey=MALICE_cf_c2pnb208w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2pnb272w1 curve tests +- +-PrivateKey=ALICE_cf_c2pnb272w1 +------BEGIN PRIVATE KEY----- +-MEICAQAwEwYHKoZIzj0CAQYIKoZIzj0DABAEKDAmAgEBBCEA0SoHwKAgKb7WQ+s0w1iNBemDZ3+f +-StHU67fpP7YoF8U= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2pnb272w1_PUB +------BEGIN PUBLIC KEY----- +-MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAE0IH60bGi46FDzEprGZ8EBK5uMMcVke/txeBRNGHQ +-DzG68r3EMLZkOfE1+g04MN7HgY7zt3jMYb8ImyLRmvqR2abjs6c= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2pnb272w1:ALICE_cf_c2pnb272w1_PUB +- +-PrivateKey=BOB_cf_c2pnb272w1 +------BEGIN PRIVATE KEY----- +-MEICAQAwEwYHKoZIzj0CAQYIKoZIzj0DABAEKDAmAgEBBCEAFqB5GbPJ4d+X7ye7m05l/OirDqfn +-MOsOJ6xObBph3zQ= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2pnb272w1_PUB +------BEGIN PUBLIC KEY----- +-MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEIeIkcMHAuOgvHt2Wp52vVe0DYPNnUX79t/mLSx03 +-cUlDmcxL7vIXdx9hB4OmQBYbm+YLDNfTFGAIlDfr2tELpVVPWPo= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2pnb272w1:BOB_cf_c2pnb272w1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb272w1 +-PeerKey=BOB_cf_c2pnb272w1_PUB +-SharedSecret=cfebd65006520a40f081d8940edf0ebb8e54491ba1499d9f3c63deecee84ddc07142 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb272w1 +-PeerKey=ALICE_cf_c2pnb272w1_PUB +-SharedSecret=cfebd65006520a40f081d8940edf0ebb8e54491ba1499d9f3c63deecee84ddc07142 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb272w1 +-PeerKey=BOB_cf_c2pnb272w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=756fc20b27352ac74e5135359c63d375d2732c6d02f25cd526155bac0882a9211dd4 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb272w1 +-PeerKey=ALICE_cf_c2pnb272w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=756fc20b27352ac74e5135359c63d375d2732c6d02f25cd526155bac0882a9211dd4 +- +-PublicKey=MALICE_cf_c2pnb272w1_PUB +------BEGIN PUBLIC KEY----- +-MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEvID3AM7qzpKDnOLFY00+E7EKZz/vS/pXgsUA3bWN +-oJF8ElXFXv59s/SykQBCTHPqzmUbVmrXmtD44Kt1wUBRJfuwxy4= +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2pnb272w1 +-PeerKey=MALICE_cf_c2pnb272w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2pnb272w1 +-PeerKey=MALICE_cf_c2pnb272w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2pnb304w1 curve tests +- +-PrivateKey=ALICE_cf_c2pnb304w1 +------BEGIN PRIVATE KEY----- +-MEYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DABEELDAqAgEBBCUAqJxh50ZIUXOJ1HE3cVkech9OTTPJ +-8jy/v5cFcO0X6dykHgnZ +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2pnb304w1_PUB +------BEGIN PUBLIC KEY----- +-MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAEvoaqRX6qiNQiFH1BhgLCPTpYszoRhmlLirkvlw/Q +-iXBlfQ7U4g+iRR/kmu2RlwwOHgNNL+mWcvLkFfS8Kr4jzv1EY1Ecx96n21l0YQ== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2pnb304w1:ALICE_cf_c2pnb304w1_PUB +- +-PrivateKey=BOB_cf_c2pnb304w1 +------BEGIN PRIVATE KEY----- +-MEYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DABEELDAqAgEBBCUAOScHepX+IwqC8TjyAJI1bkR3cYYt +-X9BbqYM9GQfVNSLHntTg +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2pnb304w1_PUB +------BEGIN PUBLIC KEY----- +-MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAEYuAq/6Yw5HxMeMohlWmwl+ZK4ZQucfr1tWDKwhDb +-kAOUO2P/Q/H+uelM3VVwxeu6A1kaX7K0UZpNa96NRBwI4aevc+vOxCgYkGt9BA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2pnb304w1:BOB_cf_c2pnb304w1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb304w1 +-PeerKey=BOB_cf_c2pnb304w1_PUB +-SharedSecret=bfddf9f923210e8231a702e3a1c987cf27661de1bc243c1890e437d67d9f49c6ccfadc035d9d +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb304w1 +-PeerKey=ALICE_cf_c2pnb304w1_PUB +-SharedSecret=bfddf9f923210e8231a702e3a1c987cf27661de1bc243c1890e437d67d9f49c6ccfadc035d9d +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb304w1 +-PeerKey=BOB_cf_c2pnb304w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0c7afb3143f93ef2166c05437a1757a62c916ff1751c6d456dd7f2356dcbc75df48015eb5ce8 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb304w1 +-PeerKey=ALICE_cf_c2pnb304w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0c7afb3143f93ef2166c05437a1757a62c916ff1751c6d456dd7f2356dcbc75df48015eb5ce8 +- +-PublicKey=MALICE_cf_c2pnb304w1_PUB +------BEGIN PUBLIC KEY----- +-MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAEBZ5FuthQt0mxTJ8NQWN2J37kYT8ySD893IXEmXYP +-fMTr+CSNkf/sfF/13GEdVGnHmBgCH61sPWG69RgzdjRPprZFZxXjubIWYkp0DQ== +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2pnb304w1 +-PeerKey=MALICE_cf_c2pnb304w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2pnb304w1 +-PeerKey=MALICE_cf_c2pnb304w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2pnb368w1 curve tests +- +-PrivateKey=ALICE_cf_c2pnb368w1 +------BEGIN PRIVATE KEY----- +-ME4CAQAwEwYHKoZIzj0CAQYIKoZIzj0DABMENDAyAgEBBC0AXeSTXsHb2PEH12tZL8w2q6evA2mi +-KfLLIa1c29BTmM//oWdKpqeuvwMIBto= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2pnb368w1_PUB +------BEGIN PUBLIC KEY----- +-MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEmEBXcvMgnHwJW7wAKM4cqboco6zF01J9ntUwoACI +-euvf3cpPXBvxUawJXfO9FwFRQabDRagGP99Walidd2JW8nWDWZgZMKj15Wh+4bp2dZHc2tPIIHHd +-3makbwQ= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2pnb368w1:ALICE_cf_c2pnb368w1_PUB +- +-PrivateKey=BOB_cf_c2pnb368w1 +------BEGIN PRIVATE KEY----- +-ME4CAQAwEwYHKoZIzj0CAQYIKoZIzj0DABMENDAyAgEBBC0Aq1R9M/mCMbJMj6VBUpBkS4HXywEz +-Qun6d6uXgyU4LZRszA7Dz9+eKbXEMsk= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2pnb368w1_PUB +------BEGIN PUBLIC KEY----- +-MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEJOSnsaXA9wb5p8CGLPvYI47Yf3IdZSbWQ3Sn6G2v +-At+zYlpzGax1oJ1CW8fGA0Gu0RnvAfDeW9vgrtzshH1Vy/Ni6a7LPho99PtUP2nzUBnv+hfhFSra +-gqfRaOs= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2pnb368w1:BOB_cf_c2pnb368w1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb368w1 +-PeerKey=BOB_cf_c2pnb368w1_PUB +-SharedSecret=008d20ede3961be3b01051d6fdae63db43865664804d432293a2edb13dcc8be0fe5b0c655297a84b9067a29c2a6f +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb368w1 +-PeerKey=ALICE_cf_c2pnb368w1_PUB +-SharedSecret=008d20ede3961be3b01051d6fdae63db43865664804d432293a2edb13dcc8be0fe5b0c655297a84b9067a29c2a6f +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2pnb368w1 +-PeerKey=BOB_cf_c2pnb368w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=df32ddeeffa029aeadabad000a79c3154a0ddd0aeacf4e3de426f5c10096eff8912038c64d4c899131dcd4df2561 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2pnb368w1 +-PeerKey=ALICE_cf_c2pnb368w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=df32ddeeffa029aeadabad000a79c3154a0ddd0aeacf4e3de426f5c10096eff8912038c64d4c899131dcd4df2561 +- +-PublicKey=MALICE_cf_c2pnb368w1_PUB +------BEGIN PUBLIC KEY----- +-MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEWDn/U9rymClM/a0Q1mawHjQjvpxSehRWstSE+2Sd +-ubcZowJ+rw5LsEZteQyeVrCpKYUiIBmIVuFb2LDjtNLIJD1lr8C+vdco24ciLS9RzF/Dc9X+tcIj +-726e1BE= +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2pnb368w1 +-PeerKey=MALICE_cf_c2pnb368w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2pnb368w1 +-PeerKey=MALICE_cf_c2pnb368w1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2tnb191v1 curve tests +- +-PrivateKey=ALICE_cf_c2tnb191v1 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEHzAdAgEBBBgXyG7A4BvSmjKEl3aU+FQUt02p9U7x +-Jk4= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2tnb191v1_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAEG9iuZmnhz2H/YQKmVUaO//fm7hvV+CP5c2iszpR3 +-7lRimqLWHPyvKgcP+PRCIUom +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2tnb191v1:ALICE_cf_c2tnb191v1_PUB +- +-PrivateKey=BOB_cf_c2tnb191v1 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEHzAdAgEBBBg4+2hv9x9HxFy0c2c1XESDdgOamHu0 +-MTU= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2tnb191v1_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAEdO/4ii8gi8eQfBrv3XmsOETwIfT8OIpBW/kUoHD+ +-adqalcB6SIWOfoJReDLcpxAD +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2tnb191v1:BOB_cf_c2tnb191v1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb191v1 +-PeerKey=BOB_cf_c2tnb191v1_PUB +-SharedSecret=2ee8a85151c397600984285307c14f0ea0e4c2071d753a99 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb191v1 +-PeerKey=ALICE_cf_c2tnb191v1_PUB +-SharedSecret=2ee8a85151c397600984285307c14f0ea0e4c2071d753a99 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb191v1 +-PeerKey=BOB_cf_c2tnb191v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=334051dfd62237e69e280ce2fab979bd77260f8dfe4df989 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb191v1 +-PeerKey=ALICE_cf_c2tnb191v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=334051dfd62237e69e280ce2fab979bd77260f8dfe4df989 +- +-PublicKey=MALICE_cf_c2tnb191v1_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcPEwZ1wj +-iNoFyzyANZl8IDB0fF1RmZD6 +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2tnb191v1 +-PeerKey=MALICE_cf_c2tnb191v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2tnb191v1 +-PeerKey=MALICE_cf_c2tnb191v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2tnb191v2 curve tests +- +-PrivateKey=ALICE_cf_c2tnb191v2 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEHzAdAgEBBBgQZHIQIPrAsbJqq4ZX3JdMrZAkaIGP +-jbo= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2tnb191v2_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEAyQdwZYRIiv7O4/WRLDKJ249TM8dr2Y+Oz8rSxCI +-UVvJT/Jv9m462J6Iz1XOohhP +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2tnb191v2:ALICE_cf_c2tnb191v2_PUB +- +-PrivateKey=BOB_cf_c2tnb191v2 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEHzAdAgEBBBgThhW6d5QDaqM8yhm16q6Pu/VFBpf7 +-wcs= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2tnb191v2_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEBVkB4O6fFvGzMHv4BF51muFA0npOGKoOdKbIIMQY +-JBIoz1RNNXTcgdpguLcrvcPJ +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2tnb191v2:BOB_cf_c2tnb191v2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb191v2 +-PeerKey=BOB_cf_c2tnb191v2_PUB +-SharedSecret=711f90cb2aaea65e939065cbd1896affe1d490ba14571400 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb191v2 +-PeerKey=ALICE_cf_c2tnb191v2_PUB +-SharedSecret=711f90cb2aaea65e939065cbd1896affe1d490ba14571400 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb191v2 +-PeerKey=BOB_cf_c2tnb191v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=1740db5b771fa2889d3ec7c1ba8eeffa7741f0ee62433dce +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb191v2 +-PeerKey=ALICE_cf_c2tnb191v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=1740db5b771fa2889d3ec7c1ba8eeffa7741f0ee62433dce +- +-PublicKey=MALICE_cf_c2tnb191v2_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEA3yPV6Ilx7PU7dWIDzgKzFV07LNsn1EhMyLQaa5U +-2vqunpWef+/CaO2pFBcwwW+x +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2tnb191v2 +-PeerKey=MALICE_cf_c2tnb191v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2tnb191v2 +-PeerKey=MALICE_cf_c2tnb191v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2tnb191v3 curve tests +- +-PrivateKey=ALICE_cf_c2tnb191v3 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEHzAdAgEBBBgTPjf06B01Jq59qU1iczNuA29WfW+b +-erU= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2tnb191v3_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAEL4NGEUX2CXY18MyoH1inKq5kde9RGr25ODm/0BEX +-HWsGvDE2HC+6pL2BMl3MRCty +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2tnb191v3:ALICE_cf_c2tnb191v3_PUB +- +-PrivateKey=BOB_cf_c2tnb191v3 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEHzAdAgEBBBgUC2bC465JTXYLUaaET/r5n7X85gRH +-iSQ= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2tnb191v3_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAEPKekNkT9mQ8KRCTR2RwCFkhNvsjL+/mLHYzbMrYe +-QFIb5QwXAdbg2tEOl7yj9qkk +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2tnb191v3:BOB_cf_c2tnb191v3_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb191v3 +-PeerKey=BOB_cf_c2tnb191v3_PUB +-SharedSecret=196200f7ea06c43c35516b995cf4a4dd4151dbd0ed998561 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb191v3 +-PeerKey=ALICE_cf_c2tnb191v3_PUB +-SharedSecret=196200f7ea06c43c35516b995cf4a4dd4151dbd0ed998561 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb191v3 +-PeerKey=BOB_cf_c2tnb191v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=311939377670a8a1ed1ee17f9dd182167da00c5a19e2e109 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb191v3 +-PeerKey=ALICE_cf_c2tnb191v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=311939377670a8a1ed1ee17f9dd182167da00c5a19e2e109 +- +-PublicKey=MALICE_cf_c2tnb191v3_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAESvPjWlLnANK2j38hHZ0uqueaniovkhwwdJZjrmUk +-n5vQBTxUzkIkMjL33v6Lr3z7 +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2tnb191v3 +-PeerKey=MALICE_cf_c2tnb191v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2tnb191v3 +-PeerKey=MALICE_cf_c2tnb191v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2tnb239v1 curve tests +- +-PrivateKey=ALICE_cf_c2tnb239v1 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAsEJTAjAgEBBB4fMJDhCEiuEf/RF6oGjHVcNwN+wCYG +-rJMnJLIXiCI= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2tnb239v1_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAEUgG/uMWy4k0R/kbVJEapF6r5ik4Q9WPsDXAd0856 +-dVL8PvBXgixk2tKfyY1xUVebcEVlgdZP1pN1Xyvi +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2tnb239v1:ALICE_cf_c2tnb239v1_PUB +- +-PrivateKey=BOB_cf_c2tnb239v1 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAsEJTAjAgEBBB4JLDwVJQw3+00FiZBDWFErd7PXnchH +-sfpZeV3i5FM= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2tnb239v1_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAEcwKt31cWaoFUd7QxYSdwgMDOqEhjPbD3Z9AfR3tc +-G77/MY5z1oQegqImBog645vtPWI8lZd1zcl6QYRS +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2tnb239v1:BOB_cf_c2tnb239v1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb239v1 +-PeerKey=BOB_cf_c2tnb239v1_PUB +-SharedSecret=413ea943cdf40c45795c77aeea7099b81cc42566067924d1fdbae42ddf99 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb239v1 +-PeerKey=ALICE_cf_c2tnb239v1_PUB +-SharedSecret=413ea943cdf40c45795c77aeea7099b81cc42566067924d1fdbae42ddf99 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb239v1 +-PeerKey=BOB_cf_c2tnb239v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=1f1e5a6084492e895c35d76a5d2b4a3fafbd96c4b2230ea71cc1c711fa38 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb239v1 +-PeerKey=ALICE_cf_c2tnb239v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=1f1e5a6084492e895c35d76a5d2b4a3fafbd96c4b2230ea71cc1c711fa38 +- +-PublicKey=MALICE_cf_c2tnb239v1_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAEJFn89FF7xaa5m+XGxWKFwCH+Mu4rbxwi6lvhuEuT +-Itl/OAosALFh8xpt+N5gmKtUdhpjyok2udC4B/mY +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2tnb239v1 +-PeerKey=MALICE_cf_c2tnb239v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2tnb239v1 +-PeerKey=MALICE_cf_c2tnb239v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2tnb239v2 curve tests +- +-PrivateKey=ALICE_cf_c2tnb239v2 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAwEJTAjAgEBBB4KU4YKdzFOkl6M1biHkxtVGD2uNXr6 +-GbEcp4PbJKU= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2tnb239v2_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAEKzpycflUrsyqVV/+fzvC2+AuX3r0b0Syn8acvn78 +-VnKA9mZKwPLWhnMJcLyzarIzc/6/UcfYGNmTyUlG +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2tnb239v2:ALICE_cf_c2tnb239v2_PUB +- +-PrivateKey=BOB_cf_c2tnb239v2 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAwEJTAjAgEBBB4HZQLKGKBpIKiyTq6XYZWQNph1oGP+ +-JLwCwn7lYx0= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2tnb239v2_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAETPSkhMs3JW3BG66FSfCov76JKdcRiBhMCW453Wku +-N7yBxBmWjeclHhnXIzfc4qM4qf9n3KzMSXejPVYg +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2tnb239v2:BOB_cf_c2tnb239v2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb239v2 +-PeerKey=BOB_cf_c2tnb239v2_PUB +-SharedSecret=2e738f14795b2e19ee791c1bf30c5e462ca6c6ed0ec5c6c6402d0730cf4c +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb239v2 +-PeerKey=ALICE_cf_c2tnb239v2_PUB +-SharedSecret=2e738f14795b2e19ee791c1bf30c5e462ca6c6ed0ec5c6c6402d0730cf4c +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb239v2 +-PeerKey=BOB_cf_c2tnb239v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=7662d8b94d3f0d20eb8e112ca8b7d5699d81f35902df5b77561977df3946 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb239v2 +-PeerKey=ALICE_cf_c2tnb239v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=7662d8b94d3f0d20eb8e112ca8b7d5699d81f35902df5b77561977df3946 +- +-PublicKey=MALICE_cf_c2tnb239v2_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAES8fLc5mtVI0HqgKRJ7mN8MU1B0FBkiim6jCHYJf3 +-JYUX3Gn3Ai11cHie+nVb3z51jSkpDQENHESTv5K2 +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2tnb239v2 +-PeerKey=MALICE_cf_c2tnb239v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2tnb239v2 +-PeerKey=MALICE_cf_c2tnb239v2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2tnb239v3 curve tests +- +-PrivateKey=ALICE_cf_c2tnb239v3 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAA0EJTAjAgEBBB4BZZXtcMw5GrpgHJLx4D8z7M6ocWdv +-rDl2fV9ObC8= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2tnb239v3_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEOu2HIAUX+r6IbRlrPUJUBDL814dR++maVAAkUIjD +-H33ewqcI9ZLtpvuR8P8hgRNUTXlh1GWgrB6F21Eo +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2tnb239v3:ALICE_cf_c2tnb239v3_PUB +- +-PrivateKey=BOB_cf_c2tnb239v3 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAA0EJTAjAgEBBB4BDxw3SA54y6uYOW1n4yZaUK22J9ef +-XG3HcQX+4i0= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2tnb239v3_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEVaEi76wyzlpzkkSElf4SmGZ7kf1ghHMP82HkGk7K +-BC10zUyppoSOAr0eX4pHAkDUF1m/KGoJa7QcJJww +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2tnb239v3:BOB_cf_c2tnb239v3_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb239v3 +-PeerKey=BOB_cf_c2tnb239v3_PUB +-SharedSecret=6a756022ec2ea89b0fa757824909707102acf3b7da39dc625c6252eb4c48 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb239v3 +-PeerKey=ALICE_cf_c2tnb239v3_PUB +-SharedSecret=6a756022ec2ea89b0fa757824909707102acf3b7da39dc625c6252eb4c48 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb239v3 +-PeerKey=BOB_cf_c2tnb239v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=3240e19dd8c290e5e1749df60ad0166dd9dbfad645e518b4948e14f774ce +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb239v3 +-PeerKey=ALICE_cf_c2tnb239v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=3240e19dd8c290e5e1749df60ad0166dd9dbfad645e518b4948e14f774ce +- +-PublicKey=MALICE_cf_c2tnb239v3_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAELe/znC87/2ucKX7mXUUyiUvg67slWRdH+WHDct9d +-LcXDyB342ZN1nm0NCAmBMcLjohX0Zza0ji3YNjT1 +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2tnb239v3 +-PeerKey=MALICE_cf_c2tnb239v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2tnb239v3 +-PeerKey=MALICE_cf_c2tnb239v3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2tnb359v1 curve tests +- +-PrivateKey=ALICE_cf_c2tnb359v1 +------BEGIN PRIVATE KEY----- +-ME4CAQAwEwYHKoZIzj0CAQYIKoZIzj0DABIENDAyAgEBBC0Afea/a1NrRf6rRRr/UDsI559ADTFP +-Bd5HaS33laTZkCdNLITw1UUrESUIOiU= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2tnb359v1_PUB +------BEGIN PUBLIC KEY----- +-MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEZMJU3QF9UJJp2m6qyCnhPuVlPKPHtav3DCgH27SY +-RLMN7C4rRmqiJakD11QtOforOgbPW5r/v7t4TUWIlq8jV7kapJNtxQtg/S87L0NQGgHBq/lnJL8x +-fN3Y +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2tnb359v1:ALICE_cf_c2tnb359v1_PUB +- +-PrivateKey=BOB_cf_c2tnb359v1 +------BEGIN PRIVATE KEY----- +-ME4CAQAwEwYHKoZIzj0CAQYIKoZIzj0DABIENDAyAgEBBC0Aaw+yr7Atz8CXjLsbI5msXLqxFoMr +-esHVfU53i6ucCsnPTWSDWSb5CePtI9g= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2tnb359v1_PUB +------BEGIN PUBLIC KEY----- +-MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEUQde0iyDHbsFJZ459d4zUhsrJYAkqndmEBRwSlg5 +-ZNX8SSS79Zf2HsQl+LWIZyzeYzoHobKXufChw9/H4ThS58VwV5/0hoE929PIgJ1MSEqr5LvJXi+b +-R8fe +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2tnb359v1:BOB_cf_c2tnb359v1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb359v1 +-PeerKey=BOB_cf_c2tnb359v1_PUB +-SharedSecret=623a71122b5acad467d40d97ef8d8fd46541d8c41d7de6ba181c24e2714c1bc35bcefcf089af69c406eedecc12 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb359v1 +-PeerKey=ALICE_cf_c2tnb359v1_PUB +-SharedSecret=623a71122b5acad467d40d97ef8d8fd46541d8c41d7de6ba181c24e2714c1bc35bcefcf089af69c406eedecc12 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb359v1 +-PeerKey=BOB_cf_c2tnb359v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=1c9c4cea3251dace2cb763eabf60f106cc1b03f2491e6f20d7bea78e062f8f14c4e82e4d43786eefa44d33f7e9 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb359v1 +-PeerKey=ALICE_cf_c2tnb359v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=1c9c4cea3251dace2cb763eabf60f106cc1b03f2491e6f20d7bea78e062f8f14c4e82e4d43786eefa44d33f7e9 +- +-PublicKey=MALICE_cf_c2tnb359v1_PUB +------BEGIN PUBLIC KEY----- +-MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEDW1DxeJfyPPnxX4WiLM5ZnX9AypqqeKj7FTHxanl +-++A6FgVFjUCatt8Sr4xnSc3zDE0kh6f/wS9SbtCAi74i8HAX5SJiccCMPRkw6kBuHZgiG8EmFJ53 +-OEQw +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2tnb359v1 +-PeerKey=MALICE_cf_c2tnb359v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2tnb359v1 +-PeerKey=MALICE_cf_c2tnb359v1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=c2tnb431r1 curve tests +- +-PrivateKey=ALICE_cf_c2tnb431r1 +------BEGIN PRIVATE KEY----- +-MFYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DABQEPDA6AgEBBDUAG1rgUnH3+PSxqlzt9+QTWv7PrYxz +-Qgqj5A2Mqi0LbdixVDciVSSgrU6keVu72oCmHVP+OQ== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_c2tnb431r1_PUB +------BEGIN PUBLIC KEY----- +-MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABFcQEDic9pYxtxStk/oBxafqyUux1kvEOOwR4FxJ +-pGEMTh8B+YfkWuq+IDY5zSqNKtg7cRlAFX2dlHhRSvNxrN3DJCrhe/TQq8SIYawcqEQnM39F8hHM +-7VQJLEsBpJ/WUonwMJXknjgfONP7GA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_c2tnb431r1:ALICE_cf_c2tnb431r1_PUB +- +-PrivateKey=BOB_cf_c2tnb431r1 +------BEGIN PRIVATE KEY----- +-MFYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DABQEPDA6AgEBBDUBOsZrpI6hTgImR8DBhKOOrh2SvcT/ +-VwmzYnbuCRrtr/zwIQcqKKI1ztlrl+kxFxJfk5L7UQ== +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_c2tnb431r1_PUB +------BEGIN PUBLIC KEY----- +-MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABHeTG6xjbsKKxn4oYQt9qUM9LrSPZfY11XsBmROc +-fb9kEbBLU+QixSbYZOrqPasesDV9dApDXF+w6EfIeNyJEK5Lk+aXamrn7fRMUAQ2m7+Odp87GgA+ +-8Cg6YpgbK314SK5STziqoZwzEISJ9w== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_c2tnb431r1:BOB_cf_c2tnb431r1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb431r1 +-PeerKey=BOB_cf_c2tnb431r1_PUB +-SharedSecret=1c9a64de0b706f0e562d5144ceeb4806ce8782865dc0e3fab694967955bd40afc79bf9241ef4a173fbf9baeac0d416392fb13bdc6978 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb431r1 +-PeerKey=ALICE_cf_c2tnb431r1_PUB +-SharedSecret=1c9a64de0b706f0e562d5144ceeb4806ce8782865dc0e3fab694967955bd40afc79bf9241ef4a173fbf9baeac0d416392fb13bdc6978 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_c2tnb431r1 +-PeerKey=BOB_cf_c2tnb431r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=059e2ea2d0d8bad5005a9401196ebb1633377c7ded8ec58a0398cf1d0f42ea82614f68cb836ecfc33612b8a705b4c3b7b4ed12eb6e22 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_c2tnb431r1 +-PeerKey=ALICE_cf_c2tnb431r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=059e2ea2d0d8bad5005a9401196ebb1633377c7ded8ec58a0398cf1d0f42ea82614f68cb836ecfc33612b8a705b4c3b7b4ed12eb6e22 +- +-PublicKey=MALICE_cf_c2tnb431r1_PUB +------BEGIN PUBLIC KEY----- +-MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABA/cHJ1bNJ2l3GcrT67WEoU0w/Ajy28T9X4XLv8a +-5EpnkembeFlRG8ILplDcZimE8kjNQWynAk+NbJRsIU/XLzcm7VXkkqEkx/yCQ/TOcbeB3qrpzWYr +-F3Cls9x60wuFYNc9d6eIe4B+puz9IQ== +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_c2tnb431r1 +-PeerKey=MALICE_cf_c2tnb431r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_c2tnb431r1 +-PeerKey=MALICE_cf_c2tnb431r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=prime192v2 curve tests +- +-PrivateKey=ALICE_cf_prime192v2 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBh6rcgPFDmA2P4CGSrC7ii9DAjepljX +-sMM= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_prime192v2_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAET6wOPoDU3BeU7VKozsGEvDeJs//9Z/aNEcbbLQ0d +-g5IzsS/XMJzifjCJZgNsb7mi +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_prime192v2:ALICE_cf_prime192v2_PUB +- +-PrivateKey=BOB_cf_prime192v2 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBja4R9iZuiu95XEuM1558ArTwNnAl7M +-xqI= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_prime192v2_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEcgWNAOL4pZCmouZl+be+rC0yLAJkm2YuPWs+FX2u +-Y6OU1aHkkspZTC1uUVWjchy5 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_prime192v2:BOB_cf_prime192v2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_prime192v2 +-PeerKey=BOB_cf_prime192v2_PUB +-SharedSecret=ae2ff9f1f9f24e6d281dc78993d9f71913e1e105965000a1 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_prime192v2 +-PeerKey=ALICE_cf_prime192v2_PUB +-SharedSecret=ae2ff9f1f9f24e6d281dc78993d9f71913e1e105965000a1 +- +-Title=prime192v3 curve tests +- +-PrivateKey=ALICE_cf_prime192v3 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEHzAdAgEBBBij5blPQRKM1/9c57YDZXIIue80MDqx +-Igw= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_prime192v3_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAE1+mLeiT/jjHO71IL/C/ZcnF6+yj9FV6eqfuPdHAi +-MsDRFCB6/h8TcCUFuospu5l0 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_prime192v3:ALICE_cf_prime192v3_PUB +- +-PrivateKey=BOB_cf_prime192v3 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEHzAdAgEBBBhgFP4fFLtm/yk5tsosBUBKTg370FOu +-92g= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_prime192v3_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEv35bOz0xqLeJqpZdZ8LyiUgsJMBEtN2UMJm8blX2 +-vMWAgEeLhzar86BUlS7dZwS7 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_prime192v3:BOB_cf_prime192v3_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_prime192v3 +-PeerKey=BOB_cf_prime192v3_PUB +-SharedSecret=9e562ecbe29c510a13b0daea822ec864c2a9684d2a382812 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_prime192v3 +-PeerKey=ALICE_cf_prime192v3_PUB +-SharedSecret=9e562ecbe29c510a13b0daea822ec864c2a9684d2a382812 +- +-Title=prime239v1 curve tests +- +-PrivateKey=ALICE_cf_prime239v1 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQQEJTAjAgEBBB5nH2mt/GUx+I/60NlcuQlrdupDXwMY +-SF/w+SUTNqY= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_prime239v1_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEMqQLCgDR9njkq9QELuOu+J/9YGcxJHULdvxHImLW +-RXqBUM5Xea+Qk2SKIpWcogxr2zFeQyeLj2bQysuo +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_prime239v1:ALICE_cf_prime239v1_PUB +- +-PrivateKey=BOB_cf_prime239v1 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQQEJTAjAgEBBB5RZgYV+j+zhwI12zCzB+mdPofMx0kB +-jZ9gplgXxzk= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_prime239v1_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEBR5m/kllh025oO4GvqALkjRliVv7q4x8ro/tkYnT +-L2U4hkT6xUeRu9QC4KOz7KUVH+nBbQASL4XQg/3C +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_prime239v1:BOB_cf_prime239v1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_prime239v1 +-PeerKey=BOB_cf_prime239v1_PUB +-SharedSecret=196b1d0206d4f87c313c266bfb12c90dd1f1f64b89bfc16518086b9801b8 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_prime239v1 +-PeerKey=ALICE_cf_prime239v1_PUB +-SharedSecret=196b1d0206d4f87c313c266bfb12c90dd1f1f64b89bfc16518086b9801b8 +- +-Title=prime239v2 curve tests +- +-PrivateKey=ALICE_cf_prime239v2 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQUEJTAjAgEBBB5uLCwofbD2Suc/iIRhXJsPqZ4me87h +-+tFevsg1pPE= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_prime239v2_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAETH77jXHBItV673gTNK/HTFldo4VxPiscbideUgKd +-CWjdVsXebgAZbqQwf0h9QWcIgM7K7ODdW5kCuZ1G +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_prime239v2:ALICE_cf_prime239v2_PUB +- +-PrivateKey=BOB_cf_prime239v2 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQUEJTAjAgEBBB5nlF+ouuw3Ljkgy3pHkCN+/JoHAMyT +-KY0wlvJdo/w= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_prime239v2_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAELUQYo0UH8HbK/RMD2jVphBU+iB4OTOfvaaTlHq06 +-dcJ8a9a+mAQKhb1OZVEq1n4nQsgRiI1rPxugVERM +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_prime239v2:BOB_cf_prime239v2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_prime239v2 +-PeerKey=BOB_cf_prime239v2_PUB +-SharedSecret=1d18ca6366bceba3c1477daa0e08202088abcf14fc2b8fbf98ba95858fcf +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_prime239v2 +-PeerKey=ALICE_cf_prime239v2_PUB +-SharedSecret=1d18ca6366bceba3c1477daa0e08202088abcf14fc2b8fbf98ba95858fcf +- +-Title=prime239v3 curve tests +- +-PrivateKey=ALICE_cf_prime239v3 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQYEJTAjAgEBBB5J95JRhBDTzlyAPAfu6T2Pb9vK0NKu +-Y9AfhA2G+mI= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_prime239v3_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEZEN48pqgLF08Yjj/8BLM2Nr5ZhpYxyBurbzKRuBb +-GLpzZLteJN9vZjN7ouNpMxLVUFQxTOwpsvUw86Lk +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_prime239v3:ALICE_cf_prime239v3_PUB +- +-PrivateKey=BOB_cf_prime239v3 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQYEJTAjAgEBBB5Z7rMZML1xeryBaYYr+QuMiQxHT44I +-d9bmIVvG3dM= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_prime239v3_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEQUWKqohAPAoIYEZOvc1QwSlcB+gW0febaNxGOy47 +-LaIWdsNM7GJVP9xpdSwm/L+Dip/oH4E59f3SiOAd +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_prime239v3:BOB_cf_prime239v3_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_prime239v3 +-PeerKey=BOB_cf_prime239v3_PUB +-SharedSecret=4dcc2c67c5993162ed71ebb33077bbb85395b0d3eec2311aa404e45901a0 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_prime239v3 +-PeerKey=ALICE_cf_prime239v3_PUB +-SharedSecret=4dcc2c67c5993162ed71ebb33077bbb85395b0d3eec2311aa404e45901a0 +- +-Title=secp112r1 curve tests +- +-PrivateKey=ALICE_cf_secp112r1 +------BEGIN PRIVATE KEY----- +-MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAYEFTATAgEBBA6zC5ZzEIIdvY4Q7DS0uw== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_secp112r1_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEYIawfjH3qRrJJWwuG3Ys5ZhDJsmdWi34aHgKAA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_secp112r1:ALICE_cf_secp112r1_PUB +- +-PrivateKey=BOB_cf_secp112r1 +------BEGIN PRIVATE KEY----- +-MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAYEFTATAgEBBA6WPx4YxBODium8BKDw0A== +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_secp112r1_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEchh3iQdPN1rrzrpdZRQ95G6tvdwEBQ+gfu1tvA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_secp112r1:BOB_cf_secp112r1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp112r1 +-PeerKey=BOB_cf_secp112r1_PUB +-SharedSecret=4ddd1d504b444d4be67ba2e4610a +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp112r1 +-PeerKey=ALICE_cf_secp112r1_PUB +-SharedSecret=4ddd1d504b444d4be67ba2e4610a +- +-Title=secp112r2 curve tests +- +-PrivateKey=ALICE_cf_secp112r2 +------BEGIN PRIVATE KEY----- +-MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAcEFTATAgEBBA4GcvIx97ePHdAiH0Z9EA== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_secp112r2_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEHK9uNAILHBmPZdKKh79/nzYE0HbvC//rA7i0Xw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_secp112r2:ALICE_cf_secp112r2_PUB +- +-PrivateKey=BOB_cf_secp112r2 +------BEGIN PRIVATE KEY----- +-MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAcEFTATAgEBBA4WzpVFZnZv9mvtpnYNyw== +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_secp112r2_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEUzBLNQupqUpGgmZl9JVjKBpwusl52rFg5OVFJA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_secp112r2:BOB_cf_secp112r2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp112r2 +-PeerKey=BOB_cf_secp112r2_PUB +-SharedSecret=a6d05c7ba5128a9685c705b5030b +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp112r2 +-PeerKey=ALICE_cf_secp112r2_PUB +-SharedSecret=a6d05c7ba5128a9685c705b5030b +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp112r2 +-PeerKey=BOB_cf_secp112r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04f3280e92c269d794aa779efcef +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp112r2 +-PeerKey=ALICE_cf_secp112r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04f3280e92c269d794aa779efcef +- +-PublicKey=MALICE_cf_secp112r2_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEsf2N4SfUZWtXPrUTmEyr71I/JSn8VtzQsFHuqQ== +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_secp112r2 +-PeerKey=MALICE_cf_secp112r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_secp112r2 +-PeerKey=MALICE_cf_secp112r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=secp128r1 curve tests +- +-PrivateKey=ALICE_cf_secp128r1 +------BEGIN PRIVATE KEY----- +-MC4CAQAwEAYHKoZIzj0CAQYFK4EEABwEFzAVAgEBBBB+RX18d0+gKpdcKbJJTrEZ +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_secp128r1_PUB +------BEGIN PUBLIC KEY----- +-MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAEG0XMAdrAZOPUW6L9ADU8XK8sZr7dtIcDinSWU1zSV9s= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_secp128r1:ALICE_cf_secp128r1_PUB +- +-PrivateKey=BOB_cf_secp128r1 +------BEGIN PRIVATE KEY----- +-MC4CAQAwEAYHKoZIzj0CAQYFK4EEABwEFzAVAgEBBBB/J9/eClt9mimGwOcOsjJF +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_secp128r1_PUB +------BEGIN PUBLIC KEY----- +-MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAE82nknsOS+u8mybP0KJqQhvm83gbPNTZOcvm0ZDVR5sU= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_secp128r1:BOB_cf_secp128r1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp128r1 +-PeerKey=BOB_cf_secp128r1_PUB +-SharedSecret=5020f1b759da1f737a61a29a268d7669 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp128r1 +-PeerKey=ALICE_cf_secp128r1_PUB +-SharedSecret=5020f1b759da1f737a61a29a268d7669 +- +-Title=secp128r2 curve tests +- +-PrivateKey=ALICE_cf_secp128r2 +------BEGIN PRIVATE KEY----- +-MC4CAQAwEAYHKoZIzj0CAQYFK4EEAB0EFzAVAgEBBBALPaUYCnPgNiLhez93Z1Gi +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_secp128r2_PUB +------BEGIN PUBLIC KEY----- +-MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEOKiPRGtZXwxmvTr35NmUkNsAGGk9RKNA4D5BE9ZrjZQ= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_secp128r2:ALICE_cf_secp128r2_PUB +- +-PrivateKey=BOB_cf_secp128r2 +------BEGIN PRIVATE KEY----- +-MC4CAQAwEAYHKoZIzj0CAQYFK4EEAB0EFzAVAgEBBBARg3vb436QgyHdyt6l/b6G +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_secp128r2_PUB +------BEGIN PUBLIC KEY----- +-MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAELph7h27BYjIINC2EddcpIOxKbdz8Xe7h3Az1ZuR9bAI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_secp128r2:BOB_cf_secp128r2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp128r2 +-PeerKey=BOB_cf_secp128r2_PUB +-SharedSecret=8f4d8c75141e9b084328222440eb5dfa +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp128r2 +-PeerKey=ALICE_cf_secp128r2_PUB +-SharedSecret=8f4d8c75141e9b084328222440eb5dfa +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp128r2 +-PeerKey=BOB_cf_secp128r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=baaa0c16e16eef291001475d638e4830 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp128r2 +-PeerKey=ALICE_cf_secp128r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=baaa0c16e16eef291001475d638e4830 +- +-PublicKey=MALICE_cf_secp128r2_PUB +------BEGIN PUBLIC KEY----- +-MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAE6h6RzJIp6HLR6RDOPtyzGDurkuE9aAaZqHosPTnkLxQ= +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_secp128r2 +-PeerKey=MALICE_cf_secp128r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_secp128r2 +-PeerKey=MALICE_cf_secp128r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=secp160k1 curve tests +- +-PrivateKey=ALICE_cf_secp160k1 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAkEHDAaAgEBBBUAlxTBO50KwFwWKPtk1rutu68m+zI= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_secp160k1_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAEcVWIjtPZn1cHckclpn5jKDCphQUVHxFN5tSeFG9wsJZT +-EvqPyLS64w== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_secp160k1:ALICE_cf_secp160k1_PUB +- +-PrivateKey=BOB_cf_secp160k1 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAkEHDAaAgEBBBUAdrPkoNkRVUloiuwzruQszSUuwpY= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_secp160k1_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAESGN41cAj8Fg4pAJM7FUKHiawbCR0b9unMpZWxqOKeW1/ +-bxT/CqEkyw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_secp160k1:BOB_cf_secp160k1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp160k1 +-PeerKey=BOB_cf_secp160k1_PUB +-SharedSecret=b738a0bf17f3271a9a155bfdfe2f0f1d51494d42 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp160k1 +-PeerKey=ALICE_cf_secp160k1_PUB +-SharedSecret=b738a0bf17f3271a9a155bfdfe2f0f1d51494d42 +- +-Title=secp160r1 curve tests +- +-PrivateKey=ALICE_cf_secp160r1 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAgEHDAaAgEBBBUAR6m1+jIBuJnSKx9fHmyAYhsnYe8= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_secp160r1_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEO78GZuBaCfJjHK97c9N21z+4mm37b5x7/Hr3Xc4pUbtb +-OoNj/A+W9w== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_secp160r1:ALICE_cf_secp160r1_PUB +- +-PrivateKey=BOB_cf_secp160r1 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAgEHDAaAgEBBBUATqvd54Jj7TbnrLAd2dMYCpExLws= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_secp160r1_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEBKDbBSPTwmb00MFvMtJMxQ2YDmcPOZHE8YbVr5hp8s5J +-Jwy17FaNNg== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_secp160r1:BOB_cf_secp160r1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp160r1 +-PeerKey=BOB_cf_secp160r1_PUB +-SharedSecret=1912ea7b9bb1de5b8d3cef83e7a6e7a917816541 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp160r1 +-PeerKey=ALICE_cf_secp160r1_PUB +-SharedSecret=1912ea7b9bb1de5b8d3cef83e7a6e7a917816541 +- +-Title=secp160r2 curve tests +- +-PrivateKey=ALICE_cf_secp160r2 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAB4EHDAaAgEBBBUA3IsVg4R4paXaPATDHvzfnvM+vjQ= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_secp160r2_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAE4V+25YCpVkKF6NF/UPc1SYxohYWcf3qT3JDoPRhnm/rj +-mSqCCA6gUw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_secp160r2:ALICE_cf_secp160r2_PUB +- +-PrivateKey=BOB_cf_secp160r2 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAB4EHDAaAgEBBBUAYT/5C7UpD17DnZm4ObswmGFMI1Q= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_secp160r2_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAEB7YVzBmzhnIdouvN/nb8VMXCqO8dkhmebyVzoD0oAzuH +-nN+SfWr6aQ== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_secp160r2:BOB_cf_secp160r2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp160r2 +-PeerKey=BOB_cf_secp160r2_PUB +-SharedSecret=ccb9cae5c9487ff60c487bd1b39a62eb4680e9b6 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp160r2 +-PeerKey=ALICE_cf_secp160r2_PUB +-SharedSecret=ccb9cae5c9487ff60c487bd1b39a62eb4680e9b6 +- +-Title=secp192k1 curve tests +- +-PrivateKey=ALICE_cf_secp192k1 +------BEGIN PRIVATE KEY----- +-MDYCAQAwEAYHKoZIzj0CAQYFK4EEAB8EHzAdAgEBBBikVZrCZQB7ZtkhNfQYpjKHZ9KxXgooJ90= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_secp192k1_PUB +------BEGIN PUBLIC KEY----- +-MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAEyV4EzMZglBXtYdn38hNTrCGflAsJprMkxkOlw58chZ25 +-6EAu7gVvYDTpnRkymKyH +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_secp192k1:ALICE_cf_secp192k1_PUB +- +-PrivateKey=BOB_cf_secp192k1 +------BEGIN PRIVATE KEY----- +-MDYCAQAwEAYHKoZIzj0CAQYFK4EEAB8EHzAdAgEBBBiJQ/PunKGk9QPUyqIBGMgHKKg+yxJr5io= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_secp192k1_PUB +------BEGIN PUBLIC KEY----- +-MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAE990Tnmh9QQQHVHuLpfrAsgjvB9R2MJXzhBZN1WvtxLqF +-OZ2oFMP0Kfcr7HbI7a5j +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_secp192k1:BOB_cf_secp192k1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp192k1 +-PeerKey=BOB_cf_secp192k1_PUB +-SharedSecret=a46a6bfb279d4dc30cffac585d1fbec905dbe46aca5e3c9d +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp192k1 +-PeerKey=ALICE_cf_secp192k1_PUB +-SharedSecret=a46a6bfb279d4dc30cffac585d1fbec905dbe46aca5e3c9d +- +-Title=secp224k1 curve tests +- +-PrivateKey=ALICE_cf_secp224k1 +------BEGIN PRIVATE KEY----- +-MDsCAQAwEAYHKoZIzj0CAQYFK4EEACAEJDAiAgEBBB0AZPk3TzxGhX7TljBBhJDLBfulAMp6Bh3W +-w40Qyg== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_secp224k1_PUB +------BEGIN PUBLIC KEY----- +-ME4wEAYHKoZIzj0CAQYFK4EEACADOgAE4o7LGdJDixqJZ5imnqaX4IeE55NG4W0HEe72LVC7pmn2 +-e3m7uC92ZQhduF9lJli4dXD5en/1wkE= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_secp224k1:ALICE_cf_secp224k1_PUB +- +-PrivateKey=BOB_cf_secp224k1 +------BEGIN PRIVATE KEY----- +-MDsCAQAwEAYHKoZIzj0CAQYFK4EEACAEJDAiAgEBBB0AdQ02GguRy3yHOjLkpoWb27QA/L1abfWe +-q2xUfA== +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_secp224k1_PUB +------BEGIN PUBLIC KEY----- +-ME4wEAYHKoZIzj0CAQYFK4EEACADOgAEzp00m0DaADn1mGiDCT7K1LZnoj/vCxHPowUDC9yQd17K +-KpJM5sGILrTkkgxqtt5pBeYE1NC1QUQ= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_secp224k1:BOB_cf_secp224k1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_secp224k1 +-PeerKey=BOB_cf_secp224k1_PUB +-SharedSecret=6f7b9d16c9c1d3a5c84b6028f2a4fed9ae8e02455e678a27243bcc48 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_secp224k1 +-PeerKey=ALICE_cf_secp224k1_PUB +-SharedSecret=6f7b9d16c9c1d3a5c84b6028f2a4fed9ae8e02455e678a27243bcc48 +- + Title=secp256k1 curve tests + + PrivateKey=ALICE_cf_secp256k1 +@@ -1936,1374 +53,8 @@ Derive=BOB_cf_secp256k1 + PeerKey=ALICE_cf_secp256k1_PUB + SharedSecret=a4745cc4d19cabb9e5cb0abdd5c604cab2846a4638ad844ed9175f3cadda2da1 + +-Title=sect113r1 curve tests +- +-PrivateKey=ALICE_cf_sect113r1 +------BEGIN PRIVATE KEY----- +-MC0CAQAwEAYHKoZIzj0CAQYFK4EEAAQEFjAUAgEBBA8ALw9CgsuNBkkhhUHE8bQ= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect113r1_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEASO9jcamlg1pRE7JffrTAe9kyRZO2xrymHXoGdnA +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect113r1:ALICE_cf_sect113r1_PUB +- +-PrivateKey=BOB_cf_sect113r1 +------BEGIN PRIVATE KEY----- +-MC0CAQAwEAYHKoZIzj0CAQYFK4EEAAQEFjAUAgEBBA8A/9qbs8sTFNkjS9/4CuM= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect113r1_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEATykaf/cvJzLOUto1EbbAEz/3++nut6q0dcJOQeV +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect113r1:BOB_cf_sect113r1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect113r1 +-PeerKey=BOB_cf_sect113r1_PUB +-SharedSecret=01ed16f1948dcb368a54004237842d +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect113r1 +-PeerKey=ALICE_cf_sect113r1_PUB +-SharedSecret=01ed16f1948dcb368a54004237842d +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect113r1 +-PeerKey=BOB_cf_sect113r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=012e5f3e348c2a8a88d9590a639219 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect113r1 +-PeerKey=ALICE_cf_sect113r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=012e5f3e348c2a8a88d9590a639219 +- +-PublicKey=MALICE_cf_sect113r1_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEAAAAAAAAAAAAAAAAAAAAAd+TqiBXnTd/lyA/OFsR +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_sect113r1 +-PeerKey=MALICE_cf_sect113r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_sect113r1 +-PeerKey=MALICE_cf_sect113r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect113r2 curve tests +- +-PrivateKey=ALICE_cf_sect113r2 +------BEGIN PRIVATE KEY----- +-MC0CAQAwEAYHKoZIzj0CAQYFK4EEAAUEFjAUAgEBBA8AvovirHrqTxoKJ3l+7y0= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect113r2_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAFvQ4JgQTS8kjGeVfuITAS81qNcOQvt3PYa1HuCk +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect113r2:ALICE_cf_sect113r2_PUB +- +-PrivateKey=BOB_cf_sect113r2 +------BEGIN PRIVATE KEY----- +-MC0CAQAwEAYHKoZIzj0CAQYFK4EEAAUEFjAUAgEBBA8ArUjgvp/goxRYb4WuQ80= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect113r2_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAUoS3of8y28meYu/NoI5AVdhJZCuDjMqFHTriWY4 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect113r2:BOB_cf_sect113r2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect113r2 +-PeerKey=BOB_cf_sect113r2_PUB +-SharedSecret=0057a287ba1ea05cb4735e673647e1 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect113r2 +-PeerKey=ALICE_cf_sect113r2_PUB +-SharedSecret=0057a287ba1ea05cb4735e673647e1 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect113r2 +-PeerKey=BOB_cf_sect113r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00fec2454e46732aca42b22b6d4f13 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect113r2 +-PeerKey=ALICE_cf_sect113r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00fec2454e46732aca42b22b6d4f13 +- +-PublicKey=MALICE_cf_sect113r2_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAAAAAAAAAAAAAAAAAAAAAR3dbPHrhFekzJ7Azskr +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_sect113r2 +-PeerKey=MALICE_cf_sect113r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_sect113r2 +-PeerKey=MALICE_cf_sect113r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect131r1 curve tests +- +-PrivateKey=ALICE_cf_sect131r1 +------BEGIN PRIVATE KEY----- +-MC8CAQAwEAYHKoZIzj0CAQYFK4EEABYEGDAWAgEBBBEA5C6zHMQM7pXPZ6cJz72Niw== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect131r1_PUB +------BEGIN PUBLIC KEY----- +-MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEBXCuXD6wOOif91GUlJNKXf8FBNw8crgqi5aEJEZbCdBJ +-Ag== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect131r1:ALICE_cf_sect131r1_PUB +- +-PrivateKey=BOB_cf_sect131r1 +------BEGIN PRIVATE KEY----- +-MC8CAQAwEAYHKoZIzj0CAQYFK4EEABYEGDAWAgEBBBEDYZmjiokBJ/SnTv8sskBR3A== +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect131r1_PUB +------BEGIN PUBLIC KEY----- +-MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEB8vGy3OQXwWKcJUSSJbCtpMBjFgJeZxzAaI420+B1B+1 +-5A== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect131r1:BOB_cf_sect131r1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect131r1 +-PeerKey=BOB_cf_sect131r1_PUB +-SharedSecret=05346248f77f81fff50cc656e119976871 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect131r1 +-PeerKey=ALICE_cf_sect131r1_PUB +-SharedSecret=05346248f77f81fff50cc656e119976871 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect131r1 +-PeerKey=BOB_cf_sect131r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01f151ae26efa507acc2597356baf7e8ab +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect131r1 +-PeerKey=ALICE_cf_sect131r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01f151ae26efa507acc2597356baf7e8ab +- +-PublicKey=MALICE_cf_sect131r1_PUB +------BEGIN PUBLIC KEY----- +-MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEAAAAAAAAAAAAAAAAAAAAAAABfiJEFG0vRzEGxk2BxjmK +-zw== +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_sect131r1 +-PeerKey=MALICE_cf_sect131r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_sect131r1 +-PeerKey=MALICE_cf_sect131r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect131r2 curve tests +- +-PrivateKey=ALICE_cf_sect131r2 +------BEGIN PRIVATE KEY----- +-MC8CAQAwEAYHKoZIzj0CAQYFK4EEABcEGDAWAgEBBBEBnZRUKAQetk5kyUwhIaAyxg== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect131r2_PUB +------BEGIN PUBLIC KEY----- +-MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEA5+Y20L8q989I4jnKknZ7hcGlQ6RUIGni9RahT88kB/d +-dw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect131r2:ALICE_cf_sect131r2_PUB +- +-PrivateKey=BOB_cf_sect131r2 +------BEGIN PRIVATE KEY----- +-MC8CAQAwEAYHKoZIzj0CAQYFK4EEABcEGDAWAgEBBBEBnafx9vcMeoCqj/1YNuflzw== +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect131r2_PUB +------BEGIN PUBLIC KEY----- +-MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEB2G2uNkhQNjjl0/Ov6UYpxoFaWNXO+qy7poV6cdrFN7z +-pA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect131r2:BOB_cf_sect131r2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect131r2 +-PeerKey=BOB_cf_sect131r2_PUB +-SharedSecret=058d8a8be33068ed8c1dc9f551ef2c3f3c +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect131r2 +-PeerKey=ALICE_cf_sect131r2_PUB +-SharedSecret=058d8a8be33068ed8c1dc9f551ef2c3f3c +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect131r2 +-PeerKey=BOB_cf_sect131r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=037b16d85f27c2c878ef96c79a536f89a5 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect131r2 +-PeerKey=ALICE_cf_sect131r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=037b16d85f27c2c878ef96c79a536f89a5 +- +-PublicKey=MALICE_cf_sect131r2_PUB +------BEGIN PUBLIC KEY----- +-MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEAAAAAAAAAAAAAAAAAAAAAAAGG5fiIbgziwBZHVzTYqCY +-1w== +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_sect131r2 +-PeerKey=MALICE_cf_sect131r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_sect131r2 +-PeerKey=MALICE_cf_sect131r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect163r1 curve tests +- +-PrivateKey=ALICE_cf_sect163r1 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAIEHDAaAgEBBBUAlbn4x1UGJnAimsXufB/UvUaxU5U= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect163r1_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEA0f195HCcD4D+7wWyl3QuPkRovG/ATy5l7fpMl4BNIg/ +-sbtEXluCzANF +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect163r1:ALICE_cf_sect163r1_PUB +- +-PrivateKey=BOB_cf_sect163r1 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAIEHDAaAgEBBBUAoStq6Fjb7nB2PNL6WrzKKqhCGdE= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect163r1_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEAul/oBKr9B5MsPHWGF+q07j0JC+WAxj1JzfcIXR98n+r +-9FHWU5LC5pDM +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect163r1:BOB_cf_sect163r1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect163r1 +-PeerKey=BOB_cf_sect163r1_PUB +-SharedSecret=06135eef489fe613c0d8bd522a2a640ff7ae6fb73d +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect163r1 +-PeerKey=ALICE_cf_sect163r1_PUB +-SharedSecret=06135eef489fe613c0d8bd522a2a640ff7ae6fb73d +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect163r1 +-PeerKey=BOB_cf_sect163r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0580f5e8efb242a19ae1023acbcab8702c799751e7 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect163r1 +-PeerKey=ALICE_cf_sect163r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0580f5e8efb242a19ae1023acbcab8702c799751e7 +- +-PublicKey=MALICE_cf_sect163r1_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJkXolVuGFa8fqmk +-cs0Bv7iJuVg1 +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_sect163r1 +-PeerKey=MALICE_cf_sect163r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_sect163r1 +-PeerKey=MALICE_cf_sect163r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect193r1 curve tests +- +-PrivateKey=ALICE_cf_sect193r1 +------BEGIN PRIVATE KEY----- +-MDcCAQAwEAYHKoZIzj0CAQYFK4EEABgEIDAeAgEBBBkACmcvidKWLtPFB2xqg76F8VhM1Njzrkgo +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect193r1_PUB +------BEGIN PUBLIC KEY----- +-MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAeqP0VQobenduwtf4MPmlYQVDjUmxKq50QFHnaBfzwXY +-1TYShZZgBr0R6a5dUGCbiF0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect193r1:ALICE_cf_sect193r1_PUB +- +-PrivateKey=BOB_cf_sect193r1 +------BEGIN PRIVATE KEY----- +-MDcCAQAwEAYHKoZIzj0CAQYFK4EEABgEIDAeAgEBBBkAKlSknQ66vpuLjC1mbQyfHOTdJ5Kw5jMh +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect193r1_PUB +------BEGIN PUBLIC KEY----- +-MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAaFZVIeqfV9wbPydaBSJKSWJjVyFVSB/QQB5rHonYQmK +-f40zok8PJS6ratIcZwk/n20= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect193r1:BOB_cf_sect193r1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect193r1 +-PeerKey=BOB_cf_sect193r1_PUB +-SharedSecret=012b8849991814f8c7ed9d40cf9dc204c3a83e0b10675543a5 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect193r1 +-PeerKey=ALICE_cf_sect193r1_PUB +-SharedSecret=012b8849991814f8c7ed9d40cf9dc204c3a83e0b10675543a5 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect193r1 +-PeerKey=BOB_cf_sect193r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0110180a18844859c52f6f012909522a2d87b5ab143bc80a55 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect193r1 +-PeerKey=ALICE_cf_sect193r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0110180a18844859c52f6f012909522a2d87b5ab143bc80a55 +- +-PublicKey=MALICE_cf_sect193r1_PUB +------BEGIN PUBLIC KEY----- +-MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHeX7PX3e5n +-zROUg6/STkLp1D+L51L9+wY= +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_sect193r1 +-PeerKey=MALICE_cf_sect193r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_sect193r1 +-PeerKey=MALICE_cf_sect193r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect193r2 curve tests +- +-PrivateKey=ALICE_cf_sect193r2 +------BEGIN PRIVATE KEY----- +-MDcCAQAwEAYHKoZIzj0CAQYFK4EEABkEIDAeAgEBBBkAhjkv8lXK/nPp3Qc4IwL/29JUKWi2VBMp +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect193r2_PUB +------BEGIN PUBLIC KEY----- +-MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAIn7oSu3adu4ChNXniHKkMIv9gT24rpzzwAeCTDPIkUT +-kJ+Tit6e4RpgkB/dph4V+uI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect193r2:ALICE_cf_sect193r2_PUB +- +-PrivateKey=BOB_cf_sect193r2 +------BEGIN PRIVATE KEY----- +-MDcCAQAwEAYHKoZIzj0CAQYFK4EEABkEIDAeAgEBBBkAwGkR3qSQdfh7Q6KbJ4lH5FShGsX8o/jD +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect193r2_PUB +------BEGIN PUBLIC KEY----- +-MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAFdSLKI0tlwZDpkndutOLsnHii1aJO8snwEJ0m/AZgMp +-xiDevOQ/xE9SpMX25W7YqkU= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect193r2:BOB_cf_sect193r2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect193r2 +-PeerKey=BOB_cf_sect193r2_PUB +-SharedSecret=01e2f66a63c24c1de8a399c484228a5ad5b6d911c6e5e83ae3 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect193r2 +-PeerKey=ALICE_cf_sect193r2_PUB +-SharedSecret=01e2f66a63c24c1de8a399c484228a5ad5b6d911c6e5e83ae3 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect193r2 +-PeerKey=BOB_cf_sect193r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00bc82d393bd74406683aea003977a86a109f444a833652e43 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect193r2 +-PeerKey=ALICE_cf_sect193r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00bc82d393bd74406683aea003977a86a109f444a833652e43 +- +-PublicKey=MALICE_cf_sect193r2_PUB +------BEGIN PUBLIC KEY----- +-MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFfdLEkrvsO +-Y7+6QpEvOay9A4MJCUZfZmI= +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_sect193r2 +-PeerKey=MALICE_cf_sect193r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_sect193r2 +-PeerKey=MALICE_cf_sect193r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect239k1 curve tests +- +-PrivateKey=ALICE_cf_sect239k1 +------BEGIN PRIVATE KEY----- +-MDwCAQAwEAYHKoZIzj0CAQYFK4EEAAMEJTAjAgEBBB4G4nbQDUtTnkrPOvDGIlhH9XdjirUSbTI5 +-5z6lf7o= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect239k1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEf5paOMjzcnpVAPMQnIkikE4K2jne3ubX2TD1P3aedknF +-lUr6tOU4BsiUQJACF90rQ9/KdeR5mYvYHzvI +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect239k1:ALICE_cf_sect239k1_PUB +- +-PrivateKey=BOB_cf_sect239k1 +------BEGIN PRIVATE KEY----- +-MDwCAQAwEAYHKoZIzj0CAQYFK4EEAAMEJTAjAgEBBB4e0F0NpepAF+iNrEtoZeo4TrQFspkUNLcx +-Ly4Klfg= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect239k1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEKnjJ4RHe+EiElXMrF4ou7VGy1pn0ZiO17FouF31Zbvjc +-TcbhfE6ziXM8sekQJBwcwRKQ9+G/Qzq/2A9x +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect239k1:BOB_cf_sect239k1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect239k1 +-PeerKey=BOB_cf_sect239k1_PUB +-SharedSecret=0ef54c7b7dbf55d4278e7a6924dc4833c63ec708e820d501cacdfb4935d5 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect239k1 +-PeerKey=ALICE_cf_sect239k1_PUB +-SharedSecret=0ef54c7b7dbf55d4278e7a6924dc4833c63ec708e820d501cacdfb4935d5 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect239k1 +-PeerKey=BOB_cf_sect239k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=592e4b33ac99624fe7f2f879cf52f12a70f189c5d90785db26a12e0a46c0 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect239k1 +-PeerKey=ALICE_cf_sect239k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=592e4b33ac99624fe7f2f879cf52f12a70f189c5d90785db26a12e0a46c0 +- +-PublicKey=MALICE_cf_sect239k1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAA +-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_sect239k1 +-PeerKey=MALICE_cf_sect239k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_sect239k1 +-PeerKey=MALICE_cf_sect239k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=wap-wsg-idm-ecid-wtls10 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls10 +------BEGIN PRIVATE KEY----- +-MDsCAQAwEAYHKoZIzj0CAQYFZysBBAoEJDAiAgEBBB1zvDMHGgcytka5KvlvQvJzTA4l2ts2NzBp +-SJiGyw== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls10_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAZkrhWBz/Q4GB8DY4Ia114ew6H7Eg7ri2uxwxd3rAZs5 +-/ShvunNyndjCt3Qaq8sulBM0nUyERSDakyD+ +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls10:ALICE_cf_wap-wsg-idm-ecid-wtls10_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls10 +------BEGIN PRIVATE KEY----- +-MDsCAQAwEAYHKoZIzj0CAQYFZysBBAoEJDAiAgEBBB1SowkHU79PqokOfgllN53rNS8a3h1wFBY0 +-dKPkQg== +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls10_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAGavw4ChHCoWplAumMEBwJgJ2aYtw+utu4vhWnscAPIT +-IJ4IiIGj18rCFBap1sgVbpXjhEBLYg6Itwv2 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls10:BOB_cf_wap-wsg-idm-ecid-wtls10_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls10 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls10_PUB +-SharedSecret=0194ef5d80fdfe9df366b2273b983c3dbd440faf76964fcfc06c509f289d +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls10 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls10_PUB +-SharedSecret=0194ef5d80fdfe9df366b2273b983c3dbd440faf76964fcfc06c509f289d +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls10 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls10_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01bedc5cdf63fbf18c3e2bc9765e12f7990c0c0c64f0267ae7c37b9f49f0 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls10 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls10_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01bedc5cdf63fbf18c3e2bc9765e12f7990c0c0c64f0267ae7c37b9f49f0 +- +-PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls10_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAA +-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls10 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls10_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls10 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls10_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=wap-wsg-idm-ecid-wtls11 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls11 +------BEGIN PRIVATE KEY----- +-MDwCAQAwEAYHKoZIzj0CAQYFZysBBAsEJTAjAgEBBB4AkzS3zoqHNCLug/nwoYMQW3UigmZ9t56k +-5jp+FiY= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls11_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEABttgKKYeGZRmcH/5UZR56lOSgbU4TH2AuIhvj88AL6H +-zTCX9elzXpck+u22bnmkuvL2A8XKB5+fabMR +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls11:ALICE_cf_wap-wsg-idm-ecid-wtls11_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls11 +------BEGIN PRIVATE KEY----- +-MDwCAQAwEAYHKoZIzj0CAQYFZysBBAsEJTAjAgEBBB4AWU05mbqPxsB749llNON1//l0w8RJJ3z5 +-h/kzfNM= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls11_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAL6Xj/KCmXAQAAo847t0bl0wqBrteWRg93OvIJsPAAOE +-ehdIgJyruc3KsH0RFlipu5QD8pnGSIXvif19 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls11:BOB_cf_wap-wsg-idm-ecid-wtls11_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls11 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls11_PUB +-SharedSecret=01ac8a23ddeeafb4d3bb243fe409f2f9c8b1a3fc11d4690da583f2e21637 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls11 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls11_PUB +-SharedSecret=01ac8a23ddeeafb4d3bb243fe409f2f9c8b1a3fc11d4690da583f2e21637 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls11 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls11_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01b9992992572d3a59d424f8c9cc195576461ed6c1dadf6fb523717fab19 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls11 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls11_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01b9992992572d3a59d424f8c9cc195576461ed6c1dadf6fb523717fab19 +- +-PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls11_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYf4 +-Vie5eHTnR+4x4G1xyq7qUvISU+X5RtBh2pE4 +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls11 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls11_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls11 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls11_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=wap-wsg-idm-ecid-wtls12 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls12 +------BEGIN PRIVATE KEY----- +-MDoCAQAwEAYHKoZIzj0CAQYFZysBBAwEIzAhAgEBBBxwvll9Eb9mm2Xadq1evIi1zIK+6u0Nv8bP +-LI9a +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls12_PUB +------BEGIN PUBLIC KEY----- +-ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAE0t0WqG/pFsiCt6agmebw3FCEWAzf9BpNLuzoCkPEe0Li +-bqn5udrckL6s3stwCTVFaZUfY2qS9QE= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls12:ALICE_cf_wap-wsg-idm-ecid-wtls12_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls12 +------BEGIN PRIVATE KEY----- +-MDoCAQAwEAYHKoZIzj0CAQYFZysBBAwEIzAhAgEBBBz+5P6gpqXxbeXvvaD5W9Ft69BTxcn7zc6q +-K3Ax +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls12_PUB +------BEGIN PUBLIC KEY----- +-ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAEvyxedqaWkoAOMjaV5W3/tJpheiHAR0zV6BlIeUuGP2mx +-+xsOK9/QB7hzipq9cXx1K/dXu58EoSY= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls12:BOB_cf_wap-wsg-idm-ecid-wtls12_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls12 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls12_PUB +-SharedSecret=a3b3f20af8c33a0f5c246b4b9d9dda1cd40c294d1f53365d18a8b54b +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls12 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls12_PUB +-SharedSecret=a3b3f20af8c33a0f5c246b4b9d9dda1cd40c294d1f53365d18a8b54b +- +-Title=wap-wsg-idm-ecid-wtls1 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls1 +------BEGIN PRIVATE KEY----- +-MCwCAQAwEAYHKoZIzj0CAQYFZysBBAEEFTATAgEBBA5ZNASTt4/g6XPQwRiQ0Q== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls1_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEACBNPI48xxsPVQBy07jRAAcWzbIkMo8BQotxpfGJ +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls1:ALICE_cf_wap-wsg-idm-ecid-wtls1_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls1 +------BEGIN PRIVATE KEY----- +-MCwCAQAwEAYHKoZIzj0CAQYFZysBBAEEFTATAgEBBA6+0x9qk0NIKHSRvlTemQ== +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls1_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAEeHMSBTx/EtOu+bjBinALHSkQuJyiP3mg1tu+I2 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls1:BOB_cf_wap-wsg-idm-ecid-wtls1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls1 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls1_PUB +-SharedSecret=0040ba2fadc1da97c973e5e59ade31 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls1 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls1_PUB +-SharedSecret=0040ba2fadc1da97c973e5e59ade31 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls1 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=008919696215a89e03d6c4c9265d6b +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls1 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=008919696215a89e03d6c4c9265d6b +- +-PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls1_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls1 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls1 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=wap-wsg-idm-ecid-wtls3 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls3 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFZysBBAMEHDAaAgEBBBUDO2cHbqQBUxuJBl6UT9UrasuRVrI= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls3_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEBRIzvK9o7eO2NGmtPFV/zo9/1mlvBwjG7+e6hbPG1KdI +-01f8oGBuXMQH +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls3:ALICE_cf_wap-wsg-idm-ecid-wtls3_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls3 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFZysBBAMEHDAaAgEBBBUAhZv9WZ00bDnU9MOaqEegP771nes= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls3_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAYOspjEbzyZw61jCtUrxARr+w66nBH+73QIvlaRVSG/4 +-hlBUf5kmG4Yn +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls3:BOB_cf_wap-wsg-idm-ecid-wtls3_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls3 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls3_PUB +-SharedSecret=0311924428a839b7dcada662722945e62bf1131f4f +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls3 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls3_PUB +-SharedSecret=0311924428a839b7dcada662722945e62bf1131f4f +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls3 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=047f1aee6a1a1d7c9c1f0e8dce4349429f737aa658 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls3 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=047f1aee6a1a1d7c9c1f0e8dce4349429f737aa658 +- +-PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls3_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAAAAAAAAAAB +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls3 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls3 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls3_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=wap-wsg-idm-ecid-wtls4 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls4 +------BEGIN PRIVATE KEY----- +-MC0CAQAwEAYHKoZIzj0CAQYFZysBBAQEFjAUAgEBBA8ACFOrBbOh5LjNtJQCuEE= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls4_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAW3K4Mus5+KAJVGLzEYrAYuCJSEYXFTo17aW0TwN +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls4:ALICE_cf_wap-wsg-idm-ecid-wtls4_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls4 +------BEGIN PRIVATE KEY----- +-MC0CAQAwEAYHKoZIzj0CAQYFZysBBAQEFjAUAgEBBA8Auz4XRc3Rg0bNcbrray8= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls4_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAI0F7ixGqOhnYpsuR80nAdTdSXM+YbcUbLe/U/xG +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls4:BOB_cf_wap-wsg-idm-ecid-wtls4_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls4 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls4_PUB +-SharedSecret=0077378ddfdadff704a0b6646949e7 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls4 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls4_PUB +-SharedSecret=0077378ddfdadff704a0b6646949e7 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls4 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls4_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=008f3713fe1ff1fa5d5041899817d1 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls4 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls4_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=008f3713fe1ff1fa5d5041899817d1 +- +-PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls4_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAAAAAAAAAAAAAAAAAAAAAd+TqiBXnTd/lyA/OFsR +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls4 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls4_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls4 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls4_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=wap-wsg-idm-ecid-wtls5 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls5 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFZysBBAUEHDAaAgEBBBUD9gVh3zbLTA7BuRVVi9T8QKZ1uco= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls5_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEAH5xyUrvbuN+tWmRhwqrQfFHPHNUBKtAGvJuvSFVwTKk +-uFzn9fPvIDe6 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls5:ALICE_cf_wap-wsg-idm-ecid-wtls5_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls5 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFZysBBAUEHDAaAgEBBBUAr9ZlmuO7bNfqB42xUivJXyVHKNI= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls5_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEBdXxEk0L2XAVzRNLPcnMxGXXyDfZAoA1Qw2XpOfVWIVR +-jdoMGRgUuJmO +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls5:BOB_cf_wap-wsg-idm-ecid-wtls5_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls5 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls5_PUB +-SharedSecret=0190c68d80e94fbe9f193ae7d9a156bf0b8d097c23 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls5 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls5_PUB +-SharedSecret=0190c68d80e94fbe9f193ae7d9a156bf0b8d097c23 +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls5 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls5_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00aabc9b45c200e41294aa922ab06da6655731e0ea +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls5 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls5_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00aabc9b45c200e41294aa922ab06da6655731e0ea +- +-PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls5_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8JxepS05nN/piK +-dhDD3dDKXUih +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls5 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls5_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls5 +-PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls5_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=wap-wsg-idm-ecid-wtls6 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls6 +------BEGIN PRIVATE KEY----- +-MCwCAQAwEAYHKoZIzj0CAQYFZysBBAYEFTATAgEBBA4ayMbswPbvYMwpwo80jA== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls6_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAERPw/8Ip/RrXr0gMgLGRQeiQ4Qd6W+Li0ylGKzg== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls6:ALICE_cf_wap-wsg-idm-ecid-wtls6_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls6 +------BEGIN PRIVATE KEY----- +-MCwCAQAwEAYHKoZIzj0CAQYFZysBBAYEFTATAgEBBA6kbCpFt3tX2hYBQHMXbg== +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls6_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAEhJXqpYGxE/l1X/LiBeyRbIcyzqPxUP5Tkv3U3w== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls6:BOB_cf_wap-wsg-idm-ecid-wtls6_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls6 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls6_PUB +-SharedSecret=b4cae255268f11a1e46fecad04c2 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls6 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls6_PUB +-SharedSecret=b4cae255268f11a1e46fecad04c2 +- +-Title=wap-wsg-idm-ecid-wtls7 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls7 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFZysBBAcEHDAaAgEBBBUABcyzh4ot9ck/j4/3ehK0aYngYoM= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls7_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEwQLnZ70n45RLqRtAGNzEa3Rl/9nwyjqYUtw2eeHhnNLT +-feGY4CNH0w== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls7:ALICE_cf_wap-wsg-idm-ecid-wtls7_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls7 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFZysBBAcEHDAaAgEBBBUAPyrGRY1SR13hKQswS6yXs8w8PUQ= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls7_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEZGN44YbN5r3zcNtOHrvbQLt8/lE7BHp4D/9eKLmwFDn1 +-QneRu3xwPA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls7:BOB_cf_wap-wsg-idm-ecid-wtls7_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls7 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls7_PUB +-SharedSecret=ae9f5bcc6457c0422866bf855921eabc42b7121a +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls7 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls7_PUB +-SharedSecret=ae9f5bcc6457c0422866bf855921eabc42b7121a +- +-Title=wap-wsg-idm-ecid-wtls8 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls8 +------BEGIN PRIVATE KEY----- +-MC0CAQAwEAYHKoZIzj0CAQYFZysBBAgEFjAUAgEBBA8AnkC18b3pH2O5TIYIqAQ= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls8_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAEJD0h4HEfchwxqhp9eMHh9gczQKHX4MtWVoAxKQ== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls8:ALICE_cf_wap-wsg-idm-ecid-wtls8_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls8 +------BEGIN PRIVATE KEY----- +-MC0CAQAwEAYHKoZIzj0CAQYFZysBBAgEFjAUAgEBBA8AXxPMnqbl3rOuIM5nsvc= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls8_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAEZawmRmzr9P+jihImUi6ykOzaSH484JhMKNdrgw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls8:BOB_cf_wap-wsg-idm-ecid-wtls8_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls8 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls8_PUB +-SharedSecret=48baf4f1f5e8a0eb5dae28ef6290 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls8 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls8_PUB +-SharedSecret=48baf4f1f5e8a0eb5dae28ef6290 +- +-Title=wap-wsg-idm-ecid-wtls9 curve tests +- +-PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls9 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFZysBBAkEHDAaAgEBBBUALwvuKs3RLthMAsChbqKjXw6vTYo= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls9_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAET0ppOvd9DU4v+tkKDQ5wRBrN1FwD9+F9t5l3Im+mz3rw +-DB/RYdZuUg== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls9:ALICE_cf_wap-wsg-idm-ecid-wtls9_PUB +- +-PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls9 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFZysBBAkEHDAaAgEBBBUAgeb/vqEM7X5AAAxyBu3M+C8pWLM= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls9_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAEWc37LGt6lt90iF4lhtDYNFdjAqoczebuNgzGff/Uq8ov +-a3EVJ9yK1A== +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls9:BOB_cf_wap-wsg-idm-ecid-wtls9_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_wap-wsg-idm-ecid-wtls9 +-PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls9_PUB +-SharedSecret=948d3030e95cead39a1bb3d8a01c2be178517ba7 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_wap-wsg-idm-ecid-wtls9 +-PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls9_PUB +-SharedSecret=948d3030e95cead39a1bb3d8a01c2be178517ba7 +- +-# tests: 484 +- + Title=zero x-coord regression tests + +-PrivateKey=ALICE_zero_prime192v1 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhaPNk8jG5hSG6y8tUqUoOaNNsZ3APU +-pps= +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_prime192v1_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe2hWBe5g +-DLNj216pEvK7XjoKLg5gNg8S +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_prime192v1 +-PeerKey=BOB_zero_prime192v1_PUB +-SharedSecret=baaffd49a8399d2ad52cbbe24d47b67afb4b3cf436f1cd65 +- +-PrivateKey=ALICE_zero_prime192v2 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBj1AIQMJ7jqYIKCvxYAS+qKMmKmH0to +-41k= +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_prime192v2_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Gj7Qqt +-2wx/jwFlKgvE4rnd50LspdMk +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_prime192v2 +-PeerKey=BOB_zero_prime192v2_PUB +-SharedSecret=b8f200a4b87064f2e8600685ca3e69b8e661a117aabc770b +- +-PrivateKey=ALICE_zero_prime192v3 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEHzAdAgEBBBh/maLQMSlea9BfLqGy5NPuK0YAH/cz +-GqI= +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_prime192v3_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZEzb63e2 +-3MKatRLR9Y1M5JEdI9jwMocI +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_prime192v3 +-PeerKey=BOB_zero_prime192v3_PUB +-SharedSecret=b5de857d355bc5b9e270a4c290ea9728d764d8b243ff5d8d +- +-PrivateKey=ALICE_zero_prime239v1 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQQEJTAjAgEBBB5pYWzRYI+c6O7NXCt0H2kw8XRL3rhe +-4MrJT8j++CI= +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_prime239v1_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-Ox02uwNNLFuvDRn5ip8TxvW0W22R7UzJa9Av6/nh +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_prime239v1 +-PeerKey=BOB_zero_prime239v1_PUB +-SharedSecret=6b6206408bd05d42daa2cd224c401a1230b44e184f17b82f385f22dac215 +- +-PrivateKey=ALICE_zero_prime239v2 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQUEJTAjAgEBBB5l8bB7Cpmr7vyx9FiOT2wEF3YOFbDG +-bmRr3Vi/xr4= +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_prime239v2_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-IOg3VJGQ89d1GWg4Igxcj5xpDmJiP8tv+e4mxt5U +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_prime239v2 +-PeerKey=BOB_zero_prime239v2_PUB +-SharedSecret=772c2819c960c78f28f21f6542b7409294fad1f84567c44c4b7678dc0e42 +- +-PrivateKey=ALICE_zero_prime239v3 +------BEGIN PRIVATE KEY----- +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQYEJTAjAgEBBB5HF5FABzUOTYMZg9UdZTx/oRERm/fU +-M/+otKzpLjA= +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_prime239v3_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AsZ4u6r3qQI78EYBpiSgWjqNpoeShjr5piecMBWj +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_prime239v3 +-PeerKey=BOB_zero_prime239v3_PUB +-SharedSecret=56a71f5dd1611e8032c3e2d8224d86e5e8c2fc6480d74c0e282282decd43 +- + PrivateKey=ALICE_zero_prime256v1 + -----BEGIN PRIVATE KEY----- + MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDXhMb6aR4JR2+l2tmgYqP0r8S4jtym +@@ -3322,72 +73,6 @@ Derive=ALICE_zero_prime256v1 + PeerKey=BOB_zero_prime256v1_PUB + SharedSecret=c4f5607deb8501f1a4ba23fce4122a4343a17ada2c86a9c8e0d03d92d4a4c84c + +-PrivateKey=ALICE_zero_secp112r2 +------BEGIN PRIVATE KEY----- +-MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAcEFTATAgEBBA4hh3tRkG3tnA0496ffMw== +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_secp112r2_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEAAAAAAAAAAAAAAAAAAAS5eEOWDV/Wk7w4djyDQ== +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_secp112r2 +-PeerKey=BOB_zero_secp112r2_PUB +-SharedSecret=958cc1cb425713678830a4d7d95e +- +-PrivateKey=ALICE_zero_secp128r1 +------BEGIN PRIVATE KEY----- +-MC4CAQAwEAYHKoZIzj0CAQYFK4EEABwEFzAVAgEBBBCykSzic/h3T2K6SkSP1SGt +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_secp128r1_PUB +------BEGIN PUBLIC KEY----- +-MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAEAAAAAAAAAAAAAAAAAAAAAABya8M5aeOpNG3z799IdHc= +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_secp128r1 +-PeerKey=BOB_zero_secp128r1_PUB +-SharedSecret=5235d452066f126cd7e99eea00fd3068 +- +-PrivateKey=ALICE_zero_secp160r1 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAgEHDAaAgEBBBUACoRnbig69XLlh5VcRexpbbn5zwA= +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_secp160r1_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAG/w1po29wYlxlygXs +-MGfbiGg5ng== +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_secp160r1 +-PeerKey=BOB_zero_secp160r1_PUB +-SharedSecret=9ccd0ab8d093b6acdb3fe14c3736a0dfe61a4666 +- +-PrivateKey=ALICE_zero_secp160r2 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAB4EHDAaAgEBBBUAQFGxInSw1eAvd45E9TUdbXtJGnA= +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_secp160r2_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAZtSBSZqfmXp47v5z2 +-ZZZl2JFxDg== +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_secp160r2 +-PeerKey=BOB_zero_secp160r2_PUB +-SharedSecret=303e0a282ac86f463fe834cb51b0057be42ed5ab +- + PrivateKey=ALICE_zero_secp384r1 + -----BEGIN PRIVATE KEY----- + ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDD6kgzKbg28zbQyVTdC0IdHbm0UCQt2Rdbi +@@ -3426,76 +111,6 @@ Derive=ALICE_zero_secp521r1 + PeerKey=BOB_zero_secp521r1_PUB + SharedSecret=003fc3028f61db94b20c7cd177923b6e73f12f0ab067c9ce8866755e3c82abb39c9863cde74fa80b32520bd7dd0eb156c30c08911503b67b2661f1264d09bb231423 + +-PrivateKey=ALICE_zero_wap-wsg-idm-ecid-wtls7 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFZysBBAcEHDAaAgEBBBUAoGng7WzYr4P9vtdc3BS/UiNWmc0= +------END PRIVATE KEY----- +- +-PublicKey=BOB_zero_wap-wsg-idm-ecid-wtls7_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAZtSBSZqfmXp47v5z2 +-ZZZl2JFxDg== +------END PUBLIC KEY----- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_wap-wsg-idm-ecid-wtls7 +-PeerKey=BOB_zero_wap-wsg-idm-ecid-wtls7_PUB +-SharedSecret=6582fc03bbb340fcf24a5fe8fcdf722655efa8b9 +- +-# tests: 14 +- +-Title=prime192v1 curve tests +- +-PrivateKey=ALICE_cf_prime192v1 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhQFYLaobJ47BVWWZv/ByY8Ti69m/U9 +-TeI= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_prime192v1_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEHYbt14KzucSpmKMrlDx1IGz/a28nDs21OjKgx3BK +-PZ78UrllIr69kgrYUKsRg4sd +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_prime192v1:ALICE_cf_prime192v1_PUB +- +-PrivateKey=BOB_cf_prime192v1 +------BEGIN PRIVATE KEY----- +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhsbmKHAtygIqirkmUXSbniDJOx0/fI +-CWM= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_prime192v1_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEJA+FQcXq5Axzv8pLDslxq1QVt1hjN2i0TgoO6Yxp +-bAekMot69VorE8ibSzgJixXJ +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_prime192v1:BOB_cf_prime192v1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_prime192v1 +-PeerKey=BOB_cf_prime192v1_PUB +-SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_prime192v1 +-PeerKey=ALICE_cf_prime192v1_PUB +-SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354 +- +-# ECDH Bob with Alice peer : curves with less than 112 bits of strength cannot +-# be used for Key agreement in fips mode +-Availablein = fips +-Derive=BOB_cf_prime192v1 +-Securitycheck = 1 +-PeerKey=ALICE_cf_prime192v1_PUB +-SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354 +-Result = DERIVE_SET_PEER_ERROR +- + Title=prime256v1 curve tests + + PrivateKey=ALICE_cf_prime256v1 +@@ -3659,743 +274,3 @@ SharedSecret=01dd4aa9037bb4ad298b420998d + Derive=BOB_cf_secp521r1 + PeerKey=ALICE_cf_secp521r1_PUB + SharedSecret=01dd4aa9037bb4ad298b420998dcd32b3a9af1cda8b7919e372aeb4e54ccfb4d2409a340ed896bfbc5dd462f8d96b8784bc17b29db3ca04700e6ec752f9bec777695 +- +-Title=sect163k1 curve tests +- +-PrivateKey=ALICE_cf_sect163k1 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAEEHDAaAgEBBBUB905PYfmej8LzbzX6Bg51GJzXQjQ= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect163k1_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBfvs5A1hD8YySP9O2ub8GEUfotVuBpfRx4GIHdAfx8wV +-1UVeTRnyAlWU +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect163k1:ALICE_cf_sect163k1_PUB +- +-PrivateKey=BOB_cf_sect163k1 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAEEHDAaAgEBBBUCHPtCjJ4/K8ylQBcLlb5VE0bkaUE= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect163k1_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBvgfX1mTRlt6Z4TE1D1MNWo4loH4AoeYa6oowK104LKk +-nsdg7isQ8XBD +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect163k1:BOB_cf_sect163k1_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect163k1 +-PeerKey=BOB_cf_sect163k1_PUB +-SharedSecret=04d0e40788c5ce5220818055277cae53eac55c1e6b +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect163k1 +-PeerKey=ALICE_cf_sect163k1_PUB +-SharedSecret=04d0e40788c5ce5220818055277cae53eac55c1e6b +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect163k1 +-PeerKey=BOB_cf_sect163k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04c902a91110244d89110034dd2b099c49cbab6c77 +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect163k1 +-PeerKey=ALICE_cf_sect163k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04c902a91110244d89110034dd2b099c49cbab6c77 +- +-PublicKey=MALICE_cf_sect163k1_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAAAAAAAAAAB +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_sect163k1 +-PeerKey=MALICE_cf_sect163k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_sect163k1 +-PeerKey=MALICE_cf_sect163k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect163r2 curve tests +- +-PrivateKey=ALICE_cf_sect163r2 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAA8EHDAaAgEBBBUBjCs/M3N31jsAueYrOq21vdETwAI= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect163r2_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBd8Z1/HpA+89hF4I98EST3svWns3BAEbhWmL/fgxk2uu +-YwVrmqhgqH/C +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect163r2:ALICE_cf_sect163r2_PUB +- +-PrivateKey=BOB_cf_sect163r2 +------BEGIN PRIVATE KEY----- +-MDMCAQAwEAYHKoZIzj0CAQYFK4EEAA8EHDAaAgEBBBUBsiouT9Df+mwHWrpPg1JSrY9nqlI= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect163r2_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBULqBZ+nhLhDEMYY8NEEzZ126MdxAcFXWv8zmPEH9505 +-8vT5zU3aq6HV +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect163r2:BOB_cf_sect163r2_PUB +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect163r2 +-PeerKey=BOB_cf_sect163r2_PUB +-SharedSecret=019f829a53c4e6544bdec1395a23082169efaf369d +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect163r2 +-PeerKey=ALICE_cf_sect163r2_PUB +-SharedSecret=019f829a53c4e6544bdec1395a23082169efaf369d +- +-# ECC CDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_cf_sect163r2 +-PeerKey=BOB_cf_sect163r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=048870d39235ecbc16a000ee478833509b9318a53f +- +-# ECC CDH Bob with Alice peer +-Availablein = default +-Derive=BOB_cf_sect163r2 +-PeerKey=ALICE_cf_sect163r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=048870d39235ecbc16a000ee478833509b9318a53f +- +-PublicKey=MALICE_cf_sect163r2_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsJbhbrfiSdZPSHD +-ZtqJwDlp802l +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Availablein = default +-Derive=BOB_cf_sect163r2 +-PeerKey=MALICE_cf_sect163r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Availablein = default +-Derive=ALICE_cf_sect163r2 +-PeerKey=MALICE_cf_sect163r2_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect233k1 curve tests +- +-PrivateKey=ALICE_cf_sect233k1 +------BEGIN PRIVATE KEY----- +-MDsCAQAwEAYHKoZIzj0CAQYFK4EEABoEJDAiAgEBBB0z/3heNFjJL+2sAT/38yRsN3kt2iXz7u+y +-Gua8Kw== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect233k1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALQyn0zJmOrHm4S2EIjxRe899PadBnfpYjLKWGvpAIzf +-MEG861Nv1IYJkmkO1xlfNHeeRtqFgsQVFKZh +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect233k1:ALICE_cf_sect233k1_PUB +- +-PrivateKey=BOB_cf_sect233k1 +------BEGIN PRIVATE KEY----- +-MDsCAQAwEAYHKoZIzj0CAQYFK4EEABoEJDAiAgEBBB1I0ucrC4d9i6Z+0cbar5r7uKpF5iiQkSJA +-DFMTUA== +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect233k1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAatdqazxSghJ568CBFyMXhEvVeAiLewOY/jk9H5DAOB4 +-ufNGbdd131KLaKPivB38a6n5Y+2BVSJangow +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect233k1:BOB_cf_sect233k1_PUB +- +-# ECDH Alice with Bob peer +-Derive=ALICE_cf_sect233k1 +-PeerKey=BOB_cf_sect233k1_PUB +-SharedSecret=012145026e8de65973c154e085456fc5539ba9e25663e7f5816abfcab310 +- +-# ECDH Bob with Alice peer +-Derive=BOB_cf_sect233k1 +-PeerKey=ALICE_cf_sect233k1_PUB +-SharedSecret=012145026e8de65973c154e085456fc5539ba9e25663e7f5816abfcab310 +- +-# ECC CDH Alice with Bob peer +-Derive=ALICE_cf_sect233k1 +-PeerKey=BOB_cf_sect233k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00ff7d6c6b80f39d2ae68fbd00adbcd75fa599ed0bc1aac0e3f49c1c164d +- +-# ECC CDH Bob with Alice peer +-Derive=BOB_cf_sect233k1 +-PeerKey=ALICE_cf_sect233k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00ff7d6c6b80f39d2ae68fbd00adbcd75fa599ed0bc1aac0e3f49c1c164d +- +-PublicKey=MALICE_cf_sect233k1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAA +-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Derive=BOB_cf_sect233k1 +-PeerKey=MALICE_cf_sect233k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Derive=ALICE_cf_sect233k1 +-PeerKey=MALICE_cf_sect233k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect233r1 curve tests +- +-PrivateKey=ALICE_cf_sect233r1 +------BEGIN PRIVATE KEY----- +-MDwCAQAwEAYHKoZIzj0CAQYFK4EEABsEJTAjAgEBBB4ATcy7zVpIsJ9rl5EIDmzRz5wxjrDIQyDm +-HP3Pt8Y= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect233r1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQMQHiJ44LiCnZkEg1zyww1h+idTbsw8E07P33WUAUfD +-NeQ4hWEhTXPnytIbEhFKpnd3j/FbyZnJqxh8 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect233r1:ALICE_cf_sect233r1_PUB +- +-PrivateKey=BOB_cf_sect233r1 +------BEGIN PRIVATE KEY----- +-MDwCAQAwEAYHKoZIzj0CAQYFK4EEABsEJTAjAgEBBB4ALpOlFn4OfiIAkRAZGOsn7L6W3XoQBSV8 +-mQVC2pw= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect233r1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJQw+NWqFJXYw4dVMovzvw76OYnYOTaDaEPNW8ECAQbl +-TzzbBSTp5iqM13mP0/Bo4OO66NS3lA9e/GTO +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect233r1:BOB_cf_sect233r1_PUB +- +-# ECDH Alice with Bob peer +-Derive=ALICE_cf_sect233r1 +-PeerKey=BOB_cf_sect233r1_PUB +-SharedSecret=00209d2995a63f1e8b7a5c33dee5abb602e32e1835ae8bb57eb264d8d795 +- +-# ECDH Bob with Alice peer +-Derive=BOB_cf_sect233r1 +-PeerKey=ALICE_cf_sect233r1_PUB +-SharedSecret=00209d2995a63f1e8b7a5c33dee5abb602e32e1835ae8bb57eb264d8d795 +- +-# ECC CDH Alice with Bob peer +-Derive=ALICE_cf_sect233r1 +-PeerKey=BOB_cf_sect233r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00c3cd1d38a65f5e421399409a76cec1136bc84149f054a7f55e7980c612 +- +-# ECC CDH Bob with Alice peer +-Derive=BOB_cf_sect233r1 +-PeerKey=ALICE_cf_sect233r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00c3cd1d38a65f5e421399409a76cec1136bc84149f054a7f55e7980c612 +- +-PublicKey=MALICE_cf_sect233r1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYf4 +-Vie5eHTnR+4x4G1xyq7qUvISU+X5RtBh2pE4 +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Derive=BOB_cf_sect233r1 +-PeerKey=MALICE_cf_sect233r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Derive=ALICE_cf_sect233r1 +-PeerKey=MALICE_cf_sect233r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect283k1 curve tests +- +-PrivateKey=ALICE_cf_sect283k1 +------BEGIN PRIVATE KEY----- +-MEICAQAwEAYHKoZIzj0CAQYFK4EEABAEKzApAgEBBCQAY1Mi9rST7PiP1t03qYRczV/kSZ+VjQu8 +-5EFCgxyvkaLManw= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect283k1_PUB +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBMjBO8WoxHS/vz8po52WZGxS+RK5yolrUe6tfbAMA3Sd +-5/JjBDVjOz95vM4gUnqzUWHN5nKBQtj6HiU9Q/R+zqg98OiQKTyA +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect283k1:ALICE_cf_sect283k1_PUB +- +-PrivateKey=BOB_cf_sect283k1 +------BEGIN PRIVATE KEY----- +-MEICAQAwEAYHKoZIzj0CAQYFK4EEABAEKzApAgEBBCQBCZC8Is+YSjgXJBBDioEl6gu14QpGHllD +-1J6957vBTPSQdH0= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect283k1_PUB +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAGEQKZVHYAlvtjHrFyZVm12qUb5j+T5/WNoC962+kwUM +-QkBYA5BpuG8Knlugq1iB31whPAgRCZfdLKHpHRPJSfXvKyUIdeUm +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect283k1:BOB_cf_sect283k1_PUB +- +-# ECDH Alice with Bob peer +-Derive=ALICE_cf_sect283k1 +-PeerKey=BOB_cf_sect283k1_PUB +-SharedSecret=03f67c88bdc230b43773d17fdb4d0a980556d074ceccee726932160e4ed965e3be72803c +- +-# ECDH Bob with Alice peer +-Derive=BOB_cf_sect283k1 +-PeerKey=ALICE_cf_sect283k1_PUB +-SharedSecret=03f67c88bdc230b43773d17fdb4d0a980556d074ceccee726932160e4ed965e3be72803c +- +-# ECC CDH Alice with Bob peer +-Derive=ALICE_cf_sect283k1 +-PeerKey=BOB_cf_sect283k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0677ba01c84d139609ca145cb5b6079fc9ca67f59c9c913e47cad1073f1d1dfaddde0169 +- +-# ECC CDH Bob with Alice peer +-Derive=BOB_cf_sect283k1 +-PeerKey=ALICE_cf_sect283k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0677ba01c84d139609ca145cb5b6079fc9ca67f59c9c913e47cad1073f1d1dfaddde0169 +- +-PublicKey=MALICE_cf_sect283k1_PUB +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Derive=BOB_cf_sect283k1 +-PeerKey=MALICE_cf_sect283k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Derive=ALICE_cf_sect283k1 +-PeerKey=MALICE_cf_sect283k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect283r1 curve tests +- +-PrivateKey=ALICE_cf_sect283r1 +------BEGIN PRIVATE KEY----- +-MEICAQAwEAYHKoZIzj0CAQYFK4EEABEEKzApAgEBBCQCQ5pqKvPxDysd1pi2Bv8Z11cFhsRZfuaf +-4Pi0hpGr4ubZcHE= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect283r1_PUB +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBcsrGDgO7pbGybQX/00gRHtQq3+X9XrGb7Uzv9Nabwc/ +-kntnBMF0I2KU+aaTjQx1GVtmNf7CvFwPLEBnfKjJAjekjsGyIqoq +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect283r1:ALICE_cf_sect283r1_PUB +- +-PrivateKey=BOB_cf_sect283r1 +------BEGIN PRIVATE KEY----- +-MEICAQAwEAYHKoZIzj0CAQYFK4EEABEEKzApAgEBBCQDxItnY3cDCrX/jGnVuAKDPaySZCr3E83Q +-UdFnP6YIykt7+Pg= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect283r1_PUB +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBJ2C9BCkX0YRfs2ufgUKvreUXFWp2AGK+iHlZB4N3LqO +-PKpmAkrAeCMty6mw2mEnOR5HA1d4Ee+z7/NJgJJ80Ra9bFnreOW3 +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect283r1:BOB_cf_sect283r1_PUB +- +-# ECDH Alice with Bob peer +-Derive=ALICE_cf_sect283r1 +-PeerKey=BOB_cf_sect283r1_PUB +-SharedSecret=0424259cf09727574fb863cab7c27d8fe3835e96433110a45a951f94347fc81939ec4773 +- +-# ECDH Bob with Alice peer +-Derive=BOB_cf_sect283r1 +-PeerKey=ALICE_cf_sect283r1_PUB +-SharedSecret=0424259cf09727574fb863cab7c27d8fe3835e96433110a45a951f94347fc81939ec4773 +- +-# ECC CDH Alice with Bob peer +-Derive=ALICE_cf_sect283r1 +-PeerKey=BOB_cf_sect283r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01c2a542654ce85b17456ed75b6bca6b6eb761580913670debc426a3525f236df0e875c8 +- +-# ECC CDH Bob with Alice peer +-Derive=BOB_cf_sect283r1 +-PeerKey=ALICE_cf_sect283r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01c2a542654ce85b17456ed75b6bca6b6eb761580913670debc426a3525f236df0e875c8 +- +-PublicKey=MALICE_cf_sect283r1_PUB +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAAAByvMnFeSsevoGYMIn7b4NaL9IgowRCTKF8CCrhdEKu3pubP2 +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Derive=BOB_cf_sect283r1 +-PeerKey=MALICE_cf_sect283r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Derive=ALICE_cf_sect283r1 +-PeerKey=MALICE_cf_sect283r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect409k1 curve tests +- +-PrivateKey=ALICE_cf_sect409k1 +------BEGIN PRIVATE KEY----- +-MFECAQAwEAYHKoZIzj0CAQYFK4EEACQEOjA4AgEBBDMOthcLahkXFgM0wjOzm767D1A72sFRGlhb +-bVH+EB7z2WpIcPX4OD+M4Y1pf/a7wSaoSAo= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect409k1_PUB +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAbiYYpeFgCMsZFMzQaiwMJDrC+mCMT7KmhYtD5EMMgLW +-5OvhaqYdpRf49A8LOtVcRT7J5gGcMrXQgmQeS3FenA5owWnB2NIgrTNf5d8AAEtrOupsJ4c3kL6e +-aAzayZ1+UCEj8skbC9U= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect409k1:ALICE_cf_sect409k1_PUB +- +-PrivateKey=BOB_cf_sect409k1 +------BEGIN PRIVATE KEY----- +-MFECAQAwEAYHKoZIzj0CAQYFK4EEACQEOjA4AgEBBDMO43ldQllTewdZwffH4OEXdzBrLwabKsn4 +-6/hjgIAaYda/pt4yCEQLMp18QgtfMey5ENI= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect409k1_PUB +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAVTQj6hRizVmOx4Z6vroN/zMkmAY+QhkQ0CnFeJ0AydY +-Fv+f+/420vMC1Mhqsc9VzPMmIAH6ZrgGKDsd4Ce9JUtYE0rVhGeiG2RaN1U5RlhVK4avkWhFlyQ5 +-vuu4aApQiWE3yQd9v/I= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect409k1:BOB_cf_sect409k1_PUB +- +-# ECDH Alice with Bob peer +-Derive=ALICE_cf_sect409k1 +-PeerKey=BOB_cf_sect409k1_PUB +-SharedSecret=01fbe13188588c9d1ac3a8a2680ea9a009b28e4b7d7fa4efcb1a22553876fb7973616819fd87c75e5b8ce6e3628595e4ce12edb0 +- +-# ECDH Bob with Alice peer +-Derive=BOB_cf_sect409k1 +-PeerKey=ALICE_cf_sect409k1_PUB +-SharedSecret=01fbe13188588c9d1ac3a8a2680ea9a009b28e4b7d7fa4efcb1a22553876fb7973616819fd87c75e5b8ce6e3628595e4ce12edb0 +- +-# ECC CDH Alice with Bob peer +-Derive=ALICE_cf_sect409k1 +-PeerKey=BOB_cf_sect409k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=007e9485f7234bb2255bb40e51f4be867cb0ef31f8e489a697b31b51c4d5346daaee51e96ae6f9636e6e3af56095fe28755325ee +- +-# ECC CDH Bob with Alice peer +-Derive=BOB_cf_sect409k1 +-PeerKey=ALICE_cf_sect409k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=007e9485f7234bb2255bb40e51f4be867cb0ef31f8e489a697b31b51c4d5346daaee51e96ae6f9636e6e3af56095fe28755325ee +- +-PublicKey=MALICE_cf_sect409k1_PUB +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAAAAAAAAAAAAAAAAAA= +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Derive=BOB_cf_sect409k1 +-PeerKey=MALICE_cf_sect409k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Derive=ALICE_cf_sect409k1 +-PeerKey=MALICE_cf_sect409k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect409r1 curve tests +- +-PrivateKey=ALICE_cf_sect409r1 +------BEGIN PRIVATE KEY----- +-MFICAQAwEAYHKoZIzj0CAQYFK4EEACUEOzA5AgEBBDQAxSC9lST5dtfXQI1Ug9VMMoue3GGni5ON +-+gieyXK2KKbd29KAPs4/AOd8kX2wQDsZPO7E +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect409r1_PUB +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEASAvXAM15DJerAu1JttpBuMJK1/fEfFohu2iEpt3r7Ui +-iQoER6HUsWiw1hhcJyTv7WzpJQHFWrOlJMe/KjmQa/CygSc65YHDzG27oUL+KGdQUGc79ZRSwl/q +-fGZqa3D+bDVMwrhmZto= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect409r1:ALICE_cf_sect409r1_PUB +- +-PrivateKey=BOB_cf_sect409r1 +------BEGIN PRIVATE KEY----- +-MFICAQAwEAYHKoZIzj0CAQYFK4EEACUEOzA5AgEBBDQARen+1P3JQzBgOv0pUYwsZTPRVLpqqDAU +-7mKL2lk9eH7zSGmtNoMvP2m1S2dBnXxFY/bV +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect409r1_PUB +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAbDUw066TtdfOpDvrlKosEyqUNEG7rY+AKvDqKw+HOzf +-sUTYee6cEf71oqJ1sCKPQiYzlwCu/HLQeWPxISE6Uo+53kkeJml2xpMBwoE25Gq/DSS61dR7SRTZ +-+sUmumbIuGzbrjtMRmw= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect409r1:BOB_cf_sect409r1_PUB +- +-# ECDH Alice with Bob peer +-Derive=ALICE_cf_sect409r1 +-PeerKey=BOB_cf_sect409r1_PUB +-SharedSecret=00a751259cdb3b445ce71a40a01a2189dfce70226111190505fc6eabe4e5a05bff7af55f2015e1ffcab6aea7ea9a6e74905da2a1 +- +-# ECDH Bob with Alice peer +-Derive=BOB_cf_sect409r1 +-PeerKey=ALICE_cf_sect409r1_PUB +-SharedSecret=00a751259cdb3b445ce71a40a01a2189dfce70226111190505fc6eabe4e5a05bff7af55f2015e1ffcab6aea7ea9a6e74905da2a1 +- +-# ECC CDH Alice with Bob peer +-Derive=ALICE_cf_sect409r1 +-PeerKey=BOB_cf_sect409r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0115a31aed416c5089d74a263ec300aff13a5329c6ad27de950ae0b0917b40a3464fccf5691ac9633a51e5177a82b15cfc434aad +- +-# ECC CDH Bob with Alice peer +-Derive=BOB_cf_sect409r1 +-PeerKey=ALICE_cf_sect409r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0115a31aed416c5089d74a263ec300aff13a5329c6ad27de950ae0b0917b40a3464fccf5691ac9633a51e5177a82b15cfc434aad +- +-PublicKey=MALICE_cf_sect409r1_PUB +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAAAAAAAAAAAAAAAAAAAAAAAAACZNffkdo7i7yL5tKKfU8tdk6su0K185XwbJkn96JWVDPZXZ3My +-bFKKSOJ7hyrM8Lwl1e8= +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Derive=BOB_cf_sect409r1 +-PeerKey=MALICE_cf_sect409r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Derive=ALICE_cf_sect409r1 +-PeerKey=MALICE_cf_sect409r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect571k1 curve tests +- +-PrivateKey=ALICE_cf_sect571k1 +------BEGIN PRIVATE KEY----- +-MGYCAQAwEAYHKoZIzj0CAQYFK4EEACYETzBNAgEBBEgB4agvk7Qdf9bVb9aMVdtXL0MuVw6dTleB +-zrpPMYty/piI5GWkQEGVp4OJSjF1BGgWmtYSYlV0oI8jJ7hfWTjVGfVWix4ipb8= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect571k1_PUB +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDUZq0ZrgYpTXNpOptjExaur0K9FAYHv1j9cvAptwX +-dcmQf3VqekMkGZCfNdqNeqCajG3QHRkBHe4FZhWr3FXi8whvvr463lUDf+t46un1kE6FTYfhILGa +-sBZm7OdfkarYd9TXBbmnkFA+XkyPlkM1+6daM3/WmnegK+TYghFDXLgwiyF8s0ElllF7z38Gmc4= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect571k1:ALICE_cf_sect571k1_PUB +- +-PrivateKey=BOB_cf_sect571k1 +------BEGIN PRIVATE KEY----- +-MGYCAQAwEAYHKoZIzj0CAQYFK4EEACYETzBNAgEBBEgA3pINxGOI7L9M+Mil+bm/udPwI4xu7ubJ +-p3aoOepTXW94laf8wjFLcQnRUwH87Vbq9VLQEfCAFvr2vZoBc+5asnNuDhRNNeQ= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect571k1_PUB +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDZRr5GCSq2uzGxmWNB+bED7zye18Rr/KehwXrbn1r +-rKtR8fe+dg2V15FieC3qZe/wCpMtyp79VmEabGi6iGLlAN/rUE81URsA/K7GVpmklslV5gmwryR0 +-3E7jGKPFesun9iNtmpgM18P9y3aJd4Qr4hMlwW2Nyw187l6QB/W2e/i+8vKXFTLHlz5WLAyAcpA= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect571k1:BOB_cf_sect571k1_PUB +- +-# ECDH Alice with Bob peer +-Derive=ALICE_cf_sect571k1 +-PeerKey=BOB_cf_sect571k1_PUB +-SharedSecret=02b79c92cee50dc5b9fdddce36d4fa2e28d7d178cd74e575961f39429496305b38815c840c2e66327435c044ed885ec964068531251a2112717602532e8b6d5411db2fe05c1ac18c +- +-# ECDH Bob with Alice peer +-Derive=BOB_cf_sect571k1 +-PeerKey=ALICE_cf_sect571k1_PUB +-SharedSecret=02b79c92cee50dc5b9fdddce36d4fa2e28d7d178cd74e575961f39429496305b38815c840c2e66327435c044ed885ec964068531251a2112717602532e8b6d5411db2fe05c1ac18c +- +-# ECC CDH Alice with Bob peer +-Derive=ALICE_cf_sect571k1 +-PeerKey=BOB_cf_sect571k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=063aea789492c9727a5a6b7f24e8d3d377c70ee8e86b13664e191a53b1905e90e78b85960b1881db5160c7c5cacca0d686d9e104140d565eeeec17426f93d3a7ba639ecd716b43d2 +- +-# ECC CDH Bob with Alice peer +-Derive=BOB_cf_sect571k1 +-PeerKey=ALICE_cf_sect571k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=063aea789492c9727a5a6b7f24e8d3d377c70ee8e86b13664e191a53b1905e90e78b85960b1881db5160c7c5cacca0d686d9e104140d565eeeec17426f93d3a7ba639ecd716b43d2 +- +-PublicKey=MALICE_cf_sect571k1_PUB +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAA +-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE= +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Derive=BOB_cf_sect571k1 +-PeerKey=MALICE_cf_sect571k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Derive=ALICE_cf_sect571k1 +-PeerKey=MALICE_cf_sect571k1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-Title=sect571r1 curve tests +- +-PrivateKey=ALICE_cf_sect571r1 +------BEGIN PRIVATE KEY----- +-MGYCAQAwEAYHKoZIzj0CAQYFK4EEACcETzBNAgEBBEgAxfL2/gUsmJonvDMR95Azq1ySgXMlKSRk +-+PL+WaS92ZyOo45HaC7RpH5sdkf4b948u6y1BXOxGZuORXy6lgbgZ1Zx2UgL3cI= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_cf_sect571r1_PUB +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBK5L9ccIWacU2A1srZ35opPu6kcbEOsBPmvj/rlMS +-fFrdMOcagOYfcD0/ouYHPhvkHbr9k87IlQJfnV6ZNRA4PmWSp/FjkNwETm/fqTCUQHti/qqnKH7R +-Ed4fYROLFGvz+PX6E20SryOt1vrmoRyC7Z5FVmgMVOQQ1AaBNAHi3+IPtKx41YdXdbqHJxuI5jE= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=ALICE_cf_sect571r1:ALICE_cf_sect571r1_PUB +- +-PrivateKey=BOB_cf_sect571r1 +------BEGIN PRIVATE KEY----- +-MGYCAQAwEAYHKoZIzj0CAQYFK4EEACcETzBNAgEBBEgAzcRvASPpWi0ybpOGlj0Lozz01C2a5oDA +-G5alib1EmZKcpVULxJXn75FQlTKpkUEuWUgA4yk5X5DTiScUuh4LDhaF3AFhsEY= +------END PRIVATE KEY----- +- +-PublicKey=BOB_cf_sect571r1_PUB +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH3dnL22NajtqDWTX6qD14w1BOlpHFBUPTr24VySlh +-kiiBlOF95u7hFr/hSb7gm/3f+IVKyE18Sh2kR4KaxWcPWKY5xKTiqiICT7hCistuzNRt8gR+kNOT +-c1rETMV6ZruZinwzEWWWjwJf6612oy2HG3CX3B8Rm+a3sS0q6IzowEwqmDv6v9bMTFk8bsCv0Fk= +------END PUBLIC KEY----- +- +-PrivPubKeyPair=BOB_cf_sect571r1:BOB_cf_sect571r1_PUB +- +-# ECDH Alice with Bob peer +-Derive=ALICE_cf_sect571r1 +-PeerKey=BOB_cf_sect571r1_PUB +-SharedSecret=0031f9879fa75b8c67ba81ee861be634e2b53aa79f834e9a8ca4df7f4461bcb02f083d9fa5b4767f881a710caa6524b58eb626623ba394961d46535204c26d165089e7d4f7be1827 +- +-# ECDH Bob with Alice peer +-Derive=BOB_cf_sect571r1 +-PeerKey=ALICE_cf_sect571r1_PUB +-SharedSecret=0031f9879fa75b8c67ba81ee861be634e2b53aa79f834e9a8ca4df7f4461bcb02f083d9fa5b4767f881a710caa6524b58eb626623ba394961d46535204c26d165089e7d4f7be1827 +- +-# ECC CDH Alice with Bob peer +-Derive=ALICE_cf_sect571r1 +-PeerKey=BOB_cf_sect571r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=012e8c2c1554988fe20c5ae7d11cdcfe15c7c6e8d2b6f46a43a45d724bfc7b415ea7594d5c16f770a95d6e65bbcb1f34619db95e89f4fecbcb0bc6a3f92d52df6a49b0e7773e0ac0 +- +-# ECC CDH Bob with Alice peer +-Derive=BOB_cf_sect571r1 +-PeerKey=ALICE_cf_sect571r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=012e8c2c1554988fe20c5ae7d11cdcfe15c7c6e8d2b6f46a43a45d724bfc7b415ea7594d5c16f770a95d6e65bbcb1f34619db95e89f4fecbcb0bc6a3f92d52df6a49b0e7773e0ac0 +- +-PublicKey=MALICE_cf_sect571r1_PUB +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHMtVWZAwgtd1zmgWN/9WC +-aNQcWRNUKesEHXqhJVkC5jYsSACodKsLYFNrWEYM0gwG8DQONZSn93G+38EM45tkaZsIRDt2HEM= +------END PUBLIC KEY----- +- +-# ECC CDH Bob with Malice peer +-Derive=BOB_cf_sect571r1 +-PeerKey=MALICE_cf_sect571r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +- +-# ECC CDH Alice with Malice peer +-Derive=ALICE_cf_sect571r1 +-PeerKey=MALICE_cf_sect571r1_PUB +-Ctrl=ecdh_cofactor_mode:1 +-Result=DERIVE_ERROR +-Reason=point at infinity +diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp.t.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp.t +diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_brainpool.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_brainpool.txt +diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdh.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdh.txt +--- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdh.txt.ec-curves 2021-05-17 10:07:21.926937636 +0200 ++++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdh.txt 2021-05-17 10:24:29.899518477 +0200 +@@ -18,427 +18,6 @@ + + Title = ECDH tests (with random keys) + +-# TEST CURVE secp112r1 +- +-PrivateKey=ALICE_secp112r1 +------BEGIN PRIVATE KEY----- +-ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAYENzA1AgEBBA6sqKp39AWLClus2ha5rqEg +-Ax4ABJ4NTgOR1xQAr3M6eM46WqXW2zA6FnsUMKFFwcw= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_secp112r1_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEng1OA5HXFACvczp4zjpapdbbMDoWexQw +-oUXBzA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_secp112r1:ALICE_secp112r1_PUB +- +- +-PrivateKey=BOB_secp112r1 +------BEGIN PRIVATE KEY----- +-ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAYENzA1AgEBBA5pIbX+hEq49mFPjUl4/6Eg +-Ax4ABBsPNZHm1pcdw104ibwIycCe+r5voeRfQUZRZ3c= +------END PRIVATE KEY----- +- +-PublicKey=BOB_secp112r1_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEGw81kebWlx3DXTiJvAjJwJ76vm+h5F9B +-RlFndw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_secp112r1:BOB_secp112r1_PUB +- +- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_secp112r1 +-PeerKey=BOB_secp112r1_PUB +-SharedSecret=a6cefb5aa7a352afe818749eb401 +- +-# ECDH Bob with Alice peer +-Availablein = default +-Derive=BOB_secp112r1 +-PeerKey=ALICE_secp112r1_PUB +-SharedSecret=a6cefb5aa7a352afe818749eb401 +- +-# TEST CURVE secp112r2 +- +-PrivateKey=ALICE_secp112r2 +------BEGIN PRIVATE KEY----- +-ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAcENzA1AgEBBA4gzzblKfE6ZwoUW0FQmaEg +-Ax4ABJJ4L7Vo50NZ5VGZ4nNkxFNcjJQwDIQb1/9IkLE= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_secp112r2_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEkngvtWjnQ1nlUZnic2TEU1yMlDAMhBvX +-/0iQsQ== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_secp112r2:ALICE_secp112r2_PUB +- +- +-PrivateKey=BOB_secp112r2 +------BEGIN PRIVATE KEY----- +-ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAcENzA1AgEBBA4D9oGGj+O8vjZz3OZNaqEg +-Ax4ABNZOv5gUzvVbgAHpTgu3hUhTQtB8LamTEIfaRWE= +------END PRIVATE KEY----- +- +-PublicKey=BOB_secp112r2_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAE1k6/mBTO9VuAAelOC7eFSFNC0HwtqZMQ +-h9pFYQ== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_secp112r2:BOB_secp112r2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_secp112r2 +-PeerKey=BOB_secp112r2_PUB +-SharedSecret=6bed2c55e233e9214d5898c4c12a +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_secp112r2 +-PeerKey=ALICE_secp112r2_PUB +-SharedSecret=6bed2c55e233e9214d5898c4c12a +- +-# TEST CURVE secp128r1 +- +-PrivateKey=ALICE_secp128r1 +------BEGIN PRIVATE KEY----- +-MFQCAQAwEAYHKoZIzj0CAQYFK4EEABwEPTA7AgEBBBCP1c+lxfRT+MZWZ8uGCYYl +-oSQDIgAEH2n0icp87inv7kUYrEFjpZuHJ4DqArhHS+Zfp2XXO1A= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_secp128r1_PUB +------BEGIN PUBLIC KEY----- +-MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAEH2n0icp87inv7kUYrEFjpZuHJ4DqArhH +-S+Zfp2XXO1A= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_secp128r1:ALICE_secp128r1_PUB +- +- +-PrivateKey=BOB_secp128r1 +------BEGIN PRIVATE KEY----- +-MFQCAQAwEAYHKoZIzj0CAQYFK4EEABwEPTA7AgEBBBCGbEd3Hhwr76XbQekhIrDT +-oSQDIgAENKjS0HNx/gEKYQNNab9v8zlW/D4zSjv3Ny3Ep0GVYms= +------END PRIVATE KEY----- +- +-PublicKey=BOB_secp128r1_PUB +------BEGIN PUBLIC KEY----- +-MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAENKjS0HNx/gEKYQNNab9v8zlW/D4zSjv3 +-Ny3Ep0GVYms= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_secp128r1:BOB_secp128r1_PUB +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_secp128r1 +-PeerKey=BOB_secp128r1_PUB +-SharedSecret=91ded46ac404afdbd708fdcc1cac6842 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_secp128r1 +-PeerKey=ALICE_secp128r1_PUB +-SharedSecret=91ded46ac404afdbd708fdcc1cac6842 +- +-# TEST CURVE secp128r2 +- +-PrivateKey=ALICE_secp128r2 +------BEGIN PRIVATE KEY----- +-MFQCAQAwEAYHKoZIzj0CAQYFK4EEAB0EPTA7AgEBBBAgRKSjPsZ76LDGIA2it5SC +-oSQDIgAEBVdjcUpR+b6LRPm6R8fAD/6kBxV0Kl3939Wn0+nUpf8= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_secp128r2_PUB +------BEGIN PUBLIC KEY----- +-MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEBVdjcUpR+b6LRPm6R8fAD/6kBxV0Kl39 +-39Wn0+nUpf8= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_secp128r2:ALICE_secp128r2_PUB +- +- +-PrivateKey=BOB_secp128r2 +------BEGIN PRIVATE KEY----- +-MFQCAQAwEAYHKoZIzj0CAQYFK4EEAB0EPTA7AgEBBBACp00jw5D7obvDmJp7wDuA +-oSQDIgAEBO3BbVrc5SvhvN+fmWShu2tWIFQap5ys5RHMCLLl098= +------END PRIVATE KEY----- +- +-PublicKey=BOB_secp128r2_PUB +------BEGIN PUBLIC KEY----- +-MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEBO3BbVrc5SvhvN+fmWShu2tWIFQap5ys +-5RHMCLLl098= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_secp128r2:BOB_secp128r2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_secp128r2 +-PeerKey=BOB_secp128r2_PUB +-SharedSecret=dc32faa978008a694672076b756a1e4b +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_secp128r2 +-PeerKey=ALICE_secp128r2_PUB +-SharedSecret=dc32faa978008a694672076b756a1e4b +- +-# TEST CURVE secp160k1 +- +-PrivateKey=ALICE_secp160k1 +------BEGIN PRIVATE KEY----- +-MGECAQAwEAYHKoZIzj0CAQYFK4EEAAkESjBIAgEBBBUAudN3YOXN0uu0CL2TGZdP +-YeNU/72hLAMqAAR3Du0dK28tSyWxYSz/Es2Wqr4C+bNfJ1uiK4J3BFS5Udc48nsx +-xfjj +------END PRIVATE KEY----- +- +-PublicKey=ALICE_secp160k1_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAEdw7tHStvLUslsWEs/xLNlqq+AvmzXydb +-oiuCdwRUuVHXOPJ7McX44w== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_secp160k1:ALICE_secp160k1_PUB +- +- +-PrivateKey=BOB_secp160k1 +------BEGIN PRIVATE KEY----- +-MGECAQAwEAYHKoZIzj0CAQYFK4EEAAkESjBIAgEBBBUA5fNiCFVGPM1aHuwXUvuh +-xoY2yU+hLAMqAAQHlM6otmapt0/0sc+5bcPoYT6cfyARv4VUOOo6I2eBGXLIm812 +-1ric +------END PRIVATE KEY----- +- +-PublicKey=BOB_secp160k1_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAEB5TOqLZmqbdP9LHPuW3D6GE+nH8gEb+F +-VDjqOiNngRlyyJvNdta4nA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_secp160k1:BOB_secp160k1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_secp160k1 +-PeerKey=BOB_secp160k1_PUB +-SharedSecret=5457d367346cc3e82031784f95ebcd856de0c735 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_secp160k1 +-PeerKey=ALICE_secp160k1_PUB +-SharedSecret=5457d367346cc3e82031784f95ebcd856de0c735 +- +-# TEST CURVE secp160r1 +- +-PrivateKey=ALICE_secp160r1 +------BEGIN PRIVATE KEY----- +-MGECAQAwEAYHKoZIzj0CAQYFK4EEAAgESjBIAgEBBBUA0KDtaiFUWd8NG0lO9TLu +-zjLWXJehLAMqAASHQN1DGBXtdyF3+BjfIfbWg403dUqXbIXzZoctDyOPTQaGVblm +-SwXC +------END PRIVATE KEY----- +- +-PublicKey=ALICE_secp160r1_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEh0DdQxgV7Xchd/gY3yH21oONN3VKl2yF +-82aHLQ8jj00GhlW5ZksFwg== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_secp160r1:ALICE_secp160r1_PUB +- +- +-PrivateKey=BOB_secp160r1 +------BEGIN PRIVATE KEY----- +-MGECAQAwEAYHKoZIzj0CAQYFK4EEAAgESjBIAgEBBBUAsBIwvx6ZABinhsi+bGai +-CvetiuWhLAMqAAQJ2+RhpGedkUYXUiPZ/plHXFBy6R3XzMUGIKiXFGSBpwF8hGRN +-qUDy +------END PRIVATE KEY----- +- +-PublicKey=BOB_secp160r1_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAECdvkYaRnnZFGF1Ij2f6ZR1xQcukd18zF +-BiColxRkgacBfIRkTalA8g== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_secp160r1:BOB_secp160r1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_secp160r1 +-PeerKey=BOB_secp160r1_PUB +-SharedSecret=87856536b6a295ea94d3e483d69c6212d5c7afcf +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_secp160r1 +-PeerKey=ALICE_secp160r1_PUB +-SharedSecret=87856536b6a295ea94d3e483d69c6212d5c7afcf +- +-# TEST CURVE secp160r2 +- +-PrivateKey=ALICE_secp160r2 +------BEGIN PRIVATE KEY----- +-MGECAQAwEAYHKoZIzj0CAQYFK4EEAB4ESjBIAgEBBBUAhmLOAJGNuSoZUCN4f0On +-LZ6rRSShLAMqAAQPSNvhJQohMEfijXq+Jlq7a9lzosQfPvuIyOg6shyzUVS43R+7 +-Lgr5 +------END PRIVATE KEY----- +- +-PublicKey=ALICE_secp160r2_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAED0jb4SUKITBH4o16viZau2vZc6LEHz77 +-iMjoOrIcs1FUuN0fuy4K+Q== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_secp160r2:ALICE_secp160r2_PUB +- +- +-PrivateKey=BOB_secp160r2 +------BEGIN PRIVATE KEY----- +-MGECAQAwEAYHKoZIzj0CAQYFK4EEAB4ESjBIAgEBBBUA10mjzR2Dy0CLmm/MTAHT +-b5CBenOhLAMqAARqzYAcSijzAo2vzmMuK8ta8sl/bguuCpRwFD93ACP64TzgI3re +-FhsX +------END PRIVATE KEY----- +- +-PublicKey=BOB_secp160r2_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAEas2AHEoo8wKNr85jLivLWvLJf24LrgqU +-cBQ/dwAj+uE84CN63hYbFw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_secp160r2:BOB_secp160r2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_secp160r2 +-PeerKey=BOB_secp160r2_PUB +-SharedSecret=5481e282c47cbd37c84873847c4fc2f31fc15a1a +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_secp160r2 +-PeerKey=ALICE_secp160r2_PUB +-SharedSecret=5481e282c47cbd37c84873847c4fc2f31fc15a1a +- +-# TEST CURVE secp192k1 +- +-PrivateKey=ALICE_secp192k1 +------BEGIN PRIVATE KEY----- +-MGwCAQAwEAYHKoZIzj0CAQYFK4EEAB8EVTBTAgEBBBizF3KeHMsaV/KOR/otCmdL +-QT2qGNq3HhWhNAMyAATP+L9SGl3K6wmevkLwJnkMNHp0I5RfXulSfHuHZPp4CGrh +-i6eKNQLkpZ2OQaPIExA= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_secp192k1_PUB +------BEGIN PUBLIC KEY----- +-MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAEz/i/UhpdyusJnr5C8CZ5DDR6dCOUX17p +-Unx7h2T6eAhq4YunijUC5KWdjkGjyBMQ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_secp192k1:ALICE_secp192k1_PUB +- +- +-PrivateKey=BOB_secp192k1 +------BEGIN PRIVATE KEY----- +-MGwCAQAwEAYHKoZIzj0CAQYFK4EEAB8EVTBTAgEBBBh8BXPVGQKYCw0v7DY3wZVa +-cyhyUjIbUymhNAMyAATgI7hw2LSj6uN3yL5nvHOOkMiPtalKr+BGsFac39RYmp64 +-mr+w66bDIWN3VllO6LY= +------END PRIVATE KEY----- +- +-PublicKey=BOB_secp192k1_PUB +------BEGIN PUBLIC KEY----- +-MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAE4CO4cNi0o+rjd8i+Z7xzjpDIj7WpSq/g +-RrBWnN/UWJqeuJq/sOumwyFjd1ZZTui2 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_secp192k1:BOB_secp192k1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_secp192k1 +-PeerKey=BOB_secp192k1_PUB +-SharedSecret=6a4daca0412284172e8fcaafa0d9df76257d899752bf0f23 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_secp192k1 +-PeerKey=ALICE_secp192k1_PUB +-SharedSecret=6a4daca0412284172e8fcaafa0d9df76257d899752bf0f23 +- +-# TEST CURVE secp224k1 +- +-PrivateKey=ALICE_secp224k1 +------BEGIN PRIVATE KEY----- +-MHkCAQAwEAYHKoZIzj0CAQYFK4EEACAEYjBgAgEBBB0AhXKGJFqOI4P1PLFR3M6M +-kepT/2Dtd27I1Awzx6E8AzoABPVN/1b6VHbq7U6pWaOrUeqJ5vSgWL49u/uuD48D +-4FRf7oFdixN9VWIrxr0PRByeEYmlHw4MOEQK +------END PRIVATE KEY----- +- +-PublicKey=ALICE_secp224k1_PUB +------BEGIN PUBLIC KEY----- +-ME4wEAYHKoZIzj0CAQYFK4EEACADOgAE9U3/VvpUdurtTqlZo6tR6onm9KBYvj27 +-+64PjwPgVF/ugV2LE31VYivGvQ9EHJ4RiaUfDgw4RAo= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_secp224k1:ALICE_secp224k1_PUB +- +- +-PrivateKey=BOB_secp224k1 +------BEGIN PRIVATE KEY----- +-MHkCAQAwEAYHKoZIzj0CAQYFK4EEACAEYjBgAgEBBB0AOjEXYoz8YcWokSf4U5gX +-HbjDfILPdPejlE0T/KE8AzoABGXAQ+AntX7On4cKwP+f4KzZGaJZwjBq3jCjymsr +-9A3c8VCoRXXBg+VPoKg7fDkMIgI8qPmrC95Q +------END PRIVATE KEY----- +- +-PublicKey=BOB_secp224k1_PUB +------BEGIN PUBLIC KEY----- +-ME4wEAYHKoZIzj0CAQYFK4EEACADOgAEZcBD4Ce1fs6fhwrA/5/grNkZolnCMGre +-MKPKayv0DdzxUKhFdcGD5U+gqDt8OQwiAjyo+asL3lA= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_secp224k1:BOB_secp224k1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_secp224k1 +-PeerKey=BOB_secp224k1_PUB +-SharedSecret=80b65e65fe29c779213dd31189d371ff57b0b2bf08c6458ed142399a +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_secp224k1 +-PeerKey=ALICE_secp224k1_PUB +-SharedSecret=80b65e65fe29c779213dd31189d371ff57b0b2bf08c6458ed142399a +- + # TEST CURVE secp256k1 + + PrivateKey=ALICE_secp256k1 +@@ -487,1984 +66,6 @@ Derive=BOB_secp256k1 + PeerKey=ALICE_secp256k1_PUB + SharedSecret=af43b52790082fd87afb1d14b883c12d12bb9e554080d1f8e527920676e31f3e + +-# TEST CURVE prime192v2 +- +-PrivateKey=ALICE_prime192v2 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEVTBTAgEBBBgtIuKqpRc7rEYuGx1a +-dDxcvso0NAZw+fWhNAMyAATMSHwJPq761VawpRbKLB3uuDSng4WeFPjhvubL6g8V +-8UqFaKRED5PUIQ0lYStVCao= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_prime192v2_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEzEh8CT6u+tVWsKUWyiwd7rg0p4OF +-nhT44b7my+oPFfFKhWikRA+T1CENJWErVQmq +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_prime192v2:ALICE_prime192v2_PUB +- +- +-PrivateKey=BOB_prime192v2 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEVTBTAgEBBBggTjqWC1/iHrvKR9/u +-1gxpL2tWJkkAMYuhNAMyAASa4nG+wLPTHxfkqiTII5PBLAKXmXUf5dMtpmApcjrj +-XjnwJIJEQr80MK9+g1raqN8= +------END PRIVATE KEY----- +- +-PublicKey=BOB_prime192v2_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEmuJxvsCz0x8X5KokyCOTwSwCl5l1 +-H+XTLaZgKXI641458CSCREK/NDCvfoNa2qjf +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_prime192v2:BOB_prime192v2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_prime192v2 +-PeerKey=BOB_prime192v2_PUB +-SharedSecret=9b37033a48af7fe1825c062625f8b57d4b3ac48c12bec69c +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_prime192v2 +-PeerKey=ALICE_prime192v2_PUB +-SharedSecret=9b37033a48af7fe1825c062625f8b57d4b3ac48c12bec69c +- +-# TEST CURVE prime192v3 +- +-PrivateKey=ALICE_prime192v3 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEVTBTAgEBBBg0iDdcgise1/v2k6js +-UkgKwXPqx/uJJTehNAMyAAQ6/i0pSNHk824XO6Mv0irQfSv2yzGQy+DwWo/klZco +-kPDcXKEdU8ZmnAABH7j6UV8= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_prime192v3_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEOv4tKUjR5PNuFzujL9Iq0H0r9ssx +-kMvg8FqP5JWXKJDw3FyhHVPGZpwAAR+4+lFf +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_prime192v3:ALICE_prime192v3_PUB +- +- +-PrivateKey=BOB_prime192v3 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEVTBTAgEBBBieW1huqwVU3ev7qgpT +-LFjYEMRPONOAcaKhNAMyAASXaTjBIQX686BZJAidX+hFuvDyxbN1vBQvp40OVl0L +-CG4hoZ+5McLtPATL+osKvX8= +------END PRIVATE KEY----- +- +-PublicKey=BOB_prime192v3_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEl2k4wSEF+vOgWSQInV/oRbrw8sWz +-dbwUL6eNDlZdCwhuIaGfuTHC7TwEy/qLCr1/ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_prime192v3:BOB_prime192v3_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_prime192v3 +-PeerKey=BOB_prime192v3_PUB +-SharedSecret=7133f1d99b0e03ed9c4d78d3be40598cf419cd588283ac29 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_prime192v3 +-PeerKey=ALICE_prime192v3_PUB +-SharedSecret=7133f1d99b0e03ed9c4d78d3be40598cf419cd588283ac29 +- +-# TEST CURVE prime239v1 +- +-PrivateKey=ALICE_prime239v1 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEEBGcwZQIBAQQeRmiZXaqr3u11hiGK +-1cH75U/rKc1+8YMqxcXhACRkoUADPgAEfIJpVggCXUROHgX4h5h66/0Pgr/aMtMq +-ExHQP7zxWYzf3cYAP4V/t9OCT582WjMLnCmdlFnYUPD50dyU +------END PRIVATE KEY----- +- +-PublicKey=ALICE_prime239v1_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEfIJpVggCXUROHgX4h5h66/0Pgr/a +-MtMqExHQP7zxWYzf3cYAP4V/t9OCT582WjMLnCmdlFnYUPD50dyU +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_prime239v1:ALICE_prime239v1_PUB +- +- +-PrivateKey=BOB_prime239v1 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEEBGcwZQIBAQQeAbGRRoBgqHVUBFot +-5m9Ytm8RU+ISkA33VgQrHGM/oUADPgAEdRgPsL/Mi3ucJcYibvFJQxDDyLqgUH3i +-Mk266RAHFqoioiGT72TOidBhi+VrUn6NOIyna8foww2M45vR +------END PRIVATE KEY----- +- +-PublicKey=BOB_prime239v1_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEdRgPsL/Mi3ucJcYibvFJQxDDyLqg +-UH3iMk266RAHFqoioiGT72TOidBhi+VrUn6NOIyna8foww2M45vR +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_prime239v1:BOB_prime239v1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_prime239v1 +-PeerKey=BOB_prime239v1_PUB +-SharedSecret=2ef92070f7a5fa14c8a67a8aa3080b4c4a597eafaa81d3f698599ac0be1e +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_prime239v1 +-PeerKey=ALICE_prime239v1_PUB +-SharedSecret=2ef92070f7a5fa14c8a67a8aa3080b4c4a597eafaa81d3f698599ac0be1e +- +-# TEST CURVE prime239v2 +- +-PrivateKey=ALICE_prime239v2 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEFBGcwZQIBAQQeemq6S5puHF94ZW/W +-6BMRim+HFFM0zxVZQpWG+bf2oUADPgAELukUodCQsmwzGVR3lLEGKQ6quGd6kDXN +-DjjcMrDabBtWKDuuUrgjBGsI7NRbCQ0a5NWTo+EnWe0LXbYN +------END PRIVATE KEY----- +- +-PublicKey=ALICE_prime239v2_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAELukUodCQsmwzGVR3lLEGKQ6quGd6 +-kDXNDjjcMrDabBtWKDuuUrgjBGsI7NRbCQ0a5NWTo+EnWe0LXbYN +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_prime239v2:ALICE_prime239v2_PUB +- +- +-PrivateKey=BOB_prime239v2 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEFBGcwZQIBAQQeAEaCw7ulF8GZcmbj +-aDmcrw8Gex+hX0rNvwzoC7+6oUADPgAEKh0EmYUpj6XbuEGxMBaPmECT8L++ihUW +-ms4xau0RUYij4HgS1gjSMDfyvvCBUy10RIkw+goxVdUhfW2u +------END PRIVATE KEY----- +- +-PublicKey=BOB_prime239v2_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEKh0EmYUpj6XbuEGxMBaPmECT8L++ +-ihUWms4xau0RUYij4HgS1gjSMDfyvvCBUy10RIkw+goxVdUhfW2u +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_prime239v2:BOB_prime239v2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_prime239v2 +-PeerKey=BOB_prime239v2_PUB +-SharedSecret=5bdab282dc371ee88ade318a6aad2b329ec3ea957e0df18b7a691c1bf703 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_prime239v2 +-PeerKey=ALICE_prime239v2_PUB +-SharedSecret=5bdab282dc371ee88ade318a6aad2b329ec3ea957e0df18b7a691c1bf703 +- +-# TEST CURVE prime239v3 +- +-PrivateKey=ALICE_prime239v3 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEGBGcwZQIBAQQeGlwSPAYfmiP9r2nA +-SD52VqKyZpEnU+Jmynlf2DI7oUADPgAEFlIB4Yl+5J2u4JLYv8z+itwf+XnOL/BD +-qNK3uRoYPKHYdYWJkgXxkQ1QDZwNppAQRcxSgTKnJ6V8crbp +------END PRIVATE KEY----- +- +-PublicKey=ALICE_prime239v3_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEFlIB4Yl+5J2u4JLYv8z+itwf+XnO +-L/BDqNK3uRoYPKHYdYWJkgXxkQ1QDZwNppAQRcxSgTKnJ6V8crbp +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_prime239v3:ALICE_prime239v3_PUB +- +- +-PrivateKey=BOB_prime239v3 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEGBGcwZQIBAQQeU1KIfJBGvItr8//g +-kW1zoPkveo9lvXBlnUV5/5rDoUADPgAEepc03AEEgOnI+ivpjGV4ypvn8sRQaVAb +-3QAeIEYDQLUBFOdb3kF2MvlnLKV3OCdB3GQgNfZtEHbdn0bq +------END PRIVATE KEY----- +- +-PublicKey=BOB_prime239v3_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEepc03AEEgOnI+ivpjGV4ypvn8sRQ +-aVAb3QAeIEYDQLUBFOdb3kF2MvlnLKV3OCdB3GQgNfZtEHbdn0bq +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_prime239v3:BOB_prime239v3_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_prime239v3 +-PeerKey=BOB_prime239v3_PUB +-SharedSecret=78e80ae760061178bd005e9e3634333971468bc6d3f82baee238c5ed32f9 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_prime239v3 +-PeerKey=ALICE_prime239v3_PUB +-SharedSecret=78e80ae760061178bd005e9e3634333971468bc6d3f82baee238c5ed32f9 +- +-# TEST CURVE sect113r1 +- +-PrivateKey=ALICE_sect113r1 +------BEGIN PRIVATE KEY----- +-MFECAQAwEAYHKoZIzj0CAQYFK4EEAAQEOjA4AgEBBA8AcrP9u8BlWb4knkGVZmSh +-IgMgAAQBviTf62+1V4etJb2D9LkBadAFmdmRS+rVI3spTYs= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect113r1_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEAb4k3+tvtVeHrSW9g/S5AWnQBZnZkUvq +-1SN7KU2L +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect113r1:ALICE_sect113r1_PUB +- +- +-PrivateKey=BOB_sect113r1 +------BEGIN PRIVATE KEY----- +-MFECAQAwEAYHKoZIzj0CAQYFK4EEAAQEOjA4AgEBBA8AmhEq3A9KdbKQUz1F/Myh +-IgMgAAQAuSRBNxXjIjezwrGF8VkBxWR69g0UJaBIIArpdNo= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect113r1_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEALkkQTcV4yI3s8KxhfFZAcVkevYNFCWg +-SCAK6XTa +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect113r1:BOB_sect113r1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_sect113r1 +-PeerKey=BOB_sect113r1_PUB +-SharedSecret=015405437add26b8841c62a9016c85 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_sect113r1 +-PeerKey=ALICE_sect113r1_PUB +-SharedSecret=015405437add26b8841c62a9016c85 +- +-# TEST CURVE sect113r2 +- +-PrivateKey=ALICE_sect113r2 +------BEGIN PRIVATE KEY----- +-MFECAQAwEAYHKoZIzj0CAQYFK4EEAAUEOjA4AgEBBA8ABqFZ6Z7BKKjvrzXh99Wh +-IgMgAAQBTQTHA9uSxcZ8kvsSVUUBcLQ4m45U10VwVCQ+oGQ= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect113r2_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAU0ExwPbksXGfJL7ElVFAXC0OJuOVNdF +-cFQkPqBk +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect113r2:ALICE_sect113r2_PUB +- +- +-PrivateKey=BOB_sect113r2 +------BEGIN PRIVATE KEY----- +-MFECAQAwEAYHKoZIzj0CAQYFK4EEAAUEOjA4AgEBBA8ABPHhZ0kCp0TocQJIuiuh +-IgMgAAQBSi7u+Ur776iGyg0Ij6UAN70IzPVZxGK5zPxp6wo= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect113r2_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAUou7vlK+++ohsoNCI+lADe9CMz1WcRi +-ucz8aesK +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect113r2:BOB_sect113r2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_sect113r2 +-PeerKey=BOB_sect113r2_PUB +-SharedSecret=014231c5e9e28d451aa44a755407e1 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_sect113r2 +-PeerKey=ALICE_sect113r2_PUB +-SharedSecret=014231c5e9e28d451aa44a755407e1 +- +-# TEST CURVE sect131r1 +- +-PrivateKey=ALICE_sect131r1 +------BEGIN PRIVATE KEY----- +-MFcCAQAwEAYHKoZIzj0CAQYFK4EEABYEQDA+AgEBBBEAUCFDwJLLThLHiDlw/Qcn +-8aEmAyQABAAU+ywF9iPv6LDldKOLhLgXBRI7EpZnbXPXhUmkQWPhHAQ= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect131r1_PUB +------BEGIN PUBLIC KEY----- +-MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEABT7LAX2I+/osOV0o4uEuBcFEjsSlmdt +-c9eFSaRBY+EcBA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect131r1:ALICE_sect131r1_PUB +- +- +-PrivateKey=BOB_sect131r1 +------BEGIN PRIVATE KEY----- +-MFcCAQAwEAYHKoZIzj0CAQYFK4EEABYEQDA+AgEBBBEDxxMzxjxJmYfSZvWJKq+V +-vKEmAyQABAFHQ2a+h+Yn5N4Lt0IoJcVVBrf9xkZNS0xxblh+0wndq9s= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect131r1_PUB +------BEGIN PUBLIC KEY----- +-MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEAUdDZr6H5ifk3gu3QiglxVUGt/3GRk1L +-THFuWH7TCd2r2w== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect131r1:BOB_sect131r1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_sect131r1 +-PeerKey=BOB_sect131r1_PUB +-SharedSecret=009e4acc8c1ba3a129a9ad83a733d7d702 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_sect131r1 +-PeerKey=ALICE_sect131r1_PUB +-SharedSecret=009e4acc8c1ba3a129a9ad83a733d7d702 +- +-# TEST CURVE sect131r2 +- +-PrivateKey=ALICE_sect131r2 +------BEGIN PRIVATE KEY----- +-MFcCAQAwEAYHKoZIzj0CAQYFK4EEABcEQDA+AgEBBBEDHPPtQCKJB8g01rMkT8Sk +-9aEmAyQABAcWl2Z/1kIc4mWCbRH4+c/2B47RC31JyifKvkxkHt05x3g= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect131r2_PUB +------BEGIN PUBLIC KEY----- +-MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEBxaXZn/WQhziZYJtEfj5z/YHjtELfUnK +-J8q+TGQe3TnHeA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect131r2:ALICE_sect131r2_PUB +- +- +-PrivateKey=BOB_sect131r2 +------BEGIN PRIVATE KEY----- +-MFcCAQAwEAYHKoZIzj0CAQYFK4EEABcEQDA+AgEBBBEDR9ez/YtS29S7/R5+rUiX +-VKEmAyQABALZHNBITDoigpOwTzczlaN9AsRk5JzMUJXYkvBEqj+YILQ= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect131r2_PUB +------BEGIN PUBLIC KEY----- +-MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEAtkc0EhMOiKCk7BPNzOVo30CxGTknMxQ +-ldiS8ESqP5ggtA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect131r2:BOB_sect131r2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_sect131r2 +-PeerKey=BOB_sect131r2_PUB +-SharedSecret=03cbec3a3050c7f13d4801ad692d61c417 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_sect131r2 +-PeerKey=ALICE_sect131r2_PUB +-SharedSecret=03cbec3a3050c7f13d4801ad692d61c417 +- +-# TEST CURVE sect163r1 +- +-PrivateKey=ALICE_sect163r1 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUBl9zmlPmFF5v9h1IIENAx +-1b8tj0+hLgMsAAQE3j8Jn58CCtEDwvOZ5DwgYGBYvIECz1zN8UwPfTFSdXjTWQcr +-9gWxNMA= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect163r1_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEBN4/CZ+fAgrRA8LzmeQ8IGBgWLyBAs9c +-zfFMD30xUnV401kHK/YFsTTA +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect163r1:ALICE_sect163r1_PUB +- +- +-PrivateKey=BOB_sect163r1 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUA/nzN5yCavvZlXyDGEihW +-rwG360+hLgMsAAQDt6XZHfzXABSTnGhzfoPtfdLZgaoGhBdeWz+318vNmC6AMJP+ +-PntHzsA= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect163r1_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEA7el2R381wAUk5xoc36D7X3S2YGqBoQX +-Xls/t9fLzZgugDCT/j57R87A +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect163r1:BOB_sect163r1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein=default +-Derive=ALICE_sect163r1 +-PeerKey=BOB_sect163r1_PUB +-SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 +- +-# ECDH Bob with Alice peer +- +-Availablein=default +-Derive=BOB_sect163r1 +-PeerKey=ALICE_sect163r1_PUB +-SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 +- +-# TEST CURVE sect193r1 +- +-PrivateKey=ALICE_sect193r1 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAEQlofBlvj8zDK5o4CCfA +-aOQOmlAyTimBoTYDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUnNwBn5T26m15R +-M4MLnYGdklcAM8oMOML999w= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect193r1_PUB +------BEGIN PUBLIC KEY----- +-MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUn +-NwBn5T26m15RM4MLnYGdklcAM8oMOML999w= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect193r1:ALICE_sect193r1_PUB +- +- +-PrivateKey=BOB_sect193r1 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAnxvYLKZaw4Rj24WTRBfg +-iar5vp3R3pCJoTYDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUpYQE/jBjzUHIC +-qMNZTHy9gT2R9yc0GBZ/Dic= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect193r1_PUB +------BEGIN PUBLIC KEY----- +-MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUp +-YQE/jBjzUHICqMNZTHy9gT2R9yc0GBZ/Dic= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect193r1:BOB_sect193r1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein=default +-Derive=ALICE_sect193r1 +-PeerKey=BOB_sect193r1_PUB +-SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 +- +-# ECDH Bob with Alice peer +- +-Availablein=default +-Derive=BOB_sect193r1 +-PeerKey=ALICE_sect193r1_PUB +-SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 +- +-# TEST CURVE sect193r2 +- +-PrivateKey=ALICE_sect193r2 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAj54XQW+b3bnX9duvqaa+ +-lPTNcvOlxRAvoTYDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWkwQFc4m1ISx4o +-mtNyCVI7FXV5zNnaGWVACT4= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect193r2_PUB +------BEGIN PUBLIC KEY----- +-MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWk +-wQFc4m1ISx4omtNyCVI7FXV5zNnaGWVACT4= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect193r2:ALICE_sect193r2_PUB +- +- +-PrivateKey=BOB_sect193r2 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAvMiVR0abk6pHoeOIBESL +-fB9B4gsZJjLsoTYDNAAEADtKDcwL660+Mm11Vl254GI3TnD+fragdwF+wY5qlMu5 +-VtrUDMHuAP0q3eGQUsrzNo0= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect193r2_PUB +------BEGIN PUBLIC KEY----- +-MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEADtKDcwL660+Mm11Vl254GI3TnD+frag +-dwF+wY5qlMu5VtrUDMHuAP0q3eGQUsrzNo0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect193r2:BOB_sect193r2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein=default +-Derive=ALICE_sect193r2 +-PeerKey=BOB_sect193r2_PUB +-SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 +- +-# ECDH Bob with Alice peer +- +-Availablein=default +-Derive=BOB_sect193r2 +-PeerKey=ALICE_sect193r2_PUB +-SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 +- +-# TEST CURVE sect239k1 +- +-PrivateKey=ALICE_sect239k1 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4MhpuQTtDeLBboZgiW11d/ +-KBlgUL4YvTjZ8zg4HR2hQAM+AAQafRD6X3L/7c/FN69KuA04a4bhxHZezmz1G15m +-tltwl8zlWsR5+GNToxV0OBLbStAQbXxqBa2Gg83B0oc= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect239k1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEGn0Q+l9y/+3PxTevSrgNOGuG4cR2Xs5s +-9RteZrZbcJfM5VrEefhjU6MVdDgS20rQEG18agWthoPNwdKH +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect239k1:ALICE_sect239k1_PUB +- +- +-PrivateKey=BOB_sect239k1 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4FBG477KvylisppUFwbDl/ +-SRGnX5FFmfw/xWIiEMehQAM+AAQFii094UX6F5m8Dk0eI/DhF3+IDUu7h81hTdyZ +-xxET0IokxFkTUf/re9WPA7LxPOCuiIPZUNVCRxRWSuU= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect239k1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEBYotPeFF+heZvA5NHiPw4Rd/iA1Lu4fN +-YU3cmccRE9CKJMRZE1H/63vVjwOy8TzgroiD2VDVQkcUVkrl +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect239k1:BOB_sect239k1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein=default +-Derive=ALICE_sect239k1 +-PeerKey=BOB_sect239k1_PUB +-SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 +- +-# ECDH Bob with Alice peer +- +-Availablein=default +-Derive=BOB_sect239k1 +-PeerKey=ALICE_sect239k1_PUB +-SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_sect163r1 +-PeerKey=BOB_sect163r1_PUB +-SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_sect163r1 +-PeerKey=ALICE_sect163r1_PUB +-SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_sect193r1 +-PeerKey=BOB_sect193r1_PUB +-SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_sect193r1 +-PeerKey=ALICE_sect193r1_PUB +-SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_sect193r2 +-PeerKey=BOB_sect193r2_PUB +-SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_sect193r2 +-PeerKey=ALICE_sect193r2_PUB +-SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_sect239k1 +-PeerKey=BOB_sect239k1_PUB +-SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_sect239k1 +-PeerKey=ALICE_sect239k1_PUB +-SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 +- +-# TEST CURVE c2pnb163v1 +- +-PrivateKey=ALICE_c2pnb163v1 +------BEGIN PRIVATE KEY----- +-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEETDBKAgEBBBUDTVBXDIdMMg5JIb6y +-ZHLpkONauzuhLgMsAAQC/TaMi2YGY4SmYVCrIVVommDnOyMHJZ1VZ4+fT+hE/qRp +-WHMMW5gOZO4= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2pnb163v1_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEAv02jItmBmOEpmFQqyFVaJpg5zsj +-ByWdVWePn0/oRP6kaVhzDFuYDmTu +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2pnb163v1:ALICE_c2pnb163v1_PUB +- +- +-PrivateKey=BOB_c2pnb163v1 +------BEGIN PRIVATE KEY----- +-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEETDBKAgEBBBUC3uEAfGc3+a0FOrFh +-ftdUBtZ5BPOhLgMsAAQGojKkhnOduUQY6XT0GwQbDe1YM1wFkj3vZGkhO5OzsqG1 +-QqQLkFeMwKo= +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2pnb163v1_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEBqIypIZznblEGOl09BsEGw3tWDNc +-BZI972RpITuTs7KhtUKkC5BXjMCq +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2pnb163v1:BOB_c2pnb163v1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2pnb163v1 +-PeerKey=BOB_c2pnb163v1_PUB +-SharedSecret=05939a47cb503656e684f433001e45776c7620e13b +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2pnb163v1 +-PeerKey=ALICE_c2pnb163v1_PUB +-SharedSecret=05939a47cb503656e684f433001e45776c7620e13b +- +-# TEST CURVE c2pnb163v2 +- +-PrivateKey=ALICE_c2pnb163v2 +------BEGIN PRIVATE KEY----- +-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIETDBKAgEBBBUC3m3meJNbhDwwFH3C +-//L2EyOQNruhLgMsAAQBaATOiPV6c8icBYWczLXM6k+t8U4FIN57iiC8RsmIS3+V +-yM/rN3UBZaw= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2pnb163v2_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEAWgEzoj1enPInAWFnMy1zOpPrfFO +-BSDee4ogvEbJiEt/lcjP6zd1AWWs +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2pnb163v2:ALICE_c2pnb163v2_PUB +- +- +-PrivateKey=BOB_c2pnb163v2 +------BEGIN PRIVATE KEY----- +-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIETDBKAgEBBBUBvd/DvKharywckSaW +-aAniKByXBwihLgMsAAQH0+FWe4mb13QrEZCPwfIS+gChEXoGhyBVubt6+SSgS5nS +-eDGgjW/36Qw= +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2pnb163v2_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEB9PhVnuJm9d0KxGQj8HyEvoAoRF6 +-BocgVbm7evkkoEuZ0ngxoI1v9+kM +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2pnb163v2:BOB_c2pnb163v2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2pnb163v2 +-PeerKey=BOB_c2pnb163v2_PUB +-SharedSecret=0779fb5f6ac7892f2f342b785d71244e0b03ca562d +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2pnb163v2 +-PeerKey=ALICE_c2pnb163v2_PUB +-SharedSecret=0779fb5f6ac7892f2f342b785d71244e0b03ca562d +- +-# TEST CURVE c2pnb163v3 +- +-PrivateKey=ALICE_c2pnb163v3 +------BEGIN PRIVATE KEY----- +-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMETDBKAgEBBBUCtJ0ZQMD5T6Ym/jZx +-Fzb9tQkLOhuhLgMsAAQE26YD7hG+CY02+nBDFKIBnMvHWUQGfkiIfG9yxV+LptOM +-CdU4y9RhM+w= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2pnb163v3_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEBNumA+4RvgmNNvpwQxSiAZzLx1lE +-Bn5IiHxvcsVfi6bTjAnVOMvUYTPs +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2pnb163v3:ALICE_c2pnb163v3_PUB +- +- +-PrivateKey=BOB_c2pnb163v3 +------BEGIN PRIVATE KEY----- +-MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMETDBKAgEBBBUB9MnYR9NXM8OoCraO +-orQz1LXIZJChLgMsAAQH15R/xAGyrtmg+hrdAaGn9rVEfWQA7yUCn4vKR2eIy/qN +-YfbeHTIaTBY= +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2pnb163v3_PUB +------BEGIN PUBLIC KEY----- +-MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEB9eUf8QBsq7ZoPoa3QGhp/a1RH1k +-AO8lAp+LykdniMv6jWH23h0yGkwW +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2pnb163v3:BOB_c2pnb163v3_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2pnb163v3 +-PeerKey=BOB_c2pnb163v3_PUB +-SharedSecret=02bf68863a8798e72cdc9cd3b9ce731f12654bfa81 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2pnb163v3 +-PeerKey=ALICE_c2pnb163v3_PUB +-SharedSecret=02bf68863a8798e72cdc9cd3b9ce731f12654bfa81 +- +-# TEST CURVE c2pnb176v1 +- +-PrivateKey=ALICE_c2pnb176v1 +------BEGIN PRIVATE KEY----- +-MGgCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQETjBMAgEBBBUAxXEz1PjthqsI664l +-N5LRLN8C2uyhMAMuAARD1qVJHbL5A7BhEKeHSuDeT6XeZ3ODFn9ef67qdF+tS7p3 +-zgXGKt4pKMoYcg== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2pnb176v1_PUB +------BEGIN PUBLIC KEY----- +-MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAEQ9alSR2y+QOwYRCnh0rg3k+l3mdz +-gxZ/Xn+u6nRfrUu6d84FxireKSjKGHI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2pnb176v1:ALICE_c2pnb176v1_PUB +- +- +-PrivateKey=BOB_c2pnb176v1 +------BEGIN PRIVATE KEY----- +-MGgCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQETjBMAgEBBBUAJvHHFW0v+/cjaLd7 +-Xgt6FtSga5+hMAMuAASUs7rUAlv1qhppI82ikLvZ8Y0DApC356nhs7SyQYdLtHRM +-+qUHBB3IzrLKdQ== +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2pnb176v1_PUB +------BEGIN PUBLIC KEY----- +-MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAElLO61AJb9aoaaSPNopC72fGNAwKQ +-t+ep4bO0skGHS7R0TPqlBwQdyM6yynU= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2pnb176v1:BOB_c2pnb176v1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2pnb176v1 +-PeerKey=BOB_c2pnb176v1_PUB +-SharedSecret=b204734417542df762e09013d6ba958940837a2aa25a +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2pnb176v1 +-PeerKey=ALICE_c2pnb176v1_PUB +-SharedSecret=b204734417542df762e09013d6ba958940837a2aa25a +- +-# TEST CURVE c2tnb191v1 +- +-PrivateKey=ALICE_c2tnb191v1 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEVTBTAgEBBBgYgpO+wgirUtuqHF00 +-2o02Vc7xQjKgSzChNAMyAAQ2ae+5tDQ2CDaV5XPdC+RtLgcHS5lTOclTClr/WSpP +-TlMt2TGh/KRrD859oXg6KYY= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2tnb191v1_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAENmnvubQ0Ngg2leVz3QvkbS4HB0uZ +-UznJUwpa/1kqT05TLdkxofykaw/OfaF4OimG +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2tnb191v1:ALICE_c2tnb191v1_PUB +- +- +-PrivateKey=BOB_c2tnb191v1 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEVTBTAgEBBBguzm5uFNRy/lX3OKuJ +-j8i/vH/+viMd48yhNAMyAARka5rhdTmtbqQVRMWZQjUqsHUMX43siRt5f2WQSZfg +-+IQ2l/8veayyX9erUSt3gK4= +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2tnb191v1_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAEZGua4XU5rW6kFUTFmUI1KrB1DF+N +-7IkbeX9lkEmX4PiENpf/L3mssl/Xq1Erd4Cu +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2tnb191v1:BOB_c2tnb191v1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2tnb191v1 +-PeerKey=BOB_c2tnb191v1_PUB +-SharedSecret=7a30d30acd3b067f38bb3be9e8cdef739483df26455e36e1 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2tnb191v1 +-PeerKey=ALICE_c2tnb191v1_PUB +-SharedSecret=7a30d30acd3b067f38bb3be9e8cdef739483df26455e36e1 +- +-# TEST CURVE c2tnb191v2 +- +-PrivateKey=ALICE_c2tnb191v2 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEVTBTAgEBBBgOlslgJ0XSK3vKC5Ls +-QmYxZfr8OEKXRQ2hNAMyAAQAHivLhSwW2SJZtUPhuV1p9fQSfz7w9SJY8dJOpVf8 +-9DevPUlJMPcaSGyjX+3nJZc= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2tnb191v2_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEAB4ry4UsFtkiWbVD4bldafX0En8+ +-8PUiWPHSTqVX/PQ3rz1JSTD3Gkhso1/t5yWX +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2tnb191v2:ALICE_c2tnb191v2_PUB +- +- +-PrivateKey=BOB_c2tnb191v2 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEVTBTAgEBBBgK9QaS2SDU6yz7uXqO +-+/+C+baTTVMAGVGhNAMyAAQiR0t9plm77ezfXvJzDNdlyYC0pWX+QmJ8EavgEElk +-ky/M+YXb5ufkFzFXIEfU9pM= +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2tnb191v2_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEIkdLfaZZu+3s317ycwzXZcmAtKVl +-/kJifBGr4BBJZJMvzPmF2+bn5BcxVyBH1PaT +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2tnb191v2:BOB_c2tnb191v2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2tnb191v2 +-PeerKey=BOB_c2tnb191v2_PUB +-SharedSecret=5ec2b6ccd193620dbad302c4ad8f8909a40698bf454d7534 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2tnb191v2 +-PeerKey=ALICE_c2tnb191v2_PUB +-SharedSecret=5ec2b6ccd193620dbad302c4ad8f8909a40698bf454d7534 +- +-# TEST CURVE c2tnb191v3 +- +-PrivateKey=ALICE_c2tnb191v3 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEVTBTAgEBBBgSaBOQyq6XX3hZVVgV +-FlRrxTuvgtv33C6hNAMyAARL+Fup8jOnixQYPx8pU/b066PHrhTXfiNerFEYA/5O +-XCKCEkdRCpuDJnyqpmaC2vw= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2tnb191v3_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAES/hbqfIzp4sUGD8fKVP29Oujx64U +-134jXqxRGAP+TlwighJHUQqbgyZ8qqZmgtr8 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2tnb191v3:ALICE_c2tnb191v3_PUB +- +- +-PrivateKey=BOB_c2tnb191v3 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEVTBTAgEBBBgEE8Ls7pc1/q3/0ruR +-gMrWGhGIr4VLt4uhNAMyAAQHAZsjkAXanwGbXR3SKkoKli6rSfSiu0lU2XHDiZdt +-LaPN+Eihz4KeG2YM/p3m1do= +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2tnb191v3_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAEBwGbI5AF2p8Bm10d0ipKCpYuq0n0 +-ortJVNlxw4mXbS2jzfhIoc+CnhtmDP6d5tXa +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2tnb191v3:BOB_c2tnb191v3_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2tnb191v3 +-PeerKey=BOB_c2tnb191v3_PUB +-SharedSecret=39093dc8a2e6724a6206ed41bb99490d527d80c902c41891 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2tnb191v3 +-PeerKey=ALICE_c2tnb191v3_PUB +-SharedSecret=39093dc8a2e6724a6206ed41bb99490d527d80c902c41891 +- +-# TEST CURVE c2pnb208w1 +- +-PrivateKey=ALICE_c2pnb208w1 +------BEGIN PRIVATE KEY----- +-MHQCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEWjBYAgEBBBkAbfnNboX6Dk+NLoBO +-6qBB2aE1srmTgS96oTgDNgAEFLHciAu4excYB0mty8rF442ULXZfqL90IkgP5G2z +-wzY1mAlEBFMg83izeRaCJ/vRihZDJw== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2pnb208w1_PUB +------BEGIN PUBLIC KEY----- +-ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEFLHciAu4excYB0mty8rF442ULXZf +-qL90IkgP5G2zwzY1mAlEBFMg83izeRaCJ/vRihZDJw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2pnb208w1:ALICE_c2pnb208w1_PUB +- +- +-PrivateKey=BOB_c2pnb208w1 +------BEGIN PRIVATE KEY----- +-MHQCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEWjBYAgEBBBkAwjGFJOPkZqQPZ+mI +-Ae3G12zpUia40tRjoTgDNgAEDxaP6u0phDLfM4RsZhgIfZy8CurR4/IPtqMGxbfz +-pPKPMZXV12F6MrWrorSFDZ8KFd58Ww== +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2pnb208w1_PUB +------BEGIN PUBLIC KEY----- +-ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEDxaP6u0phDLfM4RsZhgIfZy8CurR +-4/IPtqMGxbfzpPKPMZXV12F6MrWrorSFDZ8KFd58Ww== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2pnb208w1:BOB_c2pnb208w1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2pnb208w1 +-PeerKey=BOB_c2pnb208w1_PUB +-SharedSecret=59bf3c91bd168d4d4d900d9ce155933045e0fd16dcf0511bb5af +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2pnb208w1 +-PeerKey=ALICE_c2pnb208w1_PUB +-SharedSecret=59bf3c91bd168d4d4d900d9ce155933045e0fd16dcf0511bb5af +- +-# TEST CURVE c2tnb239v1 +- +-PrivateKey=ALICE_c2tnb239v1 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwALBGcwZQIBAQQeE4CCwXEKsP3CfLC/ +-DLSSF9lfyOaNSuQXmq9rzLqwoUADPgAEM6oQIsXJs+ANKQpF3DzBdG4FdS5DS+qp +-c5fVTsZiI4FAWCXUvzzPTRAex3wwvF/4JrYK6cKVh8i1EOrN +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2tnb239v1_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAEM6oQIsXJs+ANKQpF3DzBdG4FdS5D +-S+qpc5fVTsZiI4FAWCXUvzzPTRAex3wwvF/4JrYK6cKVh8i1EOrN +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2tnb239v1:ALICE_c2tnb239v1_PUB +- +- +-PrivateKey=BOB_c2tnb239v1 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwALBGcwZQIBAQQeAGDYCGAXqD03x510 +-h35JSzlgReW6W/T8lYPEA42doUADPgAECk6Uyh8ULkOVOxZSNZYGwtko/oy7ZLDP +-F8dbsEZTeYIBpQ6hWqZ/4Nz3RyzfoukyfCb3b8OMtpq+Qgio +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2tnb239v1_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAECk6Uyh8ULkOVOxZSNZYGwtko/oy7 +-ZLDPF8dbsEZTeYIBpQ6hWqZ/4Nz3RyzfoukyfCb3b8OMtpq+Qgio +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2tnb239v1:BOB_c2tnb239v1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2tnb239v1 +-PeerKey=BOB_c2tnb239v1_PUB +-SharedSecret=78c42256900725df9a47bb042cef7dad9f639b32e3010738a144e7472d1a +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2tnb239v1 +-PeerKey=ALICE_c2tnb239v1_PUB +-SharedSecret=78c42256900725df9a47bb042cef7dad9f639b32e3010738a144e7472d1a +- +-# TEST CURVE c2tnb239v2 +- +-PrivateKey=ALICE_c2tnb239v2 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwAMBGcwZQIBAQQeE8kBjHLjFeC+Z2gZ +-q0snwR3UgEgWMW0xilhJNjW2oUADPgAEQ+ubIYhh82VohwKSVz70PkHsjmYWDvDU +-/SBRk8AiP71CM9D7XEKK5tnU94MtK2Kscx5nWZFc+oIh1+sY +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2tnb239v2_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAEQ+ubIYhh82VohwKSVz70PkHsjmYW +-DvDU/SBRk8AiP71CM9D7XEKK5tnU94MtK2Kscx5nWZFc+oIh1+sY +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2tnb239v2:ALICE_c2tnb239v2_PUB +- +- +-PrivateKey=BOB_c2tnb239v2 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwAMBGcwZQIBAQQeE7bhzKZZUm780c0e +-3EBWY1GxD90Mzu7zrQMi7bAzoUADPgAEYgV7bokY6iLMzZTG10c6NDaW11plAm0T +-NKVVwzPqe3ylhsQmmm02LHKX0gN4E1dUS0uClBbMGNq2mhln +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2tnb239v2_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAEYgV7bokY6iLMzZTG10c6NDaW11pl +-Am0TNKVVwzPqe3ylhsQmmm02LHKX0gN4E1dUS0uClBbMGNq2mhln +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2tnb239v2:BOB_c2tnb239v2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2tnb239v2 +-PeerKey=BOB_c2tnb239v2_PUB +-SharedSecret=4ba2ecfa8ec7a375594d1673886cccf96d7763c55611b3c9008a35160192 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2tnb239v2 +-PeerKey=ALICE_c2tnb239v2_PUB +-SharedSecret=4ba2ecfa8ec7a375594d1673886cccf96d7763c55611b3c9008a35160192 +- +-# TEST CURVE c2tnb239v3 +- +-PrivateKey=ALICE_c2tnb239v3 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwANBGcwZQIBAQQeCxiC5lbHYL1QYbb2 +-izZiSoLPnWCZIds811J1N7KtoUADPgAEdHMz+tsuO7VcO9IFgsSWTweLoB1ah5WI +-g6cWrtcUfmO7EGfPwNni4Bf8No7rGGMwbisW0v6Jv2pkTSM8 +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2tnb239v3_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEdHMz+tsuO7VcO9IFgsSWTweLoB1a +-h5WIg6cWrtcUfmO7EGfPwNni4Bf8No7rGGMwbisW0v6Jv2pkTSM8 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2tnb239v3:ALICE_c2tnb239v3_PUB +- +- +-PrivateKey=BOB_c2tnb239v3 +------BEGIN PRIVATE KEY----- +-MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwANBGcwZQIBAQQeBBPxdeU3MohZc5Jx +-7WadLuPSeXeOg75rXC1ElexsoUADPgAEaHwiwQmoqbPij8+l6hLHVQz0AZLBT5uX +-hAh8fhTABKqI7qYShICAAX0tvu3EvQ8BQLP14grxUsSoEqAF +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2tnb239v3_PUB +------BEGIN PUBLIC KEY----- +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEaHwiwQmoqbPij8+l6hLHVQz0AZLB +-T5uXhAh8fhTABKqI7qYShICAAX0tvu3EvQ8BQLP14grxUsSoEqAF +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2tnb239v3:BOB_c2tnb239v3_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2tnb239v3 +-PeerKey=BOB_c2tnb239v3_PUB +-SharedSecret=47ad60e5480375fccd9246c93ab04da8e5da83e1dbf5f177f10a47cb54a0 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2tnb239v3 +-PeerKey=ALICE_c2tnb239v3_PUB +-SharedSecret=47ad60e5480375fccd9246c93ab04da8e5da83e1dbf5f177f10a47cb54a0 +- +-# TEST CURVE c2pnb272w1 +- +-PrivateKey=ALICE_c2pnb272w1 +------BEGIN PRIVATE KEY----- +-MIGMAgEAMBMGByqGSM49AgEGCCqGSM49AwAQBHIwcAIBAQQhAKMtKddENVGjzTU4 +-w+hW0SgDOtIElcs52wb40S08j6gMoUgDRgAEfGvSzQo+00VXIDXV7iiGXpI16kzs +-6C8rkchA5sVBBY56nSCp0n4FpIXRzafiFQklJD9OrJzA6PXc7tp2n2XhIwvuOmI= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2pnb272w1_PUB +------BEGIN PUBLIC KEY----- +-MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEfGvSzQo+00VXIDXV7iiGXpI16kzs +-6C8rkchA5sVBBY56nSCp0n4FpIXRzafiFQklJD9OrJzA6PXc7tp2n2XhIwvuOmI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2pnb272w1:ALICE_c2pnb272w1_PUB +- +- +-PrivateKey=BOB_c2pnb272w1 +------BEGIN PRIVATE KEY----- +-MIGMAgEAMBMGByqGSM49AgEGCCqGSM49AwAQBHIwcAIBAQQhAFAKPByX1wlYUpU4 +-mECDAxg+VM5aFo4JPlqEzR0b9hI6oUgDRgAEL8+863IU4uxbEY8jVBjhsrG4W6AF +-MF6t+aGvoiKHtEMLQa6U158TRapDWp4eRurm6Idvv7hepCPqOMEGySDUwMECiQM= +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2pnb272w1_PUB +------BEGIN PUBLIC KEY----- +-MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEL8+863IU4uxbEY8jVBjhsrG4W6AF +-MF6t+aGvoiKHtEMLQa6U158TRapDWp4eRurm6Idvv7hepCPqOMEGySDUwMECiQM= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2pnb272w1:BOB_c2pnb272w1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2pnb272w1 +-PeerKey=BOB_c2pnb272w1_PUB +-SharedSecret=3ae063b2bed6ba8aa28ff35e9bd2673f22ee8087860c86b89429a5b52538216632a3 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2pnb272w1 +-PeerKey=ALICE_c2pnb272w1_PUB +-SharedSecret=3ae063b2bed6ba8aa28ff35e9bd2673f22ee8087860c86b89429a5b52538216632a3 +- +-# TEST CURVE c2pnb304w1 +- +-PrivateKey=ALICE_c2pnb304w1 +------BEGIN PRIVATE KEY----- +-MIGYAgEAMBMGByqGSM49AgEGCCqGSM49AwARBH4wfAIBAQQlAOKzfcV2XOvVsSUh +-oVz3SHGzSCf0q9i+ilz5ZfBxc+5ssjK7jKFQA04ABDc4zQNFaZukj9iz3iXTYdza +-tCOYZvrfOjrbgzl/8PoFxt5q6yJTu35Vu9XVp5pTCtjpDEpywBj0xb07RRuVDEk8 +-TthFP5vGeTIWLD4= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2pnb304w1_PUB +------BEGIN PUBLIC KEY----- +-MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAENzjNA0Vpm6SP2LPeJdNh3Nq0I5hm +-+t86OtuDOX/w+gXG3mrrIlO7flW71dWnmlMK2OkMSnLAGPTFvTtFG5UMSTxO2EU/ +-m8Z5MhYsPg== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2pnb304w1:ALICE_c2pnb304w1_PUB +- +- +-PrivateKey=BOB_c2pnb304w1 +------BEGIN PRIVATE KEY----- +-MIGYAgEAMBMGByqGSM49AgEGCCqGSM49AwARBH4wfAIBAQQlAPP4hz6sa+KdTJ4h +-fBeCUiJBfshcZoapkZMFrhI1vdcRY7MeAaFQA04ABMHRUzLiUY7O4nEBdmex31U4 +-l6TO/dD+5MV/tVNizVsWjkTvi2fs772lZ9MeNp6QnGMZ5n5subHsa0QOJL1LpmXX +-K0UIWGbW0nQb52g= +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2pnb304w1_PUB +------BEGIN PUBLIC KEY----- +-MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAEwdFTMuJRjs7icQF2Z7HfVTiXpM79 +-0P7kxX+1U2LNWxaORO+LZ+zvvaVn0x42npCcYxnmfmy5sexrRA4kvUumZdcrRQhY +-ZtbSdBvnaA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2pnb304w1:BOB_c2pnb304w1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2pnb304w1 +-PeerKey=BOB_c2pnb304w1_PUB +-SharedSecret=6df88b20de9f095c7632234291ea4658a9265cd2293424e11ed56705b09a069f09dc4e055eb7 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2pnb304w1 +-PeerKey=ALICE_c2pnb304w1_PUB +-SharedSecret=6df88b20de9f095c7632234291ea4658a9265cd2293424e11ed56705b09a069f09dc4e055eb7 +- +-# TEST CURVE c2tnb359v1 +- +-PrivateKey=ALICE_c2tnb359v1 +------BEGIN PRIVATE KEY----- +-MIGwAgEAMBMGByqGSM49AgEGCCqGSM49AwASBIGVMIGSAgEBBC0BeMU97SvjsIvQ +-1v+Ztf56OCL8JXHxRJDQZ5gWEa4c2b3FZXFVC4CwEPd7cB+hXgNcAAQOBgLp0TzS +-4Hf/VYbJCFuj3OlRC5JMzFV7ox41ubhl5Ij+gHIodu1bQ6cqd0YAb2/30PxwX++N +-NpFvq8u8435zhPYXsut6txOPNU5ZzCeagy2xsKacXSZc7D0= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2tnb359v1_PUB +------BEGIN PUBLIC KEY----- +-MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEDgYC6dE80uB3/1WGyQhbo9zpUQuS +-TMxVe6MeNbm4ZeSI/oByKHbtW0OnKndGAG9v99D8cF/vjTaRb6vLvON+c4T2F7Lr +-ercTjzVOWcwnmoMtsbCmnF0mXOw9 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2tnb359v1:ALICE_c2tnb359v1_PUB +- +- +-PrivateKey=BOB_c2tnb359v1 +------BEGIN PRIVATE KEY----- +-MIGwAgEAMBMGByqGSM49AgEGCCqGSM49AwASBIGVMIGSAgEBBC0BRZ3IIh3mrLIX +-KBbh6Vj7TXNY5bzRuD5/ayHPlHQkJcd8K66dOqu7hgaN91GhXgNcAAQ7njbTQ2xY +-YZtkKswYr8E6P/R3Dg/XEZgQQ72B4qXnqbK/SgYsZAntFg7CRztcTkHjKAgdSz6f +-TRIc4///gwXN3Oi6D8PeswhzPJi/uLmCAHMm3GT6SUO3aTY= +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2tnb359v1_PUB +------BEGIN PUBLIC KEY----- +-MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEO54200NsWGGbZCrMGK/BOj/0dw4P +-1xGYEEO9geKl56myv0oGLGQJ7RYOwkc7XE5B4ygIHUs+n00SHOP//4MFzdzoug/D +-3rMIczyYv7i5ggBzJtxk+klDt2k2 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2tnb359v1:BOB_c2tnb359v1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2tnb359v1 +-PeerKey=BOB_c2tnb359v1_PUB +-SharedSecret=1d3f3396492d130caea54233c79833e90a072fe883071bb08cec671ce0319f0bc39c68dda0199952152a5c3563 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2tnb359v1 +-PeerKey=ALICE_c2tnb359v1_PUB +-SharedSecret=1d3f3396492d130caea54233c79833e90a072fe883071bb08cec671ce0319f0bc39c68dda0199952152a5c3563 +- +-# TEST CURVE c2pnb368w1 +- +-PrivateKey=ALICE_c2pnb368w1 +------BEGIN PRIVATE KEY----- +-MIGyAgEAMBMGByqGSM49AgEGCCqGSM49AwATBIGXMIGUAgEBBC0AFagbth/4/M2s +-b1G4FpxbFEVLIulioS34v0hrClpZ38/Z+PHmIhOfEFminyehYANeAAQAU42w7mII +-jkyAdnCC4qoEPdH42fh3oVyCtnaRtKUmdhUdXm0IgSM4T4SYEOsx+aQZLGIjnhHJ +-CabcaKPQ0sai3dirUr2YsNXNDJiU93T7buUr+DnRPGsfBy/nEg== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2pnb368w1_PUB +------BEGIN PUBLIC KEY----- +-MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEAFONsO5iCI5MgHZwguKqBD3R+Nn4 +-d6FcgrZ2kbSlJnYVHV5tCIEjOE+EmBDrMfmkGSxiI54RyQmm3Gij0NLGot3Yq1K9 +-mLDVzQyYlPd0+27lK/g50TxrHwcv5xI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2pnb368w1:ALICE_c2pnb368w1_PUB +- +- +-PrivateKey=BOB_c2pnb368w1 +------BEGIN PRIVATE KEY----- +-MIGyAgEAMBMGByqGSM49AgEGCCqGSM49AwATBIGXMIGUAgEBBC0AA/woMzOFy8k2 +-zBqBkubhkOIwc7sx0u+JadM9f7V45L4P8nK7bjJasOqrHRahYANeAATKE6jcstac +-H8yWzg/qBgvGoGan2PVwTN/U+68K4WxHO7+oPHviUh1OVF7ZxYjsVSdyno83iHE3 +-3sq2Ej6j26f+uVs/fuWk19t8NpAQ6+sVETZszuMDm5adqtVZRQ== +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2pnb368w1_PUB +------BEGIN PUBLIC KEY----- +-MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEyhOo3LLWnB/Mls4P6gYLxqBmp9j1 +-cEzf1PuvCuFsRzu/qDx74lIdTlRe2cWI7FUncp6PN4hxN97KthI+o9un/rlbP37l +-pNfbfDaQEOvrFRE2bM7jA5uWnarVWUU= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2pnb368w1:BOB_c2pnb368w1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2pnb368w1 +-PeerKey=BOB_c2pnb368w1_PUB +-SharedSecret=d191710b156d1b1d14242843a7f0abf28060bbb9e655655b53852a8b0f250ef1eee37d59364d9791c8e1bc526cbb +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2pnb368w1 +-PeerKey=ALICE_c2pnb368w1_PUB +-SharedSecret=d191710b156d1b1d14242843a7f0abf28060bbb9e655655b53852a8b0f250ef1eee37d59364d9791c8e1bc526cbb +- +-# TEST CURVE c2tnb431r1 +- +-PrivateKey=ALICE_c2tnb431r1 +------BEGIN PRIVATE KEY----- +-MIHKAgEAMBMGByqGSM49AgEGCCqGSM49AwAUBIGvMIGsAgEBBDUC18JhUt+NCIZ/ +-q6kdjNZ7zX72UqpW4K6Uc2bAWu2PXK1aL573LNzu4oUlHfbvuE1BUrxNpaFwA24A +-BDrG8SG4lckR1rrvLRpXYf7Wspmh/fbql+Zpulyl896XtwQK2BkLVRkZ5ixTG4PU +-yb64OiffdSnvIaM++cb7LgJLBBgT3d5le8V1gtxWFFm0NggUyF6glmUqHQL0LuhX +-WS468O6w05KS0AL6vQ== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_c2tnb431r1_PUB +------BEGIN PUBLIC KEY----- +-MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABDrG8SG4lckR1rrvLRpXYf7Wspmh +-/fbql+Zpulyl896XtwQK2BkLVRkZ5ixTG4PUyb64OiffdSnvIaM++cb7LgJLBBgT +-3d5le8V1gtxWFFm0NggUyF6glmUqHQL0LuhXWS468O6w05KS0AL6vQ== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_c2tnb431r1:ALICE_c2tnb431r1_PUB +- +- +-PrivateKey=BOB_c2tnb431r1 +------BEGIN PRIVATE KEY----- +-MIHKAgEAMBMGByqGSM49AgEGCCqGSM49AwAUBIGvMIGsAgEBBDUApanyPgvpfrAu +-1jNAKGpctH71v0+P/kFF9JxdFYarpWEwBBd4tz6CxoYKmvDZ9ukOOqBbX6FwA24A +-BGh3JXuYmh6dGGEmbRhoR2T5pVD/5Mq2ZKKzfzY2NOoKiIs6rVzv2SW7S6BScYlR +-qRWiXCeZVFvT0crDY/5uodkHbcRw6B/Yo/iMN8wLI257Tjm9/C5G+JPCLopCcLIL +-gTwAJM2ZhtPnc08LyQ== +------END PRIVATE KEY----- +- +-PublicKey=BOB_c2tnb431r1_PUB +------BEGIN PUBLIC KEY----- +-MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABGh3JXuYmh6dGGEmbRhoR2T5pVD/ +-5Mq2ZKKzfzY2NOoKiIs6rVzv2SW7S6BScYlRqRWiXCeZVFvT0crDY/5uodkHbcRw +-6B/Yo/iMN8wLI257Tjm9/C5G+JPCLopCcLILgTwAJM2ZhtPnc08LyQ== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_c2tnb431r1:BOB_c2tnb431r1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_c2tnb431r1 +-PeerKey=BOB_c2tnb431r1_PUB +-SharedSecret=4c4d7d387843ff5152f22f101b0609238819357fae2ccc9097b818e383ef6809cb46671fb514009d4d1d3d0119fba265107302e95748 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_c2tnb431r1 +-PeerKey=ALICE_c2tnb431r1_PUB +-SharedSecret=4c4d7d387843ff5152f22f101b0609238819357fae2ccc9097b818e383ef6809cb46671fb514009d4d1d3d0119fba265107302e95748 +- +-# TEST CURVE wap-wsg-idm-ecid-wtls1 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls1 +------BEGIN PRIVATE KEY----- +-MFACAQAwEAYHKoZIzj0CAQYFZysBBAEEOTA3AgEBBA5Xu91qBwxTDmhD/30Kf6Ei +-AyAABAFQSZ0G+afa1x4KwUzBjQEWFNdZoF6UNYGkCRINyg== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls1_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAVBJnQb5p9rXHgrBTMGNARYU11mgXpQ1 +-gaQJEg3K +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls1:ALICE_wap-wsg-idm-ecid-wtls1_PUB +- +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls1 +------BEGIN PRIVATE KEY----- +-MFACAQAwEAYHKoZIzj0CAQYFZysBBAEEOTA3AgEBBA5aU6CQ474Z1fH3xAtn/6Ei +-AyAABAFpb4GTc+5vf5nkt4zLxwGZQ6qSbYlH8pUbpvwcqA== +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls1_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAWlvgZNz7m9/meS3jMvHAZlDqpJtiUfy +-lRum/Byo +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls1:BOB_wap-wsg-idm-ecid-wtls1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls1 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls1_PUB +-SharedSecret=0000fc6e280987e8b9bf6e3c7fa003 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls1 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls1_PUB +-SharedSecret=0000fc6e280987e8b9bf6e3c7fa003 +- +-# TEST CURVE wap-wsg-idm-ecid-wtls3 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls3 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFZysBBAMETDBKAgEBBBUBN2FFgQiz4KPJ9GEsrj5B +-m908ifuhLgMsAAQBV21Tx3v8+1wFKq7PiloR1CxzmlUDvnyXrs4mNmc5Ns38mzPe +-NueQNo0= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls3_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAVdtU8d7/PtcBSquz4paEdQsc5pVA758 +-l67OJjZnOTbN/Jsz3jbnkDaN +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls3:ALICE_wap-wsg-idm-ecid-wtls3_PUB +- +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls3 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFZysBBAMETDBKAgEBBBUA/0Ust7IoJ526zn2wiWBu +-rR5NeSWhLgMsAAQB7d+/zMMti4djhlVnaGqaqonbmo4Cv+iKT1cF3nzXV/KXHSJI +-p9iZeas= +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls3_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAe3fv8zDLYuHY4ZVZ2hqmqqJ25qOAr/o +-ik9XBd5811fylx0iSKfYmXmr +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls3:BOB_wap-wsg-idm-ecid-wtls3_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls3 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls3_PUB +-SharedSecret=00cf1d850f396436be68f1e5502935853ed054511f +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls3 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls3_PUB +-SharedSecret=00cf1d850f396436be68f1e5502935853ed054511f +- +-# TEST CURVE wap-wsg-idm-ecid-wtls4 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls4 +------BEGIN PRIVATE KEY----- +-MFECAQAwEAYHKoZIzj0CAQYFZysBBAQEOjA4AgEBBA8AsuEGufSNSrDPu3Y1Namh +-IgMgAAQAcvPRbArskeBs6W2oOesAHMQo8Lk/FHcYKUfMOKY= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls4_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAHLz0WwK7JHgbOltqDnrABzEKPC5PxR3 +-GClHzDim +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls4:ALICE_wap-wsg-idm-ecid-wtls4_PUB +- +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls4 +------BEGIN PRIVATE KEY----- +-MFECAQAwEAYHKoZIzj0CAQYFZysBBAQEOjA4AgEBBA8AFJwmUkKbWdmzvqv+AbWh +-IgMgAAQBriOJSyRL4ro55CbCwekBluEKwIfP64OfJCEfWTU= +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls4_PUB +------BEGIN PUBLIC KEY----- +-MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAa4jiUskS+K6OeQmwsHpAZbhCsCHz+uD +-nyQhH1k1 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls4:BOB_wap-wsg-idm-ecid-wtls4_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls4 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls4_PUB +-SharedSecret=01076232302ca32b5f3daf075e5213 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls4 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls4_PUB +-SharedSecret=01076232302ca32b5f3daf075e5213 +- +-# TEST CURVE wap-wsg-idm-ecid-wtls5 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls5 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFZysBBAUETDBKAgEBBBUCmngbaO2S//Ta0ZUhn/nb +-ZydTKD+hLgMsAAQA1792id3hLIu2z0KECkBCUbTSP9UFLu2FTJkLa8qP4ZIrBt5F +-XKJo2Dw= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls5_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEANe/dond4SyLts9ChApAQlG00j/VBS7t +-hUyZC2vKj+GSKwbeRVyiaNg8 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls5:ALICE_wap-wsg-idm-ecid-wtls5_PUB +- +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls5 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFZysBBAUETDBKAgEBBBUBraa4aeYxHd9HJ0vLIoCw +-auGKd9yhLgMsAAQHzc2FgfJGasNlMcJNDDrNQElhA1cHD4izqEedmC3ueMu72/Sp +-VF2Ppig= +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls5_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEB83NhYHyRmrDZTHCTQw6zUBJYQNXBw+I +-s6hHnZgt7njLu9v0qVRdj6Yo +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls5:BOB_wap-wsg-idm-ecid-wtls5_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls5 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls5_PUB +-SharedSecret=066091c591278f5b949106052b2546aacc20917c20 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls5 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls5_PUB +-SharedSecret=066091c591278f5b949106052b2546aacc20917c20 +- +-# TEST CURVE wap-wsg-idm-ecid-wtls6 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls6 +------BEGIN PRIVATE KEY----- +-ME4CAQAwEAYHKoZIzj0CAQYFZysBBAYENzA1AgEBBA5LJwRNrPNMwGyoBP95a6Eg +-Ax4ABMZxFi711Wl5r7tb1XJ9fJ3H1W1MKvVrYvfmNFo= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls6_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAExnEWLvXVaXmvu1vVcn18ncfVbUwq9Wti +-9+Y0Wg== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls6:ALICE_wap-wsg-idm-ecid-wtls6_PUB +- +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls6 +------BEGIN PRIVATE KEY----- +-ME4CAQAwEAYHKoZIzj0CAQYFZysBBAYENzA1AgEBBA63i1z4Kl8BEE1I3CYU9KEg +-Ax4ABG3Ft5F8wvnGimUAmGQrfqAlVJKdzhNSa3v47Kc= +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls6_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAEbcW3kXzC+caKZQCYZCt+oCVUkp3OE1Jr +-e/jspw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls6:BOB_wap-wsg-idm-ecid-wtls6_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls6 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls6_PUB +-SharedSecret=8d184455748c56115ba2183070b0 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls6 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls6_PUB +-SharedSecret=8d184455748c56115ba2183070b0 +- +-# TEST CURVE wap-wsg-idm-ecid-wtls7 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls7 +------BEGIN PRIVATE KEY----- +-MGECAQAwEAYHKoZIzj0CAQYFZysBBAcESjBIAgEBBBUAueoisiN+luJEy0wdiI7j +-cALlTqChLAMqAAQ/FWsGxD8vuvEFWXfWReOqvBzqWrF9mdMeTeOE1y9r9POOIUVJ +-PNtL +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls7_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEPxVrBsQ/L7rxBVl31kXjqrwc6lqxfZnT +-Hk3jhNcva/TzjiFFSTzbSw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls7:ALICE_wap-wsg-idm-ecid-wtls7_PUB +- +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls7 +------BEGIN PRIVATE KEY----- +-MGECAQAwEAYHKoZIzj0CAQYFZysBBAcESjBIAgEBBBUAr42vKjbUXFak2mVzFYpu +-yhN/cDyhLAMqAASJZpuFg+n8vscuq+pqfFFPYemnfLdhdAB4JodfR3J5Bzu67hEm +-bIKQ +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls7_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEiWabhYPp/L7HLqvqanxRT2Hpp3y3YXQA +-eCaHX0dyeQc7uu4RJmyCkA== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls7:BOB_wap-wsg-idm-ecid-wtls7_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls7 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls7_PUB +-SharedSecret=990eda6a0406caef965018b97c94d0faa200f6e4 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls7 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls7_PUB +-SharedSecret=990eda6a0406caef965018b97c94d0faa200f6e4 +- +-# TEST CURVE wap-wsg-idm-ecid-wtls8 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls8 +------BEGIN PRIVATE KEY----- +-ME8CAQAwEAYHKoZIzj0CAQYFZysBBAgEODA2AgEBBA8A1m62ffl6niuM46XOUyih +-IAMeAAT4mqYAoe7NEtKfEMQs2ofInhZRZCFrFU5cjEWi +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls8_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAE+JqmAKHuzRLSnxDELNqHyJ4WUWQhaxVO +-XIxFog== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls8:ALICE_wap-wsg-idm-ecid-wtls8_PUB +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls8 +------BEGIN PRIVATE KEY----- +-ME8CAQAwEAYHKoZIzj0CAQYFZysBBAgEODA2AgEBBA8AegTrLoMRyPl4U4xOdg6h +-IAMeAATQKkyQ3jL2Eku6C+vSQazbjjSkzNe67Occqj2P +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls8_PUB +------BEGIN PUBLIC KEY----- +-MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAE0CpMkN4y9hJLugvr0kGs2440pMzXuuzn +-HKo9jw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls8:BOB_wap-wsg-idm-ecid-wtls8_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls8 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls8_PUB +-SharedSecret=7524c547bd6b26644ce70571cb06 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls8 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls8_PUB +-SharedSecret=7524c547bd6b26644ce70571cb06 +- +-# TEST CURVE wap-wsg-idm-ecid-wtls9 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls9 +------BEGIN PRIVATE KEY----- +-MGECAQAwEAYHKoZIzj0CAQYFZysBBAkESjBIAgEBBBUAE0376NvzsIXi6XadrVn4 +-06obTRChLAMqAARbC1yw9f1uBOVlMf5ZFQewTgyc81Aqh2TFMSRfujCIhdvGTYgR +-tu6F +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls9_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAEWwtcsPX9bgTlZTH+WRUHsE4MnPNQKodk +-xTEkX7owiIXbxk2IEbbuhQ== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls9:ALICE_wap-wsg-idm-ecid-wtls9_PUB +- +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls9 +------BEGIN PRIVATE KEY----- +-MGECAQAwEAYHKoZIzj0CAQYFZysBBAkESjBIAgEBBBUAd2kfMclaJU2bg8ayTrjZ +-oolI82yhLAMqAAQ0NeW9TKhQeFrrTyMR9Gb55+BneCQSByAShM8Dn3V1FFYz7n0y +-bvBX +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls9_PUB +------BEGIN PUBLIC KEY----- +-MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAENDXlvUyoUHha608jEfRm+efgZ3gkEgcg +-EoTPA591dRRWM+59Mm7wVw== +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls9:BOB_wap-wsg-idm-ecid-wtls9_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls9 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls9_PUB +-SharedSecret=5ca1d9eed44def2c390fd5bbb16ca2c3a09eb7b1 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls9 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls9_PUB +-SharedSecret=5ca1d9eed44def2c390fd5bbb16ca2c3a09eb7b1 +- +-# TEST CURVE wap-wsg-idm-ecid-wtls10 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls10 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFZysBBAoEZjBkAgEBBB01TDgjIGd+gXPZ4esQnWzz +-/y1vzJniUBM5XNyPq6FAAz4ABAHVs5gYpbJzqyO8Lk3nkTwhu4BuXb4wtrgGcY2L +-TwGxkC4Zq4aqLowsexGjVa0IjGKdWz5/TfwLwGpN4A== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls10_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAdWzmBilsnOrI7wuTeeRPCG7gG5dvjC2 +-uAZxjYtPAbGQLhmrhqoujCx7EaNVrQiMYp1bPn9N/AvAak3g +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls10:ALICE_wap-wsg-idm-ecid-wtls10_PUB +- +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls10 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFZysBBAoEZjBkAgEBBB0mTqwYwByRuu4zcU1QLKcG +-m8wewuaoKqVSpp8xQaFAAz4ABAEF4xTrWAIF1EacNMqTG3kwxwartAKFFqyOle+w +-BwDi6gra7cFVedD1p5RwD4gZU4QzgCLSwa7xZbBzgg== +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls10_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAQXjFOtYAgXURpw0ypMbeTDHBqu0AoUW +-rI6V77AHAOLqCtrtwVV50PWnlHAPiBlThDOAItLBrvFlsHOC +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls10:BOB_wap-wsg-idm-ecid-wtls10_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls10 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls10_PUB +-SharedSecret=0199de137bc263e25b543994d6315b5a3f1e38e7e1f60662cb5cbaab5f98 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls10 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls10_PUB +-SharedSecret=0199de137bc263e25b543994d6315b5a3f1e38e7e1f60662cb5cbaab5f98 +- +-# TEST CURVE wap-wsg-idm-ecid-wtls11 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls11 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFZysBBAsEZzBlAgEBBB4Au6lrzC3RIk3jXmtbeOAp +-LZPR0NUrr6dTf1lSCGqhQAM+AAQBl73V2TEZ8BO4QC+YiBlJ0GmW8WLc3RtS3iIr +-/oUAaDQQAGVJFD3GghjBPfI9KVBcZ2P8tUXUv5ifrWc= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls11_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAZe91dkxGfATuEAvmIgZSdBplvFi3N0b +-Ut4iK/6FAGg0EABlSRQ9xoIYwT3yPSlQXGdj/LVF1L+Yn61n +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls11:ALICE_wap-wsg-idm-ecid-wtls11_PUB +- +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls11 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFZysBBAsEZzBlAgEBBB4AGJuGtQI1FvHfp2AsdKb3 +-NVWawjpZQuyM1aelws2hQAM+AAQAdTW3xU6Ijf/Y835Z2hS4fOn6Xmp3O6iblXHr +-nKoBORuxHVRfXkfdL5TqfFpuDghzCyAS6ZMSWhjGV5o= +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls11_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAHU1t8VOiI3/2PN+WdoUuHzp+l5qdzuo +-m5Vx65yqATkbsR1UX15H3S+U6nxabg4IcwsgEumTEloYxlea +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls11:BOB_wap-wsg-idm-ecid-wtls11_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls11 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls11_PUB +-SharedSecret=01ee4b517d8a64be5ee32e10152c7bbcb8cde73a3da8e9643bce173011f7 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls11 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls11_PUB +-SharedSecret=01ee4b517d8a64be5ee32e10152c7bbcb8cde73a3da8e9643bce173011f7 +- +-# TEST CURVE wap-wsg-idm-ecid-wtls12 +- +-PrivateKey=ALICE_wap-wsg-idm-ecid-wtls12 +------BEGIN PRIVATE KEY----- +-MHgCAQAwEAYHKoZIzj0CAQYFZysBBAwEYTBfAgEBBByAnUvQZhZr1lgTRixSMIx0 +-KHuV4t8cbXCW415soTwDOgAE3G8wIl9SJ0mAmuIMWbJpFjf9wO8gKNu6nApye39Y +-hpXeYRL/nm7G6HmiiA5O1iudWC3hDbBH0cc= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_wap-wsg-idm-ecid-wtls12_PUB +------BEGIN PUBLIC KEY----- +-ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAE3G8wIl9SJ0mAmuIMWbJpFjf9wO8gKNu6 +-nApye39YhpXeYRL/nm7G6HmiiA5O1iudWC3hDbBH0cc= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls12:ALICE_wap-wsg-idm-ecid-wtls12_PUB +- +- +-PrivateKey=BOB_wap-wsg-idm-ecid-wtls12 +------BEGIN PRIVATE KEY----- +-MHgCAQAwEAYHKoZIzj0CAQYFZysBBAwEYTBfAgEBBBzZ7nt4CrPrk2m5iR64vpkj +-95JHOmzWf4VhRZqdoTwDOgAEukz40I4gWpUmXCM+PLmWGd0IO0XIPQa9KXzXvhbL +-dJH0yFkJ+ClSboOC26gtMTICiPhEgYjeKEQ= +------END PRIVATE KEY----- +- +-PublicKey=BOB_wap-wsg-idm-ecid-wtls12_PUB +------BEGIN PUBLIC KEY----- +-ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAEukz40I4gWpUmXCM+PLmWGd0IO0XIPQa9 +-KXzXvhbLdJH0yFkJ+ClSboOC26gtMTICiPhEgYjeKEQ= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls12:BOB_wap-wsg-idm-ecid-wtls12_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_wap-wsg-idm-ecid-wtls12 +-PeerKey=BOB_wap-wsg-idm-ecid-wtls12_PUB +-SharedSecret=c75a8283a73312de82c8f99d41a9173a43b8f921e8161dd140131b36 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_wap-wsg-idm-ecid-wtls12 +-PeerKey=ALICE_wap-wsg-idm-ecid-wtls12_PUB +-SharedSecret=c75a8283a73312de82c8f99d41a9173a43b8f921e8161dd140131b36 +- + # EC P-256 key + + PrivateKey=P-256 +@@ -2664,61 +265,6 @@ Derive=BOB_secp521r1 + PeerKey=ALICE_secp521r1_PUB + SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be + +-# TEST CURVE prime192v1 +- +-PrivateKey=ALICE_prime192v1 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjxfXvSFNqD2UzFVN1L +-bQrPlzop7dxQq/ehNAMyAATibpGuYzCjkT1tWLYEogpKz74WqhvbQtZPkCYQCin1 +-cmZuNW+BZ0jyVEpGlpnZPMg= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_prime192v1_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE4m6RrmMwo5E9bVi2BKIKSs++Fqob +-20LWT5AmEAop9XJmbjVvgWdI8lRKRpaZ2TzI +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_prime192v1:ALICE_prime192v1_PUB +- +- +-PrivateKey=BOB_prime192v1 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhewaqXNZlYyqnmuEEE +-Y/oUXe3/jpzhmyGhNAMyAASkpwNJEP/1FuuWKCDDUm26iyqrs+zKwayZnaF77YC6 +-qCtgia7yNcSl9tlWHh3gQgw= +------END PRIVATE KEY----- +- +-PublicKey=BOB_prime192v1_PUB +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEpKcDSRD/9Rbrliggw1Jtuosqq7Ps +-ysGsmZ2he+2AuqgrYImu8jXEpfbZVh4d4EIM +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_prime192v1:BOB_prime192v1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_prime192v1 +-PeerKey=BOB_prime192v1_PUB +-SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861 +- +-# Negative test: A weak curve with a strength < 112 fails in FIPS mode. +-Availablein = fips +-Derive=ALICE_prime192v1 +-Securitycheck = 1 +-PeerKey=BOB_prime192v1_PUB +-Result = DERIVE_SET_PEER_ERROR +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_prime192v1 +-PeerKey=ALICE_prime192v1_PUB +-SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861 +- + # TEST CURVE prime256v1 + + PrivateKey=ALICE_prime256v1 +@@ -2765,549 +311,6 @@ Derive=BOB_prime256v1 + PeerKey=ALICE_prime256v1_PUB + SharedSecret=390021fbca00d959c1adaf7e9cedef0e65a582489eab9adbe739ef66bf82adb4 + +-# TEST CURVE sect163k1 +- +-PrivateKey=ALICE_sect163k1 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBxkeGOXE86PAijpk8trN/ +-f3kl4UmhLgMsAAQD1hrDCJ2MSFKZ6Q11cTllX/l5HY0Hg5XZCxMFC84AaczwPtNJ +-YNCxfCk= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect163k1_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA9YawwidjEhSmekNdXE5ZV/5eR2NB4OV +-2QsTBQvOAGnM8D7TSWDQsXwp +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect163k1:ALICE_sect163k1_PUB +- +-PrivateKey=BOB_sect163k1 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCUJ5kItSfXidHXsgokcS7 +-nzPFbOShLgMsAAQGrYNJ1qgdb3A9ISOmTujfS+WYFKwBXXrJEluAkeNh3jXnDq8X +-+XBB0k8= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect163k1_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBq2DSdaoHW9wPSEjpk7o30vlmBSsAV16 +-yRJbgJHjYd415w6vF/lwQdJP +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect163k1:BOB_sect163k1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_sect163k1 +-PeerKey=BOB_sect163k1_PUB +-SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_sect163k1 +-PeerKey=ALICE_sect163k1_PUB +-SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092 +- +-# TEST CURVE sect163r2 +- +-PrivateKey=ALICE_sect163r2 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDjH2G7BkPTBM4VtljaQr8 +-sXVLNOqhLgMsAAQHHqWxJWR2KrHCPp/PSjZIdK88ET0A323/UOTxhYHwsLpR7rp3 +-ahq1lQ8= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect163r2_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBx6lsSVkdiqxwj6fz0o2SHSvPBE9AN9t +-/1Dk8YWB8LC6Ue66d2oatZUP +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect163r2:ALICE_sect163r2_PUB +- +- +-PrivateKey=BOB_sect163r2 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBXOM9Tm6sKXUlRLlW0HgC +-NTDxW2ihLgMsAAQGxa8xRcC+TIcDgGtehDVEV1PoBokBwtILj16NPYC0aBZI8/nF +-F4jhgmc= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect163r2_PUB +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBsWvMUXAvkyHA4BrXoQ1RFdT6AaJAcLS +-C49ejT2AtGgWSPP5xReI4YJn +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect163r2:BOB_sect163r2_PUB +- +- +-# ECDH Alice with Bob peer +- +-Availablein = default +-Derive=ALICE_sect163r2 +-PeerKey=BOB_sect163r2_PUB +-SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951 +- +-# ECDH Bob with Alice peer +- +-Availablein = default +-Derive=BOB_sect163r2 +-PeerKey=ALICE_sect163r2_PUB +-SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951 +- +-# TEST CURVE sect233k1 +- +-PrivateKey=ALICE_sect233k1 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1aR7qaKm1vmZWK2bGsJ1rX +-mH6BpTkW4t1L4zSf/KFAAz4ABADcDiv+bTvPVViqYLNz06VO5wodry+sGi6fnJIr +-QQCTfZ9d5whiIsbY5Thlcm7I0A/cIGoShA/6LumOVA== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect233k1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANwOK/5tO89VWKpgs3PTpU7nCh2vL6wa +-Lp+ckitBAJN9n13nCGIixtjlOGVybsjQD9wgahKED/ou6Y5U +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect233k1:ALICE_sect233k1_PUB +- +- +-PrivateKey=BOB_sect233k1 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0oa5BrzYxm6mn51Xyphn6X +-OUjKc9oMDHCowAyHTaFAAz4ABAGKiFuFJVQeymHYRVnt2LNF2MSaTMcL9JGSPn2z +-OwBis5MS4kgEFakWQl7KpGiy3vS89wmpblvHLJ/+IQ== +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect233k1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAYqIW4UlVB7KYdhFWe3Ys0XYxJpMxwv0 +-kZI+fbM7AGKzkxLiSAQVqRZCXsqkaLLe9Lz3CaluW8csn/4h +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect233k1:BOB_sect233k1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Derive=ALICE_sect233k1 +-PeerKey=BOB_sect233k1_PUB +-SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512 +- +-# ECDH Bob with Alice peer +- +-Derive=BOB_sect233k1 +-PeerKey=ALICE_sect233k1_PUB +-SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512 +- +-# TEST CURVE sect233r1 +- +-PrivateKey=ALICE_sect233r1 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AEN6fePR2gizyXzU6kIgU +-Gijp5+IQAXoNBfKnVeChQAM+AAQB0kEwu2fwQWo1v1j7XQ8uJT3iMwRC8w+cxgxx +-GQ4B/FyjrhIUpEDWaMqfV23McZ6WdbIUe3MZ7K5pG38= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect233r1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAdJBMLtn8EFqNb9Y+10PLiU94jMEQvMP +-nMYMcRkOAfxco64SFKRA1mjKn1dtzHGelnWyFHtzGeyuaRt/ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect233r1:ALICE_sect233r1_PUB +- +- +-PrivateKey=BOB_sect233r1 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AXHWOeS6fG0XCH3FnHDuS +-IcELUeDG+AYNNeLVZd6hQAM+AAQAYRRYH017uxcaMPF3GOsL4bvodW1yZLEtL3pm +-CkcAfqJI/4niCr8uHKh0gBa2JBjBWMV1u8Mpf60uvok= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect233r1_PUB +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGEUWB9Ne7sXGjDxdxjrC+G76HVtcmSx +-LS96ZgpHAH6iSP+J4gq/LhyodIAWtiQYwVjFdbvDKX+tLr6J +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect233r1:BOB_sect233r1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Derive=ALICE_sect233r1 +-PeerKey=BOB_sect233r1_PUB +-SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2 +- +-# ECDH Bob with Alice peer +- +-Derive=BOB_sect233r1 +-PeerKey=ALICE_sect233r1_PUB +-SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2 +- +-# TEST CURVE sect283k1 +- +-PrivateKey=ALICE_sect283k1 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAGhnsmZ2UDKV3QKmq3k+ +-33LQ6n5aCYvKXcMgiZlBS/RrVgIRoUwDSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnW +-uC6oWVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4r +-mGO7 +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect283k1_PUB +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnWuC6o +-WVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4rmGO7 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect283k1:ALICE_sect283k1_PUB +- +- +-PrivateKey=BOB_sect283k1 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAAJXIwfWjYbiM5jEcNw8 +-8/1kbEnhVjWGivO7zDPts7AuKSMkoUwDSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6V +-D5v8KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzj +-CN/m +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect283k1_PUB +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6VD5v8 +-KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzjCN/m +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect283k1:BOB_sect283k1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Derive=ALICE_sect283k1 +-PeerKey=BOB_sect283k1_PUB +-SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825 +- +-# ECDH Bob with Alice peer +- +-Derive=BOB_sect283k1 +-PeerKey=ALICE_sect283k1_PUB +-SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825 +- +-# TEST CURVE sect283r1 +- +-PrivateKey=ALICE_sect283r1 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAi4Jrhu19kt7H8jw1FO7 +-VzCxh6p0pI0ogl3q9ev5NFkufZkZoUwDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqU +-S40TU2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE +-7jsD +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect283r1_PUB +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqUS40T +-U2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE7jsD +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect283r1:ALICE_sect283r1_PUB +- +- +-PrivateKey=BOB_sect283r1 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkACD04gJaVfVxK/Dpbxjq +-rzZWc6B76a23MK/IQD1jMlGPQzzxoUwDSgAEA13mIYMvik12DBp8JkdETMB1ewOw +-22C/xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lass +-Iq5I +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect283r1_PUB +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA13mIYMvik12DBp8JkdETMB1ewOw22C/ +-xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lassIq5I +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect283r1:BOB_sect283r1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Derive=ALICE_sect283r1 +-PeerKey=BOB_sect283r1_PUB +-SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc +- +-# ECDH Bob with Alice peer +- +-Derive=BOB_sect283r1 +-PeerKey=ALICE_sect283r1_PUB +-SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc +- +-# TEST CURVE sect409k1 +- +-PrivateKey=ALICE_sect409k1 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMg1vV7wiPe1ovX+ukz +-VfwPZoqvyj/vdif04Opi9PcjV5mPBEZgSFBg8hbutNxZJdVLrxShbANqAAQACe1I +-J5ilSk1pPLvbcjEZIE6abC9LZ9WmHuNJxM9LAW1OuLvJGi72AsGYUOGpX0WGmK6C +-AYaqZb2Qeedq/yUIljDHYi66J+26owYl7lOMpRzZ9U2QDJrZ7TYuxeMUui6re0B+ +-JuZdYw== +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect409k1_PUB +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAntSCeYpUpNaTy723IxGSBOmmwvS2fV +-ph7jScTPSwFtTri7yRou9gLBmFDhqV9FhpiuggGGqmW9kHnnav8lCJYwx2Iuuift +-uqMGJe5TjKUc2fVNkAya2e02LsXjFLouq3tAfibmXWM= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect409k1:ALICE_sect409k1_PUB +- +- +-PrivateKey=BOB_sect409k1 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMIYBGZZcZz4qCdhAV9 +-vqpfe8vV+vJEhjawR52JUV1rumWEBPAx0o6E+gaxHBr5hzVGkIKhbANqAAQAAQKK +-s60CTUUkltsT+lIBukjz850pkGGLltJ4eaZn4k9AtN/lFTCq6Vgqe2sDrjA3b45q +-AdWjf1vRaP0wawJ13SjApJmyXg5hQks6d0Zqz2OHYhGEGiM159VtTlStK067dVe1 +-fGVDeg== +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect409k1_PUB +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAECirOtAk1FJJbbE/pSAbpI8/OdKZBh +-i5bSeHmmZ+JPQLTf5RUwqulYKntrA64wN2+OagHVo39b0Wj9MGsCdd0owKSZsl4O +-YUJLOndGas9jh2IRhBojNefVbU5UrStOu3VXtXxlQ3o= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect409k1:BOB_sect409k1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Derive=ALICE_sect409k1 +-PeerKey=BOB_sect409k1_PUB +-SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0 +- +-# ECDH Bob with Alice peer +- +-Derive=BOB_sect409k1 +-PeerKey=ALICE_sect409k1_PUB +-SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0 +- +-# TEST CURVE sect409r1 +- +-PrivateKey=ALICE_sect409r1 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAYTMsTpey51D2ULnd +-pN+AAWnJLy9pTerziakhjii8OyWKpUVfpDFNneCCd2oQTDcPX5vdoWwDagAEAYfk +-3ZejxpVYCG7dYHTVhhcqILEyTYoQa4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGU +-owHXXzgDXoJeR79wgb7ySAlXJXgQ8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvI +-eIozlf4= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect409r1_PUB +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAYfk3ZejxpVYCG7dYHTVhhcqILEyTYoQ +-a4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGUowHXXzgDXoJeR79wgb7ySAlXJXgQ +-8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvIeIozlf4= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect409r1:ALICE_sect409r1_PUB +- +- +-PrivateKey=BOB_sect409r1 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAsCs1nRgwW97TdKIH +-PRcsqmK1e8TIZ00e6rqLb3nD4sIe+Gw/fGhSUER9akQ7lAluEUnfoWwDagAEAfM2 +-fvBEic+7jV4oC+v8GfsunD9Zp9rzNgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDl +-LwBm/W6TlzGuh1FnzXYKVnhnXpzSlRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMf +-WsgK+KA= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect409r1_PUB +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAfM2fvBEic+7jV4oC+v8GfsunD9Zp9rz +-NgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDlLwBm/W6TlzGuh1FnzXYKVnhnXpzS +-lRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMfWsgK+KA= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect409r1:BOB_sect409r1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Derive=ALICE_sect409r1 +-PeerKey=BOB_sect409r1_PUB +-SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5 +- +-# ECDH Bob with Alice peer +- +-Derive=BOB_sect409r1 +-PeerKey=ALICE_sect409r1_PUB +-SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5 +- +-# TEST CURVE sect571k1 +- +-PrivateKey=ALICE_sect571k1 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIARO8hI8j6TZ556/d +-RcdGYvdblnALD2XZCKu2c3C5yQIeA8Tidi+f8n6cCnb5FtJNTYKqP8tRfHlwAZtW +-/giXi/4yF5K2twS3oYGVA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0LQd9wP1+k +-v0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFRPU0Cct0S +-qVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJPCnaKR/Oo +-AtaUpCWLSTHDF1gK4/kmlwEx+8o= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect571k1_PUB +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0L +-Qd9wP1+kv0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFR +-PU0Cct0SqVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJP +-CnaKR/OoAtaUpCWLSTHDF1gK4/kmlwEx+8o= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect571k1:ALICE_sect571k1_PUB +- +- +-PrivateKey=BOB_sect571k1 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAVZT4tnX9dMWS6Vd +-YCoYRl9o/j/Hz7KGqF4Ujk9n9b4+mXbJ37tobpjnpNqKlJfI04w80JPp+NxpoBR3 +-8p1bcc9iL4Smh48YoYGVA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLURYRDHmopO +-IijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN1tsCrqET +-31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxOaqcYzbXC +-Q/Aiij13H06qKhuFM4iiB/0D164= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect571k1_PUB +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLUR +-YRDHmopOIijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN +-1tsCrqET31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxO +-aqcYzbXCQ/Aiij13H06qKhuFM4iiB/0D164= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect571k1:BOB_sect571k1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Derive=ALICE_sect571k1 +-PeerKey=BOB_sect571k1_PUB +-SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e +- +-# ECDH Bob with Alice peer +- +-Derive=BOB_sect571k1 +-PeerKey=ALICE_sect571k1_PUB +-SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e +- +-# TEST CURVE sect571r1 +- +-PrivateKey=ALICE_sect571r1 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIArsi//Zp9veeURYV +-zGYHn4MlNIxNt6U6vtmTPS/NaoiaavxbOimpHgxYPCjpoPYhM33Z2VBh7pl2aoRW +-3GBepLFLoF8oiQaLoYGVA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4f/AwTHmo +-US1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wzd8YF32SF +-HMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz6J6dYAUe +-vE+F3N29p/tRBGNzMFIqoDdW+NA= +------END PRIVATE KEY----- +- +-PublicKey=ALICE_sect571r1_PUB +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4 +-f/AwTHmoUS1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wz +-d8YF32SFHMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz +-6J6dYAUevE+F3N29p/tRBGNzMFIqoDdW+NA= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = ALICE_sect571r1:ALICE_sect571r1_PUB +- +- +-PrivateKey=BOB_sect571r1 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAYj65N5XJTQusn+h +-Z9xj/dgZ4qR1GDC1Ij7jYuow+TvGrG2wz/WT76/lLNtlCLfDW2kODDUmDAJeK/e+ +-VMO7suJTXGnrGFHioYGVA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2SYmMKve74 +-trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8QI70H8aHv +-LgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNdnNATBqom +-6WDWc7RTFZ4sijL5ywVhovwJ1gA= +------END PRIVATE KEY----- +- +-PublicKey=BOB_sect571r1_PUB +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2S +-YmMKve74trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8Q +-I70H8aHvLgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNd +-nNATBqom6WDWc7RTFZ4sijL5ywVhovwJ1gA= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = BOB_sect571r1:BOB_sect571r1_PUB +- +- +-# ECDH Alice with Bob peer +- +-Derive=ALICE_sect571r1 +-PeerKey=BOB_sect571r1_PUB +-SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae +- +-# ECDH Bob with Alice peer +- +-Derive=BOB_sect571r1 +-PeerKey=ALICE_sect571r1_PUB +-SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae +- +-Title = ECDH KATs (from RFC 5114, 5903, 7027) +- +-# Keys and shared secrets from RFC 5114 +-PrivateKey=PRIME192V1_RFC5114 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgyP6MWnY6cZZP1lHa8 +-FCAAq1vg4knENCahNAMyAATNRkiez9bBBeez0yVm4rEi4kmrqt2HBhJoiHtId99R +-3U3D1v0R8KJvj9OEQxeRbpo= +------END PRIVATE KEY----- +- +-PublicKey=PRIME192V1_RFC5114-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEzUZIns/WwQXns9MlZuKxIuJJq6rd +-hwYSaIh7SHffUd1Nw9b9EfCib4/ThEMXkW6a +------END PUBLIC KEY----- +- +-PrivPubKeyPair = PRIME192V1_RFC5114:PRIME192V1_RFC5114-PUBLIC +- +- +-PrivateKey=PRIME192V1_RFC5114-Peer +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhjH5W7SmdjLJxHbu6a +-tpWrJAoEmTB/z2KhNAMyAARRmhIWgOAEVGa6Id8u7kf1lztQBXfvE9X/YTq01kzu +-OiCHW9sQ+VP2swygcsYKpX8= +------END PRIVATE KEY----- +- +-PublicKey=PRIME192V1_RFC5114-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUZoSFoDgBFRmuiHfLu5H9Zc7UAV3 +-7xPV/2E6tNZM7jogh1vbEPlT9rMMoHLGCqV/ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = PRIME192V1_RFC5114-Peer:PRIME192V1_RFC5114-Peer-PUBLIC +- +-Availablein = default +-Derive=PRIME192V1_RFC5114 +-PeerKey=PRIME192V1_RFC5114-Peer-PUBLIC +-SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE +- +-Availablein = default +-Derive=PRIME192V1_RFC5114-Peer +-PeerKey=PRIME192V1_RFC5114-PUBLIC +-SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE +- + PrivateKey=SECP224R1_RFC5114 + -----BEGIN PRIVATE KEY----- + MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBy1WOtsKI2nB7u0+PuuKrnp +diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdsa.txt +--- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.ec-curves 2021-05-17 10:26:48.106870281 +0200 ++++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdsa.txt 2021-05-17 10:27:48.882458713 +0200 +@@ -138,20 +138,6 @@ OjoNRI+YT5Be5TkzZXzYCyTLkMOikDmhRANCAATt + 46dx5zYgArz/iaSNJ3W80oO+F7v04jlQ7wxQzg96R0bwKiMeq5CcW9ZFt6xg + -----END PRIVATE KEY----- + +-PrivateKey = B-163 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDnQW0mLiHVha/jqFznX/K +-DnVlDgChLgMsAAQB1qZ00fPIct+QN8skv1XIHtBNp3EGLytJV0tsAUTYtGhtrzRj +-e3GzYyg= +------END PRIVATE KEY----- +- +-PrivateKey = secp256k1 +------BEGIN PRIVATE KEY----- +-MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgsLpFV9joHc0bisyV53XL +-mrG6/Gu6ZaHoXtKP/VFX44ehRANCAARLYWGgp5nP4N8guypLSbYGCVN6ZPCnWW4x +-srYkcpdbxr4neRT3zC62keCKgPbJf5SIHkJ2Tcaw6hVSrBOUFtix +------END PRIVATE KEY----- +- + Title = FIPS tests + + # Test that a nist curve with < 112 bits is allowed in fips mode for verifying +diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_kas.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_kas.txt +--- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_kas.txt.ec-curves 2021-05-17 10:29:57.033699466 +0200 ++++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_kas.txt 2021-05-17 10:41:10.688323252 +0200 +@@ -22,720 +22,6 @@ + # 456068d3f8aad8ac62a03d19ed3173f00ad51f42b51aeab4753c20f30c01cf23 # + Title = ECDH KATs (from NIST SP800-56A co-factor ECDH KATs + +-PrivateKey=KAS-ECC-CDH_P-192_C0 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjxfT/qNnt000CFHKQn +-DcskwnH0Rb7Z1SehNAMyAASxUFNAH1coVjfsMkwc0hOeOmfeNzkjSzfyacFYY3SC +-qtZEzWkt0dPvLIp8SeOJ9/Y= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEsVBTQB9XKFY37DJMHNITnjpn3jc5 +-I0s38mnBWGN0gqrWRM1pLdHT7yyKfEnjiff2 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C0:KAS-ECC-CDH_P-192_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEQupt2Zad0qYf6hqsf46Y7cyJbG5V +-hXzA375dfGH6yIsRgRveMo6KDRK/AanSBLUj +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C0 +-PeerKey=KAS-ECC-CDH_P-192_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=803d8ab2e5b6e6fca715737c3a82f7ce3c783124f6d51cd0 +- +-Availablein = fips +-Derive=KAS-ECC-CDH_P-192_C0 +-Securitycheck = 1 +-PeerKey=KAS-ECC-CDH_P-192_C0-Peer-PUBLIC +-Result = DERIVE_SET_PEER_ERROR +- +-PrivateKey=KAS-ECC-CDH_P-192_C1 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhW6FM0nZb+TEQkSNrL +-fPkrt6ldz1dKm9WhNAMyAATADUNXFv/qU/2MFieSQUw3ZlGH5YJxZTmrcRxiqnGl +-oY6KPEj4ncb6UvrAEI5SqKA= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwA1DVxb/6lP9jBYnkkFMN2ZRh+WC +-cWU5q3EcYqpxpaGOijxI+J3G+lL6wBCOUqig +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C1:KAS-ECC-CDH_P-192_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE3rVxL6AnrI0vIsRVzLc6keF7ZRK1 +-4DDnfiaQoCzJsocIQxop+1S4ex8MFOARrCEl +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C1 +-PeerKey=KAS-ECC-CDH_P-192_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=c208847568b98835d7312cef1f97f7aa298283152313c29d +- +-PrivateKey=KAS-ECC-CDH_P-192_C2 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjG72H+EugL9W8tP30L +-t1c5RRmQbVVQCUmhNAMyAAThhLwYJILzQDyHh7g4Qkd0Z/zQEdsPbGT50cFBQvQN +-6GOduX1Rpj0szhAHzPdzzcs= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE4YS8GCSC80A8h4e4OEJHdGf80BHb +-D2xk+dHBQUL0Dehjnbl9UaY9LM4QB8z3c83L +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C2:KAS-ECC-CDH_P-192_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAETtqo78Wg9A+ENmPsWBXndi3dwAjm +-Y8IPCp+Nxno+YO9tZLUiGF0D3x/Arf1CR4J5 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C2 +-PeerKey=KAS-ECC-CDH_P-192_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=87229107047a3b611920d6e3b2c0c89bea4f49412260b8dd +- +-PrivateKey=KAS-ECC-CDH_P-192_C3 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjmdHucI7pwRPOP9+Ys +-NeQDiSD1oBY9PNqhNAMyAAQrg42+c3NfN6OaeNMZV4PSaZHob/TZLRpg00SUInRI +-n5iQOy5/k/jRl/ya5goO1To= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEK4ONvnNzXzejmnjTGVeD0mmR6G/0 +-2S0aYNNElCJ0SJ+YkDsuf5P40Zf8muYKDtU6 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C3:KAS-ECC-CDH_P-192_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEiIfCdu3u0+noZrRtWNiVxz+9gLY+ +-OC6IBMUJe6ZkXhYgbPtw9wUmVZR91EoX8fnV +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C3 +-PeerKey=KAS-ECC-CDH_P-192_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=eec0bed8fc55e1feddc82158fd6dc0d48a4d796aaf47d46c +- +-PrivateKey=KAS-ECC-CDH_P-192_C4 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi+q+3QFUoa/PyF1SGB +-wQ9etHrcUfZVBH2hNAMyAAQfZc9uiXjhwbwQu2Gn2zEd4xAIjIz5dov31DgWjn9C +-qxSxavU6ei9kb/QLU9dMvMc= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEH2XPbol44cG8ELthp9sxHeMQCIyM +-+XaL99Q4Fo5/QqsUsWr1OnovZG/0C1PXTLzH +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C4:KAS-ECC-CDH_P-192_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEDQRfMCVK3B/O+opbHzG/TnOd0yfN +-GNWUVCwxTkFCfAgnigjOjXMF87W4Scctiv9z +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C4 +-PeerKey=KAS-ECC-CDH_P-192_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=716e743b1b37a2cd8479f0a3d5a74c10ba2599be18d7e2f4 +- +-PrivateKey=KAS-ECC-CDH_P-192_C5 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjPcDVCJmZzIdbiuvQJ +-meL9dMeg95P6hpmhNAMyAARfSET/zOYQBdJPc325hnXpL3tlQ662EGxUJPWYE5IV +-04m2sSuG1YAUhX8t2ttUD1E= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEX0hE/8zmEAXST3N9uYZ16S97ZUOu +-thBsVCT1mBOSFdOJtrErhtWAFIV/LdrbVA9R +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C5:KAS-ECC-CDH_P-192_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE+zXKINLpZmXFG5jo9us9eRE1CNi8 +-zUUWNo7sDVv7hHch32qv8OXUjERPdL+c2KWn +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C5 +-PeerKey=KAS-ECC-CDH_P-192_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=f67053b934459985a315cb017bf0302891798d45d0e19508 +- +-PrivateKey=KAS-ECC-CDH_P-192_C6 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBj+lCUVI3//3XtOtcZJ +-Ce7khWoHbN8SuuKhNAMyAATmNp33myB7i4Z598hpz8JkhZ0atVqkAegfmccfgBow +-tS902m5ebbti7kxdoQkMwCA= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE5jad95sge4uGeffIac/CZIWdGrVa +-pAHoH5nHH4AaMLUvdNpuXm27Yu5MXaEJDMAg +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C6:KAS-ECC-CDH_P-192_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEgkdSlgwTB+XxOoPaIceZjKi1sAuV +-SfbQvFLZHiNDY7wy7gtnePJc2MGEdRD0NIuU +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C6 +-PeerKey=KAS-ECC-CDH_P-192_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=75822971193edd472bf30151a782619c55ad0b279c9303dd +- +-PrivateKey=KAS-ECC-CDH_P-192_C7 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgz/tEEkq+lvqAzPArx +-LKyUDE0iJFW80P6hNAMyAATvCyivxBY31zf0LkyKrOrchLouC4ScoYxXeXlC5VIX +-O7oX9zJ44Cn0IzUGi9dw3fI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE7wsor8QWN9c39C5Miqzq3IS6LguE +-nKGMV3l5QuVSFzu6F/cyeOAp9CM1BovXcN3y +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C7:KAS-ECC-CDH_P-192_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEELtXAgKRFBmB+DO0dJ5WEQNLMI6E +-AR0h4crNa3vRftjdtQtq7gZUw18tDt3Bz/z2 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C7 +-PeerKey=KAS-ECC-CDH_P-192_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=67cba2cbb69ee78bf1abafb0e6fbe33fa2094c128d59652d +- +-PrivateKey=KAS-ECC-CDH_P-192_C8 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjzVXxdcLTHlUlgwzVo +-d2rb6OQ2GaviaxOhNAMyAATXARLF8PCEQ4ZJSsGtmdziIUE0F26/ua/TwYegOFEK +-sx1Fnit68aOA3XV2rwYmdUg= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE1wESxfDwhEOGSUrBrZnc4iFBNBdu +-v7mv08GHoDhRCrMdRZ4revGjgN11dq8GJnVI +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C8:KAS-ECC-CDH_P-192_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUZL85Bhad1jqG8VuDk9Oiy3OMjSN +-Dc7RIJiZgb6q8ABtiKlueXGi+jozukYEf8e6 +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C8 +-PeerKey=KAS-ECC-CDH_P-192_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=cf99a2770a386ca0137d1eca0a226e484297ac3c513f3631 +- +-PrivateKey=KAS-ECC-CDH_P-192_C9 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhYbPuhxugXZu1Sgo8X +-exvhTrvFuDNIwxGhNAMyAARYs8Y+Vr7J1pa/mojfKHNzg5H3Y2iqK0lXdnc7Jh+v +-e6L9xP5DuSwLHHov0FSkNlA= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEWLPGPla+ydaWv5qI3yhzc4OR92No +-qitJV3Z3OyYfr3ui/cT+Q7ksCxx6L9BUpDZQ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C9:KAS-ECC-CDH_P-192_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEJtAZ2+J56tAe7RQ6kWAa2ibi9CIl +-scYrbKZT8IJy4DhvyUIfvVgAk9euYwG8qUR2 +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C9 +-PeerKey=KAS-ECC-CDH_P-192_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=576331e2b4fb38a112810e1529834de8307fb0a0d2756877 +- +-PrivateKey=KAS-ECC-CDH_P-192_C10 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjK2BAGA6T2W+CNj8ih +-t+iExf9l3rPJbZmhNAMyAAS3/MD1LHpBHtvtOeEL8Ctq4PJmFMazJaJHSDsm62d3 +-beK5OrcRnVRHVzc549Vecvs= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEt/zA9Sx6QR7b7TnhC/ArauDyZhTG +-syWiR0g7Jutnd23iuTq3EZ1UR1c3OePVXnL7 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C10:KAS-ECC-CDH_P-192_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEU5vED+IKD7JniItkewPqr27CDAKh +-4fjIaQleW7e01EwyeKfua+yjl8RSRtqaNMi+ +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C10 +-PeerKey=KAS-ECC-CDH_P-192_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=902f4501916a0dd945554c3a37b3d780d375a6da713197c4 +- +-PrivateKey=KAS-ECC-CDH_P-192_C11 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBge3YecxceWGcrmxzpp +-G9WgOVwO87NW/NKhNAMyAARs5q2ywwgI9ZAEjDPf+tRSTr96X9ObdHtJZr0vPQBW +-m01MBAn716LbdS9tCbyowl8= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEbOatssMICPWQBIwz3/rUUk6/el/T +-m3R7SWa9Lz0AVptNTAQJ+9ei23UvbQm8qMJf +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C11:KAS-ECC-CDH_P-192_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXTQ925Yxj7R5TRD2xXP5n+5dDVe5 +-liUPmfvfnZfdiK1BAjXaw25bks4oJLjlh6gs +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C11 +-PeerKey=KAS-ECC-CDH_P-192_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=46e4de335054d429863218ae33636fc9b89c628b64b506c7 +- +-PrivateKey=KAS-ECC-CDH_P-192_C12 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhGDkUic/4YJ2Ahh607 +-6+5ly4RCO7T0dTehNAMyAATRvTo++r9HZ/5jgL3w2/SdUtTPDLuJQEzBUMK0yLOq +-Nfdl+Efk9/j9hwTSQaGB7pk= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE0b06Pvq/R2f+Y4C98Nv0nVLUzwy7 +-iUBMwVDCtMizqjX3ZfhH5Pf4/YcE0kGhge6Z +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C12:KAS-ECC-CDH_P-192_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEjT25vc4Tf/v7iROIw332wMvJCqXl +-N2IgE10wtctmDu+HZP/HRPFcG11twGukQW03 +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C12 +-PeerKey=KAS-ECC-CDH_P-192_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=1bfe9e5a20ac7a38d8f605b425bb9030be31ef97c101c76c +- +-PrivateKey=KAS-ECC-CDH_P-192_C13 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi5cDZQCEVvh1jsxaOz +-PPOuao1WgQelIWehNAMyAATBuGEMjGP41KvaCTuaEaVmBEv2XG+qiZmlvEs8oJU4 +-Lpc4rulf6UebF4ebOtUpVVk= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwbhhDIxj+NSr2gk7mhGlZgRL9lxv +-qomZpbxLPKCVOC6XOK7pX+lHmxeHmzrVKVVZ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C13:KAS-ECC-CDH_P-192_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEngppSVGcf1vmjAQzxf3xMGSqE/sp +-SD3D4ci6Y+H0cdsjGF9Q2chx7eohJVs6Y7S3 +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C13 +-PeerKey=KAS-ECC-CDH_P-192_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0e8c493a4adc445dc9288a3b9b272599224054592d7265b3 +- +-PrivateKey=KAS-ECC-CDH_P-192_C14 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhZwVuKJGTkHf5Dccf3 +-2t9HCuQlVE+BE72hNAMyAAQf53b3NWe2rAsNZ2QWTebFvnUbqNH/RV5MFgvzivsr +-cfaEJhZkEVzodFU+iwWUMtI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEH+d29zVntqwLDWdkFk3mxb51G6jR +-/0VeTBYL84r7K3H2hCYWZBFc6HRVPosFlDLS +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C14:KAS-ECC-CDH_P-192_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEvgiCOJAumTmz0FTu64SS2vS9zwmi +-q3fxWNZ0mjqSPcgEQPJmH9NbZRYX5lKUtGN1 +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C14 +-PeerKey=KAS-ECC-CDH_P-192_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0f1991086b455ded6a1c4146f7bf59fe9b495de566ebc6bf +- +-PrivateKey=KAS-ECC-CDH_P-192_C15 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBim6biFxmuVnR/CcI1Z +-G20yKOSeuY9ybWGhNAMyAARjK7dlHb9J3endEl0T+yNOBmF3I77tPRv0rVIJY4SI +-OXxfRPmU3XR5gH559Ih9LnE= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEYyu3ZR2/Sd3p3RJdE/sjTgZhdyO+ +-7T0b9K1SCWOEiDl8X0T5lN10eYB+efSIfS5x +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C15:KAS-ECC-CDH_P-192_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEv1rgUCXhvmF+Zm2HpBaDY4c9V2Gz +-drUD4ebjizcra+4P9bNQLYNzXjssJoJeTw/M +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C15 +-PeerKey=KAS-ECC-CDH_P-192_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=b30f2127c34df35aaa91dbf0bbe15798e799a03ed11698c1 +- +-PrivateKey=KAS-ECC-CDH_P-192_C16 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi9t1QJb/v72LDzywRs +-y3yhScTnGSBno+6hNAMyAATZwJjUIddB9vqrEW8+RzHSjFVY4Z/hEqE41NxIzNsd +-PtjTH9BnhKT4emiuwcvVsI8= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE2cCY1CHXQfb6qxFvPkcx0oxVWOGf +-4RKhONTcSMzbHT7Y0x/QZ4Sk+HporsHL1bCP +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C16:KAS-ECC-CDH_P-192_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEbMT+7YTHqw0JAF1mDtNN5pValGHE +-E40RMSJfM4ZO1I2gb6RakTtGz0JVd0LjUIXm +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C16 +-PeerKey=KAS-ECC-CDH_P-192_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=64a5c246599d3e8177a2402a1110eb81e6c456ab4edb5127 +- +-PrivateKey=KAS-ECC-CDH_P-192_C17 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjVvPJTTa/D2Zlkx71j +-q3vRWZn+Vt2WnEKhNAMyAAT9odXSjW/g55Cdaouvp4JNtVcquS/+feYTSil8HZyL +-urJJq6zZUe0R5amfkueZFXI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE/aHV0o1v4OeQnWqLr6eCTbVXKrkv +-/n3mE0opfB2ci7qySaus2VHtEeWpn5LnmRVy +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C17:KAS-ECC-CDH_P-192_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAENhVzFb7nr+3e1YxOi6FNNCHEAeUR +-NbzJN8KXynA/d8UrsGLYzpcduECXugx1OkGP +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C17 +-PeerKey=KAS-ECC-CDH_P-192_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=017b8ca53c82fab163da2ab783966a39e061b32c8cfa334d +- +-PrivateKey=KAS-ECC-CDH_P-192_C18 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhD1LnfEFO+W0JoEEwC +-JE07+VlLAQtGqLKhNAMyAATDAgtwkUY9eI8fHXb3z+7ILs2zt9mcNFyadxDVF5WR +-2PPfCqEiMBdorn237uLX9YM= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwwILcJFGPXiPHx1298/uyC7Ns7fZ +-nDRcmncQ1ReVkdjz3wqhIjAXaK59t+7i1/WD +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C18:KAS-ECC-CDH_P-192_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEmEZNR/Alb4KS4CfoySWC6nfPkFH1 +-zo5dRJVS73V4vpYjb+XtnQZDwLtsWpE0sBCN +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C18 +-PeerKey=KAS-ECC-CDH_P-192_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=340ef3db3dbebdd91c62c3d4e1a3da2c7c52a3338b865259 +- +-PrivateKey=KAS-ECC-CDH_P-192_C19 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBiUysLCynFHRkAWcNlO +-2/P2d4Z7WgO+562hNAMyAASxhVSi50PvCqLwQJh8TEUQBOCW3z2A3a5uPixhj4lu +-NrpiAHdoS3CgX/t5v15sdkA= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEsYVUoudD7wqi8ECYfExFEATglt89 +-gN2ubj4sYY+Jbja6YgB3aEtwoF/7eb9ebHZA +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C19:KAS-ECC-CDH_P-192_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEVj62bDNM9vEjvwTHgDtIoxECFCN+ +-mDv1DzURBIGRme8HyaYFHSB1jzr3kCfqZqU/ +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C19 +-PeerKey=KAS-ECC-CDH_P-192_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=2162144921df5103d0e6a650fb13fd246f4738d0896ce92f +- +-PrivateKey=KAS-ECC-CDH_P-192_C20 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgqOp4zyMwxB6n5Jlw7 +-3qEgZXDob5KscBShNAMyAASnuji+G8Zp3SPM/O4GRbHw24z5Qt6vrra4LbedgM0O +-N/KNQWOtw4ne6Px3l7XJgxs= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEp7o4vhvGad0jzPzuBkWx8NuM+ULe +-r662uC23nYDNDjfyjUFjrcOJ3uj8d5e1yYMb +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C20:KAS-ECC-CDH_P-192_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEhoKMSskrVQdhiux4c6HU/GVDxb4z +-zzB4siynJDdUXhDW1PBSQi64mLc3pLhUPuVQ +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C20 +-PeerKey=KAS-ECC-CDH_P-192_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=4c69e7feed4b11159adfc16a6047a92572ea44e0740b23af +- +-PrivateKey=KAS-ECC-CDH_P-192_C21 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhKa3ipismPqOmajs4I +-7AJREl+Fxv0OKJuhNAMyAATnadu81c4tg1FLdo09LVqgvNj2avFfVQAvxtCwOeDy +-j3T77/6eiD1N1yKW5OlcrnE= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE52nbvNXOLYNRS3aNPS1aoLzY9mrx +-X1UAL8bQsDng8o90++/+nog9TdciluTpXK5x +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C21:KAS-ECC-CDH_P-192_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEZwChAkN3galYHaK8Jc7Vq/QZ2pHT +-yAPfcTlsnPCLzZGFTj5uQtjGV84PJ6t3qdxL +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C21 +-PeerKey=KAS-ECC-CDH_P-192_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=46072acefd67bff50de355ca7a31fa6be59f26e467587259 +- +-PrivateKey=KAS-ECC-CDH_P-192_C22 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjFpkkdeIRNZhfvM75r +-i9VNoiFFCIXVlQ+hNAMyAATbGyT3RmvBVOnX0sPKUtz+C/yVY8X9tvMcdPu/W9mZ +-IfGpp0T44c93C9anancrMAM= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE2xsk90ZrwVTp19LDylLc/gv8lWPF +-/bbzHHT7v1vZmSHxqadE+OHPdwvWp2p3KzAD +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C22:KAS-ECC-CDH_P-192_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEqC81TPl77l0i3GwHnykC6tRNlqj2 +-FPF4plSpqooaCALyzg7ooPTr6W3uGzdGSx/y +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C22 +-PeerKey=KAS-ECC-CDH_P-192_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=ec5580eabca9f3389d2b427ddf6e49e26d629afd03fa766e +- +-PrivateKey=KAS-ECC-CDH_P-192_C23 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgronA8XiP2RjxbiNw3 +-KS+r0zmbXh+2fAWhNAMyAAR1QxSJBs75s3pxp8CDY83Tu6UBQtZSQaqLOmlz3o3C +-ceJ8Hq0eli/arjcQxyTarDg= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEdUMUiQbO+bN6cafAg2PN07ulAULW +-UkGqizppc96NwnHifB6tHpYv2q43EMck2qw4 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C23:KAS-ECC-CDH_P-192_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEPOwhsoZooSos944ajlXQ7+BlFS// +-w0cYEClVe+uk/xmSvSHCPLSCX22ucOMxj9HK +------END PUBLIC KEY----- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C23 +-PeerKey=KAS-ECC-CDH_P-192_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=7f3929dd3cbf7673bc30d859d90b880307475f800660ea32 +- +-PrivateKey=KAS-ECC-CDH_P-192_C24 +------BEGIN PRIVATE KEY----- +-MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBiDYRjGJI+ILpFHl292 +-SCbBoodVphApd9WhNAMyAAT800WpdscgyqqX3maXImglYV4Sh6nv9n5Y6kLtvur8 +-qf9Ez9fymr0svedibXnkIsk= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_P-192_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE/NNFqXbHIMqql95mlyJoJWFeEoep +-7/Z+WOpC7b7q/Kn/RM/X8pq9LL3nYm155CLJ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_P-192_C24:KAS-ECC-CDH_P-192_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_P-192_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEcIJkRxW4tzH4IotRGOcnDTTRgfNh +-oiH8RkZJ1siMqJYUSIocx7hEK7Qvn7MCCj12 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_P-192_C24 +-PeerKey=KAS-ECC-CDH_P-192_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=72e88f3ea67d46d46dbf83926e7e2a6b85b54536741e6d2c +- + PrivateKey=KAS-ECC-CDH_P-224_C0 + -----BEGIN PRIVATE KEY----- + MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByDRqYPxvKTyloNKvaLpx0d +@@ -3819,7849 +3105,3 @@ Derive=KAS-ECC-CDH_P-521_C24 + PeerKey=KAS-ECC-CDH_P-521_C24-Peer-PUBLIC + Ctrl=ecdh_cofactor_mode:1 + SharedSecret=01aaf24e5d47e4080c18c55ea35581cd8da30f1a079565045d2008d51b12d0abb4411cda7a0785b15d149ed301a3697062f42da237aa7f07e0af3fd00eb1800d9c41 +- +-PrivateKey=KAS-ECC-CDH_K-163_C0 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAZlO2B3OY+tx79eYBWBcB +-SMPcRSehLgMsAAQHH4sod9YCfZwa3kJE8t6hJpLvI9UFwV7ndiIccrhLNHzjg/OA +-Z7icPpo= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBx+LKHfWAn2cGt5CRPLeoSaS7yPVBcFe +-53YiHHK4SzR844PzgGe4nD6a +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C0:KAS-ECC-CDH_K-163_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBXQjbxQoxDITCUZ4Ols6q7bCfqXWB5CM +-JRuNoCHLrCgfEj969PrFs9u4 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C0 +-PeerKey=KAS-ECC-CDH_K-163_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04325bff38f1b0c83c27f554a6c972a80f14bc23bc +- +-PrivateKey=KAS-ECC-CDH_K-163_C1 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDrvRHVNDKl9QrTpeqkhVi +-Y8DgePahLgMsAAQBsBCMeGv000DwUFvfx9RbUUYRrZQCLJw51fuUVriiIhzqTwWP +-ao0s2Eo= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAbAQjHhr9NNA8FBb38fUW1FGEa2UAiyc +-OdX7lFa4oiIc6k8Fj2qNLNhK +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C1:KAS-ECC-CDH_K-163_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAWmXRAkv4rX+fsv2mHt66goG/SywA13k +-Qd+UCNkfDgId+PBSa4BjAxSV +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C1 +-PeerKey=KAS-ECC-CDH_K-163_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=05f9ac3a3dd88429600958386c55bef4b1aa5f0c24 +- +-PrivateKey=KAS-ECC-CDH_K-163_C2 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDEXI0Lm03zB4GKkSUw5y6 +-SPmtmoyhLgMsAAQDon7K7Ctm/qwgQPaJASi9AFjTGSQBQAfjIJttcSew85Pl5YsV +-kLn0C+I= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA6J+yuwrZv6sIED2iQEovQBY0xkkAUAH +-4yCbbXEnsPOT5eWLFZC59Avi +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C2:KAS-ECC-CDH_K-163_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEApZdsVkXH1y356G8xhYRrqyoxSybBocd +-Hpwf6EUmgHaplYA6bUnNB1VU +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C2 +-PeerKey=KAS-ECC-CDH_K-163_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=022e0290eda5d348894129f7455d1c766d32d5c2c2 +- +-PrivateKey=KAS-ECC-CDH_K-163_C3 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDKlEc3NS/xWfOrIwk7QTo +-iU33jd+hLgMsAAQGl42sqkfY87yQtB7H9Piseaht3QcH+LDvQnB2A3a8LV+u2D2n +-hyYx0J8= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBpeNrKpH2PO8kLQex/T4rHmobd0HB/iw +-70JwdgN2vC1frtg9p4cmMdCf +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C3:KAS-ECC-CDH_K-163_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBVtowMLCRv4PLNVIS1iBTGUhPqVBBTnB +-HSWSovY5O26GxU35Cblf4NWo +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C3 +-PeerKey=KAS-ECC-CDH_K-163_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=037f659f430009fcdae4e9f6e6316b0f5dbb268212 +- +-PrivateKey=KAS-ECC-CDH_K-163_C4 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCxvZP5gnrjutbU/q2MIiY +-5j/y4/ahLgMsAAQFSeGoLsKEv3fVKGJ+Utgy4jbJKtMBmIOqm0WLNb1UTWiCgSFQ +-wUl9MdQ= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBUnhqC7ChL931ShiflLYMuI2ySrTAZiD +-qptFizW9VE1ogoEhUMFJfTHU +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C4:KAS-ECC-CDH_K-163_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBrjvWmLTtjalp2v+se+P9Niz2eL8BnWn +-VyZnGDmNivZtKXF5hHji830o +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C4 +-PeerKey=KAS-ECC-CDH_K-163_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00503bbb9b62f50ae7a8dfd74a1741826f09290651 +- +-PrivateKey=KAS-ECC-CDH_K-163_C5 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCalaGdRPd2MqU15I7qh9/ +-sA2qOPqhLgMsAAQGwopA3E5VA9LEuKsLa3BG6OJawJ8BIZEWVKWDYAXYA22XZYX/ +-HYMeWHs= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBsKKQNxOVQPSxLirC2twRujiWsCfASGR +-FlSlg2AF2ANtl2WF/x2DHlh7 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C5:KAS-ECC-CDH_K-163_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBWxKNYassDCZ1Sss1KxZJpz1G4cwAkJl +-YcvZ2hsjpgA94OX3xKBlpcK4 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C5 +-PeerKey=KAS-ECC-CDH_K-163_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=012cf17799fdefa2940b18d56e80d44414c5b13884 +- +-PrivateKey=KAS-ECC-CDH_K-163_C6 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDhoEQecgCHC159N6VLLLl +-mcQuGe2hLgMsAAQGCqQqYuIe6jfjYrTT3oN/DEnTrBMGmyDW/RbROxiD3wVimsfR +-uCOGs0Q= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBgqkKmLiHuo342K0096DfwxJ06wTBpsg +-1v0W0TsYg98FYprH0bgjhrNE +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C6:KAS-ECC-CDH_K-163_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB0HGmk7bOGyU+BnRtd3QKB5P8pdlANMv +-lyq6yRvoWnCeugf10WIVrmAt +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C6 +-PeerKey=KAS-ECC-CDH_K-163_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=062a2f926ab435ac14e05d44c27b46b6820b713aee +- +-PrivateKey=KAS-ECC-CDH_K-163_C7 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA5G6cllJoZH8gSEdMexpU +-3/5yjx+hLgMsAAQHqYTq1EAxDO8uEziXL/Ld22XKw9IDM8GpNCf+asUCdgt3eImK +-i7akCtk= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB6mE6tRAMQzvLhM4ly/y3dtlysPSAzPB +-qTQn/mrFAnYLd3iJiou2pArZ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C7:KAS-ECC-CDH_K-163_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAe9HeV+w44BAWrXoje/DztmpJRSmAL5h +-gdf8A8qL/fEYac6ijPoOX19k +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C7 +-PeerKey=KAS-ECC-CDH_K-163_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0399b9294e895486bdefbaad7a729353ce09586357 +- +-PrivateKey=KAS-ECC-CDH_K-163_C8 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCczSXFAWwRhw+3mfyujNn +-NEUag3ihLgMsAAQHZ8Me6TA7GyzTBZ+BUH7zBOvTECwCUeDUMNw/Y/Oje6seepV2 +-Us9n4iw= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB2fDHukwOxss0wWfgVB+8wTr0xAsAlHg +-1DDcP2Pzo3urHnqVdlLPZ+Is +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C8:KAS-ECC-CDH_K-163_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA3TX+bqM2opo3nJ50/+GdAMv1HwCA+3p +-lcOk6Kb+Ic0eTNTKOBLA1pKl +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C8 +-PeerKey=KAS-ECC-CDH_K-163_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=022325a9a769a902c2e64c80a1d35429ced42ae0a4 +- +-PrivateKey=KAS-ECC-CDH_K-163_C9 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBm7SAc5ARI1xtXG501qe7 +-TyD2G3qhLgMsAAQAk1SQdXBNedrncjF91lJE+nclaesCqKKCHdOdfnZTynHPwant +-hXgBo5s= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAJNUkHVwTXna53IxfdZSRPp3JWnrAqii +-gh3TnX52U8pxz8Gp7YV4AaOb +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C9:KAS-ECC-CDH_K-163_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBld99U4Rx+diAvlPVk5hN7I85uRBBok2 +-YAqtyyX9QCTtPoRbK7+AcoDm +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C9 +-PeerKey=KAS-ECC-CDH_K-163_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=051392d5377016358405030b48744003db66440a2d +- +-PrivateKey=KAS-ECC-CDH_K-163_C10 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA9O21i8w9bp0xcilCCnMy +-gezP8c+hLgMsAAQCcYNgm3WTsYRTZcCB1F/2bJq143AGm5gSNv6TCUe2t383QoKh +-jkvpk8s= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAnGDYJt1k7GEU2XAgdRf9myateNwBpuY +-Ejb+kwlHtrd/N0KCoY5L6ZPL +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C10:KAS-ECC-CDH_K-163_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAmHRU0XOtJIimo10WX59/RmutoSKARSh +-Is4oyhViD3tAofJrQjTJVr3B +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C10 +-PeerKey=KAS-ECC-CDH_K-163_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=045dac076e79de2fc631315465d3ef6245f26647e5 +- +-PrivateKey=KAS-ECC-CDH_K-163_C11 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBuZBJGhL97iMaoqEW4ePB +-yR0P1HihLgMsAAQD2oadCcTkVFrBaJ/HIxYBJjLQq9kCyCD0AxDl/9L4v0Ofuoeb +-su9iGyo= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA9qGnQnE5FRawWifxyMWASYy0KvZAsgg +-9AMQ5f/S+L9Dn7qHm7LvYhsq +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C11:KAS-ECC-CDH_K-163_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBw44D0k3CgAnlUpOqIC8GSmyjFMpBG/j +-tFSvlCCoEfHhX3dNpa4aQLRZ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C11 +-PeerKey=KAS-ECC-CDH_K-163_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=014f7a46847ed6a7ff605b0e52c616e4ad3f0d5029 +- +-PrivateKey=KAS-ECC-CDH_K-163_C12 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA6Cm5lC/ZZIf2ASkI/gT2 +-2OqvGWahLgMsAAQFqyB0wE31cWAWdzX3/C2PYp00/xgBLp2m0Fuz4qy+W6SvtKDd +-ctsH1qw= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBasgdMBN9XFgFnc19/wtj2KdNP8YAS6d +-ptBbs+Ksvlukr7Sg3XLbB9as +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C12:KAS-ECC-CDH_K-163_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBuYK93QZuf4PxcecoaIqEBFAJAW2BpvK +-NABbV4zXp6aSm9P2zimUO17Z +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C12 +-PeerKey=KAS-ECC-CDH_K-163_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00eacabc34555956995623e60482e5c118e34e2094 +- +-PrivateKey=KAS-ECC-CDH_K-163_C13 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBV86PC2zpLkJuyZ8iOtgn +-Y+S9P/OhLgMsAAQF05icykrnMt6TZyslySYIYbTA3OMENqMx6tJPKAe1UmD53D3m +-aM+/67c= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBdOYnMpK5zLek2crJckmCGG0wNzjBDaj +-MerSTygHtVJg+dw95mjPv+u3 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C13:KAS-ECC-CDH_K-163_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBPdQ4nUA4Q8KF2uD8UvCbWvXHr10A55Q +-CQZ8DuLI9Vt+hNp6OR8Ir3UE +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C13 +-PeerKey=KAS-ECC-CDH_K-163_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0414a622645107f115576f51cdf39d1393a2d7851f +- +-PrivateKey=KAS-ECC-CDH_K-163_C14 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDeYhfRfLXB74cEdhsQbra +-STsqVgOhLgMsAAQFrjHLKbMdJPX5TDDpwC8H84v/CsgE2Njjm/h/BYVD3ImQqRIU +-2kFsxVg= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBa4xyymzHST1+Uww6cAvB/OL/wrIBNjY +-45v4fwWFQ9yJkKkSFNpBbMVY +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C14:KAS-ECC-CDH_K-163_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAqufW6lBAtIacGdh6sAJIZDxza0EBK3d +-d+GZwTLRisVBsRd0jSMZ23/l +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C14 +-PeerKey=KAS-ECC-CDH_K-163_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=056be002daff11c4066e10acd046a85e170fa4c122 +- +-PrivateKey=KAS-ECC-CDH_K-163_C15 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAuoxYZNs+/XaLk3b8K2wf +-hfRvavKhLgMsAAQGL2IhSYI/JVtPhpBmZvOjVWrwgOoCdMoywQ+a3WGgJtIK061W +-sX+wakY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBi9iIUmCPyVbT4aQZmbzo1Vq8IDqAnTK +-MsEPmt1hoCbSCtOtVrF/sGpG +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C15:KAS-ECC-CDH_K-163_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBD0l0t6Sk7hNNRozyxpS9ZMKTIt2A9JZ +-2CNunI1kN/QebVRhHFIjj+LV +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C15 +-PeerKey=KAS-ECC-CDH_K-163_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=021fef8e473daeda8ef6bf07814d7b9b613e3076a3 +- +-PrivateKey=KAS-ECC-CDH_K-163_C16 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUD5QgEhNNzCyJIzMSCYNS9 +-GFdgWtGhLgMsAAQFiupuQLjLJeZiKnvk/wG3nJLecqUEP2d2tt7/PSm0xwOJnXBc +-f+z1JcQ= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBYrqbkC4yyXmYip75P8Bt5yS3nKlBD9n +-drbe/z0ptMcDiZ1wXH/s9SXE +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C16:KAS-ECC-CDH_K-163_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAFYOGkIYZRGL6hbNrWtnq6OE7zh7BYsh +-PsKrOUL49q1gqVaVW1iQZrhW +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C16 +-PeerKey=KAS-ECC-CDH_K-163_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=03a287fd1cca68db47a3c74c12627fc3728568dd66 +- +-PrivateKey=KAS-ECC-CDH_K-163_C17 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAXQUroavqckl4yu8YeSRW +-ctWu+JGhLgMsAAQDa4Snczep3lwd1648iZOBOC8P/6QFbUrDn+iB/bjmDUVZZYqq +-3kVmPuU= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA2uEp3M3qd5cHdeuPImTgTgvD/+kBW1K +-w5/ogf245g1FWWWKqt5FZj7l +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C17:KAS-ECC-CDH_K-163_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA45IXekuQfHKymwOudgRpayom/NFAzGh +-Z3xGpo6WSBGpzF5OU+px4jEp +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C17 +-PeerKey=KAS-ECC-CDH_K-163_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=029558b41b8b92387bc22c868f51bb7acb6e4ee2e3 +- +-PrivateKey=KAS-ECC-CDH_K-163_C18 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDkYAYep7dzzjcJk8FWwfS +-C5+ai8ShLgMsAAQEspLR+gnfxeajrZn9Av63TUgONPIG4YiACaCgSRwL5qv6yUPT +-d/C0hjs= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBLKS0foJ38Xmo62Z/QL+t01IDjTyBuGI +-gAmgoEkcC+ar+slD03fwtIY7 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C18:KAS-ECC-CDH_K-163_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBkJZ5QBHbdo+l+JeSR1GbCt5WL1JA8Ll +-MoE5NkGlGNHc7/q+6LKb3hQC +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C18 +-PeerKey=KAS-ECC-CDH_K-163_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0530020c8f6362312bfbe5c1c605b40dc2e032e81c +- +-PrivateKey=KAS-ECC-CDH_K-163_C19 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBbTeGKxlXY8agHV45uUWa +-MlB8KyGhLgMsAAQDNEDkYMR18gWKdn7EZsoYvOQfgw4Dcq7jI9Bj+omsv/v1UCSu +-JOSSnxk= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAzRA5GDEdfIFinZ+xGbKGLzkH4MOA3Ku +-4yPQY/qJrL/79VAkriTkkp8Z +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C19:KAS-ECC-CDH_K-163_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA3FCdpl7RHji2LWa9fLmPiK8TDHkBnPy +-jZYqv+3uYuq0fDtFeaHlFoM2 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C19 +-PeerKey=KAS-ECC-CDH_K-163_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0521673006a1d9608911d54536e122d809e919d804 +- +-PrivateKey=KAS-ECC-CDH_K-163_C20 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAbGWHlLA5yCCosDMAj6is +-dVa8rsOhLgMsAAQEy/soZpHkFQgaF4Xsawqs2x0jHR0F3WrP6R1oqOwjaGR4wO6M +-iSd67xQ= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBMv7KGaR5BUIGheF7GsKrNsdIx0dBd1q +-z+kdaKjsI2hkeMDujIkneu8U +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C20:KAS-ECC-CDH_K-163_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAnXsFfJ90tpuRN/mI1Ry1b06JQL4BY/Q +-ImKyfBhd3iayx31aT01Q3Jko +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C20 +-PeerKey=KAS-ECC-CDH_K-163_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0460579beca16cccce314ff3040de4785336fc358c +- +-PrivateKey=KAS-ECC-CDH_K-163_C21 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBacjaIsNahVSVBHoQS+AL +-FXW2UquhLgMsAAQEXv7ZyL0qTkKViPNE9J0eY+ZovQECXRr4WsIdWYItffjw5L66 +-3ztdRAE= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBF7+2ci9Kk5ClYjzRPSdHmPmaL0BAl0a +-+FrCHVmCLX348OS+ut87XUQB +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C21:KAS-ECC-CDH_K-163_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAjOvNhAwOSJvQW3SLhomtz+Qk9OKBzQl +-ihdcl3aKn3K4JLmakfXPjj2W +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C21 +-PeerKey=KAS-ECC-CDH_K-163_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=05ba66964483fe473ccbd00c37ad3ba40cc5969f62 +- +-PrivateKey=KAS-ECC-CDH_K-163_C22 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAAy/HkIZGMmMMSaKemtD7 +-bRDytYyhLgMsAAQHec+z4XyQKiWE7TOCqL7YJi25hCQASvJzh1+KKrmpSsDR5KIz +-kLK7UFw= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB3nPs+F8kColhO0zgqi+2CYtuYQkAEry +-c4dfiiq5qUrA0eSiM5Cyu1Bc +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C22:KAS-ECC-CDH_K-163_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBtAyFSJA8ovn90349tKkUMEimlqVB6ra +-x3zERImF0XlGNrwdWC89EBoz +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C22 +-PeerKey=KAS-ECC-CDH_K-163_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0277c4a76e1613b2ede699a675c1645a786075009e +- +-PrivateKey=KAS-ECC-CDH_K-163_C23 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDwd5btA5wkz7X24TOLLRo +-y7opmzqhLgMsAAQF/+DxYBi9S97l9zv9rQTXE/Ihb1AEI2HIgfAIHLBUTvqww7NP +-Weqt7sQ= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBf/g8WAYvUve5fc7/a0E1xPyIW9QBCNh +-yIHwCBywVE76sMOzT1nqre7E +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C23:KAS-ECC-CDH_K-163_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAfhYHsYd8UCSJ6q3oBXyxx0p43FsAcH1 +-HMQYW2iiYOMbSwDAOkQD9lwl +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C23 +-PeerKey=KAS-ECC-CDH_K-163_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=03c6481dac387af39e8c09a553068ac496eea03691 +- +-PrivateKey=KAS-ECC-CDH_K-163_C24 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDiBJ1uki+oL7MAhGQNGf1 +-0KrjIaqhLgMsAAQHduQP5xSZhTN+8bbJuDDLNgh1KqYFjm7LsnsLLTzQ46e6U43j +-V2/VufY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-163_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB3bkD+cUmYUzfvG2ybgwyzYIdSqmBY5u +-y7J7Cy080OOnulON41dv1bn2 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-163_C24:KAS-ECC-CDH_K-163_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-163_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAroi+9qqqAbIVw8UrUyIKmEMy42EBtRD +-jlKMqIewW9JWTfk775v2YNp4 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-163_C24 +-PeerKey=KAS-ECC-CDH_K-163_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=07b5d096d06d41c3ad6458cc93417e6facc99bc7b8 +- +-PrivateKey=KAS-ECC-CDH_K-233_C0 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0TWluMPOBH+8XfJid9O/g6 +-wz3a21z0oFDKgr5I8KFAAz4ABAGlPlwTiz2DkF1WOqHbASdGM8mGtS94IlqS4z55 +-UgDsq9Pi4mcpqWVgTlYO1EmKIrMcOWQuHPmbHd4+xw== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAaU+XBOLPYOQXVY6odsBJ0YzyYa1L3gi +-WpLjPnlSAOyr0+LiZympZWBOVg7USYoisxw5ZC4c+Zsd3j7H +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C0:KAS-ECC-CDH_K-233_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfQONLPtShstQMBW+3XyrVQ8iXz9gvVC +-z3RqDyAvAMEwoavpK8TJd8gAd3mWzMULkN+ZGi6B3VFcGIWZ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C0 +-PeerKey=KAS-ECC-CDH_K-233_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00a822b141ca1f5ad32899e68c54d1fec3df8100df485ebf1c5868a9ac89 +- +-PrivateKey=KAS-ECC-CDH_K-233_C1 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1Rvm+81IeMVUObC8u+Xqjo +-S8nbiecKjo6/NHgtqKFAAz4ABAHFoeXT7lFuPt5yP6LVzTRWsRYyYwPF7kknOlYE +-xABWjQ/nEwKVVBv6JlB0FHVG6XM3NroAdVnXFtjglA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAcWh5dPuUW4+3nI/otXNNFaxFjJjA8Xu +-SSc6VgTEAFaND+cTApVUG/omUHQUdUbpczc2ugB1WdcW2OCU +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C1:KAS-ECC-CDH_K-233_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAMhkwqRiqTY6SsPYGCEbygNpRy0YYoii +-dWdDO9pFAGidTQAG66BU3Gn8wHhngPtfdNOYkhNQTi9uZmmA +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C1 +-PeerKey=KAS-ECC-CDH_K-233_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01662682bec2dfae05e38587c8e6a4d18aef4cb3416989c47c11bbe2810f +- +-PrivateKey=KAS-ECC-CDH_K-233_C2 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0uzKWV5V5shcWveMWVQP23 +-SQA/9Ow2HDi0jn2mvKFAAz4ABABaSPrEdsMcrQxo5k5l5oeuRBj7XTtLsqu5kN0N +-5AAtmt1wZibyhZ7OEQ3y3eifrz6KrEM+JZXiPCdAgg== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAFpI+sR2wxytDGjmTmXmh65EGPtdO0uy +-q7mQ3Q3kAC2a3XBmJvKFns4RDfLd6J+vPoqsQz4lleI8J0CC +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C2:KAS-ECC-CDH_K-233_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAXgtgvzSEcAkfIfmV+/MXS/2sF65NTMK +-U5A/s7+jAMzoMKUV1pCrmBSVea00gThIWeVl0H+mH1Dr1mmi +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C2 +-PeerKey=KAS-ECC-CDH_K-233_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00215d511cb95e0e073ee999908a7a844afd75c9acb7a9d724f7fd322b01 +- +-PrivateKey=KAS-ECC-CDH_K-233_C3 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1qfAOJLfGE1Wzcy51emhZI +-OmyTiK4hKqkmyP37XqFAAz4ABAFKr4gOgdtpq6K0A7vafzYeMzm0g84mmfML9Sge +-rQG3FVm9fZOE5Re4fxE4ppb7zrNRDYxBwhWNSqPlsg== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUqviA6B22mrorQDu9p/Nh4zObSDziaZ +-8wv1KB6tAbcVWb19k4TlF7h/ETimlvvOs1ENjEHCFY1Ko+Wy +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C3:KAS-ECC-CDH_K-233_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAI2ADTdnq/VzFpV1TuiCm4WP9OtgSkSK +-1mSQtJwZAbwPAzlkmtTXt8/z/KnpZaOGJej0W8lgKjPAeYoz +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C3 +-PeerKey=KAS-ECC-CDH_K-233_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01394e02c70104f2a5308b2d101b02c70ef2d13540602b8e8f82dc6d569f +- +-PrivateKey=KAS-ECC-CDH_K-233_C4 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0uL/h5G8ZMAPOw8dXVz7nd +-s7GTgUWZ99vd7e/Po6FAAz4ABAGARcyeZfbideMipiwY7+LQDPk5lf61NWEnOj8T +-BgFk4Ac8DUs+EuIvg3vT/sQh47sJ4MDdmXQigw9kAw== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAYBFzJ5l9uJ14yKmLBjv4tAM+TmV/rU1 +-YSc6PxMGAWTgBzwNSz4S4i+De9P+xCHjuwngwN2ZdCKDD2QD +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C4:KAS-ECC-CDH_K-233_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUo+EhrdelJn9crSBLP0khUIR4ayP42U +-2f2gLg8ZADlP6hddrZs01SVDRlTQyGY3kmysOjKSouSlFLX1 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C4 +-PeerKey=KAS-ECC-CDH_K-233_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=008556a4c3a8906ddbcb946099ca5dbe7bdb6cd8f37fbb50c96fcefed32d +- +-PrivateKey=KAS-ECC-CDH_K-233_C5 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1mly5xVmdG8vdsh3k3dAVO +-onXip+J6t8LQXF8kEqFAAz4ABAAgIm3XPjGOT8jUndQ+WeJgGT0bskjL5MBrTWuD +-iQDtEqTziWlqsxyT6j7E2Orxi+CX/JFS4sQrc/9FKA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACAibdc+MY5PyNSd1D5Z4mAZPRuySMvk +-wGtNa4OJAO0SpPOJaWqzHJPqPsTY6vGL4Jf8kVLixCtz/0Uo +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C5:KAS-ECC-CDH_K-233_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAIlmeIj4QlxaYjE0Yi8eqdmvNt+XcsQQ +-1uMfK024AIRDD6RxZNHA65cEKkTL70ALu1RfrqTvSbpeO+9C +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C5 +-PeerKey=KAS-ECC-CDH_K-233_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=004ea6e0e34ec7c9bbad47f0f6f8ec0608e736d91e0e56cf3e5cffe8c370 +- +-PrivateKey=KAS-ECC-CDH_K-233_C6 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0eU7qha8AmK1MppxGw6xiK +-G8p+9LXIUGEiXUHUqaFAAz4ABAB9bXhfoyMXTrnN5bcFQo5AGSRINbyUcC8oDCX/ +-5QGaoO9DMHTEhNFOYRNy8D74kS8agkbOsekMgX2z2w== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAH1teF+jIxdOuc3ltwVCjkAZJEg1vJRw +-LygMJf/lAZqg70MwdMSE0U5hE3LwPviRLxqCRs6x6QyBfbPb +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C6:KAS-ECC-CDH_K-233_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAWTaCZIl6zxkH8g8dyBKOW6rlJWxKiL2 +-jnpLg5nVAM2Y8nBMdJTm0gN150UoyPVvhn6d12MpgULqAXJL +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C6 +-PeerKey=KAS-ECC-CDH_K-233_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0160d0b9b92a4acd089738fd489ae39734551e888fd05a020ce26498270a +- +-PrivateKey=KAS-ECC-CDH_K-233_C7 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1CqAMqEdFld1XEnkdwM7DT +-Qdov6ZOkV3tBpAzuGqFAAz4ABAH2YpaX2mINWX/B9RyDN0IT836VL8EX7mWp52au +-+wArNt7ceHrJUdKHnXJBTaLnV1ps18QuD6ILMtRh9w== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfZilpfaYg1Zf8H1HIM3QhPzfpUvwRfu +-ZannZq77ACs23tx4eslR0oedckFNoudXWmzXxC4Pogsy1GH3 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C7:KAS-ECC-CDH_K-233_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEADOosIo8M8NDAyztHA9egm+TLe6HnsFg +-eir11GKYAGxPJ6SbUaifbQlgFguluP7AjdLNS8kJpJCuvk97 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C7 +-PeerKey=KAS-ECC-CDH_K-233_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0038381b342efaa70bb79adb76ceb775de5f45f863559ecaee1ddbbd0313 +- +-PrivateKey=KAS-ECC-CDH_K-233_C8 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1D5XcJeBlfkXFS8Fe6H7AV +-bYlNMui7VMf2L3NApqFAAz4ABAFIfR/avM19idolaFsEKYCrFwruPBHzEYDjt8UK +-SgF+OD3WWh7IpAkAf3UDXlsWEzXZx3Vu2XBJD70XGg== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUh9H9q8zX2J2iVoWwQpgKsXCu48EfMR +-gOO3xQpKAX44PdZaHsikCQB/dQNeWxYTNdnHdW7ZcEkPvRca +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C8:KAS-ECC-CDH_K-233_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAM/hX4YaoBU0hfOKwDPfnI2BKv3hZ7iR +-i7lKCNljAb6/Bn+FEm0RSTIWIWQgGxN0vxhAqhHV4lBjnQYI +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C8 +-PeerKey=KAS-ECC-CDH_K-233_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0122169f1dff445ec663270375dfe914016c38ce6c2d40d0b8098abc60ac +- +-PrivateKey=KAS-ECC-CDH_K-233_C9 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1MZ8YQPmISRgCg2ekj3CF6 +-Ai9Xxv6yGccDM0/zOaFAAz4ABAAjUv6TQeYsYJ/BU44CcEBecAHXR7h1AOZEoRLF +-2QBB87FbcUpvfvZH4jZl6lMO/L4ZsHQENs2oEug5OQ== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACNS/pNB5ixgn8FTjgJwQF5wAddHuHUA +-5kShEsXZAEHzsVtxSm9+9kfiNmXqUw78vhmwdAQ2zagS6Dk5 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C9:KAS-ECC-CDH_K-233_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAHY+KGvlB0C3+L14+nC8rIgN89c3HrM/ +-2iRTs+0jAFe+bF99mQt1Q5hoM5rjJ68EoEmzi5IzK5y4yyfZ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C9 +-PeerKey=KAS-ECC-CDH_K-233_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0054d47c9d0a9fee258122326be25daf35f0ba0b8449e16b4623a8c0fd7e +- +-PrivateKey=KAS-ECC-CDH_K-233_C10 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0Z5U2ocples9zczFBBjsNR +-QAiJ+udaC6Tc/yXx+aFAAz4ABAFeZ+rr5Sujf1tzoZnZUIEs7BAS/UEFgURLvyPg +-yAAiBV74Id8zBC+4MW3a12SF29JZDi9UmKkU5PCtOQ== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAV5n6uvlK6N/W3OhmdlQgSzsEBL9QQWB +-REu/I+DIACIFXvgh3zMEL7gxbdrXZIXb0lkOL1SYqRTk8K05 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C10:KAS-ECC-CDH_K-233_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALyKca1METTe8Cbkcj4xAiP7LFhZvHWU +-BUyJTaVSAMNlBWNQVTUDPHpsRI1zv6CPuDcCNMf9usGzTaoi +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C10 +-PeerKey=KAS-ECC-CDH_K-233_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0071aed39f5c44a7ff72db3e0f8284da39dfb2d894f278d2006f9d2686e3 +- +-PrivateKey=KAS-ECC-CDH_K-233_C11 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0Tpf/JoPcGnBxmFIaZYS5c +-+rfiv3syVfGBoCJxkqFAAz4ABAGN5NxPak3lw2OOu6JNxwZJg7FZ9VsTnHaAocuQ +-0QE1Uy2BSK8+In1KiWDnaMVl9ywawKHJp70YXPmU0A== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAY3k3E9qTeXDY467ok3HBkmDsVn1WxOc +-doChy5DRATVTLYFIrz4ifUqJYOdoxWX3LBrAocmnvRhc+ZTQ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C11:KAS-ECC-CDH_K-233_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAWzBrhP7NIJSSTAhzWFG1THwtyKEKkTH +-l5aJ8f84AYwJY/8Oo3BIyfb0dkTyp8jFA4Y8J88h7m4KMiTq +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C11 +-PeerKey=KAS-ECC-CDH_K-233_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01ca68ead4eddc8847a3a661cc6628e076bdd4b45047ece72245d094dd3b +- +-PrivateKey=KAS-ECC-CDH_K-233_C12 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0vXSp+CHekyZBzcyOG6NWX +-NKI91/Dff81U2UHnYKFAAz4ABAFHmAlGgMvTL7HuncqmuHOaVWMFI1kz+ycVfTGe +-VwHIVfDUU8H/tfZosyqLPjCeDoEBvDm22+feIUAV4w== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUeYCUaAy9Mvse6dyqa4c5pVYwUjWTP7 +-JxV9MZ5XAchV8NRTwf+19mizKos+MJ4OgQG8Obbb594hQBXj +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C12:KAS-ECC-CDH_K-233_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAOSeGCrF2TK+iwX+NA6Mty3zVkfezWea +-jFm12Pv6AYG5WpZavRbsJDDCbdBxmE6FSpZ/8RTueDG9MUsq +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C12 +-PeerKey=KAS-ECC-CDH_K-233_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=017a893b2e090780ff8daaf3588f9dfc0ac4dfe1f1e263697a9d1f398ab3 +- +-PrivateKey=KAS-ECC-CDH_K-233_C13 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1lKhH2wxF/Eyb6aHdAXOxz +-McTxRql/dKsMRN4Bt6FAAz4ABAAs1tTB0sxeNCBerblPTP01u1adpyLE2bGbjVzC +-3gDqMATlsJMN9/i9oxTIvBFFRj62ACLNLc9sDIJOUA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACzW1MHSzF40IF6tuU9M/TW7Vp2nIsTZ +-sZuNXMLeAOowBOWwkw33+L2jFMi8EUVGPrYAIs0tz2wMgk5Q +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C13:KAS-ECC-CDH_K-233_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAVmLL9tb8aOVH7nsAW7LTSj2bC6dE1ln +-hlk1hdcZAe9lyvFXldFKC+icrHxoAyO8WYA7qHTLKWhnLLip +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C13 +-PeerKey=KAS-ECC-CDH_K-233_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0041fa5fdf495b885699249b7746334b76c59e1c917bfc1ae371b96941f4 +- +-PrivateKey=KAS-ECC-CDH_K-233_C14 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0q1fccY4SvYmibNcJMTd+z +-Ws+BBssMGVAsLKGEr6FAAz4ABAD+G1JAinEoQb1i8O5RMH8mMx1AK8w6WrBAXRxe +-gAEKcxp9ampPW0Cy6qgQwZAtsnso0pe8BfNxTKyvwA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAP4bUkCKcShBvWLw7lEwfyYzHUArzDpa +-sEBdHF6AAQpzGn1qak9bQLLqqBDBkC2yeyjSl7wF83FMrK/A +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C14:KAS-ECC-CDH_K-233_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAbbP87f6IV43hgXJP4b1zThF9F+96L4H +-newpvIhiAWYiLvpdup6FjCRdu12maCOatbpyhhj7hakN3HYK +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C14 +-PeerKey=KAS-ECC-CDH_K-233_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=015f5adba59d1ee01696cecce4b63e78e68508303ee496ff5abcea25ad3b +- +-PrivateKey=KAS-ECC-CDH_K-233_C15 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1vActUeBy9ptiN61mEOuCD +-axr2g+/HVlC+hPIIp6FAAz4ABABNAKjwgg2pCX/lDo5979rClgfdTLHdiB1OYfHn +-iwCKSo6cgRtEQ2eVJ1KrjCpRmO+yj77b8/vXAahXqQ== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAE0AqPCCDakJf+UOjn3v2sKWB91Msd2I +-HU5h8eeLAIpKjpyBG0RDZ5UnUquMKlGY77KPvtvz+9cBqFep +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C15:KAS-ECC-CDH_K-233_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAM9AKuvD5CR6mrQ9qXVRdqgQ4BH5/Zd9 +-4b4v1TT7AbrEX6QtYFrTR5x8Q+ckkQcWc3lTzIUErxTzMdNP +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C15 +-PeerKey=KAS-ECC-CDH_K-233_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=003d5c29b3753e89ce5064575393392b377ca657a0b73872c82165fc43ae +- +-PrivateKey=KAS-ECC-CDH_K-233_C16 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1dwboYOfXR/qhas2FMVanF +-/mAIU8caYZg8fcgt4qFAAz4ABAC2y2/6Ti6rz3uYfrtSAWWo7Joipvn/sQDzgXKg +-+wDTmBThhSR25W6JzozdZDcoQMAVcKhpQKziS7nPag== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALbLb/pOLqvPe5h+u1IBZajsmiKm+f+x +-APOBcqD7ANOYFOGFJHblbonOjN1kNyhAwBVwqGlArOJLuc9q +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C16:KAS-ECC-CDH_K-233_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAPOMzM8I5b3/O7NffnW9ztaNN5Hc94Q8 +-qI/wkhNtAV7XaXpLjJnQFHgo9shh/8nPsPM9zp0UsHMeHaJi +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C16 +-PeerKey=KAS-ECC-CDH_K-233_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=007c01f906caa590898a09f46b6f5383658e7fee656aca0f111f22939960 +- +-PrivateKey=KAS-ECC-CDH_K-233_C17 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0kHh31WHAx3drhlokcKIIc +-x4ea01gyrnGPbnkuZqFAAz4ABAHBcs7it2UD602Qs53azoJbI8Mjdcto6uzXNISQ +-owDCRu+cbi+trHfHPundWt7oKLeRhBc5W1mXvhoCeA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAcFyzuK3ZQPrTZCzndrOglsjwyN1y2jq +-7Nc0hJCjAMJG75xuL62sd8c+6d1a3ugot5GEFzlbWZe+GgJ4 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C17:KAS-ECC-CDH_K-233_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAeMoVx35M6z9TJbzxL3nHpF1y81iruzX +-Y4R0Sg8/AZ/0iq4MJS7ajTQLJcTdoBovIaqjXTm68DZpahEB +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C17 +-PeerKey=KAS-ECC-CDH_K-233_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=019eece7d3fafc9274d361c6fafd9efd9ee485cbacb3baaf6834feb4df6a +- +-PrivateKey=KAS-ECC-CDH_K-233_C18 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0ESsVakTqMf37X/FZ59S9H +-y7lzAyW+IbeZN3nRh6FAAz4ABACXlIYQF7Pevv8wLkJTJ/4mnXh1O3O8G/s6d/cW +-3AACWBpJwSafXsho3G1/XC2OdJYy1Hq22eaNutmF8A== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAJeUhhAXs96+/zAuQlMn/iadeHU7c7wb +-+zp39xbcAAJYGknBJp9eyGjcbX9cLY50ljLUerbZ5o262YXw +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C18:KAS-ECC-CDH_K-233_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAPSqf5NAqdpGxPBnKHU6Stxa9TpNy0Z/ +-cLSHPaeFAH8yHivE4pporCPHfO3Tu83gv3uSon/6dklpiJgd +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C18 +-PeerKey=KAS-ECC-CDH_K-233_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01e4b7e89fb1b51179b8792f5cd581c3917e11246d3846f6344ee82eed66 +- +-PrivateKey=KAS-ECC-CDH_K-233_C19 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0rwTZ3hTEInaXC+rPK7sJW +-xUsLNfwsZfe47mFhw6FAAz4ABAH7JYox0Wa++c1mTNe2bNjBhucCXHfwuucxWH6e +-9gBg39TkdekoBdGTXQOC3BdnBnkVzADtOyT2U4LSGg== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfslijHRZr75zWZM17Zs2MGG5wJcd/C6 +-5zFYfp72AGDf1OR16SgF0ZNdA4LcF2cGeRXMAO07JPZTgtIa +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C19:KAS-ECC-CDH_K-233_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAGjZ5V56EFt7tEsh1mm7DvZXqRQ3rYS/ +-bVhTJwyYABQ8i+21TbB9+PZwg8WaCqfNig76QvQv1i5ELgti +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C19 +-PeerKey=KAS-ECC-CDH_K-233_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0145710c3ab0780ec233424d4e28b38d29f886965bbcac49fa300e1ed886 +- +-PrivateKey=KAS-ECC-CDH_K-233_C20 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0NVllUcUNdlf7DffYi8Y7n +-2rskN5yCu/cUxavF46FAAz4ABAGlKUCkUqr0ILN7XzLCwzcwaJSogv7qet2twBkn +-7gB3G59ioqb6iSUDIlJ1SQOIuL/C33ffPoBr7bp9iA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAaUpQKRSqvQgs3tfMsLDNzBolKiC/up6 +-3a3AGSfuAHcbn2KipvqJJQMiUnVJA4i4v8Lfd98+gGvtun2I +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C20:KAS-ECC-CDH_K-233_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAJnrkc2phiAQPDIF1kieaK1+V9ClHcUC +-1uMFiPQYAD+/gpkp7dKOkG9Y+Hq+1tbRd/Q28N2UDdol6vGI +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C20 +-PeerKey=KAS-ECC-CDH_K-233_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=006941a2a531083563dd886b06c0860770a4724bb04a4ebb2afb1ba2636b +- +-PrivateKey=KAS-ECC-CDH_K-233_C21 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0ZyKsrMvLuk78v9rxEN4tg +-hyva62ula1FMjziLp6FAAz4ABACDUw+j3zFah0CsUvTTlLgMSl8hC6ugttwiBeEk +-kwA3udAu1D6dQdDbuEA7kCG00sG9Ng7lPDHCe0kgBQ== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAINTD6PfMVqHQKxS9NOUuAxKXyELq6C2 +-3CIF4SSTADe50C7UPp1B0Nu4QDuQIbTSwb02DuU8McJ7SSAF +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C21:KAS-ECC-CDH_K-233_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANzKoitDOR3AUll6470HxuXwIfOemHdW +-9lSBce6UASjv1JrzprMtwWeXqXjwrUqw22arq9atVnL0+BLJ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C21 +-PeerKey=KAS-ECC-CDH_K-233_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=001d754ee5351d4582974734072abac23376e24348370934e7b864db0f52 +- +-PrivateKey=KAS-ECC-CDH_K-233_C22 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1QMWAQTYigwPY5VufDu6cC +-lj+fG1P8EZpZLu6k9aFAAz4ABAFGPHjkmKvzQDPsPh2XPcElCeLSNPuRQDcV5C9h +-9wCt56u5igMIiGaWNTqtM8Bbq1zzwNTpacv0xM7skw== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUY8eOSYq/NAM+w+HZc9wSUJ4tI0+5FA +-NxXkL2H3AK3nq7mKAwiIZpY1Oq0zwFurXPPA1Olpy/TEzuyT +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C22:KAS-ECC-CDH_K-233_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAXCRezOze46v8kYeX5648Hl7E6q9kVpg +-cGzU8yy2AHZR4HQsDYPUtoVS6ber7DZEupdVz/5tTlaUOmub +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C22 +-PeerKey=KAS-ECC-CDH_K-233_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=011346b83791e4bea7f6ba6b1265e5050895d84027c106f77353418f75d7 +- +-PrivateKey=KAS-ECC-CDH_K-233_C23 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1FR+r5vhzlrxOG4xEEbsgy +-YLhKLKkQVfYGaLlG4KFAAz4ABAFQSTjBZ2gK+4ttWFjPqhkcQBlvxOUAxmLFNG7M +-kAE30bqUIija5oxFCxoDOiyBCplZcfAcJAieSm/cxQ== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAVBJOMFnaAr7i21YWM+qGRxAGW/E5QDG +-YsU0bsyQATfRupQiKNrmjEULGgM6LIEKmVlx8BwkCJ5Kb9zF +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C23:KAS-ECC-CDH_K-233_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANjtMYOCuFwlJaAsIsZ/W/NmM12Udn61 +-y0VzlmTFAX2P3nu8Vo/cgCo+NFXzzzVgLfcGhMis3aFloCZW +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C23 +-PeerKey=KAS-ECC-CDH_K-233_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00b4938ed1ed012a9a53892ed9949397cdc4e4a612d54dcf80cdb039f47b +- +-PrivateKey=KAS-ECC-CDH_K-233_C24 +------BEGIN PRIVATE KEY----- +-MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1C++VUhi81lRhKRVEMpT35 +-fEUXVYS10t4EJyM1jqFAAz4ABAExuNYbnPsFNsWIIU5FiI6+SDke7stNf7W+jv9K +-zwFl2klVegqp1F3TeNX4mScsxpdoInaukdLAtnXEaQ== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-233_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEATG41huc+wU2xYghTkWIjr5IOR7uy01/ +-tb6O/0rPAWXaSVV6CqnUXdN41fiZJyzGl2gidq6R0sC2dcRp +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-233_C24:KAS-ECC-CDH_K-233_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-233_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAX+H8T9t/uYIG7XMpTL+JownHSdWsxvf +-ZDKXz2lbAPOnRpVeEt0LcZGe2/I7IyLKsyjdCb34e8r9zSiE +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-233_C24 +-PeerKey=KAS-ECC-CDH_K-233_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01b3d2578bde3066a253db5322c85cf9487ce77b67ece955e281b0d7d0e7 +- +-PrivateKey=KAS-ECC-CDH_K-283_C0 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAV/eSbgCVCpSxwsjoLF4 +-Tl+HgLVoU/ml+MOlJm6HJ9zpfUoXoUwDSgAEBhHtwEXb5D7MTvazJM1R9w/j1934 +-d+xot5iQnDxFYXVqow5fAIM7JVEXBK8Jti2ffLrFmBTnW7ucc19VU4SR2/pgweAR +-Xv5C +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBhHtwEXb5D7MTvazJM1R9w/j1934d+xo +-t5iQnDxFYXVqow5fAIM7JVEXBK8Jti2ffLrFmBTnW7ucc19VU4SR2/pgweARXv5C +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C0:KAS-ECC-CDH_K-283_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA/B1wkw1qdyZUr5v0yt2Hc5j9HIKIkCO +-OhS70JfgErVpTCKgBnWCW0AgLpW+fatagmFH4EuMUaCbADRXfB8x+MFqcMjhyFuJ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C0 +-PeerKey=KAS-ECC-CDH_K-283_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0745552817b5d729310b7dbebae687648714a9ae695dad20ca1ab6111c3d054670f21132 +- +-PrivateKey=KAS-ECC-CDH_K-283_C1 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkATuRH2LzqohDVGNFR+5i +-KAfV0QYCAzCuK5eYwMTNDq2xC6lIoUwDSgAEB40uzU2QIzK2s8e9S6fSAPw0xF7a +-MJmLYCXtR7H0+OaPMoYkBNXlNkfd3y/MyIFtrIvHDCmAdiLMlVOacqo6myMModJe +-57UW +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB40uzU2QIzK2s8e9S6fSAPw0xF7aMJmL +-YCXtR7H0+OaPMoYkBNXlNkfd3y/MyIFtrIvHDCmAdiLMlVOacqo6myMModJe57UW +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C1:KAS-ECC-CDH_K-283_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB5m0MOkjIP/qvy1syHOZ4wwKqEQg/466 +-Iwm5lIe3Qtci6LelAhc2KAH9bS0oblzfN1zQrlabcAAFMS436ONbFZLvubXq9Hs6 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C1 +-PeerKey=KAS-ECC-CDH_K-283_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=02eb0c1ceb6179232e91cff91fc8a30553c6ed7e0a71deb1bda0a10735a84593dd903636 +- +-PrivateKey=KAS-ECC-CDH_K-283_C2 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAXdjK2nn7do88AcwdQQ0 +-PMIWIyb2IBfL3fNgqHbck7gfBMWOoUwDSgAEA4FatkgOStJKZignXvLuDOfVhpkj +-nbziMziEK8WMQsypTSQSAt6DPMZkyskNMPvqxgPvu86SdtTxarHEbn4RyBqaqeJc +-gpaa +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA4FatkgOStJKZignXvLuDOfVhpkjnbzi +-MziEK8WMQsypTSQSAt6DPMZkyskNMPvqxgPvu86SdtTxarHEbn4RyBqaqeJcgpaa +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C2:KAS-ECC-CDH_K-283_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAM5Hp0PUi4b+/WtcAvKpeydiov5X4L34 +-XB1qKd6IYsTJntU6AyLllgafkWVoyiSM7Vfv6QU0r0qfkKT0D3l+RSlnAxcmv0HX +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C2 +-PeerKey=KAS-ECC-CDH_K-283_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04a9dd2cf5076814e5329c518c4f27b429dbe01d46682d476e7e78880de368b064236ba9 +- +-PrivateKey=KAS-ECC-CDH_K-283_C3 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkADv+mhyYU4bluisxVTpV +-FR543cOPB0MrXEKhzS2ieP0LaOBHoUwDSgAEAdnDM32pXsblpL/xzJJ4OYm2bJIw +-EHhw1KV4aZM4446y2S7/AM2q19DrD0Rap2Ol37jzj1U1V3fOJPdTta09PLqxJfSR +-aY1W +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAdnDM32pXsblpL/xzJJ4OYm2bJIwEHhw +-1KV4aZM4446y2S7/AM2q19DrD0Rap2Ol37jzj1U1V3fOJPdTta09PLqxJfSRaY1W +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C3:KAS-ECC-CDH_K-283_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEByiXWDm0LGIDanr/+t3vwwJLclhAe+1W +-XK6pOb4z0WrJREXHB3EmMHkLBa4E2NfZ8jZdrprSTExhs+sgwKeYfmpMSw9ZjDcf +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C3 +-PeerKey=KAS-ECC-CDH_K-283_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=044e2cd2bc164d21cf4b9833c0aa62ed059282e62b82f4500aeb422d17e1f6e7e8bbd500 +- +-PrivateKey=KAS-ECC-CDH_K-283_C4 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkANla9SpwjmktAmd7IQMv +-eurWAD8STnIBPzfAbgu8IONTKzzqoUwDSgAEBuSH+R5zvdNE+4vI9MH0ducn+yZx +-6dbI+9d18aqiTK8umjb1BmPhz/gJl1e7n/G4eJAoOqSc/w97Ev4YTtKkKDddJ5bN +-gd6R +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBuSH+R5zvdNE+4vI9MH0ducn+yZx6dbI +-+9d18aqiTK8umjb1BmPhz/gJl1e7n/G4eJAoOqSc/w97Ev4YTtKkKDddJ5bNgd6R +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C4:KAS-ECC-CDH_K-283_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBVZy1zmYRRCJ4rfHEEtCJH3d0TLUCtCH +-tYjWo4XaZPWi9Gg4ArTLFYH54rN463pPZPWn1DILLKPTR0cm9nDDiDu42kfz10W+ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C4 +-PeerKey=KAS-ECC-CDH_K-283_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04d4f04d2fcf1bcd8150eaded90e467d3d38f753b6fb54eed8f9d29cd3dcc7be2c83de11 +- +-PrivateKey=KAS-ECC-CDH_K-283_C5 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAMcz2QlAMsx67WxUqM7X +-U+rypIiCKFo7TH5gIfJr7OByKECtoUwDSgAEAmiWsDnXBo2YoyZxDrt6l4vUdmEV +-RkWuMM2D1gU1Bn4FFRzLANg6Jjvb2Mir8DEL+/yDkXqGsNjEvgsVWre54scFYFYo +-u83Z +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAmiWsDnXBo2YoyZxDrt6l4vUdmEVRkWu +-MM2D1gU1Bn4FFRzLANg6Jjvb2Mir8DEL+/yDkXqGsNjEvgsVWre54scFYFYou83Z +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C5:KAS-ECC-CDH_K-283_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAswopMt20UfZjfpnfcoU4XcTR7loHGXN +-tUDyLJB2E/3MsMjaB9QGX5kMj8N9EA7OOPv1dM5ETcNzVeBwK4DR6xvdZwmX6PJx +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C5 +-PeerKey=KAS-ECC-CDH_K-283_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01c343540541604f68ddbd63c483760d824ded5c18be7e56e6d36a9ac6d25772afb0a90a +- +-PrivateKey=KAS-ECC-CDH_K-283_C6 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkANs511Ngctw0SM19IWDl +-DIEfZINY6w2x1UKOgap6aGt4Za39oUwDSgAEA6chkGrRPcFcMR/U5VLzvIe32Szu +-7bsMMWqVJ4W6Ron8C6JwApUU84c7vDueIXBh96YmH9xiaGhfllbx1e6kcswttajB +-Yubp +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA6chkGrRPcFcMR/U5VLzvIe32Szu7bsM +-MWqVJ4W6Ron8C6JwApUU84c7vDueIXBh96YmH9xiaGhfllbx1e6kcswttajBYubp +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C6:KAS-ECC-CDH_K-283_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBjiA61OMcnXsuk21PZtowof7N3i+9RSX +-TR5+MamuNlohgUFfBK+fLPklQuH/j/KPjnyOgJWE4kOkkClJp2WihJhsdQsbBsia +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C6 +-PeerKey=KAS-ECC-CDH_K-283_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=05e38079815477b8a79096ce339c4a255f8b213be74715ea61ef7dd0c0b5f161d9de7521 +- +-PrivateKey=KAS-ECC-CDH_K-283_C7 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAGZJv9ZB2r8bnUmdT7BL +-6wmUddCqFdXvaEi3NNLUEwCLYEMIoUwDSgAEAI9ldtYq/8cYNtGa27w9UEIQ8S77 +-YcQgV4JFFSkMUC8uCbbYACFkO+h65uVJsNX7tVjBMD0UsczXdwPsdPlgLzXKjXpR +-Obzn +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAI9ldtYq/8cYNtGa27w9UEIQ8S77YcQg +-V4JFFSkMUC8uCbbYACFkO+h65uVJsNX7tVjBMD0UsczXdwPsdPlgLzXKjXpRObzn +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C7:KAS-ECC-CDH_K-283_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBb/SiVouZjZtt6g3iMcrzkj3m1yVJKCK +-4nPHjOs5rpdVnVrDBKKwpV+AFVoaMw/ebLbZft2wqdy2bEmzkpBKvos4H5EJDbsh +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C7 +-PeerKey=KAS-ECC-CDH_K-283_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0531ccf51d1096982f7c2ec513a92bf51c7ac5069cb15c5e2a053ceae7e5550908a19101 +- +-PrivateKey=KAS-ECC-CDH_K-283_C8 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAIGGCmU9bZREbXdmFk/5 +-LGxcFUXHNTBLOtTVF4yLFNAYHpRxoUwDSgAEBraIFbuDaR0WdJxL4WEl4qbW2ulC +-UnObp78NsNUBmOov5D3fA54NkwGKRhJWIPb/rKWgZoNDxXAlpgwxqdblEZHKsziZ +-O0a1 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBraIFbuDaR0WdJxL4WEl4qbW2ulCUnOb +-p78NsNUBmOov5D3fA54NkwGKRhJWIPb/rKWgZoNDxXAlpgwxqdblEZHKsziZO0a1 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C8:KAS-ECC-CDH_K-283_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBjVH91cL1pWXM8A9LmxMiJcfMUrc8ovI +-UdxS7U6MGk6gb4cCASLTdzsJNOkA+6fr/hrV7VvsD7Gp3c9O62HL7QQAdDE8CzFw +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C8 +-PeerKey=KAS-ECC-CDH_K-283_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=06ffe79d2b7664ee2d8303ffe0ceca8c49a581fcdb49c4af6a060ff204eea74f4cf39cef +- +-PrivateKey=KAS-ECC-CDH_K-283_C9 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkACJD6JGb16l87w6c3mPH +-bU4QcVApT8+N12dkUco7+lxe25ZMoUwDSgAEA+Q54+vfp6I6nesJ3hQZBcZTxPIC +-7fLPXwn674i6MRNwHknwBx0HG4btD0aPxgGd4j/kuiyztQAyvjXpLS5a9A3nBqtS +-ToKr +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA+Q54+vfp6I6nesJ3hQZBcZTxPIC7fLP +-Xwn674i6MRNwHknwBx0HG4btD0aPxgGd4j/kuiyztQAyvjXpLS5a9A3nBqtSToKr +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C9:KAS-ECC-CDH_K-283_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAJBH99dzl9tw45/p5Lqdl6mVp+4Gbs9T +-gXnpN6yGys2sUQlQAHzYdRZ/BqL7moGeLL2s78Fsrg7vLLsLLUm+rhCdt1PJUGFw +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C9 +-PeerKey=KAS-ECC-CDH_K-283_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0311c430db78b6203e27b52988e1e9dae890c655dac4acefa7ee9612bec32e3e5f52be55 +- +-PrivateKey=KAS-ECC-CDH_K-283_C10 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAFEqQoQeEif8n+1RwiaH +-MWhBNvIlz79FZImH4kU6cYb2p+3voUwDSgAEAi925atxT994Vx6EwrbqOhfxKZm+ +-SDvGfhuEPSCb3+wDR6Q+Au7B/A6F8zDFPa17/0hi2K//iqFPlHVulbjwH9fuuPxU +-UneH +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAi925atxT994Vx6EwrbqOhfxKZm+SDvG +-fhuEPSCb3+wDR6Q+Au7B/A6F8zDFPa17/0hi2K//iqFPlHVulbjwH9fuuPxUUneH +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C10:KAS-ECC-CDH_K-283_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBL3sGTAMiv3u2GSZ0nA5It9Xsv/sN+Rc +-A6XikJ3jwzO9BqXhAapPQIRPJBPx/L3tADsdFcnx33VI3iorv3G1FmV62NjHfPct +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C10 +-PeerKey=KAS-ECC-CDH_K-283_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0701d92ed8687138014b4379f1c34677e1744f6ae8c89958a5962f14408d587b95472db3 +- +-PrivateKey=KAS-ECC-CDH_K-283_C11 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkACqK9JfRo9rAcyo5Pe33 +-U5Sj9RnOB/rtP3fcDmafOhscbdrboUwDSgAEBXHwyH+IiI7Ac4lhg0AhdlzE9cjb +-Kx+eqbj+mEf4lkNJ/cRPBO98gESmCWlHRsyq/of8f58aeNAPg1T12n7i9dpyNawa +-1LV8 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBXHwyH+IiI7Ac4lhg0AhdlzE9cjbKx+e +-qbj+mEf4lkNJ/cRPBO98gESmCWlHRsyq/of8f58aeNAPg1T12n7i9dpyNawa1LV8 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C11:KAS-ECC-CDH_K-283_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBhH1OvS0iJkOelLlxzhWoedCebsPNtOr +-GYmyzNmTkbbGs6E9BU6pWiNPZYlxlbyXsD+m0kbqWrX0HaIsCO2BeqfASt83KYKz +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C11 +-PeerKey=KAS-ECC-CDH_K-283_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04f2301ed85a5c91c31a7fd125854904340a55e34976a20743bd33d95e476450f301ee62 +- +-PrivateKey=KAS-ECC-CDH_K-283_C12 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAd6fukqyTQbnSuWtNq4Z +-XCNgxyjrOMUO9TMynnDFrhn0ibbVoUwDSgAEBI1h4Lm4BkvMqM5A1PnmiyNoQTdy +-akTqdcjy+IUPAzP76YXmBfyro41R4hEra5805necEMDFWcPs0VYCKWbPkqjH9lAg +-p569 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBI1h4Lm4BkvMqM5A1PnmiyNoQTdyakTq +-dcjy+IUPAzP76YXmBfyro41R4hEra5805necEMDFWcPs0VYCKWbPkqjH9lAgp569 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C12:KAS-ECC-CDH_K-283_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAScG7AoOdkJdirTg1VkwpEFuTdChr22X +-mHJSmI2grJYnV3y+BCFehxUSnMdjAXkXAdxf4avNZytqoZukx+Uy7nqRPupg28nQ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C12 +-PeerKey=KAS-ECC-CDH_K-283_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0643900f337ed362815f181e0628ed5184dad3e66a1f030e947f116696312d835f7f6e7b +- +-PrivateKey=KAS-ECC-CDH_K-283_C13 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAV06Ii1XCcsznZPNKWUG +-ZPOb8yAcXR6G067495W5/d9H2MSooUwDSgAEAeK4jeN3KwnGPQNuDbukNSRph0l7 +-YoPauMzxACSG3gcwJ3tDA84YK38M6iGgah1N6HIsv8WbnZ15vHYLnRfYVnFWGuqt +-1UlB +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAeK4jeN3KwnGPQNuDbukNSRph0l7YoPa +-uMzxACSG3gcwJ3tDA84YK38M6iGgah1N6HIsv8WbnZ15vHYLnRfYVnFWGuqt1UlB +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C13:KAS-ECC-CDH_K-283_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBbsgvqT9hdAWJonFUAVAAUCbbHEtNWpS +-95PXiqLYJhpDxbbeAxvlyvyKrvGbhhUDQTp7c7YLN7AYBJPYLpQm9Htlhzk9CN4I +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C13 +-PeerKey=KAS-ECC-CDH_K-283_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=063b1a3db331f91abd0af837db9d5f040620d1ddd7fccf8b58e0df43698351ea1942548e +- +-PrivateKey=KAS-ECC-CDH_K-283_C14 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAJjFcGZnku/aZfyeeQmT +-EVjf1Ed76TMy5JPWmGa2YCxJUd5voUwDSgAEBNxndP5Gqw7Sdo03nnVko3xrsd0b +-/FVXJ62Uwg9HMsq/KiyCBsbPD0IfkfyiK0hxIWqfH+OHjweRTpaulKx3C2di+dzg +-j/ot +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBNxndP5Gqw7Sdo03nnVko3xrsd0b/FVX +-J62Uwg9HMsq/KiyCBsbPD0IfkfyiK0hxIWqfH+OHjweRTpaulKx3C2di+dzgj/ot +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C14:KAS-ECC-CDH_K-283_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAQo8okNbE1/+oIeSt/GbTuGBIHwpvhzh +-/erNtppmn5zd6RgaAkkIJ0semMbRl+0ng8PJU8Gzs0+kOosvV0JYTjf+pAcmm0O/ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C14 +-PeerKey=KAS-ECC-CDH_K-283_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0516da1d64bc4b25ce4763e6438257d62fb1ffdeae16d68701d63b603ad53e8587927669 +- +-PrivateKey=KAS-ECC-CDH_K-283_C15 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAPS220qHzdMAKcw76J5A +-ubywFNAQqRolLFbLKGcfNUqATLTYoUwDSgAEBm3fBIMf0ccrxItwkGHBrqqtGcna +-PYwVBvp3XU9aVBLu4ChtA6odExRv8ZJ5K3SlxkrTFQ+uNE+oMOD0RzPYZ/TgrgU1 +-JsYr +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBm3fBIMf0ccrxItwkGHBrqqtGcnaPYwV +-Bvp3XU9aVBLu4ChtA6odExRv8ZJ5K3SlxkrTFQ+uNE+oMOD0RzPYZ/TgrgU1JsYr +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C15:KAS-ECC-CDH_K-283_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBToN1hNeQ6EU5QAK7EC6JwmzphNzDxzC +-AGtEaTXiN7/Mw5TYA7Zs5s8BUH1GLu7/9iEb1MVgcBFsaQdGj3x2/gEUC/DV+3t5 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C15 +-PeerKey=KAS-ECC-CDH_K-283_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=049c68c333b96705eee4a3def0d568b0d4faf24df2fc2f1bf40da0af0946240c38e97f74 +- +-PrivateKey=KAS-ECC-CDH_K-283_C16 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAauCxaYq5H7LzPZmzDMj +-s1EoxS0XvhG68721YAbl1Wi6rYu8oUwDSgAEAKBK16WDZmpAQ3+WiwLKx5RnRbTK +-lJAhxUQ963AYP4jhd4/gArtZHDLw2zQwNC8ON8RUScKTxU9rffb3l8CZLCgphYto +-Dyvc +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAKBK16WDZmpAQ3+WiwLKx5RnRbTKlJAh +-xUQ963AYP4jhd4/gArtZHDLw2zQwNC8ON8RUScKTxU9rffb3l8CZLCgphYtoDyvc +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C16:KAS-ECC-CDH_K-283_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBtSm8+h7bYxJy+UXqXXSq4xjORNVltaz +-DMZcyAwShFCPSXibApY7NW8kNOwkm8tlie3k3jbOzTRQ5vXkd7/NwpraSu8PRaxT +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C16 +-PeerKey=KAS-ECC-CDH_K-283_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04dd44c1a30edac2e39a5bc9902625880a18516385c90a9cc6b94c4f111e0260863ccab2 +- +-PrivateKey=KAS-ECC-CDH_K-283_C17 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkABJUrxeRzHVpTOWQu1GK +-dwp1BEYXGjDt1sA4KhfmiAoa6luBoUwDSgAEArdmyZOzmNJCanoKSenQAQedD8Mh +-lxgcVurBgF5Ph8nfBV3qA257vTvpE51NQ6hlXvfVGgYtmUfRpIAQ7x6hDu3rJ/DR +-/+dl +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEArdmyZOzmNJCanoKSenQAQedD8Mhlxgc +-VurBgF5Ph8nfBV3qA257vTvpE51NQ6hlXvfVGgYtmUfRpIAQ7x6hDu3rJ/DR/+dl +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C17:KAS-ECC-CDH_K-283_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB2RS4Z16ELiFEj1QP10EM+Fj3xNP/7hV +-j4rCbPswYp+M+wk+BrOiSypLB3dw05a78VSvQe7jUDVzpt6a/g9tGLAvyXYcoWQ9 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C17 +-PeerKey=KAS-ECC-CDH_K-283_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0049c165339e9aeb2b516684b442921f1fef3091cf781e03fb3f56e93af1f3d6e500c81f +- +-PrivateKey=KAS-ECC-CDH_K-283_C18 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkASAXuaBZn78TzuEIUKj4 +-vQbMwAvSmsZ3nxvZM0ayLJgyfg+noUwDSgAEBCHGLcq1S6gA6vrCMvxzDOcPbVzF +-P/U9NxJpzwRtrq9FGzPnA9Y19VIz2jxJCpWcbmOpT82+Rx+/yhnSxaP9ErBNs4DD +-yJXM +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBCHGLcq1S6gA6vrCMvxzDOcPbVzFP/U9 +-NxJpzwRtrq9FGzPnA9Y19VIz2jxJCpWcbmOpT82+Rx+/yhnSxaP9ErBNs4DDyJXM +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C18:KAS-ECC-CDH_K-283_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAY4Lt1FtLELp3ZbKr/XyC/3fPoYj/JR9 +-TXBJFTZ5C4dBzdNyAywP/72i+oY8udFcNlRQINW7JNkw2vL+pFVffCTWrvuywB2S +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C18 +-PeerKey=KAS-ECC-CDH_K-283_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0645d7f4c5479baff5bc0cba654a3dcfda56c0e9d19f50f9d8d8c6357c09a140effbf223 +- +-PrivateKey=KAS-ECC-CDH_K-283_C19 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAE8ZfIVDLLQqF3ckmuQR +-70uyZXukutNa5ThjWhUcjWpWT5zKoUwDSgAEBAyIkk1aJKhT+uQIrqWzvIJ9cxX7 +-tY5uofamVnfdTE0wS9dfBUuChpraRDP3II+FcPJPBstkBG6KwIasV9Nwf8iCxjUn +-M9/2 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBAyIkk1aJKhT+uQIrqWzvIJ9cxX7tY5u +-ofamVnfdTE0wS9dfBUuChpraRDP3II+FcPJPBstkBG6KwIasV9Nwf8iCxjUnM9/2 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C19:KAS-ECC-CDH_K-283_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAkq7FV5JEkKC6jLltURiGum1E6oEdto7 +-3bdSYNX1+i57iYmHAb37CgeaVbz84cqLzjAZy8rmFkADOEFm67sLtzNTlWWtxEbz +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C19 +-PeerKey=KAS-ECC-CDH_K-283_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=028017c2a0240fd746ee72a0bcae1e53e05b7af254298094c381e735523854ea5fdd4f5c +- +-PrivateKey=KAS-ECC-CDH_K-283_C20 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAU6JNIPR2LdiHPSL0kvI +-oblbtAoIwWwyh0plK1miJSE5Qo2soUwDSgAEAVdOF84mMRxAq/MkP0iJournSoNB +-qng4VRBW9DlbjwK9wye+AIbln5hTSPP415U4ALHXXhQVISScQ/4GFpE9tdHUvVQA +-q85V +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAVdOF84mMRxAq/MkP0iJournSoNBqng4 +-VRBW9DlbjwK9wye+AIbln5hTSPP415U4ALHXXhQVISScQ/4GFpE9tdHUvVQAq85V +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C20:KAS-ECC-CDH_K-283_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB1J1EryTSTjMUkDOcO9lIi24XBPJYcHz +-H5FCBQZ9ZLGkyFMUAqq9uB/+0sABrLtNC3vlOTBOMuQx4C34sZKtdO0bSwYGv8kL +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C20 +-PeerKey=KAS-ECC-CDH_K-283_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=02603c00998deba52db12814b1f77b2120cbc1dca59009c0d6ea40dcbcabca32c50380d8 +- +-PrivateKey=KAS-ECC-CDH_K-283_C21 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAetvbJGogKVGIYXGpwDo +-Y3uPRH0J0bJRRg/lfxv0Yu/d3a7AoUwDSgAEAxswJhBDiDdM+3x7TvZCEaR+ILlW +-Gju8pTUWBAt72ig3MJRUAk+K6yOjXhwiIllnx5EYaMhO/dhz27zLx2Pq1n5yojJK +-pMby +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAxswJhBDiDdM+3x7TvZCEaR+ILlWGju8 +-pTUWBAt72ig3MJRUAk+K6yOjXhwiIllnx5EYaMhO/dhz27zLx2Pq1n5yojJKpMby +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C21:KAS-ECC-CDH_K-283_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB+wp2i8wTOuo1eJJ62BUpOT1lTTuWdJc +-HcDhLMOPdouD2v/uARLH1KN/7IQicaCoItN2N+btVRkHEwAa7+EbBvfh004A/N7L +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C21 +-PeerKey=KAS-ECC-CDH_K-283_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=026a719bff31da4b4ebaed7bd043064f9c3930b5774c4a99809332c808aacba4b9e3733a +- +-PrivateKey=KAS-ECC-CDH_K-283_C22 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAUe+TjhmfjKmphq5gM7Z +-LkJpWSWxE8aUp5YK7eouHVcaQtPeoUwDSgAEBvWZ8MFJRXoy8aL/q9Tf+RYlk4KR +-K2QCtQzfXCNf3Rt5Dl6vBMzx2KS/63f/MpDmWsYB7luX/BsYaaLrnwt2J36AZsCG +-d2xA +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBvWZ8MFJRXoy8aL/q9Tf+RYlk4KRK2QC +-tQzfXCNf3Rt5Dl6vBMzx2KS/63f/MpDmWsYB7luX/BsYaaLrnwt2J36AZsCGd2xA +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C22:KAS-ECC-CDH_K-283_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBh71k4nt+PgnOmYqQZVBHpRIuxt3+wgA +-vlJetaagOxlmVxmpApaG+Ed/tcdp77CCyz8aDHnbVcsmTiESwOd557VY9wBFgWoQ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C22 +-PeerKey=KAS-ECC-CDH_K-283_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=048c48c993040619536f45482c494a39b32e75fe69e478ba06e376228b79eb83d3ff9168 +- +-PrivateKey=KAS-ECC-CDH_K-283_C23 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAeGQC+Ya235VVZ2ZoLfZ +-NURW9RUeL9e4PABbELFgBOvodsBooUwDSgAEBC7Mmf9ItT9mGbSEr4+lmyNKmByc +-PpEHu9HNqszoGIXQbgKpAYPaDX/ufz5w4Rfw6KSnQsrRCu/NxKq5uzFFgjdoavtP +-rPOp +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBC7Mmf9ItT9mGbSEr4+lmyNKmBycPpEH +-u9HNqszoGIXQbgKpAYPaDX/ufz5w4Rfw6KSnQsrRCu/NxKq5uzFFgjdoavtPrPOp +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C23:KAS-ECC-CDH_K-283_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB51XYO5u+XhRi7zlNrAxxlWorPVgRJe6 +-Q94L62h3pUfD7dRYBCGzBR3TY5bSD/zXzzT8oCJRbdS/+sc/yZWunqgUzg5AJ/fG +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C23 +-PeerKey=KAS-ECC-CDH_K-283_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=05d85b16bb2a0d32c73d1402838bdfa512d744fa88c74d3d90cf714c2480e03363d5c6ec +- +-PrivateKey=KAS-ECC-CDH_K-283_C24 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAHfkGrLQnDTFiKvHbUMS +-YC5x9gAZAnuYbg3tNyU1wrapM6UzoUwDSgAEApIzI/FwB0Ii06aih62v09H+EnFd +-V7kbH/R2orT8w4XeJh7MBMxJjWfGJnzHxMLUClbNwqbnFe3YsqlhTusz0Lb9Fiy7 +-hacU +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-283_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEApIzI/FwB0Ii06aih62v09H+EnFdV7kb +-H/R2orT8w4XeJh7MBMxJjWfGJnzHxMLUClbNwqbnFe3YsqlhTusz0Lb9Fiy7hacU +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-283_C24:KAS-ECC-CDH_K-283_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-283_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAkeE09PV6AIf/tiicJqfVNU5XZj6RCpl +-WgXdlCYrYDWW+L/xA+jjngjM5V4b7S3+DS+MFBsGQB26A37LOEdEkwyBeNFGQWMk +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-283_C24 +-PeerKey=KAS-ECC-CDH_K-283_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=066abb838b5f12b6fc15ceb745600686bc2d5773e53469c2ee920cfba5459a1cab20d153 +- +-PrivateKey=KAS-ECC-CDH_K-409_C0 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMIS3EePGCCLnD6aCi1 +-q/sORIiIs1sMi7CfgGYW3B7PIt2GI32TfBv95it1rmVZU/xrL36hbANqAAQAaKP4 +-sS4C0Q4vUglVJrxASLj2rDqEUxdyhweJk48a7/gT4F5QnqlYfSt+SqFDRLrD7Ebw +-ANHOtAx9XzKX4pVfDz6xQis+a7v79+tRi5wXro1A/rhKrzb15b2WB1srTb5TisAR +-lirHBQ== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAGij+LEuAtEOL1IJVSa8QEi49qw6hFMX +-cocHiZOPGu/4E+BeUJ6pWH0rfkqhQ0S6w+xG8ADRzrQMfV8yl+KVXw8+sUIrPmu7 +-+/frUYucF66NQP64Sq829eW9lgdbK02+U4rAEZYqxwU= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C0:KAS-ECC-CDH_K-409_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAXf3NvYRYyDK+7W03sIC1AUIGC/gERib +-geHzmY9UCGB6RrsVCsR7yqr95HuKe3L0eLwi0gHfTvSzfgEk5Vtn81ht4kqIpsXZ +-iFQAfUsMS0zNaNUfr6dji75VXWC3Te8hfGpjxbQGj7c= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C0 +-PeerKey=KAS-ECC-CDH_K-409_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0176bc5c4036ce5125493a58dd265f04d190f028366f7799f70aedf29ac67b5b37c37238593377a47944f5b639f43856dbd560ec +- +-PrivateKey=KAS-ECC-CDH_K-409_C1 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNlGIu3eW5FH0RyehoG +-dEQN0z0litL9x7mPr2SxHn6M5ejCHnmfH/L9KdTJSqFYliBopZ+hbANqAAQAMsV2 +-hFLzwfO8VIeTea1CCJEmd0Kzf7CW7nuMIc7tAEHpRwzsO+3LeZ6QvbsxGSCD/wNE +-APnGEikn+4JCRtHcHOD95xpoSagtQQZdodhSVqmxl5v38oY2b8izJIk+vjTlnARg +-BzmUFA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEADLFdoRS88HzvFSHk3mtQgiRJndCs3+w +-lu57jCHO7QBB6UcM7Dvty3mekL27MRkgg/8DRAD5xhIpJ/uCQkbR3Bzg/ecaaEmo +-LUEGXaHYUlapsZeb9/KGNm/IsySJPr405ZwEYAc5lBQ= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C1:KAS-ECC-CDH_K-409_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAQxMaKnxpioyZVa22XennNnER2wFsa3U +-os/TBoJJo8OSOCJCjTUsXXTl1krM7tvapu++TACGaulA3TG15uPyCztNh6agLHgX +-PICqUQpu3/hSxinmBk3118YA/Zjljo6MZiu0uWyLqQU= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C1 +-PeerKey=KAS-ECC-CDH_K-409_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00575d9e7f70a4a1c5c807b6b5d6b7330bdd764db2aa60f3bfe497e6bfe90f038fb4f6acf7ac06efc3d157c3dc907b2ae093c6a2 +- +-PrivateKey=KAS-ECC-CDH_K-409_C2 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNssXw/whq0jlw3F8eR +-EY1HYeLFGYa/FHlCVU3FoYv5u2xnvbupCKHouo53kPWaOXE09oOhbANqAAQAK4kE +-GK/FeXyXRqRMoFk2euBmO88FgVaGDGE+4F4R2j8veZxwpo/nL9XawkadqhgQcCne +-ATVpBLGXv54GV/Q0nSUruzdcZiBvwNgxJZm9vv7oYI7JSNzkhoB7qlNe0GrayceX +-Y0cRqw== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACuJBBivxXl8l0akTKBZNnrgZjvPBYFW +-hgxhPuBeEdo/L3mccKaP5y/V2sJGnaoYEHAp3gE1aQSxl7+eBlf0NJ0lK7s3XGYg +-b8DYMSWZvb7+6GCOyUjc5IaAe6pTXtBq2snHl2NHEas= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C2:KAS-ECC-CDH_K-409_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAeTVgNXprYFnHGzWYtVWm6/k11qk9Emu +-1WvYAGGVIMnzLE4jDE2RscQR+QhtUpG6E3AUogAMj/tCOS/zl7vUZ5cvPtJR1aB5 +-ll2gsdKjzBbDHSVdzpiGk3styUHqsNi+i7zRWqbtltY= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C2 +-PeerKey=KAS-ECC-CDH_K-409_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00ce87aa5e7700384df59d3f1075d282c1aa511391c42ef609b8de1264eca8f7737df91565c73ee884ea882d47c56d979141f0f2 +- +-PrivateKey=KAS-ECC-CDH_K-409_C3 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMR1DvAjanOXe/JS075 +-DZMk3ggDR/9N+GZF0yVgOi3/0o7K8HdexTyvWlVOr4toSH34hlShbANqAAQBJXtq +-vUcNKUtZ3a7azVRdz0OAiviQ9XYoiAM0L8Yes5b1YK90NC4Qu5TSJMJNjlkA5bly +-AdzK2X7O9Dh6HPUSsW3VvHq2FfvFCHrBnV/Cdi9hW0kE6jk0O7sYXbZKGff3Ds8N +-VXsV6A== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEASV7ar1HDSlLWd2u2s1UXc9DgIr4kPV2 +-KIgDNC/GHrOW9WCvdDQuELuU0iTCTY5ZAOW5cgHcytl+zvQ4ehz1ErFt1bx6thX7 +-xQh6wZ1fwnYvYVtJBOo5NDu7GF22Shn39w7PDVV7Feg= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C3:KAS-ECC-CDH_K-409_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEALfRk1TK3MlHCCZ67Ysj5ITjKgOBSwJq +-gA9boB6SBMQwUuTUfG/NkjKWVODpAVsBL3k0SgF5lcFXlsWuk+CiB6JwcAT7saSa +-DUf9QE8S1XhJ2Dl81NLG0rS5D4ZEA9Ss0Woyt/9Id7Q= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C3 +-PeerKey=KAS-ECC-CDH_K-409_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00691dd6b5177702d6a0b1f8b07f3b018478680de7ee079272ff75659335c96afcea7650caa01f996aa37946b78e14a83e579fb4 +- +-PrivateKey=KAS-ECC-CDH_K-409_C4 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMNayWWVtUmd33ttSRq +-GS8MBccnCjtOZKnWyHfNBtKWKhrITsLYl2X5Z/YETy36VpAxB/OhbANqAAQBk6+h +-O9Hggc7l3xKG/kSik7fRsQwpCl8q574tAnNgCaJtg6qqkBeoyL9g76Ffzq0Hdn1I +-AdAv1mp4BsTIRF+mFSVP8yu5wdhaOQT5OcEGHiUNPrZBMTCipVcJlHlTEOltw6/z +-uCGK0w== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAZOvoTvR4IHO5d8Shv5EopO30bEMKQpf +-Kue+LQJzYAmibYOqqpAXqMi/YO+hX86tB3Z9SAHQL9ZqeAbEyERfphUlT/MrucHY +-WjkE+TnBBh4lDT62QTEwoqVXCZR5UxDpbcOv87ghitM= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C4:KAS-ECC-CDH_K-409_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPKhHM06U8leqY8xRPt31KaE+aH0I+uB +-46i/viK2gPIYcPWMrraUbGs7hzaZz/0xQGP0CAD98m7t5sunJIJAcgkGzgdsxDIt +-GLx2g9IkC6aEds55AieAsvpU4PfHZSi3f6Yx/lq7W5U= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C4 +-PeerKey=KAS-ECC-CDH_K-409_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0136f5c04cf9a56db24ad99bd286feb800aea38d44f819be1c2a9dba15c635c4e122893570233a4c5754a41499eafa39a35aa57e +- +-PrivateKey=KAS-ECC-CDH_K-409_C5 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNL9zUbGVh10B9jBsoS +-fbihpfWXcZwNEOHWj11IVb8HYFeQaR/NDYtdsTfT/CZ53nWgZ4GhbANqAAQB04Zk +-WqpI4v0JUOaprOnf9iyPXpTNukW9c8a+a/e3Y6LJqAeEYxLaOrghwEmsCGH4Izfw +-ACpkNu+KEmGuzDjIIdp3Sjkf3Md1DJQ32d/mTIIzUIE5mfD9Twfx1tmAdAmGErxS +-BEJJ1A== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAdOGZFqqSOL9CVDmqazp3/Ysj16UzbpF +-vXPGvmv3t2OiyagHhGMS2jq4IcBJrAhh+CM38AAqZDbvihJhrsw4yCHad0o5H9zH +-dQyUN9nf5kyCM1CBOZnw/U8H8dbZgHQJhhK8UgRCSdQ= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C5:KAS-ECC-CDH_K-409_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEARdEn76mstX06OTTmnIoQkzwb0Vr8645 +-vB+yqZ5Bg7cW4ZT8UHRlZk0AnVvO46QmupMsEAEUbTK3DwnmX89p65rmYWLRC9BD +-ad6OgYf6nD0bXdom8QtGnNSSXKN+CZRBV1fmiV5YgUU= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C5 +-PeerKey=KAS-ECC-CDH_K-409_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=004f684f9d559d16485f0023bf012006265ed81f06fbc1441334a559e5500a3f77603565013694023e0d8f44fd12dcf69eb8d654 +- +-PrivateKey=KAS-ECC-CDH_K-409_C6 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNp2mWQEDRcaQD97LMd +-+bq+2+QlM5gpCzQBL7E0vFkUdXLmKmD1yszth7D40f98BJ3+lpKhbANqAAQAOGhw +-GffCGd3ZVnsg9eoeilBFHdQL9bZfey4TPebzbko/j6L5d+/pIPhF0XbIpXAjzFXC +-AUk5f7xCus+FxZ4EU13x1ScVdh7qmX1P+HIEhmzcPUpUwkJa0hSnoN1ZL0qZGrdo +-yPQEvg== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEADhocBn3whnd2VZ7IPXqHopQRR3UC/W2 +-X3suEz3m825KP4+i+Xfv6SD4RdF2yKVwI8xVwgFJOX+8QrrPhcWeBFNd8dUnFXYe +-6pl9T/hyBIZs3D1KVMJCWtIUp6DdWS9KmRq3aMj0BL4= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C6:KAS-ECC-CDH_K-409_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEARmYDxEUne5eLC0AVh08JqQqWkTodHZd +-3aTYGOpwTtu6I6vtXgi+ktZV155VxbxUeHtN1AE2az3aPph5xEgd3DZ+UcHAVBlF +-lkY21QIWh8KFxH1A55/38LtWqTrFYL6Ny5cPWLI7EKc= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C6 +-PeerKey=KAS-ECC-CDH_K-409_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00137894f637460a63576824536944cddb42dfe63169c84040a0345ad7516ec4f1ad00bb4de20ea6ea43824b9b0f74dfa6881cfc +- +-PrivateKey=KAS-ECC-CDH_K-409_C7 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMG39qzyhsqKCHO/bWH +-K7lfAjFhrk4tVJ0PsfOCVjQTWESRZX2xAcMjUUgyw2P2NqnmnoOhbANqAAQAPpqb +-XyggZuIzhw3LAMSu0tc6Mx951JyNXC2TkIsO9ecrdIgU0biEBkLXW3qaVTAbHnyC +-AQhfV2keBK+sbohOL9vY34AvTUNbzmESMasydHYerV4uajRKU/M8D6FW4xMgYvcr +-zaP8DA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAD6am18oIGbiM4cNywDErtLXOjMfedSc +-jVwtk5CLDvXnK3SIFNG4hAZC11t6mlUwGx58ggEIX1dpHgSvrG6ITi/b2N+AL01D +-W85hEjGrMnR2Hq1eLmo0SlPzPA+hVuMTIGL3K82j/Aw= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C7:KAS-ECC-CDH_K-409_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAfo5tdM3XUMkeslQAGHr/3oMFbjF3+nH +-UXhDhsmBhg3m4blYTaD0IRlBfzIzgpCRCpolngAr3s1QK6ZKbyHQj6QlA4nUJwMk +-RW6UQWV0lccq12D7NIMl+Jt6VASiwhwqoHcRvPXzBBI= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C7 +-PeerKey=KAS-ECC-CDH_K-409_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00f03b0b43a351311689eb1d3fc457013f294a7d02ad850c72e4ff9b64ce68a47beb49bc5bcbdc828534f8c8a5e13de5fe522eb0 +- +-PrivateKey=KAS-ECC-CDH_K-409_C8 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMpsvyzCFlql1xbTNHn +-UmfFQk4Ad0EU7CBRpXGymXZhifrSTpL5bj1SdzbqSANnvb3QUw6hbANqAAQBTHVz +-mb4gHgiv2LSmcefTttf4hESYq1kuG/aTFTR86C29eF1FkiZg1NDSf6KwrGLnB/zs +-AJjwdz0+/pwpCpkuygWHXTRj8HNrLf70r/2f8A+WreUzmZF96gdMeY/FNXOPDFaJ +-okR/hg== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAUx1c5m+IB4Ir9i0pnHn07bX+IREmKtZ +-Lhv2kxU0fOgtvXhdRZImYNTQ0n+isKxi5wf87ACY8Hc9Pv6cKQqZLsoFh100Y/Bz +-ay3+9K/9n/APlq3lM5mRfeoHTHmPxTVzjwxWiaJEf4Y= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C8:KAS-ECC-CDH_K-409_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAbJV1bt10llwMB3p4OOVmhIgXVEfjmTw +-QqAclQ20cbHW1YR/dWae6wvxh/FVnbOyKu7AlgF+WQz6hVNJE2GYwt3YpSEIgkc8 +-ndWRwC4gLKBAS7yfY5HXOuAR2smWUVXSZQE5/i5U7Gc= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C8 +-PeerKey=KAS-ECC-CDH_K-409_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=018f55b81f15f862aed042f37433050ac61718c9939d432b2a20e12d647f99753b8dd5127cf8963247fe7e1d5ade1442229bc646 +- +-PrivateKey=KAS-ECC-CDH_K-409_C9 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMbmAFcAgLqFkF5caNz +-BCUIOb1qbl2DSX9/k/D3Ryoh/OS+W+d26QlZ28QaDoXtIlg36NWhbANqAAQB/sCf +-lFcWFOfNjpWOvNei/NjCSNQIzbo1ljBUXDE4OSJ3TTsk4gWR2LQelU4WZU/oXLrK +-ADHg6x3RzkZ6i3jRDSW53pLP3Cdzgx5uKKFS0CripaUQmUzAEEYiVEQepBEhwGd/ +-tBeL2g== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAf7An5RXFhTnzY6VjrzXovzYwkjUCM26 +-NZYwVFwxODkid007JOIFkdi0HpVOFmVP6Fy6ygAx4Osd0c5Geot40Q0lud6Sz9wn +-c4MebiihUtAq4qWlEJlMwBBGIlREHqQRIcBnf7QXi9o= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C9:KAS-ECC-CDH_K-409_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAOz3Bk9Sj62uOAyzgphIEQR6DX3ZqN6O +-dvgXiqYAaed6lIrPp00sd6doUWWamBlwVNqNRAC5jhNJf3dgcnEcQsGNv8jrjIUj +-/2M6+Yih8kLtPDxWXRjPIk+HUfKULjYLoW4PWDCVKRk= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C9 +-PeerKey=KAS-ECC-CDH_K-409_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=002b560d1949297dc7e1bbe8ce49a595762924afcf0271e9c493c18ad5cbfcea5f3900c7b793ae5dd44f48884b0bc3b52c66e05a +- +-PrivateKey=KAS-ECC-CDH_K-409_C10 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNHO87LE3cR5eiXY6QP +-d9vi6owlCdIJBk45z5Ba+qkBCF+OeVybgBfJpdChuWgSwSSj/7+hbANqAAQByOmt +-xIFuZgb//14afUinhUw1qvBV0xgz8Mq96LvE0kWOPNPIKkr4B0X1lbO6Evi1wM6Q +-APxD8ZO1WJruYphXNeNig3TdRahqYbqveMIfpueHhW6muLiDFlQFcYJYZc5rhXit +-1fqmnw== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAcjprcSBbmYG//9eGn1Ip4VMNarwVdMY +-M/DKvei7xNJFjjzTyCpK+AdF9ZWzuhL4tcDOkAD8Q/GTtVia7mKYVzXjYoN03UWo +-amG6r3jCH6bnh4Vupri4gxZUBXGCWGXOa4V4rdX6pp8= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C10:KAS-ECC-CDH_K-409_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAE4Fw02sRObhsIzfrmNXwg23pUTcJT3/ +-HCPU26hxuWeBtqYWONc4Zdr+CpRDw+wyiFfSPgEibEJ3eLsiRiTNIVST16TzKk8U +-GXkjZAlQXYz1jYHf08eT5ZVDp4AxTzzY7hdmTcLkY54= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C10 +-PeerKey=KAS-ECC-CDH_K-409_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=000b43cb539bb4bb42f195ffdbcdeb482b69301c0155a840cd381f55c465a8e57ec51d6555871537b56bf84a1544cae2b2b8eb38 +- +-PrivateKey=KAS-ECC-CDH_K-409_C11 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMg3d1nE0pBg3i6oN38 +-kRHAou1JKyiVad0AYb8SJtI1vapSA9Pvor0BQdKs4nw66Oba8R+hbANqAAQBZ9V3 +-sqQ8wafYimvog8KNv0jD4fvyGtg+en49dT+wttP4DNE3b9mL4mD0lHV83AYyVtWy +-AV7XADt9K9XgNZMDZgrdCQBJA5z33zlpieoYxwL3BMRc9v3nrQctMSU9HVKV6cXR +-1cYsOw== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAWfVd7KkPMGn2Ipr6IPCjb9Iw+H78hrY +-Pnp+PXU/sLbT+AzRN2/Zi+Jg9JR1fNwGMlbVsgFe1wA7fSvV4DWTA2YK3QkASQOc +-9985aYnqGMcC9wTEXPb9560HLTElPR1SlenF0dXGLDs= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C11:KAS-ECC-CDH_K-409_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAW9pYP0jV9L3C193i+XgqnFVa50vTM6x +-T3gS2oWKuHKBi0YQ1BqPZiALQ0NCIifZ/d9xLgCq9ZKnJedzg4iJa5vp94wcPWly +-ufmQNNAswPl3ap9sL5t9UB91vhhZmwiMTFiBxmFG5bk= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C11 +-PeerKey=KAS-ECC-CDH_K-409_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0113dd2cf8732ceb8a893e149f13d52026e5d829322d0f1233a624fd6b74d56e7e6374d70942a25152ce5073831660333fb3e070 +- +-PrivateKey=KAS-ECC-CDH_K-409_C12 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNgelplMhd7UvI0knF9 +-0Keyr5jgSIT3cHXkYEQQxQRKCEYezzfE76PtwstmfIS4ZBWTa3ChbANqAAQAClZ3 +-rGwA0mRgVNvr/FNtsKmzUaJAinPgg61i0YL7h8uAMixTlVPs28ITzoTGbd+NwdI0 +-ATJ6CjdpJA/aRflLsHNhx0qoyNEZQUp7VmbiWjq2iBl1OWMlp39UGhuiaAEqgsUR +-DSpJ4g== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAApWd6xsANJkYFTb6/xTbbCps1GiQIpz +-4IOtYtGC+4fLgDIsU5VT7NvCE86Exm3fjcHSNAEyego3aSQP2kX5S7BzYcdKqMjR +-GUFKe1Zm4lo6togZdTljJad/VBobomgBKoLFEQ0qSeI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C12:KAS-ECC-CDH_K-409_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPVJxH3I6S/s04tXUIlYgORJ8eMavgux +-6syEKY+DYQjlowjMuVeNy9S+YXd1LrIx548BHACTZj7D/LVNZ2iXv8ldteVK1u6h +-7HtGykvz0lNYOfEByz5tXxG2o2v0A2PDHJ+IE3hiZ08= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C12 +-PeerKey=KAS-ECC-CDH_K-409_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00c8e62ac25c11e86b98642e4ec7adde9d9436f9337369fb065abc9ea784f90b8b8bebae35da92185486191dd9f49370b1148ce6 +- +-PrivateKey=KAS-ECC-CDH_K-409_C13 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDM02ppFNxHwSgseobmv +-cB4Nw6Vc3VheQ+Ps9B6TTsr4gP8WFNzlzJkqaa3fxAja4bCbjQWhbANqAAQB97/0 +-NVR6iVFtAX0b2sTNo2BBoNPf0DJYVisuKPQM1k9q4rcEV3c/lnXP/EDAIeRwKwjW +-ABPFmnLwyD9buQoL/ueYlS+5HuMpyYxLWRT0Ra58hIN2cFK19SmXRiFUXdzWN39e +-OH1XPA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAfe/9DVUeolRbQF9G9rEzaNgQaDT39Ay +-WFYrLij0DNZPauK3BFd3P5Z1z/xAwCHkcCsI1gATxZpy8Mg/W7kKC/7nmJUvuR7j +-KcmMS1kU9EWufISDdnBStfUpl0YhVF3c1jd/Xjh9Vzw= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C13:KAS-ECC-CDH_K-409_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAEEeXUyW413ptUHaX6xpEzZGLIgtjozk +-1utxIUF+cJUMTZUC9kVl1abPpzXJDu+Dx7hh4gCWuQTjfKHC21mlRhVifhwzVhYP +-4XUoSq3DsvoGugswqqB8hOZOSGUuX+swNZUGbg+EaPc= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C13 +-PeerKey=KAS-ECC-CDH_K-409_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=012505746f1a40ef75f950595211ce04f87f1daffffdf8c12600a9e2994c8c1d8b19c0e0559adf9a94762cb983569de6d0d8baca +- +-PrivateKey=KAS-ECC-CDH_K-409_C14 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMxQa+7qLTZ8MvoKX82 +-WHMZZzlGXj4gqJr5/fiwHRlaoQUuYXa1+thWE2trMg7r/AjBzQGhbANqAAQBgF/8 +-V26KRfBil7IzXQOryK39Fa03522A07QYDV9y78kPPysDas2Bf0D9SQZKol6jg8gu +-AfItprUKxWKJQ/BbFBSTyswPArzfO//bQ1gjQ7aGFXYaGAvX0asd3BX1N0qPZl0T +-tLkScg== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAYBf/FduikXwYpeyM10Dq8it/RWtN+dt +-gNO0GA1fcu/JDz8rA2rNgX9A/UkGSqJeo4PILgHyLaa1CsViiUPwWxQUk8rMDwK8 +-3zv/20NYI0O2hhV2GhgL19GrHdwV9TdKj2ZdE7S5EnI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C14:KAS-ECC-CDH_K-409_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAA+oJD8ACjOYgIofiP/Fo0KWj+5ceyap +-4f+ibvqIXnThxWICfZXbCMwVvSWj/BGrTcE8ogD+1ofHGX/xrrmA5yo6fDGBQgUs +-I4mwhm2zuH5cgCXnm7T0+Zb6Y1KrnLIBcu941v/KkG8= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C14 +-PeerKey=KAS-ECC-CDH_K-409_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=019a71ab576546e2351aa92b6075e8229813e6a2cb3647147b192b4597f1217223e7197d846c0d65ea0d4aa4c503bd000ba312ba +- +-PrivateKey=KAS-ECC-CDH_K-409_C15 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNOUXeWysnXx1MW615o +-lj/mMkeB+rmG6UAgDnEd2/mILZmmIKl2NS4klnSM+2Hcy/bWWcyhbANqAAQAVqRS +-+x1VgHnD6RvyL4aITKiXiIBv59bWykC1SFB5133EPkZqcSWXksZf9qtyBAZsDmeo +-AfKbcj2ffU3mzML5cIB5xdMK5dlg5ip8T23Ji/yVtPUx8ZfDlIZwVDJZQgPCUUcV +-bf1bXA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAFakUvsdVYB5w+kb8i+GiEyol4iAb+fW +-1spAtUhQedd9xD5GanEll5LGX/arcgQGbA5nqAHym3I9n31N5szC+XCAecXTCuXZ +-YOYqfE9tyYv8lbT1MfGXw5SGcFQyWUIDwlFHFW39W1w= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C15:KAS-ECC-CDH_K-409_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAL59WAQyY6svQiUtQbWC2GLCskPOGFdg +-gb1u3S9j8BZPNlyuZyaNIn85RGd+HBRq+GS4rgGkvLxkFthll6FIyk1hDuZWoAAm +-zmBHvZ+9QNiVMBlqRpOuWV1plWUDudKrSqvnyVihTGk= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C15 +-PeerKey=KAS-ECC-CDH_K-409_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=014f4b7ea93c9dd846d2228c2b6a8dfe616057232b7af845a570cb6cacf9feef2d8ef4fafb285b38e63cce0a09b4d82dbe43a390 +- +-PrivateKey=KAS-ECC-CDH_K-409_C16 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMcgLZNUegCVpnnvixL +-mDz6S36RsRLi7KX50Mt+PU+Fr/ezOpIeqhJMtwAuq2KXPWXha8mhbANqAAQB/Q5O +-r7JsCMn450fUmR9GjHa0hkFm43ZCtYPbKFpLxMM5eZF9kSmpHLCnXBrufNT7q3PO +-AEaO+rz0SPzOgh896B6ZTXmn2Z6piayB+hNfesiLFUx2eQnGgffkjACy5mu664+G +-iPRGcg== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAf0OTq+ybAjJ+OdH1JkfRox2tIZBZuN2 +-QrWD2yhaS8TDOXmRfZEpqRywp1wa7nzU+6tzzgBGjvq89Ej8zoIfPegemU15p9me +-qYmsgfoTX3rIixVMdnkJxoH35IwAsuZruuuPhoj0RnI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C16:KAS-ECC-CDH_K-409_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAR/qWNnjbPjtTvO0L3fM6pO/VCrJIUHc +-LAlAYZhfPfeG0ZKle+4HJVCzAlg/D5QoMBsbdgGz3MG4o1RSZEJzhjKeuB/pkmVA +-QGlHgcDYsnweSUQrmbq5Pvlmb+oU1IQ+5LxbBFrFDBE= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C16 +-PeerKey=KAS-ECC-CDH_K-409_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=001fe2ed30ad4143c5eeb0b7622e6aa49e4e4d51c1ddc467b3fc54215dae931be0b6b6443e716895acb6570cdc21fcbdae46e5d6 +- +-PrivateKey=KAS-ECC-CDH_K-409_C17 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNDyWwyz2SLA2ESQhrb +-qpJc1UF1q6055Wgb/J60sbZJrsHIduwexGEPGzsGUUpI5up6SiWhbANqAAQA3hge +-gbnnd21HRpSi0STQuHbZVI8g7jOGMElF2RMfkEV9m5ON8JiwNb7ar4DtbZeUBPxw +-AYGjUW2+qdqX1uzs2xD5bVRGnSc6s2bomkD9ztzxvag31cFL0QwLaiqcikeBASXH +-ZN017w== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAN4YHoG553dtR0aUotEk0Lh22VSPIO4z +-hjBJRdkTH5BFfZuTjfCYsDW+2q+A7W2XlAT8cAGBo1Ftvqnal9bs7NsQ+W1URp0n +-OrNm6JpA/c7c8b2oN9XBS9EMC2oqnIpHgQElx2TdNe8= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C17:KAS-ECC-CDH_K-409_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAMqAk0C9EzVLYHHQc+Zbmw0rrILiKr/K +-x+cK/Z0iSFLw4hKXbl7II+uJUOArx1ns9W95qAAxKB6JdkAaq1j6jq+GNv6wExcL +-yrV4G+CijScznpRw4WbH9oXy6pFDMQ3KGzq44cjmBZI= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C17 +-PeerKey=KAS-ECC-CDH_K-409_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01610efb48fd22261921f7484ed6382fceb6bdf28f3bc2340a175b7971b93ed5ff357ed55e5307bbf42e40a5b3fabdaed0ce19a2 +- +-PrivateKey=KAS-ECC-CDH_K-409_C18 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDM2NoVLjuAlS7LQ6+3H +-ILZrIBKaIfGk/jkRjP3U0Tfb5eVw6+LEin+awhz/PlrfR0NGl9uhbANqAAQB78DN +-GobOdUTyX0TmOgkTwR/WsIvAmtjNgvOvfjKnp+ys1W4lUmWJMTh51Kf9Q4LUEU5K +-AFo073QDWZwvg/PoMplSSJPyQY/5XWwv3Ao9uXDmL93PTNoYKqeLVP2MLoGPse4t +-0ndnYw== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAe/AzRqGznVE8l9E5joJE8Ef1rCLwJrY +-zYLzr34yp6fsrNVuJVJliTE4edSn/UOC1BFOSgBaNO90A1mcL4Pz6DKZUkiT8kGP +-+V1sL9wKPblw5i/dz0zaGCqni1T9jC6Bj7HuLdJ3Z2M= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C18:KAS-ECC-CDH_K-409_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAHR5WwqcoHBJH7VKO8JJmB3vvsA35AQP +-dmVkKLFTi5eFA/gfgK2e+XxeEnulHsBAWEuaIAA+zifz2u/nvf/fpyeyr5WvhZGv +-lGzd/jfoVkO40XnKi5UpEG+cXzqVqIGSJfnX1Kcw/SI= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C18 +-PeerKey=KAS-ECC-CDH_K-409_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=008d990982aac8d5371b867de21e09064fef30e73321337dc24f19ad5ddb6c4ad217136b7c61e360a73fa7571d526c8f514a06d4 +- +-PrivateKey=KAS-ECC-CDH_K-409_C19 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNJmKBioyFwuzWJVNLC +-SW2ohiAIJ/oTVmg2ribjjVGSbKPSAlife/on6iLTmZc9tvn96fShbANqAAQA9xWQ +-sEKQtfPNm6DjlKO+WhUU9F5TSX9s3tv4OXKOAogTXXaeSyiTLIdYI/4lbokZl8R2 +-AJ0WunJqWp4JEDvJSgnYB5rI7fI0EMhGn3n1XzNVz7OtcDYk7G117OrjiB2iCQPH +-HeH1rA== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPcVkLBCkLXzzZug45SjvloVFPReU0l/ +-bN7b+DlyjgKIE112nksokyyHWCP+JW6JGZfEdgCdFrpyalqeCRA7yUoJ2AeayO3y +-NBDIRp959V8zVc+zrXA2JOxtdezq44gdogkDxx3h9aw= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C19:KAS-ECC-CDH_K-409_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAR62TtQknhGVstEwejWlFNZtKbpvkET5 +-wCtLLTyz49TAzcVInN37liJsnOPjb7j/Lu8gjACZiAsNDUPFxXmtd92uaPLJF/Sw +-YuqNd3uc30Zcu1kQfnCZJxToy/rHYpbV7emcSNOKiXM= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C19 +-PeerKey=KAS-ECC-CDH_K-409_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0155dc98729c8c1bc65eb8a3ec09135f46bfa313bf56aa3169e312db8991abda338f8ac7a75bce42884068efb7e6e625939d2b88 +- +-PrivateKey=KAS-ECC-CDH_K-409_C20 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNaP4Bf48Mmb+s+C7fa +-Z2G7EXYYvFevNXtT8Znm5MvBKBl1MhQD6m3mGOwy6GuMoeENfEOhbANqAAQBrkYO +-EkhQTTPWftdQ8dYY5Tco1V45DfwY2UtW27PTwL3JbJLKHsqfRPuKWM823PzAWIy+ +-APcBH8Mh72JY3Pwf3CwKTlTIbsk5vJzspsKRdQwf9UCzSkGHk4QqLFyrYGHbvptb +-4/phFQ== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAa5GDhJIUE0z1n7XUPHWGOU3KNVeOQ38 +-GNlLVtuz08C9yWySyh7Kn0T7iljPNtz8wFiMvgD3AR/DIe9iWNz8H9wsCk5UyG7J +-Obyc7KbCkXUMH/VAs0pBh5OEKixcq2Bh276bW+P6YRU= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C20:KAS-ECC-CDH_K-409_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKFelqd26tuPigthNgM1y1AX19lxFkiT +-QemVFX8a3xeOVii60+gwvuVEMxGRZIhttcNGVABVHKVgXkrgU0U0oKs0PQOaO6eh +-zOgyxNZeJrrnq45fnHSz1CGlKOVZd4qye1mq4akW1Os= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C20 +-PeerKey=KAS-ECC-CDH_K-409_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0109e85c684d027a625ec5e6df952e2f20a14ed5b092d1b1b38435251303844d230fffc53d84b923555e1e1cbebe20b5d68c3bc6 +- +-PrivateKey=KAS-ECC-CDH_K-409_C21 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNVkB6bZYa38zcmYOvP +-6QJJkAyQLXxjKo0X+uIdP94wNzJbV3XqxaF0oe4rP/K8XOadjMGhbANqAAQAupUi +-M1Mbamx63m8zjST8ZXd7XTBSl+ZtMssbxQbFvKIofTrNM/4ZZT1siKBuyjcSzpyq +-AHFr6xTwIjNjDzRgPjCb9uJXLwt5HfpMWCr2o3q83WTo14WpXd/1m7xvvht/xzVy +-Xvzwug== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEALqVIjNTG2pset5vM40k/GV3e10wUpfm +-bTLLG8UGxbyiKH06zTP+GWU9bIigbso3Es6cqgBxa+sU8CIzYw80YD4wm/biVy8L +-eR36TFgq9qN6vN1k6NeFqV3f9Zu8b74bf8c1cl788Lo= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C21:KAS-ECC-CDH_K-409_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAWQn5yvFfSapEKZyLqwsePuoq//MvBGp +-+Dd7/iE+2a1kveKuhof4/x39sptdzs0CJpgowgCtT5q8IdoNMfGWWc07DBhVgUNq +-wIsVwLSKesOe7QPg7pfhZM+qWrx3RBLL//lKnqKpY2o= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C21 +-PeerKey=KAS-ECC-CDH_K-409_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01ae814e02c4684c21dd7e58a65ec51ec68c37e59e299ce65608186c0acce08e41c8320b1941a611fe66b1921b558d7f402d0eb0 +- +-PrivateKey=KAS-ECC-CDH_K-409_C22 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMESuQ70kfnWvp72Nwo +-51vbnd2Z31ZmjIMUVNwo8+mkTs/Ue6hCCihvHvNy/SmzZd+bgvGhbANqAAQAICaU +-83jXCWXUKCitXzcTe/i2POwsDRWOW6lMqx+OYeWjAJhro0mzrfPvwF5lZwr4jNPW +-ALrw2krtuXL4iiFd+/9k5CkPrcJdo/DYPzXmW8QXfTAl1x2O65xBRw88cZ4A7x+3 +-VS5qiQ== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACAmlPN41wll1CgorV83E3v4tjzsLA0V +-jlupTKsfjmHlowCYa6NJs63z78BeZWcK+IzT1gC68NpK7bly+IohXfv/ZOQpD63C +-XaPw2D815lvEF30wJdcdjuucQUcPPHGeAO8ft1Uuaok= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C22:KAS-ECC-CDH_K-409_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAS6J3M35dYUazPApTPS94SWckHptOs72 +-nxk5tVjE0hFSLk6qxhPjrISRyT3rbTRKn4esvgGlJgjq0J0tsSOg3Hgqsg3beT1b +-twrJXFjmIUa+tiu2aP1X+SA45Fhc3h+R7oxSUmr+sbU= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C22 +-PeerKey=KAS-ECC-CDH_K-409_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0140e7db3f6415d884822ccc7316a329dfed177b76c0117abd722feca889bee4e14e65d26c6cc935c0e94205f05fc1a7abfb0348 +- +-PrivateKey=KAS-ECC-CDH_K-409_C23 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNW1zcwdTracP2AHHSc +-Lx8aYe9b1uy3lqnhXv6bvmFY9mlUJ4c1D01kO9pvPoxkI7gXtTChbANqAAQAJaBr +-caCuJS8vkFIhmD6/ziGtlhIaXA3MXvDQ/sMB7HfvS5FYGP7c2n8/1zPH+eUpB5y2 +-AAJokNUwO2Gcf4H2D7grJrC5jY8kxFyrQaRO6zo6MSlE6Im0A14ENgswUEPjDQy5 +-BBqJ3g== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACWga3GgriUvL5BSIZg+v84hrZYSGlwN +-zF7w0P7DAex370uRWBj+3Np/P9czx/nlKQectgACaJDVMDthnH+B9g+4KyawuY2P +-JMRcq0GkTus6OjEpROiJtANeBDYLMFBD4w0MuQQaid4= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C23:KAS-ECC-CDH_K-409_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKupOuHRVSiAsx9QP8S+n5HRAkfxTIFg +-Ff+yutKauBgOe1CicUTgHCHmPD2vzSUTCLrHaADkq2blFL0Cq+rhxxI3iKaSWE3b +-SpCaIX+zXeZliCM9re9wNv+dnyTro3cuL6MDe7rmPP4= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C23 +-PeerKey=KAS-ECC-CDH_K-409_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=002ec4deac3e83d60ad39969f2f93b49f31875831ecd51ea5c37ca48de081c0c8cc660edc53a222f3043447f9cb752763be7494a +- +-PrivateKey=KAS-ECC-CDH_K-409_C24 +------BEGIN PRIVATE KEY----- +-MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNisCbUlyBmDPak9Wm+ +-mN+hCMjroII0rpqH88iLbGWTS5loFTIqFvmqvtEzF793Jb6lgI6hbANqAAQAD1KS +-U5TLUrwzDgY5DAwKLhDtl5cUn7zIjYD7yuwXPiSgXa75hAHV5H87dlvtu4JGMShW +-AT2ZwXEIBdX8fbclmsnhNLQR0A1z+wdi49IRzcVr9/cUUS0EpjDIcyVR7nNCh0ds +-9RHoNg== +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-409_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAA9SklOUy1K8Mw4GOQwMCi4Q7ZeXFJ+8 +-yI2A+8rsFz4koF2u+YQB1eR/O3Zb7buCRjEoVgE9mcFxCAXV/H23JZrJ4TS0EdAN +-c/sHYuPSEc3Fa/f3FFEtBKYwyHMlUe5zQodHbPUR6DY= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-409_C24:KAS-ECC-CDH_K-409_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-409_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKpOuJhEPM4+0sBy2Fh3WsIhwk4z7Kbz +-FXlmNUS7M6SgaKhtE/FntlMExffyX4lfZbL0KACDze0wIRtm8a3xcxi23lDXckwF +-hJleBotyRwOuCO1xoyszSYensx1sJjcVKRcyfTeszTM= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-409_C24 +-PeerKey=KAS-ECC-CDH_K-409_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01c9cc05d19f96c4d233039cfbc43ab68d657bb507f46a353091fe98fc0f422a8e7593c195d326977a2be6bbd2cb44eb1fe81650 +- +-PrivateKey=KAS-ECC-CDH_K-571_C0 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAXPNFjHhjs4Btzs1 +-cv+qdJXEvIH0B4rlDWnLHjOKzxNGkRcRKSEWbd8tKfOp+OEMZ+iMmpkgOoNFZb52 +-rFkSZDZzmmr6ApzFoYGVA4GSAAQD+/u8+6YJFX9oojEm2AX3x177Gb77WV46l14I +-/0a9NMi4e5ZFwOhuoK2RVGXVyFbGm7m3IrDRe/l62VxGAt6hfGtRIFTLItgHHBbf +-ceG3G0vT2ZOIJ9OVkJO52x/4a+1zlEpC3LZ8wzEC4owdDpgEpkUGVvS/M61y7Pe7 +-g70oLN5LwV1OSAZKqK0vApefXz8= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD+/u8+6YJFX9oojEm2AX3x177Gb77 +-WV46l14I/0a9NMi4e5ZFwOhuoK2RVGXVyFbGm7m3IrDRe/l62VxGAt6hfGtRIFTL +-ItgHHBbfceG3G0vT2ZOIJ9OVkJO52x/4a+1zlEpC3LZ8wzEC4owdDpgEpkUGVvS/ +-M61y7Pe7g70oLN5LwV1OSAZKqK0vApefXz8= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C0:KAS-ECC-CDH_K-571_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDEGpcHZI6CZDqjGAIw2w2a1PlYiuY +-RkBEdB+8eEAoTbi79gKGbDDMv1+bflnMHZv8xblw+mJNqbFfbLM29d2n5rmSTV3O +-RUMAXFx7vVp4msTGKD3rDQ03xIUrqlfWvCsKxjN/6wlwTETRs4W3DMOU+iNdg+bn +-EReH5X0JAsDLEyoZCm5i85hRHAwsTNUNRXA= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C0 +-PeerKey=KAS-ECC-CDH_K-571_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=003198a6b5d6cce847e24348a6a6ceff7a89ed3794d7acedc4e858c80ad04a74dbc02c7038e05ab26b2a299ec92ee0d2c7e66a81872a5157fbc5d4d37ad598d6ddee995ed28a2d74 +- +-PrivateKey=KAS-ECC-CDH_K-571_C1 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAJN+2zqilWPSJIWR +-yftEiYUJX5E6dFgxVZPPzofmj7DxpSW3MQoQEXbjTUXBAEU4lU4gRFQ4F8qw1WPf +-bLDV6GF7u6FQ51XhoYGVA4GSAAQCNjzFYksG3xlWvvpZfUx1fMKxABo+FUTSRAgp +-D2lId0VbqS5WCIRi8P+svTk8+DW1a3BGoV1Lck3Gw1c8sVbA3ymKqLElXLgECfdz +-uY1e3Cc02DWVMoG4KsDhXZAtiHp8a6dWKaN2cbEB0Y3f3EGT2YsYVRQUxJFzAEUw +-95dtJ8Jzpz3buJj8tfrenAu3iD8= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCNjzFYksG3xlWvvpZfUx1fMKxABo+ +-FUTSRAgpD2lId0VbqS5WCIRi8P+svTk8+DW1a3BGoV1Lck3Gw1c8sVbA3ymKqLEl +-XLgECfdzuY1e3Cc02DWVMoG4KsDhXZAtiHp8a6dWKaN2cbEB0Y3f3EGT2YsYVRQU +-xJFzAEUw95dtJ8Jzpz3buJj8tfrenAu3iD8= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C1:KAS-ECC-CDH_K-571_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCESI8S3KbIGvgH4CFqZfh3eXNsnwE +-iSWic2m8ymo+L7/GVjfx7OsTO+dJZ5oXsc5Ygh9GvRhEqJzwBCyAQ8sQXgGj/JSN +-JmMCsewubiwjdbRksKUCxQU7WzSL0IF4xyxgMQXQRoGWpGldwmfW4QnxsSdEU7bv +-8U3fN4OWnoglZI3rwhav/5JY9kTXfs2ZEc8= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C1 +-PeerKey=KAS-ECC-CDH_K-571_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00577147459262e5ad42f222827f20ed574b2118924205bcdbd339ce20cfb085d072fd70f4ca1f5768fafaeb5710f7ccbea4fc2ae5377b0cff20a889a2201739139bf788a9bf2d7d +- +-PrivateKey=KAS-ECC-CDH_K-571_C2 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIADQJmwdz8CHuDT3R +-hccEtRWKlDKNqgl2j61YBN8dovwGcZDPECjDAje/KkjaE6uuNaJcPmOH05k/m1aD +-Bbi/CBj/Un3YIF30oYGVA4GSAAQGdNzE91XET9q9wHhIgQe7ZKRgupMsfhhUhMzS +-f6hwAxEH6ZVSBLBjC5tNNgjZqpMdfHZswuRYeOttjNlr33EbL+i0e40jPtUF2Wvm +-t+K6dMgDKvGcovKznS/U6MibFWtrJcLqT3H3SgLKfaKkY6zXYF1TUP0WqckFJTTn +-6B1kjkBgorAcRZwmDLZWfaH8UxQ= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGdNzE91XET9q9wHhIgQe7ZKRgupMs +-fhhUhMzSf6hwAxEH6ZVSBLBjC5tNNgjZqpMdfHZswuRYeOttjNlr33EbL+i0e40j +-PtUF2Wvmt+K6dMgDKvGcovKznS/U6MibFWtrJcLqT3H3SgLKfaKkY6zXYF1TUP0W +-qckFJTTn6B1kjkBgorAcRZwmDLZWfaH8UxQ= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C2:KAS-ECC-CDH_K-571_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQATUi+WZ67HtYCRy16h/TNIID0TsKI +-Vf7MOpzd4lVReHq9J8wdp+d4F+lMnAKJwAWg4247z7DTgejMloS2990FF38W9j+H +-IcoGLPca8KL441xNf5MSvTSoRqOA9j8NxylMGIdxAzV+INHw7v8xKpk96yoez8gK +-6galtx5Pi5zvrrzTJiaRkGT4ivQW2G4+evM= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C2 +-PeerKey=KAS-ECC-CDH_K-571_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=014662b261d0bc2168642bfa4f80c4b3fe8176f604ad3703f443ec7aaa3dcf3c5465b869a8fcea60b8f55ce7118806c5d28a04848bd961db0061209b59bc02979acce9324d7c0c31 +- +-PrivateKey=KAS-ECC-CDH_K-571_C3 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIABVHQ433b8teKuaS +-WEW7+wO0++glVhbsf72XtI8RJpIhn08SdebSRT1bzzusQQbwFhuBGfSH2ItfjI4I +-s6oXuD/gEQLXY5LToYGVA4GSAAQEJ+LcEe5SI72cPZQYx5EUaC+R3aBufYjDOafl +-bg37Y2tuY/3oo4EUbstwXKIC0rc99AhFF2PFFmBmqX/05PMvC0zJQjRLCy0HYMij +-iOLuon72g4x9RQUuOMvuIJbL6J93R3QTQHZljfkMYsfcDj/emV16mQkJkwCatsU1 +-Z329s3bxg+tQktLLaog3tr6jXc0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEJ+LcEe5SI72cPZQYx5EUaC+R3aBu +-fYjDOaflbg37Y2tuY/3oo4EUbstwXKIC0rc99AhFF2PFFmBmqX/05PMvC0zJQjRL +-Cy0HYMijiOLuon72g4x9RQUuOMvuIJbL6J93R3QTQHZljfkMYsfcDj/emV16mQkJ +-kwCatsU1Z329s3bxg+tQktLLaog3tr6jXc0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C3:KAS-ECC-CDH_K-571_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGvyUuYsmWkXGpcXZx2g9wMulSCkl+ +-yDH03HdqyH4BlK+ZVGxB0IBI6gbakjXPE2nD6lPmuMu3p/1CljVFSNRO30Y/d600 +-GwIClNX35zbc2JkBmOTg8LOYuKxqh3ZK9gFZYjSi4WLJxmfkfrPZh++66wO142ma +-OO+VPHT7KP19ik7Fo2MZzMRKGaqIIB3ay/g= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C3 +-PeerKey=KAS-ECC-CDH_K-571_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=051ec4db0622b7b1c798366453c70f959376ea3942aed2e931ff62a4019eb12ba5ff119214c8bfd8bdb66e62b562400f2d3d48a84b1b3baad3667f735ad4d0f183bdb91aaedcf1f1 +- +-PrivateKey=KAS-ECC-CDH_K-571_C4 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMe0JSypsZLF/qqa +-IQ/YTi5IMgJx8Q9n6p6zCw3oCG1Z2uBCWf0SsIbYkOItRdJ9fIRV3Petp5bjXjox +-ODQsxza8PtN4HEEZoYGVA4GSAAQDJWI4OOixjYG2gGBzQlTrArjrsiZFVvyYUMNt +-MDVEmqdk81Hbr3u8qbmtsR8nzIihrG+3GqEO+NDQk5Kwyn6qelzBQHjMGLsAmPx2 +-VtneOlGSPbopDsvkE++NlR8k6SSMtVIwn5cSf7lCns9t0Htt6JTharYOM7TucwJM +-y+hm3l4X8bR43HcnobtCNxggsS0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDJWI4OOixjYG2gGBzQlTrArjrsiZF +-VvyYUMNtMDVEmqdk81Hbr3u8qbmtsR8nzIihrG+3GqEO+NDQk5Kwyn6qelzBQHjM +-GLsAmPx2VtneOlGSPbopDsvkE++NlR8k6SSMtVIwn5cSf7lCns9t0Htt6JTharYO +-M7TucwJMy+hm3l4X8bR43HcnobtCNxggsS0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C4:KAS-ECC-CDH_K-571_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFcB5jsBwWxOsZk4JluhNMrHMWJ44v +-HrQKBHdUSL3tl+ejfQH+2KTgtD/026IaR3WczUW/lnHdIu7GW0r/i424nf4+SQwK +-ydYC3Ze2QVruKwHP6zzSoDV4q/7Zyoe+mibYmVlah7y9lydI+moL5OtVfmnG0o4r +-uhWA3HTidR18zZGMRrS+aHWk5MKQ2VnCPBI= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C4 +-PeerKey=KAS-ECC-CDH_K-571_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=05b355eb5c47d8027b6c5301d2463b99c636db207792e2975ab1a53c1cbb131280288432a79a3b47271d6a2bd777298baf8a675f66be9dc72c3588d299df8b52e7840322b43c2071 +- +-PrivateKey=KAS-ECC-CDH_K-571_C5 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAGbMUZgNOFG0iMLB +-gUlsg1BfuVex7EqE3x4QXjDQAry5eLbQvcO3ZE7T37wzymv+Q2LNjMVBdAsN6M8u +-3M5FkuNPoRrCbskioYGVA4GSAAQHcfop5ZMNbf0206nnFZZ1/SPQteH9muZFSsqe +-gSfx5+P1MitcFrCVVzsyZtCPDcMwQ/+z17COTgUu0/A0mjKQJepv8+FmhUcCL5lP +-mXRpLbtuWMx65fkGUu4jHgo5YVadxkbRFFIqN3dBDBs1LWaAefgAELtUDkwoQIZl +-gQ/mH9YOcNMMaI6rj94ENk3uXJs= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHcfop5ZMNbf0206nnFZZ1/SPQteH9 +-muZFSsqegSfx5+P1MitcFrCVVzsyZtCPDcMwQ/+z17COTgUu0/A0mjKQJepv8+Fm +-hUcCL5lPmXRpLbtuWMx65fkGUu4jHgo5YVadxkbRFFIqN3dBDBs1LWaAefgAELtU +-DkwoQIZlgQ/mH9YOcNMMaI6rj94ENk3uXJs= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C5:KAS-ECC-CDH_K-571_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDL6GBb9IxfBa1sZol1G+l5FqxXuny +-sdEnTCoGAjmU2zCfrVb2CzzlfzLfx9BFqEt9gFIyvjTH51lRTDCiUge6gAIVsgYP +-BMIEFGlZPVdIByuayP3gIwlSibzfZasb/AhW+D6a4GyJcwO9FvXkWCPWX+yDEP1D +-MrZc/0enma9PfIY44tf4WUjEPxBTTJgMy2I= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C5 +-PeerKey=KAS-ECC-CDH_K-571_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=052bd78bf1326c6d91840a351d4874d36b147139882356c595b8607f9998773092a99adf70adeed19e122d4d2fec16285f000161145135d96355cba039a96335e7716724c249f88b +- +-PrivateKey=KAS-ECC-CDH_K-571_C6 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZkNFfosyQ54PUMi +-AXhLq1a20p0fJmWnbNAT65b2MA7Y92K3ilWWrH6MHnYWfxB8IEQ7GscyEB6fCsoS +-VRpTbRUt8rPbDyDeoYGVA4GSAAQHbD1y8OcV8kkbydmSeKjvPDkLOpbpmXs35be9 +-il8Hr2j44O44krY/8RKnOoSfDoSngtT7Qm618vFa2szp5UdqbazPOn+popEFQKdj +-gjWZ4MhgJ7rMjLsw46JGcnb8T35f1O04XfxviD/te8pp3yGgZotV69KS2o/WNWo+ +-xc0cdiwBRzqgZwBMrO2tVk/gaRA= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHbD1y8OcV8kkbydmSeKjvPDkLOpbp +-mXs35be9il8Hr2j44O44krY/8RKnOoSfDoSngtT7Qm618vFa2szp5UdqbazPOn+p +-opEFQKdjgjWZ4MhgJ7rMjLsw46JGcnb8T35f1O04XfxviD/te8pp3yGgZotV69KS +-2o/WNWo+xc0cdiwBRzqgZwBMrO2tVk/gaRA= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C6:KAS-ECC-CDH_K-571_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD5j3UyYwVE2HJkCt2OuMvLW3nWVP6 +-PWg4wdYT1Ej8pzvzAtMCEqltMrlUnhfFzzlcVlGR9qItrE2nweGp2brobr+3LILq +-GZoEFgmrnBLBXlEnAF6+/2/R9ztpEu0HCvh/X/wh35A93h1xVYLdL2mQQCAARc26 +-ns11isTQhNTI14IZ9vrZTTQa132szau1Sis= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C6 +-PeerKey=KAS-ECC-CDH_K-571_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0226c28e5a6bc735935f9df2c1b02d096d4dee41ffb95a67905aab8de1b2d8c66e2bb471293091438d3f05df7e48003e58a958b72f839f7f2e2c54287fa3cadcd41a2542ae4ec03a +- +-PrivateKey=KAS-ECC-CDH_K-571_C7 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIACsJN+cx9Z3d3w6U +-+6krsabOuBnnZZvPbt1LSvScLvJcW2A5JW+Sg2PhhASxZT05mAVMLCWj+DoMVUih +-OePmoYB1Z0bNNO4poYGVA4GSAAQCcMTADeJwkBDHzwR6DOabh/QdykjTW3H7pLJY +-iG1zrkLe+4ZTlRwb0+tM4OYXWpRsZ6+md1NHXFH9UlsP2fWiba/KMZ+qXhUGaAu9 +-woFQX10/vil0SpmeB/9hJXaZP2+L4xE9se5s8jeZhnu8gKFAN2qbYydFH5i/j9Hb +-RvnZzAXohwTVcS1FZ+HfQNOeme8= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCcMTADeJwkBDHzwR6DOabh/QdykjT +-W3H7pLJYiG1zrkLe+4ZTlRwb0+tM4OYXWpRsZ6+md1NHXFH9UlsP2fWiba/KMZ+q +-XhUGaAu9woFQX10/vil0SpmeB/9hJXaZP2+L4xE9se5s8jeZhnu8gKFAN2qbYydF +-H5i/j9HbRvnZzAXohwTVcS1FZ+HfQNOeme8= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C7:KAS-ECC-CDH_K-571_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQG+Rp84Rupvy3h/gcPnchDu3F8MG2c +-Y7UHjSoRMj8gycDXt3Q9MR3azc9d0A9JixmWcseK4l5oZNYr3BaTXW+42tIILTZ2 +-6/MEWTxbrRLD1lXGYRx8qXEfnjKij+5Us7gkOWKjxV1B8sGF5MWLeimY6XgCG5W3 +-JGNdrMvX/DDSByB5e8KRNixVsCSssr3PPVk= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C7 +-PeerKey=KAS-ECC-CDH_K-571_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=051a3deb052d3e99bb6ab6c6b284db2c998e9bee543e02e57f1b13fe9fafbfe53a89658c58eb947dbd178aea2f6cb28e305c9867bd65bb26f71793f90c984ca11113e1a8dbc8f7d1 +- +-PrivateKey=KAS-ECC-CDH_K-571_C8 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAc1Bz/diQCqDTn4K +-uQj8VJQPaXtQAipN/tjPCxPX4O5SP78z7paTiV+RjZThWwhGVdYbIpTKUcQSP+Xg +-ho6dDRysITjwV3oXoYGVA4GSAAQGEHl7vG2RMRgK5Uq2bmeAhJJYNpdBRw4HbPBe +-B4W7TnkAuQjTjY2rO5QnuVKt0g77dYz/gK62QcTd4e7aVQnzhtVlhVlgnO8GjSUV +-9CWg4wN1RzQvG2/5MXY/UFLlNupPeDd7XJQUWcjCIBSCr8882nOQ6eXTGUUYZMoD +-aDVBqyzXep2I/XphDKhF7lzT1Jg= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGEHl7vG2RMRgK5Uq2bmeAhJJYNpdB +-Rw4HbPBeB4W7TnkAuQjTjY2rO5QnuVKt0g77dYz/gK62QcTd4e7aVQnzhtVlhVlg +-nO8GjSUV9CWg4wN1RzQvG2/5MXY/UFLlNupPeDd7XJQUWcjCIBSCr8882nOQ6eXT +-GUUYZMoDaDVBqyzXep2I/XphDKhF7lzT1Jg= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C8:KAS-ECC-CDH_K-571_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFqyp/EKyJ+YxAlYCrwRrZDJM2Dmqy +-gpILWdMWyp8rI661CHbLG8vo7prmtVM/3NEa1PhtiRjWY4nah8mL8dYyO9CUfYCZ +-CDsGieGUcnZ5HcuVJxg+MqCAcrfgPcrRdf48/Xvu/ISNzvSDOAxgBUEThccCfJpS +-tgpuU3qHU4DSW8R8e/I2TdaKZvIdD1eGakI= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C8 +-PeerKey=KAS-ECC-CDH_K-571_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00697c751ddbca7034fb4d3fc1b2618daf78cdae464e8332d1215020c8f896f4864c7a6f2c61a363f730f58fd3bdb4f78a90b40aeb83b4fbc1d8d37cf6a27a6f722c68a82979fa16 +- +-PrivateKey=KAS-ECC-CDH_K-571_C9 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZ3/DXKosELE6S8d +-rnQHv0oQbNpWTbdQjlp2sDEwyR1eXLzy9XjC6d7kOEn5Edd3PUwmfigsJ3tzH4im +-7w7t3VIPV+dD6/lloYGVA4GSAAQFu2Cl/o47Fzz4QT6vQToyhqWnqjePIURsYQV2 +-lgEnRtAtEKgx94XJyWVh/8atT57N9JN//9jmmECOZg/olvftRK9rO0LqhJ8Dfjo1 +-5Iqma9hRxZ+FHUof8zTg5YnawwmGrNBtbrjOI28qlojyeKFNz+BmC1+g6X7Pzrv1 +-tA09P1FQpVRay6YjnABBmsctwsw= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFu2Cl/o47Fzz4QT6vQToyhqWnqjeP +-IURsYQV2lgEnRtAtEKgx94XJyWVh/8atT57N9JN//9jmmECOZg/olvftRK9rO0Lq +-hJ8Dfjo15Iqma9hRxZ+FHUof8zTg5YnawwmGrNBtbrjOI28qlojyeKFNz+BmC1+g +-6X7Pzrv1tA09P1FQpVRay6YjnABBmsctwsw= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C9:KAS-ECC-CDH_K-571_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQANAkcOsb8UpnfGPFi6veiB/wVQ6pJ +-jnJy4VqSdy9XdyIpBpRW4hnJwocr1TeDsPsTRfXoRnTENEEpoxQUa3Aw/HUZeiDF +-iKoEnjo/XuZYdeFAEImXBji4B9+XVopZlcj+L1Akc7g/WMVWxfIU7W8D747OAUAa +-ITS8BB9mki/MTjk44MbTAutCIAZ4qXE58pE= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C9 +-PeerKey=KAS-ECC-CDH_K-571_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0322517da30e010aeaa2ec9bad2745d8e67f906294ecd6b1d16808be3837f79070d0e1bbbd617f4b8b031d3b51ea2acc59de408a130138c78571f8800fa907caf550d23323d1c818 +- +-PrivateKey=KAS-ECC-CDH_K-571_C10 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAeFBbUKZJsq+pUe7 +-J3ZxClL3EwOTCBAgMSs5Yhletu0XxtQ2vEaltHp6qs+PgRf+o8r6FmZcwYRbDslP +-r2h1ebHBFroYPoJfoYGVA4GSAAQGVmClhoihZYipwWuCcgQKMK/jFQYwZ2Aj/hZW +-ht+9pk/IWZXdwYycWwKb/71N/6j2KYnGOaaGI+yngAnLCI7hy0LEhVt50wIEksOG +-fxN78nh6erBWjTB5uNmh4LC6XSnQx7phbQuydyXaLKa8Z78IT6tSWZ7UKw70h0NC +-PLxvQTVpLDCa4mMMxKU5C+k/J0s= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGVmClhoihZYipwWuCcgQKMK/jFQYw +-Z2Aj/hZWht+9pk/IWZXdwYycWwKb/71N/6j2KYnGOaaGI+yngAnLCI7hy0LEhVt5 +-0wIEksOGfxN78nh6erBWjTB5uNmh4LC6XSnQx7phbQuydyXaLKa8Z78IT6tSWZ7U +-Kw70h0NCPLxvQTVpLDCa4mMMxKU5C+k/J0s= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C10:KAS-ECC-CDH_K-571_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFe3xlvFHoe9rTfCtNrmf7AIznH9MH +-LkG3fFYtfEF0iHKiC++FF7pL6JY33emOK6GzsB9jlAcT4oI9jatopcx4Vh3hQIXk +-z4cAundDClVgCJ36xPaLTzSTejhN1ge8u1+rVnen+uCe0Hz63jmeh86f3ZOXxoGq +-M3jOO8grAH9t5PfLltrfVaTIc0o385pcLyU= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C10 +-PeerKey=KAS-ECC-CDH_K-571_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=000911ec1cf82a22c849b401dfe56453a06f4af32644ea8b63135b68a979236d05968eeadca7f0cd339d295cc58967a7f38cfad6e947a71295733e42ca3c1ba9b4ff6195607bb530 +- +-PrivateKey=KAS-ECC-CDH_K-571_C11 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZY2Pu8aDlvpfY92 +-Af5A/0AQ9JSfAWkIqQbtXNrxIh06WTs6Rna+r9H6FLwPfFM7FwhvIH+cSEz8L7w9 +-sr5BI6jobztJEczjoYGVA4GSAAQBsS44kU7gB1qIjW1hzcdXDFEdkKnjoOJzjDqZ +-gauauppsYUYLrQeaKEKaUgfSyAGvL9zto2ZEChFoZ2Xpunf3prxVAS1MlRAHDt5Y +-d2Zf1jatz9ByINdF7XrAqbAgIVn0UMn2wbg3GSpp7mrZVTJ+uc0yagWItZcj206P +-0lixHbiIpT6xTyvghRJogykFmJI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBsS44kU7gB1qIjW1hzcdXDFEdkKnj +-oOJzjDqZgauauppsYUYLrQeaKEKaUgfSyAGvL9zto2ZEChFoZ2Xpunf3prxVAS1M +-lRAHDt5Yd2Zf1jatz9ByINdF7XrAqbAgIVn0UMn2wbg3GSpp7mrZVTJ+uc0yagWI +-tZcj206P0lixHbiIpT6xTyvghRJogykFmJI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C11:KAS-ECC-CDH_K-571_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQG+nR37exfHnQogfjXsq9WN1ET6ZK3 +-l/04frW1PDPGunI2QXssfm40YmfxuMbXhX1uCPmmDobeI9pLNoQk+wA/lrTIn10k +-SnQHPh/t9i6MgSg2IrU+ss2ye2TDwd142gyQ3Ww8d2rRRjAuQ6ulQTebyPO93C4Z +-/xXZZmTOLQnrb7WxOEioKzG0UtjoTaO4Uxg= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C11 +-PeerKey=KAS-ECC-CDH_K-571_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0724c979affb3ab8d307529759bae5fa67319d441851e5817fef014350e3014e068428c9dac395c5e7b9e5b8877457b3e4625ef49ede4ae3626755eefc3fb3cf09c23e8a5a9f8c25 +- +-PrivateKey=KAS-ECC-CDH_K-571_C12 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAKGaDt9Qg0f0QCzs +-vOEn3GQQsZZ9P4nms7oItIqtCM1speXRIozcxBocOA8q6QUtc9t1UOejwdhXBWyY +-lH9bLHHDPE7rwSEMoYGVA4GSAAQGKfcFWDCHCOaSmxrQ/jEoqK9/llkbR8uOosNF +-QSCm05PtmJ0TIxxmGWajeLln76ZNPAk46cC4sWyZ1zSb3Vni1EgE+P7h+0cGpeUP +-1QJNiVPjIkKCMlDpmMpgK1JZlAUSlzWodOgzs71z16ncU63qCSuo0kIH9epWV6KZ +-GbiKbWP9CpQ7Vt3kyEeEgbV3I+Q= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGKfcFWDCHCOaSmxrQ/jEoqK9/llkb +-R8uOosNFQSCm05PtmJ0TIxxmGWajeLln76ZNPAk46cC4sWyZ1zSb3Vni1EgE+P7h +-+0cGpeUP1QJNiVPjIkKCMlDpmMpgK1JZlAUSlzWodOgzs71z16ncU63qCSuo0kIH +-9epWV6KZGbiKbWP9CpQ7Vt3kyEeEgbV3I+Q= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C12:KAS-ECC-CDH_K-571_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBi7bL/L+67UaFZLNo8LCrw/vKR9zB +-nyyEa/ooc3DhuRL2tw4IUZ9XfwysMlt5/Wa2sjqh4q4mK80ueossLZjZ7XelTHKV +-+Y0Fvpu9kXcrtCJmq6nIk+VmcM+2bK++RAHKLLV2W0aVBISFl8f0RumYFHRnhxWK +-g+v443loVzY6jgT4dCoJ1+yhY4bWD9fIWN8= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C12 +-PeerKey=KAS-ECC-CDH_K-571_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=005a526588a3a2ce08b20925e83987eb0a1e68f997102df7f9af83823ac8e06abbd29c04cb1f974ba9c9ac49b48b5af37679a39b532d359cdec3d41b3f80a1ee12c80276256b738d +- +-PrivateKey=KAS-ECC-CDH_K-571_C13 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAEysP8wAc0RCzdgO +-r4JEEsIOqe6wPUO5mdSd5hhzYCAgorPEeWX29FO5G3osHZPhOolURTPjWhIs/IYS +-yGkLabt6VXh1+WCyoYGVA4GSAAQD4hHDtJhpJ8Q4jRaAy0dw3ubHgmZyRYLGbMxQ +-xssoI5R01SH6zHIGr2uynM7XM+27wNILkmTOY9lDcYjj0xwOC8Pp+diEKeQDenxZ +-ASqC1ZzB4vD9T9dR5XN6y3fyoHmeCvOJlqteEQkKY5bMSA5vKqvY+tRGEWkeWCIR +-X9SdKgAMm0nR9JZOJNQ/u4H6h58= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD4hHDtJhpJ8Q4jRaAy0dw3ubHgmZy +-RYLGbMxQxssoI5R01SH6zHIGr2uynM7XM+27wNILkmTOY9lDcYjj0xwOC8Pp+diE +-KeQDenxZASqC1ZzB4vD9T9dR5XN6y3fyoHmeCvOJlqteEQkKY5bMSA5vKqvY+tRG +-EWkeWCIRX9SdKgAMm0nR9JZOJNQ/u4H6h58= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C13:KAS-ECC-CDH_K-571_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDIYS2hj4stbxxuv9ba1ehBZSDHMEa +-nl7t7EgE4gFuPdBkz/0Soe6g9pMpEd7TRazlwf8lC5ZI2TuVM4ba6bVijDxiUnuJ +-BRkH94PgNBqHHmJW2jSeu1OfiHZ9fawVEePD5NQ7D9MdXdLC8PF26sVEqHH0K5g/ +-j7pN9nq2ojm335lyJjBLcxZdli9OHS0Y3p8= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C13 +-PeerKey=KAS-ECC-CDH_K-571_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=049db68dc9fb4cfbad8247ca4fe7c573c0640abead8f319194d665ecaf4f04b61f84f5df0d8a6386f6df04ca1a685a7394567eba5deb9f739b1e623ed6507021593f0e22e2dfc3f6 +- +-PrivateKey=KAS-ECC-CDH_K-571_C14 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIANUUFE1FSLz8vPVw +-Cffo7hBLFUVvSRgmvf2bpn6HH9vY/ISQ7LyyaQkfx1KeXlVxOoHeIMDtAeyzFZrm +-FCS9vFZTcyWH0elPoYGVA4GSAAQD7l+He3N9rkC6+R4MxYHf6NKR+MRR1b/AtpDf +-cCWHXZVp1SAhs7aJDgGiupWJnikoqQLNXcgUPAfqJnSanJQGi1w0xZawlD4Fjhul +-FqgYyumzcIYofgiAg+K0If7wtZuoFqsDE3XQnXr31XhmdEaHvju0HOInbTo4+Xu7 +-n7WfJKkvAIWwTuXtGsDvpnE5T3M= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD7l+He3N9rkC6+R4MxYHf6NKR+MRR +-1b/AtpDfcCWHXZVp1SAhs7aJDgGiupWJnikoqQLNXcgUPAfqJnSanJQGi1w0xZaw +-lD4FjhulFqgYyumzcIYofgiAg+K0If7wtZuoFqsDE3XQnXr31XhmdEaHvju0HOIn +-bTo4+Xu7n7WfJKkvAIWwTuXtGsDvpnE5T3M= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C14:KAS-ECC-CDH_K-571_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHHhZ+WeKnCev0vj2D+53GntdJ46uK +-VOICw1+NRd6qK9qGwq+hsKBHVNGImPzdmxhfHYui4YCkesKRu0qtj5l/c7FCO81+ +-m5IFcRkIW8fLICPSP4gQFCD59Qjw25T4377dXL6IzsgKnccI32zM34FddbFGKA18 +-0uuXzxp91VC+Ujgk+TKnd2efLun2bUJY3aY= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C14 +-PeerKey=KAS-ECC-CDH_K-571_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0343c45daab4f91e02ef9bd6e1cd157b00ab0ab0a3e0d9734918a1d896cdf7cc1212bf74d7bb9bf96bd4abf42df325756c407217f44a5950c2b66af820692742ed7ebe14e48d2d88 +- +-PrivateKey=KAS-ECC-CDH_K-571_C15 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMzG3KWphVg84AgS +-w9B4IvY0HHnXjBay565Lv1v/rBrNneq2eBk/j4mw4qrlLjAxFETdESU/ltYts6v7 +-F+Qj8N3w6ZEIEVTDoYGVA4GSAAQDgmIVNDz9Stlo1XK6st7iJ5+ejv+g/4Cw313S +-6oIrUCJ05QfIfSQp3Yu9um64q0M7HuHK06l8fSRBlP2aQ/Ph/zMUTi24CGQHD0UI +-rjkc4kFUs4hzrwCC2ViVrJL9GqMhupO+70BKY/exr6H+7Jl4hVI6ZoitqU3UXrMs +-p/G7h+Y8Tel0kxlsO1PPg9IY3Dc= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDgmIVNDz9Stlo1XK6st7iJ5+ejv+g +-/4Cw313S6oIrUCJ05QfIfSQp3Yu9um64q0M7HuHK06l8fSRBlP2aQ/Ph/zMUTi24 +-CGQHD0UIrjkc4kFUs4hzrwCC2ViVrJL9GqMhupO+70BKY/exr6H+7Jl4hVI6Zoit +-qU3UXrMsp/G7h+Y8Tel0kxlsO1PPg9IY3Dc= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C15:KAS-ECC-CDH_K-571_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHTxp7XPsO7vHhXmNRLHMYja++iOjp +-xCBzsrZSufAoIU8L7HkULYiJQWq/eoPin0eee8PKZX7woQwuo63jEXwNNp2swjOd +-HBIA6JkqVAdnUwKfLA6djBZua6hIlqR4X//1mMSCPlRh/wBUkLt/tth4rDT0J/2d +-tIy98S65gm1o/SzxcdTWHD8nXUSUfU30x1I= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C15 +-PeerKey=KAS-ECC-CDH_K-571_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04a565cb3e15236a7f6c413afeb419c082427b10a6d07ff87e81740716433c06b3254414381e4ff9860340dd6201ab6621d162cd12047a5515ab1d65f20c97eb3d7132642f8ad58a +- +-PrivateKey=KAS-ECC-CDH_K-571_C16 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAYhiE2WL0X59wzTd +-gAOSakR8NKGX7l1tC7xG6F7Bz6aAKFjRw2cnbKVyuieqel0eIWkCQWtIr25Cd5Re +-Rl19hA3/FDhUPKpGoYGVA4GSAAQEf2zEIQfEDBaNxnmoZPlptT91YlcRO3UCeW76 +-VM3M5wS5NE7kv5ZHUtaJECYr0mq2s0cIRASygwbKNCXymJTOb9QpPFlzUi8GDP21 +-RnZ1p4mSO+lzxmRdvibQCjnU6BJVIXKRo4gs+o+R9KqCFNNSTJXvaiTkezudDvVf +-ZwdWrkpNnGXwdfQXCy0YqvvKAmU= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEf2zEIQfEDBaNxnmoZPlptT91YlcR +-O3UCeW76VM3M5wS5NE7kv5ZHUtaJECYr0mq2s0cIRASygwbKNCXymJTOb9QpPFlz +-Ui8GDP21RnZ1p4mSO+lzxmRdvibQCjnU6BJVIXKRo4gs+o+R9KqCFNNSTJXvaiTk +-ezudDvVfZwdWrkpNnGXwdfQXCy0YqvvKAmU= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C16:KAS-ECC-CDH_K-571_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAS1Szzv1BX16qykrk5drPvOIMuhky +-ovUFSbzTFjABetIUdd8VT/N74TymGkxgM2sz0P/HYqqenp/G5v0XJQteQCK1UUHS +-P78Fb3yNZcVo3pW9FmT/9xQp7HOJh2l/IX3lrfNtFKgLb+WF5GheA8gYOKvt/cBa +-HgFAevSrmJ/B0Sc7qKGCxGGFbV7/5wXX3+U= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C16 +-PeerKey=KAS-ECC-CDH_K-571_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=047265831f1f589b5f30806e2fb80aa7844cbf32b6993384beaac7d992b327b97dfd0bb89ca09e711507e846ed4ad003e7115fa8843b23d38f320e43b5eb506bde48fbd7af4983b9 +- +-PrivateKey=KAS-ECC-CDH_K-571_C17 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAEwN03FeiIjcIiIG +-nn9hGAFoUUAwPha4tENDPV4YpLGAPVaAQWrr2nrn6USRVL40an3LNsHbInRGc/s7 +-JF5YRAeH7T3sbT21oYGVA4GSAAQC+yQessKKGwZ1tXYP5WY++mA+sFkIQvRVlz8F +-c+FIpH5j+X6N+aVwsGVdWvxCAZ/pX+RP2wKmgnHYLfWAAQ+R3/DLPZvaiZIDP5Op +-3DnYdAO2qU3AYy3sZ1eELQqvitjEHrtjcFi/wRwZo6mr3fIEIB70+W/pYpIzpQcK +-CHlNFEcAkeMM3Ydqr2VAdicjMjQ= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQC+yQessKKGwZ1tXYP5WY++mA+sFkI +-QvRVlz8Fc+FIpH5j+X6N+aVwsGVdWvxCAZ/pX+RP2wKmgnHYLfWAAQ+R3/DLPZva +-iZIDP5Op3DnYdAO2qU3AYy3sZ1eELQqvitjEHrtjcFi/wRwZo6mr3fIEIB70+W/p +-YpIzpQcKCHlNFEcAkeMM3Ydqr2VAdicjMjQ= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C17:KAS-ECC-CDH_K-571_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQH7HG+oIEZCpxM3/gJ7Stlp3gAzRs7 +-7/0eQATRJqw1LSQjXHl6WlZ9rvc5PSdmOBMup/D2HlUNwlHTQfZhAvlsKr9+43wP +-ye0A78KshwWy+cnAapEKMExCsa1TEBrrDRRjGdwkgVx8wZg7HK2R1fnG1e7xZ3of +-LSvddaH7TFeWpMVpZKo+Q/PaJsc37dnLCRA= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C17 +-PeerKey=KAS-ECC-CDH_K-571_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=059b62c25c96955b8fb4deddcf90ebe6845ee71ea357739273d6d67f21a0c47d154add9d5d4d2b657fe1988ad614b0b4902faa92fe999abd754ad33cd6b92fe2f6a68a6f2c1eeb27 +- +-PrivateKey=KAS-ECC-CDH_K-571_C18 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAH1UGU/CJsw59kDT +-0XublbcLUfmK1coZkVZhCNg543fiG6SMv0QVMLM0HdxhsKWBQaqmZTAkH6UpUF1w +-gEslYMW+SBMQuZYtoYGVA4GSAAQC7V86LvpKsPnbX87XsTAN5NRXqa0IJ0V+XhxL +-wV69GDd13ktzwfgg3UAzNmEA5ItBZNBOn7bPGkvbVRIqhgBfvQvSzdvJX6cDJ/5l +-TvaFY8yIiKzKhRY8KxVPtwsPSitYw2OIoMJfgKTIh5d9RgANxNhulc/Y+QZcAOso +-ZTyPtHe7tcY91HuDyl4Phx6e7T0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQC7V86LvpKsPnbX87XsTAN5NRXqa0I +-J0V+XhxLwV69GDd13ktzwfgg3UAzNmEA5ItBZNBOn7bPGkvbVRIqhgBfvQvSzdvJ +-X6cDJ/5lTvaFY8yIiKzKhRY8KxVPtwsPSitYw2OIoMJfgKTIh5d9RgANxNhulc/Y +-+QZcAOsoZTyPtHe7tcY91HuDyl4Phx6e7T0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C18:KAS-ECC-CDH_K-571_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGcIaGtPWtL+xFeq1axKPcSGekd+tU +-/A1JNRG1Vh6hUd1Mr11DEZg1ALSMgEOvCeP0BC1aB+vwUKToAdru8zF74JOVUCBF +-KykFJchoJYO1X37OxZuSCEb3XRHQIen/sgAYY59quTAiRywZLTmOFQzcYwoR/PlC +-5dI4zWwUsw9Eok0vhD7F0TXdx6vaVgR6vCE= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C18 +-PeerKey=KAS-ECC-CDH_K-571_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=02777c72853b76b29f69d3aa27a1659789a025af0633d833b22b57bf328d231ebd128bf96a4c8a7ffd2ee7a51e5ebb7a8e5bca20e4ad49671a2123dfbc0d6c40594e04765186de06 +- +-PrivateKey=KAS-ECC-CDH_K-571_C19 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAQdAuVgoUkIEXNU1 +-jX/5Iyt9fUE69+IFwoX4hJLvJ6L7hQ4FZ+wkxIDHWtMvcDQgJchiZ9vk/4CixQnl +-uaRRMOmefHzIzG7OoYGVA4GSAAQD8/WFyv1GpmO2z4uDI++RWdUZXTEY8+3zhzLK +-D/c7LQZdnmmuHjl4ss5txhUA97i79vanC0e7ZMxP0ZW7pqyTK3C+r+F0FIoAsVZv +-5hnyzACroF4kpszLyRM4su71U9oNR31sjArExlbhNNvPMf+xXGfVib0pGPEXSQnl +-QoxxyQ44xOEbViNqv6HeaoV5600= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD8/WFyv1GpmO2z4uDI++RWdUZXTEY +-8+3zhzLKD/c7LQZdnmmuHjl4ss5txhUA97i79vanC0e7ZMxP0ZW7pqyTK3C+r+F0 +-FIoAsVZv5hnyzACroF4kpszLyRM4su71U9oNR31sjArExlbhNNvPMf+xXGfVib0p +-GPEXSQnlQoxxyQ44xOEbViNqv6HeaoV5600= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C19:KAS-ECC-CDH_K-571_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHznZ0QD38YoldceKrWHznNfJ58S99 +-8xYTNb5D/CkI6nNvb1i5MteTr/ZvMyc11NOPBcsDzydcoOANofVzgeCL/rUBeHc0 +-InIH1mSfPZHnv1+N5hG9lxgYEG3y43k1u0ZM2edGlinGrn5/KyJAJ2yw7tt6JtDH +-03f0AJod1Ip5PMmT+w1KBNsdutRJMwS8XA4= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C19 +-PeerKey=KAS-ECC-CDH_K-571_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=02c2ec1632e83416182a9a438f7360b88061bab84f5bded3dd8a0c87baf44507df94fdcf99353b107e61cfcfc8af071b3aa8cec7b34a542bf2ab8ea0bd9db67d66b428c9a6c14458 +- +-PrivateKey=KAS-ECC-CDH_K-571_C20 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMheXS3tW8O2tVP+ +-CgIxG3K8XNyOlt8XnOV1EcJqyehz/B92zd6afY5Sp+m+XHdTYgMx6Jd6mJArSK6Y +-mc6KamY2YRJ2riODoYGVA4GSAAQCiapSCf57Gte5xeDmMLpeApKeobHxFNMKBkgB +-K/Ap4GZFPy0o4dUDZl3Qgz8Lo35Fg7Q03ZlWEAoa5uVPltk0fYBnQdOnbjEDOv6H +-sp7e9Ef/WgLmP2SQW19TrIVs/XdVrVQoEuzdVo6K4fnTL+oPAgGNz9DhbWpqJ5e3 +-49yFW/22sNCyUl4UNnjVOb+MBnI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCiapSCf57Gte5xeDmMLpeApKeobHx +-FNMKBkgBK/Ap4GZFPy0o4dUDZl3Qgz8Lo35Fg7Q03ZlWEAoa5uVPltk0fYBnQdOn +-bjEDOv6Hsp7e9Ef/WgLmP2SQW19TrIVs/XdVrVQoEuzdVo6K4fnTL+oPAgGNz9Dh +-bWpqJ5e349yFW/22sNCyUl4UNnjVOb+MBnI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C20:KAS-ECC-CDH_K-571_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEg61zguNIr8fycdUNjTm4FLfW3AxW +-KmulVlaARb0tYgkGqxEG+RN/9yWJLoQ2qM17iIkqMvGasmnirTDX8OwA46BS+7xG +-YwcEHMSw8ZXcc8So4QYF8qOCkjq9I4HyTkq71AHgh8UNGPbasBol236J3/9oxmNJ +-T7TQh6gWuFRE2IK+wqwl5C/eeOvMp5pv3fA= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C20 +-PeerKey=KAS-ECC-CDH_K-571_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=07e1d202a54d34020939f7aed56931f21b206761e4fc79b9a7b320f81077be322ae7809446b5b3ea701618ecdb0a1796ab80407a281bdbcb4d580131b61f8743bfef7a4d9c5941f1 +- +-PrivateKey=KAS-ECC-CDH_K-571_C21 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAFOkjP2o7iMs6jVJ +-knsi83XWCWVgAl4hMWHUPu0C0HNl2e3nyT1FfqUeojaeh0Y+3b8loGux8ID7R2MH +-SoKD3T1p8d6GUpXjoYGVA4GSAAQEeQ+dtgC5oKV+A9J0o9I6VaoNhrLW+gf6/jyd +-TDOTdx3eiccKZHCjG60QXCHUhEzXv8O1lzj51sUoxBTVJPiODIYuThev9FQF3BLb +-BOJInbikbN7/n42dLgDQJPZWx4HrTS2xZ2JLOnCt2qoVjKAGAdTK0GWRe+vnZpEv +-q6mYf8xfyKeN0hZDqmUOakp+IGE= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEeQ+dtgC5oKV+A9J0o9I6VaoNhrLW +-+gf6/jydTDOTdx3eiccKZHCjG60QXCHUhEzXv8O1lzj51sUoxBTVJPiODIYuThev +-9FQF3BLbBOJInbikbN7/n42dLgDQJPZWx4HrTS2xZ2JLOnCt2qoVjKAGAdTK0GWR +-e+vnZpEvq6mYf8xfyKeN0hZDqmUOakp+IGE= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C21:KAS-ECC-CDH_K-571_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHpejrSWhJehG5DGDhPV88YcaGhXOm +-ttt8IIqFbVTnT0No4oEAueC/SfwxBOFG+9p4RiOjbZ8B8j6636sE1/SP9mUGxpi+ +-3REBPblo/HzTOMuOMEKhcfowb5q29shl3cW6X+mUow2PwfoScZHwjk4UuaoIalL7 +-yqRtIhB/1t9TEItT/gu5a8l0wDqMZSj5eS0= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C21 +-PeerKey=KAS-ECC-CDH_K-571_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=07f49ee5d822b17e3f1ec9946fad8d0a0a6b327242afe675806b3e6b7541745e21cd1b70df926af057a9f8deae4cb9a1edc782014426152e8aa4cf6a4080dad4678dc8ff0d9e1af9 +- +-PrivateKey=KAS-ECC-CDH_K-571_C22 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAVpeWUb+LJyubUEs +-YYwb0HckQysvHe2xMn2Kmc6DDmsDD0AlwUtOPRkS6pp4KQoc/H0BiaMMYUAQyHMU +-ahgvY5GTopEu3NBKoYGVA4GSAAQDFAiH6HA5eXhp9dnbUNkbpp0L/cWmd8cAYQVi +-9oDZUaXgUXyy+WY2fUjkI7BG205ovBxLMYPcgL7hJuiQFJlM34PEMSo+XqcHuNcG +-liyxkvDtFMTacQ0bGwc/2MpJepQ3mnRUycPUzm5f0uY4aFKnfFQ1q7I1NtzIOYbO +-3UUSdS8pXKUA8FX0YnY8KftnjKo= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDFAiH6HA5eXhp9dnbUNkbpp0L/cWm +-d8cAYQVi9oDZUaXgUXyy+WY2fUjkI7BG205ovBxLMYPcgL7hJuiQFJlM34PEMSo+ +-XqcHuNcGliyxkvDtFMTacQ0bGwc/2MpJepQ3mnRUycPUzm5f0uY4aFKnfFQ1q7I1 +-NtzIOYbO3UUSdS8pXKUA8FX0YnY8KftnjKo= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C22:KAS-ECC-CDH_K-571_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBPKr4zi4jIc8lbytkqomt1paMKYYk +-oivTjvlN6zpw6kTOh6lI6la/DulAcTT4yXsXsfVFYf93R+P2tlb4DWB3jQW4xMu7 +-zzwAR6Lco+tnVLCp/Rawgfykl7Kd0uyeanWW0GsFnCqxiQD8xYcVJHJ245DfHbqy +-a6gSNaTcZzgjf879OBK3q0NskmxQxgDm6Qc= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C22 +-PeerKey=KAS-ECC-CDH_K-571_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=058cd5608dd9d64d4d822baeca123358a4d7e56d3777ecdf569a149c2f85ed35479eaeaababd0b026dc3b56aedafedfc8491040413f85b669d8512a3ef7bc8fe8706b5c7585370aa +- +-PrivateKey=KAS-ECC-CDH_K-571_C23 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAL1Y4ZwF336ZvZYg +-cOC0x1dgQoWER+AjtBuyl0Womkh03+MloV040vuehw9BndFfSqrGXbvFrCxUD1fN +-sORbyGYhcm2SLRSqoYGVA4GSAAQB5LKid93Xjy8RnAW2rh6noqdElh4IlA9lae6I +-CMU7x6EhOAZO1cjCIu7yd05wwovOOmwF86ZU4SEAarYryUOB0Byg0bCCNNYH7tjN +-eoo1SbDZ74eGh579ycD0zpCzmRozy7sdNwTbk1ExOLGaUOysiA5XjeIQRvA6IABI +-GAiEvELPmq/ljMHq9TbW0l8VQdg= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQB5LKid93Xjy8RnAW2rh6noqdElh4I +-lA9lae6ICMU7x6EhOAZO1cjCIu7yd05wwovOOmwF86ZU4SEAarYryUOB0Byg0bCC +-NNYH7tjNeoo1SbDZ74eGh579ycD0zpCzmRozy7sdNwTbk1ExOLGaUOysiA5XjeIQ +-RvA6IABIGAiEvELPmq/ljMHq9TbW0l8VQdg= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C23:KAS-ECC-CDH_K-571_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHQ7PJZag+6fa9uZAaHcwfeBllRKiL +-nPgRf4ntFXTlxdgE/EUREsJXh34SsKZsaTxmVcErukU12Z1iQF9Knc68BW2LfLut +-oSAD76WKo6jGok9DxVgf7AQUQq6VUnXbwdRtEBVgWdJje5qCmUsCSiR9KmZyS6kN +-Anh7FosfofS2dJZFQGxDj40xbWcPHg2LAwE= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C23 +-PeerKey=KAS-ECC-CDH_K-571_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=03bf7a59bbdd688682c45664d20c19cb2d24fcca6772120cbeed1cde762d449ebf22855627eb6b2be6e7f7c0f0034d02686f2a4488549f8cb198e02b46972bcb88914bea66dd6400 +- +-PrivateKey=KAS-ECC-CDH_K-571_C24 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIARRjBw/LSii+Tipn +-wpx/pIpMWFowdAXQahoGeOkJ3W6vuJhmLN2LzAGd6xTl2S0XK6HEOO8PZNgBB8fo +-5oAp9OCqgUoQmco4oYGVA4GSAAQAk5OY5GOIbw27SKdPVzoSFQAGaOELV5idwwCy +-+ajAjNQ9bLt/Rux3wcKUsj+GKZAn0rk/1usYIQqCML9G45IfGCySYMMIR6sD1I7G +-M7naFlDqdiZWs+MfJq7Afnymqvwe18tGbqrzmT4EZwSMlnux6bSuBzojDB4vdOLm +-GGZs9WoG8rZew5Vbb/uwapCM9hY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_K-571_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAk5OY5GOIbw27SKdPVzoSFQAGaOEL +-V5idwwCy+ajAjNQ9bLt/Rux3wcKUsj+GKZAn0rk/1usYIQqCML9G45IfGCySYMMI +-R6sD1I7GM7naFlDqdiZWs+MfJq7Afnymqvwe18tGbqrzmT4EZwSMlnux6bSuBzoj +-DB4vdOLmGGZs9WoG8rZew5Vbb/uwapCM9hY= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_K-571_C24:KAS-ECC-CDH_K-571_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_K-571_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHIvHnoGB3UNri1ixdPUcPAGwyVFWO +-qqKU7u28qNML9Ku5Vd62LkF5kl9sut87+HdvFdyuNVat33lxBad7f29xIGyg5uqR +-4YgDXRCMoNYgyrlrfL9hfRtawG43eSYpiGVk/RR8WOVeQjNE/08fukrw/jQVKzhL +-doXKrRXTvCcOQ0Iq2HTnHkCKcabIqQ0q2Xg= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_K-571_C24 +-PeerKey=KAS-ECC-CDH_K-571_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=06d410e9ba6b8b87b00d0f676de8ba27f6afe7e308c2e992f318fc14cba0a447316ad86e8e6c1d3345d8e4035735232c2c597e760b8800a89a521567b09408f9c7be279c137c963f +- +-PrivateKey=KAS-ECC-CDH_B-163_C0 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUD7a4XPej6DPBBLWp73IH9 +-vQYXrfihLgMsAAQDVGZwHQsAMNCYtu0jQ9NVwkyQcnEA2LwC80HSYYYN+2Xwy38L +-SI2Clsw= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA1RmcB0LADDQmLbtI0PTVcJMkHJxANi8 +-AvNB0mGGDftl8Mt/C0iNgpbM +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C0:KAS-ECC-CDH_B-163_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA6ZHujLaxx7GeAsGOKcM0k/DvUyOAuae +-lhVBhEpKozdpp7znEPZkClYM +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C0 +-PeerKey=KAS-ECC-CDH_B-163_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0100fb42d177ffe6c31378e2e04e0da7376ffe8765 +- +-PrivateKey=KAS-ECC-CDH_B-163_C1 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBeNzIIWQl1L9xyPKSXdGv +-htwEomihLgMsAAQBHklDDN0G8udluPLMBnzUJOLnVIUAg68VsizX39Hf9zlr8/MD +-j1BSSZE= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAR5JQwzdBvLnZbjyzAZ81CTi51SFAIOv +-FbIs19/R3/c5a/PzA49QUkmR +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C1:KAS-ECC-CDH_B-163_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEASgomJNkhtwuPNFYXzLVVEJk4ZHkBenp +-i7dJm/iV93+PyDAdbhx6n2GR +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C1 +-PeerKey=KAS-ECC-CDH_B-163_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0681c9e59eb7eba769f5b6f2b06ddf1efd12997995 +- +-PrivateKey=KAS-ECC-CDH_B-163_C2 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUD6h555SoHCJjWo8TnSOla +-yHENd/ahLgMsAAQBN4YLo0WK8Twir4Il9WHgEzHNh6gHcgNW4V3HP5/uehwCH+yp +-fNQSBOM= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEATeGC6NFivE8Iq+CJfVh4BMxzYeoB3ID +-VuFdxz+f7nocAh/sqXzUEgTj +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C2:KAS-ECC-CDH_B-163_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBYdPzIxITAFBcxAty3DGJO5hCNMdAElp +-P07ccUsNC6pb/F2LxqwECJ3k +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C2 +-PeerKey=KAS-ECC-CDH_B-163_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01e0749a21fc508f76dade85435bbbe12c448bd8c4 +- +-PrivateKey=KAS-ECC-CDH_B-163_C3 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBrVypq8i83MSCmVrRqXfk +-cnFQuzahLgMsAAQCWueDEbD882lWajGfiYSVRq6uwwUGQOsP31IEgK++ufJnT+sd +-bfSC1/U= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAlrngxGw/PNpVmoxn4mElUaursMFBkDr +-D99SBICvvrnyZ0/rHW30gtf1 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C3:KAS-ECC-CDH_B-163_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEADdI15jxQCaPHnGLOyOqKswDM8B0AMQq +-knq1eWlhIwlVdayUmwen0dS8 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C3 +-PeerKey=KAS-ECC-CDH_B-163_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0320398f7acf791e0d602d7b94742cce58e9fddbac +- +-PrivateKey=KAS-ECC-CDH_B-163_C4 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC0oqKodifo+Xllv/RgIJU +-7heg0PqhLgMsAAQG5sUklKtjyJyXiFVvcWZ387SAQqAE6YJYucVvAtPttMpbCu6q +-naqm/g8= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBubFJJSrY8icl4hVb3Fmd/O0gEKgBOmC +-WLnFbwLT7bTKWwruqp2qpv4P +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C4:KAS-ECC-CDH_B-163_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA4DbPfKxwBVKjoyzBK7NWB018xXNBxU0 +-7C6LNX2eBp1/H6mL1E7YsGgm +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C4 +-PeerKey=KAS-ECC-CDH_B-163_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=03e4de43de85223d818e5be6549c29cdfa1afe1782 +- +-PrivateKey=KAS-ECC-CDH_B-163_C5 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC4XD39NwVL+Rwb5nZviKe +-ExfYK72hLgMsAAQHkA2sJR3oqUTPChvy6y7+7hRnbpsAkeffZ/d2InKdWbfjS5Rx +-J+f6Ll0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5ANrCUd6KlEzwob8usu/u4UZ26bAJHn +-32f3diJynVm340uUcSfn+i5d +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C5:KAS-ECC-CDH_B-163_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEATbg0FtPOYuCfhmARhSLL0FXP8B8BzmT +-TOwQVyhS4fYZIi4vXsTg+lqm +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C5 +-PeerKey=KAS-ECC-CDH_B-163_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=037b178aab014d5abab305e37deed7f4798cdb862c +- +-PrivateKey=KAS-ECC-CDH_B-163_C6 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCkj0sgCzsQt7yYz3r3KdZ +-1ZdE0+ihLgMsAAQCzctPke19F3aNuAvis6yeCVax2XEDJDP0VabNJT6RWC0vb1px +-JlXaHWk= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAs3LT5HtfRd2jbgL4rOsnglWsdlxAyQz +-9FWmzSU+kVgtL29acSZV2h1p +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C6:KAS-ECC-CDH_B-163_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB2w65KeBZzYn0Om8thX2JqFgpV3aBYwO +-yPJknC3c2cJLZDQzsU2QfFkD +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C6 +-PeerKey=KAS-ECC-CDH_B-163_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00958b2aaa6061222dd248a6b9700fb6839dacdc99 +- +-PrivateKey=KAS-ECC-CDH_B-163_C7 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCWxe9bkIH2fsaOvAv1dsm +-r4NIrrChLgMsAAQG9vWx87GPRdtPs3d+aED7WlthqRQHN84UrrJOBZFYWnQXuJJW +-dJ9GHeY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBvb1sfOxj0XbT7N3fmhA+1pbYakUBzfO +-FK6yTgWRWFp0F7iSVnSfRh3m +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C7:KAS-ECC-CDH_B-163_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEANZfBRbBs+7ZIg5Zs9BJ3RFTF5rFAgv+ +-EHqJpzYM0uIXU01t8pjMS8RY +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C7 +-PeerKey=KAS-ECC-CDH_B-163_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0393387e1dab35748f20d506a0e2b4dc0ee6c3ff39 +- +-PrivateKey=KAS-ECC-CDH_B-163_C8 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUAE36BMq0oiSPmSBHpIpj1 +-wNzJVwWhLgMsAAQG8s3R1jDdcx7Xf5Acew5zVRXibU4BBi8vcVxNKvl7sb6LbPou +-PuMUJT4= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBvLN0dYw3XMe13+QHHsOc1UV4m1OAQYv +-L3FcTSr5e7G+i2z6Lj7jFCU+ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C8:KAS-ECC-CDH_B-163_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBA2QPOKzD3CmoDhJsOF1j++Ih70xBKvY +-vbfBMnyZszgg2+GK4RT7Q1lJ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C8 +-PeerKey=KAS-ECC-CDH_B-163_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0212358d3f8bce69b662447333b3edbbc9b2f7e805 +- +-PrivateKey=KAS-ECC-CDH_B-163_C9 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBxIxQt9Ps3zuQG60O78Pj +-gm486p+hLgMsAAQBkXVXMRfdhR5u6/2fseWohOv+/uUDrfN+Te1SVz+lfIyyv8ps +-ZcNnRGI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAZF1VzEX3YUebuv9n7HlqITr/v7lA63z +-fk3tUlc/pXyMsr/KbGXDZ0Ri +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C9:KAS-ECC-CDH_B-163_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAi7SRkPwzsaMjkrRqixDadiqA/WUBczK +-YrbdHTFt7b0PHVML7W5VazrY +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C9 +-PeerKey=KAS-ECC-CDH_B-163_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=023472fa59846f7be07cf060cdd69a9fbb27d4fe44 +- +-PrivateKey=KAS-ECC-CDH_B-163_C10 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBFi2e06ZgRV6MAV0eRdFR +-V0mj3NKhLgMsAAQEKD6w5QhdGYs3j8lfb7TDGYtNPHgBB6EWjy9HuWPks6kCTgw1 +-el69+Sw= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBCg+sOUIXRmLN4/JX2+0wxmLTTx4AQeh +-Fo8vR7lj5LOpAk4MNXpevfks +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C10:KAS-ECC-CDH_B-163_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5P0sxFy7uZvJ2nrMF0DtcP3z/+LAfPs +-7Gu9qb3opNoU2z5f+TS5g1sX +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C10 +-PeerKey=KAS-ECC-CDH_B-163_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0173a056c4c9ef6707cd23928999c4680f42b71f7c +- +-PrivateKey=KAS-ECC-CDH_B-163_C11 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBmh0W9KVy88G1HqKs5pKA +-5xN7j4yhLgMsAAQFzt6Wpw9xTNaJY/LWyiNiaak48xEGza3VS29zPICTR4fijCzP +-WLEie8A= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBc7elqcPcUzWiWPy1sojYmmpOPMRBs2t +-1UtvczyAk0eH4owsz1ixInvA +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C11:KAS-ECC-CDH_B-163_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAup6UINGAvES9t0ObSXwZPnQXv8mAb8/ +-adFKzIMzUzqIwuiCSGOkeuAn +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C11 +-PeerKey=KAS-ECC-CDH_B-163_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=03d34f411a297d7c990fa4a83b5f54759607f9d33f +- +-PrivateKey=KAS-ECC-CDH_B-163_C12 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC79RADa08+tjRY3+pKQxL +-dYowFbahLgMsAAQFExMbS8ty72irBD7oT8jLA7bY8YcBILfVdyu7F+yxyegMNvgI +-/VSpOq4= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBRMTG0vLcu9oqwQ+6E/IywO22PGHASC3 +-1XcruxfsscnoDDb4CP1UqTqu +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C12:KAS-ECC-CDH_B-163_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBt0TBTSeiqCAIAc6DeWvxdwbamLTA0l+ +-t79Aie8CzQpd0Phr2HmKRMVs +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C12 +-PeerKey=KAS-ECC-CDH_B-163_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=06120aed8d4c1e506710e2cfb98ca2022e642ca89f +- +-PrivateKey=KAS-ECC-CDH_B-163_C13 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBKw1kl3z8E7SDRe9wctGj +-iQ6vuVuhLgMsAAQBuTY89Ic1Z2h42AzhSBuFiGg/dEQHaPpzJ81yUsj2lu1JR4aJ +-Fa2h+10= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAbk2PPSHNWdoeNgM4UgbhYhoP3REB2j6 +-cyfNclLI9pbtSUeGiRWtoftd +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C13:KAS-ECC-CDH_B-163_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBaDjQRGOaYJ9an+CgvvwuUQA8IJABCO5 +-k9Q2f79PZQTZ4JpkEjo7U9Eo +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C13 +-PeerKey=KAS-ECC-CDH_B-163_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=021a58087968c5df57afd7c343a4cfa2ee8e7073f1 +- +-PrivateKey=KAS-ECC-CDH_B-163_C14 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDOslTgD0ERrPNpOvQcbTr +-AnwRv9ihLgMsAAQFxEbpiWykTMpzPp9OW2Sv3cBTchEGutGyUiaS+XCzi+aTXcfR +-wJ3NIG8= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBcRG6YlspEzKcz6fTltkr93AU3IRBrrR +-slImkvlws4vmk13H0cCdzSBv +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C14:KAS-ECC-CDH_B-163_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEABqSPWGRY0MGEkweJnMJsH26Mt7LBaNR +-f1Qmo0Eacn7dwpo+wilVg2jR +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C14 +-PeerKey=KAS-ECC-CDH_B-163_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=03da9c0879219e48c3df56174898fab9ee5b0a6bcd +- +-PrivateKey=KAS-ECC-CDH_B-163_C15 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBvXkUWuf0LGsl0cOJZewI +-/SdTOnqhLgMsAAQA6dj8OgJpJcit1Qj5IPouX/UoJogFt79jElmsfTaTbBMP8gbY +-ILE73oE= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAOnY/DoCaSXIrdUI+SD6Ll/1KCaIBbe/ +-YxJZrH02k2wTD/IG2CCxO96B +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C15:KAS-ECC-CDH_B-163_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAvqLrw1hKK3ZuQKqGByB4kKYRR4uArk9 +-H2kTkU/+FVnHwRTGMbtrKWF+ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C15 +-PeerKey=KAS-ECC-CDH_B-163_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=05b33fe3874d32aed99919265cc0074902e538fe54 +- +-PrivateKey=KAS-ECC-CDH_B-163_C16 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDMMofWtd9embYdCMygCDJ +-HsefN2ShLgMsAAQFujfTaZfE8qvmA9/gQiMnOOgrCzoHPIzZUARJcqAFxvGvjkMG +-4MzvuUY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBbo302mXxPKr5gPf4EIjJzjoKws6BzyM +-2VAESXKgBcbxr45DBuDM77lG +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C16:KAS-ECC-CDH_B-163_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA1Pi2kWrfEkwKAw+20upABLVbfYvAmkx +-4wuX/173uswN5NlJBwhSLjsr +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C16 +-PeerKey=KAS-ECC-CDH_B-163_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=053dbce9826af4d290036feb46875e975b7848a9c4 +- +-PrivateKey=KAS-ECC-CDH_B-163_C17 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC0jFAB01u3dW8CZsX3hKv +-ud3y7L6hLgMsAAQG4GzHww9e1+aGw6daHUQld3BgHLIDDcQUxK+zkO1GevRxqpvS +-t18y39g= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBuBsx8MPXtfmhsOnWh1EJXdwYByyAw3E +-FMSvs5DtRnr0caqb0rdfMt/Y +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C17:KAS-ECC-CDH_B-163_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEByFnCITaqM1idjjskPNEjvsPJIm6BPhK +-mDvsayiJyCEb8jEUm1vrzHXg +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C17 +-PeerKey=KAS-ECC-CDH_B-163_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00d49b971cab937f40908913fe259849679ca076d9 +- +-PrivateKey=KAS-ECC-CDH_B-163_C18 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCRJwbn/CeepoDsX9f9GER +-X18/Gn+hLgMsAAQHP53d3EZQkz3szJVG05KjXbvGanYE3nVY3eZJ9yMis54xyOKc +-5vWZSF4= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBz+d3dxGUJM97MyVRtOSo127xmp2BN51 +-WN3mSfcjIrOeMcjinOb1mUhe +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C18:KAS-ECC-CDH_B-163_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAdYxnsLcXAjwJhrtAjFBjW3D0M2nA45k +-lT982scdBS5VhVdGtD1EGBuR +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C18 +-PeerKey=KAS-ECC-CDH_B-163_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0483ad0b7f8a716273f624b8979c19126705266e4b +- +-PrivateKey=KAS-ECC-CDH_B-163_C19 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUA0IuV2aTOck7EYszhJwH9 +-jD1T/c2hLgMsAAQAJqdw2G4cibp6hq72Sbp+qG/H1bIB2xAg4Pdk31SlPCPJOM7J +-jZp3rR0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEACancNhuHIm6eoau9km6fqhvx9WyAdsQ +-IOD3ZN9UpTwjyTjOyY2ad60d +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C19:KAS-ECC-CDH_B-163_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBPFnkHv0uY6Gltgdp9LBBW76DcFMBsua +-tlFDgyuc79XZzmnsTbLt0Geq +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C19 +-PeerKey=KAS-ECC-CDH_B-163_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00f69dcb547119fc9b8c454335aab184c3ada5f1c6 +- +-PrivateKey=KAS-ECC-CDH_B-163_C20 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDgI7+atUNJQ2HGS4WSZzj +-JZQo87ihLgMsAAQAE6AuJfySeHWvpVe9Zz9lhwRZ5nEEA4265cXlQIRwiiS8P9By +-52nBI3c= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEABOgLiX8knh1r6VXvWc/ZYcEWeZxBAON +-uuXF5UCEcIokvD/QcudpwSN3 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C20:KAS-ECC-CDH_B-163_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5ttFMdDJxQC0TI2AyFf6zxosURVBOOQ +-VoalOMJaAr6pL0IYQCG16iWT +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C20 +-PeerKey=KAS-ECC-CDH_B-163_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01bc5ee5261b2bba55b10cbaa6cc3c97b98d00ffea +- +-PrivateKey=KAS-ECC-CDH_B-163_C21 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCrSMqekHmzCSVU42HsCPN +-7HtuHyOhLgMsAAQFSeMHgNk/eW/c9pGQVXXYXGZFO9sCFiqIW+oxNEVD9dBhkTad +-7G5w6Wc= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBUnjB4DZP3lv3PaRkFV12FxmRTvbAhYq +-iFvqMTRFQ/XQYZE2nexucOln +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C21:KAS-ECC-CDH_B-163_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB3L0LScqBX3g/5Jsn5RgXGZ10hUmBgLn +-5TJV3pv1jAV+77ebzkMbXDgI +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C21 +-PeerKey=KAS-ECC-CDH_B-163_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=008574d838d3de87965fc1b4343fe4f078588c4ea1 +- +-PrivateKey=KAS-ECC-CDH_B-163_C22 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUA3Jmxnz2IR4dRkOlYiyu9 +-gw29OpWhLgMsAAQA9l2YTXHcwYvxcqvk05k84PfPMkwAG0nmos8Rc6raw69sCelm +-8xFBq9k= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAPZdmE1x3MGL8XKr5NOZPOD3zzJMABtJ +-5qLPEXOq2sOvbAnpZvMRQavZ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C22:KAS-ECC-CDH_B-163_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBQskKUYJcXOanW1WcLxtdZ5WVnaLBJK8 +-LT9jjUl45MpYylpO8ZxezOqN +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C22 +-PeerKey=KAS-ECC-CDH_B-163_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04579b477a92ed961cfdb2014407e88e7716452a4b +- +-PrivateKey=KAS-ECC-CDH_B-163_C23 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDVquFsE0IUbj2a0p5ZSbT +-8+OIKEShLgMsAAQHdqLhr5MtdFGQcL+pQeqpPp/16XoFq+ntRiRf0BRiUNKlY8Ru +-v3rNI0I= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB3ai4a+TLXRRkHC/qUHqqT6f9el6Bavp +-7UYkX9AUYlDSpWPEbr96zSNC +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C23:KAS-ECC-CDH_B-163_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAX1SEW8MlVh/G3sGx26Y2ZyC3PIMAk6i +-K92ZC9eeY+c1shKCrhtepmZI +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C23 +-PeerKey=KAS-ECC-CDH_B-163_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=035a8c10e64403c52ef8d17c5f4dead0df81fb1f21 +- +-PrivateKey=KAS-ECC-CDH_B-163_C24 +------BEGIN PRIVATE KEY----- +-MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUAentUdVDHWKnefwbi845V +-9enkTOahLgMsAAQEWVLAtRfmhcqwlHAyf51LISdRsEkESkKabvsEvOoCQKtYBd50 +-CqYfmU4= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-163_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBFlSwLUX5oXKsJRwMn+dSyEnUbBJBEpC +-mm77BLzqAkCrWAXedAqmH5lO +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-163_C24:KAS-ECC-CDH_B-163_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-163_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA6fqELodaqVFcAtAtzeVGp5zbfoMBPk1 +-L7KsJETpKHVONlX9YuOkJWTo +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-163_C24 +-PeerKey=KAS-ECC-CDH_B-163_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=000142615e3607ac148c4de8f334be849235d01cdb +- +-PrivateKey=KAS-ECC-CDH_B-233_C0 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4APD7kdKwNC8HfVn48NfX3 +-ZsUzKy1nMP8OTY51rtuhQAM+AAQAYeiptRf9BaAm7DdmFiKf2GOaH6dt7+U5gCL5 +-2cgAcGtcsIc4qUVS/uWEsTcv6tSveQQJCfz29QCEu/o= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGHoqbUX/QWgJuw3ZhYin9hjmh+nbe/l +-OYAi+dnIAHBrXLCHOKlFUv7lhLE3L+rUr3kECQn89vUAhLv6 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C0:KAS-ECC-CDH_B-233_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEdWut3vw9wzerJ7VFLrEK/9njH1tVwz +-DpDw9oaiASp59lIyMIohyYwBVVzK/H3OFcj+0wJadgy9bCMn +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C0 +-PeerKey=KAS-ECC-CDH_B-233_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00e9f3d8c4f1bec0f920e763ea1bb7415899f01734609e7547dc425ec946 +- +-PrivateKey=KAS-ECC-CDH_B-233_C1 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AqkGloBpOZqZ5l7C+FvVr +-FgsFYa0H868pZDhkYdChQAM+AAQALZFAJEZVcGjED8B13uk5FrDxqTkuR+VrdHEl +-rh8BOrCRXkrPd5UWgm+h3BiFoGq8XQgJySJAzPnD2KQ= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAC2RQCRGVXBoxA/Add7pORaw8ak5Lkfl +-a3RxJa4fATqwkV5Kz3eVFoJvodwYhaBqvF0ICckiQMz5w9ik +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C1:KAS-ECC-CDH_B-233_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEARhqAo+aGNuSf2MlPCA+smqjq6DUCxo6 +-vGTkeiKtAMvYuV+J5CESi8c6Q8XMJU44ZwlquJ14iy7TuQqW +------END PUBLIC KEY----- +- +- +-Derive=KAS-ECC-CDH_B-233_C1 +-PeerKey=KAS-ECC-CDH_B-233_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00f1fbecfadb158d62eb1109c085124fad67a8795b58815eb396c95db4b9 +- +-PrivateKey=KAS-ECC-CDH_B-233_C2 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4Axmd8KAaLRi40hizmydit +-jBs8fv6Ay6tB2kGSeOShQAM+AAQAQssxHc/ySCos7OaWwetkxprCqlmSCaXBh2Oj +-FQoBsDKfNsE10ALwi+Pj/6naGMXWpww2D0+HHxK/P5U= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAELLMR3P8kgqLOzmlsHrZMaawqpZkgml +-wYdjoxUKAbAynzbBNdAC8Ivj4/+p2hjF1qcMNg9Phx8Svz+V +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C2:KAS-ECC-CDH_B-233_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJO/hWIWAiOOmNCcmIKNUaSUYDYsI8UU +-HT0bI1KWAISXFSGHqLOylYodCi7s/0SSJRgHy/0D1fJoW8o3 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C2 +-PeerKey=KAS-ECC-CDH_B-233_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=019ea831c51d88a7cf754495a1c474082ed481c8eb83190a77defb09d479 +- +-PrivateKey=KAS-ECC-CDH_B-233_C3 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AnGECSz3/IZs38b5nAYBK +-3yR0FESN0PDcUSk6yROhQAM+AAQAEkEg2ECYUOceM8ni2cQOoyvtEdd4BHhumwdo +-kqsAba4bpIFylv9jBzusnOBl1DMboaXImcwcB0Bdrj4= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEABJBINhAmFDnHjPJ4tnEDqMr7RHXeAR4 +-bpsHaJKrAG2uG6SBcpb/Ywc7rJzgZdQzG6GlyJnMHAdAXa4+ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C3:KAS-ECC-CDH_B-233_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEVJZIaSr5XYjk4dSRTYyXaaraxaD3V4 +-MmXz65ZXAbCUtIAvOXZj0OaC+r8clMTiFOSDJ7le78uSt3H9 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C3 +-PeerKey=KAS-ECC-CDH_B-233_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00088425fb04c2ce408f08d81385a322703a077bf00ba0791e4e79b80419 +- +-PrivateKey=KAS-ECC-CDH_B-233_C4 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AbmnQZNvZp5T2jmmaDpQb +-3aalOhzso7PbgpJbb4uhQAM+AAQAxX1h/LH+6Q1djJfL8YjI74JZsK4lh+zx/4zS +-4voAuK2GxoBaSrRFE9u6L1CYuenB4Ftnn1KTeuzisYI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAMV9Yfyx/ukNXYyXy/GIyO+CWbCuJYfs +-8f+M0uL6ALithsaAWkq0RRPbui9QmLnpweBbZ59Sk3rs4rGC +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C4:KAS-ECC-CDH_B-233_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHPFz0oB0J47QbXnd4xrm6Utr4j8QE+O +-L9CdtAJ+AHA5Htqnbw45cDlMrAM4BhBYhYw8c9XLUS5TJjBP +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C4 +-PeerKey=KAS-ECC-CDH_B-233_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=019b5efb23bc18a4f18c22fe2fd5cdbd02372cabde5e5c9f4b4f9a49438f +- +-PrivateKey=KAS-ECC-CDH_B-233_C5 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AWuXeMMfDFxgTot0+PqLF +-zqoEc8OUV+mSkHHhpCChQAM+AAQBfPn8oF1KVeS2j+56O9Q/BHMD8qJm2Bu14ex+ +-JVgAOwr0PeBQAzl94dSyeCetL81nXL9hpEWh7EClabY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAXz5/KBdSlXkto/uejvUPwRzA/KiZtgb +-teHsfiVYADsK9D3gUAM5feHUsngnrS/NZ1y/YaRFoexApWm2 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C5:KAS-ECC-CDH_B-233_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEASOmsIGnYehsBC4ZFK9H8JOyZVVD5WRY +-S2BkJTmpAFGO48GuVGQE3x7M1pqmhWQx0ciIHPBXjP9OuMEb +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C5 +-PeerKey=KAS-ECC-CDH_B-233_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01f36d9519c3d47f030eeac3338db583b96fefa551a4b56cc5567f2d9d7a +- +-PrivateKey=KAS-ECC-CDH_B-233_C6 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AxoeWlVtotfiCfjisB4Kx +-rCxFUsrvDGCVhGfNhcGhQAM+AAQANHifvGDxCGA0yPLOhv1KozUZTJFGiQNX3EdW +-meQB0395Yyf3HsMVEEaEY9CykFSIpKYCZ4cN/uVnwlA= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEADR4n7xg8QhgNMjyzob9SqM1GUyRRokD +-V9xHVpnkAdN/eWMn9x7DFRBGhGPQspBUiKSmAmeHDf7lZ8JQ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C6:KAS-ECC-CDH_B-233_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUH7vys2HCyM5e2r+iKqR1VYHlsaZmAD +-YqDue8V0Aa6jysID+MeAR1omCbKXDMhvlupAEcNI2oJiszSq +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C6 +-PeerKey=KAS-ECC-CDH_B-233_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00e54b1c916ff3ba1aa0b2b99f0ebde4f1a4cc6a10d959bb2f7f4c777b84 +- +-PrivateKey=KAS-ECC-CDH_B-233_C7 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AdCRcyX3UUJNWieo/ynsL +-MMHWfObovhfLEZJXXK+hQAM+AAQB4cVwrMZTxwb9d0AZSlVN5/N5mhK4INapQRl/ +-dh0B4iJejQ1ByAj26tevMg+yX+0pqZCYoPDhHNhp5Tw= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAeHFcKzGU8cG/XdAGUpVTefzeZoSuCDW +-qUEZf3YdAeIiXo0NQcgI9urXrzIPsl/tKamQmKDw4RzYaeU8 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C7:KAS-ECC-CDH_B-233_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJag0/Nuj3U3kQdM6ml7JHFifgyeeilK +-ApqdO5QpALdnF0opILYvHwL6eQl4RdUdk+DIEEQQgxot1Vw8 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C7 +-PeerKey=KAS-ECC-CDH_B-233_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00bc0dcf7585753cc79aa412d2740b4b2d1c644fc9755cb0550286bcf68e +- +-PrivateKey=KAS-ECC-CDH_B-233_C8 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4Al77tS3OKYgXMnqBGtEi1 +-IxKLkxAaAtlkQ16xeAahQAM+AAQBg1jalAeacAoQsgojJdM9gOletPxKmBAcMSY1 +-k5wADE9ELQBxx70dIXzyNf0DHewwnoXqIBTmi1D8K6A= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAYNY2pQHmnAKELIKIyXTPYDpXrT8SpgQ +-HDEmNZOcAAxPRC0Acce9HSF88jX9Ax3sMJ6F6iAU5otQ/Cug +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C8:KAS-ECC-CDH_B-233_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAWa+JCazv45tBaJNfR8sDjKeQSDPyOb/ +-UkhvCVWGAHNx4ogUX8JaWpy18qOGA08vMoxuqiTIsJboqx8M +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C8 +-PeerKey=KAS-ECC-CDH_B-233_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01b7ef3148be331115321b1c2a68832fdfb991b26224a60dddce3e060d27 +- +-PrivateKey=KAS-ECC-CDH_B-233_C9 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AdZxV2lXh/bW6f4uJOrqu +-WSW5sIGEo9VUlXrPPsChQAM+AAQAKvJfgQ4YqBtp2iVKZbimx6uA3cJ8hWIuI0it +-0TIBKLdT5LIajDrPhaq5Kpqmp7M/LLadcCS6+OiwcUI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEACryX4EOGKgbadolSmW4psergN3CfIVi +-LiNIrdEyASi3U+SyGow6z4WquSqapqezPyy2nXAkuvjosHFC +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C9:KAS-ECC-CDH_B-233_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAYHzuwsJdxMnfF87Rs7wKqnL4pq5XHbp +-tgofelHlAC4vtnLXK/ePfP7cQNNybGtPtYVBfHR2tlXjK707 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C9 +-PeerKey=KAS-ECC-CDH_B-233_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0041249865c913b287a253150b207e2682efd96057cb0709e9bbb48c0fc9 +- +-PrivateKey=KAS-ECC-CDH_B-233_C10 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A7mOdifDkM8B14u9XzCQ1 +-gelbJh+Kk7jvb16/gBWhQAM+AAQABmOPa82FBDOV0B12f/d+nWd/N+9ADy4W/uht +-uvIAbBJJYmbeux2DQ7loTifF9xKcFwJKjmcEZypfPWM= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAAZjj2vNhQQzldAddn/3fp1nfzfvQA8u +-Fv7obbryAGwSSWJm3rsdg0O5aE4nxfcSnBcCSo5nBGcqXz1j +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C10:KAS-ECC-CDH_B-233_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGWqQRXlnmBFqvme4b7KH6uSO73JGSBu +-CTFiC6mWASjQC3dYmaWKWbyyq3nWCeLc2pjmUju2cWhVT4Tm +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C10 +-PeerKey=KAS-ECC-CDH_B-233_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01cf480fbc2be2c2c4448c88890972c7ff9cbe08a75e26c3809596b8b5c0 +- +-PrivateKey=KAS-ECC-CDH_B-233_C11 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AkpsJtnspqk/xXWd5oXMw +-ZQSfrrLCJwEsSfJ37VGhQAM+AAQAygQD2V2F8MsK5NKurhjhh7ecIB7WjBStJO0A +-OSIAz2sKUCspDQru6CBmGsz26ll2h8Rcf5Onc9JfYqY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAMoEA9ldhfDLCuTSrq4Y4Ye3nCAe1owU +-rSTtADkiAM9rClArKQ0K7uggZhrM9upZdofEXH+Tp3PSX2Km +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C11:KAS-ECC-CDH_B-233_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEATV25wDzY2f7dBhC8jGInzaCKqspM8JF +-7tV7naytAXkQ6QcaPkLn8hs2Pw5ofSiYEKTsKcNuzhSFTh3R +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C11 +-PeerKey=KAS-ECC-CDH_B-233_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01ce8abf3c8ccfa30e5f35ddb75f5e106aab1e67086156a1ededa1717b77 +- +-PrivateKey=KAS-ECC-CDH_B-233_C12 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A4nrwTv4thv/tbs33GPwL +-jgSe0iLnYAw84xzk6XqhQAM+AAQBRewNtf5iuSVHeSASJoryG6koqP2Y0KHe49j7 +-JVkBCgMc6laxg+kwkwCKtwXMkJnltlxctEBzJLlv7pA= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUXsDbX+YrklR3kgEiaK8hupKKj9mNCh +-3uPY+yVZAQoDHOpWsYPpMJMAircFzJCZ5bZcXLRAcyS5b+6Q +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C12:KAS-ECC-CDH_B-233_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAOn7pxpkq7F3+kNsuXOcn2jAFVrciXE5 +-wb89+ZpTAZrxExvkfeCIcINdoUlG/tcwNBefgJKY0BSbFt02 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C12 +-PeerKey=KAS-ECC-CDH_B-233_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0025df759a20312361b9f6767efe8e8d69979e34639469a91fed9fce04f8 +- +-PrivateKey=KAS-ECC-CDH_B-233_C13 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AGnJte5koaR6wFJyo8O3u +-R70Mc0ETq2ADJB7hk96hQAM+AAQAdCa/qIeP5ZsWqbjGORCh4vvGsHuplboEwxQC +-ES4AlE6WFmdssvx/oPnhuHo1h0gkPoD7YiZChGRaak0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHQmv6iHj+WbFqm4xjkQoeL7xrB7qZW6 +-BMMUAhEuAJROlhZnbLL8f6D54bh6NYdIJD6A+2ImQoRkWmpN +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C13:KAS-ECC-CDH_B-233_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAR+ZSkFswZkLjGF2ej1o++pzr3tItlXk +-dHD8zHkfAV3piINdaBLwvdcAeolZceGgb00izhMDyfVe/mR8 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C13 +-PeerKey=KAS-ECC-CDH_B-233_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00437ab4a53756ff678a1f580c0fd1f33b23021d62060808453b4aabe627 +- +-PrivateKey=KAS-ECC-CDH_B-233_C14 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A9FnHZyFpwSWeThmTM5ZM +-H/+851rTDd4SZPXLhtGhQAM+AAQBtEqBiV0hBfoWpuCVJsCa5/bL284hCHD04z24 +-tvQAseByxiomQpdfBsaHxkZ9opXvk/BNHFSUpiRoPIA= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAbRKgYldIQX6FqbglSbAmuf2y9vOIQhw +-9OM9uLb0ALHgcsYqJkKXXwbGh8ZGfaKV75PwTRxUlKYkaDyA +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C14:KAS-ECC-CDH_B-233_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQUTYgruDQR4hyQ46Zsj6kkAFT+TZusX +-1hvfNaoZARNt+8hAG72g1nXKBqDP9r3UZ8CsmpeCkzAHKOfc +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C14 +-PeerKey=KAS-ECC-CDH_B-233_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01ebd55823c57d1fc7b36cf1ed2051ead64db6d114014d3407186f50d957 +- +-PrivateKey=KAS-ECC-CDH_B-233_C15 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AZWpHuHcrCLHZB8gj+2xF +-xl+fGPi0Pzph5sdGEeGhQAM+AAQBU8262S640g2gwceq1G0IM2y8l26Nb4OUfk9N +-ZhYByXe5el4SBcpmVF3zpSa24yXgh8DgcIOf5+we54g= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVPNutkuuNINoMHHqtRtCDNsvJdujW+D +-lH5PTWYWAcl3uXpeEgXKZlRd86UmtuMl4IfA4HCDn+fsHueI +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C15:KAS-ECC-CDH_B-233_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEADXf/skRftcWdieiSj693Umj9F2RrRhA +-HT1Emy/vAZMXVM5c9Vehwazt/l6aewuR+BZD2oWGpoZYhfBC +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C15 +-PeerKey=KAS-ECC-CDH_B-233_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=006d07f6e08b11a060ccec43b07ca7d9eaf6c3ece06f4785519284bf6f0a +- +-PrivateKey=KAS-ECC-CDH_B-233_C16 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A8U9exO+vhuQ/7OZfF/+R +-sajWG+NBbu64hPTi0U6hQAM+AAQB2fjAHpwg9hUOx2IKdeOelvkke+zhN7A2W+xU +-JUwAYAg3O54IeAUpTa2uAIlGZ/259rik0WKV5bnSGm0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAdn4wB6cIPYVDsdiCnXjnpb5JHvs4Tew +-NlvsVCVMAGAINzueCHgFKU2trgCJRmf9ufa4pNFileW50hpt +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C16:KAS-ECC-CDH_B-233_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEhFzmYbHq40wWmfG/443IfvKLiwp3cf +-82bcIdhjAQlrGVSwbqpwc+2TmAGqKXTaHWDWbpfDHfD2h2+v +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C16 +-PeerKey=KAS-ECC-CDH_B-233_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00aea594f092b4052f7564b2e5651bcf43ef7e336a064d6bfb1a89cf5e51 +- +-PrivateKey=KAS-ECC-CDH_B-233_C17 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AH6XL2IoUb2zPX3nfvHCG +-j9m7TIEVl2yWJw/3vF6hQAM+AAQBTSdvQoHLUKJrKeyB/O2W0OkJmUsihUM4VSVt +-WNsArEeSr2Kg3E/U7sOE+/P7uCyDR0hrwesTOLx/OrA= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAU0nb0KBy1CiaynsgfztltDpCZlLIoVD +-OFUlbVjbAKxHkq9ioNxP1O7DhPvz+7gsg0dIa8HrEzi8fzqw +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C17:KAS-ECC-CDH_B-233_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUc0GSFlyW+9t5TKseLR7xEeGiCnIF2w +-GqgDoDKiAezfw5QLfQYYzWMVRBdR9mPfdNNWSS75NLS6KyrR +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C17 +-PeerKey=KAS-ECC-CDH_B-233_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0099d6d076e14ccfee15ed7e7ef384bfee12deba8c9ae8f6cca3486a1494 +- +-PrivateKey=KAS-ECC-CDH_B-233_C18 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A9YaE6hSmj++4zCayZ6E0 +-GcYtcmG60U5TaKmBmhihQAM+AAQAmmWoU5QHD+DloQgWTrKJzD137QhI/VfzhOYs +-qiAA5/VvLCe+T66yDidMJgTG3C2IWXAwrSFk+tA8uQQ= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJplqFOUBw/g5aEIFk6yicw9d+0ISP1X +-84TmLKogAOf1bywnvk+usg4nTCYExtwtiFlwMK0hZPrQPLkE +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C18:KAS-ECC-CDH_B-233_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAH4fMlHioKpt4fjfhrhe2dEdpetxNq3U +-XqfSXIZ8ANligeB1benapV0u9lc7sv4t0Jtx2RGRpaBDuuDz +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C18 +-PeerKey=KAS-ECC-CDH_B-233_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01b1e977c43afd203132c085b95db0e2046a4b6ac2c046ee9ad665050578 +- +-PrivateKey=KAS-ECC-CDH_B-233_C19 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A7vskeJsytDbOOWIsEUw5 +-ps0eWOyUQ8iHDl7i+AGhQAM+AAQBP7HKntcJuzhvugLMeGL9bGThCHvl9h6nM5Rs +-FjQBy0CX5EpzBwDev+gUP7+byjo9bEaYWifNUEOyylo= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAT+xyp7XCbs4b7oCzHhi/Wxk4Qh75fYe +-pzOUbBY0ActAl+RKcwcA3r/oFD+/m8o6PWxGmFonzVBDsspa +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C19:KAS-ECC-CDH_B-233_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAL4e51DycSsqyyDEXpc1fFDbO+iVsz+D +-DHG8n089AV/sgQzbF5/NHOjk3BokmeQN6KSkmpQg8A5WEQz0 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C19 +-PeerKey=KAS-ECC-CDH_B-233_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=000e4cb704355cba1b40cee3da102cb048519a91b4c789b3757cfdd933aa +- +-PrivateKey=KAS-ECC-CDH_B-233_C20 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AF1JNUGYWvSBcs5eLx146 +-NHYjPkm23CBvlxFpdVehQAM+AAQBUKFzJ4Ree8edjs4Skw3Ct3ZUyqEIK1ewz44F +-sawAFRx2gi2N9e/9jGlDOVtqjVOEMdQuhG6f+N5+ruY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVChcyeEXnvHnY7OEpMNwrd2VMqhCCtX +-sM+OBbGsABUcdoItjfXv/YxpQzlbao1ThDHULoRun/jefq7m +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C20:KAS-ECC-CDH_B-233_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVwuLOC8cizqTLx8M1LL4NKLWwAuRNk3 +-BYldeRr8AU9haYOtCOdFMVxHZ7CuIab9imKcJYznrvpMF6jg +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C20 +-PeerKey=KAS-ECC-CDH_B-233_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00d8c13bc5e819c6101daef3f6fb5be6bccecf233c4b7fc65054e8e8d3bc +- +-PrivateKey=KAS-ECC-CDH_B-233_C21 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AprBdMKcD8ReagPioZLNM +-oVxFPoKAihCV5DXpusuhQAM+AAQAk7MlIlH9nW2cgdeM8fE0zdVU1jwqHi8a+hTi +-1OQAiusKirP/Xk+wI/fhkX8BCIkK8Rq8p9oCf62sw7Q= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJOzJSJR/Z1tnIHXjPHxNM3VVNY8Kh4v +-GvoU4tTkAIrrCoqz/15PsCP34ZF/AQiJCvEavKfaAn+trMO0 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C21:KAS-ECC-CDH_B-233_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEALr6m7qScl7vDEoK/L1CY+VfUVVkW1xY +-qWvD6ellANGz0ONdYX4J4HjFcaX0HqIt/REtZ6lNjfu6Zump +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C21 +-PeerKey=KAS-ECC-CDH_B-233_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0129af50fa085133771753f297a313bba0d2f5882e7634b7ef5adce760ff +- +-PrivateKey=KAS-ECC-CDH_B-233_C22 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AFo0JgJ659qzzETTrXrGv +-lm4hK5tr5oz9IkAUJemhQAM+AAQBcQoF8CtVBXKVFrGsc9RfPPCPHFE00vc9ElcC +-Q8kBhhGxDatQdYPyvhD9Qpb1N9SvCVdvlpefHq3+KRw= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAXEKBfArVQVylRaxrHPUXzzwjxxRNNL3 +-PRJXAkPJAYYRsQ2rUHWD8r4Q/UKW9TfUrwlXb5aXnx6t/ikc +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C22:KAS-ECC-CDH_B-233_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHmL9at2G7as/tDO8c1xs+9G8lBDI8r8 +-QIFZLdb2AWJ3rrPhysASGwfZN4o6DLxlZ7SEI5KeNtyFXp0a +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C22 +-PeerKey=KAS-ECC-CDH_B-233_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0077c4ea1095fadc4cb4190a3fd530c7d15325e5d79b8e8a2b708e2344cf +- +-PrivateKey=KAS-ECC-CDH_B-233_C23 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AOCT3HsMlW70DZC14LMZ5 +-Th5Uqo+l8qMx7hP3hFChQAM+AAQBpONajDJxfyqqPu7xd4SOWA4P7WyAloaPasxO +-HAkBNydgToHTqdk9JD/nni24pEIzSo6hhSufg8rhvD4= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAaTjWowycX8qqj7u8XeEjlgOD+1sgJaG +-j2rMThwJATcnYE6B06nZPSQ/554tuKRCM0qOoYUrn4PK4bw+ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C23:KAS-ECC-CDH_B-233_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAV9yPamjjC2lBiwX0Lg3Ui98aceT95wX +-+2ll1EoDATKxd2CsLiu5+BPtd5DFzTqg04q2Ti4nLd9KTCwa +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C23 +-PeerKey=KAS-ECC-CDH_B-233_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00d9eb3c79cf442595dad03ed4a38daf358b97d5dfc01cb61ff200a47958 +- +-PrivateKey=KAS-ECC-CDH_B-233_C24 +------BEGIN PRIVATE KEY----- +-MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AkK3Asgfa44FiLPkuBLzn +-R5GA7G4XcWYvXDF5vZmhQAM+AAQBBq2/m7/bMINZin9tsukdLnwXT3BfwhZjG30F +-7fIBkNhMpvRpX9vKQNJqdJmKBcPXYdvwiYG2RcDqI54= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-233_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQatv5u/2zCDWYp/bbLpHS58F09wX8IW +-Yxt9Be3yAZDYTKb0aV/bykDSanSZigXD12Hb8ImBtkXA6iOe +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-233_C24:KAS-ECC-CDH_B-233_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-233_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAFG3C7i44jQbhoIdVLl0tpa9pEOst+pl +-ll0n0qxwAMd4Tu+InEccnSaz4N4krStL+Lu6b+GPUaQSGIBY +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-233_C24 +-PeerKey=KAS-ECC-CDH_B-233_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0124c19cffc0b9549bfa378a548e8ce11ee7fca28d2d898de49ae1f2ff61 +- +-PrivateKey=KAS-ECC-CDH_B-283_C0 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAvQ0VYQiRqLMjsBo6dbG +-5BYPa6Tjtdgx2Twdqo/T1almDHuxoUwDSgAEBWHklVYwGBaYBNTI4kNbSv2F2jdt +-kUtp05JG+OBhE6oy5kLSB4Gn9Z3n9C9fnWw0gfM/xd6zV8bs9MdY43DSQ13j2O5z +-dwP0 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBWHklVYwGBaYBNTI4kNbSv2F2jdtkUtp +-05JG+OBhE6oy5kLSB4Gn9Z3n9C9fnWw0gfM/xd6zV8bs9MdY43DSQ13j2O5zdwP0 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C0:KAS-ECC-CDH_B-283_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAlBOGheBnTnwEKSmmgVoKZQCtY+USjhM +-fRpiyck+pNH/MA4TAmUTL3tMZLdLkXntDy4hH0Mo1iVAUCL1VBcNqTK4D998GqsS +------END PUBLIC KEY----- +- +- +-Derive=KAS-ECC-CDH_B-283_C0 +-PeerKey=KAS-ECC-CDH_B-283_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=065194e26090e74047ee75f13f9769d20e1b52189650011e283daa090732cc53755dc366 +- +-PrivateKey=KAS-ECC-CDH_B-283_C1 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkArlB5pLgqYTF/6iDyfn4 +-JWpDqx/RrZeCpC5CmpTpEOSCuRwjoUwDSgAEB7kK8Ra3N9kAjkwY9q1TnSnuF5AA +-ih2vLoVvpnLspKr8lspjBqr3jQ8gZXt3uXzKMOq3m2eaOqqQsQkH+XnN6YjOcYSR +-AQwq +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB7kK8Ra3N9kAjkwY9q1TnSnuF5AAih2v +-LoVvpnLspKr8lspjBqr3jQ8gZXt3uXzKMOq3m2eaOqqQsQkH+XnN6YjOcYSRAQwq +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C1:KAS-ECC-CDH_B-283_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAWI6lnXoxANm4mEx5Hsa8GyLM6z16S9U +-ZEgW3LhEOCyUTMIfAp0oD01MDF/XD34kCVlQEovqPK48pG9qX3C3Of4amQJogE44 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C1 +-PeerKey=KAS-ECC-CDH_B-283_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=075c535cc70de19c92d7314afa2f33200903431f6990ad40ac31dadaf4e492a799b75b05 +- +-PrivateKey=KAS-ECC-CDH_B-283_C2 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAofeFyulDzJ7/H1ajAFW +-0lofC59x04mFLy47WHQGy3TvO9BBoUwDSgAEAKA0kHZfyQwjVTwOK3nfojK1GnPy +-FVTl6xjaTJlNkl+O0rvvAwT/1BxbCrKnC4IYjo8VeNarfTzjzjT6RdzDIgfxY+kc +-XWgU +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAKA0kHZfyQwjVTwOK3nfojK1GnPyFVTl +-6xjaTJlNkl+O0rvvAwT/1BxbCrKnC4IYjo8VeNarfTzjzjT6RdzDIgfxY+kcXWgU +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C2:KAS-ECC-CDH_B-283_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB7g2lyhDL3Uo0+7IpniOac0uuIFixHUS +-dC7g8CfMtBV6KKIjBZhut/EJqh+FVuuivciOSRO2Xv+5ROrmOWNsun4B3DcYvLNh +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C2 +-PeerKey=KAS-ECC-CDH_B-283_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=02956f63d48a49a330e2068955cc2886dbfd5bf72a81b10ed83f2d758dd315eca172927d +- +-PrivateKey=KAS-ECC-CDH_B-283_C3 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAVO7uKPOShuZlg9WGGq1 +-Agf1iPMMlL7vKECEI7pE/IdfrzjYoUwDSgAEBPLCRUiZYjrxO2WCCroUVzhAf3cY +-arr6UtJLNb/fWAj/6uB2ARH0SEYK0kMKrseI3ikVSEdaHlg22sUg2OSTyfYBJ15w +-6inS +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBPLCRUiZYjrxO2WCCroUVzhAf3cYarr6 +-UtJLNb/fWAj/6uB2ARH0SEYK0kMKrseI3ikVSEdaHlg22sUg2OSTyfYBJ15w6inS +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C3:KAS-ECC-CDH_B-283_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBzsJKipNfJoXu4jnW0Cp5OQ7mYE89haC +-1JuSkFwt1gZ5Cu05BWatRSotjvCjJ86OKFYUb+yvCeRDHMwEJWoHf2BwHORHa22s +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C3 +-PeerKey=KAS-ECC-CDH_B-283_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=068a3f6938c44b797524377508585842c6a7f1af5ffe9131dd3ff786ae56e1739345d3d7 +- +-PrivateKey=KAS-ECC-CDH_B-283_C4 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAyrA3LmqOXJAH59YhF7X +-Zdo2t9b3c1V3m/skOYJ/81VqdXgcoUwDSgAEBxWchrnGrbIWDCjYYRj4RWSpDBSe +-3igylGNnekyHcp+JfC+YAIp4Fn4WkGJZkrDvwuDvb21h6Bg3yOzf2rUdFTQON+fY +-0FEg +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBxWchrnGrbIWDCjYYRj4RWSpDBSe3igy +-lGNnekyHcp+JfC+YAIp4Fn4WkGJZkrDvwuDvb21h6Bg3yOzf2rUdFTQON+fY0FEg +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C4:KAS-ECC-CDH_B-283_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBFXoe8Iwzn/FhjEt0gfFKeR+PHTMDOXQ +-c/v0sclX+Mu9kRO8Ah/79i+yUx2znvLQvc4NnBQckunNymJ8qjm1k/xKAhDo7kgf +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C4 +-PeerKey=KAS-ECC-CDH_B-283_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=019b48d5eeaeb05b58801ae8f345ad9bacb91daac885e506949b849ebc67bcbfa308aab7 +- +-PrivateKey=KAS-ECC-CDH_B-283_C5 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAmib8hR10y/nGnNV79mn +-eHyqlUXr64U+UYTOQhUkKQUfQMvEoUwDSgAEANflvPrFePzXKBgGRRdtfgiLaNMw +-ognxi5aGYv7RY0KzkhogBvdQs7XpjgCZtpWWWqHRZHXRB0+SMRJ+1wPiaW1LVq/e +-u86q +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEANflvPrFePzXKBgGRRdtfgiLaNMwognx +-i5aGYv7RY0KzkhogBvdQs7XpjgCZtpWWWqHRZHXRB0+SMRJ+1wPiaW1LVq/eu86q +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C5:KAS-ECC-CDH_B-283_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBlLMyJIfQ5r0KiMBI2tYQ6QvH9mez+G0 +-E0w94BTNx2A1NHzAAzQdgHSfGl7J96xiUjhP79OLbyu83Bj+vobBYPXnjAA/Bm4G +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C5 +-PeerKey=KAS-ECC-CDH_B-283_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=061b3bef1766460f6296ed47d39ebf5a710d202d2b7e7cac0f0d3b235405eece99aa30d7 +- +-PrivateKey=KAS-ECC-CDH_B-283_C6 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAQUgQpiN3fRw0KLjb/9b +-k+xp9NJAqON8BkzE1ZlGe6J688nxoUwDSgAEAMfJ/3fgGLiAG934hnAlVrEmptmh +-gxofYPNYcuUkwTTVU+SkADXXZ7WLSZ2ftUViw4MEEa9Z5wiKSjMz1dx/5bD38eHF +-46wr +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAMfJ/3fgGLiAG934hnAlVrEmptmhgxof +-YPNYcuUkwTTVU+SkADXXZ7WLSZ2ftUViw4MEEa9Z5wiKSjMz1dx/5bD38eHF46wr +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C6:KAS-ECC-CDH_B-283_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBiMxuTOvtDhPo6TSJFUa6BILxV/H6nPy +-vnSeIXr8ThunnnYPAr9RxE+DYcMFTK1kD5JEb+OCCwY89LsiyhfAonT9RvUFBPvs +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C6 +-PeerKey=KAS-ECC-CDH_B-283_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=055d579458860a3dd92ac6570847632f04460755c22a4c432cf4dde9611d2ce1608ca185 +- +-PrivateKey=KAS-ECC-CDH_B-283_C7 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA7ua1fpVLTjRp3y1U8Yx +-4tCUDbawTwvXAR6nNb5Q0EXampwdoUwDSgAEBocHGAXCWn0LFzn3z2gbLylcT52J +-NzUdIdHUP2NOmlcQW/EnBjO6IYcuN5xQ5Eg3KxwOZehdB+3XEtfcBvppopn2A33s +-5mDc +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBocHGAXCWn0LFzn3z2gbLylcT52JNzUd +-IdHUP2NOmlcQW/EnBjO6IYcuN5xQ5Eg3KxwOZehdB+3XEtfcBvppopn2A33s5mDc +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C7:KAS-ECC-CDH_B-283_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAh6C1q9tMhGYF2/4mGwrx4agCBMmzIXw +-JrcbMqwGwLrmtMuiAelzP6nSmWEmlCDbJO3A1a4oXXjJrhSzixAZ8TZS8ZAnfcR/ +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C7 +-PeerKey=KAS-ECC-CDH_B-283_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=054fa7c6c84fb89e5892d9194540860ea31ae2b6e37a86971344230ea512a3f6c0569216 +- +-PrivateKey=KAS-ECC-CDH_B-283_C8 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkATOqRF3IDX1aCX0doR1R +-DmVxp4O0+yNUAnF9aLqP0UVOazGfoUwDSgAEAtJuRqbtn88dL4nGPYDgFy3ttPWu +-3f8JKDaqyFmQlIhVV+rZB9ZxOXRwHBYK7eyPlOZEa/fTx5DL/4cCzHhAp4GOW2Ji +-cfcj +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAtJuRqbtn88dL4nGPYDgFy3ttPWu3f8J +-KDaqyFmQlIhVV+rZB9ZxOXRwHBYK7eyPlOZEa/fTx5DL/4cCzHhAp4GOW2Jicfcj +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C8:KAS-ECC-CDH_B-283_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBF1i0B217xc9DP8xWpKpoQXRrXhP+bCO +-ch81gOBiZf9TihlLBrdkwf92mFSWuURRt1bE8w/fxjjYmQMSu+zL+9c+jFqFWtt1 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C8 +-PeerKey=KAS-ECC-CDH_B-283_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0353ff03afda3772984aadc4000e1275656607154b06c3a59c664945fa6fde1c255ffa86 +- +-PrivateKey=KAS-ECC-CDH_B-283_C9 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAEZh8QeptXAEXduwc4q2 +-mxwXqazBHaXax/2GSz38NqJSgtaqoUwDSgAEBhurvv7lIRxJF1Bs5fn549HlKyUG +-84ygluG2U8qftp9GEFcCABS/0u8ii1oD4mIwweiXrQgacEATzuVRZspG3jlfxS9d +-ISA6 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBhurvv7lIRxJF1Bs5fn549HlKyUG84yg +-luG2U8qftp9GEFcCABS/0u8ii1oD4mIwweiXrQgacEATzuVRZspG3jlfxS9dISA6 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C9:KAS-ECC-CDH_B-283_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBKVhtRhK3tnHvZho8wQ7Xi3lGQj5wD1e +-awijCIvMUO4yA+JjBYFbV5/13sb6yXe6cIizM79MAjHaAhh07gDXH+JdP01QpXrD +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C9 +-PeerKey=KAS-ECC-CDH_B-283_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=050795ba093d2e02398c358951f20c9e3b4f60628a96a4d0c46cb8fc0005e5331b38a09a +- +-PrivateKey=KAS-ECC-CDH_B-283_C10 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkADa9IfhKudtvS93JRjXx +-n4CssoE9pTmeB3eDLC/r3HGGKr4zoUwDSgAEBo7jJFdU1R33eABGrzmstAfEmYxi +-C/+U+zdPr0tJgAbuoM+IA2akSfCez7rsxJ2IAwf1ckbBHFvqAK9CcYZ3qN7xXlkm +-2hgi +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBo7jJFdU1R33eABGrzmstAfEmYxiC/+U +-+zdPr0tJgAbuoM+IA2akSfCez7rsxJ2IAwf1ckbBHFvqAK9CcYZ3qN7xXlkm2hgi +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C10:KAS-ECC-CDH_B-283_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAdfXU2zYOD4cCxuKrgK6qf0sTmiyGAjB +-dU0LFRNhFX+BJFkwBzA02kFnl9qVo4Nu7yex+icfWaQ0hI6YC60v3VP/0eNm/2kX +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C10 +-PeerKey=KAS-ECC-CDH_B-283_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=02ab08d63cdb4be2502558e67eab27570f2d029e7f981d153b973080585d01e42f7187d9 +- +-PrivateKey=KAS-ECC-CDH_B-283_C11 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAWWXrm5J550GkDSXKmNS +-Wjw+LSwlO54d0/N4FoEs9UrWXFRqoUwDSgAEBQ6gc1ItvlFAj4Xwpghr1Mjv5XL4 +-Cq2t1+cOu0tyi/2/1PG8B9pSABfHrSkWonGbhViVj3fHEtNSz/nArZn7yYoOBl63 +-rH/r +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBQ6gc1ItvlFAj4Xwpghr1Mjv5XL4Cq2t +-1+cOu0tyi/2/1PG8B9pSABfHrSkWonGbhViVj3fHEtNSz/nArZn7yYoOBl63rH/r +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C11:KAS-ECC-CDH_B-283_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAgQvWj/l49MzW7e8253L2HFu0Y1/wv9C +-l7wf63zKMQAi4iE9B767bA4EbVr9v6h+qYyn9V6c27BV0MxUm0RY1pmL27NFF3OI +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C11 +-PeerKey=KAS-ECC-CDH_B-283_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0599757e3ffeb484b32d3b47828b6823d46786d35477082ceacf3a5a11552394fe58f53b +- +-PrivateKey=KAS-ECC-CDH_B-283_C12 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAV6oVnx7grSD+jZejmgc +-CmNfVjocgUcLTf5E8ZT6ket4QhgeoUwDSgAEB6/isitU/olcJCwgwFSYn6gE5ZGX +-DdqKfOEJ1r0xttqo8vx0BgczvVpOqbXqcJCs/ukYEGt/JScvP3yzbto4us0hN1YQ +-zeko +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB6/isitU/olcJCwgwFSYn6gE5ZGXDdqK +-fOEJ1r0xttqo8vx0BgczvVpOqbXqcJCs/ukYEGt/JScvP3yzbto4us0hN1YQzeko +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C12:KAS-ECC-CDH_B-283_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBnr994j49IMcPH12BNB6W9xZ2kLZMnMf +-r16vB1MoCWaraTeQABs50dhytl4xJRwfWE5P4+111TrZDoNv6QyNuU/nfO8LynIE +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C12 +-PeerKey=KAS-ECC-CDH_B-283_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=005e331af55e96153d8a7b906a4a19016a26381977b49f80b9d70db099053c6a3b8e80d5 +- +-PrivateKey=KAS-ECC-CDH_B-283_C13 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkACkR2TjZUIrsy5h34SfR +-sUYaza7QNfIOD3RMd08ccnA7XEtJoUwDSgAEA4a/3+YDc74RS0F8Tc60QyI/3mfA +-/vKe0PhntaFfXqDMtNzKAvrDjshJTPdXYjPsgoLeOEtn8MqASAhCAQOdGUyL2k9u +-Cv8+ +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA4a/3+YDc74RS0F8Tc60QyI/3mfA/vKe +-0PhntaFfXqDMtNzKAvrDjshJTPdXYjPsgoLeOEtn8MqASAhCAQOdGUyL2k9uCv8+ +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C13:KAS-ECC-CDH_B-283_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAYhmpPovfCU05WOikd6HGoswUqZ09dvC +-O53qDozv2garwyyPBY3Ezxv5hdG1ZpcIR8umuKT0DH5ipYCLByC7uM3ztFMeOAvn +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C13 +-PeerKey=KAS-ECC-CDH_B-283_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=07e132ea71a16c7cc261b9d6ff6fc52cc490da616b07d92f9e591fc1e630d3442572338f +- +-PrivateKey=KAS-ECC-CDH_B-283_C14 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAWYvVUhWwCCKMbGVFI+C +-jgtckqTqTAMySL6/lXtYa0Ce1ZhQoUwDSgAEBwVSZMPeOmItJv561wC96gRdSzzn +-GPTmrkTPN2w6lqJlCzIhAPRcwROGaK3IFQ03wHK7QkVmDBh4VoPHsXqh+4WRumza +-I2V6 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBwVSZMPeOmItJv561wC96gRdSzznGPTm +-rkTPN2w6lqJlCzIhAPRcwROGaK3IFQ03wHK7QkVmDBh4VoPHsXqh+4WRumzaI2V6 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C14:KAS-ECC-CDH_B-283_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAAVx177wVgiRcvE0I6WFq5efS49351LA +-QsDGUmO0dpgeXzFXBEvKaT6dOxp/pq1C2382saZXEtCe87txXiZAoYL0NmIGhsCk +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C14 +-PeerKey=KAS-ECC-CDH_B-283_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=010f26817098ce1bbd6743784d6fb65e60699c14933a2c8d854027aa58b58db9e66a53a7 +- +-PrivateKey=KAS-ECC-CDH_B-283_C15 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkASwBAKmWPuF9es9N344C +-2K5187mRFPU2avtKAK3po8DuOaiHoUwDSgAEB3lPoZxrENOZ4PUtNvSDx4UYSOYr +-rPlbWvUeygmtRF7hnvNNBhQNLuFs0KbLGWBQmnzMZkvpdkSpWuFvShc9moZwFfCD +-fwVg +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB3lPoZxrENOZ4PUtNvSDx4UYSOYrrPlb +-WvUeygmtRF7hnvNNBhQNLuFs0KbLGWBQmnzMZkvpdkSpWuFvShc9moZwFfCDfwVg +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C15:KAS-ECC-CDH_B-283_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAW60u7PDhuD0L7A3vuR4xMDb++Vcxo4z +-/bApueXnJK/0/Yv2AlFDL4RWikSXHoarcV04eeYU4Qclc174+2ZS0HnHkI8RvR8B +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C15 +-PeerKey=KAS-ECC-CDH_B-283_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00bdd8ccd1b40c5bc2efc1c105999350fefaf784710914ff639582f1277678699491140c +- +-PrivateKey=KAS-ECC-CDH_B-283_C16 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA0XCdrBezp58hoEfjIr0 +-iyLbQdQGYnUAlhG4gNfSzvMpxQ6CoUwDSgAEAHr//PoxwRCqs7s5RTCkHEFq9Wa/ +-uo8Vn5hEN+eZ3dqvjN/SBl+zxoRGp0BourfjargOmEcH45pKFD9aRtZGNC+fEvJq +-Mikb +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAHr//PoxwRCqs7s5RTCkHEFq9Wa/uo8V +-n5hEN+eZ3dqvjN/SBl+zxoRGp0BourfjargOmEcH45pKFD9aRtZGNC+fEvJqMikb +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C16:KAS-ECC-CDH_B-283_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAkF8ZWlNhQx8hm9+EWOaX4cYypqrs5L6 +-hhDi1dfdozdaYH+bBRM5ONyZFE0W6nUlw/5OMuMg7QdbllJ+E7KpnJ8nrenvnty2 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C16 +-PeerKey=KAS-ECC-CDH_B-283_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=014a83e747c90aec6101c0a752d92eef7475b00051ecad3d7c2e50cf4eba1ef3c80b8c94 +- +-PrivateKey=KAS-ECC-CDH_B-283_C17 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA6/Vr/o0a1JZaX2SF5Uq +-/NA93+wEYxvZlcEKwlg7DKjSRh9doUwDSgAEBrTCw2FbJmVD3hiciWz/d7VVfHgs +-IVlhrHMkGF/JqBCY8uvqBH/vGWBzmuCu45o//bguiQ1CNvwi2tOV1JC8Ol7qWOjN +-A+27 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBrTCw2FbJmVD3hiciWz/d7VVfHgsIVlh +-rHMkGF/JqBCY8uvqBH/vGWBzmuCu45o//bguiQ1CNvwi2tOV1JC8Ol7qWOjNA+27 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C17:KAS-ECC-CDH_B-283_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAMXWFJ+HF0ujf0wcb2f2kFq7MZ9Sa3qh +-vh3SBd+TCrHJG7H4AMLiHhIGzUu1tiKr6Xyj8lLLxo0FSnf466utWT+xhjMGkov3 +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C17 +-PeerKey=KAS-ECC-CDH_B-283_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00afd29e352779a39021536ea50c24fa264c599f8f8fe8f2ccf0615a6547a064d7c1a150 +- +-PrivateKey=KAS-ECC-CDH_B-283_C18 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA9V3H4SFw7i+YqVvOTZR +-PjtjGlYalCYT35UUD0cyFN9hfExOoUwDSgAEBZBsxFKbIgIo77sFRb9V7APIb4fi +-9OOjy/QE4HtzpbGl9SjNAWWI5IDEhWzS7pqvHjAoEvvAsz9SfCm3fOD0h46gidAl +-pEDA +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBZBsxFKbIgIo77sFRb9V7APIb4fi9OOj +-y/QE4HtzpbGl9SjNAWWI5IDEhWzS7pqvHjAoEvvAsz9SfCm3fOD0h46gidAlpEDA +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C18:KAS-ECC-CDH_B-283_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAXMETlvmOZfXkl5DG78ATPDwuoWqKVo0 +-Ho9YV6EgvonXdlPpBzfMBJaQ+XCCSnsMICJDloLJ2C9PI+SOXwf+qWJnyjvU1zCl +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C18 +-PeerKey=KAS-ECC-CDH_B-283_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0477990f17d65589289c28e54a56a83bc05ef4ea6863c5ebe840925c9fbef64ccd6e69a4 +- +-PrivateKey=KAS-ECC-CDH_B-283_C19 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAOLAxgL7EyOZ7p8xAINl +-6iLMEmD3n+OuYQibim+kVZyska7IoUwDSgAEBubjGMDEwLZh39PnIgkOzTL9yco9 +-Fo2ccXTB1Arbss5nLZJSBAvcHbx7Fj98lVH0faqClKwtxP4NRyxOLyz+/JXVI/9Z +-4OiA +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBubjGMDEwLZh39PnIgkOzTL9yco9Fo2c +-cXTB1Arbss5nLZJSBAvcHbx7Fj98lVH0faqClKwtxP4NRyxOLyz+/JXVI/9Z4OiA +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C19:KAS-ECC-CDH_B-283_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBoWH5p3t30tVrFHyoX3Yv9b5TnIQAyFC +-Fb+ySySCgedaPGWUBE7unHArxMHiEMfMIUUkWSVorA+f1n1uoCtNw++0LPuyJj2s +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C19 +-PeerKey=KAS-ECC-CDH_B-283_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=067a661346fe052ca27f3f03e75bbdfc8fe6d0d85c62c8f79525252aa241ae9de97d56c3 +- +-PrivateKey=KAS-ECC-CDH_B-283_C20 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAy1XP964Wk2iKXiWYxQU +-UY1LoH3E3XL3MXKIkNC0TTbyMJwOoUwDSgAEBvb/6gqHvZ7rU5xIo/y/OIFZhiJZ +-x/eEDmSAn77bAag4EsDGB8eVuPKEf8OfpWwt4ebLv0lFCHyy47kZ3HdrTMHIPksc +-ebi6 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBvb/6gqHvZ7rU5xIo/y/OIFZhiJZx/eE +-DmSAn77bAag4EsDGB8eVuPKEf8OfpWwt4ebLv0lFCHyy47kZ3HdrTMHIPkscebi6 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C20:KAS-ECC-CDH_B-283_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA/EibYAsV1+HGiE7gVD3gYu9YlZjtz5y +-CnN/BxiWCG2gsUzZB9HLDOGcmKY6r3sxTx9XIOMohwUzhKwPXrabbEcajj09Fudv +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C20 +-PeerKey=KAS-ECC-CDH_B-283_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=06476b0620eef165941a4507e6d798d6f150ab29333c0552281b629170d3291b2f9b3f41 +- +-PrivateKey=KAS-ECC-CDH_B-283_C21 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAKaqy13T6DWBT0UtggfR +-WlM2OPcOlPh8Bhlu/4g41I7tLiZ0oUwDSgAEAt0Ak6jUGYMfNLrGxgpXDFHQjmmb +-GByWS2Z9DRftcqSRGazZAakZdr5dXgN/IjUNZ6t7+rUbvE+mAm00fSj7RAe8zEDd +-EKAO +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAt0Ak6jUGYMfNLrGxgpXDFHQjmmbGByW +-S2Z9DRftcqSRGazZAakZdr5dXgN/IjUNZ6t7+rUbvE+mAm00fSj7RAe8zEDdEKAO +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C21:KAS-ECC-CDH_B-283_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAqkR5+bS/HcNHqvH33AbsRkISmhZANIt +-UtWY/h0o/IkbMbSHAbjcZxPKRT6RsuxOTR+DSwjuvH6IhsOkWOcJJSQsSyK/CyBT +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C21 +-PeerKey=KAS-ECC-CDH_B-283_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0746719f2ad08f8a8d6d6fbf15723f336285ce75d3a2fcbd5a0c54c577517a22bc264161 +- +-PrivateKey=KAS-ECC-CDH_B-283_C22 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkABEvsqtWRDdlZ2oeQbPL +-kesaZ5DpZO6QDPySlWNrpMb6h6rSoUwDSgAEA/UH2ZzCSY4sf1T7PJwDLzglSOLj +-Fo+hQBJaUmBIVo87s+WhBScN9378fWxV+SWbyCJzyba982duE8NgGxswIrli3hEp +-yzsU +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA/UH2ZzCSY4sf1T7PJwDLzglSOLjFo+h +-QBJaUmBIVo87s+WhBScN9378fWxV+SWbyCJzyba982duE8NgGxswIrli3hEpyzsU +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C22:KAS-ECC-CDH_B-283_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB1QapR1zAuK7VXwn7BXX+cOuO3bsL4bL +-lejerX+ga1eDl/HxAX6iL2tUdPD18PTq1UFyBkBRU40+IypTDfyl8qDcZ3Rsi7Ha +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C22 +-PeerKey=KAS-ECC-CDH_B-283_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=03cda4b5f44b5d3dc248310f994419fbcbd665115d1876046652251ad4aeeb1dcf184288 +- +-PrivateKey=KAS-ECC-CDH_B-283_C23 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA+TxxPMOKo1v1Vn3/ogg +-6IaUneh8AdjrZMe0DxVIy2F6kmAzoUwDSgAEBeP8VuwWKIXBKR5K6cGcjrK7VZ63 +-7NWBdUm1ouo6ZtlRiAqmBMAE8q5NtPdItDe8EV4G6iAXqHeYKY3WAEYW/P/cx+wt +-/W25 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBeP8VuwWKIXBKR5K6cGcjrK7VZ637NWB +-dUm1ouo6ZtlRiAqmBMAE8q5NtPdItDe8EV4G6iAXqHeYKY3WAEYW/P/cx+wt/W25 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C23:KAS-ECC-CDH_B-283_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAh+xTlLNQkOlIPYwIpsd1pYcSb2W9D+p +-yuN63YTaeuctwweOAN1ji/kFP61qpP8tMwuKSiC/4wIPQLlpIwLQsKPC2HeFbsRq +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C23 +-PeerKey=KAS-ECC-CDH_B-283_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=015c892f95768a96ab5a4f9523b7fd466e101f63b88ad8f1fecb3027cd70aa00735dcc90 +- +-PrivateKey=KAS-ECC-CDH_B-283_C24 +------BEGIN PRIVATE KEY----- +-MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAK5+s9QDVPn4/tGPIWLe +-44FWyuBTW1U3DaNjjwFmiuz5cIvmoUwDSgAEBh6IWONo2ckX8SnZMt3EzKUh/0Gf +-HXQjDoqlsbPpzmf0HEtMArDX+9xjajvDS73SqJKRtWew+yrzI4OGi9QNS6TKyYgM +-JUC4 +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-283_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBh6IWONo2ckX8SnZMt3EzKUh/0GfHXQj +-DoqlsbPpzmf0HEtMArDX+9xjajvDS73SqJKRtWew+yrzI4OGi9QNS6TKyYgMJUC4 +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-283_C24:KAS-ECC-CDH_B-283_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-283_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEANCO04VqvvfUpiJDyS1uZwzrOvMjV/25 +-05wZF1oQ0curNs54BdufrX/Ir+eci5zkjmL/oNRrgFqeWCHidhwlwO26krEgsGPy +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-283_C24 +-PeerKey=KAS-ECC-CDH_B-283_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01adf5a96358e18d69fd383b4dc7b20dd646b68a5c9f1417bcf426240ca22b8f32bdf1a4 +- +-PrivateKey=KAS-ECC-CDH_B-409_C0 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQArOkhA//iYqwXrUKk +-bUNm9MtMWA7/OrHd5r3f27c3SBHVKx+pkyC0r11OkgjBTrjvqJFsoWwDagAEAE68 +-TUrPm0BNq8OvPoy+qLiLMpmdPst/NnsS6zpigLhAA44iaBY3p9FkNuAU9pYWq/cu +-RQCeJBCVQcgCQhfpqyyWP6njc2QAlabCWibu+sWOQ0LAyFRIsnCVkqEkAv4raKeT +-xVjOjNY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAE68TUrPm0BNq8OvPoy+qLiLMpmdPst/ +-NnsS6zpigLhAA44iaBY3p9FkNuAU9pYWq/cuRQCeJBCVQcgCQhfpqyyWP6njc2QA +-labCWibu+sWOQ0LAyFRIsnCVkqEkAv4raKeTxVjOjNY= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C0:KAS-ECC-CDH_B-409_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAUaYmlApe+Nz3WZcRUVaKuTCIdpc1CQA +-e9l/no6Eb5Z0Dz+ljDyUEpZxzdTX6mUKKq3p1wG0K//ahDlGoUrWCA+VuPxrfhc1 +-KNCO02/mQKr4WqAPte3VkFo4s8eWG3cit3uNy0S7JfU= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C0 +-PeerKey=KAS-ECC-CDH_B-409_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01d48a586be9285fa38dd3e70b0330b0ffebd327ceefef88fdc1521ef2fd61cbc9124e03b0c926e70fa56acb3edb54c3c48fab2b +- +-PrivateKey=KAS-ECC-CDH_B-409_C1 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAP/IvfXwEmYmkPg6j +-9dYXmBWcF4qnktedH/6/+Ntw7h/eBApLXx7TP7P/I8ROfGshsGI7oWwDagAEAdXJ +-Jg5z6jbk3qqkuPRUH2eAZraQdxqG8NrcWA/biVmB5t0C3SZO2fnBdjvVSmBSotPb +-pwEacGgmNl7OKOOLM2ILygFtLZM4UY39aGg3BHbay0HjuUdGV2nr6BtiBzFnNXb3 +-dFHQ/hQ= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAdXJJg5z6jbk3qqkuPRUH2eAZraQdxqG +-8NrcWA/biVmB5t0C3SZO2fnBdjvVSmBSotPbpwEacGgmNl7OKOOLM2ILygFtLZM4 +-UY39aGg3BHbay0HjuUdGV2nr6BtiBzFnNXb3dFHQ/hQ= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C1:KAS-ECC-CDH_B-409_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAX6fAbHW5XAjKDMNIyod0/LFksxAn2yu +-8HCEQIN/NZdRDxEZVKpR5WRsz0fv8fB6T4rhywA3FPbqH9FDznUeLYW69UxVI5dh +-CO1IL9auEDdDExynFgJrFqHkliMfmRzcj220R/X5X44= +------END PUBLIC KEY----- +- +- +-Derive=KAS-ECC-CDH_B-409_C1 +-PeerKey=KAS-ECC-CDH_B-409_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01856c92b46d671d8a7f6cc468efb60a61093d006c95bb931c1fccc336d4a8490fe17fe163c972bac39fe728f24534a0c34d2d21 +- +-PrivateKey=KAS-ECC-CDH_B-409_C2 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAlt4sOSnECF+cwdN3 +-jC2/Pbfw9357p7vE5AjH1l4si4iwdV8WC621JOdpfFDmDI2Z5W2koWwDagAEAZxH +-15kUyL2udU7F7B6ByP8ympOOaXHu48lFxOv0ieFLFeYTVhbImMgLewa4r2cGHHaa +-tQAAiAIrT7DnVOxPq4z0/GNiVUJnVfqZtWgFwV6sBDJRVdzL+kFF4WHEDxib26o9 +-0+DD1sk= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAZxH15kUyL2udU7F7B6ByP8ympOOaXHu +-48lFxOv0ieFLFeYTVhbImMgLewa4r2cGHHaatQAAiAIrT7DnVOxPq4z0/GNiVUJn +-VfqZtWgFwV6sBDJRVdzL+kFF4WHEDxib26o90+DD1sk= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C2:KAS-ECC-CDH_B-409_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAYPuNVqTzROv8XVqCOWOIZWoJimNQ/bQ +-e7HDgrTlaNAICTkmAAnGr8vtDyMlLgHW0UxtjwGyMJs4GcJFSkitJTrJe848ebUf +-UO1oA88FRkt0paHeIhE+I8AYxc7ZGG3bmBxini6ds+4= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C2 +-PeerKey=KAS-ECC-CDH_B-409_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01972e225e08b47512e92c0da9a1bdddb1802be402222cac5788b322e101feeb06b66b2fe726c1cd8aec92e02f37d15f4c97e64d +- +-PrivateKey=KAS-ECC-CDH_B-409_C3 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAq9XWHN4xGAMBwmnV +-KvhWuqObifXvRTZ/VRkhDHHXezGNBT7AwvSb9G3gXKvyPH0r19I/oWwDagAEAafv +-PRfDAehmG6ZsHN7oKptE1xaQnjZjtCPcBu9r5PYWzReTIc56Vy2kvKLom3aO3IRZ +-swDfdDhJogvDAmBitCDTlC8Y4tbFMH5uGVXjOwnVlR3FmzGisdWMIz4siW4tnMqo +-7rjo8RM= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAafvPRfDAehmG6ZsHN7oKptE1xaQnjZj +-tCPcBu9r5PYWzReTIc56Vy2kvKLom3aO3IRZswDfdDhJogvDAmBitCDTlC8Y4tbF +-MH5uGVXjOwnVlR3FmzGisdWMIz4siW4tnMqo7rjo8RM= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C3:KAS-ECC-CDH_B-409_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOhd6dY+NOXHu6b/mxb0yE2V8R3+khB7 +-H77K6Yzm7/PblthpAL/SLNQj284eVya+jll5MwC3FBdx98gW1V7IxTgi0uehkvpU +-oX5bmbLZCWG1Spn+1Tq6S9oaQHStPSP5yREgV5W1RQs= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C3 +-PeerKey=KAS-ECC-CDH_B-409_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00b6661a866abbf1843dea8f220e360fe7cd7d9e85c316138fd2532a57d7d2a6bfe6e5518019c603a2d0e338ac6a8690093c2883 +- +-PrivateKey=KAS-ECC-CDH_B-409_C4 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA8yPI7kM8m6FdNwgG +-mDSsxNk3vlAX4dGC7HZGarooLHO14+lv4QYUNkFALHLGJIS6HxLyoWwDagAEALdP +-UlIBGfwIU2zqWEIg3psGJAHmT/Y1kwXC5rDASpX3e69T4jwyau52IRSVwwssFQuS +-dQFUBYji/VaI0bNXY5CMH4I+7sqJQvYhbOBM72btaZHfaiL7dEEbE9BlE6ZbZOYo +-Fe4CBpc= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEALdPUlIBGfwIU2zqWEIg3psGJAHmT/Y1 +-kwXC5rDASpX3e69T4jwyau52IRSVwwssFQuSdQFUBYji/VaI0bNXY5CMH4I+7sqJ +-QvYhbOBM72btaZHfaiL7dEEbE9BlE6ZbZOYoFe4CBpc= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C4:KAS-ECC-CDH_B-409_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMqHCsvk6zrmXt2V1pROsJDg5VBxK+Ox +-Np5HMgP1Kxg4ZU96Q0K9gwlwT+1pM66dFizNfQF5bMKGvz1TrWNpdzdPg1bkVzC3 +-qkOAX7UoAfc74+mzKAiYSq677Xvl455RM1sN/zR4KUg= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C4 +-PeerKey=KAS-ECC-CDH_B-409_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=010889037c707d90b833d03256ff2e8a5ffce16fb3613486221494a4fee82e74625a93d966c2028d0930115494f9456cec4d2b6d +- +-PrivateKey=KAS-ECC-CDH_B-409_C5 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAEz2iulSzYkTIBC8O +-LaNxjlbb0oSO9Ce92yQXf2JEdbU0AK/csYh56P5rRgmk97vCFSsToWwDagAEAOOi +-9OY8+8HuhEdFqz4eW+VzIEYJrs5eKLj7iriuBomEZ6lae1nAiYpBSr/ycDzLzcCS +-CQENc8Q7YwFwOVEErK1sGlY9MpZjIzKhSB3cLDGDa9Gj7hpzZNf1uClduVo3RbS7 +-vrgJW8I= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOOi9OY8+8HuhEdFqz4eW+VzIEYJrs5e +-KLj7iriuBomEZ6lae1nAiYpBSr/ycDzLzcCSCQENc8Q7YwFwOVEErK1sGlY9MpZj +-IzKhSB3cLDGDa9Gj7hpzZNf1uClduVo3RbS7vrgJW8I= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C5:KAS-ECC-CDH_B-409_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAH62Hf3fw8DQg/4iE5Z5hjgdnjDmhK/f +-K6yPGjYujG1jWN+VkwYAQn38HrFBGP0SObZ7aQFbqH+YEUzsiyy0W7o9zwBrKH4H +-477x2ifOCNqeT0i9JB9ZofnJPIN4hHFXUPQIX5E/T3o= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C5 +-PeerKey=KAS-ECC-CDH_B-409_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=010a8aafbb243fc9466bf381eae173c01be95d88a9c131b07ed54d2f117cd3af4019ffb196ebe8290b1269622f9df26763ffa211 +- +-PrivateKey=KAS-ECC-CDH_B-409_C6 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA33VUwBMv1OSiuSF4 +-dfmSSlXKsxm3anwXnPAiKTdXmZbPlJILr9RT5S9dL8SAATKfvXjEoWwDagAEAWCF +-HP+UfOcqEYqrTa1M4sPOm8Mwzh0G761/Yw5Fu883CX2UBR2dMQq/+o2W7SKoR8vm +-kwB5o93eY2vGKvQebsDgc/5kYuOK1Lnjo27MgROixjlM7SGr3I7Flp5Y4AnqE9vp +-KalnCco= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWCFHP+UfOcqEYqrTa1M4sPOm8Mwzh0G +-761/Yw5Fu883CX2UBR2dMQq/+o2W7SKoR8vmkwB5o93eY2vGKvQebsDgc/5kYuOK +-1Lnjo27MgROixjlM7SGr3I7Flp5Y4AnqE9vpKalnCco= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C6:KAS-ECC-CDH_B-409_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAILxSOw00dCLJueeN3LhLWWVmLc7b/8L +-qxhF6aW1BxRJ7ydZ/tY6qAYkuDprLp1zm4P22wEJzqBIpyC6dJ/FIsha9f54N1HD +-n+jQUVug8NPc0Z8Ywi2jkJ8C14c1qhGy/roPjTMMVwM= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C6 +-PeerKey=KAS-ECC-CDH_B-409_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01e17b8844c4c757553a628d6f4c48f3a337ed2bbb6e4047dbfcfbfd02bb81c6e096f8ccbb7f2e5d10ee9cbcc960e3a99e79bd09 +- +-PrivateKey=KAS-ECC-CDH_B-409_C7 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAMnNd1/EY0p+fPKs6 +-By24yIbUL6Xee+plA27TyNRKEej5b04abyVIiMqyFDBRkaJt0drRoWwDagAEAC05 +-4PifuHUVHuOzVPjqFZ5/um8j+Kdk1J4H70PxjTz4bhuqrgrXnUAAcJpQJS8c42Ax +-NQDORKm3dbA89CsxAklmB5TCXgQisDrZurqiNhBhMlH+DlQEbgT5IQQ23TdgA9GP +-mN/a4Yk= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAC054PifuHUVHuOzVPjqFZ5/um8j+Kdk +-1J4H70PxjTz4bhuqrgrXnUAAcJpQJS8c42AxNQDORKm3dbA89CsxAklmB5TCXgQi +-sDrZurqiNhBhMlH+DlQEbgT5IQQ23TdgA9GPmN/a4Yk= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C7:KAS-ECC-CDH_B-409_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAIPKBN+EWOXmzm4TuTfatJhSHYJvuVQS +-NFZ+mV8Gg8gPQ4UW7v8M+JGKX4tSYszco5l0FwBfizwg4/4lWe/g6FoSJ235Iu8P +-Qlf+cDviUp9u/7bymaGiUcAeONQ8pspXbvHgvrbJEh4= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C7 +-PeerKey=KAS-ECC-CDH_B-409_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01167edf7a3c50e13be126eb2caf6b5f8f761cc8dba413246423b877df74a3aa3f48144b44cd133ad9f2d05ef97a08f7ca511d7f +- +-PrivateKey=KAS-ECC-CDH_B-409_C8 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAsE8ztoeZYw1i9EM3 +-x3xaa24Pdga1yHJEqk59ppjMj/HTMRtI7nyaaBK6+QVDea62HAwToWwDagAEAcWU +-DC3is3NYJK4plMFQhvqVh1Dk2DEjrwR+mzwmR0bJtdkZ2iFTVdjCiygIo30MxfL2 +-oQAKv+bxUQoYLv943YAum6IeZorqVzLHMt38XfkwH1iZ8CuugPgoJgHvPu/kFO8s +-cm/gAlg= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAcWUDC3is3NYJK4plMFQhvqVh1Dk2DEj +-rwR+mzwmR0bJtdkZ2iFTVdjCiygIo30MxfL2oQAKv+bxUQoYLv943YAum6IeZorq +-VzLHMt38XfkwH1iZ8CuugPgoJgHvPu/kFO8scm/gAlg= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C8:KAS-ECC-CDH_B-409_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATEVNql0W3R15sL9ckwj2epmgDoTm0fj +-riY7D7fkLjMWJ5u/YiriYlMbLiKD7MGmEnybCQHUjMx4HwvewxMJEARLdpCamr1/ +-yxhAfcQvY5EvomZyCAA6stKBAq3PuT3cBTdg5Twtqng= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C8 +-PeerKey=KAS-ECC-CDH_B-409_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=015c0d202bfdee2dfbd4be91625171992e6c6b1a1d06cc1b2b66ed64c9d928bd4f062912900d3f89045c7190f513d3b019a634f5 +- +-PrivateKey=KAS-ECC-CDH_B-409_C9 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA1OvDHJpl7jsavZ1u +-ZJV4DFTmM/WiqfYchAjXZ9CRbZHLVM/Nk3U435LPxFk44zt31yTyoWwDagAEAU36 +-qnBRjzZ838qJeVoNs3S7e0B6WMqsJLpGgk3OeFAQZ9fgRn0wueH9uwp+rOFfsMII +-zwGdYr4rEqF6ePbJ9+cDZpdl92PGI1/nr3jyUETpnEsbkGU2QLPwrkgaVdR9HrF7 +-hsW62hs= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAU36qnBRjzZ838qJeVoNs3S7e0B6WMqs +-JLpGgk3OeFAQZ9fgRn0wueH9uwp+rOFfsMIIzwGdYr4rEqF6ePbJ9+cDZpdl92PG +-I1/nr3jyUETpnEsbkGU2QLPwrkgaVdR9HrF7hsW62hs= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C9:KAS-ECC-CDH_B-409_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAQwnNTD1T+F0u71cJ3GlWkLmQFDDvyUj +-5ggq9HbrAleHaW7fbkON0Fa1mPUABjPCZP17pQBEPnLak7DHgl9CI8eWgm/RMiNF +-6iWt898aLGlYkIwP2bE+k8wAX07LFVov/3rFT6gYB4U= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C9 +-PeerKey=KAS-ECC-CDH_B-409_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=007c32383aae80e1111207894c8cc5be66fe538af4a19195742a94a4c3f5c765d9776a56177c485ddb53c038b70478959d374627 +- +-PrivateKey=KAS-ECC-CDH_B-409_C10 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAJhdqr5imQzVm8dzB +-kZ6URT6cvzyX4Gm0oXQmRJFn9qEImsFqECpLPkMql4v7RiVdxD0aoWwDagAEAVNf +-yUm0kDAwi8Dal5PVcIh2asjPIujWwnbY8/dlDzATXh9sADAME0Ti8DBuoOJwsJqA +-rwC4/D+mHcIsVVAfKmspRJRtmfe7/vvses9PsgDBAC4yLDkXLsCits4IB/Hj67Hq +-NAA1MUM= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAVNfyUm0kDAwi8Dal5PVcIh2asjPIujW +-wnbY8/dlDzATXh9sADAME0Ti8DBuoOJwsJqArwC4/D+mHcIsVVAfKmspRJRtmfe7 +-/vvses9PsgDBAC4yLDkXLsCits4IB/Hj67HqNAA1MUM= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C10:KAS-ECC-CDH_B-409_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATvrjTbR5/U9gL7qM+/D4AmN6uqheXfa +-j5qunFdueSDo9tpVogkwzmD9SQtPsBVNSSd9mQEdwdh/NS4SvbQaG3ofHlFmKe0y +-PF1bJj/wNvAj8P9fci0FbCSkEfU7NH0HhthPe+h5EFo= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C10 +-PeerKey=KAS-ECC-CDH_B-409_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01166107ab98db1dbe22c5888a70c992af4faf4623ef593802aedfe433809c53ef4ab0b2dc4dc2546488b356ef3265356055d8f5 +- +-PrivateKey=KAS-ECC-CDH_B-409_C11 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAvz5zlccqqEwJYOXG +-kCLOOQZ0BFNEc8THgpQk+B8dRLMfIOK5guJRz5/7Mnp9g09Z0ZSKoWwDagAEARy8 +-TtkDaifv/In/1V+h4+rQ+5O6z6Cni8r+ORSrGpeGD+wTNMqroHJDWRYD5neRrqS8 +-twEBB0xERidjCtClJY4kQ41x8mq5TQW7R9Grl4WMS5LG/xy5vma5hP6OFuRPOT5j +-+dZCgcg= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEARy8TtkDaifv/In/1V+h4+rQ+5O6z6Cn +-i8r+ORSrGpeGD+wTNMqroHJDWRYD5neRrqS8twEBB0xERidjCtClJY4kQ41x8mq5 +-TQW7R9Grl4WMS5LG/xy5vma5hP6OFuRPOT5j+dZCgcg= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C11:KAS-ECC-CDH_B-409_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWkMdGSekuHBAE9D/W5GkL5ZWQTFbSrN +-haSa8KF9NDaMh2jQOe3pySrSayYwa1/973v9GQCBJ19+L/BopsG5LdOMA0JW7XMi +-sCdwKZTHT1uBgSTTShkJh/1liJL8meesuYd71v6UaRk= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C11 +-PeerKey=KAS-ECC-CDH_B-409_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=007e7a249094eb52bee0115b8bd5545f81bf0b7d66998fe124c9a3dd3c5715d03b2f973d47c19af5108a2ae005fcca65e61f337d +- +-PrivateKey=KAS-ECC-CDH_B-409_C12 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAltQDsPpgHJp1qn3p +-/p4R1C76k9lt01EC2gXTrIB+RBlOGOeci1vhHF+znIvU4xIyWvryoWwDagAEAAmD +-OUYpTUruzbb3JUykicD/E68txuLKViaDXV3SIkFEDDemNpDNEYZ1gf9htyUtB6+4 +-/wBhg/7m9NbvW3I8U8lsXB7N2EZS43nJN4eNdm+DNwUAQSNZwi1HeL34B7PITluD +-NQkQoak= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAAmDOUYpTUruzbb3JUykicD/E68txuLK +-ViaDXV3SIkFEDDemNpDNEYZ1gf9htyUtB6+4/wBhg/7m9NbvW3I8U8lsXB7N2EZS +-43nJN4eNdm+DNwUAQSNZwi1HeL34B7PITluDNQkQoak= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C12:KAS-ECC-CDH_B-409_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAFwk9K2b3LFGBoWiLaVNvd0VB+9t5Gna +-QXDOMBR1eaVJRduxvOnwLkcAM7sV/Bpw+DHnmwF8qTK5CgjKLj9VxQzA4T0nnXvJ +-EZxXPD90FBC7fBytEHbDukKu0c5p1WIosIL7beDu+2g= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C12 +-PeerKey=KAS-ECC-CDH_B-409_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00b9d8b68642b2729340d8b7c5ed3b3a8913c4a3f6b947473017c0e105bc7edc60daa9b0732772220f93eca4878085f756e3adad +- +-PrivateKey=KAS-ECC-CDH_B-409_C13 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAZxJewwmrXcfqVo+I +-FaKzDPrDNmu08BYNU3OKuZXOdWgfzV5JLzqXJbTPdbpDAaeGBJNCoWwDagAEAfHR +-ruX8WUykoiuButcH2CG+8yU5ZvXXeVYVdIOWFpb0xgR2pCtFK4nB7LNhVHXsnJbc +-hwB1XF71WIm0Fc76DogaPvyb6G82xnYVQjtFLqtM1WEa70GY3bMa7LQ07u7BLt0F +-kTrxn8Q= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAfHRruX8WUykoiuButcH2CG+8yU5ZvXX +-eVYVdIOWFpb0xgR2pCtFK4nB7LNhVHXsnJbchwB1XF71WIm0Fc76DogaPvyb6G82 +-xnYVQjtFLqtM1WEa70GY3bMa7LQ07u7BLt0FkTrxn8Q= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C13:KAS-ECC-CDH_B-409_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAKq/aquz6Q+VbXAE/8iTxw+OkM3DH8DH +-qI8WMgVB1YRDrzlAXYiNlnZVfN05SyfcVEn5RQEn8m26BsM/j7RdlVz9tc7dqT3Y +-pF20LuC5JkoFTBaoe+2tRcDZoPNbvGqnoSlWIug+vos= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C13 +-PeerKey=KAS-ECC-CDH_B-409_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=017d60394c7ee64ba73db91484713370daa821255807349c237e5849411bf0bab3a1b353be3cd07eeddc5c2ffc74336225dae6f7 +- +-PrivateKey=KAS-ECC-CDH_B-409_C14 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAayzCOH9pr9Q5eLf2 +-a9F2ZiVwgbpNZu5qmoK3yHxKxfDrprwtmByh2p/yArpyy3/pwGzwoWwDagAEAIak +-TW7k6MUNHhDX0dETqWEHUCEGeeDkyrjGImeEKTitXZM8mA7vnUZEeRu/01u6xknS +-EwEdpjISYxYF/qDpP1gmsZKbK9HblQYV/LBetHvZy2nq4DscM9ep5HszWkBJgjj+ +-24mZsE0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAIakTW7k6MUNHhDX0dETqWEHUCEGeeDk +-yrjGImeEKTitXZM8mA7vnUZEeRu/01u6xknSEwEdpjISYxYF/qDpP1gmsZKbK9Hb +-lQYV/LBetHvZy2nq4DscM9ep5HszWkBJgjj+24mZsE0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C14:KAS-ECC-CDH_B-409_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAB9P+/IvZ8FZGwp3DlY8Crpm/gFWHF4i +-flIrXd4jx0jKz49KAikN4mtHdn04ilyDbT7/SwAtJz8uhRblCDiPjtIBXsn+Z8Zv +-gyzysmHfrVhWEoBC+0phqRo3s0HeQpbUv2O/Z6NFinQ= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C14 +-PeerKey=KAS-ECC-CDH_B-409_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=00b19e052edd44421ee2f5ba845911fed9183d885da85d51dc819ca565ce574f7db257509876377b40c5a08349019563b60e13e9 +- +-PrivateKey=KAS-ECC-CDH_B-409_C15 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAPgmPPxleidpx1jZw +-APgEB5rcoydbLnk+jTEsjkAs8NDOUzF0L4dRX03ZzGaCRhlLlXK2oWwDagAEAQr0 +-rjNLpAvWU44PCVqlb2GivStfOOlUt2F9kroQYDzcyoNlVNAkLds31eFXawvmnw7s +-5wGzNVIa7DBfMU1/I+0ozAxNI/M6Z4X8bG3pPl+rzicTAvlVf20q53xScg7aWi4V +-Q2RD39I= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAQr0rjNLpAvWU44PCVqlb2GivStfOOlU +-t2F9kroQYDzcyoNlVNAkLds31eFXawvmnw7s5wGzNVIa7DBfMU1/I+0ozAxNI/M6 +-Z4X8bG3pPl+rzicTAvlVf20q53xScg7aWi4VQ2RD39I= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C15:KAS-ECC-CDH_B-409_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAbCDPrNEBFDj+lFIwlwt8uACBibyQHQi +-IX5Oy4vYp1GnK6suxWQq6Q/SnYxNeenMGRtbpQAjB4kFtqMwCf/qGhl325Q1ea++ +-uHGXAFlpaynvkN2EYXdrNDoJyFOlOOTyL9+FT8vztzQ= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C15 +-PeerKey=KAS-ECC-CDH_B-409_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01697512676ae56ff5ab778c411042d217ad24a24ea05bbc253e4395fecc8a07fe77ae0ca4ed977459f1a14d9b83931bccf46107 +- +-PrivateKey=KAS-ECC-CDH_B-409_C16 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAfYSTE8ZJna5HKwvd +-t23sRYBvguCYcjMB3zO2u7l/eUvyaHn8M8KXP4bBVRVJZBqBm1cRoWwDagAEAEgS +-rxk3YwuOp9D/cjy7BbeidA/Eyb55LbIE+SlnTDLkfYXkdwuQPTKQptYsJ0yyV7do +-NwCMb2FxF4a/XFTrDBsxJtZBskpmYrZ7JXMCqaYaqM1QOEa8uxsU+lyXRUNotsJ9 +-0t4q6As= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAEgSrxk3YwuOp9D/cjy7BbeidA/Eyb55 +-LbIE+SlnTDLkfYXkdwuQPTKQptYsJ0yyV7doNwCMb2FxF4a/XFTrDBsxJtZBskpm +-YrZ7JXMCqaYaqM1QOEa8uxsU+lyXRUNotsJ90t4q6As= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C16:KAS-ECC-CDH_B-409_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXS9Iz+GHHuFPMqPWjg1dISe8s127yK8 +-DhWfcTodBzh8QgOxH0wzm2aWdPzx2sGZcDvrBwHix3jMpklj2HMp5XyLyW0PZzcE +-H9CH2vwH3WcOLOclVH4aJhxD+8VOFMNHPr27Mf2oRzo= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C16 +-PeerKey=KAS-ECC-CDH_B-409_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=015960ea8b92bd77d52874e3ea82ed1763440189d68728d3974d4c01d6aafdbb5274648f6f3eaa4faf3fc72d09892ab038cb2fb7 +- +-PrivateKey=KAS-ECC-CDH_B-409_C17 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAv6WUhWxnwoNrf7Fx +-tnx6Qa5D7zRQiYAkqTE2VPzzHh4fusetUrK8Q1iXWlxhq59OPk6eoWwDagAEAOG1 +-MJpEgAqRatik0ZuCpYsA7gSCSAUKbtbDPOG8lwFUfpPXyQQvhJBlS3OizX1z9zPA +-vwGAsgM4dGNR+sz7mjcRpOE4RXVQu/WDFgNMbyFqU3SSY9/+I1m93NyJ7GRGqaSp +-9O+QyG0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOG1MJpEgAqRatik0ZuCpYsA7gSCSAUK +-btbDPOG8lwFUfpPXyQQvhJBlS3OizX1z9zPAvwGAsgM4dGNR+sz7mjcRpOE4RXVQ +-u/WDFgNMbyFqU3SSY9/+I1m93NyJ7GRGqaSp9O+QyG0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C17:KAS-ECC-CDH_B-409_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMHctzfSUwNbuR0qSoXzfQAUK+gfySeM +-sjpNHXnSfI08RECyyEK8HiH2kk4U3IMbCr+4RQAMc9VoewSQzMB/ZUEBrN2zbNDC +-7szhZd8nb4O+IR0B0w/1wkPwkAVy7m3wf1Od9qRomws= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C17 +-PeerKey=KAS-ECC-CDH_B-409_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01127491ff33a67ffc4757416cd02a081cafb723aff52af35b069b89963e8e3ef5bc19c5a093ccf511e3c3c19be789280e986809 +- +-PrivateKey=KAS-ECC-CDH_B-409_C18 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQASgIOBsQA7ySYwRHN +-4VCHzaSKb7LswB2YW1fw05IZIOksQ/OraIEp3AGtKfwx1o6WIjGboWwDagAEAWci +-f2KElZTtY/JH94Cy0R3ZosLHG9a3EpTPi1nOaQv+ANqbwduNHarJv/jADnvfBx/g +-0wE2w+p30JPZc5++aJExixSVl3hZm9Hn1al7/IL/6F/VqaAbgvcuEfrZbS9ctXmP +-We/qFe0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWcif2KElZTtY/JH94Cy0R3ZosLHG9a3 +-EpTPi1nOaQv+ANqbwduNHarJv/jADnvfBx/g0wE2w+p30JPZc5++aJExixSVl3hZ +-m9Hn1al7/IL/6F/VqaAbgvcuEfrZbS9ctXmPWe/qFe0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C18:KAS-ECC-CDH_B-409_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAT2WomfRoqnqg66xsB2KziLiUcgvX1/D +-71mXowEadKEBFd9g6Y0TnN02DnTXb6Ui7rVvSwFrZVq3zQ059Yj77+xU5PRQR2ZM +-izvo5XqxE3cPX+DGIwD0oJ+iiZ5zu8mCMmX1XVz0rhg= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C18 +-PeerKey=KAS-ECC-CDH_B-409_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=01254508553eab09fbc2fafe13fa9b324d9217d7d0ba4cedbe5dc869ad68de4f87774dd17d6428ed242c71956f252969e6bd5837 +- +-PrivateKey=KAS-ECC-CDH_B-409_C19 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAwZs5FmX1A1NUf8cs +-ntAZ9TEWkO5B58iVqn75LGD7nzRU36xXUkWmhp8f3sdF1j6lbIkioWwDagAEAFOn +-piqLQES2Cvdu+ltEQpv2X2WYfWoGIWPdVfCNyakbi7m2Jw+KAmEj+Z65NyzL3SfK +-OwCt1G9+pwkvSN2qL+uWyyS/ktJij7bk983fUj5fhAEc+Kq6vWAJoT8ppjtrfuZk +-xm84KfM= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAFOnpiqLQES2Cvdu+ltEQpv2X2WYfWoG +-IWPdVfCNyakbi7m2Jw+KAmEj+Z65NyzL3SfKOwCt1G9+pwkvSN2qL+uWyyS/ktJi +-j7bk983fUj5fhAEc+Kq6vWAJoT8ppjtrfuZkxm84KfM= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C19:KAS-ECC-CDH_B-409_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXh7MLOyBOKYaQudcR/+7xZ63FeSBotc +-jUIuyQ+Uwr3ShM2/i+5kL3C9e+LakGue27ws0QBDB4+RIRApChPZAWDw5xWC+jnA +-512BkOuBHUUCIARMxtaA2VapiGDm/IW7htZZkKFgxbg= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C19 +-PeerKey=KAS-ECC-CDH_B-409_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=004b9accc21d7122835fc21410ed1d83767c47a54ffee5f0c180fc55f3d0e8484af3ad38020294be92f02f0ba7e2b4f4eb1db07f +- +-PrivateKey=KAS-ECC-CDH_B-409_C20 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAbJCYtT0Q8qwChKmZ +-AmWPZn6kyrKGmK8/oHAGobtGNjsQPEqkySwcP+dTkJf6cLik+kbFoWwDagAEANPt +-9lL0P5yakqLk00uoP11+lQwoNGoqaFG/dVRwUBQKTpwcG1AOHSrTZMMGuaRK9QOm +-IQCZsmxkNn8ZA9qV31FWLSUELAGhrdp1u6WL2w2KqzULUuz76YSIwmGd4BzXD14A +-iVO8pUc= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEANPt9lL0P5yakqLk00uoP11+lQwoNGoq +-aFG/dVRwUBQKTpwcG1AOHSrTZMMGuaRK9QOmIQCZsmxkNn8ZA9qV31FWLSUELAGh +-rdp1u6WL2w2KqzULUuz76YSIwmGd4BzXD14AiVO8pUc= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C20:KAS-ECC-CDH_B-409_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAenaCtGhWsPEMfIglU7S5QKve3RsP9V7 +-Ls63dIZYAgoJVmSHg1TfCqGB5X5erSyYWtMCPQCcznOlRwg0i0j48/Z0u3ZU9EHy +-g9TopOyPhZLvUjlfJMES1ZQtOuCP/o2Znv3jmYiKfPM= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C20 +-PeerKey=KAS-ECC-CDH_B-409_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0093e2581c159d74d11f8667ee03399208b5c1a4ee5b20070ce8d97d251ef1236dc81dd688b2f07a730e6b8aeca0c193a28b178f +- +-PrivateKey=KAS-ECC-CDH_B-409_C21 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAp/o4qKuAMNa0l6I7 +-3l5QB+OdFNqfgtxWSuPNtK9fz0G8/vetrbWRcebX09PDrGf3vnBzoWwDagAEABO7 +-O6kdXSSIr1ctmVzvj/+x/YXRE0IejSwMOql824qTP8DT8F9GRs6EHr3PGphgS/+j +-3wHy4E6hagEtSGTPLKdWSEbec6M/JFeNxNIhNZxPL4bKgjywWWv+R2Dp6ty0rVCK +-saFx7L0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEABO7O6kdXSSIr1ctmVzvj/+x/YXRE0Ie +-jSwMOql824qTP8DT8F9GRs6EHr3PGphgS/+j3wHy4E6hagEtSGTPLKdWSEbec6M/ +-JFeNxNIhNZxPL4bKgjywWWv+R2Dp6ty0rVCKsaFx7L0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C21:KAS-ECC-CDH_B-409_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMSSlPtxKUIiGiUAMkr3vYx+wc0bgJTe +-0brAAQqGlgg/fvrsqlED1nYkmeG+SFfTIAMCgQBWT6ERCzk5Jd+7JLqaazNz9GJO +-y8PhL5cG86sFQpktjbbI2Lsl+gYU1Ib20ayfPZi57f4= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C21 +-PeerKey=KAS-ECC-CDH_B-409_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=008e2f1c4bad19c46a5134afccf7f4ec14ab591c8b8ea48d9c3d1e7354ab43ba20aa39a65fd92cdc176cf3dedecbf9da49a8d855 +- +-PrivateKey=KAS-ECC-CDH_B-409_C22 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAzp+Ce9JMAUw+5Z7e +-90cXjWwDDBlmmtjnGLoTAr70ta0sEjNEj1J1spqJbAsuew2pIGi+oWwDagAEAXbj +-EBLZxgSy0aGSKijYpXTwYMw2OIsoFtL4EX2iDAaZqwoI92+6pHbwqcQkv0yVK0dU +-/QEf7cPo+Ogo4P+/Av2F0pwCAf0PU78mFMEK5RzLWMvEkAw4zEyaUthtifm4wt5O +-In9OIo4= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXbjEBLZxgSy0aGSKijYpXTwYMw2OIso +-FtL4EX2iDAaZqwoI92+6pHbwqcQkv0yVK0dU/QEf7cPo+Ogo4P+/Av2F0pwCAf0P +-U78mFMEK5RzLWMvEkAw4zEyaUthtifm4wt5OIn9OIo4= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C22:KAS-ECC-CDH_B-409_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATSt0sSZFy33ktlKmziV4kW4QHPDJSY6 +-hYwen3zzCkTyaNP4NYQR3AqcqrUFwKvAFhML9QAxwjaxQ8oDbIg2Qff5uVf095ij +-FmfEFWA0Ann84JYqIb2LtS+iPbcahPNaV5TvXgdZct0= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C22 +-PeerKey=KAS-ECC-CDH_B-409_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0190a1693eebe287ec980236d8762804d23fdb6f222763a0efc364f9280fdd53394c2badcc51ff09557f3b97cae7f70d790bf9df +- +-PrivateKey=KAS-ECC-CDH_B-409_C23 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA4287mhNBmVsT/nC8 +-VF0nnm2xSCySsTzozA2hwQDqL6qAOmSljMfrHP0WdXCDXFIvZZNHoWwDagAEANHK +-gjk7jVC9GJipCb85Mz7KO96YsLDc7Wb4KGMOaebrEot87CPwcmAEcHMmCnZTMd1v +-VwBsU1/5Q6D+dQ/Gw5kEppEroevA9GwbCCPkATx3R16imz8ySBlm8bFlvtumwXoU +-lPttTz0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEANHKgjk7jVC9GJipCb85Mz7KO96YsLDc +-7Wb4KGMOaebrEot87CPwcmAEcHMmCnZTMd1vVwBsU1/5Q6D+dQ/Gw5kEppEroevA +-9GwbCCPkATx3R16imz8ySBlm8bFlvtumwXoUlPttTz0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C23:KAS-ECC-CDH_B-409_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAPDsly3J/f0IzY38unKYtN8tvYDCCyiJ +-5mOsWMw0jL+Pn/0x/7UGGNbDjXKpnVxdLqzAAQC7C0iJPNuRXmXNXXl4BIAgF6KV +-NDZUJGo3/jpg196YfmqaEKrwY9lrEBhGEszSZAfX4D4= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C23 +-PeerKey=KAS-ECC-CDH_B-409_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=001469dabcf2210aa7de0040b201221eb4d1a4725431fb5a93212a66ddea4187e078f5e3d82606f6cdfc0ffe6b69574d1d0ba643 +- +-PrivateKey=KAS-ECC-CDH_B-409_C24 +------BEGIN PRIVATE KEY----- +-MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQACKBnFu1vTPco+QGZ +-KPNnx3qQUkkLmouoelnNyoTnfGopmFP1SW/r5lL0ujM1AcT88rovoWwDagAEAKBF +-tea7t5UElfbV1kWit9cgBnJdAiPH/3VTQCLJJgqw0tjTM3iaPcz8OolQLKUAvQwf +-YQHsVW4bFiHsGJNlThmNWSPjEUeKi9L//ygMkJL/wHNyiamXSStunr+TGUdjTvf0 +-O0Kc82o= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-409_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAKBFtea7t5UElfbV1kWit9cgBnJdAiPH +-/3VTQCLJJgqw0tjTM3iaPcz8OolQLKUAvQwfYQHsVW4bFiHsGJNlThmNWSPjEUeK +-i9L//ygMkJL/wHNyiamXSStunr+TGUdjTvf0O0Kc82o= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-409_C24:KAS-ECC-CDH_B-409_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-409_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATeERODe7P867Fq2506BI7qY2LkaUHz8 +-oNhQl6rZRMFbT9icjL4sdFHY7GQQRUIbS/aXiwFkR8ITyQNd57zCm91h1u5u1Vec +-Nr7Fa8a0T5KGv56Z+sl/NWcIzQMQ2/Yzj5r417E1kQI= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-409_C24 +-PeerKey=KAS-ECC-CDH_B-409_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=005c701a93d7790322aa7c67440fdd9ee8057a0dae86d1e856ae89e7893da178bd67777f86db2be5c8e31dc50ed8a440aabc342d +- +-PrivateKey=KAS-ECC-CDH_B-571_C0 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0TyK+h5mblbIof2 +-dDDqj+ZGxi/ji3zmHx+VZZfCe93ZkC4g1ENqvzvr2CQ+wpoASBqKLBn1UOmWQbXx +-Sq+7W9qVOnVZ+GU6oYGVA4GSAAQGr3H87BopBBFv4Uh4Zjdkwex0hw5dLVORnwtj +-WRLbgN1UYNnmmUWP+ElMW/x0+6jTsS9l8BXo3vEN4z8YABkfTLUC0hk4uVEBlYQX +-exicZkH/tni214M9jUuyXe5QGN2k5MDSGQSMAc0Nqer/40bVPPGgezOz291Lw6yr +-5IMvmYHv8mYJkarIUhR5he6jpR4= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGr3H87BopBBFv4Uh4Zjdkwex0hw5d +-LVORnwtjWRLbgN1UYNnmmUWP+ElMW/x0+6jTsS9l8BXo3vEN4z8YABkfTLUC0hk4 +-uVEBlYQXexicZkH/tni214M9jUuyXe5QGN2k5MDSGQSMAc0Nqer/40bVPPGgezOz +-291Lw6yr5IMvmYHv8mYJkarIUhR5he6jpR4= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C0:KAS-ECC-CDH_B-571_C0-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C0-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDtj9foRKua18RPHZRRP5MvWAg4m1A +-DBFgmjpjS5oyX0FrDj0yFXNMaKHCyPrR0Lues5OaQa8iQh9oeB5+sGZLnfXOpEje +-qjsAjmzHe83cgW6Ez8H2JoJPok09X9M9gJPL/h/E2IG2O0lBI7x1lnDtyxiHuzud +-WotRa8UDgoFjcJ1NrLWU0nehWpLAZOV3DRs= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C0 +-PeerKey=KAS-ECC-CDH_B-571_C0-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=06775e1b99a236e02b020bc73666e5751c1210dcb6e9b02a69f4075376e49f7a1476d2209e861abb73f5e3ad189d268e035b1de93d47b3a64de5783c9a09bc223e1cc612f26dcdf1 +- +-PrivateKey=KAS-ECC-CDH_B-571_C1 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAvTSt+Y2YObCCUng +-bcZwvoqvglMOC26v4hAR/p0PRAfIVJUVc0UozaKZ6fz3OKl/v0PEu6JnRLMnUxtA +-FD4Vi8hkWQnqiIRWoYGVA4GSAAQG6nEYJ62O1Ym3Ce819qnNRiV5i9iH5f5ZxR8P +-QcMot+zfhHNsQ/tw45hu5eX5huAJ9kEVinXM5rOfU6i/BoKDAZTkAHFI3u8Exrny +-pgmfwDZ/qWCTlMMiGtjG+xEdK9xDBQU4BHiNMur3ZDFAbnaKRIy1yONMgSJe7JAV +-q72SclwAJxLtMZLYB7Nq/qhT9yI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C1-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG6nEYJ62O1Ym3Ce819qnNRiV5i9iH +-5f5ZxR8PQcMot+zfhHNsQ/tw45hu5eX5huAJ9kEVinXM5rOfU6i/BoKDAZTkAHFI +-3u8ExrnypgmfwDZ/qWCTlMMiGtjG+xEdK9xDBQU4BHiNMur3ZDFAbnaKRIy1yONM +-gSJe7JAVq72SclwAJxLtMZLYB7Nq/qhT9yI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C1:KAS-ECC-CDH_B-571_C1-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C1-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFdcuwWfQjMJ+ZO2wGrHHXvMXR5qGa +-/nKBHLYSpiOMnMwzHmfaDBC4jMKl8e8v9ta3RAZdJC9ZjaLWM11MO+z1w5U5QMYO +-/McGtDNlLjo2oHAYqorT0v8x7Xhc5WAXFu/3cQ/BPG/5/3XH83AdRZ/Y/nDAtK/O +-2ghoFxfbmCHYyFj9OeJ0/zd3L46EhW5wZ0U= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C1 +-PeerKey=KAS-ECC-CDH_B-571_C1-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=03a80ea8cfecb858f9b77bdb46b6cda26320ee8c561a2fd6b7e0a2b62201fbfe60f577780c75a98a11a69de4c4ee911930d2200b6972bc3123d7f278615ecc65984a59fe352a1cec +- +-PrivateKey=KAS-ECC-CDH_B-571_C2 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAStjE7VoU8+NAnME +-nPftKrjmMuWSVu0EM2aFdkjz8qlnTK62+w/NX7qwu6u84XoPxKeBSEmcOJr1dIY3 +-RkFpWw6FLzFS7sckoYGVA4GSAAQECnh2PRcEWd00tcBOx4LmmMvpA6WjSFUcUkjZ +-2s8ZvLmkmOoF6A4tbMHz6lujpDhVuAHIwDVv4+Ke4iS7kfTtDIVng3m3JUIB/0nO +-CmLp7a5qpjqYSORPGFQS0P60a4f5FCS9r/7VFoMh7XbyNfddM2Z/bX1qnIV7tPhU +-QvxA+aIMBK4GNipG7O6hXEXWm+s= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C2-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQECnh2PRcEWd00tcBOx4LmmMvpA6Wj +-SFUcUkjZ2s8ZvLmkmOoF6A4tbMHz6lujpDhVuAHIwDVv4+Ke4iS7kfTtDIVng3m3 +-JUIB/0nOCmLp7a5qpjqYSORPGFQS0P60a4f5FCS9r/7VFoMh7XbyNfddM2Z/bX1q +-nIV7tPhUQvxA+aIMBK4GNipG7O6hXEXWm+s= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C2:KAS-ECC-CDH_B-571_C2-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C2-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGSqZoMP9EMkpnroqQeJaJe1B1Zs9S +-3+E+Otux55NmXStxg1h1Tv6AnkSWIYUC/rVgTb+8BKEQfKnsTq3H0QqdbRR0zt9X +-gUUG9j9p+MGLZ/EQUbPTAjahokkIiyvKtc/4MM256z51wehyUuXY5huxpmNI+2ge +-li1lq8VNXeot1yxVRZB0AHT3xmxLjf0wdWE= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C2 +-PeerKey=KAS-ECC-CDH_B-571_C2-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=03edea7e47ded7c2ab1115f4ebcbb42677c7fba6e0cfd811602896251ada1d5a0b461aaf4e000f4d4231b96d8dee7630d9f1b7860e6418dac8c3b07b66af6fd1acdb44b2683b29b4 +- +-PrivateKey=KAS-ECC-CDH_B-571_C3 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAhmXtUgcDPbPQ2v+ +-Ngw7EZueTdVvPChHr/sgIcusS1fcGPUHXWeK8rpunu+8QTjYGAU/LfMqEOiuXWQJ +-9bLx88q/NvgI/cB8oYGVA4GSAAQFYM+RMowmu6E/ccm13d0FwYWWnYi9Dp00o2B6 +-kjsjpbZ1RSFnADri8K3VFB6kvkHrrpHTpqoVw5Pb9YWtbJIUsmnoa08FS/UC4y7C +-QEGKmk+QF+Yy+Kd4l6IjPW8fRbj3qoGPhH3bPOq1paEsdU/OjVewMgoHa1NEHc+f +-Ze8yBOCJGR7xVv92IpSJenL8qTI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C3-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFYM+RMowmu6E/ccm13d0FwYWWnYi9 +-Dp00o2B6kjsjpbZ1RSFnADri8K3VFB6kvkHrrpHTpqoVw5Pb9YWtbJIUsmnoa08F +-S/UC4y7CQEGKmk+QF+Yy+Kd4l6IjPW8fRbj3qoGPhH3bPOq1paEsdU/OjVewMgoH +-a1NEHc+fZe8yBOCJGR7xVv92IpSJenL8qTI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C3:KAS-ECC-CDH_B-571_C3-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C3-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFBnGvZcvvkvMF5frLQojMBKTGl4o7 +-eK/kBJxqmV/ow8C7YJq+SdFSse7WxxTSVP5u/xWanr0krRaRnvdvRHAFfrfCZaS9 +-lugFHQjiHSZNjk28c0CIQqtXzXjTI+fetiWzdBmUuK/+Aa9EYWIttBmv7q0EWEX2 +-w9ttmC9FtpK+oRzyXRiso8g77IQMdYKnBi0= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C3 +-PeerKey=KAS-ECC-CDH_B-571_C3-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=005b640015330f8416f2bbbf8b5660e01a7abba8b0197a29e52bb535d62f89ad0443e08b6e0d1d15f4eb03c0fe35e3e43bd7739cb692092698a2cd13126cee4432831ec7423b3434 +- +-PrivateKey=KAS-ECC-CDH_B-571_C4 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIArU5rMdwdYeZ9Dln +-Dq6Fubo0qLTzccyTWiDOjFZlIe7NjE9a/xFq4Nsq1urhozhENMWZN5ghrQXYGtoF +-SCmd/ZjP1tPxVzUkoYGVA4GSAAQG2uU4yCBEOXdBXO9OeZdLp2K2m0NIECAMxv/z +-JqI0TNIb4ZwVNkLfgqPlelUxqL8Zdn4ZldJyj8tmHVjsVh7yOjTYYHlxSQ0FBCQ8 +-eSuQMYTqclqUfKiSGMqcj6Hgmn3WjeiOrpD5vSqN9BTdaaiysaLe0sbX9RTIkHmX +-Yk6wvJ6pM6LUdO+Pg7rqMkODTeI= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C4-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG2uU4yCBEOXdBXO9OeZdLp2K2m0NI +-ECAMxv/zJqI0TNIb4ZwVNkLfgqPlelUxqL8Zdn4ZldJyj8tmHVjsVh7yOjTYYHlx +-SQ0FBCQ8eSuQMYTqclqUfKiSGMqcj6Hgmn3WjeiOrpD5vSqN9BTdaaiysaLe0sbX +-9RTIkHmXYk6wvJ6pM6LUdO+Pg7rqMkODTeI= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C4:KAS-ECC-CDH_B-571_C4-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C4-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDmsnpGvWUB03NM42k9SQFdPAeQTpJ +-uSJGuj1t6FXj3t9uf97amrf3+Edudwzpu8OppeuYRUPcw39fEb5uKKHRCQkx9cW1 +-o1EHgNMtuxNImb2i6YhIlBh4OHq6ZmX9JCUhYM4xI/aPm1vY8lSji4TsU2Ul/gB6 +-hjtvzEifk3oFpf2UbWKCUyign4Ony6J/6l4= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C4 +-PeerKey=KAS-ECC-CDH_B-571_C4-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=027af05ecd0332784d64b0b1bdb45c310fd445c5a6d6b34f35f4eaa3fa3e171ab98763d243a1dedf46aa29864620a47d05eeaefd748186bcbcf187c01e7ce36e2a53ded071036b59 +- +-PrivateKey=KAS-ECC-CDH_B-571_C5 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAxipbjgngtRHbxvr +-9pehB28i4dLshHR/n8QlBdVUfaqgjYFHIXWWWZWGhc9OpLuhL/+2avCfZpRSHxHA +-m2YmyK5S+/szalKhoYGVA4GSAAQGdw8vzS6bf4vFwpLSg6uthRVQcf4373zoTzTH +-YW2j2+G9zpqwTOp7xLwljF0qt3I509CEVost/3eZiCiNn8a7Nk9RnQ6FWtME9qH0 +-5f4A/pol2EWbiIA5iO8r8v71oj8T56fn80Wav8PVwAMDq8xQgPq4GwnVvgMg75kF +-GaBq8TwpVi7pVXFagswNrvLF4Os= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C5-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGdw8vzS6bf4vFwpLSg6uthRVQcf43 +-73zoTzTHYW2j2+G9zpqwTOp7xLwljF0qt3I509CEVost/3eZiCiNn8a7Nk9RnQ6F +-WtME9qH05f4A/pol2EWbiIA5iO8r8v71oj8T56fn80Wav8PVwAMDq8xQgPq4GwnV +-vgMg75kFGaBq8TwpVi7pVXFagswNrvLF4Os= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C5:KAS-ECC-CDH_B-571_C5-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C5-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG9liEkQYKHogUjkve44vGdHE/44TX +-z9v1vZDJ27bhWH5Fnc5uDWm4ss/rUFW+5WpzwTQ2BgGYrUdQ2uglPqg5ouJG1UFF +-l3UFthuPfY1sgWKiJp5yh9RZA0uPqsA2D8+Z+yHaNKMU5nNTGbnQNia5JoNpNF86 +-YkrK2yGbIHGI0OlFy8Z8mCBo0yYT/CH4sPQ= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C5 +-PeerKey=KAS-ECC-CDH_B-571_C5-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0763c0d659a7c080912005a2afd60ce57e610619b388ef3d5dd3c9386ab12069c6ef3a8e72eb741cba2da5c6f9267f6c09fada6459690ed4e432445d6f0f72dbcb059c87df36f665 +- +-PrivateKey=KAS-ECC-CDH_B-571_C6 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAotDGetwVM/2OCgg +-xS+cMy6uZw0fB8/I8UcukmD15Ho4V2gBbNIAZwDKe9xdHVZ9kkYK98KkJd0NeK7u +-PRX7KNcRZ+ZIa4HEoYGVA4GSAAQFsbEUzvE6pd8wbOdBl9aA+bjJ2PZ1OgnbiEZq +-a7BOrx64c4NgItdQT0X66FqOSlQX7dfOOg5eueeSZIhO14NXez/FLYJfC1cBjjIm +-42tLM2eZxGhLulBemE3IgZFm8XzrhA42ElsoOoyGNd3353BAbZhW2Cs3z/H7zF0/ +-XPS1XspB7hMfIep7yxnOBfZWQkU= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C6-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFsbEUzvE6pd8wbOdBl9aA+bjJ2PZ1 +-OgnbiEZqa7BOrx64c4NgItdQT0X66FqOSlQX7dfOOg5eueeSZIhO14NXez/FLYJf +-C1cBjjIm42tLM2eZxGhLulBemE3IgZFm8XzrhA42ElsoOoyGNd3353BAbZhW2Cs3 +-z/H7zF0/XPS1XspB7hMfIep7yxnOBfZWQkU= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C6:KAS-ECC-CDH_B-571_C6-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C6-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFpSzr9oEDyrAmbPLGicSPCAVJ//xw +-25gJwqRvkItyib5ZcynznuHkzKOYZk/6m9zwEpP0NZPRiOEkEdV+VZs/ajDpVUhp +-8EkBThNxZfsNUw6GU9fLKoRhjdOvz6PwhWAXkUKq6XJ5DOdGov1EadQVWHRDeMZA +-rnOkibt/gc3KaxuxZ8eUwm1iOKDSVq/DuiE= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C6 +-PeerKey=KAS-ECC-CDH_B-571_C6-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0428413f2d2aad4d5288885c2edc8b976321ae1dd4fc6b41275fb88b8c5e7776165effce79025163538a0e83c919220a407ead6cefd616b4b05294488c2ef5d30ab8caa55ccbd1b1 +- +-PrivateKey=KAS-ECC-CDH_B-571_C7 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgEV0X5B4TF4tCoA +-TAHV5O8cdiQQScfTG/DqhdbgcKLiuSCA5h3lRvzL1NmRI2uzYO8/IG7hbYhDoN3I +-A0Y2ZKjM3C2HoQJ3oYGVA4GSAAQGyKw0NkrK4148QXFgMz5IZBho/MoEwNV3vgb1 +-irClX9fbd5/nN3edoz0An1e1utSXAurPV1rLryffgzBwzYk6eSR3DJLv86AGG4Ll +-RdQcYv7waLNM2/ATlhFdKhQX+XGUg9JphrbVL49t4Gg3eV9tndfNCVdBEUMYxuim +-IGs97u8BTw5EsNxmhOEA5Kw2FlA= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C7-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGyKw0NkrK4148QXFgMz5IZBho/MoE +-wNV3vgb1irClX9fbd5/nN3edoz0An1e1utSXAurPV1rLryffgzBwzYk6eSR3DJLv +-86AGG4LlRdQcYv7waLNM2/ATlhFdKhQX+XGUg9JphrbVL49t4Gg3eV9tndfNCVdB +-EUMYxuimIGs97u8BTw5EsNxmhOEA5Kw2FlA= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C7:KAS-ECC-CDH_B-571_C7-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C7-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCbi8e5k55WOkCVHp9sKHhSGbz0sAS +-fCu5sJ7iMtPZUY7kSuj1u0M6CIBp+jhs1ciQJxG3YqwNo6ejQgRyxH6FD5iN1gpj +-bX0Gd/9RAFLU9GCEn7jvDU81Gc0jjk4caItzbPbjdZVQ0TSh5so8tHnWi03F0Luh +-ruF4vW/hXsGW+x9ifYcHk5T294VOBTIo3uU= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C7 +-PeerKey=KAS-ECC-CDH_B-571_C7-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=031bd2a84369e93dfa00581446d52762100d985cc7bb91c4fa8be7472e2e8e9781c52b19a54330442441bacae23f4bdc76486eb475d51f26aafbfb272a5ab5db184a4d3c3006e5d1 +- +-PrivateKey=KAS-ECC-CDH_B-571_C8 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAIR7VF70lhVnHwi+ +-c6SRRwYxhEkzQBEepNzhPC+SHwe/rP/IRB9MfJ0EefV/OhP0wzxj7UfDpD+y8G0G +-qXgOXAs6wwQQrcSRoYGVA4GSAAQGmU3cWuLFtvRdwytxDxpJORpH86D4wteEZVL+ +-SH7wHMoEMRVbtUUzsGeinoNnNzr5XWp/C/mNhptwj0j5XxuIoVMP4iVH6X4E9iiN +-TXBPM6iYAx59AEb78eNKcsivGQ9NMxYzQ8iXugwNivioYjahw7ZVuXncRSLTPWam +-ZbO2UBVw8HYyKvCtK7qqBOoumV0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C8-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGmU3cWuLFtvRdwytxDxpJORpH86D4 +-wteEZVL+SH7wHMoEMRVbtUUzsGeinoNnNzr5XWp/C/mNhptwj0j5XxuIoVMP4iVH +-6X4E9iiNTXBPM6iYAx59AEb78eNKcsivGQ9NMxYzQ8iXugwNivioYjahw7ZVuXnc +-RSLTPWamZbO2UBVw8HYyKvCtK7qqBOoumV0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C8:KAS-ECC-CDH_B-571_C8-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C8-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCPuT57CTe4gOs+2WGMTE8etQ5TEfx +-eU0ItZn/wV8OXaspEdl+Aw3ffLS7rfilvOBcNTWPvQz5XT1cf/PNjua1TjedjQEj +-k5sGBr4j58V0bb04QE/WB/t/J47iSdyOJ0DPG7mxwHsc9+ClCkMlZ9GGl5moAxIl +-ENtDeYGiqhJuuarzx74FqA+sFJXhxAyhwQY= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C8 +-PeerKey=KAS-ECC-CDH_B-571_C8-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=04df20154fa49a1d6e04dc2ba6e55a7f2ae575de5e2c6e4091a4d2c36aa93ca9699b890f0ee4df53aa75d0d9babad68605bc027ec67c187a6826aac0f4bc596baae788b376110216 +- +-PrivateKey=KAS-ECC-CDH_B-571_C9 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0wkWDArQ4V/Eq2L +-2ah1I3ZBoh4hyjz5oJVtPP7e2WpeH1M9gntSj7tYbak+77tm0HeLGbGn+28Xu/nn +-m5rO/N17lgXniY8moYGVA4GSAAQDLTp6QJnwif6pGJIR9zZvLtxKv7MWxcBZSNje +-V/ygI7+2oRsQLqQSC6YhksDfYQvY0vY/xXcn9Ka2QKv40pn6xWxMeviDSeoE5jmf +-HO0madOlUG016ivr/M8M7IS8lzg6rcO0g0f2KWJuYJb4kENeWTNnUEj9zvze3j7W +-FuZWDULp4XxUkuMLwt5GicBZLss= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C9-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDLTp6QJnwif6pGJIR9zZvLtxKv7MW +-xcBZSNjeV/ygI7+2oRsQLqQSC6YhksDfYQvY0vY/xXcn9Ka2QKv40pn6xWxMeviD +-SeoE5jmfHO0madOlUG016ivr/M8M7IS8lzg6rcO0g0f2KWJuYJb4kENeWTNnUEj9 +-zvze3j7WFuZWDULp4XxUkuMLwt5GicBZLss= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C9:KAS-ECC-CDH_B-571_C9-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C9-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQA1KCxHBc5vtCU5y16aSODaDbZIVdG +-xyzGgARaNtga314lOU8mmiraHZQ568M7uTHW+llaJSYcJEoeF7BG+xD7VLsxIojP +-Lo0HUgT1DTKrimq7/5gtH+NyuMVBW7W3JrNGqk8IvjL4yigsHvbhUkIzYNl7cooH +-Tms887kScYsWks2YMBl0GiVBgkI0vcjDI/k= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C9 +-PeerKey=KAS-ECC-CDH_B-571_C9-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=037a380f525590582658e2dd272a32de67fc0cf5390b37f4d33c1359f075d4461ea38a55027317892a3d1d22f5ea333ad437667d2f3eb8781c39504036ae33e4b0a26b6894722f0b +- +-PrivateKey=KAS-ECC-CDH_B-571_C10 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAS23haA8Jr46bppY +-LlwyqJVwrUMItxPOVHHqGT3sHzLWi0/N+xYA/bHstnaeJqDgV4Etu/DtSVWSZl5r +-jpqXN4owtcZg+63BoYGVA4GSAAQH7ffuDsd/Wmw8nsTtj9PLgUo0LpzGRwtUeB7W +-wUHiEVyG29e6J5k+t+vteji+SI+W/d+pgvNpGqHCppf3cGv/PRrdc5YGYZQHs4JL +-f3smb6Qv5Tatwqx5udHltAjnIXs6md3rmS8xI/8tFod00wCoGKMmkuJlr8b29XjZ +-vTEhEytZeYQfei0GDolIkB1lfBw= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C10-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH7ffuDsd/Wmw8nsTtj9PLgUo0LpzG +-RwtUeB7WwUHiEVyG29e6J5k+t+vteji+SI+W/d+pgvNpGqHCppf3cGv/PRrdc5YG +-YZQHs4JLf3smb6Qv5Tatwqx5udHltAjnIXs6md3rmS8xI/8tFod00wCoGKMmkuJl +-r8b29XjZvTEhEytZeYQfei0GDolIkB1lfBw= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C10:KAS-ECC-CDH_B-571_C10-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C10-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDu4QDK3//zieszzVLid3fZGzctWY0 +-3w+FIKdzD4q+sF+ZM9ikNS0cd2fMP5uAzv/N0Ms6l7WSg/0KZ03E/SQDM/AgyCtI +-BMUHRJkzasOoBUMHiZAnaCUgJrUm7OVKwo6MyHjxi6+fq0K6TONOSWiqwe5qC7Fc +-mnCYgqU3KvVuoLNoFzhfu/6sS5BgaeU/v7o= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C10 +-PeerKey=KAS-ECC-CDH_B-571_C10-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0420de313bddce87d07321e3f0af404d9d13e5369b79506e807178711153c9b1837cd055562eff3aadfc5954a221eeebb1bec1696d3df1cccfb8b61172a50d83cee95f4140ba070b +- +-PrivateKey=KAS-ECC-CDH_B-571_C11 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgJgana2oT1uKSgL +-wWE+EVAldwskX1Vh1Yg+E14VnMQ3sck1Wy7uKzur7yKf5UWqsrzKFV6JcklfGXS9 +-sewOYMTmx5xI8mpGoYGVA4GSAAQG5026TgcC8YbTNNPEniV44e36xWRkXdqMSliB +-WPjXo+9jJDZTwNUHQnc0+0zIet9KNr1avKH5ILm9bjv6UckW1XEIhFlOlIUFuSFH +-ottIo4MMz6KJUaK36OuEMTuZsKmQMceDTGM/hlovmESVJSiuXe4CQoqCTN+34gko +-/8U0IN846tC0JA0GWdWtsf8uLcs= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C11-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG5026TgcC8YbTNNPEniV44e36xWRk +-XdqMSliBWPjXo+9jJDZTwNUHQnc0+0zIet9KNr1avKH5ILm9bjv6UckW1XEIhFlO +-lIUFuSFHottIo4MMz6KJUaK36OuEMTuZsKmQMceDTGM/hlovmESVJSiuXe4CQoqC +-TN+34gko/8U0IN846tC0JA0GWdWtsf8uLcs= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C11:KAS-ECC-CDH_B-571_C11-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C11-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGVWpMyYRmeUqT0DOIU2d296SzNEw9 +-xOuWCkpkWPx4ac1ORbLxQMRop9TruoTJSCM3oqitqsiKmmKdoD3SR1JmQrCrcft6 +-jHAFS5fZUrGfdChW2s9OUN8MMQO68lP03mWj2crOY/6CkG0sjoozEvtTXgD5tcpp +-+H28f6P32H/gJFNmBKr+RkBZPMz+9vrAKKY= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C11 +-PeerKey=KAS-ECC-CDH_B-571_C11-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=0606228f5a05077aeefbefac23c0d5bac7a6062bfc2b02ce8bba6698ea96b456b1f0d32c6e05dbb9be61a83090428eedea18c74f41238edede9e3a12e28722d2f314613c2e84d6db +- +-PrivateKey=KAS-ECC-CDH_B-571_C12 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAEhng0isM7kvLFln +-cQPqQJlGtVk9EF/EmDNRxO3pKcS5O/xpWHZVXjrOQXuCrAW4Mmdqwj4pVaCe5kog +-pfmOYkmfQ7p/f8jhoYGVA4GSAAQDHdSAjSs0G4iB9eUKLczjjfg5AJ+SGFl439mm +-DNruAFzbqCZVZHc21AevuQxnzdsTuisBYY9F6KJ0MX4C93D4Dvh7u8GxEFYFCgZx +-ycDOV6SU5pEfE3bPH8M5OIW6jCb23cu1Nhh2hgo1r8H0Vg8pcMMNs/HIF9vIrysC +-Xa7TqdoS0vrp1xTOrYBEXmoKCBM= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C12-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDHdSAjSs0G4iB9eUKLczjjfg5AJ+S +-GFl439mmDNruAFzbqCZVZHc21AevuQxnzdsTuisBYY9F6KJ0MX4C93D4Dvh7u8Gx +-EFYFCgZxycDOV6SU5pEfE3bPH8M5OIW6jCb23cu1Nhh2hgo1r8H0Vg8pcMMNs/HI +-F9vIrysCXa7TqdoS0vrp1xTOrYBEXmoKCBM= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C12:KAS-ECC-CDH_B-571_C12-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C12-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBAFGCsCmkhSju9f/QIhrYcIWrrGpy +-cFIDo8Fomru8DhKSel6Ds1Khutl3BhAfRKECLMwNVSLcXRyhQz3gOiuh34ZIdfUi +-vmEBiwKpjws+TM9EqWk5ogg6sfKgTa/Vvc7jz/Q4uwi/8SBDqhksX8804TtcKXQs +-XYZLnKxGvqbpbfKxvkSTrPlQIk1xc3+ZBlg= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C12 +-PeerKey=KAS-ECC-CDH_B-571_C12-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=052669336019db5eddef5eab2336abeb60bbc7295e4bb663ab43e373fb6d888d7433ec89a487a91d4a59c289a9509ddd1bab33cd02a7bf37aaad78dbedf0b4ae5f2f35d15cb4e628 +- +-PrivateKey=KAS-ECC-CDH_B-571_C13 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIABe6ty14j4t4ub/E +-kShjxaSJIv5p6KTPXm6Rdj79VHehzUOd7dCv6lBOOzr2gj6jCJwDdO2a7iSohRbI +-zzr6vplbm5Z187WroYGVA4GSAAQBYcFLvITkLsdneow3cAZezR8PROrIJCpxWmGX +-Hn5P//eP9Xob8blcv8LtlX0RlfnqUICXFcJDnHVD5XNSATVCbUdTW4v8hTMBJTYz +-0CJRRk7cxT7Z6KntkykyDvXurzXWTFm5c1yW4H8aYuwXvO5PBM2ahaPrUEqvN7s4 +-jGx9CNkKoLaFVrXAaOy/ClmERg0= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C13-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBYcFLvITkLsdneow3cAZezR8PROrI +-JCpxWmGXHn5P//eP9Xob8blcv8LtlX0RlfnqUICXFcJDnHVD5XNSATVCbUdTW4v8 +-hTMBJTYz0CJRRk7cxT7Z6KntkykyDvXurzXWTFm5c1yW4H8aYuwXvO5PBM2ahaPr +-UEqvN7s4jGx9CNkKoLaFVrXAaOy/ClmERg0= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C13:KAS-ECC-CDH_B-571_C13-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C13-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH+rTlkyjHAPdGSb2Qp9Uf8olY/nIN +-qqsyjPybACqnBs6zmTTbnM+B3uyVaJzox3a0/GVCqCNYzFHrvG2OUyLLP6bkaV4X +-D8EFrNRc/6Kd2zTuQudBACZ5jjeo0anOn5KU2lGYFktpAQxoxTKBzL/EB9FBCX2h +-N+eEnyKP3BoHqimL4myncfR6xP6ycj1aZmY= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C13 +-PeerKey=KAS-ECC-CDH_B-571_C13-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=062de5aa98b440c6cb7a1428f6b5e47452b30454eec4d651982b531121febbd5a3833b180017f7ddb5ce38d7bb1c842de1a8a8fc7fc981e24733b7662813fd010a4e757ca4ea5c28 +- +-PrivateKey=KAS-ECC-CDH_B-571_C14 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAqstQwJ7CPir+jWY +-7wFEOZpgtgN7F6OuQT1CLvohZ+nqTxnX7KmNhcZ8H+hfvLwfErr6MKhdvfVCRmiJ +-MV8VMt78XRgVCfAIoYGVA4GSAAQDKMDWf9VS6hDlvfe4fVC/TcujTcpWmuuGnFx9 +-x9gyzjD+7TLiWnI3k/l8VX4vl4xeE0nmm3PvmRYAH/sNbNssY0PjRTg4bm4B0VG0 +-btAEJjzZpcDUaoQNAyImMfkv+SgOlaNXRs28r9n+1oEcdhS51Qqigo3HonWznT1B +-ijSd0eK3MhH03po0tC/KEbl2Dso= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C14-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDKMDWf9VS6hDlvfe4fVC/TcujTcpW +-muuGnFx9x9gyzjD+7TLiWnI3k/l8VX4vl4xeE0nmm3PvmRYAH/sNbNssY0PjRTg4 +-bm4B0VG0btAEJjzZpcDUaoQNAyImMfkv+SgOlaNXRs28r9n+1oEcdhS51Qqigo3H +-onWznT1BijSd0eK3MhH03po0tC/KEbl2Dso= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C14:KAS-ECC-CDH_B-571_C14-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C14-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQHJnYwKtGHMbdiArxRQp6/fsz2Ml9O +-CEwvkuMojtKQSIueNnIOKdqi2xmTp9F86O+djM7GHeikBxduJnTCXVe/8sRlljWL +-NgUDwAItUyKQkeFK8PdFDeyhy124IecVkGCP4Jhtc+iMkV5e6N/ryJVZE9kWT5kv +-VjlKZi7xHIIU6K2oXfGxewuXQUzdZi0Yi10= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C14 +-PeerKey=KAS-ECC-CDH_B-571_C14-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=07c7eb4892816cc3388ebcdfb412984e05910c112dd15b8e5481719401701aceba22fcf35aab0c3b040096161011f6177097c505395d9d6d8a713f6a5100fb476adbe7b9cdf4b68b +- +-PrivateKey=KAS-ECC-CDH_B-571_C15 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAEnG5MBaGXskr9Jw +-ckP/v9VbAIj9M9h9rk0hBI918rhiVjB1JB0vNv3Q6UBatCqlXL8gldq8Pa7frp3r +-kiIgeD6Fkc/WdgCxoYGVA4GSAAQAH+KaTC3QALvtEpEhuI7btcObNAA/FwrBn6mo +-XF/lh6q4ITYfSWNEDyWstJdYgQVS8Gtxmp60O3IOm3rW751BJI1fM1+ZUVoBSZ25 +-WAjHGdJOsFxjPbiwXPlpygv2VkNbH98bCSgpD2pr+ICtuf1TyG7Hbg9izonL60wm +-b2Sodtd4IxoAMMOKoA1mxr1oB4U= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C15-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAH+KaTC3QALvtEpEhuI7btcObNAA/ +-FwrBn6moXF/lh6q4ITYfSWNEDyWstJdYgQVS8Gtxmp60O3IOm3rW751BJI1fM1+Z +-UVoBSZ25WAjHGdJOsFxjPbiwXPlpygv2VkNbH98bCSgpD2pr+ICtuf1TyG7Hbg9i +-zonL60wmb2Sodtd4IxoAMMOKoA1mxr1oB4U= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C15:KAS-ECC-CDH_B-571_C15-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C15-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGzXkx/PGTX4HzAUee2a0Mb5oFvs9O +-Vzov9Am6/EQuwZX34/39COWBYdTg/Tf2KpaUIbGc1I/oSKXX90uBN6fHJqnL03os +-87QEtbLNg7J4lXUcNNOsW5YKEz7BiwOcLhKNNEHbT3bot1BkCUYZsSLl+y8cJ5ZV +-mtlTxxHjMNx79V7fKfCVyuRVV7fI1YQ9ib0= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C15 +-PeerKey=KAS-ECC-CDH_B-571_C15-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=05c638349000ec30881cd190c067e7f12b6b42d5842a8285a8ff0dc7e9c9eaf483309e48314fdc2ce7f9da6a468e549c8e70a50b68d07aee29708a98172209e5cd2e8c09cb66d982 +- +-PrivateKey=KAS-ECC-CDH_B-571_C16 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAYazHOSQx/KPJ5MH +-WkrmRayznnH/6UTuYr+CWH8cPL4ojOYCTY0DXxB9mk+u1Xp7Ie4dbnEpoJgATyLM +-1SdAwDSm3ze1PQcyoYGVA4GSAAQGsV8ahZ49gJJGEbIMG5Tf9r0FdP74GTfx5U0U +-jS0x+MIbDqnOAxyUVXBvCFpp/UkkGFWMfemq3CyamW5+0f7aMpx9dgm7ayIDKRBU +-TLE24sKaozVyqmw0caUuvKayKL7nSfqf/ikpakpbaqDG3J8JUhbnsVE9gcugB5Sj +-9Vj3ShtUHHOyMI9PjnQCi1wrzfM= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C16-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGsV8ahZ49gJJGEbIMG5Tf9r0FdP74 +-GTfx5U0UjS0x+MIbDqnOAxyUVXBvCFpp/UkkGFWMfemq3CyamW5+0f7aMpx9dgm7 +-ayIDKRBUTLE24sKaozVyqmw0caUuvKayKL7nSfqf/ikpakpbaqDG3J8JUhbnsVE9 +-gcugB5Sj9Vj3ShtUHHOyMI9PjnQCi1wrzfM= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C16:KAS-ECC-CDH_B-571_C16-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C16-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCmEtlMHTDaiWa2VbVVWUSwscx+lDy +-AF0ASanZd95cALegVMlgzdcHiWMhSQvkM71e/9RMVk6qLVAhF1BQxb/BY82x6B3x +-M1oBp4bSkJizNPXBxK6GpBvydcxnh9pyBpFlV6T0MxkhQQNFZ+BB1V15SncHx6ry +-iELVyPWQN1pDZWkYqoDlWwKFNHzOj/4fFeg= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C16 +-PeerKey=KAS-ECC-CDH_B-571_C16-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=007a40a59b6632156a43158565a4eeaf80618e501c5ac5afdab4ce3cb76ac99a0bcd17e9eec549373ace8c96aac78e2af6600483a2c49ec81298a083d5237118de96a953999beb26 +- +-PrivateKey=KAS-ECC-CDH_B-571_C17 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0H46GGC3k/D9DhX +-JQqSmkGZTTMdoVTAJJ+g0cJqbeDoNfoIqMxSTj2sKGOD+QvS9NLHUULx04EI2cBi +-FDyObtu9oK+Hp2rVoYGVA4GSAAQCxcXrcydAJnJXPDe0kokDQ6tCK1G8ZbYAdm7B +-0HkI/wO8/edpTYMrzeUpRjOd8Kq0B0rgeon4IfWhEw0rc9sMQjrnoCOuLBgEdu09 +-vZNtHDaYekNRLI8FYuMWEi0Fp+3U5CSJhMEfbrhSFdWqoCYqlfIGZsnb9FJIrhd9 +-Lf/6OmqVBTMpi1w/Shti2h6vzVE= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C17-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCxcXrcydAJnJXPDe0kokDQ6tCK1G8 +-ZbYAdm7B0HkI/wO8/edpTYMrzeUpRjOd8Kq0B0rgeon4IfWhEw0rc9sMQjrnoCOu +-LBgEdu09vZNtHDaYekNRLI8FYuMWEi0Fp+3U5CSJhMEfbrhSFdWqoCYqlfIGZsnb +-9FJIrhd9Lf/6OmqVBTMpi1w/Shti2h6vzVE= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C17:KAS-ECC-CDH_B-571_C17-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C17-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBqGguCezNGGjaICkWpWHuhRPA1zRw +-zTQa7nntk1VqOm58eyAwLsdKDFFwqON9eKm10N45AOsqZjpyR895Q/04HZWzqv0V +-YWcFL+zGj3aV1OQaCAxHZQ0gKHTaFjoXSOVQNzlY4xvQquUgmW0w84RzD0hU9eVO +-aMwklYrcUuKkxAc1ZRTz6nFmBW3Gfk0Rj6g= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C17 +-PeerKey=KAS-ECC-CDH_B-571_C17-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=021fd2726973405fc30d2a1f2115907cbd0de90bb6bcb0496452e389b1b10ccf38e2400617040cf0dbb188f345337678b0ad8603dcfe926582d4321f384daec0943e2cd267f48343 +- +-PrivateKey=KAS-ECC-CDH_B-571_C18 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgenOC2KIlcSJuDA +-bCaB0JvKGbXbfnu/wTrCCDid+BaNd2FeMMqGEDk25T3ZrwHN/iT1COxgk5l3XOhM +-hon41flvZS4BTg3ooYGVA4GSAAQEYI3AUSvFXHNM1WKsWCX3yji3k/js6bmBzBxA +-Mt3YA5Fk0MZGtCsv1FO1odOnSuI8MsfVhAB948004zEhuQ+rOtpmIbOsl4UGqp/7 +-/WXFCTcIRnB2dKxyPawkpvM6Hgu834skujLPe97I/ckjO3V7wHPWTe30hMb6Ae8o +-6HT7DTT1iw4ysYZFwwvctRbuOEE= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C18-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQEYI3AUSvFXHNM1WKsWCX3yji3k/js +-6bmBzBxAMt3YA5Fk0MZGtCsv1FO1odOnSuI8MsfVhAB948004zEhuQ+rOtpmIbOs +-l4UGqp/7/WXFCTcIRnB2dKxyPawkpvM6Hgu834skujLPe97I/ckjO3V7wHPWTe30 +-hMb6Ae8o6HT7DTT1iw4ysYZFwwvctRbuOEE= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C18:KAS-ECC-CDH_B-571_C18-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C18-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCza8TmgzaKADWESj/5NcyOzSg/PSM +-lABHn/TIKRy/RvFsQeRAmq7fFLxgpkKy17qs3o4AUd2K4Bv1rS5uZJDHfNQGqZnF +-ZeYHjt0p22o7h6EVBbV8VD/7dGpbQPuD1yBhgPOun8siLFQRp3R2Zgx7MRtkYxCQ +-WImpWg8v3DXTD8YcxVYKKRQjLWKtNjhrkXk= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C18 +-PeerKey=KAS-ECC-CDH_B-571_C18-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=07a47bdc7d54ecd391672f131b3214d0efc4d40195db1ec993a62fe9da875efff5403bd708fa491a01a94f4bddc7d516baffff9fbdd213ca1a4905f9aa679d65da25c0f1fd2afb0a +- +-PrivateKey=KAS-ECC-CDH_B-571_C19 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAGuo8SzG4OeN+Mxi +-mISKdAAl5yxi0JnpJYSsdvWVrB/HJMsGqFoH8NRED6893qLyZfIBXdBZoWoDopkV +-uHMdYEUSzu8iuEHzoYGVA4GSAAQGNvQ16AYAZmEIc3MAdzqO1v+o6/gwfIH/X0Q1 +-PpG60IYzG4/v8/HNuG4GG95fccX7k48RfiImqX0rZrCY6f9SUYLIFucCxqkBwb2K +-+uapQQj8LHVdXeP6Kks0cfwqXN9K3aaFKb8YD/KNsVSrQxEkezkuk6M1u+h5Zgi7 +-1gE/Q83MhG7CImdCPDz9os6KPZY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C19-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGNvQ16AYAZmEIc3MAdzqO1v+o6/gw +-fIH/X0Q1PpG60IYzG4/v8/HNuG4GG95fccX7k48RfiImqX0rZrCY6f9SUYLIFucC +-xqkBwb2K+uapQQj8LHVdXeP6Kks0cfwqXN9K3aaFKb8YD/KNsVSrQxEkezkuk6M1 +-u+h5Zgi71gE/Q83MhG7CImdCPDz9os6KPZY= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C19:KAS-ECC-CDH_B-571_C19-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C19-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQABRUS5KDbxTXJe+EP+nQldYOCiDBA +-RmYB1TkbyzWCwRUlKTJJ8kSXzIByFrNMksHgdXgcg5HD9tPRT4ih1Q6p/HX/jVHM +-+TMDnaRsrIZqs0dhesWotPFlcDTjuN22a8QnPi4c4BZB7OY2l53oskktxp6IU3w2 +-scOtDTUif4Z+Q9+ciRfc6fjB7zujy1youlI= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C19 +-PeerKey=KAS-ECC-CDH_B-571_C19-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=07326196a7decc92c81ae5a0779c9a42f53d94cfa4c3a13f19dbb554138e0e864eee6bc93e39214e2f74705a4b172aab510444c93b5b3e62517bbb7279337102db1c61de349d9747 +- +-PrivateKey=KAS-ECC-CDH_B-571_C20 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAQcW8ud08n9C3j9s +-lpTY7KIXmCMJHSAvK6FikZOhyYcAaTOY/8gxV/fOSFjnU145kNIZvCSd4WRVjKyA +-fuFZd4oBLaGeUBK/oYGVA4GSAAQBULOt3hYqfwk1Daz0YEGf6GuZ3NlPRCg/uj5D +-0oG5O7VCgoEs5SJlqUg4lo1nqdbs3BtstkzxWUUhxHSepD2OTsBF5kX/I4sHtDMh +-thGLh8Rse1IojfXdHPfaYYPs5WM7TBfK42LYIRkffVeSOSgzmq332F9/Gd6UhnCe +-TS3e9CxVu012o8tQytKgmOrVlSo= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C20-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBULOt3hYqfwk1Daz0YEGf6GuZ3NlP +-RCg/uj5D0oG5O7VCgoEs5SJlqUg4lo1nqdbs3BtstkzxWUUhxHSepD2OTsBF5kX/ +-I4sHtDMhthGLh8Rse1IojfXdHPfaYYPs5WM7TBfK42LYIRkffVeSOSgzmq332F9/ +-Gd6UhnCeTS3e9CxVu012o8tQytKgmOrVlSo= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C20:KAS-ECC-CDH_B-571_C20-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C20-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQATC3lZCQxvMbrgu/UNVVAqLXSOxKw +-330xrWlCW5RUmHdEPujdfAnPu+2G8TZlkx1LKiF1nDPhC0rPxjuh72GsqqGMlOPP +-yTMBdlt6N+uAbUMZbSkx2hoZU3QtPg2nzLZ+Df26XgNJFMzj7mOTv95AZw9AYZYG +-faiyk8aENZPdIhyJv5eWNna9BE6MirjnF60= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C20 +-PeerKey=KAS-ECC-CDH_B-571_C20-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=059052d3e1c66efa4b7dd39e74299e886367d8fe49d7cab90e4f051bec10316438fb29b1290dfdaec169decd622a1010cf0a0275008814f4861b4d83ba78515a8768d978be430011 +- +-PrivateKey=KAS-ECC-CDH_B-571_C21 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAdAQP8eUivEH5R9N +-LMA5K2aAgFnR8my6Bb5qOB9SLUy4VBN5NKzNHOozYJSOQG0xCMlDdp3HALTJzAzB +-2EurWKNeJ+skBHXwoYGVA4GSAAQBK9qN7T7X6LbTm1hVpY1yW2XjhXwqZ0mW6zk6 +-Pj+RWVu/qHJTpW66wrEO1Aavnb/1OyImX761p2nKzitgtF2/l87tKwoE21ACZFSC +-fv4psySuPy1MDco6OpVJFRHFMWRaz1RbRe9qxKUMCdPSHyE8p2uW+xgkLsvgivaH +-Vd5OEHcXNHWCbqq+0mp1w2nNew8= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C21-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBK9qN7T7X6LbTm1hVpY1yW2XjhXwq +-Z0mW6zk6Pj+RWVu/qHJTpW66wrEO1Aavnb/1OyImX761p2nKzitgtF2/l87tKwoE +-21ACZFSCfv4psySuPy1MDco6OpVJFRHFMWRaz1RbRe9qxKUMCdPSHyE8p2uW+xgk +-LsvgivaHVd5OEHcXNHWCbqq+0mp1w2nNew8= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C21:KAS-ECC-CDH_B-571_C21-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C21-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCUDig5yrowW424+O1BO1zQe9wm5/s +-i+kBdzRtdsp7xxM9DsKArPBmAFxcwQtSqmVDNf6CCmYX5WDicJA/8cLMivE5jyTf +-4rADEHTKOTGAGmrLdltukUQXLtgdmZ7Z6DW9NVJrA+8qE/eDdgMrDrgUbCMTI2X8 +-4Xany9ykSzWqN5hZ9oisJtxkyBSaQyLQg9E= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C21 +-PeerKey=KAS-ECC-CDH_B-571_C21-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=03acfa4b3d1c2a6b62af23bdff6a215a416d4437ce6cc114d17dc4201195987a5d7301da11b913254702d7172e31d64e59b24deaa3270f20445e51dc484f7a2b8c3cbeb0bb9efb28 +- +-PrivateKey=KAS-ECC-CDH_B-571_C22 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAy0vVX/ke40oD2gu +-JP2mJ916WOmwCCKjqvbregFPR2wXlBrcXiI4owgNcG8eFqRRt+kpQneZMMVnCkcy +-gcrHi4WNHxzJmwr/oYGVA4GSAAQEDzEw50scjrJl58TmkhQR65cUGCZ+jeqHnC6L +-Vjhk8jphsjQiyaBvoXiooVXj54RXWXWH8+NbefGdDC4YWu9G25WBnL4SexAByR0n +-wq5xE+sDvpjpTTrW3seR+sL+DSyMmLcTcbBYpkn6nD+jzNu6kyOVwnr/og2VrAQb +-yZeOP1MIKaLGTImxvM6sBoVPuQM= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C22-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQEDzEw50scjrJl58TmkhQR65cUGCZ+ +-jeqHnC6LVjhk8jphsjQiyaBvoXiooVXj54RXWXWH8+NbefGdDC4YWu9G25WBnL4S +-exAByR0nwq5xE+sDvpjpTTrW3seR+sL+DSyMmLcTcbBYpkn6nD+jzNu6kyOVwnr/ +-og2VrAQbyZeOP1MIKaLGTImxvM6sBoVPuQM= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C22:KAS-ECC-CDH_B-571_C22-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C22-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBvf/9acLgj7A8hT7y69CI5o0jP9uV +-8LJG3nlV1hUHff0LD/AsZNAd55M1kJa4XgV7G3+fWSYtwnV/GCQ+GC4aC/6dy7An +-1osCGL59lWAp8TnBnS2jRnc7FtevyFirjctg1+SErs7DCcs/6pavOQNjfl2022eL +-tdubCxjYPPnrwbGq8k9DZ+xTNoTOnVZYLUM= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C22 +-PeerKey=KAS-ECC-CDH_B-571_C22-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=067a58e5b3287bb9aa83ed9ca2d718cf7165fb574b6a446c3019849cd1584673d561b574bc8f68419437c5e8113e060847cad3b5ddc2f67ad75bc1e3f04554e63a5e4945cfcb65f5 +- +-PrivateKey=KAS-ECC-CDH_B-571_C23 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA+7ikZaovnDrOjEE +-ZAWcwMTELxNIerGgdiwsvjBOvmNQPmxwaKf0vBl/gfZbQpXBSyEPPLI3i2dAH89S +-vsAsE7YbbeFOG35boYGVA4GSAAQBd6zF/p9C9N4tJ6ub9vfg6s4wPCZv+LNGkIKr +-qTZ+ZkQL1rG9i24a7JK2XjWuqPAH8J1M1n7qXWAAc2yru53MyUPrtWVqBYYHFvGJ +-jiqMJzGd56JpjyHV3likuLjdArXkMxENOXf+6OxcCJ0XCvAqStPB+rRLDR4qO+up +-4HGc2L+DZEeNaGxONfdFfSTQIdY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C23-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBd6zF/p9C9N4tJ6ub9vfg6s4wPCZv +-+LNGkIKrqTZ+ZkQL1rG9i24a7JK2XjWuqPAH8J1M1n7qXWAAc2yru53MyUPrtWVq +-BYYHFvGJjiqMJzGd56JpjyHV3likuLjdArXkMxENOXf+6OxcCJ0XCvAqStPB+rRL +-DR4qO+up4HGc2L+DZEeNaGxONfdFfSTQIdY= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C23:KAS-ECC-CDH_B-571_C23-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C23-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAj8O0FPNBK0A/AcJTvSImFQIl3aqz +-TSAQifSdeeXcwuO2ghb6pm2sRFKcf+O6TSjYFbCII1lVcTu3chODUztdlCIbTtHh +-YrgCsyIB3icrGzK2pqWOoiQRxI9dxc8PlYcuZ1HtYizuzqIqVWl13mADhpriCvOb +-QrqIcXicgujzrTz2AG9DvEx9QQIDLEP495c= +------END PUBLIC KEY----- +- +- +-Availablein = default +-Derive=KAS-ECC-CDH_B-571_C23 +-PeerKey=KAS-ECC-CDH_B-571_C23-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=06b272ca3330c0cdfbe60a1746bc0ddea6257536cdd8e976f2517eb541460a3f0e6ea7fec2b495e0f57712c8cac35e8a7d64d876c29851bbfeb6fe726d57e0be43dc76a584ef9c93 +- +-PrivateKey=KAS-ECC-CDH_B-571_C24 +------BEGIN PRIVATE KEY----- +-MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAWmi2HWGlEwxc7+a +-InXjCAAD22SMLR4cVuLDfODXzZ+Bjqa3u6ND93TvDzNOpcEu8L51k9BO2UVFjXHh +-cRLrAdkEHSEzsTRzoYGVA4GSAAQFHlIXZCZa9/AbzZw/0CLf2y1KLFizsj0uVQMC +-xCqt1X0d9vwY5GW9mEQkle7SLz/WcAKEyfp4M7UWUUm44akeDgmaClcy1cIBmOfn +-0JTiB1KMWDhl0mKpGPwqOSYelcB9y9BE79OYGJkHivPrlzmCAaRlDw3Mvxn5Isjb +-w4Ob9r4AU/hFMccYQ6nmoQKrWNY= +------END PRIVATE KEY----- +- +-PublicKey=KAS-ECC-CDH_B-571_C24-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFHlIXZCZa9/AbzZw/0CLf2y1KLFiz +-sj0uVQMCxCqt1X0d9vwY5GW9mEQkle7SLz/WcAKEyfp4M7UWUUm44akeDgmaClcy +-1cIBmOfn0JTiB1KMWDhl0mKpGPwqOSYelcB9y9BE79OYGJkHivPrlzmCAaRlDw3M +-vxn5Isjbw4Ob9r4AU/hFMccYQ6nmoQKrWNY= +------END PUBLIC KEY----- +- +-PrivPubKeyPair = KAS-ECC-CDH_B-571_C24:KAS-ECC-CDH_B-571_C24-PUBLIC +- +- +-PublicKey=KAS-ECC-CDH_B-571_C24-Peer-PUBLIC +------BEGIN PUBLIC KEY----- +-MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFZagplNfm9T7ra/Z1I+5oD/t3ARhn +-PD4VwyAObI0fJsq68AwdpI5jdDFkl8ul8Z8XQg8mdjP0DlsGNieJv/Ea31ltWxz3 +-aO8Bay1Nqsqca+2XayBk71Q1KliuNDZ4NaYhDhV4KRwd6NZ8ILw9b/piDIezCYor +-nzq7jSys1bLuK2g5nqxOj2XOvdZjAP0Em1s= +------END PUBLIC KEY----- +- +- +-Derive=KAS-ECC-CDH_B-571_C24 +-PeerKey=KAS-ECC-CDH_B-571_C24-Peer-PUBLIC +-Ctrl=ecdh_cofactor_mode:1 +-SharedSecret=02da266a269bdc8d8b2a0c6bb5762f102fc801c8d5394a9271539136bd81d4b69cfbb7525cd0a983fb7f7e9deec583b8f8e574c6184b2d79831ec770649e484dc006fa35b0bffd0b +diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt +--- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt.ec-curves 2021-05-17 10:45:03.968368782 +0200 ++++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt 2021-05-17 10:45:54.211747865 +0200 +@@ -31,12 +31,6 @@ MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUP + x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ== + -----END PUBLIC KEY----- + +-PublicKey=KAS-ECC-CDH_K-163_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBx+LKHfWAn2cGt5CRPLeoSaS7yPVBcFe +-53YiHHK4SzR844PzgGe4nD6a +------END PUBLIC KEY----- +- + PrivateKey = RSA-2048 + -----BEGIN PRIVATE KEY----- + MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNAIHqeyrh6gbV +@@ -77,9 +71,3 @@ Result = KEYPAIR_TYPE_MISMATCH + + PrivPubKeyPair = RSA-2048:P-256-PUBLIC + Result = KEYPAIR_TYPE_MISMATCH +- +-PrivPubKeyPair = RSA-2048:KAS-ECC-CDH_K-163_C0-PUBLIC +-Result = KEYPAIR_TYPE_MISMATCH +- +-PrivPubKeyPair = Alice-25519:KAS-ECC-CDH_K-163_C0-PUBLIC +-Result = KEYPAIR_TYPE_MISMATCH +diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp.t.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp.t +--- openssl-3.0.0-alpha16/test/recipes/30-test_evp.t.ec-curves 2021-05-17 10:49:28.050844977 +0200 ++++ openssl-3.0.0-alpha16/test/recipes/30-test_evp.t 2021-05-17 10:53:53.480444576 +0200 +@@ -111,7 +111,6 @@ my @defltfiles = qw( + evppkey_kdf_tls1_prf.txt + evppkey_rsa.txt + ); +-push @defltfiles, qw(evppkey_brainpool.txt) unless $no_ec; + push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2; + + plan tests => diff --git a/openssl.spec b/openssl.spec index fde6dd0..6aa064d 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha15.1%{?dist} +Release: 0.alpha16.1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -50,8 +50,8 @@ Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch # Add check to see if fips flag is enabled in kernel Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch -# Fixes EVP extra test by removing 7 unsupported curves -Patch10: 0010-Fix-EVP-extra-test-with-OPENSSL_NO_EC2M.patch +# Avoid sending alerts after shutdown +Patch10: 0010-Avoid-sending-alert-after-shutdown.patch # remove unsupported EC curves Patch11: 0011-Remove-EC-curves.patch @@ -109,7 +109,7 @@ package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit. %prep -%autosetup -S git -n %{name}-%{version}-alpha15 +%autosetup -S git -n %{name}-%{version}-alpha16 # The hobble_openssl is called here redundantly, just to be sure. # The tarball has already the sources removed. @@ -372,6 +372,10 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Mon May 17 2021 Sahana Prasad 3.0.0-0.alpha16.1 +- Update to alpha 16 version + Resolves: rhbz#1952901 openssl sends alert after orderly connection close + * Mon Apr 26 2021 Sahana Prasad 3.0.0-0.alpha15.1 - Update to alpha 15 version Resolves: rhbz#1903209, rhbz#1952598, diff --git a/sources b/sources index b0a8d8f..4813daf 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-3.0.0-hobbled.tar.xz) = aeb95ea4781cf18d61150abe2e8307d4985928b0385170da62504eaf30370d3a564642028b362c4bc366acffa043c3f136d67bd2401719bb3c2cdf79a86511ba +SHA512 (openssl-3.0.0-hobbled.tar.xz) = fa5e40d22f0358b39d8eb47ee675e91ad88a93a5234dab12b27ec19c455a701042a3a70541fee1ba7ee28dbbca6024e84deb5b2fa6cc7e773374ea1e067a1b80 From 5fa0564b3aea3f2c2c2bd18082a9a3d96f818688 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Thu, 27 May 2021 15:53:25 +0200 Subject: [PATCH 14/41] Enable FIPS via config options Resolves: rhbz#1903209 Signed-off-by: Sahana Prasad --- openssl.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/openssl.spec b/openssl.spec index 6aa064d..1678a08 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha16.1%{?dist} +Release: 0.alpha16.2%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -194,7 +194,7 @@ export HASHBANGPERL=/usr/bin/perl --prefix=%{_prefix} --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \ --system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \ zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \ - enable-cms enable-md2 enable-rc5 enable-ktls \ + enable-cms enable-md2 enable-rc5 enable-ktls enable-fips\ no-idea no-mdc2 no-ec2m no-sm2 no-sm4 \ shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\""' @@ -342,6 +342,7 @@ export LD_LIBRARY_PATH %dir %{_sysconfdir}/pki/tls/misc %dir %{_sysconfdir}/pki/tls/private %config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf +%config(noreplace) %{_sysconfdir}/pki/tls/fipsmodule.cnf %config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf %attr(0755,root,root) %{_libdir}/libcrypto.so.%{version} %{_libdir}/libcrypto.so.%{soversion} @@ -372,6 +373,9 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Thu May 27 2021 Sahana Prasad 3.0.0-0.alpha16.2 +- Enable FIPS via config options + * Mon May 17 2021 Sahana Prasad 3.0.0-0.alpha16.1 - Update to alpha 16 version Resolves: rhbz#1952901 openssl sends alert after orderly connection close From e863fff32566f37ccd4f8ab675dc1cb719339667 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Fri, 4 Jun 2021 10:37:32 +0200 Subject: [PATCH 15/41] Fix reading SPKAC data from stdin Fix incorrect OSSL_PKEY_PARAM_MAX_SIZE for ed25519 and ed448 Return 0 after cleanup in OPENSSL_init_crypto() Cleanup the peer point formats on regotiation Fix default digest to SHA256 Resolves: rhbz#1958045, rhbz#1952850, rhbz#1961687 Related: rhbz#1958033 Signed-off-by: Sahana Prasad --- 0012-Fix-SPKAC-data-from-stdin.patch | 28 ++++++++++++ ...x-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch | 41 +++++++++++++++++ ...-Return0-OPENSSL-init-crypto-cleanup.patch | 34 ++++++++++++++ ...eanup-peer-point-formats-regotiation.patch | 36 +++++++++++++++ 0016-Fix-default-digest-SHA256.patch | 45 +++++++++++++++++++ openssl.spec | 19 +++++++- 6 files changed, 202 insertions(+), 1 deletion(-) create mode 100644 0012-Fix-SPKAC-data-from-stdin.patch create mode 100644 0013-Fix-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch create mode 100644 0014-Return0-OPENSSL-init-crypto-cleanup.patch create mode 100644 0015-Cleanup-peer-point-formats-regotiation.patch create mode 100644 0016-Fix-default-digest-SHA256.patch diff --git a/0012-Fix-SPKAC-data-from-stdin.patch b/0012-Fix-SPKAC-data-from-stdin.patch new file mode 100644 index 0000000..b9da02d --- /dev/null +++ b/0012-Fix-SPKAC-data-from-stdin.patch @@ -0,0 +1,28 @@ +diff -up openssl-3.0.0-alpha16/apps/lib/apps.c.spkac openssl-3.0.0-alpha16/apps/lib/apps.c +--- openssl-3.0.0-alpha16/apps/lib/apps.c.spkac 2021-06-04 09:28:48.162316896 +0200 ++++ openssl-3.0.0-alpha16/apps/lib/apps.c 2021-06-04 09:32:53.911795489 +0200 +@@ -403,14 +403,18 @@ CONF *app_load_config_verbose(const char + + CONF *app_load_config_internal(const char *filename, int quiet) + { +- BIO *in = NULL; /* leads to empty config in case filename == "" */ ++ BIO *in; + CONF *conf; + +- if (*filename != '\0' +- && (in = bio_open_default_(filename, 'r', FORMAT_TEXT, quiet)) == NULL) +- return NULL; +- conf = app_load_config_bio(in, filename); +- BIO_free(in); ++ if (filename == NULL || *filename != '\0') { ++ if ((in = bio_open_default_(filename, 'r', FORMAT_TEXT, quiet)) == NULL) ++ return NULL; ++ conf = app_load_config_bio(in, filename); ++ BIO_free(in); ++ } else { ++ /* Return empty config if filename is empty string. */ ++ conf = NCONF_new_ex(app_libctx, NULL); ++ } + return conf; + } + diff --git a/0013-Fix-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch b/0013-Fix-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch new file mode 100644 index 0000000..7467edd --- /dev/null +++ b/0013-Fix-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch @@ -0,0 +1,41 @@ +diff -up openssl-3.0.0-alpha16/providers/implementations/keymgmt/ecx_kmgmt.c.edsize openssl-3.0.0-alpha16/providers/implementations/keymgmt/ecx_kmgmt.c +--- openssl-3.0.0-alpha16/providers/implementations/keymgmt/ecx_kmgmt.c.edsize 2021-06-04 09:51:12.567348198 +0200 ++++ openssl-3.0.0-alpha16/providers/implementations/keymgmt/ecx_kmgmt.c 2021-06-04 09:52:55.650321215 +0200 +@@ -309,14 +309,14 @@ static int x448_get_params(void *key, OS + static int ed25519_get_params(void *key, OSSL_PARAM params[]) + { + return ecx_get_params(key, params, ED25519_BITS, ED25519_SECURITY_BITS, +- ED25519_KEYLEN) ++ ED25519_SIGSIZE) + && ed_get_params(key, params); + } + + static int ed448_get_params(void *key, OSSL_PARAM params[]) + { + return ecx_get_params(key, params, ED448_BITS, ED448_SECURITY_BITS, +- ED448_KEYLEN) ++ ED448_SIGSIZE) + && ed_get_params(key, params); + } + +diff -up openssl-3.0.0-alpha16/test/evp_pkey_provided_test.c.edsize openssl-3.0.0-alpha16/test/evp_pkey_provided_test.c +--- openssl-3.0.0-alpha16/test/evp_pkey_provided_test.c.edsize 2021-06-04 09:51:24.540461209 +0200 ++++ openssl-3.0.0-alpha16/test/evp_pkey_provided_test.c 2021-06-04 09:54:26.531182412 +0200 +@@ -979,7 +979,7 @@ static int test_fromdata_ecx(int tst) + fromdata_params = ed25519_fromdata_params; + bits = ED25519_BITS; + security_bits = ED25519_SECURITY_BITS; +- size = ED25519_KEYLEN; ++ size = ED25519_SIGSIZE; + alg = "ED25519"; + break; + +@@ -987,7 +987,7 @@ static int test_fromdata_ecx(int tst) + fromdata_params = ed448_fromdata_params; + bits = ED448_BITS; + security_bits = ED448_SECURITY_BITS; +- size = ED448_KEYLEN; ++ size = ED448_SIGSIZE; + alg = "ED448"; + break; + default: diff --git a/0014-Return0-OPENSSL-init-crypto-cleanup.patch b/0014-Return0-OPENSSL-init-crypto-cleanup.patch new file mode 100644 index 0000000..041c0e7 --- /dev/null +++ b/0014-Return0-OPENSSL-init-crypto-cleanup.patch @@ -0,0 +1,34 @@ +diff -up openssl-3.0.0-alpha16/crypto/init.c.softhsm openssl-3.0.0-alpha16/crypto/init.c +--- openssl-3.0.0-alpha16/crypto/init.c.softhsm 2021-06-04 09:40:22.637748149 +0200 ++++ openssl-3.0.0-alpha16/crypto/init.c 2021-06-04 09:44:09.695867437 +0200 +@@ -454,6 +454,13 @@ int OPENSSL_init_crypto(uint64_t opts, c + uint64_t tmp; + int aloaddone = 0; + ++ /* Applications depend on 0 being returned when cleanup was already done */ ++ if (stopped) { ++ if (!(opts & OPENSSL_INIT_BASE_ONLY)) ++ ERR_raise(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL); ++ return 0; ++ } ++ + /* + * We ignore failures from this function. It is probably because we are + * on a platform that doesn't support lockless atomic loads (we may not +@@ -476,15 +483,7 @@ int OPENSSL_init_crypto(uint64_t opts, c + /* + * At some point we should look at this function with a view to moving + * most/all of this into OSSL_LIB_CTX. +- */ +- +- if (stopped) { +- if (!(opts & OPENSSL_INIT_BASE_ONLY)) +- ERR_raise(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL); +- return 0; +- } +- +- /* ++ * + * When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the + * *only* option specified. With that option we return immediately after + * doing the requested limited initialization. Note that diff --git a/0015-Cleanup-peer-point-formats-regotiation.patch b/0015-Cleanup-peer-point-formats-regotiation.patch new file mode 100644 index 0000000..51e3440 --- /dev/null +++ b/0015-Cleanup-peer-point-formats-regotiation.patch @@ -0,0 +1,36 @@ +diff -up openssl-3.0.0-alpha16/ssl/statem/extensions.c.reneg openssl-3.0.0-alpha16/ssl/statem/extensions.c +--- openssl-3.0.0-alpha16/ssl/statem/extensions.c.reneg 2021-06-04 10:03:01.313023512 +0200 ++++ openssl-3.0.0-alpha16/ssl/statem/extensions.c 2021-06-04 10:05:43.019538516 +0200 +@@ -45,6 +45,7 @@ static int tls_parse_certificate_authori + #ifndef OPENSSL_NO_SRP + static int init_srp(SSL *s, unsigned int context); + #endif ++static int init_ec_point_formats(SSL *s, unsigned int context); + static int init_etm(SSL *s, unsigned int context); + static int init_ems(SSL *s, unsigned int context); + static int final_ems(SSL *s, unsigned int context, int sent); +@@ -158,7 +159,7 @@ static const EXTENSION_DEFINITION ext_de + TLSEXT_TYPE_ec_point_formats, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_2_AND_BELOW_ONLY, +- NULL, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats, ++ init_ec_point_formats, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats, + tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats, + final_ec_pt_formats + }, +@@ -1144,6 +1145,15 @@ static int init_srp(SSL *s, unsigned int + } + #endif + ++static int init_ec_point_formats(SSL *s, unsigned int context) ++{ ++ OPENSSL_free(s->ext.peer_ecpointformats); ++ s->ext.peer_ecpointformats = NULL; ++ s->ext.peer_ecpointformats_len = 0; ++ ++ return 1; ++} ++ + static int init_etm(SSL *s, unsigned int context) + { + s->ext.use_etm = 0; diff --git a/0016-Fix-default-digest-SHA256.patch b/0016-Fix-default-digest-SHA256.patch new file mode 100644 index 0000000..c419f41 --- /dev/null +++ b/0016-Fix-default-digest-SHA256.patch @@ -0,0 +1,45 @@ +diff -up openssl-3.0.0-alpha16/apps/dgst.c.digest openssl-3.0.0-alpha16/apps/dgst.c +--- openssl-3.0.0-alpha16/apps/dgst.c.digest 2021-06-04 10:21:03.153697643 +0200 ++++ openssl-3.0.0-alpha16/apps/dgst.c 2021-06-04 10:22:26.737489944 +0200 +@@ -330,6 +330,8 @@ int dgst_main(int argc, char **argv) + } + + if (hmac_key != NULL) { ++ if (md == NULL) ++ md = (EVP_MD *)EVP_sha256(); + sigkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, impl, + (unsigned char *)hmac_key, + strlen(hmac_key)); +diff -up openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t.digest openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t +--- openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t.digest 2021-06-04 10:21:18.871846631 +0200 ++++ openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t 2021-06-04 10:23:56.862344245 +0200 +@@ -17,7 +17,7 @@ use OpenSSL::Test::Utils; + + setup("test_dgst"); + +-plan tests => 7; ++plan tests => 8; + + sub tsignverify { + my $testtext = shift; +@@ -115,6 +115,20 @@ subtest "HMAC generation with `dgst` CLI + ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)"); + ok($hmacdata[1] =~ $expected, + "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)"); ++}; ++ ++subtest "HMAC generation with `dgst` CLI, default digest" => sub { ++ plan tests => 2; ++ ++ my $testdata = srctop_file('test', 'data.bin'); ++ #HMAC the data twice to check consistency ++ my @hmacdata = run(app(['openssl', 'dgst', '-hmac', '123456', ++ $testdata, $testdata]), capture => 1); ++ chomp(@hmacdata); ++ my $expected = qr/HMAC-SHA256\(\Q$testdata\E\)= 6f12484129c4a761747f13d8234a1ff0e074adb34e9e9bf3a155c391b97b9a7c/; ++ ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)"); ++ ok($hmacdata[1] =~ $expected, ++ "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)"); + }; + + subtest "Custom length XOF digest generation with `dgst` CLI" => sub { diff --git a/openssl.spec b/openssl.spec index 1678a08..2388033 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha16.2%{?dist} +Release: 0.alpha16.3%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -54,6 +54,16 @@ Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch Patch10: 0010-Avoid-sending-alert-after-shutdown.patch # remove unsupported EC curves Patch11: 0011-Remove-EC-curves.patch +# Fix reading SPKAC data from stdin +Patch12: 0012-Fix-SPKAC-data-from-stdin.patch +# Fix incorrect OSSL_PKEY_PARAM_MAX_SIZE for ed25519 and ed448 +Patch13: 0013-Fix-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch +# Return 0 after cleanup in OPENSSL_init_crypto() +Patch14: 0014-Return0-OPENSSL-init-crypto-cleanup.patch +# Cleanup the peer point formats on regotiation +Patch15: 0015-Cleanup-peer-point-formats-regotiation.patch +# Fix default digest to SHA256 +Patch16: 0016-Fix-default-digest-SHA256.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -373,6 +383,13 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Fri Jun 04 2021 Sahana Prasad 3.0.0-0.alpha16.3 +- Fix reading SPKAC data from stdin +- Fix incorrect OSSL_PKEY_PARAM_MAX_SIZE for ed25519 and ed448 +- Return 0 after cleanup in OPENSSL_init_crypto() +- Cleanup the peer point formats on regotiation +- Fix default digest to SHA256 + * Thu May 27 2021 Sahana Prasad 3.0.0-0.alpha16.2 - Enable FIPS via config options From b0a763c723067b214e7870ce45b8cea4ab2b28ac Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Fri, 11 Jun 2021 13:10:06 +0200 Subject: [PATCH 16/41] Speeding up building openssl Resolves: rhbz#1903209 Signed-off-by: Dmitry Belyavskiy --- openssl.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openssl.spec b/openssl.spec index 2388033..65828bb 100644 --- a/openssl.spec +++ b/openssl.spec @@ -211,7 +211,7 @@ export HASHBANGPERL=/usr/bin/perl # Do not run this in a production package the FIPS symbols must be patched-in #util/mkdef.pl crypto update -make all +make -s %{?_smp_mflags} all # Clean up the .pc files for i in libcrypto.pc libssl.pc openssl.pc ; do @@ -235,7 +235,7 @@ OPENSSL_ENABLE_MD5_VERIFY= export OPENSSL_ENABLE_MD5_VERIFY OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file export OPENSSL_SYSTEM_CIPHERS_OVERRIDE -make test +make test HARNESS_JOBS=8 # Add generation of HMAC checksum of the final stripped library #%define __spec_install_post \ From 220d8a96f5ec4ac4309a598d37354e9ebfaa110b Mon Sep 17 00:00:00 2001 From: Mohan Boddu Date: Fri, 11 Jun 2021 16:55:52 -0400 Subject: [PATCH 17/41] Spec bump and changelog for Speeding up building openssl Related: rhbz#1903209 Signed-off-by: Mohan Boddu --- openssl.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/openssl.spec b/openssl.spec index 65828bb..44ed018 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha16.3%{?dist} +Release: 0.alpha16.4%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -383,6 +383,10 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Fri Jun 11 2021 Mohan Boddu 3.0.0-0.alpha16.4 +- Speeding up building openssl (dbelyavs@redhat.com) + Resolves: rhbz#1903209 + * Fri Jun 04 2021 Sahana Prasad 3.0.0-0.alpha16.3 - Fix reading SPKAC data from stdin - Fix incorrect OSSL_PKEY_PARAM_MAX_SIZE for ed25519 and ed448 From 240131b9ebef1f3e0a1ff8bcf8e09a7ff0fe5ac2 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Fri, 2 Jul 2021 20:15:32 +0200 Subject: [PATCH 18/41] - Fixes system hang issue when booted in FIPS mode - Temporarily disable downstream FIPS patches Related: rhbz#1977318 Signed-off-by: Sahana Prasad --- openssl.spec | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/openssl.spec b/openssl.spec index 44ed018..4b6e657 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha16.4%{?dist} +Release: 0.alpha16.5%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -47,9 +47,9 @@ Patch6: 0006-Disable-signature-verification-with-totally-unsafe-h.patch # Add support for PROFILE=SYSTEM system default cipherlist Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch # Add FIPS_mode() compatibility macro -Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch +#Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch # Add check to see if fips flag is enabled in kernel -Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch +#Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch # Avoid sending alerts after shutdown Patch10: 0010-Avoid-sending-alert-after-shutdown.patch # remove unsupported EC curves @@ -383,6 +383,11 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Fri Jul 02 2021 Sahana Prasad 3.0.0-0.alpha16.5 +- Fixes system hang issue when booted in FIPS mode (sahana@redhat.com) +- Temporarily disable downstream FIPS patches +- Related: rhbz#1977318 + * Fri Jun 11 2021 Mohan Boddu 3.0.0-0.alpha16.4 - Speeding up building openssl (dbelyavs@redhat.com) Resolves: rhbz#1903209 From 826e7990ea6b155fe386e0acfd1b3c33d75cc71e Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Fri, 2 Jul 2021 21:05:44 +0200 Subject: [PATCH 19/41] Adds FIPS mode compatibility patch Related: rhbz#1977318 Signed-off-by: Sahana Prasad --- openssl.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/openssl.spec b/openssl.spec index 4b6e657..5ed558c 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha16.5%{?dist} +Release: 0.alpha16.6%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -47,7 +47,7 @@ Patch6: 0006-Disable-signature-verification-with-totally-unsafe-h.patch # Add support for PROFILE=SYSTEM system default cipherlist Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch # Add FIPS_mode() compatibility macro -#Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch +Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch # Add check to see if fips flag is enabled in kernel #Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch # Avoid sending alerts after shutdown @@ -383,6 +383,10 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Fri Jul 02 2021 Sahana Prasad 3.0.0-0.alpha16.6 +- Adds FIPS mode compatibility patch (sahana@redhat.com) +- Related: rhbz#1977318 + * Fri Jul 02 2021 Sahana Prasad 3.0.0-0.alpha16.5 - Fixes system hang issue when booted in FIPS mode (sahana@redhat.com) - Temporarily disable downstream FIPS patches From 4f728a9f3fd3d3ff9c4f15eb25e51944d5624763 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Tue, 6 Jul 2021 13:56:08 +0200 Subject: [PATCH 20/41] Fixes override of openssl_conf in openssl.cnf Resolves: rhbz#1975847 Signed-off-by: Sahana Prasad --- ...ault-paths-for-the-CA-directory-tree.patch | 40 +++++++++---------- openssl.spec | 6 ++- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/0004-Override-default-paths-for-the-CA-directory-tree.patch b/0004-Override-default-paths-for-the-CA-directory-tree.patch index 88832a2..7c70c60 100644 --- a/0004-Override-default-paths-for-the-CA-directory-tree.patch +++ b/0004-Override-default-paths-for-the-CA-directory-tree.patch @@ -27,22 +27,22 @@ index c0afb96716..d6a5fabd16 100644 my $CAKEY = "cakey.pem"; my $CAREQ = "careq.pem"; my $CACERT = "cacert.pem"; -diff --git a/apps/openssl.cnf b/apps/openssl.cnf -index eb25a0ac48..2479943fde 100644 ---- a/apps/openssl.cnf -+++ b/apps/openssl.cnf -@@ -31,6 +31,22 @@ oid_section = new_oids - # (Alternatively, use a configuration file that has only - # X.509v3 extensions in its main [= default] section.) +diff -up openssl-3.0.0-alpha16/apps/openssl.cnf.default-tls openssl-3.0.0-alpha16/apps/openssl.cnf +--- openssl-3.0.0-alpha16/apps/openssl.cnf.default-tls 2021-07-06 13:41:39.204978272 +0200 ++++ openssl-3.0.0-alpha16/apps/openssl.cnf 2021-07-06 13:49:50.362857683 +0200 +@@ -53,6 +53,8 @@ tsa_policy3 = 1.2.3.4.5.7 + [openssl_init] + providers = provider_sect +# Load default TLS policy configuration -+ -+openssl_conf = default_modules -+ -+[ default_modules ] -+ +ssl_conf = ssl_module -+ + + # List of providers to load + [provider_sect] +@@ -64,6 +66,13 @@ default = default_sect + [default_sect] + # activate = 1 + +[ ssl_module ] + +system_default = crypto_policy @@ -50,11 +50,10 @@ index eb25a0ac48..2479943fde 100644 +[ crypto_policy ] + +.include = /etc/crypto-policies/back-ends/opensslcnf.config -+ - [ new_oids ] - # We can add new OIDs in here for use by 'ca', 'req' and 'ts'. - # Add a simple OID like this: -@@ -72,7 +88,7 @@ default_ca = CA_default # The default ca section + + #################################################################### + [ ca ] +@@ -72,7 +81,7 @@ default_ca = CA_default # The default c #################################################################### [ CA_default ] @@ -63,7 +62,7 @@ index eb25a0ac48..2479943fde 100644 certs = $dir/certs # Where the issued certs are kept crl_dir = $dir/crl # Where the issued crl are kept database = $dir/index.txt # database index file. -@@ -304,7 +320,7 @@ default_tsa = tsa_config1 # the default TSA section +@@ -304,7 +313,7 @@ default_tsa = tsa_config1 # the default [ tsa_config1 ] # These are used by the TSA reply generation only. @@ -72,6 +71,3 @@ index eb25a0ac48..2479943fde 100644 serial = $dir/tsaserial # The current serial number (mandatory) crypto_device = builtin # OpenSSL engine to use for signing signer_cert = $dir/tsacert.pem # The TSA signing certificate --- -2.26.2 - diff --git a/openssl.spec b/openssl.spec index 5ed558c..19f22de 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha16.6%{?dist} +Release: 0.alpha16.7%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -383,6 +383,10 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Tue Jul 06 2021 Sahana Prasad 3.0.0-0.alpha16.7 +- Fixes override of openssl_conf in openssl.cnf +- Resolves: rhbz#1975847 + * Fri Jul 02 2021 Sahana Prasad 3.0.0-0.alpha16.6 - Adds FIPS mode compatibility patch (sahana@redhat.com) - Related: rhbz#1977318 From 90bf702df6a977860dc2764e2a12a64b633df21a Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Tue, 6 Jul 2021 22:35:53 +0200 Subject: [PATCH 21/41] - Fixes override of openssl_conf in openssl.cnf - Use AI_ADDRCONFIG only when explicit host name is given - Temporarily remove fipsmodule.cnf for arch i686 - Fixes segmentation fault in BN_lebin2bn Resolves: rhbz#1975847, rhbz#1976845, rhbz#1973477, rhbz#1975855 Signed-off-by: Sahana Prasad --- 0017-use-AI-ADDRCONFIG-explicit-hostname.patch | 12 ++++++++++++ 0018-Fix-crash-BN_lebin2bn.patch | 12 ++++++++++++ openssl.spec | 16 ++++++++++++++-- 3 files changed, 38 insertions(+), 2 deletions(-) create mode 100644 0017-use-AI-ADDRCONFIG-explicit-hostname.patch create mode 100644 0018-Fix-crash-BN_lebin2bn.patch diff --git a/0017-use-AI-ADDRCONFIG-explicit-hostname.patch b/0017-use-AI-ADDRCONFIG-explicit-hostname.patch new file mode 100644 index 0000000..15d9199 --- /dev/null +++ b/0017-use-AI-ADDRCONFIG-explicit-hostname.patch @@ -0,0 +1,12 @@ +diff -up openssl-3.0.0-alpha16/crypto/bio/b_addr.c.use-explicit openssl-3.0.0-alpha16/crypto/bio/b_addr.c +--- openssl-3.0.0-alpha16/crypto/bio/b_addr.c.use-explicit 2021-07-06 14:06:05.706578389 +0200 ++++ openssl-3.0.0-alpha16/crypto/bio/b_addr.c 2021-07-06 14:07:24.482329505 +0200 +@@ -696,7 +696,7 @@ int BIO_lookup_ex(const char *host, cons + hints.ai_protocol = protocol; + # ifdef AI_ADDRCONFIG + # ifdef AF_UNSPEC +- if (family == AF_UNSPEC) ++ if (host != NULL && family == AF_UNSPEC) + # endif + hints.ai_flags |= AI_ADDRCONFIG; + # endif diff --git a/0018-Fix-crash-BN_lebin2bn.patch b/0018-Fix-crash-BN_lebin2bn.patch new file mode 100644 index 0000000..375c960 --- /dev/null +++ b/0018-Fix-crash-BN_lebin2bn.patch @@ -0,0 +1,12 @@ +diff -up openssl-3.0.0-alpha16/apps/x509.c.segfault-bn openssl-3.0.0-alpha16/apps/x509.c +--- openssl-3.0.0-alpha16/apps/x509.c.segfault-bn 2021-07-06 22:12:37.021406952 +0200 ++++ openssl-3.0.0-alpha16/apps/x509.c 2021-07-06 22:13:40.540996922 +0200 +@@ -934,7 +934,7 @@ int x509_main(int argc, char **argv) + } else if (i == modulus) { + BIO_printf(out, "Modulus="); + if (EVP_PKEY_is_a(pkey, "RSA")) { +- BIGNUM *n; ++ BIGNUM *n = NULL; + + /* Every RSA key has an 'n' */ + EVP_PKEY_get_bn_param(pkey, "n", &n); diff --git a/openssl.spec b/openssl.spec index 19f22de..0eb6b9c 100644 --- a/openssl.spec +++ b/openssl.spec @@ -64,6 +64,10 @@ Patch14: 0014-Return0-OPENSSL-init-crypto-cleanup.patch Patch15: 0015-Cleanup-peer-point-formats-regotiation.patch # Fix default digest to SHA256 Patch16: 0016-Fix-default-digest-SHA256.patch +# Use AI_ADDRCONFIG only when explicit host name is given +Patch17: 0017-use-AI-ADDRCONFIG-explicit-hostname.patch +# Fix segmentation fault in BN_lebin2bn() +Patch18: 0018-Fix-crash-BN_lebin2bn.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -296,6 +300,9 @@ touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf.dist rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf.dist +%ifarch i686 +rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/fipsmodule.cnf +%endif # Determine which arch opensslconf.h is going to try to #include. basearch=%{_arch} @@ -352,7 +359,6 @@ export LD_LIBRARY_PATH %dir %{_sysconfdir}/pki/tls/misc %dir %{_sysconfdir}/pki/tls/private %config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf -%config(noreplace) %{_sysconfdir}/pki/tls/fipsmodule.cnf %config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf %attr(0755,root,root) %{_libdir}/libcrypto.so.%{version} %{_libdir}/libcrypto.so.%{soversion} @@ -360,6 +366,9 @@ export LD_LIBRARY_PATH %{_libdir}/libssl.so.%{soversion} %attr(0755,root,root) %{_libdir}/engines-%{soversion} %attr(0755,root,root) %{_libdir}/ossl-modules +%ifnarch i686 +%config(noreplace) %{_sysconfdir}/pki/tls/fipsmodule.cnf +%endif %files devel %doc CHANGES.md doc/dir-locals.example.el doc/openssl-c-indent.el @@ -385,7 +394,10 @@ export LD_LIBRARY_PATH %changelog * Tue Jul 06 2021 Sahana Prasad 3.0.0-0.alpha16.7 - Fixes override of openssl_conf in openssl.cnf -- Resolves: rhbz#1975847 +- Use AI_ADDRCONFIG only when explicit host name is given +- Temporarily remove fipsmodule.cnf for arch i686 +- Fixes segmentation fault in BN_lebin2bn +- Resolves: rhbz#1975847, rhbz#1976845, rhbz#1973477, rhbz#1975855 * Fri Jul 02 2021 Sahana Prasad 3.0.0-0.alpha16.6 - Adds FIPS mode compatibility patch (sahana@redhat.com) From d4e97b31103c73e34608d1e31b312bbcc0502809 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Fri, 2 Jul 2021 17:23:17 +0200 Subject: [PATCH 22/41] Update to Beta1 version Includes a patch to support dual-ABI, as Beta1 brekas ABI with alpha16 Related: rhbz#1903209 Signed-off-by: Sahana Prasad --- ...e-verification-with-totally-unsafe-h.patch | 2 +- ...PROFILE-SYSTEM-system-default-cipher.patch | 90 +- 0008-Add-FIPS_mode-compatibility-macro.patch | 19 +- 0009-Add-Kernel-FIPS-mode-flag-support.patch | 2 +- 0010-Avoid-sending-alert-after-shutdown.patch | 12 - 0011-Remove-EC-curves.patch | 11931 +--------------- 0012-Fix-SPKAC-data-from-stdin.patch | 28 - ...x-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch | 41 - ...-Return0-OPENSSL-init-crypto-cleanup.patch | 34 - ...eanup-peer-point-formats-regotiation.patch | 36 - 0016-Fix-default-digest-SHA256.patch | 45 - ...-use-AI-ADDRCONFIG-explicit-hostname.patch | 6 +- 0019-dual-abi.patch | 1321 ++ dual-abi.patch | 1321 ++ ectest.c | 6 +- openssl.spec | 26 +- sources | 2 +- 17 files changed, 2949 insertions(+), 11973 deletions(-) delete mode 100644 0010-Avoid-sending-alert-after-shutdown.patch delete mode 100644 0012-Fix-SPKAC-data-from-stdin.patch delete mode 100644 0013-Fix-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch delete mode 100644 0014-Return0-OPENSSL-init-crypto-cleanup.patch delete mode 100644 0015-Cleanup-peer-point-formats-regotiation.patch delete mode 100644 0016-Fix-default-digest-SHA256.patch create mode 100644 0019-dual-abi.patch create mode 100644 dual-abi.patch diff --git a/0006-Disable-signature-verification-with-totally-unsafe-h.patch b/0006-Disable-signature-verification-with-totally-unsafe-h.patch index 467a8e7..f9dd2dd 100644 --- a/0006-Disable-signature-verification-with-totally-unsafe-h.patch +++ b/0006-Disable-signature-verification-with-totally-unsafe-h.patch @@ -22,7 +22,7 @@ index b7eed914b0..af62f0ef08 100644 + ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + goto err; } else { - const EVP_MD *type = EVP_get_digestbynid(mdnid); + const EVP_MD *type = NULL; -- 2.26.2 diff --git a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch index 0608974..08c7125 100644 --- a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +++ b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch @@ -38,48 +38,6 @@ index 9f369edf0e..c52389f831 100644 (map { "-I".$_} @{$config{CPPINCLUDES}}), @{$config{CPPFLAGS}}) -} CFLAGS={- join(' ', @{$config{CFLAGS}}) -} -diff --git a/Configure b/Configure -index dfad3fe7a5..dc6d5d4d73 100755 ---- a/Configure -+++ b/Configure -@@ -27,7 +27,7 @@ use OpenSSL::config; - my $orig_death_handler = $SIG{__DIE__}; - $SIG{__DIE__} = \&death_handler; - --my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; -+my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; - - # Options: - # -@@ -44,6 +44,9 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lx - # This becomes the value of OPENSSLDIR in Makefile and in C. - # (Default: PREFIX/ssl) - # -+# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM -+# cipher is specified (default). -+# - # --cross-compile-prefix Add specified prefix to binutils components. - # - # --api One of 0.9.8, 1.0.0, 1.0.1, 1.0.2, 1.1.0, 1.1.1, or 3.0 -@@ -367,6 +370,7 @@ $config{prefix}=""; - $config{openssldir}=""; - $config{processor}=""; - $config{libdir}=""; -+$config{system_ciphers_file}=""; - my $auto_threads=1; # enable threads automatically? true by default - my $default_ranlib; - -@@ -957,6 +961,10 @@ while (@argvcopy) - die "FIPS key too long (64 bytes max)\n" - if length $1 > 64; - } -+ elsif (/^--system-ciphers-file=(.*)$/) -+ { -+ $config{system_ciphers_file}=$1; -+ } - elsif (/^--cross-compile-prefix=(.*)$/) - { - $user{CROSS_COMPILE}=$1; diff --git a/doc/man1/openssl-ciphers.pod.in b/doc/man1/openssl-ciphers.pod.in index b4ed3e51d5..2122e6bdfd 100644 --- a/doc/man1/openssl-ciphers.pod.in @@ -322,10 +280,52 @@ index 404a706fab..e81fa9ec3e 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION: - BIO_new_ex ? 3_0_0 EXIST::FUNCTION: - BIO_s_core ? 3_0_0 EXIST::FUNCTION: - OSSL_LIB_CTX_new_from_dispatch ? 3_0_0 EXIST::FUNCTION: + ASN1_item_d2i_bio_ex ? 3_0_0 EXIST::FUNCTION: + ASN1_item_d2i_ex ? 3_0_0 EXIST::FUNCTION: + ASN1_TIME_print_ex ? 3_0_0 EXIST::FUNCTION: +ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: -- 2.26.2 +diff -up openssl-3.0.0-beta1/Configure.sys-default openssl-3.0.0-beta1/Configure +--- openssl-3.0.0-beta1/Configure.sys-default 2021-06-29 11:47:58.978144386 +0200 ++++ openssl-3.0.0-beta1/Configure 2021-06-29 11:52:01.631126260 +0200 +@@ -27,7 +27,7 @@ use OpenSSL::config; + my $orig_death_handler = $SIG{__DIE__}; + $SIG{__DIE__} = \&death_handler; + +-my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; ++my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; + + my $banner = <<"EOF"; + +@@ -61,6 +61,10 @@ EOF + # given with --prefix. + # This becomes the value of OPENSSLDIR in Makefile and in C. + # (Default: PREFIX/ssl) ++# ++# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM ++# cipher is specified (default). ++# + # --banner=".." Output specified text instead of default completion banner + # + # --cross-compile-prefix Add specified prefix to binutils components. +@@ -385,6 +389,7 @@ $config{prefix}=""; + $config{openssldir}=""; + $config{processor}=""; + $config{libdir}=""; ++$config{system_ciphers_file}=""; + my $auto_threads=1; # enable threads automatically? true by default + my $default_ranlib; + +@@ -987,6 +992,10 @@ while (@argvcopy) + die "FIPS key too long (64 bytes max)\n" + if length $1 > 64; + } ++ elsif (/^--system-ciphers-file=(.*)$/) ++ { ++ $config{system_ciphers_file}=$1; ++ } + elsif (/^--banner=(.*)$/) + { + $banner = $1 . "\n"; diff --git a/0008-Add-FIPS_mode-compatibility-macro.patch b/0008-Add-FIPS_mode-compatibility-macro.patch index 5f953d2..0fac4eb 100644 --- a/0008-Add-FIPS_mode-compatibility-macro.patch +++ b/0008-Add-FIPS_mode-compatibility-macro.patch @@ -17,9 +17,9 @@ index 1036da9a2b..9d4896fcaf 100644 --- a/include/openssl/crypto.h.in +++ b/include/openssl/crypto.h.in @@ -38,6 +38,7 @@ use OpenSSL::stackhash qw(generate_stack_macros); - # include # include # include + # include +# include # ifdef CHARSET_EBCDIC @@ -55,11 +55,10 @@ index 0000000000..c64f0f8e8f +} +# endif +#endif -diff --git a/test/property_test.c b/test/property_test.c -index ab61d01107..1cedc85f78 100644 ---- a/test/property_test.c -+++ b/test/property_test.c -@@ -412,6 +412,18 @@ err: +diff -up openssl-3.0.0-beta1/test/property_test.c.fips-macro openssl-3.0.0-beta1/test/property_test.c +--- openssl-3.0.0-beta1/test/property_test.c.fips-macro 2021-06-29 12:14:58.851557698 +0200 ++++ openssl-3.0.0-beta1/test/property_test.c 2021-06-29 12:17:14.630143832 +0200 +@@ -488,6 +488,18 @@ static int test_property_list_to_string( return ret; } @@ -75,16 +74,14 @@ index ab61d01107..1cedc85f78 100644 + return ret; +} + - int setup_tests(void) { -@@ -424,5 +436,6 @@ int setup_tests(void) + ADD_TEST(test_property_string); +@@ -500,6 +512,7 @@ int setup_tests(void) ADD_TEST(test_property); ADD_TEST(test_query_cache_stochastic); ADD_TEST(test_fips_mode); + ADD_TEST(test_downstream_FIPS_mode); + ADD_ALL_TESTS(test_property_list_to_string, OSSL_NELEM(to_string_tests)); return 1; } --- -2.26.2 - diff --git a/0009-Add-Kernel-FIPS-mode-flag-support.patch b/0009-Add-Kernel-FIPS-mode-flag-support.patch index 95a32a9..ed997db 100644 --- a/0009-Add-Kernel-FIPS-mode-flag-support.patch +++ b/0009-Add-Kernel-FIPS-mode-flag-support.patch @@ -2,8 +2,8 @@ diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha1 --- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100 +++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100 @@ -12,11 +12,54 @@ - #include "internal/core.h" #include "internal/bio.h" + #include "internal/provider.h" +#ifndef FIPS_MODULE +# include diff --git a/0010-Avoid-sending-alert-after-shutdown.patch b/0010-Avoid-sending-alert-after-shutdown.patch deleted file mode 100644 index 1d2b6cb..0000000 --- a/0010-Avoid-sending-alert-after-shutdown.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openssl-3.0.0-alpha16/ssl/s3_msg.c.shut-down openssl-3.0.0-alpha16/ssl/s3_msg.c ---- openssl-3.0.0-alpha16/ssl/s3_msg.c.shut-down 2021-05-17 11:11:11.050702699 +0200 -+++ openssl-3.0.0-alpha16/ssl/s3_msg.c 2021-05-17 11:12:37.741526784 +0200 -@@ -52,6 +52,8 @@ int ssl3_send_alert(SSL *s, int level, i - * protocol_version alerts */ - if (desc < 0) - return -1; -+ if (s->shutdown & SSL_SENT_SHUTDOWN && desc != SSL_AD_CLOSE_NOTIFY) -+ return -1; - /* If a fatal one, remove from cache */ - if ((level == SSL3_AL_FATAL) && (s->session != NULL)) - SSL_CTX_remove_session(s->session_ctx, s->session); diff --git a/0011-Remove-EC-curves.patch b/0011-Remove-EC-curves.patch index 18cc3a1..51c9d23 100644 --- a/0011-Remove-EC-curves.patch +++ b/0011-Remove-EC-curves.patch @@ -540,7 +540,7 @@ diff -up openssl-3.0.0-alpha13/crypto/evp/ec_support.c.ec-curves openssl-3.0.0-a - {"SM2", NID_sm2 }, }; - const char *ossl_ec_curve_nid2name(int nid) + const char *OSSL_EC_curve_nid2name(int nid) diff -up openssl-3.0.0-alpha13/test/acvp_test.inc.ec-curves openssl-3.0.0-alpha13/test/acvp_test.inc --- openssl-3.0.0-alpha13/test/acvp_test.inc.ec-curves 2021-04-11 13:46:57.286828933 +0200 +++ openssl-3.0.0-alpha13/test/acvp_test.inc 2021-04-11 13:48:01.356704526 +0200 @@ -643,10 +643,47 @@ diff -up openssl-3.0.0-alpha16/test/evp_extra_test.c.ec-curves openssl-3.0.0-alp }; static int test_ecpub(int idx) -diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt ---- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec-curves 2021-05-17 09:51:31.697274957 +0200 -+++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt 2021-05-17 09:51:30.274262807 +0200 -@@ -11,1889 +11,6 @@ +diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt +--- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt.ec-curves 2021-05-17 10:45:03.968368782 +0200 ++++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt 2021-05-17 10:45:54.211747865 +0200 +@@ -31,12 +31,6 @@ MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUP + x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ== + -----END PUBLIC KEY----- + +-PublicKey=KAS-ECC-CDH_K-163_C0-PUBLIC +------BEGIN PUBLIC KEY----- +-MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBx+LKHfWAn2cGt5CRPLeoSaS7yPVBcFe +-53YiHHK4SzR844PzgGe4nD6a +------END PUBLIC KEY----- +- + PrivateKey = RSA-2048 + -----BEGIN PRIVATE KEY----- + MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNAIHqeyrh6gbV +@@ -77,9 +71,3 @@ Result = KEYPAIR_TYPE_MISMATCH + + PrivPubKeyPair = RSA-2048:P-256-PUBLIC + Result = KEYPAIR_TYPE_MISMATCH +- +-PrivPubKeyPair = RSA-2048:KAS-ECC-CDH_K-163_C0-PUBLIC +-Result = KEYPAIR_TYPE_MISMATCH +- +-PrivPubKeyPair = Alice-25519:KAS-ECC-CDH_K-163_C0-PUBLIC +-Result = KEYPAIR_TYPE_MISMATCH +diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp.t.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp.t +--- openssl-3.0.0-alpha16/test/recipes/30-test_evp.t.ec-curves 2021-05-17 10:49:28.050844977 +0200 ++++ openssl-3.0.0-alpha16/test/recipes/30-test_evp.t 2021-05-17 10:53:53.480444576 +0200 +@@ -111,7 +111,6 @@ my @defltfiles = qw( + evppkey_kdf_tls1_prf.txt + evppkey_rsa.txt + ); +-push @defltfiles, qw(evppkey_brainpool.txt) unless $no_ec; + push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2; + + plan tests => +diff -up openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt.remove-ec openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt +--- openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt.remove-ec 2021-06-29 16:24:56.863303499 +0200 ++++ openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt 2021-06-29 16:38:04.189996425 +0200 +@@ -11,1949 +11,6 @@ # PrivPubKeyPair Sign Verify VerifyRecover # and continue until a blank line. Lines starting with a pound sign are ignored. @@ -663,6 +700,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -4G8rKQXbrc0mvWsF ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2pnb163v1:ALICE_cf_c2pnb163v1_PUB - -PrivateKey=BOB_cf_c2pnb163v1 @@ -676,6 +714,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -KuBh8tP8VSTHPCHF ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2pnb163v1:BOB_cf_c2pnb163v1_PUB - -# ECDH Alice with Bob peer @@ -739,6 +778,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -4PzawHXQoYm/qgDd ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2pnb163v2:ALICE_cf_c2pnb163v2_PUB - -PrivateKey=BOB_cf_c2pnb163v2 @@ -752,6 +792,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -kBF3juAQuARgxuT6 ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2pnb163v2:BOB_cf_c2pnb163v2_PUB - -# ECDH Alice with Bob peer @@ -815,6 +856,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -YnObLnq34LRuWznb ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2pnb163v3:ALICE_cf_c2pnb163v3_PUB - -PrivateKey=BOB_cf_c2pnb163v3 @@ -828,6 +870,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -DZnBLhxBwtqnfUpA ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2pnb163v3:BOB_cf_c2pnb163v3_PUB - -# ECDH Alice with Bob peer @@ -891,6 +934,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -iw3girDLhNzOu3IQ8Ac= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2pnb176v1:ALICE_cf_c2pnb176v1_PUB - -PrivateKey=BOB_cf_c2pnb176v1 @@ -904,6 +948,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -uMtp6pzy63rCEK53bgs= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2pnb176v1:BOB_cf_c2pnb176v1_PUB - -# ECDH Alice with Bob peer @@ -968,6 +1013,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -Yj3+Btcne4CPWf8KvfGjAdMs6JKP4A== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2pnb208w1:ALICE_cf_c2pnb208w1_PUB - -PrivateKey=BOB_cf_c2pnb208w1 @@ -982,6 +1028,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -cl9FTi/JJznwC+RNgwVfJ1WKJun1YA== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2pnb208w1:BOB_cf_c2pnb208w1_PUB - -# ECDH Alice with Bob peer @@ -1046,6 +1093,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -DzG68r3EMLZkOfE1+g04MN7HgY7zt3jMYb8ImyLRmvqR2abjs6c= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2pnb272w1:ALICE_cf_c2pnb272w1_PUB - -PrivateKey=BOB_cf_c2pnb272w1 @@ -1060,6 +1108,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -cUlDmcxL7vIXdx9hB4OmQBYbm+YLDNfTFGAIlDfr2tELpVVPWPo= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2pnb272w1:BOB_cf_c2pnb272w1_PUB - -# ECDH Alice with Bob peer @@ -1124,6 +1173,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -iXBlfQ7U4g+iRR/kmu2RlwwOHgNNL+mWcvLkFfS8Kr4jzv1EY1Ecx96n21l0YQ== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2pnb304w1:ALICE_cf_c2pnb304w1_PUB - -PrivateKey=BOB_cf_c2pnb304w1 @@ -1138,6 +1188,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -kAOUO2P/Q/H+uelM3VVwxeu6A1kaX7K0UZpNa96NRBwI4aevc+vOxCgYkGt9BA== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2pnb304w1:BOB_cf_c2pnb304w1_PUB - -# ECDH Alice with Bob peer @@ -1203,6 +1254,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -3makbwQ= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2pnb368w1:ALICE_cf_c2pnb368w1_PUB - -PrivateKey=BOB_cf_c2pnb368w1 @@ -1218,6 +1270,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -gqfRaOs= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2pnb368w1:BOB_cf_c2pnb368w1_PUB - -# ECDH Alice with Bob peer @@ -1283,6 +1336,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -7lRimqLWHPyvKgcP+PRCIUom ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2tnb191v1:ALICE_cf_c2tnb191v1_PUB - -PrivateKey=BOB_cf_c2tnb191v1 @@ -1297,6 +1351,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -adqalcB6SIWOfoJReDLcpxAD ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2tnb191v1:BOB_cf_c2tnb191v1_PUB - -# ECDH Alice with Bob peer @@ -1361,6 +1416,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -UVvJT/Jv9m462J6Iz1XOohhP ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2tnb191v2:ALICE_cf_c2tnb191v2_PUB - -PrivateKey=BOB_cf_c2tnb191v2 @@ -1375,6 +1431,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -JBIoz1RNNXTcgdpguLcrvcPJ ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2tnb191v2:BOB_cf_c2tnb191v2_PUB - -# ECDH Alice with Bob peer @@ -1439,6 +1496,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -HWsGvDE2HC+6pL2BMl3MRCty ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2tnb191v3:ALICE_cf_c2tnb191v3_PUB - -PrivateKey=BOB_cf_c2tnb191v3 @@ -1453,6 +1511,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -QFIb5QwXAdbg2tEOl7yj9qkk ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2tnb191v3:BOB_cf_c2tnb191v3_PUB - -# ECDH Alice with Bob peer @@ -1517,6 +1576,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -dVL8PvBXgixk2tKfyY1xUVebcEVlgdZP1pN1Xyvi ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2tnb239v1:ALICE_cf_c2tnb239v1_PUB - -PrivateKey=BOB_cf_c2tnb239v1 @@ -1531,6 +1591,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -G77/MY5z1oQegqImBog645vtPWI8lZd1zcl6QYRS ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2tnb239v1:BOB_cf_c2tnb239v1_PUB - -# ECDH Alice with Bob peer @@ -1595,6 +1656,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -VnKA9mZKwPLWhnMJcLyzarIzc/6/UcfYGNmTyUlG ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2tnb239v2:ALICE_cf_c2tnb239v2_PUB - -PrivateKey=BOB_cf_c2tnb239v2 @@ -1609,6 +1671,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -N7yBxBmWjeclHhnXIzfc4qM4qf9n3KzMSXejPVYg ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2tnb239v2:BOB_cf_c2tnb239v2_PUB - -# ECDH Alice with Bob peer @@ -1673,6 +1736,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -H33ewqcI9ZLtpvuR8P8hgRNUTXlh1GWgrB6F21Eo ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2tnb239v3:ALICE_cf_c2tnb239v3_PUB - -PrivateKey=BOB_cf_c2tnb239v3 @@ -1687,6 +1751,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -BC10zUyppoSOAr0eX4pHAkDUF1m/KGoJa7QcJJww ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2tnb239v3:BOB_cf_c2tnb239v3_PUB - -# ECDH Alice with Bob peer @@ -1752,6 +1817,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -fN3Y ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2tnb359v1:ALICE_cf_c2tnb359v1_PUB - -PrivateKey=BOB_cf_c2tnb359v1 @@ -1767,6 +1833,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -R8fe ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2tnb359v1:BOB_cf_c2tnb359v1_PUB - -# ECDH Alice with Bob peer @@ -1833,6 +1900,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -7VQJLEsBpJ/WUonwMJXknjgfONP7GA== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_c2tnb431r1:ALICE_cf_c2tnb431r1_PUB - -PrivateKey=BOB_cf_c2tnb431r1 @@ -1848,6 +1916,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -8Cg6YpgbK314SK5STziqoZwzEISJ9w== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_c2tnb431r1:BOB_cf_c2tnb431r1_PUB - -# ECDH Alice with Bob peer @@ -1913,6 +1982,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -g5IzsS/XMJzifjCJZgNsb7mi ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_prime192v2:ALICE_cf_prime192v2_PUB - -PrivateKey=BOB_cf_prime192v2 @@ -1927,6 +1997,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -Y6OU1aHkkspZTC1uUVWjchy5 ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_prime192v2:BOB_cf_prime192v2_PUB - -# ECDH Alice with Bob peer @@ -1955,6 +2026,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MsDRFCB6/h8TcCUFuospu5l0 ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_prime192v3:ALICE_cf_prime192v3_PUB - -PrivateKey=BOB_cf_prime192v3 @@ -1969,6 +2041,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -vMWAgEeLhzar86BUlS7dZwS7 ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_prime192v3:BOB_cf_prime192v3_PUB - -# ECDH Alice with Bob peer @@ -1997,6 +2070,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -RXqBUM5Xea+Qk2SKIpWcogxr2zFeQyeLj2bQysuo ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_prime239v1:ALICE_cf_prime239v1_PUB - -PrivateKey=BOB_cf_prime239v1 @@ -2011,6 +2085,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -L2U4hkT6xUeRu9QC4KOz7KUVH+nBbQASL4XQg/3C ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_prime239v1:BOB_cf_prime239v1_PUB - -# ECDH Alice with Bob peer @@ -2039,6 +2114,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -CWjdVsXebgAZbqQwf0h9QWcIgM7K7ODdW5kCuZ1G ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_prime239v2:ALICE_cf_prime239v2_PUB - -PrivateKey=BOB_cf_prime239v2 @@ -2053,6 +2129,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -dcJ8a9a+mAQKhb1OZVEq1n4nQsgRiI1rPxugVERM ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_prime239v2:BOB_cf_prime239v2_PUB - -# ECDH Alice with Bob peer @@ -2081,6 +2158,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -GLpzZLteJN9vZjN7ouNpMxLVUFQxTOwpsvUw86Lk ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_prime239v3:ALICE_cf_prime239v3_PUB - -PrivateKey=BOB_cf_prime239v3 @@ -2095,6 +2173,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -LaIWdsNM7GJVP9xpdSwm/L+Dip/oH4E59f3SiOAd ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_prime239v3:BOB_cf_prime239v3_PUB - -# ECDH Alice with Bob peer @@ -2121,6 +2200,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEYIawfjH3qRrJJWwuG3Ys5ZhDJsmdWi34aHgKAA== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_secp112r1:ALICE_cf_secp112r1_PUB - -PrivateKey=BOB_cf_secp112r1 @@ -2133,6 +2213,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEchh3iQdPN1rrzrpdZRQ95G6tvdwEBQ+gfu1tvA== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_secp112r1:BOB_cf_secp112r1_PUB - -# ECDH Alice with Bob peer @@ -2159,6 +2240,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEHK9uNAILHBmPZdKKh79/nzYE0HbvC//rA7i0Xw== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_secp112r2:ALICE_cf_secp112r2_PUB - -PrivateKey=BOB_cf_secp112r2 @@ -2171,6 +2253,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEUzBLNQupqUpGgmZl9JVjKBpwusl52rFg5OVFJA== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_secp112r2:BOB_cf_secp112r2_PUB - -# ECDH Alice with Bob peer @@ -2232,6 +2315,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAEG0XMAdrAZOPUW6L9ADU8XK8sZr7dtIcDinSWU1zSV9s= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_secp128r1:ALICE_cf_secp128r1_PUB - -PrivateKey=BOB_cf_secp128r1 @@ -2244,6 +2328,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAE82nknsOS+u8mybP0KJqQhvm83gbPNTZOcvm0ZDVR5sU= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_secp128r1:BOB_cf_secp128r1_PUB - -# ECDH Alice with Bob peer @@ -2270,6 +2355,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEOKiPRGtZXwxmvTr35NmUkNsAGGk9RKNA4D5BE9ZrjZQ= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_secp128r2:ALICE_cf_secp128r2_PUB - -PrivateKey=BOB_cf_secp128r2 @@ -2282,6 +2368,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAELph7h27BYjIINC2EddcpIOxKbdz8Xe7h3Az1ZuR9bAI= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_secp128r2:BOB_cf_secp128r2_PUB - -# ECDH Alice with Bob peer @@ -2344,6 +2431,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -EvqPyLS64w== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_secp160k1:ALICE_cf_secp160k1_PUB - -PrivateKey=BOB_cf_secp160k1 @@ -2357,6 +2445,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -bxT/CqEkyw== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_secp160k1:BOB_cf_secp160k1_PUB - -# ECDH Alice with Bob peer @@ -2384,6 +2473,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -OoNj/A+W9w== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_secp160r1:ALICE_cf_secp160r1_PUB - -PrivateKey=BOB_cf_secp160r1 @@ -2397,6 +2487,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -Jwy17FaNNg== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_secp160r1:BOB_cf_secp160r1_PUB - -# ECDH Alice with Bob peer @@ -2424,6 +2515,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -mSqCCA6gUw== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_secp160r2:ALICE_cf_secp160r2_PUB - -PrivateKey=BOB_cf_secp160r2 @@ -2437,6 +2529,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -nN+SfWr6aQ== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_secp160r2:BOB_cf_secp160r2_PUB - -# ECDH Alice with Bob peer @@ -2464,6 +2557,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -6EAu7gVvYDTpnRkymKyH ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_secp192k1:ALICE_cf_secp192k1_PUB - -PrivateKey=BOB_cf_secp192k1 @@ -2477,6 +2571,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -OZ2oFMP0Kfcr7HbI7a5j ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_secp192k1:BOB_cf_secp192k1_PUB - -# ECDH Alice with Bob peer @@ -2505,6 +2600,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -e3m7uC92ZQhduF9lJli4dXD5en/1wkE= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_secp224k1:ALICE_cf_secp224k1_PUB - -PrivateKey=BOB_cf_secp224k1 @@ -2519,6 +2615,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -KpJM5sGILrTkkgxqtt5pBeYE1NC1QUQ= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_secp224k1:BOB_cf_secp224k1_PUB - -# ECDH Alice with Bob peer @@ -2536,7 +2633,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- Title=secp256k1 curve tests PrivateKey=ALICE_cf_secp256k1 -@@ -1936,1374 +53,8 @@ Derive=BOB_cf_secp256k1 +@@ -1998,1323 +55,6 @@ Derive=BOB_cf_secp256k1 PeerKey=ALICE_cf_secp256k1_PUB SharedSecret=a4745cc4d19cabb9e5cb0abdd5c604cab2846a4638ad844ed9175f3cadda2da1 @@ -2552,6 +2649,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEASO9jcamlg1pRE7JffrTAe9kyRZO2xrymHXoGdnA ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_sect113r1:ALICE_cf_sect113r1_PUB - -PrivateKey=BOB_cf_sect113r1 @@ -2564,6 +2662,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEATykaf/cvJzLOUto1EbbAEz/3++nut6q0dcJOQeV ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_sect113r1:BOB_cf_sect113r1_PUB - -# ECDH Alice with Bob peer @@ -2625,6 +2724,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAFvQ4JgQTS8kjGeVfuITAS81qNcOQvt3PYa1HuCk ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_sect113r2:ALICE_cf_sect113r2_PUB - -PrivateKey=BOB_cf_sect113r2 @@ -2637,6 +2737,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAUoS3of8y28meYu/NoI5AVdhJZCuDjMqFHTriWY4 ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_sect113r2:BOB_cf_sect113r2_PUB - -# ECDH Alice with Bob peer @@ -2699,6 +2800,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -Ag== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_sect131r1:ALICE_cf_sect131r1_PUB - -PrivateKey=BOB_cf_sect131r1 @@ -2712,6 +2814,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -5A== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_sect131r1:BOB_cf_sect131r1_PUB - -# ECDH Alice with Bob peer @@ -2775,6 +2878,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -dw== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_sect131r2:ALICE_cf_sect131r2_PUB - -PrivateKey=BOB_cf_sect131r2 @@ -2788,6 +2892,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -pA== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_sect131r2:BOB_cf_sect131r2_PUB - -# ECDH Alice with Bob peer @@ -2851,6 +2956,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -sbtEXluCzANF ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_sect163r1:ALICE_cf_sect163r1_PUB - -PrivateKey=BOB_cf_sect163r1 @@ -2864,6 +2970,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -9FHWU5LC5pDM ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_sect163r1:BOB_cf_sect163r1_PUB - -# ECDH Alice with Bob peer @@ -2927,6 +3034,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -1TYShZZgBr0R6a5dUGCbiF0= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_sect193r1:ALICE_cf_sect193r1_PUB - -PrivateKey=BOB_cf_sect193r1 @@ -2940,6 +3048,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -f40zok8PJS6ratIcZwk/n20= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_sect193r1:BOB_cf_sect193r1_PUB - -# ECDH Alice with Bob peer @@ -3003,6 +3112,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -kJ+Tit6e4RpgkB/dph4V+uI= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_sect193r2:ALICE_cf_sect193r2_PUB - -PrivateKey=BOB_cf_sect193r2 @@ -3016,6 +3126,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -xiDevOQ/xE9SpMX25W7YqkU= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_sect193r2:BOB_cf_sect193r2_PUB - -# ECDH Alice with Bob peer @@ -3080,6 +3191,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -lUr6tOU4BsiUQJACF90rQ9/KdeR5mYvYHzvI ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_sect239k1:ALICE_cf_sect239k1_PUB - -PrivateKey=BOB_cf_sect239k1 @@ -3094,6 +3206,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -TcbhfE6ziXM8sekQJBwcwRKQ9+G/Qzq/2A9x ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_sect239k1:BOB_cf_sect239k1_PUB - -# ECDH Alice with Bob peer @@ -3158,6 +3271,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -/ShvunNyndjCt3Qaq8sulBM0nUyERSDakyD+ ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls10:ALICE_cf_wap-wsg-idm-ecid-wtls10_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls10 @@ -3172,6 +3286,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -IJ4IiIGj18rCFBap1sgVbpXjhEBLYg6Itwv2 ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls10:BOB_cf_wap-wsg-idm-ecid-wtls10_PUB - -# ECDH Alice with Bob peer @@ -3236,6 +3351,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -zTCX9elzXpck+u22bnmkuvL2A8XKB5+fabMR ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls11:ALICE_cf_wap-wsg-idm-ecid-wtls11_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls11 @@ -3250,6 +3366,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -ehdIgJyruc3KsH0RFlipu5QD8pnGSIXvif19 ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls11:BOB_cf_wap-wsg-idm-ecid-wtls11_PUB - -# ECDH Alice with Bob peer @@ -3314,6 +3431,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -bqn5udrckL6s3stwCTVFaZUfY2qS9QE= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls12:ALICE_cf_wap-wsg-idm-ecid-wtls12_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls12 @@ -3328,6 +3446,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -+xsOK9/QB7hzipq9cXx1K/dXu58EoSY= ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls12:BOB_cf_wap-wsg-idm-ecid-wtls12_PUB - -# ECDH Alice with Bob peer @@ -3354,6 +3473,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEACBNPI48xxsPVQBy07jRAAcWzbIkMo8BQotxpfGJ ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls1:ALICE_cf_wap-wsg-idm-ecid-wtls1_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls1 @@ -3366,6 +3486,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAEeHMSBTx/EtOu+bjBinALHSkQuJyiP3mg1tu+I2 ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls1:BOB_cf_wap-wsg-idm-ecid-wtls1_PUB - -# ECDH Alice with Bob peer @@ -3428,6 +3549,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -01f8oGBuXMQH ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls3:ALICE_cf_wap-wsg-idm-ecid-wtls3_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls3 @@ -3441,6 +3563,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -hlBUf5kmG4Yn ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls3:BOB_cf_wap-wsg-idm-ecid-wtls3_PUB - -# ECDH Alice with Bob peer @@ -3503,6 +3626,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAW3K4Mus5+KAJVGLzEYrAYuCJSEYXFTo17aW0TwN ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls4:ALICE_cf_wap-wsg-idm-ecid-wtls4_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls4 @@ -3515,6 +3639,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAI0F7ixGqOhnYpsuR80nAdTdSXM+YbcUbLe/U/xG ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls4:BOB_cf_wap-wsg-idm-ecid-wtls4_PUB - -# ECDH Alice with Bob peer @@ -3577,6 +3702,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -uFzn9fPvIDe6 ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls5:ALICE_cf_wap-wsg-idm-ecid-wtls5_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls5 @@ -3590,6 +3716,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -jdoMGRgUuJmO ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls5:BOB_cf_wap-wsg-idm-ecid-wtls5_PUB - -# ECDH Alice with Bob peer @@ -3652,6 +3779,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAERPw/8Ip/RrXr0gMgLGRQeiQ4Qd6W+Li0ylGKzg== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls6:ALICE_cf_wap-wsg-idm-ecid-wtls6_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls6 @@ -3664,6 +3792,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAEhJXqpYGxE/l1X/LiBeyRbIcyzqPxUP5Tkv3U3w== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls6:BOB_cf_wap-wsg-idm-ecid-wtls6_PUB - -# ECDH Alice with Bob peer @@ -3691,6 +3820,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -feGY4CNH0w== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls7:ALICE_cf_wap-wsg-idm-ecid-wtls7_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls7 @@ -3704,6 +3834,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -QneRu3xwPA== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls7:BOB_cf_wap-wsg-idm-ecid-wtls7_PUB - -# ECDH Alice with Bob peer @@ -3730,6 +3861,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAEJD0h4HEfchwxqhp9eMHh9gczQKHX4MtWVoAxKQ== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls8:ALICE_cf_wap-wsg-idm-ecid-wtls8_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls8 @@ -3742,6 +3874,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAEZawmRmzr9P+jihImUi6ykOzaSH484JhMKNdrgw== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls8:BOB_cf_wap-wsg-idm-ecid-wtls8_PUB - -# ECDH Alice with Bob peer @@ -3769,6 +3902,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -DB/RYdZuUg== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls9:ALICE_cf_wap-wsg-idm-ecid-wtls9_PUB - -PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls9 @@ -3782,6 +3916,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -a3EVJ9yK1A== ------END PUBLIC KEY----- - +-Availablein = default -PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls9:BOB_cf_wap-wsg-idm-ecid-wtls9_PUB - -# ECDH Alice with Bob peer @@ -3798,8 +3933,8 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- - -# tests: 484 - - Title=zero x-coord regression tests - +-Title=zero x-coord regression tests +- -PrivateKey=ALICE_zero_prime192v1 ------BEGIN PRIVATE KEY----- -MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhaPNk8jG5hSG6y8tUqUoOaNNsZ3APU @@ -3819,99 +3954,10 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -SharedSecret=baaffd49a8399d2ad52cbbe24d47b67afb4b3cf436f1cd65 - -PrivateKey=ALICE_zero_prime192v2 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBj1AIQMJ7jqYIKCvxYAS+qKMmKmH0to --41k= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime192v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Gj7Qqt --2wx/jwFlKgvE4rnd50LspdMk -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime192v2 --PeerKey=BOB_zero_prime192v2_PUB --SharedSecret=b8f200a4b87064f2e8600685ca3e69b8e661a117aabc770b -- --PrivateKey=ALICE_zero_prime192v3 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEHzAdAgEBBBh/maLQMSlea9BfLqGy5NPuK0YAH/cz --GqI= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime192v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZEzb63e2 --3MKatRLR9Y1M5JEdI9jwMocI -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime192v3 --PeerKey=BOB_zero_prime192v3_PUB --SharedSecret=b5de857d355bc5b9e270a4c290ea9728d764d8b243ff5d8d -- --PrivateKey=ALICE_zero_prime239v1 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQQEJTAjAgEBBB5pYWzRYI+c6O7NXCt0H2kw8XRL3rhe --4MrJT8j++CI= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --Ox02uwNNLFuvDRn5ip8TxvW0W22R7UzJa9Av6/nh -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime239v1 --PeerKey=BOB_zero_prime239v1_PUB --SharedSecret=6b6206408bd05d42daa2cd224c401a1230b44e184f17b82f385f22dac215 -- --PrivateKey=ALICE_zero_prime239v2 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQUEJTAjAgEBBB5l8bB7Cpmr7vyx9FiOT2wEF3YOFbDG --bmRr3Vi/xr4= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --IOg3VJGQ89d1GWg4Igxcj5xpDmJiP8tv+e4mxt5U -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime239v2 --PeerKey=BOB_zero_prime239v2_PUB --SharedSecret=772c2819c960c78f28f21f6542b7409294fad1f84567c44c4b7678dc0e42 -- --PrivateKey=ALICE_zero_prime239v3 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQYEJTAjAgEBBB5HF5FABzUOTYMZg9UdZTx/oRERm/fU --M/+otKzpLjA= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AsZ4u6r3qQI78EYBpiSgWjqNpoeShjr5piecMBWj -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime239v3 --PeerKey=BOB_zero_prime239v3_PUB --SharedSecret=56a71f5dd1611e8032c3e2d8224d86e5e8c2fc6480d74c0e282282decd43 -- - PrivateKey=ALICE_zero_prime256v1 -----BEGIN PRIVATE KEY----- - MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDXhMb6aR4JR2+l2tmgYqP0r8S4jtym -@@ -3322,72 +73,6 @@ Derive=ALICE_zero_prime256v1 + MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBj1AIQMJ7jqYIKCvxYAS+qKMmKmH0to + 41k= +@@ -3422,72 +162,6 @@ Derive=ALICE_zero_prime256v1 PeerKey=BOB_zero_prime256v1_PUB SharedSecret=c4f5607deb8501f1a4ba23fce4122a4343a17ada2c86a9c8e0d03d92d4a4c84c @@ -3984,7 +4030,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- PrivateKey=ALICE_zero_secp384r1 -----BEGIN PRIVATE KEY----- ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDD6kgzKbg28zbQyVTdC0IdHbm0UCQt2Rdbi -@@ -3426,76 +111,6 @@ Derive=ALICE_zero_secp521r1 +@@ -3526,76 +200,6 @@ Derive=ALICE_zero_secp521r1 PeerKey=BOB_zero_secp521r1_PUB SharedSecret=003fc3028f61db94b20c7cd177923b6e73f12f0ab067c9ce8866755e3c82abb39c9863cde74fa80b32520bd7dd0eb156c30c08911503b67b2661f1264d09bb231423 @@ -4061,7 +4107,7 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- Title=prime256v1 curve tests PrivateKey=ALICE_cf_prime256v1 -@@ -3659,743 +274,3 @@ SharedSecret=01dd4aa9037bb4ad298b420998d +@@ -3759,743 +363,3 @@ SharedSecret=01dd4aa9037bb4ad298b420998d Derive=BOB_cf_secp521r1 PeerKey=ALICE_cf_secp521r1_PUB SharedSecret=01dd4aa9037bb4ad298b420998dcd32b3a9af1cda8b7919e372aeb4e54ccfb4d2409a340ed896bfbc5dd462f8d96b8784bc17b29db3ca04700e6ec752f9bec777695 @@ -4805,11668 +4851,163 @@ diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecc.txt.ec- -Ctrl=ecdh_cofactor_mode:1 -Result=DERIVE_ERROR -Reason=point at infinity -diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp.t.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp.t -diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_brainpool.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_brainpool.txt -diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdh.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdh.txt ---- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdh.txt.ec-curves 2021-05-17 10:07:21.926937636 +0200 -+++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdh.txt 2021-05-17 10:24:29.899518477 +0200 -@@ -18,427 +18,6 @@ - - Title = ECDH tests (with random keys) +diff -up openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt.remove-ec openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt +--- openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt.remove-ec 2021-06-30 10:51:23.258816802 +0200 ++++ openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt 2021-06-30 11:25:33.504721672 +0200 +@@ -1,3 +1,4 @@ ++ + # + # Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. + # +@@ -55,151 +56,6 @@ Derive=BOB_cf_secp256k1 + PeerKey=ALICE_cf_secp256k1_PUB + SharedSecret=a4745cc4d19cabb9e5cb0abdd5c604cab2846a4638ad844ed9175f3cadda2da1 --# TEST CURVE secp112r1 -- --PrivateKey=ALICE_secp112r1 ------BEGIN PRIVATE KEY----- --ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAYENzA1AgEBBA6sqKp39AWLClus2ha5rqEg --Ax4ABJ4NTgOR1xQAr3M6eM46WqXW2zA6FnsUMKFFwcw= +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBj1AIQMJ7jqYIKCvxYAS+qKMmKmH0to +-41k= ------END PRIVATE KEY----- - --PublicKey=ALICE_secp112r1_PUB +-PublicKey=BOB_zero_prime192v2_PUB ------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEng1OA5HXFACvczp4zjpapdbbMDoWexQw --oUXBzA== +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Gj7Qqt +-2wx/jwFlKgvE4rnd50LspdMk ------END PUBLIC KEY----- - --PrivPubKeyPair = ALICE_secp112r1:ALICE_secp112r1_PUB -- +-# ECDH Alice with Bob peer +-Availablein = default +-Derive=ALICE_zero_prime192v2 +-PeerKey=BOB_zero_prime192v2_PUB +-SharedSecret=b8f200a4b87064f2e8600685ca3e69b8e661a117aabc770b - --PrivateKey=BOB_secp112r1 +-PrivateKey=ALICE_zero_prime192v3 ------BEGIN PRIVATE KEY----- --ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAYENzA1AgEBBA5pIbX+hEq49mFPjUl4/6Eg --Ax4ABBsPNZHm1pcdw104ibwIycCe+r5voeRfQUZRZ3c= +-MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEHzAdAgEBBBh/maLQMSlea9BfLqGy5NPuK0YAH/cz +-GqI= ------END PRIVATE KEY----- - --PublicKey=BOB_secp112r1_PUB +-PublicKey=BOB_zero_prime192v3_PUB ------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEGw81kebWlx3DXTiJvAjJwJ76vm+h5F9B --RlFndw== +-MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZEzb63e2 +-3MKatRLR9Y1M5JEdI9jwMocI ------END PUBLIC KEY----- - --PrivPubKeyPair = BOB_secp112r1:BOB_secp112r1_PUB -- -- -# ECDH Alice with Bob peer -Availablein = default --Derive=ALICE_secp112r1 --PeerKey=BOB_secp112r1_PUB --SharedSecret=a6cefb5aa7a352afe818749eb401 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_secp112r1 --PeerKey=ALICE_secp112r1_PUB --SharedSecret=a6cefb5aa7a352afe818749eb401 +-Derive=ALICE_zero_prime192v3 +-PeerKey=BOB_zero_prime192v3_PUB +-SharedSecret=b5de857d355bc5b9e270a4c290ea9728d764d8b243ff5d8d - --# TEST CURVE secp112r2 -- --PrivateKey=ALICE_secp112r2 -------BEGIN PRIVATE KEY----- --ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAcENzA1AgEBBA4gzzblKfE6ZwoUW0FQmaEg --Ax4ABJJ4L7Vo50NZ5VGZ4nNkxFNcjJQwDIQb1/9IkLE= -------END PRIVATE KEY----- -- --PublicKey=ALICE_secp112r2_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEkngvtWjnQ1nlUZnic2TEU1yMlDAMhBvX --/0iQsQ== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_secp112r2:ALICE_secp112r2_PUB -- -- --PrivateKey=BOB_secp112r2 -------BEGIN PRIVATE KEY----- --ME4CAQAwEAYHKoZIzj0CAQYFK4EEAAcENzA1AgEBBA4D9oGGj+O8vjZz3OZNaqEg --Ax4ABNZOv5gUzvVbgAHpTgu3hUhTQtB8LamTEIfaRWE= -------END PRIVATE KEY----- -- --PublicKey=BOB_secp112r2_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAE1k6/mBTO9VuAAelOC7eFSFNC0HwtqZMQ --h9pFYQ== -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_secp112r2:BOB_secp112r2_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_secp112r2 --PeerKey=BOB_secp112r2_PUB --SharedSecret=6bed2c55e233e9214d5898c4c12a -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_secp112r2 --PeerKey=ALICE_secp112r2_PUB --SharedSecret=6bed2c55e233e9214d5898c4c12a -- --# TEST CURVE secp128r1 -- --PrivateKey=ALICE_secp128r1 -------BEGIN PRIVATE KEY----- --MFQCAQAwEAYHKoZIzj0CAQYFK4EEABwEPTA7AgEBBBCP1c+lxfRT+MZWZ8uGCYYl --oSQDIgAEH2n0icp87inv7kUYrEFjpZuHJ4DqArhHS+Zfp2XXO1A= -------END PRIVATE KEY----- -- --PublicKey=ALICE_secp128r1_PUB -------BEGIN PUBLIC KEY----- --MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAEH2n0icp87inv7kUYrEFjpZuHJ4DqArhH --S+Zfp2XXO1A= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_secp128r1:ALICE_secp128r1_PUB -- -- --PrivateKey=BOB_secp128r1 -------BEGIN PRIVATE KEY----- --MFQCAQAwEAYHKoZIzj0CAQYFK4EEABwEPTA7AgEBBBCGbEd3Hhwr76XbQekhIrDT --oSQDIgAENKjS0HNx/gEKYQNNab9v8zlW/D4zSjv3Ny3Ep0GVYms= -------END PRIVATE KEY----- -- --PublicKey=BOB_secp128r1_PUB -------BEGIN PUBLIC KEY----- --MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAENKjS0HNx/gEKYQNNab9v8zlW/D4zSjv3 --Ny3Ep0GVYms= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_secp128r1:BOB_secp128r1_PUB -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_secp128r1 --PeerKey=BOB_secp128r1_PUB --SharedSecret=91ded46ac404afdbd708fdcc1cac6842 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_secp128r1 --PeerKey=ALICE_secp128r1_PUB --SharedSecret=91ded46ac404afdbd708fdcc1cac6842 -- --# TEST CURVE secp128r2 -- --PrivateKey=ALICE_secp128r2 -------BEGIN PRIVATE KEY----- --MFQCAQAwEAYHKoZIzj0CAQYFK4EEAB0EPTA7AgEBBBAgRKSjPsZ76LDGIA2it5SC --oSQDIgAEBVdjcUpR+b6LRPm6R8fAD/6kBxV0Kl3939Wn0+nUpf8= -------END PRIVATE KEY----- -- --PublicKey=ALICE_secp128r2_PUB -------BEGIN PUBLIC KEY----- --MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEBVdjcUpR+b6LRPm6R8fAD/6kBxV0Kl39 --39Wn0+nUpf8= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_secp128r2:ALICE_secp128r2_PUB -- -- --PrivateKey=BOB_secp128r2 +-PrivateKey=ALICE_zero_prime239v1 ------BEGIN PRIVATE KEY----- --MFQCAQAwEAYHKoZIzj0CAQYFK4EEAB0EPTA7AgEBBBACp00jw5D7obvDmJp7wDuA --oSQDIgAEBO3BbVrc5SvhvN+fmWShu2tWIFQap5ys5RHMCLLl098= +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQQEJTAjAgEBBB5pYWzRYI+c6O7NXCt0H2kw8XRL3rhe +-4MrJT8j++CI= ------END PRIVATE KEY----- - --PublicKey=BOB_secp128r2_PUB +-PublicKey=BOB_zero_prime239v1_PUB ------BEGIN PUBLIC KEY----- --MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEBO3BbVrc5SvhvN+fmWShu2tWIFQap5ys --5RHMCLLl098= +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-Ox02uwNNLFuvDRn5ip8TxvW0W22R7UzJa9Av6/nh ------END PUBLIC KEY----- - --PrivPubKeyPair = BOB_secp128r2:BOB_secp128r2_PUB -- -- -# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_secp128r2 --PeerKey=BOB_secp128r2_PUB --SharedSecret=dc32faa978008a694672076b756a1e4b -- --# ECDH Bob with Alice peer -- -Availablein = default --Derive=BOB_secp128r2 --PeerKey=ALICE_secp128r2_PUB --SharedSecret=dc32faa978008a694672076b756a1e4b -- --# TEST CURVE secp160k1 -- --PrivateKey=ALICE_secp160k1 -------BEGIN PRIVATE KEY----- --MGECAQAwEAYHKoZIzj0CAQYFK4EEAAkESjBIAgEBBBUAudN3YOXN0uu0CL2TGZdP --YeNU/72hLAMqAAR3Du0dK28tSyWxYSz/Es2Wqr4C+bNfJ1uiK4J3BFS5Udc48nsx --xfjj -------END PRIVATE KEY----- -- --PublicKey=ALICE_secp160k1_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAEdw7tHStvLUslsWEs/xLNlqq+AvmzXydb --oiuCdwRUuVHXOPJ7McX44w== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_secp160k1:ALICE_secp160k1_PUB -- +-Derive=ALICE_zero_prime239v1 +-PeerKey=BOB_zero_prime239v1_PUB +-SharedSecret=6b6206408bd05d42daa2cd224c401a1230b44e184f17b82f385f22dac215 - --PrivateKey=BOB_secp160k1 +-PrivateKey=ALICE_zero_prime239v2 ------BEGIN PRIVATE KEY----- --MGECAQAwEAYHKoZIzj0CAQYFK4EEAAkESjBIAgEBBBUA5fNiCFVGPM1aHuwXUvuh --xoY2yU+hLAMqAAQHlM6otmapt0/0sc+5bcPoYT6cfyARv4VUOOo6I2eBGXLIm812 --1ric +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQUEJTAjAgEBBB5l8bB7Cpmr7vyx9FiOT2wEF3YOFbDG +-bmRr3Vi/xr4= ------END PRIVATE KEY----- - --PublicKey=BOB_secp160k1_PUB +-PublicKey=BOB_zero_prime239v2_PUB ------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAEB5TOqLZmqbdP9LHPuW3D6GE+nH8gEb+F --VDjqOiNngRlyyJvNdta4nA== +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-IOg3VJGQ89d1GWg4Igxcj5xpDmJiP8tv+e4mxt5U ------END PUBLIC KEY----- - --PrivPubKeyPair = BOB_secp160k1:BOB_secp160k1_PUB -- -- -# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_secp160k1 --PeerKey=BOB_secp160k1_PUB --SharedSecret=5457d367346cc3e82031784f95ebcd856de0c735 -- --# ECDH Bob with Alice peer -- -Availablein = default --Derive=BOB_secp160k1 --PeerKey=ALICE_secp160k1_PUB --SharedSecret=5457d367346cc3e82031784f95ebcd856de0c735 -- --# TEST CURVE secp160r1 -- --PrivateKey=ALICE_secp160r1 -------BEGIN PRIVATE KEY----- --MGECAQAwEAYHKoZIzj0CAQYFK4EEAAgESjBIAgEBBBUA0KDtaiFUWd8NG0lO9TLu --zjLWXJehLAMqAASHQN1DGBXtdyF3+BjfIfbWg403dUqXbIXzZoctDyOPTQaGVblm --SwXC -------END PRIVATE KEY----- -- --PublicKey=ALICE_secp160r1_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEh0DdQxgV7Xchd/gY3yH21oONN3VKl2yF --82aHLQ8jj00GhlW5ZksFwg== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_secp160r1:ALICE_secp160r1_PUB -- +-Derive=ALICE_zero_prime239v2 +-PeerKey=BOB_zero_prime239v2_PUB +-SharedSecret=772c2819c960c78f28f21f6542b7409294fad1f84567c44c4b7678dc0e42 - --PrivateKey=BOB_secp160r1 +-PrivateKey=ALICE_zero_prime239v3 ------BEGIN PRIVATE KEY----- --MGECAQAwEAYHKoZIzj0CAQYFK4EEAAgESjBIAgEBBBUAsBIwvx6ZABinhsi+bGai --CvetiuWhLAMqAAQJ2+RhpGedkUYXUiPZ/plHXFBy6R3XzMUGIKiXFGSBpwF8hGRN --qUDy +-MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQYEJTAjAgEBBB5HF5FABzUOTYMZg9UdZTx/oRERm/fU +-M/+otKzpLjA= ------END PRIVATE KEY----- - --PublicKey=BOB_secp160r1_PUB +-PublicKey=BOB_zero_prime239v3_PUB ------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAECdvkYaRnnZFGF1Ij2f6ZR1xQcukd18zF --BiColxRkgacBfIRkTalA8g== +-MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AsZ4u6r3qQI78EYBpiSgWjqNpoeShjr5piecMBWj ------END PUBLIC KEY----- - --PrivPubKeyPair = BOB_secp160r1:BOB_secp160r1_PUB -- -- -# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_secp160r1 --PeerKey=BOB_secp160r1_PUB --SharedSecret=87856536b6a295ea94d3e483d69c6212d5c7afcf -- --# ECDH Bob with Alice peer -- -Availablein = default --Derive=BOB_secp160r1 --PeerKey=ALICE_secp160r1_PUB --SharedSecret=87856536b6a295ea94d3e483d69c6212d5c7afcf -- --# TEST CURVE secp160r2 -- --PrivateKey=ALICE_secp160r2 -------BEGIN PRIVATE KEY----- --MGECAQAwEAYHKoZIzj0CAQYFK4EEAB4ESjBIAgEBBBUAhmLOAJGNuSoZUCN4f0On --LZ6rRSShLAMqAAQPSNvhJQohMEfijXq+Jlq7a9lzosQfPvuIyOg6shyzUVS43R+7 --Lgr5 -------END PRIVATE KEY----- -- --PublicKey=ALICE_secp160r2_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAED0jb4SUKITBH4o16viZau2vZc6LEHz77 --iMjoOrIcs1FUuN0fuy4K+Q== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_secp160r2:ALICE_secp160r2_PUB -- +-Derive=ALICE_zero_prime239v3 +-PeerKey=BOB_zero_prime239v3_PUB +-SharedSecret=56a71f5dd1611e8032c3e2d8224d86e5e8c2fc6480d74c0e282282decd43 - --PrivateKey=BOB_secp160r2 +-PrivateKey=ALICE_zero_prime256v1 ------BEGIN PRIVATE KEY----- --MGECAQAwEAYHKoZIzj0CAQYFK4EEAB4ESjBIAgEBBBUA10mjzR2Dy0CLmm/MTAHT --b5CBenOhLAMqAARqzYAcSijzAo2vzmMuK8ta8sl/bguuCpRwFD93ACP64TzgI3re --FhsX +-MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDXhMb6aR4JR2+l2tmgYqP0r8S4jtym +-yH++awvF2nGhhg== ------END PRIVATE KEY----- - --PublicKey=BOB_secp160r2_PUB +-PublicKey=BOB_zero_prime256v1_PUB ------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAEas2AHEoo8wKNr85jLivLWvLJf24LrgqU --cBQ/dwAj+uE84CN63hYbFw== +-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AABmSFx4Di+D1yQzvV2EoGu2VBwq8x2uhxcov4VqF0+T9A== ------END PUBLIC KEY----- - --PrivPubKeyPair = BOB_secp160r2:BOB_secp160r2_PUB -- -- -# ECDH Alice with Bob peer -- -Availablein = default --Derive=ALICE_secp160r2 --PeerKey=BOB_secp160r2_PUB --SharedSecret=5481e282c47cbd37c84873847c4fc2f31fc15a1a -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_secp160r2 --PeerKey=ALICE_secp160r2_PUB --SharedSecret=5481e282c47cbd37c84873847c4fc2f31fc15a1a -- --# TEST CURVE secp192k1 -- --PrivateKey=ALICE_secp192k1 -------BEGIN PRIVATE KEY----- --MGwCAQAwEAYHKoZIzj0CAQYFK4EEAB8EVTBTAgEBBBizF3KeHMsaV/KOR/otCmdL --QT2qGNq3HhWhNAMyAATP+L9SGl3K6wmevkLwJnkMNHp0I5RfXulSfHuHZPp4CGrh --i6eKNQLkpZ2OQaPIExA= -------END PRIVATE KEY----- +-Derive=ALICE_zero_prime256v1 +-PeerKey=BOB_zero_prime256v1_PUB +-SharedSecret=c4f5607deb8501f1a4ba23fce4122a4343a17ada2c86a9c8e0d03d92d4a4c84c - --PublicKey=ALICE_secp192k1_PUB -------BEGIN PUBLIC KEY----- --MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAEz/i/UhpdyusJnr5C8CZ5DDR6dCOUX17p --Unx7h2T6eAhq4YunijUC5KWdjkGjyBMQ -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_secp192k1:ALICE_secp192k1_PUB -- -- --PrivateKey=BOB_secp192k1 +-PrivateKey=ALICE_zero_secp384r1 ------BEGIN PRIVATE KEY----- --MGwCAQAwEAYHKoZIzj0CAQYFK4EEAB8EVTBTAgEBBBh8BXPVGQKYCw0v7DY3wZVa --cyhyUjIbUymhNAMyAATgI7hw2LSj6uN3yL5nvHOOkMiPtalKr+BGsFac39RYmp64 --mr+w66bDIWN3VllO6LY= +-ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDD6kgzKbg28zbQyVTdC0IdHbm0UCQt2Rdbi +-VVHJeYRSnNpFOiFLaOsGOmwoeZzj6jc= ------END PRIVATE KEY----- - --PublicKey=BOB_secp192k1_PUB +-PublicKey=BOB_zero_secp384r1_PUB ------BEGIN PUBLIC KEY----- --MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAE4CO4cNi0o+rjd8i+Z7xzjpDIj7WpSq/g --RrBWnN/UWJqeuJq/sOumwyFjd1ZZTui2 +-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAAAAAAAAAAAAAAAAAAAPPme8E9RpepjC6P5+WDdWToUyb45/SvSFdO0sIqq+Gu/kn8sRuUqsG+3 +-QriFDlIe ------END PUBLIC KEY----- - --PrivPubKeyPair = BOB_secp192k1:BOB_secp192k1_PUB -- -- -# ECDH Alice with Bob peer -- -Availablein = default --Derive=ALICE_secp192k1 --PeerKey=BOB_secp192k1_PUB --SharedSecret=6a4daca0412284172e8fcaafa0d9df76257d899752bf0f23 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_secp192k1 --PeerKey=ALICE_secp192k1_PUB --SharedSecret=6a4daca0412284172e8fcaafa0d9df76257d899752bf0f23 -- --# TEST CURVE secp224k1 -- --PrivateKey=ALICE_secp224k1 -------BEGIN PRIVATE KEY----- --MHkCAQAwEAYHKoZIzj0CAQYFK4EEACAEYjBgAgEBBB0AhXKGJFqOI4P1PLFR3M6M --kepT/2Dtd27I1Awzx6E8AzoABPVN/1b6VHbq7U6pWaOrUeqJ5vSgWL49u/uuD48D --4FRf7oFdixN9VWIrxr0PRByeEYmlHw4MOEQK -------END PRIVATE KEY----- +-Derive=ALICE_zero_secp384r1 +-PeerKey=BOB_zero_secp384r1_PUB +-SharedSecret=b1cfeaeef51dfd487d3a8b2849f1592e04d63f2d2c88b310a6290ebfe5399f5ffe954eabd0619231393e56c35b242986 - --PublicKey=ALICE_secp224k1_PUB -------BEGIN PUBLIC KEY----- --ME4wEAYHKoZIzj0CAQYFK4EEACADOgAE9U3/VvpUdurtTqlZo6tR6onm9KBYvj27 --+64PjwPgVF/ugV2LE31VYivGvQ9EHJ4RiaUfDgw4RAo= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_secp224k1:ALICE_secp224k1_PUB -- -- --PrivateKey=BOB_secp224k1 +-PrivateKey=ALICE_zero_secp521r1 ------BEGIN PRIVATE KEY----- --MHkCAQAwEAYHKoZIzj0CAQYFK4EEACAEYjBgAgEBBB0AOjEXYoz8YcWokSf4U5gX --HbjDfILPdPejlE0T/KE8AzoABGXAQ+AntX7On4cKwP+f4KzZGaJZwjBq3jCjymsr --9A3c8VCoRXXBg+VPoKg7fDkMIgI8qPmrC95Q +-MGACAQAwEAYHKoZIzj0CAQYFK4EEACMESTBHAgEBBEIAbddDLMUWbAsY7l3vbNDmntXuAUcDYPg5 +-w/cgUwSCIvrV9MBeSG8AWqT16riHmHlsn+XI5PAJM6eij3JDahnu9Mo= ------END PRIVATE KEY----- - --PublicKey=BOB_secp224k1_PUB +-PublicKey=BOB_zero_secp521r1_PUB ------BEGIN PUBLIC KEY----- --ME4wEAYHKoZIzj0CAQYFK4EEACADOgAEZcBD4Ce1fs6fhwrA/5/grNkZolnCMGre --MKPKayv0DdzxUKhFdcGD5U+gqDt8OQwiAjyo+asL3lA= +-MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0g7J/qa1d8ENJsobtEb0CymeZIsa +-1Qiq0GiJb+4/jmFLxjBU1Xcr8Bpl1BLgvKqOll0vXTMtfzn4RtRArgAfT4c= ------END PUBLIC KEY----- - --PrivPubKeyPair = BOB_secp224k1:BOB_secp224k1_PUB -- -- -# ECDH Alice with Bob peer -- -Availablein = default --Derive=ALICE_secp224k1 --PeerKey=BOB_secp224k1_PUB --SharedSecret=80b65e65fe29c779213dd31189d371ff57b0b2bf08c6458ed142399a +-Derive=ALICE_zero_secp521r1 +-PeerKey=BOB_zero_secp521r1_PUB +-SharedSecret=003fc3028f61db94b20c7cd177923b6e73f12f0ab067c9ce8866755e3c82abb39c9863cde74fa80b32520bd7dd0eb156c30c08911503b67b2661f1264d09bb231423 - --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_secp224k1 --PeerKey=ALICE_secp224k1_PUB --SharedSecret=80b65e65fe29c779213dd31189d371ff57b0b2bf08c6458ed142399a -- - # TEST CURVE secp256k1 - - PrivateKey=ALICE_secp256k1 -@@ -487,1984 +66,6 @@ Derive=BOB_secp256k1 - PeerKey=ALICE_secp256k1_PUB - SharedSecret=af43b52790082fd87afb1d14b883c12d12bb9e554080d1f8e527920676e31f3e + Title=prime256v1 curve tests --# TEST CURVE prime192v2 -- --PrivateKey=ALICE_prime192v2 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEVTBTAgEBBBgtIuKqpRc7rEYuGx1a --dDxcvso0NAZw+fWhNAMyAATMSHwJPq761VawpRbKLB3uuDSng4WeFPjhvubL6g8V --8UqFaKRED5PUIQ0lYStVCao= -------END PRIVATE KEY----- -- --PublicKey=ALICE_prime192v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEzEh8CT6u+tVWsKUWyiwd7rg0p4OF --nhT44b7my+oPFfFKhWikRA+T1CENJWErVQmq -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_prime192v2:ALICE_prime192v2_PUB -- -- --PrivateKey=BOB_prime192v2 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEVTBTAgEBBBggTjqWC1/iHrvKR9/u --1gxpL2tWJkkAMYuhNAMyAASa4nG+wLPTHxfkqiTII5PBLAKXmXUf5dMtpmApcjrj --XjnwJIJEQr80MK9+g1raqN8= -------END PRIVATE KEY----- -- --PublicKey=BOB_prime192v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEmuJxvsCz0x8X5KokyCOTwSwCl5l1 --H+XTLaZgKXI641458CSCREK/NDCvfoNa2qjf -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_prime192v2:BOB_prime192v2_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_prime192v2 --PeerKey=BOB_prime192v2_PUB --SharedSecret=9b37033a48af7fe1825c062625f8b57d4b3ac48c12bec69c -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_prime192v2 --PeerKey=ALICE_prime192v2_PUB --SharedSecret=9b37033a48af7fe1825c062625f8b57d4b3ac48c12bec69c -- --# TEST CURVE prime192v3 -- --PrivateKey=ALICE_prime192v3 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEVTBTAgEBBBg0iDdcgise1/v2k6js --UkgKwXPqx/uJJTehNAMyAAQ6/i0pSNHk824XO6Mv0irQfSv2yzGQy+DwWo/klZco --kPDcXKEdU8ZmnAABH7j6UV8= -------END PRIVATE KEY----- -- --PublicKey=ALICE_prime192v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEOv4tKUjR5PNuFzujL9Iq0H0r9ssx --kMvg8FqP5JWXKJDw3FyhHVPGZpwAAR+4+lFf -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_prime192v3:ALICE_prime192v3_PUB -- -- --PrivateKey=BOB_prime192v3 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEVTBTAgEBBBieW1huqwVU3ev7qgpT --LFjYEMRPONOAcaKhNAMyAASXaTjBIQX686BZJAidX+hFuvDyxbN1vBQvp40OVl0L --CG4hoZ+5McLtPATL+osKvX8= -------END PRIVATE KEY----- -- --PublicKey=BOB_prime192v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEl2k4wSEF+vOgWSQInV/oRbrw8sWz --dbwUL6eNDlZdCwhuIaGfuTHC7TwEy/qLCr1/ -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_prime192v3:BOB_prime192v3_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_prime192v3 --PeerKey=BOB_prime192v3_PUB --SharedSecret=7133f1d99b0e03ed9c4d78d3be40598cf419cd588283ac29 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_prime192v3 --PeerKey=ALICE_prime192v3_PUB --SharedSecret=7133f1d99b0e03ed9c4d78d3be40598cf419cd588283ac29 -- --# TEST CURVE prime239v1 -- --PrivateKey=ALICE_prime239v1 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEEBGcwZQIBAQQeRmiZXaqr3u11hiGK --1cH75U/rKc1+8YMqxcXhACRkoUADPgAEfIJpVggCXUROHgX4h5h66/0Pgr/aMtMq --ExHQP7zxWYzf3cYAP4V/t9OCT582WjMLnCmdlFnYUPD50dyU -------END PRIVATE KEY----- -- --PublicKey=ALICE_prime239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEfIJpVggCXUROHgX4h5h66/0Pgr/a --MtMqExHQP7zxWYzf3cYAP4V/t9OCT582WjMLnCmdlFnYUPD50dyU -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_prime239v1:ALICE_prime239v1_PUB -- -- --PrivateKey=BOB_prime239v1 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEEBGcwZQIBAQQeAbGRRoBgqHVUBFot --5m9Ytm8RU+ISkA33VgQrHGM/oUADPgAEdRgPsL/Mi3ucJcYibvFJQxDDyLqgUH3i --Mk266RAHFqoioiGT72TOidBhi+VrUn6NOIyna8foww2M45vR -------END PRIVATE KEY----- -- --PublicKey=BOB_prime239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEdRgPsL/Mi3ucJcYibvFJQxDDyLqg --UH3iMk266RAHFqoioiGT72TOidBhi+VrUn6NOIyna8foww2M45vR -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_prime239v1:BOB_prime239v1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_prime239v1 --PeerKey=BOB_prime239v1_PUB --SharedSecret=2ef92070f7a5fa14c8a67a8aa3080b4c4a597eafaa81d3f698599ac0be1e -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_prime239v1 --PeerKey=ALICE_prime239v1_PUB --SharedSecret=2ef92070f7a5fa14c8a67a8aa3080b4c4a597eafaa81d3f698599ac0be1e -- --# TEST CURVE prime239v2 -- --PrivateKey=ALICE_prime239v2 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEFBGcwZQIBAQQeemq6S5puHF94ZW/W --6BMRim+HFFM0zxVZQpWG+bf2oUADPgAELukUodCQsmwzGVR3lLEGKQ6quGd6kDXN --DjjcMrDabBtWKDuuUrgjBGsI7NRbCQ0a5NWTo+EnWe0LXbYN -------END PRIVATE KEY----- -- --PublicKey=ALICE_prime239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAELukUodCQsmwzGVR3lLEGKQ6quGd6 --kDXNDjjcMrDabBtWKDuuUrgjBGsI7NRbCQ0a5NWTo+EnWe0LXbYN -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_prime239v2:ALICE_prime239v2_PUB -- -- --PrivateKey=BOB_prime239v2 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEFBGcwZQIBAQQeAEaCw7ulF8GZcmbj --aDmcrw8Gex+hX0rNvwzoC7+6oUADPgAEKh0EmYUpj6XbuEGxMBaPmECT8L++ihUW --ms4xau0RUYij4HgS1gjSMDfyvvCBUy10RIkw+goxVdUhfW2u -------END PRIVATE KEY----- -- --PublicKey=BOB_prime239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEKh0EmYUpj6XbuEGxMBaPmECT8L++ --ihUWms4xau0RUYij4HgS1gjSMDfyvvCBUy10RIkw+goxVdUhfW2u -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_prime239v2:BOB_prime239v2_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_prime239v2 --PeerKey=BOB_prime239v2_PUB --SharedSecret=5bdab282dc371ee88ade318a6aad2b329ec3ea957e0df18b7a691c1bf703 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_prime239v2 --PeerKey=ALICE_prime239v2_PUB --SharedSecret=5bdab282dc371ee88ade318a6aad2b329ec3ea957e0df18b7a691c1bf703 -- --# TEST CURVE prime239v3 -- --PrivateKey=ALICE_prime239v3 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEGBGcwZQIBAQQeGlwSPAYfmiP9r2nA --SD52VqKyZpEnU+Jmynlf2DI7oUADPgAEFlIB4Yl+5J2u4JLYv8z+itwf+XnOL/BD --qNK3uRoYPKHYdYWJkgXxkQ1QDZwNppAQRcxSgTKnJ6V8crbp -------END PRIVATE KEY----- -- --PublicKey=ALICE_prime239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEFlIB4Yl+5J2u4JLYv8z+itwf+XnO --L/BDqNK3uRoYPKHYdYWJkgXxkQ1QDZwNppAQRcxSgTKnJ6V8crbp -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_prime239v3:ALICE_prime239v3_PUB -- -- --PrivateKey=BOB_prime239v3 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwEGBGcwZQIBAQQeU1KIfJBGvItr8//g --kW1zoPkveo9lvXBlnUV5/5rDoUADPgAEepc03AEEgOnI+ivpjGV4ypvn8sRQaVAb --3QAeIEYDQLUBFOdb3kF2MvlnLKV3OCdB3GQgNfZtEHbdn0bq -------END PRIVATE KEY----- -- --PublicKey=BOB_prime239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEepc03AEEgOnI+ivpjGV4ypvn8sRQ --aVAb3QAeIEYDQLUBFOdb3kF2MvlnLKV3OCdB3GQgNfZtEHbdn0bq -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_prime239v3:BOB_prime239v3_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_prime239v3 --PeerKey=BOB_prime239v3_PUB --SharedSecret=78e80ae760061178bd005e9e3634333971468bc6d3f82baee238c5ed32f9 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_prime239v3 --PeerKey=ALICE_prime239v3_PUB --SharedSecret=78e80ae760061178bd005e9e3634333971468bc6d3f82baee238c5ed32f9 -- --# TEST CURVE sect113r1 -- --PrivateKey=ALICE_sect113r1 -------BEGIN PRIVATE KEY----- --MFECAQAwEAYHKoZIzj0CAQYFK4EEAAQEOjA4AgEBBA8AcrP9u8BlWb4knkGVZmSh --IgMgAAQBviTf62+1V4etJb2D9LkBadAFmdmRS+rVI3spTYs= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect113r1_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEAb4k3+tvtVeHrSW9g/S5AWnQBZnZkUvq --1SN7KU2L -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect113r1:ALICE_sect113r1_PUB -- -- --PrivateKey=BOB_sect113r1 -------BEGIN PRIVATE KEY----- --MFECAQAwEAYHKoZIzj0CAQYFK4EEAAQEOjA4AgEBBA8AmhEq3A9KdbKQUz1F/Myh --IgMgAAQAuSRBNxXjIjezwrGF8VkBxWR69g0UJaBIIArpdNo= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect113r1_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEALkkQTcV4yI3s8KxhfFZAcVkevYNFCWg --SCAK6XTa -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect113r1:BOB_sect113r1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_sect113r1 --PeerKey=BOB_sect113r1_PUB --SharedSecret=015405437add26b8841c62a9016c85 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_sect113r1 --PeerKey=ALICE_sect113r1_PUB --SharedSecret=015405437add26b8841c62a9016c85 -- --# TEST CURVE sect113r2 -- --PrivateKey=ALICE_sect113r2 -------BEGIN PRIVATE KEY----- --MFECAQAwEAYHKoZIzj0CAQYFK4EEAAUEOjA4AgEBBA8ABqFZ6Z7BKKjvrzXh99Wh --IgMgAAQBTQTHA9uSxcZ8kvsSVUUBcLQ4m45U10VwVCQ+oGQ= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect113r2_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAU0ExwPbksXGfJL7ElVFAXC0OJuOVNdF --cFQkPqBk -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect113r2:ALICE_sect113r2_PUB -- -- --PrivateKey=BOB_sect113r2 -------BEGIN PRIVATE KEY----- --MFECAQAwEAYHKoZIzj0CAQYFK4EEAAUEOjA4AgEBBA8ABPHhZ0kCp0TocQJIuiuh --IgMgAAQBSi7u+Ur776iGyg0Ij6UAN70IzPVZxGK5zPxp6wo= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect113r2_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAUou7vlK+++ohsoNCI+lADe9CMz1WcRi --ucz8aesK -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect113r2:BOB_sect113r2_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_sect113r2 --PeerKey=BOB_sect113r2_PUB --SharedSecret=014231c5e9e28d451aa44a755407e1 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_sect113r2 --PeerKey=ALICE_sect113r2_PUB --SharedSecret=014231c5e9e28d451aa44a755407e1 -- --# TEST CURVE sect131r1 -- --PrivateKey=ALICE_sect131r1 -------BEGIN PRIVATE KEY----- --MFcCAQAwEAYHKoZIzj0CAQYFK4EEABYEQDA+AgEBBBEAUCFDwJLLThLHiDlw/Qcn --8aEmAyQABAAU+ywF9iPv6LDldKOLhLgXBRI7EpZnbXPXhUmkQWPhHAQ= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect131r1_PUB -------BEGIN PUBLIC KEY----- --MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEABT7LAX2I+/osOV0o4uEuBcFEjsSlmdt --c9eFSaRBY+EcBA== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect131r1:ALICE_sect131r1_PUB -- -- --PrivateKey=BOB_sect131r1 -------BEGIN PRIVATE KEY----- --MFcCAQAwEAYHKoZIzj0CAQYFK4EEABYEQDA+AgEBBBEDxxMzxjxJmYfSZvWJKq+V --vKEmAyQABAFHQ2a+h+Yn5N4Lt0IoJcVVBrf9xkZNS0xxblh+0wndq9s= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect131r1_PUB -------BEGIN PUBLIC KEY----- --MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEAUdDZr6H5ifk3gu3QiglxVUGt/3GRk1L --THFuWH7TCd2r2w== -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect131r1:BOB_sect131r1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_sect131r1 --PeerKey=BOB_sect131r1_PUB --SharedSecret=009e4acc8c1ba3a129a9ad83a733d7d702 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_sect131r1 --PeerKey=ALICE_sect131r1_PUB --SharedSecret=009e4acc8c1ba3a129a9ad83a733d7d702 -- --# TEST CURVE sect131r2 -- --PrivateKey=ALICE_sect131r2 -------BEGIN PRIVATE KEY----- --MFcCAQAwEAYHKoZIzj0CAQYFK4EEABcEQDA+AgEBBBEDHPPtQCKJB8g01rMkT8Sk --9aEmAyQABAcWl2Z/1kIc4mWCbRH4+c/2B47RC31JyifKvkxkHt05x3g= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect131r2_PUB -------BEGIN PUBLIC KEY----- --MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEBxaXZn/WQhziZYJtEfj5z/YHjtELfUnK --J8q+TGQe3TnHeA== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect131r2:ALICE_sect131r2_PUB -- -- --PrivateKey=BOB_sect131r2 -------BEGIN PRIVATE KEY----- --MFcCAQAwEAYHKoZIzj0CAQYFK4EEABcEQDA+AgEBBBEDR9ez/YtS29S7/R5+rUiX --VKEmAyQABALZHNBITDoigpOwTzczlaN9AsRk5JzMUJXYkvBEqj+YILQ= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect131r2_PUB -------BEGIN PUBLIC KEY----- --MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEAtkc0EhMOiKCk7BPNzOVo30CxGTknMxQ --ldiS8ESqP5ggtA== -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect131r2:BOB_sect131r2_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_sect131r2 --PeerKey=BOB_sect131r2_PUB --SharedSecret=03cbec3a3050c7f13d4801ad692d61c417 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_sect131r2 --PeerKey=ALICE_sect131r2_PUB --SharedSecret=03cbec3a3050c7f13d4801ad692d61c417 -- --# TEST CURVE sect163r1 -- --PrivateKey=ALICE_sect163r1 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUBl9zmlPmFF5v9h1IIENAx --1b8tj0+hLgMsAAQE3j8Jn58CCtEDwvOZ5DwgYGBYvIECz1zN8UwPfTFSdXjTWQcr --9gWxNMA= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect163r1_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEBN4/CZ+fAgrRA8LzmeQ8IGBgWLyBAs9c --zfFMD30xUnV401kHK/YFsTTA -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect163r1:ALICE_sect163r1_PUB -- -- --PrivateKey=BOB_sect163r1 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAIETDBKAgEBBBUA/nzN5yCavvZlXyDGEihW --rwG360+hLgMsAAQDt6XZHfzXABSTnGhzfoPtfdLZgaoGhBdeWz+318vNmC6AMJP+ --PntHzsA= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect163r1_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEA7el2R381wAUk5xoc36D7X3S2YGqBoQX --Xls/t9fLzZgugDCT/j57R87A -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect163r1:BOB_sect163r1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein=default --Derive=ALICE_sect163r1 --PeerKey=BOB_sect163r1_PUB --SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 -- --# ECDH Bob with Alice peer -- --Availablein=default --Derive=BOB_sect163r1 --PeerKey=ALICE_sect163r1_PUB --SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 -- --# TEST CURVE sect193r1 -- --PrivateKey=ALICE_sect193r1 -------BEGIN PRIVATE KEY----- --MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAEQlofBlvj8zDK5o4CCfA --aOQOmlAyTimBoTYDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUnNwBn5T26m15R --M4MLnYGdklcAM8oMOML999w= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect193r1_PUB -------BEGIN PUBLIC KEY----- --MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAKBcyRBxQDZTvpPM39ZVXYQS5aJwZfUn --NwBn5T26m15RM4MLnYGdklcAM8oMOML999w= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect193r1:ALICE_sect193r1_PUB -- -- --PrivateKey=BOB_sect193r1 -------BEGIN PRIVATE KEY----- --MG8CAQAwEAYHKoZIzj0CAQYFK4EEABgEWDBWAgEBBBkAnxvYLKZaw4Rj24WTRBfg --iar5vp3R3pCJoTYDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUpYQE/jBjzUHIC --qMNZTHy9gT2R9yc0GBZ/Dic= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect193r1_PUB -------BEGIN PUBLIC KEY----- --MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAXw0PWt3PtZT5v9aH0o6WnFtFGOBNEUp --YQE/jBjzUHICqMNZTHy9gT2R9yc0GBZ/Dic= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect193r1:BOB_sect193r1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein=default --Derive=ALICE_sect193r1 --PeerKey=BOB_sect193r1_PUB --SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 -- --# ECDH Bob with Alice peer -- --Availablein=default --Derive=BOB_sect193r1 --PeerKey=ALICE_sect193r1_PUB --SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 -- --# TEST CURVE sect193r2 -- --PrivateKey=ALICE_sect193r2 -------BEGIN PRIVATE KEY----- --MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAj54XQW+b3bnX9duvqaa+ --lPTNcvOlxRAvoTYDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWkwQFc4m1ISx4o --mtNyCVI7FXV5zNnaGWVACT4= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect193r2_PUB -------BEGIN PUBLIC KEY----- --MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAHhW6xjH4TNPs/e12tsZcsGD+a92kAWk --wQFc4m1ISx4omtNyCVI7FXV5zNnaGWVACT4= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect193r2:ALICE_sect193r2_PUB -- -- --PrivateKey=BOB_sect193r2 -------BEGIN PRIVATE KEY----- --MG8CAQAwEAYHKoZIzj0CAQYFK4EEABkEWDBWAgEBBBkAvMiVR0abk6pHoeOIBESL --fB9B4gsZJjLsoTYDNAAEADtKDcwL660+Mm11Vl254GI3TnD+fragdwF+wY5qlMu5 --VtrUDMHuAP0q3eGQUsrzNo0= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect193r2_PUB -------BEGIN PUBLIC KEY----- --MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEADtKDcwL660+Mm11Vl254GI3TnD+frag --dwF+wY5qlMu5VtrUDMHuAP0q3eGQUsrzNo0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect193r2:BOB_sect193r2_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein=default --Derive=ALICE_sect193r2 --PeerKey=BOB_sect193r2_PUB --SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 -- --# ECDH Bob with Alice peer -- --Availablein=default --Derive=BOB_sect193r2 --PeerKey=ALICE_sect193r2_PUB --SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 -- --# TEST CURVE sect239k1 -- --PrivateKey=ALICE_sect239k1 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4MhpuQTtDeLBboZgiW11d/ --KBlgUL4YvTjZ8zg4HR2hQAM+AAQafRD6X3L/7c/FN69KuA04a4bhxHZezmz1G15m --tltwl8zlWsR5+GNToxV0OBLbStAQbXxqBa2Gg83B0oc= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect239k1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEGn0Q+l9y/+3PxTevSrgNOGuG4cR2Xs5s --9RteZrZbcJfM5VrEefhjU6MVdDgS20rQEG18agWthoPNwdKH -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect239k1:ALICE_sect239k1_PUB -- -- --PrivateKey=BOB_sect239k1 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEAAMEZzBlAgEBBB4FBG477KvylisppUFwbDl/ --SRGnX5FFmfw/xWIiEMehQAM+AAQFii094UX6F5m8Dk0eI/DhF3+IDUu7h81hTdyZ --xxET0IokxFkTUf/re9WPA7LxPOCuiIPZUNVCRxRWSuU= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect239k1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEBYotPeFF+heZvA5NHiPw4Rd/iA1Lu4fN --YU3cmccRE9CKJMRZE1H/63vVjwOy8TzgroiD2VDVQkcUVkrl -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect239k1:BOB_sect239k1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein=default --Derive=ALICE_sect239k1 --PeerKey=BOB_sect239k1_PUB --SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 -- --# ECDH Bob with Alice peer -- --Availablein=default --Derive=BOB_sect239k1 --PeerKey=ALICE_sect239k1_PUB --SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_sect163r1 --PeerKey=BOB_sect163r1_PUB --SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_sect163r1 --PeerKey=ALICE_sect163r1_PUB --SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_sect193r1 --PeerKey=BOB_sect193r1_PUB --SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_sect193r1 --PeerKey=ALICE_sect193r1_PUB --SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_sect193r2 --PeerKey=BOB_sect193r2_PUB --SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_sect193r2 --PeerKey=ALICE_sect193r2_PUB --SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_sect239k1 --PeerKey=BOB_sect239k1_PUB --SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_sect239k1 --PeerKey=ALICE_sect239k1_PUB --SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 -- --# TEST CURVE c2pnb163v1 -- --PrivateKey=ALICE_c2pnb163v1 -------BEGIN PRIVATE KEY----- --MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEETDBKAgEBBBUDTVBXDIdMMg5JIb6y --ZHLpkONauzuhLgMsAAQC/TaMi2YGY4SmYVCrIVVommDnOyMHJZ1VZ4+fT+hE/qRp --WHMMW5gOZO4= -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2pnb163v1_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEAv02jItmBmOEpmFQqyFVaJpg5zsj --ByWdVWePn0/oRP6kaVhzDFuYDmTu -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2pnb163v1:ALICE_c2pnb163v1_PUB -- -- --PrivateKey=BOB_c2pnb163v1 -------BEGIN PRIVATE KEY----- --MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEETDBKAgEBBBUC3uEAfGc3+a0FOrFh --ftdUBtZ5BPOhLgMsAAQGojKkhnOduUQY6XT0GwQbDe1YM1wFkj3vZGkhO5OzsqG1 --QqQLkFeMwKo= -------END PRIVATE KEY----- -- --PublicKey=BOB_c2pnb163v1_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEBqIypIZznblEGOl09BsEGw3tWDNc --BZI972RpITuTs7KhtUKkC5BXjMCq -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2pnb163v1:BOB_c2pnb163v1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2pnb163v1 --PeerKey=BOB_c2pnb163v1_PUB --SharedSecret=05939a47cb503656e684f433001e45776c7620e13b -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2pnb163v1 --PeerKey=ALICE_c2pnb163v1_PUB --SharedSecret=05939a47cb503656e684f433001e45776c7620e13b -- --# TEST CURVE c2pnb163v2 -- --PrivateKey=ALICE_c2pnb163v2 -------BEGIN PRIVATE KEY----- --MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIETDBKAgEBBBUC3m3meJNbhDwwFH3C --//L2EyOQNruhLgMsAAQBaATOiPV6c8icBYWczLXM6k+t8U4FIN57iiC8RsmIS3+V --yM/rN3UBZaw= -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2pnb163v2_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEAWgEzoj1enPInAWFnMy1zOpPrfFO --BSDee4ogvEbJiEt/lcjP6zd1AWWs -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2pnb163v2:ALICE_c2pnb163v2_PUB -- -- --PrivateKey=BOB_c2pnb163v2 -------BEGIN PRIVATE KEY----- --MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIETDBKAgEBBBUBvd/DvKharywckSaW --aAniKByXBwihLgMsAAQH0+FWe4mb13QrEZCPwfIS+gChEXoGhyBVubt6+SSgS5nS --eDGgjW/36Qw= -------END PRIVATE KEY----- -- --PublicKey=BOB_c2pnb163v2_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEB9PhVnuJm9d0KxGQj8HyEvoAoRF6 --BocgVbm7evkkoEuZ0ngxoI1v9+kM -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2pnb163v2:BOB_c2pnb163v2_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2pnb163v2 --PeerKey=BOB_c2pnb163v2_PUB --SharedSecret=0779fb5f6ac7892f2f342b785d71244e0b03ca562d -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2pnb163v2 --PeerKey=ALICE_c2pnb163v2_PUB --SharedSecret=0779fb5f6ac7892f2f342b785d71244e0b03ca562d -- --# TEST CURVE c2pnb163v3 -- --PrivateKey=ALICE_c2pnb163v3 -------BEGIN PRIVATE KEY----- --MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMETDBKAgEBBBUCtJ0ZQMD5T6Ym/jZx --Fzb9tQkLOhuhLgMsAAQE26YD7hG+CY02+nBDFKIBnMvHWUQGfkiIfG9yxV+LptOM --CdU4y9RhM+w= -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2pnb163v3_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEBNumA+4RvgmNNvpwQxSiAZzLx1lE --Bn5IiHxvcsVfi6bTjAnVOMvUYTPs -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2pnb163v3:ALICE_c2pnb163v3_PUB -- -- --PrivateKey=BOB_c2pnb163v3 -------BEGIN PRIVATE KEY----- --MGYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMETDBKAgEBBBUB9MnYR9NXM8OoCraO --orQz1LXIZJChLgMsAAQH15R/xAGyrtmg+hrdAaGn9rVEfWQA7yUCn4vKR2eIy/qN --YfbeHTIaTBY= -------END PRIVATE KEY----- -- --PublicKey=BOB_c2pnb163v3_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEB9eUf8QBsq7ZoPoa3QGhp/a1RH1k --AO8lAp+LykdniMv6jWH23h0yGkwW -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2pnb163v3:BOB_c2pnb163v3_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2pnb163v3 --PeerKey=BOB_c2pnb163v3_PUB --SharedSecret=02bf68863a8798e72cdc9cd3b9ce731f12654bfa81 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2pnb163v3 --PeerKey=ALICE_c2pnb163v3_PUB --SharedSecret=02bf68863a8798e72cdc9cd3b9ce731f12654bfa81 -- --# TEST CURVE c2pnb176v1 -- --PrivateKey=ALICE_c2pnb176v1 -------BEGIN PRIVATE KEY----- --MGgCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQETjBMAgEBBBUAxXEz1PjthqsI664l --N5LRLN8C2uyhMAMuAARD1qVJHbL5A7BhEKeHSuDeT6XeZ3ODFn9ef67qdF+tS7p3 --zgXGKt4pKMoYcg== -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2pnb176v1_PUB -------BEGIN PUBLIC KEY----- --MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAEQ9alSR2y+QOwYRCnh0rg3k+l3mdz --gxZ/Xn+u6nRfrUu6d84FxireKSjKGHI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2pnb176v1:ALICE_c2pnb176v1_PUB -- -- --PrivateKey=BOB_c2pnb176v1 -------BEGIN PRIVATE KEY----- --MGgCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQETjBMAgEBBBUAJvHHFW0v+/cjaLd7 --Xgt6FtSga5+hMAMuAASUs7rUAlv1qhppI82ikLvZ8Y0DApC356nhs7SyQYdLtHRM --+qUHBB3IzrLKdQ== -------END PRIVATE KEY----- -- --PublicKey=BOB_c2pnb176v1_PUB -------BEGIN PUBLIC KEY----- --MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAElLO61AJb9aoaaSPNopC72fGNAwKQ --t+ep4bO0skGHS7R0TPqlBwQdyM6yynU= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2pnb176v1:BOB_c2pnb176v1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2pnb176v1 --PeerKey=BOB_c2pnb176v1_PUB --SharedSecret=b204734417542df762e09013d6ba958940837a2aa25a -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2pnb176v1 --PeerKey=ALICE_c2pnb176v1_PUB --SharedSecret=b204734417542df762e09013d6ba958940837a2aa25a -- --# TEST CURVE c2tnb191v1 -- --PrivateKey=ALICE_c2tnb191v1 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEVTBTAgEBBBgYgpO+wgirUtuqHF00 --2o02Vc7xQjKgSzChNAMyAAQ2ae+5tDQ2CDaV5XPdC+RtLgcHS5lTOclTClr/WSpP --TlMt2TGh/KRrD859oXg6KYY= -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2tnb191v1_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAENmnvubQ0Ngg2leVz3QvkbS4HB0uZ --UznJUwpa/1kqT05TLdkxofykaw/OfaF4OimG -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2tnb191v1:ALICE_c2tnb191v1_PUB -- -- --PrivateKey=BOB_c2tnb191v1 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEVTBTAgEBBBguzm5uFNRy/lX3OKuJ --j8i/vH/+viMd48yhNAMyAARka5rhdTmtbqQVRMWZQjUqsHUMX43siRt5f2WQSZfg --+IQ2l/8veayyX9erUSt3gK4= -------END PRIVATE KEY----- -- --PublicKey=BOB_c2tnb191v1_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAEZGua4XU5rW6kFUTFmUI1KrB1DF+N --7IkbeX9lkEmX4PiENpf/L3mssl/Xq1Erd4Cu -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2tnb191v1:BOB_c2tnb191v1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2tnb191v1 --PeerKey=BOB_c2tnb191v1_PUB --SharedSecret=7a30d30acd3b067f38bb3be9e8cdef739483df26455e36e1 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2tnb191v1 --PeerKey=ALICE_c2tnb191v1_PUB --SharedSecret=7a30d30acd3b067f38bb3be9e8cdef739483df26455e36e1 -- --# TEST CURVE c2tnb191v2 -- --PrivateKey=ALICE_c2tnb191v2 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEVTBTAgEBBBgOlslgJ0XSK3vKC5Ls --QmYxZfr8OEKXRQ2hNAMyAAQAHivLhSwW2SJZtUPhuV1p9fQSfz7w9SJY8dJOpVf8 --9DevPUlJMPcaSGyjX+3nJZc= -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2tnb191v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEAB4ry4UsFtkiWbVD4bldafX0En8+ --8PUiWPHSTqVX/PQ3rz1JSTD3Gkhso1/t5yWX -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2tnb191v2:ALICE_c2tnb191v2_PUB -- -- --PrivateKey=BOB_c2tnb191v2 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEVTBTAgEBBBgK9QaS2SDU6yz7uXqO --+/+C+baTTVMAGVGhNAMyAAQiR0t9plm77ezfXvJzDNdlyYC0pWX+QmJ8EavgEElk --ky/M+YXb5ufkFzFXIEfU9pM= -------END PRIVATE KEY----- -- --PublicKey=BOB_c2tnb191v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEIkdLfaZZu+3s317ycwzXZcmAtKVl --/kJifBGr4BBJZJMvzPmF2+bn5BcxVyBH1PaT -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2tnb191v2:BOB_c2tnb191v2_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2tnb191v2 --PeerKey=BOB_c2tnb191v2_PUB --SharedSecret=5ec2b6ccd193620dbad302c4ad8f8909a40698bf454d7534 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2tnb191v2 --PeerKey=ALICE_c2tnb191v2_PUB --SharedSecret=5ec2b6ccd193620dbad302c4ad8f8909a40698bf454d7534 -- --# TEST CURVE c2tnb191v3 -- --PrivateKey=ALICE_c2tnb191v3 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEVTBTAgEBBBgSaBOQyq6XX3hZVVgV --FlRrxTuvgtv33C6hNAMyAARL+Fup8jOnixQYPx8pU/b066PHrhTXfiNerFEYA/5O --XCKCEkdRCpuDJnyqpmaC2vw= -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2tnb191v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAES/hbqfIzp4sUGD8fKVP29Oujx64U --134jXqxRGAP+TlwighJHUQqbgyZ8qqZmgtr8 -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2tnb191v3:ALICE_c2tnb191v3_PUB -- -- --PrivateKey=BOB_c2tnb191v3 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEVTBTAgEBBBgEE8Ls7pc1/q3/0ruR --gMrWGhGIr4VLt4uhNAMyAAQHAZsjkAXanwGbXR3SKkoKli6rSfSiu0lU2XHDiZdt --LaPN+Eihz4KeG2YM/p3m1do= -------END PRIVATE KEY----- -- --PublicKey=BOB_c2tnb191v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAEBwGbI5AF2p8Bm10d0ipKCpYuq0n0 --ortJVNlxw4mXbS2jzfhIoc+CnhtmDP6d5tXa -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2tnb191v3:BOB_c2tnb191v3_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2tnb191v3 --PeerKey=BOB_c2tnb191v3_PUB --SharedSecret=39093dc8a2e6724a6206ed41bb99490d527d80c902c41891 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2tnb191v3 --PeerKey=ALICE_c2tnb191v3_PUB --SharedSecret=39093dc8a2e6724a6206ed41bb99490d527d80c902c41891 -- --# TEST CURVE c2pnb208w1 -- --PrivateKey=ALICE_c2pnb208w1 -------BEGIN PRIVATE KEY----- --MHQCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEWjBYAgEBBBkAbfnNboX6Dk+NLoBO --6qBB2aE1srmTgS96oTgDNgAEFLHciAu4excYB0mty8rF442ULXZfqL90IkgP5G2z --wzY1mAlEBFMg83izeRaCJ/vRihZDJw== -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2pnb208w1_PUB -------BEGIN PUBLIC KEY----- --ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEFLHciAu4excYB0mty8rF442ULXZf --qL90IkgP5G2zwzY1mAlEBFMg83izeRaCJ/vRihZDJw== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2pnb208w1:ALICE_c2pnb208w1_PUB -- -- --PrivateKey=BOB_c2pnb208w1 -------BEGIN PRIVATE KEY----- --MHQCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEWjBYAgEBBBkAwjGFJOPkZqQPZ+mI --Ae3G12zpUia40tRjoTgDNgAEDxaP6u0phDLfM4RsZhgIfZy8CurR4/IPtqMGxbfz --pPKPMZXV12F6MrWrorSFDZ8KFd58Ww== -------END PRIVATE KEY----- -- --PublicKey=BOB_c2pnb208w1_PUB -------BEGIN PUBLIC KEY----- --ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEDxaP6u0phDLfM4RsZhgIfZy8CurR --4/IPtqMGxbfzpPKPMZXV12F6MrWrorSFDZ8KFd58Ww== -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2pnb208w1:BOB_c2pnb208w1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2pnb208w1 --PeerKey=BOB_c2pnb208w1_PUB --SharedSecret=59bf3c91bd168d4d4d900d9ce155933045e0fd16dcf0511bb5af -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2pnb208w1 --PeerKey=ALICE_c2pnb208w1_PUB --SharedSecret=59bf3c91bd168d4d4d900d9ce155933045e0fd16dcf0511bb5af -- --# TEST CURVE c2tnb239v1 -- --PrivateKey=ALICE_c2tnb239v1 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwALBGcwZQIBAQQeE4CCwXEKsP3CfLC/ --DLSSF9lfyOaNSuQXmq9rzLqwoUADPgAEM6oQIsXJs+ANKQpF3DzBdG4FdS5DS+qp --c5fVTsZiI4FAWCXUvzzPTRAex3wwvF/4JrYK6cKVh8i1EOrN -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2tnb239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAEM6oQIsXJs+ANKQpF3DzBdG4FdS5D --S+qpc5fVTsZiI4FAWCXUvzzPTRAex3wwvF/4JrYK6cKVh8i1EOrN -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2tnb239v1:ALICE_c2tnb239v1_PUB -- -- --PrivateKey=BOB_c2tnb239v1 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwALBGcwZQIBAQQeAGDYCGAXqD03x510 --h35JSzlgReW6W/T8lYPEA42doUADPgAECk6Uyh8ULkOVOxZSNZYGwtko/oy7ZLDP --F8dbsEZTeYIBpQ6hWqZ/4Nz3RyzfoukyfCb3b8OMtpq+Qgio -------END PRIVATE KEY----- -- --PublicKey=BOB_c2tnb239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAECk6Uyh8ULkOVOxZSNZYGwtko/oy7 --ZLDPF8dbsEZTeYIBpQ6hWqZ/4Nz3RyzfoukyfCb3b8OMtpq+Qgio -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2tnb239v1:BOB_c2tnb239v1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2tnb239v1 --PeerKey=BOB_c2tnb239v1_PUB --SharedSecret=78c42256900725df9a47bb042cef7dad9f639b32e3010738a144e7472d1a -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2tnb239v1 --PeerKey=ALICE_c2tnb239v1_PUB --SharedSecret=78c42256900725df9a47bb042cef7dad9f639b32e3010738a144e7472d1a -- --# TEST CURVE c2tnb239v2 -- --PrivateKey=ALICE_c2tnb239v2 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwAMBGcwZQIBAQQeE8kBjHLjFeC+Z2gZ --q0snwR3UgEgWMW0xilhJNjW2oUADPgAEQ+ubIYhh82VohwKSVz70PkHsjmYWDvDU --/SBRk8AiP71CM9D7XEKK5tnU94MtK2Kscx5nWZFc+oIh1+sY -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2tnb239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAEQ+ubIYhh82VohwKSVz70PkHsjmYW --DvDU/SBRk8AiP71CM9D7XEKK5tnU94MtK2Kscx5nWZFc+oIh1+sY -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2tnb239v2:ALICE_c2tnb239v2_PUB -- -- --PrivateKey=BOB_c2tnb239v2 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwAMBGcwZQIBAQQeE7bhzKZZUm780c0e --3EBWY1GxD90Mzu7zrQMi7bAzoUADPgAEYgV7bokY6iLMzZTG10c6NDaW11plAm0T --NKVVwzPqe3ylhsQmmm02LHKX0gN4E1dUS0uClBbMGNq2mhln -------END PRIVATE KEY----- -- --PublicKey=BOB_c2tnb239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAEYgV7bokY6iLMzZTG10c6NDaW11pl --Am0TNKVVwzPqe3ylhsQmmm02LHKX0gN4E1dUS0uClBbMGNq2mhln -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2tnb239v2:BOB_c2tnb239v2_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2tnb239v2 --PeerKey=BOB_c2tnb239v2_PUB --SharedSecret=4ba2ecfa8ec7a375594d1673886cccf96d7763c55611b3c9008a35160192 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2tnb239v2 --PeerKey=ALICE_c2tnb239v2_PUB --SharedSecret=4ba2ecfa8ec7a375594d1673886cccf96d7763c55611b3c9008a35160192 -- --# TEST CURVE c2tnb239v3 -- --PrivateKey=ALICE_c2tnb239v3 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwANBGcwZQIBAQQeCxiC5lbHYL1QYbb2 --izZiSoLPnWCZIds811J1N7KtoUADPgAEdHMz+tsuO7VcO9IFgsSWTweLoB1ah5WI --g6cWrtcUfmO7EGfPwNni4Bf8No7rGGMwbisW0v6Jv2pkTSM8 -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2tnb239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEdHMz+tsuO7VcO9IFgsSWTweLoB1a --h5WIg6cWrtcUfmO7EGfPwNni4Bf8No7rGGMwbisW0v6Jv2pkTSM8 -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2tnb239v3:ALICE_c2tnb239v3_PUB -- -- --PrivateKey=BOB_c2tnb239v3 -------BEGIN PRIVATE KEY----- --MIGBAgEAMBMGByqGSM49AgEGCCqGSM49AwANBGcwZQIBAQQeBBPxdeU3MohZc5Jx --7WadLuPSeXeOg75rXC1ElexsoUADPgAEaHwiwQmoqbPij8+l6hLHVQz0AZLBT5uX --hAh8fhTABKqI7qYShICAAX0tvu3EvQ8BQLP14grxUsSoEqAF -------END PRIVATE KEY----- -- --PublicKey=BOB_c2tnb239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEaHwiwQmoqbPij8+l6hLHVQz0AZLB --T5uXhAh8fhTABKqI7qYShICAAX0tvu3EvQ8BQLP14grxUsSoEqAF -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2tnb239v3:BOB_c2tnb239v3_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2tnb239v3 --PeerKey=BOB_c2tnb239v3_PUB --SharedSecret=47ad60e5480375fccd9246c93ab04da8e5da83e1dbf5f177f10a47cb54a0 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2tnb239v3 --PeerKey=ALICE_c2tnb239v3_PUB --SharedSecret=47ad60e5480375fccd9246c93ab04da8e5da83e1dbf5f177f10a47cb54a0 -- --# TEST CURVE c2pnb272w1 -- --PrivateKey=ALICE_c2pnb272w1 -------BEGIN PRIVATE KEY----- --MIGMAgEAMBMGByqGSM49AgEGCCqGSM49AwAQBHIwcAIBAQQhAKMtKddENVGjzTU4 --w+hW0SgDOtIElcs52wb40S08j6gMoUgDRgAEfGvSzQo+00VXIDXV7iiGXpI16kzs --6C8rkchA5sVBBY56nSCp0n4FpIXRzafiFQklJD9OrJzA6PXc7tp2n2XhIwvuOmI= -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2pnb272w1_PUB -------BEGIN PUBLIC KEY----- --MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEfGvSzQo+00VXIDXV7iiGXpI16kzs --6C8rkchA5sVBBY56nSCp0n4FpIXRzafiFQklJD9OrJzA6PXc7tp2n2XhIwvuOmI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2pnb272w1:ALICE_c2pnb272w1_PUB -- -- --PrivateKey=BOB_c2pnb272w1 -------BEGIN PRIVATE KEY----- --MIGMAgEAMBMGByqGSM49AgEGCCqGSM49AwAQBHIwcAIBAQQhAFAKPByX1wlYUpU4 --mECDAxg+VM5aFo4JPlqEzR0b9hI6oUgDRgAEL8+863IU4uxbEY8jVBjhsrG4W6AF --MF6t+aGvoiKHtEMLQa6U158TRapDWp4eRurm6Idvv7hepCPqOMEGySDUwMECiQM= -------END PRIVATE KEY----- -- --PublicKey=BOB_c2pnb272w1_PUB -------BEGIN PUBLIC KEY----- --MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEL8+863IU4uxbEY8jVBjhsrG4W6AF --MF6t+aGvoiKHtEMLQa6U158TRapDWp4eRurm6Idvv7hepCPqOMEGySDUwMECiQM= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2pnb272w1:BOB_c2pnb272w1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2pnb272w1 --PeerKey=BOB_c2pnb272w1_PUB --SharedSecret=3ae063b2bed6ba8aa28ff35e9bd2673f22ee8087860c86b89429a5b52538216632a3 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2pnb272w1 --PeerKey=ALICE_c2pnb272w1_PUB --SharedSecret=3ae063b2bed6ba8aa28ff35e9bd2673f22ee8087860c86b89429a5b52538216632a3 -- --# TEST CURVE c2pnb304w1 -- --PrivateKey=ALICE_c2pnb304w1 -------BEGIN PRIVATE KEY----- --MIGYAgEAMBMGByqGSM49AgEGCCqGSM49AwARBH4wfAIBAQQlAOKzfcV2XOvVsSUh --oVz3SHGzSCf0q9i+ilz5ZfBxc+5ssjK7jKFQA04ABDc4zQNFaZukj9iz3iXTYdza --tCOYZvrfOjrbgzl/8PoFxt5q6yJTu35Vu9XVp5pTCtjpDEpywBj0xb07RRuVDEk8 --TthFP5vGeTIWLD4= -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2pnb304w1_PUB -------BEGIN PUBLIC KEY----- --MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAENzjNA0Vpm6SP2LPeJdNh3Nq0I5hm --+t86OtuDOX/w+gXG3mrrIlO7flW71dWnmlMK2OkMSnLAGPTFvTtFG5UMSTxO2EU/ --m8Z5MhYsPg== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2pnb304w1:ALICE_c2pnb304w1_PUB -- -- --PrivateKey=BOB_c2pnb304w1 -------BEGIN PRIVATE KEY----- --MIGYAgEAMBMGByqGSM49AgEGCCqGSM49AwARBH4wfAIBAQQlAPP4hz6sa+KdTJ4h --fBeCUiJBfshcZoapkZMFrhI1vdcRY7MeAaFQA04ABMHRUzLiUY7O4nEBdmex31U4 --l6TO/dD+5MV/tVNizVsWjkTvi2fs772lZ9MeNp6QnGMZ5n5subHsa0QOJL1LpmXX --K0UIWGbW0nQb52g= -------END PRIVATE KEY----- -- --PublicKey=BOB_c2pnb304w1_PUB -------BEGIN PUBLIC KEY----- --MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAEwdFTMuJRjs7icQF2Z7HfVTiXpM79 --0P7kxX+1U2LNWxaORO+LZ+zvvaVn0x42npCcYxnmfmy5sexrRA4kvUumZdcrRQhY --ZtbSdBvnaA== -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2pnb304w1:BOB_c2pnb304w1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2pnb304w1 --PeerKey=BOB_c2pnb304w1_PUB --SharedSecret=6df88b20de9f095c7632234291ea4658a9265cd2293424e11ed56705b09a069f09dc4e055eb7 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2pnb304w1 --PeerKey=ALICE_c2pnb304w1_PUB --SharedSecret=6df88b20de9f095c7632234291ea4658a9265cd2293424e11ed56705b09a069f09dc4e055eb7 -- --# TEST CURVE c2tnb359v1 -- --PrivateKey=ALICE_c2tnb359v1 -------BEGIN PRIVATE KEY----- --MIGwAgEAMBMGByqGSM49AgEGCCqGSM49AwASBIGVMIGSAgEBBC0BeMU97SvjsIvQ --1v+Ztf56OCL8JXHxRJDQZ5gWEa4c2b3FZXFVC4CwEPd7cB+hXgNcAAQOBgLp0TzS --4Hf/VYbJCFuj3OlRC5JMzFV7ox41ubhl5Ij+gHIodu1bQ6cqd0YAb2/30PxwX++N --NpFvq8u8435zhPYXsut6txOPNU5ZzCeagy2xsKacXSZc7D0= -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2tnb359v1_PUB -------BEGIN PUBLIC KEY----- --MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEDgYC6dE80uB3/1WGyQhbo9zpUQuS --TMxVe6MeNbm4ZeSI/oByKHbtW0OnKndGAG9v99D8cF/vjTaRb6vLvON+c4T2F7Lr --ercTjzVOWcwnmoMtsbCmnF0mXOw9 -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2tnb359v1:ALICE_c2tnb359v1_PUB -- -- --PrivateKey=BOB_c2tnb359v1 -------BEGIN PRIVATE KEY----- --MIGwAgEAMBMGByqGSM49AgEGCCqGSM49AwASBIGVMIGSAgEBBC0BRZ3IIh3mrLIX --KBbh6Vj7TXNY5bzRuD5/ayHPlHQkJcd8K66dOqu7hgaN91GhXgNcAAQ7njbTQ2xY --YZtkKswYr8E6P/R3Dg/XEZgQQ72B4qXnqbK/SgYsZAntFg7CRztcTkHjKAgdSz6f --TRIc4///gwXN3Oi6D8PeswhzPJi/uLmCAHMm3GT6SUO3aTY= -------END PRIVATE KEY----- -- --PublicKey=BOB_c2tnb359v1_PUB -------BEGIN PUBLIC KEY----- --MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEO54200NsWGGbZCrMGK/BOj/0dw4P --1xGYEEO9geKl56myv0oGLGQJ7RYOwkc7XE5B4ygIHUs+n00SHOP//4MFzdzoug/D --3rMIczyYv7i5ggBzJtxk+klDt2k2 -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2tnb359v1:BOB_c2tnb359v1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2tnb359v1 --PeerKey=BOB_c2tnb359v1_PUB --SharedSecret=1d3f3396492d130caea54233c79833e90a072fe883071bb08cec671ce0319f0bc39c68dda0199952152a5c3563 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2tnb359v1 --PeerKey=ALICE_c2tnb359v1_PUB --SharedSecret=1d3f3396492d130caea54233c79833e90a072fe883071bb08cec671ce0319f0bc39c68dda0199952152a5c3563 -- --# TEST CURVE c2pnb368w1 -- --PrivateKey=ALICE_c2pnb368w1 -------BEGIN PRIVATE KEY----- --MIGyAgEAMBMGByqGSM49AgEGCCqGSM49AwATBIGXMIGUAgEBBC0AFagbth/4/M2s --b1G4FpxbFEVLIulioS34v0hrClpZ38/Z+PHmIhOfEFminyehYANeAAQAU42w7mII --jkyAdnCC4qoEPdH42fh3oVyCtnaRtKUmdhUdXm0IgSM4T4SYEOsx+aQZLGIjnhHJ --CabcaKPQ0sai3dirUr2YsNXNDJiU93T7buUr+DnRPGsfBy/nEg== -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2pnb368w1_PUB -------BEGIN PUBLIC KEY----- --MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEAFONsO5iCI5MgHZwguKqBD3R+Nn4 --d6FcgrZ2kbSlJnYVHV5tCIEjOE+EmBDrMfmkGSxiI54RyQmm3Gij0NLGot3Yq1K9 --mLDVzQyYlPd0+27lK/g50TxrHwcv5xI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2pnb368w1:ALICE_c2pnb368w1_PUB -- -- --PrivateKey=BOB_c2pnb368w1 -------BEGIN PRIVATE KEY----- --MIGyAgEAMBMGByqGSM49AgEGCCqGSM49AwATBIGXMIGUAgEBBC0AA/woMzOFy8k2 --zBqBkubhkOIwc7sx0u+JadM9f7V45L4P8nK7bjJasOqrHRahYANeAATKE6jcstac --H8yWzg/qBgvGoGan2PVwTN/U+68K4WxHO7+oPHviUh1OVF7ZxYjsVSdyno83iHE3 --3sq2Ej6j26f+uVs/fuWk19t8NpAQ6+sVETZszuMDm5adqtVZRQ== -------END PRIVATE KEY----- -- --PublicKey=BOB_c2pnb368w1_PUB -------BEGIN PUBLIC KEY----- --MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEyhOo3LLWnB/Mls4P6gYLxqBmp9j1 --cEzf1PuvCuFsRzu/qDx74lIdTlRe2cWI7FUncp6PN4hxN97KthI+o9un/rlbP37l --pNfbfDaQEOvrFRE2bM7jA5uWnarVWUU= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2pnb368w1:BOB_c2pnb368w1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2pnb368w1 --PeerKey=BOB_c2pnb368w1_PUB --SharedSecret=d191710b156d1b1d14242843a7f0abf28060bbb9e655655b53852a8b0f250ef1eee37d59364d9791c8e1bc526cbb -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2pnb368w1 --PeerKey=ALICE_c2pnb368w1_PUB --SharedSecret=d191710b156d1b1d14242843a7f0abf28060bbb9e655655b53852a8b0f250ef1eee37d59364d9791c8e1bc526cbb -- --# TEST CURVE c2tnb431r1 -- --PrivateKey=ALICE_c2tnb431r1 -------BEGIN PRIVATE KEY----- --MIHKAgEAMBMGByqGSM49AgEGCCqGSM49AwAUBIGvMIGsAgEBBDUC18JhUt+NCIZ/ --q6kdjNZ7zX72UqpW4K6Uc2bAWu2PXK1aL573LNzu4oUlHfbvuE1BUrxNpaFwA24A --BDrG8SG4lckR1rrvLRpXYf7Wspmh/fbql+Zpulyl896XtwQK2BkLVRkZ5ixTG4PU --yb64OiffdSnvIaM++cb7LgJLBBgT3d5le8V1gtxWFFm0NggUyF6glmUqHQL0LuhX --WS468O6w05KS0AL6vQ== -------END PRIVATE KEY----- -- --PublicKey=ALICE_c2tnb431r1_PUB -------BEGIN PUBLIC KEY----- --MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABDrG8SG4lckR1rrvLRpXYf7Wspmh --/fbql+Zpulyl896XtwQK2BkLVRkZ5ixTG4PUyb64OiffdSnvIaM++cb7LgJLBBgT --3d5le8V1gtxWFFm0NggUyF6glmUqHQL0LuhXWS468O6w05KS0AL6vQ== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_c2tnb431r1:ALICE_c2tnb431r1_PUB -- -- --PrivateKey=BOB_c2tnb431r1 -------BEGIN PRIVATE KEY----- --MIHKAgEAMBMGByqGSM49AgEGCCqGSM49AwAUBIGvMIGsAgEBBDUApanyPgvpfrAu --1jNAKGpctH71v0+P/kFF9JxdFYarpWEwBBd4tz6CxoYKmvDZ9ukOOqBbX6FwA24A --BGh3JXuYmh6dGGEmbRhoR2T5pVD/5Mq2ZKKzfzY2NOoKiIs6rVzv2SW7S6BScYlR --qRWiXCeZVFvT0crDY/5uodkHbcRw6B/Yo/iMN8wLI257Tjm9/C5G+JPCLopCcLIL --gTwAJM2ZhtPnc08LyQ== -------END PRIVATE KEY----- -- --PublicKey=BOB_c2tnb431r1_PUB -------BEGIN PUBLIC KEY----- --MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABGh3JXuYmh6dGGEmbRhoR2T5pVD/ --5Mq2ZKKzfzY2NOoKiIs6rVzv2SW7S6BScYlRqRWiXCeZVFvT0crDY/5uodkHbcRw --6B/Yo/iMN8wLI257Tjm9/C5G+JPCLopCcLILgTwAJM2ZhtPnc08LyQ== -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_c2tnb431r1:BOB_c2tnb431r1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_c2tnb431r1 --PeerKey=BOB_c2tnb431r1_PUB --SharedSecret=4c4d7d387843ff5152f22f101b0609238819357fae2ccc9097b818e383ef6809cb46671fb514009d4d1d3d0119fba265107302e95748 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_c2tnb431r1 --PeerKey=ALICE_c2tnb431r1_PUB --SharedSecret=4c4d7d387843ff5152f22f101b0609238819357fae2ccc9097b818e383ef6809cb46671fb514009d4d1d3d0119fba265107302e95748 -- --# TEST CURVE wap-wsg-idm-ecid-wtls1 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls1 -------BEGIN PRIVATE KEY----- --MFACAQAwEAYHKoZIzj0CAQYFZysBBAEEOTA3AgEBBA5Xu91qBwxTDmhD/30Kf6Ei --AyAABAFQSZ0G+afa1x4KwUzBjQEWFNdZoF6UNYGkCRINyg== -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls1_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAVBJnQb5p9rXHgrBTMGNARYU11mgXpQ1 --gaQJEg3K -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls1:ALICE_wap-wsg-idm-ecid-wtls1_PUB -- -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls1 -------BEGIN PRIVATE KEY----- --MFACAQAwEAYHKoZIzj0CAQYFZysBBAEEOTA3AgEBBA5aU6CQ474Z1fH3xAtn/6Ei --AyAABAFpb4GTc+5vf5nkt4zLxwGZQ6qSbYlH8pUbpvwcqA== -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls1_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAWlvgZNz7m9/meS3jMvHAZlDqpJtiUfy --lRum/Byo -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls1:BOB_wap-wsg-idm-ecid-wtls1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls1 --PeerKey=BOB_wap-wsg-idm-ecid-wtls1_PUB --SharedSecret=0000fc6e280987e8b9bf6e3c7fa003 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls1 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls1_PUB --SharedSecret=0000fc6e280987e8b9bf6e3c7fa003 -- --# TEST CURVE wap-wsg-idm-ecid-wtls3 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls3 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFZysBBAMETDBKAgEBBBUBN2FFgQiz4KPJ9GEsrj5B --m908ifuhLgMsAAQBV21Tx3v8+1wFKq7PiloR1CxzmlUDvnyXrs4mNmc5Ns38mzPe --NueQNo0= -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls3_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAVdtU8d7/PtcBSquz4paEdQsc5pVA758 --l67OJjZnOTbN/Jsz3jbnkDaN -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls3:ALICE_wap-wsg-idm-ecid-wtls3_PUB -- -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls3 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFZysBBAMETDBKAgEBBBUA/0Ust7IoJ526zn2wiWBu --rR5NeSWhLgMsAAQB7d+/zMMti4djhlVnaGqaqonbmo4Cv+iKT1cF3nzXV/KXHSJI --p9iZeas= -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls3_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAe3fv8zDLYuHY4ZVZ2hqmqqJ25qOAr/o --ik9XBd5811fylx0iSKfYmXmr -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls3:BOB_wap-wsg-idm-ecid-wtls3_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls3 --PeerKey=BOB_wap-wsg-idm-ecid-wtls3_PUB --SharedSecret=00cf1d850f396436be68f1e5502935853ed054511f -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls3 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls3_PUB --SharedSecret=00cf1d850f396436be68f1e5502935853ed054511f -- --# TEST CURVE wap-wsg-idm-ecid-wtls4 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls4 -------BEGIN PRIVATE KEY----- --MFECAQAwEAYHKoZIzj0CAQYFZysBBAQEOjA4AgEBBA8AsuEGufSNSrDPu3Y1Namh --IgMgAAQAcvPRbArskeBs6W2oOesAHMQo8Lk/FHcYKUfMOKY= -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls4_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAHLz0WwK7JHgbOltqDnrABzEKPC5PxR3 --GClHzDim -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls4:ALICE_wap-wsg-idm-ecid-wtls4_PUB -- -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls4 -------BEGIN PRIVATE KEY----- --MFECAQAwEAYHKoZIzj0CAQYFZysBBAQEOjA4AgEBBA8AFJwmUkKbWdmzvqv+AbWh --IgMgAAQBriOJSyRL4ro55CbCwekBluEKwIfP64OfJCEfWTU= -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls4_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAa4jiUskS+K6OeQmwsHpAZbhCsCHz+uD --nyQhH1k1 -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls4:BOB_wap-wsg-idm-ecid-wtls4_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls4 --PeerKey=BOB_wap-wsg-idm-ecid-wtls4_PUB --SharedSecret=01076232302ca32b5f3daf075e5213 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls4 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls4_PUB --SharedSecret=01076232302ca32b5f3daf075e5213 -- --# TEST CURVE wap-wsg-idm-ecid-wtls5 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls5 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFZysBBAUETDBKAgEBBBUCmngbaO2S//Ta0ZUhn/nb --ZydTKD+hLgMsAAQA1792id3hLIu2z0KECkBCUbTSP9UFLu2FTJkLa8qP4ZIrBt5F --XKJo2Dw= -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls5_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEANe/dond4SyLts9ChApAQlG00j/VBS7t --hUyZC2vKj+GSKwbeRVyiaNg8 -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls5:ALICE_wap-wsg-idm-ecid-wtls5_PUB -- -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls5 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFZysBBAUETDBKAgEBBBUBraa4aeYxHd9HJ0vLIoCw --auGKd9yhLgMsAAQHzc2FgfJGasNlMcJNDDrNQElhA1cHD4izqEedmC3ueMu72/Sp --VF2Ppig= -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls5_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEB83NhYHyRmrDZTHCTQw6zUBJYQNXBw+I --s6hHnZgt7njLu9v0qVRdj6Yo -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls5:BOB_wap-wsg-idm-ecid-wtls5_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls5 --PeerKey=BOB_wap-wsg-idm-ecid-wtls5_PUB --SharedSecret=066091c591278f5b949106052b2546aacc20917c20 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls5 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls5_PUB --SharedSecret=066091c591278f5b949106052b2546aacc20917c20 -- --# TEST CURVE wap-wsg-idm-ecid-wtls6 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls6 -------BEGIN PRIVATE KEY----- --ME4CAQAwEAYHKoZIzj0CAQYFZysBBAYENzA1AgEBBA5LJwRNrPNMwGyoBP95a6Eg --Ax4ABMZxFi711Wl5r7tb1XJ9fJ3H1W1MKvVrYvfmNFo= -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls6_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAExnEWLvXVaXmvu1vVcn18ncfVbUwq9Wti --9+Y0Wg== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls6:ALICE_wap-wsg-idm-ecid-wtls6_PUB -- -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls6 -------BEGIN PRIVATE KEY----- --ME4CAQAwEAYHKoZIzj0CAQYFZysBBAYENzA1AgEBBA63i1z4Kl8BEE1I3CYU9KEg --Ax4ABG3Ft5F8wvnGimUAmGQrfqAlVJKdzhNSa3v47Kc= -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls6_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAEbcW3kXzC+caKZQCYZCt+oCVUkp3OE1Jr --e/jspw== -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls6:BOB_wap-wsg-idm-ecid-wtls6_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls6 --PeerKey=BOB_wap-wsg-idm-ecid-wtls6_PUB --SharedSecret=8d184455748c56115ba2183070b0 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls6 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls6_PUB --SharedSecret=8d184455748c56115ba2183070b0 -- --# TEST CURVE wap-wsg-idm-ecid-wtls7 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls7 -------BEGIN PRIVATE KEY----- --MGECAQAwEAYHKoZIzj0CAQYFZysBBAcESjBIAgEBBBUAueoisiN+luJEy0wdiI7j --cALlTqChLAMqAAQ/FWsGxD8vuvEFWXfWReOqvBzqWrF9mdMeTeOE1y9r9POOIUVJ --PNtL -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls7_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEPxVrBsQ/L7rxBVl31kXjqrwc6lqxfZnT --Hk3jhNcva/TzjiFFSTzbSw== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls7:ALICE_wap-wsg-idm-ecid-wtls7_PUB -- -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls7 -------BEGIN PRIVATE KEY----- --MGECAQAwEAYHKoZIzj0CAQYFZysBBAcESjBIAgEBBBUAr42vKjbUXFak2mVzFYpu --yhN/cDyhLAMqAASJZpuFg+n8vscuq+pqfFFPYemnfLdhdAB4JodfR3J5Bzu67hEm --bIKQ -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls7_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEiWabhYPp/L7HLqvqanxRT2Hpp3y3YXQA --eCaHX0dyeQc7uu4RJmyCkA== -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls7:BOB_wap-wsg-idm-ecid-wtls7_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls7 --PeerKey=BOB_wap-wsg-idm-ecid-wtls7_PUB --SharedSecret=990eda6a0406caef965018b97c94d0faa200f6e4 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls7 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls7_PUB --SharedSecret=990eda6a0406caef965018b97c94d0faa200f6e4 -- --# TEST CURVE wap-wsg-idm-ecid-wtls8 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls8 -------BEGIN PRIVATE KEY----- --ME8CAQAwEAYHKoZIzj0CAQYFZysBBAgEODA2AgEBBA8A1m62ffl6niuM46XOUyih --IAMeAAT4mqYAoe7NEtKfEMQs2ofInhZRZCFrFU5cjEWi -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls8_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAE+JqmAKHuzRLSnxDELNqHyJ4WUWQhaxVO --XIxFog== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls8:ALICE_wap-wsg-idm-ecid-wtls8_PUB -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls8 -------BEGIN PRIVATE KEY----- --ME8CAQAwEAYHKoZIzj0CAQYFZysBBAgEODA2AgEBBA8AegTrLoMRyPl4U4xOdg6h --IAMeAATQKkyQ3jL2Eku6C+vSQazbjjSkzNe67Occqj2P -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls8_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAE0CpMkN4y9hJLugvr0kGs2440pMzXuuzn --HKo9jw== -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls8:BOB_wap-wsg-idm-ecid-wtls8_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls8 --PeerKey=BOB_wap-wsg-idm-ecid-wtls8_PUB --SharedSecret=7524c547bd6b26644ce70571cb06 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls8 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls8_PUB --SharedSecret=7524c547bd6b26644ce70571cb06 -- --# TEST CURVE wap-wsg-idm-ecid-wtls9 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls9 -------BEGIN PRIVATE KEY----- --MGECAQAwEAYHKoZIzj0CAQYFZysBBAkESjBIAgEBBBUAE0376NvzsIXi6XadrVn4 --06obTRChLAMqAARbC1yw9f1uBOVlMf5ZFQewTgyc81Aqh2TFMSRfujCIhdvGTYgR --tu6F -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls9_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAEWwtcsPX9bgTlZTH+WRUHsE4MnPNQKodk --xTEkX7owiIXbxk2IEbbuhQ== -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls9:ALICE_wap-wsg-idm-ecid-wtls9_PUB -- -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls9 -------BEGIN PRIVATE KEY----- --MGECAQAwEAYHKoZIzj0CAQYFZysBBAkESjBIAgEBBBUAd2kfMclaJU2bg8ayTrjZ --oolI82yhLAMqAAQ0NeW9TKhQeFrrTyMR9Gb55+BneCQSByAShM8Dn3V1FFYz7n0y --bvBX -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls9_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAENDXlvUyoUHha608jEfRm+efgZ3gkEgcg --EoTPA591dRRWM+59Mm7wVw== -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls9:BOB_wap-wsg-idm-ecid-wtls9_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls9 --PeerKey=BOB_wap-wsg-idm-ecid-wtls9_PUB --SharedSecret=5ca1d9eed44def2c390fd5bbb16ca2c3a09eb7b1 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls9 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls9_PUB --SharedSecret=5ca1d9eed44def2c390fd5bbb16ca2c3a09eb7b1 -- --# TEST CURVE wap-wsg-idm-ecid-wtls10 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls10 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFZysBBAoEZjBkAgEBBB01TDgjIGd+gXPZ4esQnWzz --/y1vzJniUBM5XNyPq6FAAz4ABAHVs5gYpbJzqyO8Lk3nkTwhu4BuXb4wtrgGcY2L --TwGxkC4Zq4aqLowsexGjVa0IjGKdWz5/TfwLwGpN4A== -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls10_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAdWzmBilsnOrI7wuTeeRPCG7gG5dvjC2 --uAZxjYtPAbGQLhmrhqoujCx7EaNVrQiMYp1bPn9N/AvAak3g -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls10:ALICE_wap-wsg-idm-ecid-wtls10_PUB -- -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls10 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFZysBBAoEZjBkAgEBBB0mTqwYwByRuu4zcU1QLKcG --m8wewuaoKqVSpp8xQaFAAz4ABAEF4xTrWAIF1EacNMqTG3kwxwartAKFFqyOle+w --BwDi6gra7cFVedD1p5RwD4gZU4QzgCLSwa7xZbBzgg== -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls10_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAQXjFOtYAgXURpw0ypMbeTDHBqu0AoUW --rI6V77AHAOLqCtrtwVV50PWnlHAPiBlThDOAItLBrvFlsHOC -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls10:BOB_wap-wsg-idm-ecid-wtls10_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls10 --PeerKey=BOB_wap-wsg-idm-ecid-wtls10_PUB --SharedSecret=0199de137bc263e25b543994d6315b5a3f1e38e7e1f60662cb5cbaab5f98 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls10 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls10_PUB --SharedSecret=0199de137bc263e25b543994d6315b5a3f1e38e7e1f60662cb5cbaab5f98 -- --# TEST CURVE wap-wsg-idm-ecid-wtls11 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls11 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFZysBBAsEZzBlAgEBBB4Au6lrzC3RIk3jXmtbeOAp --LZPR0NUrr6dTf1lSCGqhQAM+AAQBl73V2TEZ8BO4QC+YiBlJ0GmW8WLc3RtS3iIr --/oUAaDQQAGVJFD3GghjBPfI9KVBcZ2P8tUXUv5ifrWc= -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls11_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAZe91dkxGfATuEAvmIgZSdBplvFi3N0b --Ut4iK/6FAGg0EABlSRQ9xoIYwT3yPSlQXGdj/LVF1L+Yn61n -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls11:ALICE_wap-wsg-idm-ecid-wtls11_PUB -- -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls11 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFZysBBAsEZzBlAgEBBB4AGJuGtQI1FvHfp2AsdKb3 --NVWawjpZQuyM1aelws2hQAM+AAQAdTW3xU6Ijf/Y835Z2hS4fOn6Xmp3O6iblXHr --nKoBORuxHVRfXkfdL5TqfFpuDghzCyAS6ZMSWhjGV5o= -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls11_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAHU1t8VOiI3/2PN+WdoUuHzp+l5qdzuo --m5Vx65yqATkbsR1UX15H3S+U6nxabg4IcwsgEumTEloYxlea -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls11:BOB_wap-wsg-idm-ecid-wtls11_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls11 --PeerKey=BOB_wap-wsg-idm-ecid-wtls11_PUB --SharedSecret=01ee4b517d8a64be5ee32e10152c7bbcb8cde73a3da8e9643bce173011f7 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls11 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls11_PUB --SharedSecret=01ee4b517d8a64be5ee32e10152c7bbcb8cde73a3da8e9643bce173011f7 -- --# TEST CURVE wap-wsg-idm-ecid-wtls12 -- --PrivateKey=ALICE_wap-wsg-idm-ecid-wtls12 -------BEGIN PRIVATE KEY----- --MHgCAQAwEAYHKoZIzj0CAQYFZysBBAwEYTBfAgEBBByAnUvQZhZr1lgTRixSMIx0 --KHuV4t8cbXCW415soTwDOgAE3G8wIl9SJ0mAmuIMWbJpFjf9wO8gKNu6nApye39Y --hpXeYRL/nm7G6HmiiA5O1iudWC3hDbBH0cc= -------END PRIVATE KEY----- -- --PublicKey=ALICE_wap-wsg-idm-ecid-wtls12_PUB -------BEGIN PUBLIC KEY----- --ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAE3G8wIl9SJ0mAmuIMWbJpFjf9wO8gKNu6 --nApye39YhpXeYRL/nm7G6HmiiA5O1iudWC3hDbBH0cc= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_wap-wsg-idm-ecid-wtls12:ALICE_wap-wsg-idm-ecid-wtls12_PUB -- -- --PrivateKey=BOB_wap-wsg-idm-ecid-wtls12 -------BEGIN PRIVATE KEY----- --MHgCAQAwEAYHKoZIzj0CAQYFZysBBAwEYTBfAgEBBBzZ7nt4CrPrk2m5iR64vpkj --95JHOmzWf4VhRZqdoTwDOgAEukz40I4gWpUmXCM+PLmWGd0IO0XIPQa9KXzXvhbL --dJH0yFkJ+ClSboOC26gtMTICiPhEgYjeKEQ= -------END PRIVATE KEY----- -- --PublicKey=BOB_wap-wsg-idm-ecid-wtls12_PUB -------BEGIN PUBLIC KEY----- --ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAEukz40I4gWpUmXCM+PLmWGd0IO0XIPQa9 --KXzXvhbLdJH0yFkJ+ClSboOC26gtMTICiPhEgYjeKEQ= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_wap-wsg-idm-ecid-wtls12:BOB_wap-wsg-idm-ecid-wtls12_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_wap-wsg-idm-ecid-wtls12 --PeerKey=BOB_wap-wsg-idm-ecid-wtls12_PUB --SharedSecret=c75a8283a73312de82c8f99d41a9173a43b8f921e8161dd140131b36 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_wap-wsg-idm-ecid-wtls12 --PeerKey=ALICE_wap-wsg-idm-ecid-wtls12_PUB --SharedSecret=c75a8283a73312de82c8f99d41a9173a43b8f921e8161dd140131b36 -- - # EC P-256 key - - PrivateKey=P-256 -@@ -2664,61 +265,6 @@ Derive=BOB_secp521r1 - PeerKey=ALICE_secp521r1_PUB - SharedSecret=018c8f33e544a0fa8854dcd96bdba75b7687d1c42b2ff1bf0a06d49c424fee96d8a7f3af3119dcbfabc1c147477c50f7c72971956f9bb17ddec6d02b2187f06cf4be - --# TEST CURVE prime192v1 -- --PrivateKey=ALICE_prime192v1 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjxfXvSFNqD2UzFVN1L --bQrPlzop7dxQq/ehNAMyAATibpGuYzCjkT1tWLYEogpKz74WqhvbQtZPkCYQCin1 --cmZuNW+BZ0jyVEpGlpnZPMg= -------END PRIVATE KEY----- -- --PublicKey=ALICE_prime192v1_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE4m6RrmMwo5E9bVi2BKIKSs++Fqob --20LWT5AmEAop9XJmbjVvgWdI8lRKRpaZ2TzI -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_prime192v1:ALICE_prime192v1_PUB -- -- --PrivateKey=BOB_prime192v1 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhewaqXNZlYyqnmuEEE --Y/oUXe3/jpzhmyGhNAMyAASkpwNJEP/1FuuWKCDDUm26iyqrs+zKwayZnaF77YC6 --qCtgia7yNcSl9tlWHh3gQgw= -------END PRIVATE KEY----- -- --PublicKey=BOB_prime192v1_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEpKcDSRD/9Rbrliggw1Jtuosqq7Ps --ysGsmZ2he+2AuqgrYImu8jXEpfbZVh4d4EIM -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_prime192v1:BOB_prime192v1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_prime192v1 --PeerKey=BOB_prime192v1_PUB --SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861 -- --# Negative test: A weak curve with a strength < 112 fails in FIPS mode. --Availablein = fips --Derive=ALICE_prime192v1 --Securitycheck = 1 --PeerKey=BOB_prime192v1_PUB --Result = DERIVE_SET_PEER_ERROR -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_prime192v1 --PeerKey=ALICE_prime192v1_PUB --SharedSecret=be2a779b587f8f5d7c9d8f006e0a6d0e996c9c63c255f861 -- - # TEST CURVE prime256v1 - - PrivateKey=ALICE_prime256v1 -@@ -2765,549 +311,6 @@ Derive=BOB_prime256v1 - PeerKey=ALICE_prime256v1_PUB - SharedSecret=390021fbca00d959c1adaf7e9cedef0e65a582489eab9adbe739ef66bf82adb4 - --# TEST CURVE sect163k1 -- --PrivateKey=ALICE_sect163k1 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBxkeGOXE86PAijpk8trN/ --f3kl4UmhLgMsAAQD1hrDCJ2MSFKZ6Q11cTllX/l5HY0Hg5XZCxMFC84AaczwPtNJ --YNCxfCk= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect163k1_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA9YawwidjEhSmekNdXE5ZV/5eR2NB4OV --2QsTBQvOAGnM8D7TSWDQsXwp -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect163k1:ALICE_sect163k1_PUB -- --PrivateKey=BOB_sect163k1 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCUJ5kItSfXidHXsgokcS7 --nzPFbOShLgMsAAQGrYNJ1qgdb3A9ISOmTujfS+WYFKwBXXrJEluAkeNh3jXnDq8X --+XBB0k8= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect163k1_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBq2DSdaoHW9wPSEjpk7o30vlmBSsAV16 --yRJbgJHjYd415w6vF/lwQdJP -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect163k1:BOB_sect163k1_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_sect163k1 --PeerKey=BOB_sect163k1_PUB --SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_sect163k1 --PeerKey=ALICE_sect163k1_PUB --SharedSecret=07bfdf00759b383aa7741ae4634400f8ddf2047092 -- --# TEST CURVE sect163r2 -- --PrivateKey=ALICE_sect163r2 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDjH2G7BkPTBM4VtljaQr8 --sXVLNOqhLgMsAAQHHqWxJWR2KrHCPp/PSjZIdK88ET0A323/UOTxhYHwsLpR7rp3 --ahq1lQ8= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect163r2_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBx6lsSVkdiqxwj6fz0o2SHSvPBE9AN9t --/1Dk8YWB8LC6Ue66d2oatZUP -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect163r2:ALICE_sect163r2_PUB -- -- --PrivateKey=BOB_sect163r2 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBXOM9Tm6sKXUlRLlW0HgC --NTDxW2ihLgMsAAQGxa8xRcC+TIcDgGtehDVEV1PoBokBwtILj16NPYC0aBZI8/nF --F4jhgmc= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect163r2_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBsWvMUXAvkyHA4BrXoQ1RFdT6AaJAcLS --C49ejT2AtGgWSPP5xReI4YJn -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect163r2:BOB_sect163r2_PUB -- -- --# ECDH Alice with Bob peer -- --Availablein = default --Derive=ALICE_sect163r2 --PeerKey=BOB_sect163r2_PUB --SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951 -- --# ECDH Bob with Alice peer -- --Availablein = default --Derive=BOB_sect163r2 --PeerKey=ALICE_sect163r2_PUB --SharedSecret=040df54e6df412790ef5c0fafbbfcba5136b872951 -- --# TEST CURVE sect233k1 -- --PrivateKey=ALICE_sect233k1 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1aR7qaKm1vmZWK2bGsJ1rX --mH6BpTkW4t1L4zSf/KFAAz4ABADcDiv+bTvPVViqYLNz06VO5wodry+sGi6fnJIr --QQCTfZ9d5whiIsbY5Thlcm7I0A/cIGoShA/6LumOVA== -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect233k1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANwOK/5tO89VWKpgs3PTpU7nCh2vL6wa --Lp+ckitBAJN9n13nCGIixtjlOGVybsjQD9wgahKED/ou6Y5U -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect233k1:ALICE_sect233k1_PUB -- -- --PrivateKey=BOB_sect233k1 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0oa5BrzYxm6mn51Xyphn6X --OUjKc9oMDHCowAyHTaFAAz4ABAGKiFuFJVQeymHYRVnt2LNF2MSaTMcL9JGSPn2z --OwBis5MS4kgEFakWQl7KpGiy3vS89wmpblvHLJ/+IQ== -------END PRIVATE KEY----- -- --PublicKey=BOB_sect233k1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAYqIW4UlVB7KYdhFWe3Ys0XYxJpMxwv0 --kZI+fbM7AGKzkxLiSAQVqRZCXsqkaLLe9Lz3CaluW8csn/4h -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect233k1:BOB_sect233k1_PUB -- -- --# ECDH Alice with Bob peer -- --Derive=ALICE_sect233k1 --PeerKey=BOB_sect233k1_PUB --SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512 -- --# ECDH Bob with Alice peer -- --Derive=BOB_sect233k1 --PeerKey=ALICE_sect233k1_PUB --SharedSecret=00a5e5f2e992f4360d530dd365d14f5c6013212e14f4ea258c91c71f1512 -- --# TEST CURVE sect233r1 -- --PrivateKey=ALICE_sect233r1 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AEN6fePR2gizyXzU6kIgU --Gijp5+IQAXoNBfKnVeChQAM+AAQB0kEwu2fwQWo1v1j7XQ8uJT3iMwRC8w+cxgxx --GQ4B/FyjrhIUpEDWaMqfV23McZ6WdbIUe3MZ7K5pG38= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect233r1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAdJBMLtn8EFqNb9Y+10PLiU94jMEQvMP --nMYMcRkOAfxco64SFKRA1mjKn1dtzHGelnWyFHtzGeyuaRt/ -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect233r1:ALICE_sect233r1_PUB -- -- --PrivateKey=BOB_sect233r1 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AXHWOeS6fG0XCH3FnHDuS --IcELUeDG+AYNNeLVZd6hQAM+AAQAYRRYH017uxcaMPF3GOsL4bvodW1yZLEtL3pm --CkcAfqJI/4niCr8uHKh0gBa2JBjBWMV1u8Mpf60uvok= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect233r1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGEUWB9Ne7sXGjDxdxjrC+G76HVtcmSx --LS96ZgpHAH6iSP+J4gq/LhyodIAWtiQYwVjFdbvDKX+tLr6J -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect233r1:BOB_sect233r1_PUB -- -- --# ECDH Alice with Bob peer -- --Derive=ALICE_sect233r1 --PeerKey=BOB_sect233r1_PUB --SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2 -- --# ECDH Bob with Alice peer -- --Derive=BOB_sect233r1 --PeerKey=ALICE_sect233r1_PUB --SharedSecret=01625f3fcd367ee7cd74c67cca02dccfce6c3b19ef07e358ed943d17a8e2 -- --# TEST CURVE sect283k1 -- --PrivateKey=ALICE_sect283k1 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAGhnsmZ2UDKV3QKmq3k+ --33LQ6n5aCYvKXcMgiZlBS/RrVgIRoUwDSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnW --uC6oWVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4r --mGO7 -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect283k1_PUB -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBSgpOw5TMTc4O8HHhw5atJl5mrnWuC6o --WVYRYpD1IMvPNTRsAYo4SYRmPIfgzVv/ESVcHVaD1lPNo+eq0HN1qhvRX+4rmGO7 -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect283k1:ALICE_sect283k1_PUB -- -- --PrivateKey=BOB_sect283k1 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAAJXIwfWjYbiM5jEcNw8 --8/1kbEnhVjWGivO7zDPts7AuKSMkoUwDSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6V --D5v8KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzj --CN/m -------END PRIVATE KEY----- -- --PublicKey=BOB_sect283k1_PUB -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA5Ause5pdH6ks7PdyPeoPbYAkz6VD5v8 --KTV1b97PiYmZNDeoBY78FQyHRSvdSo+oRew2RacpaCAntRoiWHyN1nAdDSzjCN/m -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect283k1:BOB_sect283k1_PUB -- -- --# ECDH Alice with Bob peer -- --Derive=ALICE_sect283k1 --PeerKey=BOB_sect283k1_PUB --SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825 -- --# ECDH Bob with Alice peer -- --Derive=BOB_sect283k1 --PeerKey=ALICE_sect283k1_PUB --SharedSecret=02f2e682c2f60d7261624f3661a5e85fca920443b72aa4dd5a540082e65e552302d8f825 -- --# TEST CURVE sect283r1 -- --PrivateKey=ALICE_sect283r1 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAi4Jrhu19kt7H8jw1FO7 --VzCxh6p0pI0ogl3q9ev5NFkufZkZoUwDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqU --S40TU2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE --7jsD -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect283r1_PUB -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAHx6cwnWw+9l3oZHpx+R8nu7SLqUS40T --U2uL0W6VTNANIvcJB1b++3okH0FJgFAahbaotafYTyfqCoY11VaxnVqU5/aE7jsD -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect283r1:ALICE_sect283r1_PUB -- -- --PrivateKey=BOB_sect283r1 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkACD04gJaVfVxK/Dpbxjq --rzZWc6B76a23MK/IQD1jMlGPQzzxoUwDSgAEA13mIYMvik12DBp8JkdETMB1ewOw --22C/xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lass --Iq5I -------END PRIVATE KEY----- -- --PublicKey=BOB_sect283r1_PUB -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA13mIYMvik12DBp8JkdETMB1ewOw22C/ --xhnzLEHmgrG0ewxeANVAoIZy2uv5t0VUJIp4PYdLNaqIguN+9v6U78O4lassIq5I -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect283r1:BOB_sect283r1_PUB -- -- --# ECDH Alice with Bob peer -- --Derive=ALICE_sect283r1 --PeerKey=BOB_sect283r1_PUB --SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc -- --# ECDH Bob with Alice peer -- --Derive=BOB_sect283r1 --PeerKey=ALICE_sect283r1_PUB --SharedSecret=05778bc1afcf38d7dddb2150cacbfe4d38dc588968fd8b2e859c28ae2629d3435f89f6cc -- --# TEST CURVE sect409k1 -- --PrivateKey=ALICE_sect409k1 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMg1vV7wiPe1ovX+ukz --VfwPZoqvyj/vdif04Opi9PcjV5mPBEZgSFBg8hbutNxZJdVLrxShbANqAAQACe1I --J5ilSk1pPLvbcjEZIE6abC9LZ9WmHuNJxM9LAW1OuLvJGi72AsGYUOGpX0WGmK6C --AYaqZb2Qeedq/yUIljDHYi66J+26owYl7lOMpRzZ9U2QDJrZ7TYuxeMUui6re0B+ --JuZdYw== -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect409k1_PUB -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAntSCeYpUpNaTy723IxGSBOmmwvS2fV --ph7jScTPSwFtTri7yRou9gLBmFDhqV9FhpiuggGGqmW9kHnnav8lCJYwx2Iuuift --uqMGJe5TjKUc2fVNkAya2e02LsXjFLouq3tAfibmXWM= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect409k1:ALICE_sect409k1_PUB -- -- --PrivateKey=BOB_sect409k1 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMIYBGZZcZz4qCdhAV9 --vqpfe8vV+vJEhjawR52JUV1rumWEBPAx0o6E+gaxHBr5hzVGkIKhbANqAAQAAQKK --s60CTUUkltsT+lIBukjz850pkGGLltJ4eaZn4k9AtN/lFTCq6Vgqe2sDrjA3b45q --AdWjf1vRaP0wawJ13SjApJmyXg5hQks6d0Zqz2OHYhGEGiM159VtTlStK067dVe1 --fGVDeg== -------END PRIVATE KEY----- -- --PublicKey=BOB_sect409k1_PUB -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAECirOtAk1FJJbbE/pSAbpI8/OdKZBh --i5bSeHmmZ+JPQLTf5RUwqulYKntrA64wN2+OagHVo39b0Wj9MGsCdd0owKSZsl4O --YUJLOndGas9jh2IRhBojNefVbU5UrStOu3VXtXxlQ3o= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect409k1:BOB_sect409k1_PUB -- -- --# ECDH Alice with Bob peer -- --Derive=ALICE_sect409k1 --PeerKey=BOB_sect409k1_PUB --SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0 -- --# ECDH Bob with Alice peer -- --Derive=BOB_sect409k1 --PeerKey=ALICE_sect409k1_PUB --SharedSecret=01523ec40ad40226a57281a4c423801ae9495dcf736eddd667023b1390977d018ce79313fb99c503f39cbee80f5c1968f3bd02e0 -- --# TEST CURVE sect409r1 -- --PrivateKey=ALICE_sect409r1 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAYTMsTpey51D2ULnd --pN+AAWnJLy9pTerziakhjii8OyWKpUVfpDFNneCCd2oQTDcPX5vdoWwDagAEAYfk --3ZejxpVYCG7dYHTVhhcqILEyTYoQa4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGU --owHXXzgDXoJeR79wgb7ySAlXJXgQ8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvI --eIozlf4= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect409r1_PUB -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAYfk3ZejxpVYCG7dYHTVhhcqILEyTYoQ --a4YehGPxKcbmgpqW4Wev1tEDVI3JIowICYGUowHXXzgDXoJeR79wgb7ySAlXJXgQ --8Ficr7i0CaqyAuIpFw9FWJT3jheFwnbpDTvIeIozlf4= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect409r1:ALICE_sect409r1_PUB -- -- --PrivateKey=BOB_sect409r1 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAsCs1nRgwW97TdKIH --PRcsqmK1e8TIZ00e6rqLb3nD4sIe+Gw/fGhSUER9akQ7lAluEUnfoWwDagAEAfM2 --fvBEic+7jV4oC+v8GfsunD9Zp9rzNgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDl --LwBm/W6TlzGuh1FnzXYKVnhnXpzSlRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMf --WsgK+KA= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect409r1_PUB -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAfM2fvBEic+7jV4oC+v8GfsunD9Zp9rz --NgMp3dJ+ZU7r6Bp+ZH3dL9Uvv8kUiB89UlDlLwBm/W6TlzGuh1FnzXYKVnhnXpzS --lRZQsPCceKukbV46Asl8O23b2+DPJgQBGbMfWsgK+KA= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect409r1:BOB_sect409r1_PUB -- -- --# ECDH Alice with Bob peer -- --Derive=ALICE_sect409r1 --PeerKey=BOB_sect409r1_PUB --SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5 -- --# ECDH Bob with Alice peer -- --Derive=BOB_sect409r1 --PeerKey=ALICE_sect409r1_PUB --SharedSecret=019dc849870dc6f79978aca8e1fc6aa6836c8fcb25bbfe3d5ab41ea53eae2c7329952280efb30f9097a31a774191e476dbd842d5 -- --# TEST CURVE sect571k1 -- --PrivateKey=ALICE_sect571k1 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIARO8hI8j6TZ556/d --RcdGYvdblnALD2XZCKu2c3C5yQIeA8Tidi+f8n6cCnb5FtJNTYKqP8tRfHlwAZtW --/giXi/4yF5K2twS3oYGVA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0LQd9wP1+k --v0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFRPU0Cct0S --qVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJPCnaKR/Oo --AtaUpCWLSTHDF1gK4/kmlwEx+8o= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect571k1_PUB -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAtiuUbz7v6njhujnDhanD4iV84K0L --Qd9wP1+kv0Bn833nKtFrZComgrip2SwUaEYOE6IcPyCJ48vWOKvIR6fU11tWwsFR --PU0Cct0SqVbANAJzwL1umwuKNPblJ6ZEwcBdgw7hWFL6sh+0ayAQ3a8zOizhViJP --CnaKR/OoAtaUpCWLSTHDF1gK4/kmlwEx+8o= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect571k1:ALICE_sect571k1_PUB -- -- --PrivateKey=BOB_sect571k1 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAVZT4tnX9dMWS6Vd --YCoYRl9o/j/Hz7KGqF4Ujk9n9b4+mXbJ37tobpjnpNqKlJfI04w80JPp+NxpoBR3 --8p1bcc9iL4Smh48YoYGVA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLURYRDHmopO --IijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN1tsCrqET --31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxOaqcYzbXC --Q/Aiij13H06qKhuFM4iiB/0D164= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect571k1_PUB -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQARzAx9yVkHL8pbe1myosILIhhLLUR --YRDHmopOIijLQmTATV9pYO7CrFBPBjaKNRjPpw/cVOs89X9Jdzx/bolkGqVAsjLN --1tsCrqET31F4mpnfsPwcM6zbp6lE4N2gL5cakKMmyPNM4d3m8xl1f6e56LBYfaxO --aqcYzbXCQ/Aiij13H06qKhuFM4iiB/0D164= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect571k1:BOB_sect571k1_PUB -- -- --# ECDH Alice with Bob peer -- --Derive=ALICE_sect571k1 --PeerKey=BOB_sect571k1_PUB --SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e -- --# ECDH Bob with Alice peer -- --Derive=BOB_sect571k1 --PeerKey=ALICE_sect571k1_PUB --SharedSecret=05a423515fcc91b3171c83edd5c4085ff729a8ff0a3fa1578ebf769523ded0f5c1e387cf63109f2fbd95e117345b788b4577fdc6b6e727230bfc73eae0d4e851cb6f6e616eddb13e -- --# TEST CURVE sect571r1 -- --PrivateKey=ALICE_sect571r1 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIArsi//Zp9veeURYV --zGYHn4MlNIxNt6U6vtmTPS/NaoiaavxbOimpHgxYPCjpoPYhM33Z2VBh7pl2aoRW --3GBepLFLoF8oiQaLoYGVA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4f/AwTHmo --US1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wzd8YF32SF --HMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz6J6dYAUe --vE+F3N29p/tRBGNzMFIqoDdW+NA= -------END PRIVATE KEY----- -- --PublicKey=ALICE_sect571r1_PUB -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDRG2b7KCUKbGDTWVgW0qqNC3oYcz4 --f/AwTHmoUS1mzdRZj/Sf6IU+7mITGnQ6lg1EkTas/X6TK1hNMV7tAjSeowdN75wz --d8YF32SFHMIcWew5g56oF961qv3IvICZnRAOmWyGHeHdYwHxMBSBPNgua42QGoJz --6J6dYAUevE+F3N29p/tRBGNzMFIqoDdW+NA= -------END PUBLIC KEY----- -- --PrivPubKeyPair = ALICE_sect571r1:ALICE_sect571r1_PUB -- -- --PrivateKey=BOB_sect571r1 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAYj65N5XJTQusn+h --Z9xj/dgZ4qR1GDC1Ij7jYuow+TvGrG2wz/WT76/lLNtlCLfDW2kODDUmDAJeK/e+ --VMO7suJTXGnrGFHioYGVA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2SYmMKve74 --trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8QI70H8aHv --LgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNdnNATBqom --6WDWc7RTFZ4sijL5ywVhovwJ1gA= -------END PRIVATE KEY----- -- --PublicKey=BOB_sect571r1_PUB -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGxykYFxqz7jZxcBbiPLYfJEhXlf2S --YmMKve74trOT+qjIm35+uUAcg2krOzH7X/8wH6bVSn/UKG/k27wZrAnWzZ5XKd8Q --I70H8aHvLgrCoMoqOno+h6J4TgvlDq7FIGZ8fvDaM7YJ8dHPX5FC8Vyphu82TcNd --nNATBqom6WDWc7RTFZ4sijL5ywVhovwJ1gA= -------END PUBLIC KEY----- -- --PrivPubKeyPair = BOB_sect571r1:BOB_sect571r1_PUB -- -- --# ECDH Alice with Bob peer -- --Derive=ALICE_sect571r1 --PeerKey=BOB_sect571r1_PUB --SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae -- --# ECDH Bob with Alice peer -- --Derive=BOB_sect571r1 --PeerKey=ALICE_sect571r1_PUB --SharedSecret=004b397e564055e2c7d87648183c948655ccb0ebb20bd441f9b11635cf461cb5815ff060eab33091b9f7aed67bec8ba1bb7b22437ece3c92c7cf76124408fb951595dfb4a512b2ae -- --Title = ECDH KATs (from RFC 5114, 5903, 7027) -- --# Keys and shared secrets from RFC 5114 --PrivateKey=PRIME192V1_RFC5114 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgyP6MWnY6cZZP1lHa8 --FCAAq1vg4knENCahNAMyAATNRkiez9bBBeez0yVm4rEi4kmrqt2HBhJoiHtId99R --3U3D1v0R8KJvj9OEQxeRbpo= -------END PRIVATE KEY----- -- --PublicKey=PRIME192V1_RFC5114-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEzUZIns/WwQXns9MlZuKxIuJJq6rd --hwYSaIh7SHffUd1Nw9b9EfCib4/ThEMXkW6a -------END PUBLIC KEY----- -- --PrivPubKeyPair = PRIME192V1_RFC5114:PRIME192V1_RFC5114-PUBLIC -- -- --PrivateKey=PRIME192V1_RFC5114-Peer -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhjH5W7SmdjLJxHbu6a --tpWrJAoEmTB/z2KhNAMyAARRmhIWgOAEVGa6Id8u7kf1lztQBXfvE9X/YTq01kzu --OiCHW9sQ+VP2swygcsYKpX8= -------END PRIVATE KEY----- -- --PublicKey=PRIME192V1_RFC5114-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUZoSFoDgBFRmuiHfLu5H9Zc7UAV3 --7xPV/2E6tNZM7jogh1vbEPlT9rMMoHLGCqV/ -------END PUBLIC KEY----- -- --PrivPubKeyPair = PRIME192V1_RFC5114-Peer:PRIME192V1_RFC5114-Peer-PUBLIC -- --Availablein = default --Derive=PRIME192V1_RFC5114 --PeerKey=PRIME192V1_RFC5114-Peer-PUBLIC --SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE -- --Availablein = default --Derive=PRIME192V1_RFC5114-Peer --PeerKey=PRIME192V1_RFC5114-PUBLIC --SharedSecret=AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE -- - PrivateKey=SECP224R1_RFC5114 - -----BEGIN PRIVATE KEY----- - MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBBy1WOtsKI2nB7u0+PuuKrnp -diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdsa.txt ---- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdsa.txt.ec-curves 2021-05-17 10:26:48.106870281 +0200 -+++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_ecdsa.txt 2021-05-17 10:27:48.882458713 +0200 -@@ -138,20 +138,6 @@ OjoNRI+YT5Be5TkzZXzYCyTLkMOikDmhRANCAATt - 46dx5zYgArz/iaSNJ3W80oO+F7v04jlQ7wxQzg96R0bwKiMeq5CcW9ZFt6xg - -----END PRIVATE KEY----- - --PrivateKey = B-163 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDnQW0mLiHVha/jqFznX/K --DnVlDgChLgMsAAQB1qZ00fPIct+QN8skv1XIHtBNp3EGLytJV0tsAUTYtGhtrzRj --e3GzYyg= -------END PRIVATE KEY----- -- --PrivateKey = secp256k1 -------BEGIN PRIVATE KEY----- --MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgsLpFV9joHc0bisyV53XL --mrG6/Gu6ZaHoXtKP/VFX44ehRANCAARLYWGgp5nP4N8guypLSbYGCVN6ZPCnWW4x --srYkcpdbxr4neRT3zC62keCKgPbJf5SIHkJ2Tcaw6hVSrBOUFtix -------END PRIVATE KEY----- -- - Title = FIPS tests - - # Test that a nist curve with < 112 bits is allowed in fips mode for verifying -diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_kas.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_kas.txt ---- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_kas.txt.ec-curves 2021-05-17 10:29:57.033699466 +0200 -+++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_kas.txt 2021-05-17 10:41:10.688323252 +0200 -@@ -22,720 +22,6 @@ - # 456068d3f8aad8ac62a03d19ed3173f00ad51f42b51aeab4753c20f30c01cf23 # - Title = ECDH KATs (from NIST SP800-56A co-factor ECDH KATs - --PrivateKey=KAS-ECC-CDH_P-192_C0 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjxfT/qNnt000CFHKQn --DcskwnH0Rb7Z1SehNAMyAASxUFNAH1coVjfsMkwc0hOeOmfeNzkjSzfyacFYY3SC --qtZEzWkt0dPvLIp8SeOJ9/Y= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEsVBTQB9XKFY37DJMHNITnjpn3jc5 --I0s38mnBWGN0gqrWRM1pLdHT7yyKfEnjiff2 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C0:KAS-ECC-CDH_P-192_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEQupt2Zad0qYf6hqsf46Y7cyJbG5V --hXzA375dfGH6yIsRgRveMo6KDRK/AanSBLUj -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C0 --PeerKey=KAS-ECC-CDH_P-192_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=803d8ab2e5b6e6fca715737c3a82f7ce3c783124f6d51cd0 -- --Availablein = fips --Derive=KAS-ECC-CDH_P-192_C0 --Securitycheck = 1 --PeerKey=KAS-ECC-CDH_P-192_C0-Peer-PUBLIC --Result = DERIVE_SET_PEER_ERROR -- --PrivateKey=KAS-ECC-CDH_P-192_C1 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhW6FM0nZb+TEQkSNrL --fPkrt6ldz1dKm9WhNAMyAATADUNXFv/qU/2MFieSQUw3ZlGH5YJxZTmrcRxiqnGl --oY6KPEj4ncb6UvrAEI5SqKA= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwA1DVxb/6lP9jBYnkkFMN2ZRh+WC --cWU5q3EcYqpxpaGOijxI+J3G+lL6wBCOUqig -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C1:KAS-ECC-CDH_P-192_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE3rVxL6AnrI0vIsRVzLc6keF7ZRK1 --4DDnfiaQoCzJsocIQxop+1S4ex8MFOARrCEl -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C1 --PeerKey=KAS-ECC-CDH_P-192_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=c208847568b98835d7312cef1f97f7aa298283152313c29d -- --PrivateKey=KAS-ECC-CDH_P-192_C2 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjG72H+EugL9W8tP30L --t1c5RRmQbVVQCUmhNAMyAAThhLwYJILzQDyHh7g4Qkd0Z/zQEdsPbGT50cFBQvQN --6GOduX1Rpj0szhAHzPdzzcs= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE4YS8GCSC80A8h4e4OEJHdGf80BHb --D2xk+dHBQUL0Dehjnbl9UaY9LM4QB8z3c83L -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C2:KAS-ECC-CDH_P-192_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAETtqo78Wg9A+ENmPsWBXndi3dwAjm --Y8IPCp+Nxno+YO9tZLUiGF0D3x/Arf1CR4J5 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C2 --PeerKey=KAS-ECC-CDH_P-192_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=87229107047a3b611920d6e3b2c0c89bea4f49412260b8dd -- --PrivateKey=KAS-ECC-CDH_P-192_C3 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjmdHucI7pwRPOP9+Ys --NeQDiSD1oBY9PNqhNAMyAAQrg42+c3NfN6OaeNMZV4PSaZHob/TZLRpg00SUInRI --n5iQOy5/k/jRl/ya5goO1To= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEK4ONvnNzXzejmnjTGVeD0mmR6G/0 --2S0aYNNElCJ0SJ+YkDsuf5P40Zf8muYKDtU6 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C3:KAS-ECC-CDH_P-192_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEiIfCdu3u0+noZrRtWNiVxz+9gLY+ --OC6IBMUJe6ZkXhYgbPtw9wUmVZR91EoX8fnV -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C3 --PeerKey=KAS-ECC-CDH_P-192_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=eec0bed8fc55e1feddc82158fd6dc0d48a4d796aaf47d46c -- --PrivateKey=KAS-ECC-CDH_P-192_C4 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi+q+3QFUoa/PyF1SGB --wQ9etHrcUfZVBH2hNAMyAAQfZc9uiXjhwbwQu2Gn2zEd4xAIjIz5dov31DgWjn9C --qxSxavU6ei9kb/QLU9dMvMc= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEH2XPbol44cG8ELthp9sxHeMQCIyM --+XaL99Q4Fo5/QqsUsWr1OnovZG/0C1PXTLzH -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C4:KAS-ECC-CDH_P-192_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEDQRfMCVK3B/O+opbHzG/TnOd0yfN --GNWUVCwxTkFCfAgnigjOjXMF87W4Scctiv9z -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C4 --PeerKey=KAS-ECC-CDH_P-192_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=716e743b1b37a2cd8479f0a3d5a74c10ba2599be18d7e2f4 -- --PrivateKey=KAS-ECC-CDH_P-192_C5 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjPcDVCJmZzIdbiuvQJ --meL9dMeg95P6hpmhNAMyAARfSET/zOYQBdJPc325hnXpL3tlQ662EGxUJPWYE5IV --04m2sSuG1YAUhX8t2ttUD1E= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEX0hE/8zmEAXST3N9uYZ16S97ZUOu --thBsVCT1mBOSFdOJtrErhtWAFIV/LdrbVA9R -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C5:KAS-ECC-CDH_P-192_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE+zXKINLpZmXFG5jo9us9eRE1CNi8 --zUUWNo7sDVv7hHch32qv8OXUjERPdL+c2KWn -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C5 --PeerKey=KAS-ECC-CDH_P-192_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=f67053b934459985a315cb017bf0302891798d45d0e19508 -- --PrivateKey=KAS-ECC-CDH_P-192_C6 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBj+lCUVI3//3XtOtcZJ --Ce7khWoHbN8SuuKhNAMyAATmNp33myB7i4Z598hpz8JkhZ0atVqkAegfmccfgBow --tS902m5ebbti7kxdoQkMwCA= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE5jad95sge4uGeffIac/CZIWdGrVa --pAHoH5nHH4AaMLUvdNpuXm27Yu5MXaEJDMAg -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C6:KAS-ECC-CDH_P-192_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEgkdSlgwTB+XxOoPaIceZjKi1sAuV --SfbQvFLZHiNDY7wy7gtnePJc2MGEdRD0NIuU -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C6 --PeerKey=KAS-ECC-CDH_P-192_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=75822971193edd472bf30151a782619c55ad0b279c9303dd -- --PrivateKey=KAS-ECC-CDH_P-192_C7 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgz/tEEkq+lvqAzPArx --LKyUDE0iJFW80P6hNAMyAATvCyivxBY31zf0LkyKrOrchLouC4ScoYxXeXlC5VIX --O7oX9zJ44Cn0IzUGi9dw3fI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE7wsor8QWN9c39C5Miqzq3IS6LguE --nKGMV3l5QuVSFzu6F/cyeOAp9CM1BovXcN3y -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C7:KAS-ECC-CDH_P-192_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEELtXAgKRFBmB+DO0dJ5WEQNLMI6E --AR0h4crNa3vRftjdtQtq7gZUw18tDt3Bz/z2 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C7 --PeerKey=KAS-ECC-CDH_P-192_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=67cba2cbb69ee78bf1abafb0e6fbe33fa2094c128d59652d -- --PrivateKey=KAS-ECC-CDH_P-192_C8 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjzVXxdcLTHlUlgwzVo --d2rb6OQ2GaviaxOhNAMyAATXARLF8PCEQ4ZJSsGtmdziIUE0F26/ua/TwYegOFEK --sx1Fnit68aOA3XV2rwYmdUg= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE1wESxfDwhEOGSUrBrZnc4iFBNBdu --v7mv08GHoDhRCrMdRZ4revGjgN11dq8GJnVI -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C8:KAS-ECC-CDH_P-192_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUZL85Bhad1jqG8VuDk9Oiy3OMjSN --Dc7RIJiZgb6q8ABtiKlueXGi+jozukYEf8e6 -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C8 --PeerKey=KAS-ECC-CDH_P-192_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=cf99a2770a386ca0137d1eca0a226e484297ac3c513f3631 -- --PrivateKey=KAS-ECC-CDH_P-192_C9 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhYbPuhxugXZu1Sgo8X --exvhTrvFuDNIwxGhNAMyAARYs8Y+Vr7J1pa/mojfKHNzg5H3Y2iqK0lXdnc7Jh+v --e6L9xP5DuSwLHHov0FSkNlA= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEWLPGPla+ydaWv5qI3yhzc4OR92No --qitJV3Z3OyYfr3ui/cT+Q7ksCxx6L9BUpDZQ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C9:KAS-ECC-CDH_P-192_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEJtAZ2+J56tAe7RQ6kWAa2ibi9CIl --scYrbKZT8IJy4DhvyUIfvVgAk9euYwG8qUR2 -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C9 --PeerKey=KAS-ECC-CDH_P-192_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=576331e2b4fb38a112810e1529834de8307fb0a0d2756877 -- --PrivateKey=KAS-ECC-CDH_P-192_C10 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjK2BAGA6T2W+CNj8ih --t+iExf9l3rPJbZmhNAMyAAS3/MD1LHpBHtvtOeEL8Ctq4PJmFMazJaJHSDsm62d3 --beK5OrcRnVRHVzc549Vecvs= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEt/zA9Sx6QR7b7TnhC/ArauDyZhTG --syWiR0g7Jutnd23iuTq3EZ1UR1c3OePVXnL7 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C10:KAS-ECC-CDH_P-192_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEU5vED+IKD7JniItkewPqr27CDAKh --4fjIaQleW7e01EwyeKfua+yjl8RSRtqaNMi+ -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C10 --PeerKey=KAS-ECC-CDH_P-192_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=902f4501916a0dd945554c3a37b3d780d375a6da713197c4 -- --PrivateKey=KAS-ECC-CDH_P-192_C11 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBge3YecxceWGcrmxzpp --G9WgOVwO87NW/NKhNAMyAARs5q2ywwgI9ZAEjDPf+tRSTr96X9ObdHtJZr0vPQBW --m01MBAn716LbdS9tCbyowl8= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEbOatssMICPWQBIwz3/rUUk6/el/T --m3R7SWa9Lz0AVptNTAQJ+9ei23UvbQm8qMJf -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C11:KAS-ECC-CDH_P-192_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXTQ925Yxj7R5TRD2xXP5n+5dDVe5 --liUPmfvfnZfdiK1BAjXaw25bks4oJLjlh6gs -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C11 --PeerKey=KAS-ECC-CDH_P-192_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=46e4de335054d429863218ae33636fc9b89c628b64b506c7 -- --PrivateKey=KAS-ECC-CDH_P-192_C12 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhGDkUic/4YJ2Ahh607 --6+5ly4RCO7T0dTehNAMyAATRvTo++r9HZ/5jgL3w2/SdUtTPDLuJQEzBUMK0yLOq --Nfdl+Efk9/j9hwTSQaGB7pk= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE0b06Pvq/R2f+Y4C98Nv0nVLUzwy7 --iUBMwVDCtMizqjX3ZfhH5Pf4/YcE0kGhge6Z -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C12:KAS-ECC-CDH_P-192_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEjT25vc4Tf/v7iROIw332wMvJCqXl --N2IgE10wtctmDu+HZP/HRPFcG11twGukQW03 -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C12 --PeerKey=KAS-ECC-CDH_P-192_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=1bfe9e5a20ac7a38d8f605b425bb9030be31ef97c101c76c -- --PrivateKey=KAS-ECC-CDH_P-192_C13 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi5cDZQCEVvh1jsxaOz --PPOuao1WgQelIWehNAMyAATBuGEMjGP41KvaCTuaEaVmBEv2XG+qiZmlvEs8oJU4 --Lpc4rulf6UebF4ebOtUpVVk= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwbhhDIxj+NSr2gk7mhGlZgRL9lxv --qomZpbxLPKCVOC6XOK7pX+lHmxeHmzrVKVVZ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C13:KAS-ECC-CDH_P-192_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEngppSVGcf1vmjAQzxf3xMGSqE/sp --SD3D4ci6Y+H0cdsjGF9Q2chx7eohJVs6Y7S3 -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C13 --PeerKey=KAS-ECC-CDH_P-192_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0e8c493a4adc445dc9288a3b9b272599224054592d7265b3 -- --PrivateKey=KAS-ECC-CDH_P-192_C14 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhZwVuKJGTkHf5Dccf3 --2t9HCuQlVE+BE72hNAMyAAQf53b3NWe2rAsNZ2QWTebFvnUbqNH/RV5MFgvzivsr --cfaEJhZkEVzodFU+iwWUMtI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEH+d29zVntqwLDWdkFk3mxb51G6jR --/0VeTBYL84r7K3H2hCYWZBFc6HRVPosFlDLS -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C14:KAS-ECC-CDH_P-192_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEvgiCOJAumTmz0FTu64SS2vS9zwmi --q3fxWNZ0mjqSPcgEQPJmH9NbZRYX5lKUtGN1 -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C14 --PeerKey=KAS-ECC-CDH_P-192_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0f1991086b455ded6a1c4146f7bf59fe9b495de566ebc6bf -- --PrivateKey=KAS-ECC-CDH_P-192_C15 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBim6biFxmuVnR/CcI1Z --G20yKOSeuY9ybWGhNAMyAARjK7dlHb9J3endEl0T+yNOBmF3I77tPRv0rVIJY4SI --OXxfRPmU3XR5gH559Ih9LnE= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEYyu3ZR2/Sd3p3RJdE/sjTgZhdyO+ --7T0b9K1SCWOEiDl8X0T5lN10eYB+efSIfS5x -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C15:KAS-ECC-CDH_P-192_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEv1rgUCXhvmF+Zm2HpBaDY4c9V2Gz --drUD4ebjizcra+4P9bNQLYNzXjssJoJeTw/M -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C15 --PeerKey=KAS-ECC-CDH_P-192_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=b30f2127c34df35aaa91dbf0bbe15798e799a03ed11698c1 -- --PrivateKey=KAS-ECC-CDH_P-192_C16 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBi9t1QJb/v72LDzywRs --y3yhScTnGSBno+6hNAMyAATZwJjUIddB9vqrEW8+RzHSjFVY4Z/hEqE41NxIzNsd --PtjTH9BnhKT4emiuwcvVsI8= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE2cCY1CHXQfb6qxFvPkcx0oxVWOGf --4RKhONTcSMzbHT7Y0x/QZ4Sk+HporsHL1bCP -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C16:KAS-ECC-CDH_P-192_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEbMT+7YTHqw0JAF1mDtNN5pValGHE --E40RMSJfM4ZO1I2gb6RakTtGz0JVd0LjUIXm -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C16 --PeerKey=KAS-ECC-CDH_P-192_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=64a5c246599d3e8177a2402a1110eb81e6c456ab4edb5127 -- --PrivateKey=KAS-ECC-CDH_P-192_C17 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjVvPJTTa/D2Zlkx71j --q3vRWZn+Vt2WnEKhNAMyAAT9odXSjW/g55Cdaouvp4JNtVcquS/+feYTSil8HZyL --urJJq6zZUe0R5amfkueZFXI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE/aHV0o1v4OeQnWqLr6eCTbVXKrkv --/n3mE0opfB2ci7qySaus2VHtEeWpn5LnmRVy -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C17:KAS-ECC-CDH_P-192_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAENhVzFb7nr+3e1YxOi6FNNCHEAeUR --NbzJN8KXynA/d8UrsGLYzpcduECXugx1OkGP -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C17 --PeerKey=KAS-ECC-CDH_P-192_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=017b8ca53c82fab163da2ab783966a39e061b32c8cfa334d -- --PrivateKey=KAS-ECC-CDH_P-192_C18 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhD1LnfEFO+W0JoEEwC --JE07+VlLAQtGqLKhNAMyAATDAgtwkUY9eI8fHXb3z+7ILs2zt9mcNFyadxDVF5WR --2PPfCqEiMBdorn237uLX9YM= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEwwILcJFGPXiPHx1298/uyC7Ns7fZ --nDRcmncQ1ReVkdjz3wqhIjAXaK59t+7i1/WD -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C18:KAS-ECC-CDH_P-192_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEmEZNR/Alb4KS4CfoySWC6nfPkFH1 --zo5dRJVS73V4vpYjb+XtnQZDwLtsWpE0sBCN -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C18 --PeerKey=KAS-ECC-CDH_P-192_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=340ef3db3dbebdd91c62c3d4e1a3da2c7c52a3338b865259 -- --PrivateKey=KAS-ECC-CDH_P-192_C19 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBiUysLCynFHRkAWcNlO --2/P2d4Z7WgO+562hNAMyAASxhVSi50PvCqLwQJh8TEUQBOCW3z2A3a5uPixhj4lu --NrpiAHdoS3CgX/t5v15sdkA= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEsYVUoudD7wqi8ECYfExFEATglt89 --gN2ubj4sYY+Jbja6YgB3aEtwoF/7eb9ebHZA -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C19:KAS-ECC-CDH_P-192_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEVj62bDNM9vEjvwTHgDtIoxECFCN+ --mDv1DzURBIGRme8HyaYFHSB1jzr3kCfqZqU/ -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C19 --PeerKey=KAS-ECC-CDH_P-192_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=2162144921df5103d0e6a650fb13fd246f4738d0896ce92f -- --PrivateKey=KAS-ECC-CDH_P-192_C20 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgqOp4zyMwxB6n5Jlw7 --3qEgZXDob5KscBShNAMyAASnuji+G8Zp3SPM/O4GRbHw24z5Qt6vrra4LbedgM0O --N/KNQWOtw4ne6Px3l7XJgxs= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEp7o4vhvGad0jzPzuBkWx8NuM+ULe --r662uC23nYDNDjfyjUFjrcOJ3uj8d5e1yYMb -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C20:KAS-ECC-CDH_P-192_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEhoKMSskrVQdhiux4c6HU/GVDxb4z --zzB4siynJDdUXhDW1PBSQi64mLc3pLhUPuVQ -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C20 --PeerKey=KAS-ECC-CDH_P-192_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=4c69e7feed4b11159adfc16a6047a92572ea44e0740b23af -- --PrivateKey=KAS-ECC-CDH_P-192_C21 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBhKa3ipismPqOmajs4I --7AJREl+Fxv0OKJuhNAMyAATnadu81c4tg1FLdo09LVqgvNj2avFfVQAvxtCwOeDy --j3T77/6eiD1N1yKW5OlcrnE= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE52nbvNXOLYNRS3aNPS1aoLzY9mrx --X1UAL8bQsDng8o90++/+nog9TdciluTpXK5x -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C21:KAS-ECC-CDH_P-192_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEZwChAkN3galYHaK8Jc7Vq/QZ2pHT --yAPfcTlsnPCLzZGFTj5uQtjGV84PJ6t3qdxL -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C21 --PeerKey=KAS-ECC-CDH_P-192_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=46072acefd67bff50de355ca7a31fa6be59f26e467587259 -- --PrivateKey=KAS-ECC-CDH_P-192_C22 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBjFpkkdeIRNZhfvM75r --i9VNoiFFCIXVlQ+hNAMyAATbGyT3RmvBVOnX0sPKUtz+C/yVY8X9tvMcdPu/W9mZ --IfGpp0T44c93C9anancrMAM= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE2xsk90ZrwVTp19LDylLc/gv8lWPF --/bbzHHT7v1vZmSHxqadE+OHPdwvWp2p3KzAD -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C22:KAS-ECC-CDH_P-192_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEqC81TPl77l0i3GwHnykC6tRNlqj2 --FPF4plSpqooaCALyzg7ooPTr6W3uGzdGSx/y -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C22 --PeerKey=KAS-ECC-CDH_P-192_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=ec5580eabca9f3389d2b427ddf6e49e26d629afd03fa766e -- --PrivateKey=KAS-ECC-CDH_P-192_C23 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBgronA8XiP2RjxbiNw3 --KS+r0zmbXh+2fAWhNAMyAAR1QxSJBs75s3pxp8CDY83Tu6UBQtZSQaqLOmlz3o3C --ceJ8Hq0eli/arjcQxyTarDg= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEdUMUiQbO+bN6cafAg2PN07ulAULW --UkGqizppc96NwnHifB6tHpYv2q43EMck2qw4 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C23:KAS-ECC-CDH_P-192_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEPOwhsoZooSos944ajlXQ7+BlFS// --w0cYEClVe+uk/xmSvSHCPLSCX22ucOMxj9HK -------END PUBLIC KEY----- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C23 --PeerKey=KAS-ECC-CDH_P-192_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=7f3929dd3cbf7673bc30d859d90b880307475f800660ea32 -- --PrivateKey=KAS-ECC-CDH_P-192_C24 -------BEGIN PRIVATE KEY----- --MG8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEVTBTAgEBBBiDYRjGJI+ILpFHl292 --SCbBoodVphApd9WhNAMyAAT800WpdscgyqqX3maXImglYV4Sh6nv9n5Y6kLtvur8 --qf9Ez9fymr0svedibXnkIsk= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_P-192_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAE/NNFqXbHIMqql95mlyJoJWFeEoep --7/Z+WOpC7b7q/Kn/RM/X8pq9LL3nYm155CLJ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_P-192_C24:KAS-ECC-CDH_P-192_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_P-192_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEcIJkRxW4tzH4IotRGOcnDTTRgfNh --oiH8RkZJ1siMqJYUSIocx7hEK7Qvn7MCCj12 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_P-192_C24 --PeerKey=KAS-ECC-CDH_P-192_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=72e88f3ea67d46d46dbf83926e7e2a6b85b54536741e6d2c -- - PrivateKey=KAS-ECC-CDH_P-224_C0 - -----BEGIN PRIVATE KEY----- - MHgCAQAwEAYHKoZIzj0CAQYFK4EEACEEYTBfAgEBBByDRqYPxvKTyloNKvaLpx0d -@@ -3819,7849 +3105,3 @@ Derive=KAS-ECC-CDH_P-521_C24 - PeerKey=KAS-ECC-CDH_P-521_C24-Peer-PUBLIC - Ctrl=ecdh_cofactor_mode:1 - SharedSecret=01aaf24e5d47e4080c18c55ea35581cd8da30f1a079565045d2008d51b12d0abb4411cda7a0785b15d149ed301a3697062f42da237aa7f07e0af3fd00eb1800d9c41 -- --PrivateKey=KAS-ECC-CDH_K-163_C0 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAZlO2B3OY+tx79eYBWBcB --SMPcRSehLgMsAAQHH4sod9YCfZwa3kJE8t6hJpLvI9UFwV7ndiIccrhLNHzjg/OA --Z7icPpo= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBx+LKHfWAn2cGt5CRPLeoSaS7yPVBcFe --53YiHHK4SzR844PzgGe4nD6a -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C0:KAS-ECC-CDH_K-163_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBXQjbxQoxDITCUZ4Ols6q7bCfqXWB5CM --JRuNoCHLrCgfEj969PrFs9u4 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C0 --PeerKey=KAS-ECC-CDH_K-163_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04325bff38f1b0c83c27f554a6c972a80f14bc23bc -- --PrivateKey=KAS-ECC-CDH_K-163_C1 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDrvRHVNDKl9QrTpeqkhVi --Y8DgePahLgMsAAQBsBCMeGv000DwUFvfx9RbUUYRrZQCLJw51fuUVriiIhzqTwWP --ao0s2Eo= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAbAQjHhr9NNA8FBb38fUW1FGEa2UAiyc --OdX7lFa4oiIc6k8Fj2qNLNhK -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C1:KAS-ECC-CDH_K-163_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAWmXRAkv4rX+fsv2mHt66goG/SywA13k --Qd+UCNkfDgId+PBSa4BjAxSV -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C1 --PeerKey=KAS-ECC-CDH_K-163_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=05f9ac3a3dd88429600958386c55bef4b1aa5f0c24 -- --PrivateKey=KAS-ECC-CDH_K-163_C2 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDEXI0Lm03zB4GKkSUw5y6 --SPmtmoyhLgMsAAQDon7K7Ctm/qwgQPaJASi9AFjTGSQBQAfjIJttcSew85Pl5YsV --kLn0C+I= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA6J+yuwrZv6sIED2iQEovQBY0xkkAUAH --4yCbbXEnsPOT5eWLFZC59Avi -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C2:KAS-ECC-CDH_K-163_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEApZdsVkXH1y356G8xhYRrqyoxSybBocd --Hpwf6EUmgHaplYA6bUnNB1VU -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C2 --PeerKey=KAS-ECC-CDH_K-163_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=022e0290eda5d348894129f7455d1c766d32d5c2c2 -- --PrivateKey=KAS-ECC-CDH_K-163_C3 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDKlEc3NS/xWfOrIwk7QTo --iU33jd+hLgMsAAQGl42sqkfY87yQtB7H9Piseaht3QcH+LDvQnB2A3a8LV+u2D2n --hyYx0J8= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBpeNrKpH2PO8kLQex/T4rHmobd0HB/iw --70JwdgN2vC1frtg9p4cmMdCf -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C3:KAS-ECC-CDH_K-163_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBVtowMLCRv4PLNVIS1iBTGUhPqVBBTnB --HSWSovY5O26GxU35Cblf4NWo -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C3 --PeerKey=KAS-ECC-CDH_K-163_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=037f659f430009fcdae4e9f6e6316b0f5dbb268212 -- --PrivateKey=KAS-ECC-CDH_K-163_C4 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCxvZP5gnrjutbU/q2MIiY --5j/y4/ahLgMsAAQFSeGoLsKEv3fVKGJ+Utgy4jbJKtMBmIOqm0WLNb1UTWiCgSFQ --wUl9MdQ= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBUnhqC7ChL931ShiflLYMuI2ySrTAZiD --qptFizW9VE1ogoEhUMFJfTHU -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C4:KAS-ECC-CDH_K-163_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBrjvWmLTtjalp2v+se+P9Niz2eL8BnWn --VyZnGDmNivZtKXF5hHji830o -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C4 --PeerKey=KAS-ECC-CDH_K-163_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00503bbb9b62f50ae7a8dfd74a1741826f09290651 -- --PrivateKey=KAS-ECC-CDH_K-163_C5 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCalaGdRPd2MqU15I7qh9/ --sA2qOPqhLgMsAAQGwopA3E5VA9LEuKsLa3BG6OJawJ8BIZEWVKWDYAXYA22XZYX/ --HYMeWHs= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBsKKQNxOVQPSxLirC2twRujiWsCfASGR --FlSlg2AF2ANtl2WF/x2DHlh7 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C5:KAS-ECC-CDH_K-163_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBWxKNYassDCZ1Sss1KxZJpz1G4cwAkJl --YcvZ2hsjpgA94OX3xKBlpcK4 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C5 --PeerKey=KAS-ECC-CDH_K-163_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=012cf17799fdefa2940b18d56e80d44414c5b13884 -- --PrivateKey=KAS-ECC-CDH_K-163_C6 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDhoEQecgCHC159N6VLLLl --mcQuGe2hLgMsAAQGCqQqYuIe6jfjYrTT3oN/DEnTrBMGmyDW/RbROxiD3wVimsfR --uCOGs0Q= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBgqkKmLiHuo342K0096DfwxJ06wTBpsg --1v0W0TsYg98FYprH0bgjhrNE -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C6:KAS-ECC-CDH_K-163_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB0HGmk7bOGyU+BnRtd3QKB5P8pdlANMv --lyq6yRvoWnCeugf10WIVrmAt -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C6 --PeerKey=KAS-ECC-CDH_K-163_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=062a2f926ab435ac14e05d44c27b46b6820b713aee -- --PrivateKey=KAS-ECC-CDH_K-163_C7 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA5G6cllJoZH8gSEdMexpU --3/5yjx+hLgMsAAQHqYTq1EAxDO8uEziXL/Ld22XKw9IDM8GpNCf+asUCdgt3eImK --i7akCtk= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB6mE6tRAMQzvLhM4ly/y3dtlysPSAzPB --qTQn/mrFAnYLd3iJiou2pArZ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C7:KAS-ECC-CDH_K-163_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAe9HeV+w44BAWrXoje/DztmpJRSmAL5h --gdf8A8qL/fEYac6ijPoOX19k -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C7 --PeerKey=KAS-ECC-CDH_K-163_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0399b9294e895486bdefbaad7a729353ce09586357 -- --PrivateKey=KAS-ECC-CDH_K-163_C8 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUCczSXFAWwRhw+3mfyujNn --NEUag3ihLgMsAAQHZ8Me6TA7GyzTBZ+BUH7zBOvTECwCUeDUMNw/Y/Oje6seepV2 --Us9n4iw= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB2fDHukwOxss0wWfgVB+8wTr0xAsAlHg --1DDcP2Pzo3urHnqVdlLPZ+Is -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C8:KAS-ECC-CDH_K-163_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA3TX+bqM2opo3nJ50/+GdAMv1HwCA+3p --lcOk6Kb+Ic0eTNTKOBLA1pKl -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C8 --PeerKey=KAS-ECC-CDH_K-163_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=022325a9a769a902c2e64c80a1d35429ced42ae0a4 -- --PrivateKey=KAS-ECC-CDH_K-163_C9 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBm7SAc5ARI1xtXG501qe7 --TyD2G3qhLgMsAAQAk1SQdXBNedrncjF91lJE+nclaesCqKKCHdOdfnZTynHPwant --hXgBo5s= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAJNUkHVwTXna53IxfdZSRPp3JWnrAqii --gh3TnX52U8pxz8Gp7YV4AaOb -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C9:KAS-ECC-CDH_K-163_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBld99U4Rx+diAvlPVk5hN7I85uRBBok2 --YAqtyyX9QCTtPoRbK7+AcoDm -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C9 --PeerKey=KAS-ECC-CDH_K-163_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=051392d5377016358405030b48744003db66440a2d -- --PrivateKey=KAS-ECC-CDH_K-163_C10 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA9O21i8w9bp0xcilCCnMy --gezP8c+hLgMsAAQCcYNgm3WTsYRTZcCB1F/2bJq143AGm5gSNv6TCUe2t383QoKh --jkvpk8s= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAnGDYJt1k7GEU2XAgdRf9myateNwBpuY --Ejb+kwlHtrd/N0KCoY5L6ZPL -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C10:KAS-ECC-CDH_K-163_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAmHRU0XOtJIimo10WX59/RmutoSKARSh --Is4oyhViD3tAofJrQjTJVr3B -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C10 --PeerKey=KAS-ECC-CDH_K-163_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=045dac076e79de2fc631315465d3ef6245f26647e5 -- --PrivateKey=KAS-ECC-CDH_K-163_C11 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBuZBJGhL97iMaoqEW4ePB --yR0P1HihLgMsAAQD2oadCcTkVFrBaJ/HIxYBJjLQq9kCyCD0AxDl/9L4v0Ofuoeb --su9iGyo= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA9qGnQnE5FRawWifxyMWASYy0KvZAsgg --9AMQ5f/S+L9Dn7qHm7LvYhsq -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C11:KAS-ECC-CDH_K-163_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBw44D0k3CgAnlUpOqIC8GSmyjFMpBG/j --tFSvlCCoEfHhX3dNpa4aQLRZ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C11 --PeerKey=KAS-ECC-CDH_K-163_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=014f7a46847ed6a7ff605b0e52c616e4ad3f0d5029 -- --PrivateKey=KAS-ECC-CDH_K-163_C12 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUA6Cm5lC/ZZIf2ASkI/gT2 --2OqvGWahLgMsAAQFqyB0wE31cWAWdzX3/C2PYp00/xgBLp2m0Fuz4qy+W6SvtKDd --ctsH1qw= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBasgdMBN9XFgFnc19/wtj2KdNP8YAS6d --ptBbs+Ksvlukr7Sg3XLbB9as -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C12:KAS-ECC-CDH_K-163_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBuYK93QZuf4PxcecoaIqEBFAJAW2BpvK --NABbV4zXp6aSm9P2zimUO17Z -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C12 --PeerKey=KAS-ECC-CDH_K-163_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00eacabc34555956995623e60482e5c118e34e2094 -- --PrivateKey=KAS-ECC-CDH_K-163_C13 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBV86PC2zpLkJuyZ8iOtgn --Y+S9P/OhLgMsAAQF05icykrnMt6TZyslySYIYbTA3OMENqMx6tJPKAe1UmD53D3m --aM+/67c= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBdOYnMpK5zLek2crJckmCGG0wNzjBDaj --MerSTygHtVJg+dw95mjPv+u3 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C13:KAS-ECC-CDH_K-163_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBPdQ4nUA4Q8KF2uD8UvCbWvXHr10A55Q --CQZ8DuLI9Vt+hNp6OR8Ir3UE -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C13 --PeerKey=KAS-ECC-CDH_K-163_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0414a622645107f115576f51cdf39d1393a2d7851f -- --PrivateKey=KAS-ECC-CDH_K-163_C14 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDeYhfRfLXB74cEdhsQbra --STsqVgOhLgMsAAQFrjHLKbMdJPX5TDDpwC8H84v/CsgE2Njjm/h/BYVD3ImQqRIU --2kFsxVg= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBa4xyymzHST1+Uww6cAvB/OL/wrIBNjY --45v4fwWFQ9yJkKkSFNpBbMVY -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C14:KAS-ECC-CDH_K-163_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAqufW6lBAtIacGdh6sAJIZDxza0EBK3d --d+GZwTLRisVBsRd0jSMZ23/l -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C14 --PeerKey=KAS-ECC-CDH_K-163_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=056be002daff11c4066e10acd046a85e170fa4c122 -- --PrivateKey=KAS-ECC-CDH_K-163_C15 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAuoxYZNs+/XaLk3b8K2wf --hfRvavKhLgMsAAQGL2IhSYI/JVtPhpBmZvOjVWrwgOoCdMoywQ+a3WGgJtIK061W --sX+wakY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBi9iIUmCPyVbT4aQZmbzo1Vq8IDqAnTK --MsEPmt1hoCbSCtOtVrF/sGpG -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C15:KAS-ECC-CDH_K-163_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBD0l0t6Sk7hNNRozyxpS9ZMKTIt2A9JZ --2CNunI1kN/QebVRhHFIjj+LV -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C15 --PeerKey=KAS-ECC-CDH_K-163_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=021fef8e473daeda8ef6bf07814d7b9b613e3076a3 -- --PrivateKey=KAS-ECC-CDH_K-163_C16 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUD5QgEhNNzCyJIzMSCYNS9 --GFdgWtGhLgMsAAQFiupuQLjLJeZiKnvk/wG3nJLecqUEP2d2tt7/PSm0xwOJnXBc --f+z1JcQ= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBYrqbkC4yyXmYip75P8Bt5yS3nKlBD9n --drbe/z0ptMcDiZ1wXH/s9SXE -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C16:KAS-ECC-CDH_K-163_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAFYOGkIYZRGL6hbNrWtnq6OE7zh7BYsh --PsKrOUL49q1gqVaVW1iQZrhW -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C16 --PeerKey=KAS-ECC-CDH_K-163_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=03a287fd1cca68db47a3c74c12627fc3728568dd66 -- --PrivateKey=KAS-ECC-CDH_K-163_C17 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAXQUroavqckl4yu8YeSRW --ctWu+JGhLgMsAAQDa4Snczep3lwd1648iZOBOC8P/6QFbUrDn+iB/bjmDUVZZYqq --3kVmPuU= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA2uEp3M3qd5cHdeuPImTgTgvD/+kBW1K --w5/ogf245g1FWWWKqt5FZj7l -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C17:KAS-ECC-CDH_K-163_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA45IXekuQfHKymwOudgRpayom/NFAzGh --Z3xGpo6WSBGpzF5OU+px4jEp -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C17 --PeerKey=KAS-ECC-CDH_K-163_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=029558b41b8b92387bc22c868f51bb7acb6e4ee2e3 -- --PrivateKey=KAS-ECC-CDH_K-163_C18 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDkYAYep7dzzjcJk8FWwfS --C5+ai8ShLgMsAAQEspLR+gnfxeajrZn9Av63TUgONPIG4YiACaCgSRwL5qv6yUPT --d/C0hjs= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBLKS0foJ38Xmo62Z/QL+t01IDjTyBuGI --gAmgoEkcC+ar+slD03fwtIY7 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C18:KAS-ECC-CDH_K-163_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBkJZ5QBHbdo+l+JeSR1GbCt5WL1JA8Ll --MoE5NkGlGNHc7/q+6LKb3hQC -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C18 --PeerKey=KAS-ECC-CDH_K-163_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0530020c8f6362312bfbe5c1c605b40dc2e032e81c -- --PrivateKey=KAS-ECC-CDH_K-163_C19 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBbTeGKxlXY8agHV45uUWa --MlB8KyGhLgMsAAQDNEDkYMR18gWKdn7EZsoYvOQfgw4Dcq7jI9Bj+omsv/v1UCSu --JOSSnxk= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAzRA5GDEdfIFinZ+xGbKGLzkH4MOA3Ku --4yPQY/qJrL/79VAkriTkkp8Z -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C19:KAS-ECC-CDH_K-163_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA3FCdpl7RHji2LWa9fLmPiK8TDHkBnPy --jZYqv+3uYuq0fDtFeaHlFoM2 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C19 --PeerKey=KAS-ECC-CDH_K-163_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0521673006a1d9608911d54536e122d809e919d804 -- --PrivateKey=KAS-ECC-CDH_K-163_C20 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAbGWHlLA5yCCosDMAj6is --dVa8rsOhLgMsAAQEy/soZpHkFQgaF4Xsawqs2x0jHR0F3WrP6R1oqOwjaGR4wO6M --iSd67xQ= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBMv7KGaR5BUIGheF7GsKrNsdIx0dBd1q --z+kdaKjsI2hkeMDujIkneu8U -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C20:KAS-ECC-CDH_K-163_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAnXsFfJ90tpuRN/mI1Ry1b06JQL4BY/Q --ImKyfBhd3iayx31aT01Q3Jko -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C20 --PeerKey=KAS-ECC-CDH_K-163_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0460579beca16cccce314ff3040de4785336fc358c -- --PrivateKey=KAS-ECC-CDH_K-163_C21 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUBacjaIsNahVSVBHoQS+AL --FXW2UquhLgMsAAQEXv7ZyL0qTkKViPNE9J0eY+ZovQECXRr4WsIdWYItffjw5L66 --3ztdRAE= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBF7+2ci9Kk5ClYjzRPSdHmPmaL0BAl0a --+FrCHVmCLX348OS+ut87XUQB -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C21:KAS-ECC-CDH_K-163_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAjOvNhAwOSJvQW3SLhomtz+Qk9OKBzQl --ihdcl3aKn3K4JLmakfXPjj2W -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C21 --PeerKey=KAS-ECC-CDH_K-163_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=05ba66964483fe473ccbd00c37ad3ba40cc5969f62 -- --PrivateKey=KAS-ECC-CDH_K-163_C22 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUAAy/HkIZGMmMMSaKemtD7 --bRDytYyhLgMsAAQHec+z4XyQKiWE7TOCqL7YJi25hCQASvJzh1+KKrmpSsDR5KIz --kLK7UFw= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB3nPs+F8kColhO0zgqi+2CYtuYQkAEry --c4dfiiq5qUrA0eSiM5Cyu1Bc -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C22:KAS-ECC-CDH_K-163_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBtAyFSJA8ovn90349tKkUMEimlqVB6ra --x3zERImF0XlGNrwdWC89EBoz -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C22 --PeerKey=KAS-ECC-CDH_K-163_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0277c4a76e1613b2ede699a675c1645a786075009e -- --PrivateKey=KAS-ECC-CDH_K-163_C23 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDwd5btA5wkz7X24TOLLRo --y7opmzqhLgMsAAQF/+DxYBi9S97l9zv9rQTXE/Ihb1AEI2HIgfAIHLBUTvqww7NP --Weqt7sQ= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBf/g8WAYvUve5fc7/a0E1xPyIW9QBCNh --yIHwCBywVE76sMOzT1nqre7E -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C23:KAS-ECC-CDH_K-163_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAfhYHsYd8UCSJ6q3oBXyxx0p43FsAcH1 --HMQYW2iiYOMbSwDAOkQD9lwl -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C23 --PeerKey=KAS-ECC-CDH_K-163_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=03c6481dac387af39e8c09a553068ac496eea03691 -- --PrivateKey=KAS-ECC-CDH_K-163_C24 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAAEETDBKAgEBBBUDiBJ1uki+oL7MAhGQNGf1 --0KrjIaqhLgMsAAQHduQP5xSZhTN+8bbJuDDLNgh1KqYFjm7LsnsLLTzQ46e6U43j --V2/VufY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-163_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEB3bkD+cUmYUzfvG2ybgwyzYIdSqmBY5u --y7J7Cy080OOnulON41dv1bn2 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-163_C24:KAS-ECC-CDH_K-163_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-163_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAroi+9qqqAbIVw8UrUyIKmEMy42EBtRD --jlKMqIewW9JWTfk775v2YNp4 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-163_C24 --PeerKey=KAS-ECC-CDH_K-163_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=07b5d096d06d41c3ad6458cc93417e6facc99bc7b8 -- --PrivateKey=KAS-ECC-CDH_K-233_C0 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0TWluMPOBH+8XfJid9O/g6 --wz3a21z0oFDKgr5I8KFAAz4ABAGlPlwTiz2DkF1WOqHbASdGM8mGtS94IlqS4z55 --UgDsq9Pi4mcpqWVgTlYO1EmKIrMcOWQuHPmbHd4+xw== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAaU+XBOLPYOQXVY6odsBJ0YzyYa1L3gi --WpLjPnlSAOyr0+LiZympZWBOVg7USYoisxw5ZC4c+Zsd3j7H -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C0:KAS-ECC-CDH_K-233_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfQONLPtShstQMBW+3XyrVQ8iXz9gvVC --z3RqDyAvAMEwoavpK8TJd8gAd3mWzMULkN+ZGi6B3VFcGIWZ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C0 --PeerKey=KAS-ECC-CDH_K-233_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00a822b141ca1f5ad32899e68c54d1fec3df8100df485ebf1c5868a9ac89 -- --PrivateKey=KAS-ECC-CDH_K-233_C1 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1Rvm+81IeMVUObC8u+Xqjo --S8nbiecKjo6/NHgtqKFAAz4ABAHFoeXT7lFuPt5yP6LVzTRWsRYyYwPF7kknOlYE --xABWjQ/nEwKVVBv6JlB0FHVG6XM3NroAdVnXFtjglA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAcWh5dPuUW4+3nI/otXNNFaxFjJjA8Xu --SSc6VgTEAFaND+cTApVUG/omUHQUdUbpczc2ugB1WdcW2OCU -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C1:KAS-ECC-CDH_K-233_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAMhkwqRiqTY6SsPYGCEbygNpRy0YYoii --dWdDO9pFAGidTQAG66BU3Gn8wHhngPtfdNOYkhNQTi9uZmmA -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C1 --PeerKey=KAS-ECC-CDH_K-233_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01662682bec2dfae05e38587c8e6a4d18aef4cb3416989c47c11bbe2810f -- --PrivateKey=KAS-ECC-CDH_K-233_C2 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0uzKWV5V5shcWveMWVQP23 --SQA/9Ow2HDi0jn2mvKFAAz4ABABaSPrEdsMcrQxo5k5l5oeuRBj7XTtLsqu5kN0N --5AAtmt1wZibyhZ7OEQ3y3eifrz6KrEM+JZXiPCdAgg== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAFpI+sR2wxytDGjmTmXmh65EGPtdO0uy --q7mQ3Q3kAC2a3XBmJvKFns4RDfLd6J+vPoqsQz4lleI8J0CC -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C2:KAS-ECC-CDH_K-233_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAXgtgvzSEcAkfIfmV+/MXS/2sF65NTMK --U5A/s7+jAMzoMKUV1pCrmBSVea00gThIWeVl0H+mH1Dr1mmi -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C2 --PeerKey=KAS-ECC-CDH_K-233_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00215d511cb95e0e073ee999908a7a844afd75c9acb7a9d724f7fd322b01 -- --PrivateKey=KAS-ECC-CDH_K-233_C3 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1qfAOJLfGE1Wzcy51emhZI --OmyTiK4hKqkmyP37XqFAAz4ABAFKr4gOgdtpq6K0A7vafzYeMzm0g84mmfML9Sge --rQG3FVm9fZOE5Re4fxE4ppb7zrNRDYxBwhWNSqPlsg== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUqviA6B22mrorQDu9p/Nh4zObSDziaZ --8wv1KB6tAbcVWb19k4TlF7h/ETimlvvOs1ENjEHCFY1Ko+Wy -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C3:KAS-ECC-CDH_K-233_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAI2ADTdnq/VzFpV1TuiCm4WP9OtgSkSK --1mSQtJwZAbwPAzlkmtTXt8/z/KnpZaOGJej0W8lgKjPAeYoz -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C3 --PeerKey=KAS-ECC-CDH_K-233_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01394e02c70104f2a5308b2d101b02c70ef2d13540602b8e8f82dc6d569f -- --PrivateKey=KAS-ECC-CDH_K-233_C4 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0uL/h5G8ZMAPOw8dXVz7nd --s7GTgUWZ99vd7e/Po6FAAz4ABAGARcyeZfbideMipiwY7+LQDPk5lf61NWEnOj8T --BgFk4Ac8DUs+EuIvg3vT/sQh47sJ4MDdmXQigw9kAw== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAYBFzJ5l9uJ14yKmLBjv4tAM+TmV/rU1 --YSc6PxMGAWTgBzwNSz4S4i+De9P+xCHjuwngwN2ZdCKDD2QD -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C4:KAS-ECC-CDH_K-233_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUo+EhrdelJn9crSBLP0khUIR4ayP42U --2f2gLg8ZADlP6hddrZs01SVDRlTQyGY3kmysOjKSouSlFLX1 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C4 --PeerKey=KAS-ECC-CDH_K-233_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=008556a4c3a8906ddbcb946099ca5dbe7bdb6cd8f37fbb50c96fcefed32d -- --PrivateKey=KAS-ECC-CDH_K-233_C5 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1mly5xVmdG8vdsh3k3dAVO --onXip+J6t8LQXF8kEqFAAz4ABAAgIm3XPjGOT8jUndQ+WeJgGT0bskjL5MBrTWuD --iQDtEqTziWlqsxyT6j7E2Orxi+CX/JFS4sQrc/9FKA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACAibdc+MY5PyNSd1D5Z4mAZPRuySMvk --wGtNa4OJAO0SpPOJaWqzHJPqPsTY6vGL4Jf8kVLixCtz/0Uo -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C5:KAS-ECC-CDH_K-233_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAIlmeIj4QlxaYjE0Yi8eqdmvNt+XcsQQ --1uMfK024AIRDD6RxZNHA65cEKkTL70ALu1RfrqTvSbpeO+9C -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C5 --PeerKey=KAS-ECC-CDH_K-233_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=004ea6e0e34ec7c9bbad47f0f6f8ec0608e736d91e0e56cf3e5cffe8c370 -- --PrivateKey=KAS-ECC-CDH_K-233_C6 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0eU7qha8AmK1MppxGw6xiK --G8p+9LXIUGEiXUHUqaFAAz4ABAB9bXhfoyMXTrnN5bcFQo5AGSRINbyUcC8oDCX/ --5QGaoO9DMHTEhNFOYRNy8D74kS8agkbOsekMgX2z2w== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAH1teF+jIxdOuc3ltwVCjkAZJEg1vJRw --LygMJf/lAZqg70MwdMSE0U5hE3LwPviRLxqCRs6x6QyBfbPb -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C6:KAS-ECC-CDH_K-233_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAWTaCZIl6zxkH8g8dyBKOW6rlJWxKiL2 --jnpLg5nVAM2Y8nBMdJTm0gN150UoyPVvhn6d12MpgULqAXJL -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C6 --PeerKey=KAS-ECC-CDH_K-233_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0160d0b9b92a4acd089738fd489ae39734551e888fd05a020ce26498270a -- --PrivateKey=KAS-ECC-CDH_K-233_C7 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1CqAMqEdFld1XEnkdwM7DT --Qdov6ZOkV3tBpAzuGqFAAz4ABAH2YpaX2mINWX/B9RyDN0IT836VL8EX7mWp52au --+wArNt7ceHrJUdKHnXJBTaLnV1ps18QuD6ILMtRh9w== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfZilpfaYg1Zf8H1HIM3QhPzfpUvwRfu --ZannZq77ACs23tx4eslR0oedckFNoudXWmzXxC4Pogsy1GH3 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C7:KAS-ECC-CDH_K-233_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEADOosIo8M8NDAyztHA9egm+TLe6HnsFg --eir11GKYAGxPJ6SbUaifbQlgFguluP7AjdLNS8kJpJCuvk97 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C7 --PeerKey=KAS-ECC-CDH_K-233_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0038381b342efaa70bb79adb76ceb775de5f45f863559ecaee1ddbbd0313 -- --PrivateKey=KAS-ECC-CDH_K-233_C8 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1D5XcJeBlfkXFS8Fe6H7AV --bYlNMui7VMf2L3NApqFAAz4ABAFIfR/avM19idolaFsEKYCrFwruPBHzEYDjt8UK --SgF+OD3WWh7IpAkAf3UDXlsWEzXZx3Vu2XBJD70XGg== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUh9H9q8zX2J2iVoWwQpgKsXCu48EfMR --gOO3xQpKAX44PdZaHsikCQB/dQNeWxYTNdnHdW7ZcEkPvRca -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C8:KAS-ECC-CDH_K-233_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAM/hX4YaoBU0hfOKwDPfnI2BKv3hZ7iR --i7lKCNljAb6/Bn+FEm0RSTIWIWQgGxN0vxhAqhHV4lBjnQYI -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C8 --PeerKey=KAS-ECC-CDH_K-233_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0122169f1dff445ec663270375dfe914016c38ce6c2d40d0b8098abc60ac -- --PrivateKey=KAS-ECC-CDH_K-233_C9 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1MZ8YQPmISRgCg2ekj3CF6 --Ai9Xxv6yGccDM0/zOaFAAz4ABAAjUv6TQeYsYJ/BU44CcEBecAHXR7h1AOZEoRLF --2QBB87FbcUpvfvZH4jZl6lMO/L4ZsHQENs2oEug5OQ== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACNS/pNB5ixgn8FTjgJwQF5wAddHuHUA --5kShEsXZAEHzsVtxSm9+9kfiNmXqUw78vhmwdAQ2zagS6Dk5 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C9:KAS-ECC-CDH_K-233_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAHY+KGvlB0C3+L14+nC8rIgN89c3HrM/ --2iRTs+0jAFe+bF99mQt1Q5hoM5rjJ68EoEmzi5IzK5y4yyfZ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C9 --PeerKey=KAS-ECC-CDH_K-233_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0054d47c9d0a9fee258122326be25daf35f0ba0b8449e16b4623a8c0fd7e -- --PrivateKey=KAS-ECC-CDH_K-233_C10 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0Z5U2ocples9zczFBBjsNR --QAiJ+udaC6Tc/yXx+aFAAz4ABAFeZ+rr5Sujf1tzoZnZUIEs7BAS/UEFgURLvyPg --yAAiBV74Id8zBC+4MW3a12SF29JZDi9UmKkU5PCtOQ== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAV5n6uvlK6N/W3OhmdlQgSzsEBL9QQWB --REu/I+DIACIFXvgh3zMEL7gxbdrXZIXb0lkOL1SYqRTk8K05 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C10:KAS-ECC-CDH_K-233_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALyKca1METTe8Cbkcj4xAiP7LFhZvHWU --BUyJTaVSAMNlBWNQVTUDPHpsRI1zv6CPuDcCNMf9usGzTaoi -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C10 --PeerKey=KAS-ECC-CDH_K-233_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0071aed39f5c44a7ff72db3e0f8284da39dfb2d894f278d2006f9d2686e3 -- --PrivateKey=KAS-ECC-CDH_K-233_C11 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0Tpf/JoPcGnBxmFIaZYS5c --+rfiv3syVfGBoCJxkqFAAz4ABAGN5NxPak3lw2OOu6JNxwZJg7FZ9VsTnHaAocuQ --0QE1Uy2BSK8+In1KiWDnaMVl9ywawKHJp70YXPmU0A== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAY3k3E9qTeXDY467ok3HBkmDsVn1WxOc --doChy5DRATVTLYFIrz4ifUqJYOdoxWX3LBrAocmnvRhc+ZTQ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C11:KAS-ECC-CDH_K-233_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAWzBrhP7NIJSSTAhzWFG1THwtyKEKkTH --l5aJ8f84AYwJY/8Oo3BIyfb0dkTyp8jFA4Y8J88h7m4KMiTq -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C11 --PeerKey=KAS-ECC-CDH_K-233_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01ca68ead4eddc8847a3a661cc6628e076bdd4b45047ece72245d094dd3b -- --PrivateKey=KAS-ECC-CDH_K-233_C12 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0vXSp+CHekyZBzcyOG6NWX --NKI91/Dff81U2UHnYKFAAz4ABAFHmAlGgMvTL7HuncqmuHOaVWMFI1kz+ycVfTGe --VwHIVfDUU8H/tfZosyqLPjCeDoEBvDm22+feIUAV4w== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUeYCUaAy9Mvse6dyqa4c5pVYwUjWTP7 --JxV9MZ5XAchV8NRTwf+19mizKos+MJ4OgQG8Obbb594hQBXj -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C12:KAS-ECC-CDH_K-233_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAOSeGCrF2TK+iwX+NA6Mty3zVkfezWea --jFm12Pv6AYG5WpZavRbsJDDCbdBxmE6FSpZ/8RTueDG9MUsq -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C12 --PeerKey=KAS-ECC-CDH_K-233_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=017a893b2e090780ff8daaf3588f9dfc0ac4dfe1f1e263697a9d1f398ab3 -- --PrivateKey=KAS-ECC-CDH_K-233_C13 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1lKhH2wxF/Eyb6aHdAXOxz --McTxRql/dKsMRN4Bt6FAAz4ABAAs1tTB0sxeNCBerblPTP01u1adpyLE2bGbjVzC --3gDqMATlsJMN9/i9oxTIvBFFRj62ACLNLc9sDIJOUA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEACzW1MHSzF40IF6tuU9M/TW7Vp2nIsTZ --sZuNXMLeAOowBOWwkw33+L2jFMi8EUVGPrYAIs0tz2wMgk5Q -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C13:KAS-ECC-CDH_K-233_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAVmLL9tb8aOVH7nsAW7LTSj2bC6dE1ln --hlk1hdcZAe9lyvFXldFKC+icrHxoAyO8WYA7qHTLKWhnLLip -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C13 --PeerKey=KAS-ECC-CDH_K-233_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0041fa5fdf495b885699249b7746334b76c59e1c917bfc1ae371b96941f4 -- --PrivateKey=KAS-ECC-CDH_K-233_C14 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0q1fccY4SvYmibNcJMTd+z --Ws+BBssMGVAsLKGEr6FAAz4ABAD+G1JAinEoQb1i8O5RMH8mMx1AK8w6WrBAXRxe --gAEKcxp9ampPW0Cy6qgQwZAtsnso0pe8BfNxTKyvwA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAP4bUkCKcShBvWLw7lEwfyYzHUArzDpa --sEBdHF6AAQpzGn1qak9bQLLqqBDBkC2yeyjSl7wF83FMrK/A -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C14:KAS-ECC-CDH_K-233_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAbbP87f6IV43hgXJP4b1zThF9F+96L4H --newpvIhiAWYiLvpdup6FjCRdu12maCOatbpyhhj7hakN3HYK -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C14 --PeerKey=KAS-ECC-CDH_K-233_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=015f5adba59d1ee01696cecce4b63e78e68508303ee496ff5abcea25ad3b -- --PrivateKey=KAS-ECC-CDH_K-233_C15 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1vActUeBy9ptiN61mEOuCD --axr2g+/HVlC+hPIIp6FAAz4ABABNAKjwgg2pCX/lDo5979rClgfdTLHdiB1OYfHn --iwCKSo6cgRtEQ2eVJ1KrjCpRmO+yj77b8/vXAahXqQ== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAE0AqPCCDakJf+UOjn3v2sKWB91Msd2I --HU5h8eeLAIpKjpyBG0RDZ5UnUquMKlGY77KPvtvz+9cBqFep -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C15:KAS-ECC-CDH_K-233_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAM9AKuvD5CR6mrQ9qXVRdqgQ4BH5/Zd9 --4b4v1TT7AbrEX6QtYFrTR5x8Q+ckkQcWc3lTzIUErxTzMdNP -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C15 --PeerKey=KAS-ECC-CDH_K-233_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=003d5c29b3753e89ce5064575393392b377ca657a0b73872c82165fc43ae -- --PrivateKey=KAS-ECC-CDH_K-233_C16 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1dwboYOfXR/qhas2FMVanF --/mAIU8caYZg8fcgt4qFAAz4ABAC2y2/6Ti6rz3uYfrtSAWWo7Joipvn/sQDzgXKg --+wDTmBThhSR25W6JzozdZDcoQMAVcKhpQKziS7nPag== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALbLb/pOLqvPe5h+u1IBZajsmiKm+f+x --APOBcqD7ANOYFOGFJHblbonOjN1kNyhAwBVwqGlArOJLuc9q -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C16:KAS-ECC-CDH_K-233_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAPOMzM8I5b3/O7NffnW9ztaNN5Hc94Q8 --qI/wkhNtAV7XaXpLjJnQFHgo9shh/8nPsPM9zp0UsHMeHaJi -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C16 --PeerKey=KAS-ECC-CDH_K-233_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=007c01f906caa590898a09f46b6f5383658e7fee656aca0f111f22939960 -- --PrivateKey=KAS-ECC-CDH_K-233_C17 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0kHh31WHAx3drhlokcKIIc --x4ea01gyrnGPbnkuZqFAAz4ABAHBcs7it2UD602Qs53azoJbI8Mjdcto6uzXNISQ --owDCRu+cbi+trHfHPundWt7oKLeRhBc5W1mXvhoCeA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAcFyzuK3ZQPrTZCzndrOglsjwyN1y2jq --7Nc0hJCjAMJG75xuL62sd8c+6d1a3ugot5GEFzlbWZe+GgJ4 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C17:KAS-ECC-CDH_K-233_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAeMoVx35M6z9TJbzxL3nHpF1y81iruzX --Y4R0Sg8/AZ/0iq4MJS7ajTQLJcTdoBovIaqjXTm68DZpahEB -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C17 --PeerKey=KAS-ECC-CDH_K-233_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=019eece7d3fafc9274d361c6fafd9efd9ee485cbacb3baaf6834feb4df6a -- --PrivateKey=KAS-ECC-CDH_K-233_C18 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0ESsVakTqMf37X/FZ59S9H --y7lzAyW+IbeZN3nRh6FAAz4ABACXlIYQF7Pevv8wLkJTJ/4mnXh1O3O8G/s6d/cW --3AACWBpJwSafXsho3G1/XC2OdJYy1Hq22eaNutmF8A== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAJeUhhAXs96+/zAuQlMn/iadeHU7c7wb --+zp39xbcAAJYGknBJp9eyGjcbX9cLY50ljLUerbZ5o262YXw -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C18:KAS-ECC-CDH_K-233_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAPSqf5NAqdpGxPBnKHU6Stxa9TpNy0Z/ --cLSHPaeFAH8yHivE4pporCPHfO3Tu83gv3uSon/6dklpiJgd -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C18 --PeerKey=KAS-ECC-CDH_K-233_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01e4b7e89fb1b51179b8792f5cd581c3917e11246d3846f6344ee82eed66 -- --PrivateKey=KAS-ECC-CDH_K-233_C19 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0rwTZ3hTEInaXC+rPK7sJW --xUsLNfwsZfe47mFhw6FAAz4ABAH7JYox0Wa++c1mTNe2bNjBhucCXHfwuucxWH6e --9gBg39TkdekoBdGTXQOC3BdnBnkVzADtOyT2U4LSGg== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAfslijHRZr75zWZM17Zs2MGG5wJcd/C6 --5zFYfp72AGDf1OR16SgF0ZNdA4LcF2cGeRXMAO07JPZTgtIa -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C19:KAS-ECC-CDH_K-233_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAGjZ5V56EFt7tEsh1mm7DvZXqRQ3rYS/ --bVhTJwyYABQ8i+21TbB9+PZwg8WaCqfNig76QvQv1i5ELgti -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C19 --PeerKey=KAS-ECC-CDH_K-233_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0145710c3ab0780ec233424d4e28b38d29f886965bbcac49fa300e1ed886 -- --PrivateKey=KAS-ECC-CDH_K-233_C20 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0NVllUcUNdlf7DffYi8Y7n --2rskN5yCu/cUxavF46FAAz4ABAGlKUCkUqr0ILN7XzLCwzcwaJSogv7qet2twBkn --7gB3G59ioqb6iSUDIlJ1SQOIuL/C33ffPoBr7bp9iA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAaUpQKRSqvQgs3tfMsLDNzBolKiC/up6 --3a3AGSfuAHcbn2KipvqJJQMiUnVJA4i4v8Lfd98+gGvtun2I -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C20:KAS-ECC-CDH_K-233_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAJnrkc2phiAQPDIF1kieaK1+V9ClHcUC --1uMFiPQYAD+/gpkp7dKOkG9Y+Hq+1tbRd/Q28N2UDdol6vGI -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C20 --PeerKey=KAS-ECC-CDH_K-233_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=006941a2a531083563dd886b06c0860770a4724bb04a4ebb2afb1ba2636b -- --PrivateKey=KAS-ECC-CDH_K-233_C21 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB0ZyKsrMvLuk78v9rxEN4tg --hyva62ula1FMjziLp6FAAz4ABACDUw+j3zFah0CsUvTTlLgMSl8hC6ugttwiBeEk --kwA3udAu1D6dQdDbuEA7kCG00sG9Ng7lPDHCe0kgBQ== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAINTD6PfMVqHQKxS9NOUuAxKXyELq6C2 --3CIF4SSTADe50C7UPp1B0Nu4QDuQIbTSwb02DuU8McJ7SSAF -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C21:KAS-ECC-CDH_K-233_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANzKoitDOR3AUll6470HxuXwIfOemHdW --9lSBce6UASjv1JrzprMtwWeXqXjwrUqw22arq9atVnL0+BLJ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C21 --PeerKey=KAS-ECC-CDH_K-233_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=001d754ee5351d4582974734072abac23376e24348370934e7b864db0f52 -- --PrivateKey=KAS-ECC-CDH_K-233_C22 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1QMWAQTYigwPY5VufDu6cC --lj+fG1P8EZpZLu6k9aFAAz4ABAFGPHjkmKvzQDPsPh2XPcElCeLSNPuRQDcV5C9h --9wCt56u5igMIiGaWNTqtM8Bbq1zzwNTpacv0xM7skw== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAUY8eOSYq/NAM+w+HZc9wSUJ4tI0+5FA --NxXkL2H3AK3nq7mKAwiIZpY1Oq0zwFurXPPA1Olpy/TEzuyT -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C22:KAS-ECC-CDH_K-233_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAXCRezOze46v8kYeX5648Hl7E6q9kVpg --cGzU8yy2AHZR4HQsDYPUtoVS6ber7DZEupdVz/5tTlaUOmub -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C22 --PeerKey=KAS-ECC-CDH_K-233_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=011346b83791e4bea7f6ba6b1265e5050895d84027c106f77353418f75d7 -- --PrivateKey=KAS-ECC-CDH_K-233_C23 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1FR+r5vhzlrxOG4xEEbsgy --YLhKLKkQVfYGaLlG4KFAAz4ABAFQSTjBZ2gK+4ttWFjPqhkcQBlvxOUAxmLFNG7M --kAE30bqUIija5oxFCxoDOiyBCplZcfAcJAieSm/cxQ== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAVBJOMFnaAr7i21YWM+qGRxAGW/E5QDG --YsU0bsyQATfRupQiKNrmjEULGgM6LIEKmVlx8BwkCJ5Kb9zF -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C23:KAS-ECC-CDH_K-233_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEANjtMYOCuFwlJaAsIsZ/W/NmM12Udn61 --y0VzlmTFAX2P3nu8Vo/cgCo+NFXzzzVgLfcGhMis3aFloCZW -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C23 --PeerKey=KAS-ECC-CDH_K-233_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00b4938ed1ed012a9a53892ed9949397cdc4e4a612d54dcf80cdb039f47b -- --PrivateKey=KAS-ECC-CDH_K-233_C24 -------BEGIN PRIVATE KEY----- --MH0CAQAwEAYHKoZIzj0CAQYFK4EEABoEZjBkAgEBBB1C++VUhi81lRhKRVEMpT35 --fEUXVYS10t4EJyM1jqFAAz4ABAExuNYbnPsFNsWIIU5FiI6+SDke7stNf7W+jv9K --zwFl2klVegqp1F3TeNX4mScsxpdoInaukdLAtnXEaQ== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-233_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEATG41huc+wU2xYghTkWIjr5IOR7uy01/ --tb6O/0rPAWXaSVV6CqnUXdN41fiZJyzGl2gidq6R0sC2dcRp -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-233_C24:KAS-ECC-CDH_K-233_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-233_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAX+H8T9t/uYIG7XMpTL+JownHSdWsxvf --ZDKXz2lbAPOnRpVeEt0LcZGe2/I7IyLKsyjdCb34e8r9zSiE -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-233_C24 --PeerKey=KAS-ECC-CDH_K-233_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01b3d2578bde3066a253db5322c85cf9487ce77b67ece955e281b0d7d0e7 -- --PrivateKey=KAS-ECC-CDH_K-283_C0 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAV/eSbgCVCpSxwsjoLF4 --Tl+HgLVoU/ml+MOlJm6HJ9zpfUoXoUwDSgAEBhHtwEXb5D7MTvazJM1R9w/j1934 --d+xot5iQnDxFYXVqow5fAIM7JVEXBK8Jti2ffLrFmBTnW7ucc19VU4SR2/pgweAR --Xv5C -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBhHtwEXb5D7MTvazJM1R9w/j1934d+xo --t5iQnDxFYXVqow5fAIM7JVEXBK8Jti2ffLrFmBTnW7ucc19VU4SR2/pgweARXv5C -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C0:KAS-ECC-CDH_K-283_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA/B1wkw1qdyZUr5v0yt2Hc5j9HIKIkCO --OhS70JfgErVpTCKgBnWCW0AgLpW+fatagmFH4EuMUaCbADRXfB8x+MFqcMjhyFuJ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C0 --PeerKey=KAS-ECC-CDH_K-283_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0745552817b5d729310b7dbebae687648714a9ae695dad20ca1ab6111c3d054670f21132 -- --PrivateKey=KAS-ECC-CDH_K-283_C1 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkATuRH2LzqohDVGNFR+5i --KAfV0QYCAzCuK5eYwMTNDq2xC6lIoUwDSgAEB40uzU2QIzK2s8e9S6fSAPw0xF7a --MJmLYCXtR7H0+OaPMoYkBNXlNkfd3y/MyIFtrIvHDCmAdiLMlVOacqo6myMModJe --57UW -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB40uzU2QIzK2s8e9S6fSAPw0xF7aMJmL --YCXtR7H0+OaPMoYkBNXlNkfd3y/MyIFtrIvHDCmAdiLMlVOacqo6myMModJe57UW -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C1:KAS-ECC-CDH_K-283_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB5m0MOkjIP/qvy1syHOZ4wwKqEQg/466 --Iwm5lIe3Qtci6LelAhc2KAH9bS0oblzfN1zQrlabcAAFMS436ONbFZLvubXq9Hs6 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C1 --PeerKey=KAS-ECC-CDH_K-283_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=02eb0c1ceb6179232e91cff91fc8a30553c6ed7e0a71deb1bda0a10735a84593dd903636 -- --PrivateKey=KAS-ECC-CDH_K-283_C2 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAXdjK2nn7do88AcwdQQ0 --PMIWIyb2IBfL3fNgqHbck7gfBMWOoUwDSgAEA4FatkgOStJKZignXvLuDOfVhpkj --nbziMziEK8WMQsypTSQSAt6DPMZkyskNMPvqxgPvu86SdtTxarHEbn4RyBqaqeJc --gpaa -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA4FatkgOStJKZignXvLuDOfVhpkjnbzi --MziEK8WMQsypTSQSAt6DPMZkyskNMPvqxgPvu86SdtTxarHEbn4RyBqaqeJcgpaa -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C2:KAS-ECC-CDH_K-283_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAM5Hp0PUi4b+/WtcAvKpeydiov5X4L34 --XB1qKd6IYsTJntU6AyLllgafkWVoyiSM7Vfv6QU0r0qfkKT0D3l+RSlnAxcmv0HX -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C2 --PeerKey=KAS-ECC-CDH_K-283_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04a9dd2cf5076814e5329c518c4f27b429dbe01d46682d476e7e78880de368b064236ba9 -- --PrivateKey=KAS-ECC-CDH_K-283_C3 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkADv+mhyYU4bluisxVTpV --FR543cOPB0MrXEKhzS2ieP0LaOBHoUwDSgAEAdnDM32pXsblpL/xzJJ4OYm2bJIw --EHhw1KV4aZM4446y2S7/AM2q19DrD0Rap2Ol37jzj1U1V3fOJPdTta09PLqxJfSR --aY1W -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAdnDM32pXsblpL/xzJJ4OYm2bJIwEHhw --1KV4aZM4446y2S7/AM2q19DrD0Rap2Ol37jzj1U1V3fOJPdTta09PLqxJfSRaY1W -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C3:KAS-ECC-CDH_K-283_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEByiXWDm0LGIDanr/+t3vwwJLclhAe+1W --XK6pOb4z0WrJREXHB3EmMHkLBa4E2NfZ8jZdrprSTExhs+sgwKeYfmpMSw9ZjDcf -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C3 --PeerKey=KAS-ECC-CDH_K-283_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=044e2cd2bc164d21cf4b9833c0aa62ed059282e62b82f4500aeb422d17e1f6e7e8bbd500 -- --PrivateKey=KAS-ECC-CDH_K-283_C4 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkANla9SpwjmktAmd7IQMv --eurWAD8STnIBPzfAbgu8IONTKzzqoUwDSgAEBuSH+R5zvdNE+4vI9MH0ducn+yZx --6dbI+9d18aqiTK8umjb1BmPhz/gJl1e7n/G4eJAoOqSc/w97Ev4YTtKkKDddJ5bN --gd6R -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBuSH+R5zvdNE+4vI9MH0ducn+yZx6dbI --+9d18aqiTK8umjb1BmPhz/gJl1e7n/G4eJAoOqSc/w97Ev4YTtKkKDddJ5bNgd6R -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C4:KAS-ECC-CDH_K-283_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBVZy1zmYRRCJ4rfHEEtCJH3d0TLUCtCH --tYjWo4XaZPWi9Gg4ArTLFYH54rN463pPZPWn1DILLKPTR0cm9nDDiDu42kfz10W+ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C4 --PeerKey=KAS-ECC-CDH_K-283_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04d4f04d2fcf1bcd8150eaded90e467d3d38f753b6fb54eed8f9d29cd3dcc7be2c83de11 -- --PrivateKey=KAS-ECC-CDH_K-283_C5 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAMcz2QlAMsx67WxUqM7X --U+rypIiCKFo7TH5gIfJr7OByKECtoUwDSgAEAmiWsDnXBo2YoyZxDrt6l4vUdmEV --RkWuMM2D1gU1Bn4FFRzLANg6Jjvb2Mir8DEL+/yDkXqGsNjEvgsVWre54scFYFYo --u83Z -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAmiWsDnXBo2YoyZxDrt6l4vUdmEVRkWu --MM2D1gU1Bn4FFRzLANg6Jjvb2Mir8DEL+/yDkXqGsNjEvgsVWre54scFYFYou83Z -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C5:KAS-ECC-CDH_K-283_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAswopMt20UfZjfpnfcoU4XcTR7loHGXN --tUDyLJB2E/3MsMjaB9QGX5kMj8N9EA7OOPv1dM5ETcNzVeBwK4DR6xvdZwmX6PJx -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C5 --PeerKey=KAS-ECC-CDH_K-283_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01c343540541604f68ddbd63c483760d824ded5c18be7e56e6d36a9ac6d25772afb0a90a -- --PrivateKey=KAS-ECC-CDH_K-283_C6 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkANs511Ngctw0SM19IWDl --DIEfZINY6w2x1UKOgap6aGt4Za39oUwDSgAEA6chkGrRPcFcMR/U5VLzvIe32Szu --7bsMMWqVJ4W6Ron8C6JwApUU84c7vDueIXBh96YmH9xiaGhfllbx1e6kcswttajB --Yubp -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA6chkGrRPcFcMR/U5VLzvIe32Szu7bsM --MWqVJ4W6Ron8C6JwApUU84c7vDueIXBh96YmH9xiaGhfllbx1e6kcswttajBYubp -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C6:KAS-ECC-CDH_K-283_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBjiA61OMcnXsuk21PZtowof7N3i+9RSX --TR5+MamuNlohgUFfBK+fLPklQuH/j/KPjnyOgJWE4kOkkClJp2WihJhsdQsbBsia -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C6 --PeerKey=KAS-ECC-CDH_K-283_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=05e38079815477b8a79096ce339c4a255f8b213be74715ea61ef7dd0c0b5f161d9de7521 -- --PrivateKey=KAS-ECC-CDH_K-283_C7 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAGZJv9ZB2r8bnUmdT7BL --6wmUddCqFdXvaEi3NNLUEwCLYEMIoUwDSgAEAI9ldtYq/8cYNtGa27w9UEIQ8S77 --YcQgV4JFFSkMUC8uCbbYACFkO+h65uVJsNX7tVjBMD0UsczXdwPsdPlgLzXKjXpR --Obzn -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAI9ldtYq/8cYNtGa27w9UEIQ8S77YcQg --V4JFFSkMUC8uCbbYACFkO+h65uVJsNX7tVjBMD0UsczXdwPsdPlgLzXKjXpRObzn -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C7:KAS-ECC-CDH_K-283_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBb/SiVouZjZtt6g3iMcrzkj3m1yVJKCK --4nPHjOs5rpdVnVrDBKKwpV+AFVoaMw/ebLbZft2wqdy2bEmzkpBKvos4H5EJDbsh -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C7 --PeerKey=KAS-ECC-CDH_K-283_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0531ccf51d1096982f7c2ec513a92bf51c7ac5069cb15c5e2a053ceae7e5550908a19101 -- --PrivateKey=KAS-ECC-CDH_K-283_C8 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAIGGCmU9bZREbXdmFk/5 --LGxcFUXHNTBLOtTVF4yLFNAYHpRxoUwDSgAEBraIFbuDaR0WdJxL4WEl4qbW2ulC --UnObp78NsNUBmOov5D3fA54NkwGKRhJWIPb/rKWgZoNDxXAlpgwxqdblEZHKsziZ --O0a1 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBraIFbuDaR0WdJxL4WEl4qbW2ulCUnOb --p78NsNUBmOov5D3fA54NkwGKRhJWIPb/rKWgZoNDxXAlpgwxqdblEZHKsziZO0a1 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C8:KAS-ECC-CDH_K-283_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBjVH91cL1pWXM8A9LmxMiJcfMUrc8ovI --UdxS7U6MGk6gb4cCASLTdzsJNOkA+6fr/hrV7VvsD7Gp3c9O62HL7QQAdDE8CzFw -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C8 --PeerKey=KAS-ECC-CDH_K-283_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=06ffe79d2b7664ee2d8303ffe0ceca8c49a581fcdb49c4af6a060ff204eea74f4cf39cef -- --PrivateKey=KAS-ECC-CDH_K-283_C9 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkACJD6JGb16l87w6c3mPH --bU4QcVApT8+N12dkUco7+lxe25ZMoUwDSgAEA+Q54+vfp6I6nesJ3hQZBcZTxPIC --7fLPXwn674i6MRNwHknwBx0HG4btD0aPxgGd4j/kuiyztQAyvjXpLS5a9A3nBqtS --ToKr -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEA+Q54+vfp6I6nesJ3hQZBcZTxPIC7fLP --Xwn674i6MRNwHknwBx0HG4btD0aPxgGd4j/kuiyztQAyvjXpLS5a9A3nBqtSToKr -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C9:KAS-ECC-CDH_K-283_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAJBH99dzl9tw45/p5Lqdl6mVp+4Gbs9T --gXnpN6yGys2sUQlQAHzYdRZ/BqL7moGeLL2s78Fsrg7vLLsLLUm+rhCdt1PJUGFw -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C9 --PeerKey=KAS-ECC-CDH_K-283_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0311c430db78b6203e27b52988e1e9dae890c655dac4acefa7ee9612bec32e3e5f52be55 -- --PrivateKey=KAS-ECC-CDH_K-283_C10 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAFEqQoQeEif8n+1RwiaH --MWhBNvIlz79FZImH4kU6cYb2p+3voUwDSgAEAi925atxT994Vx6EwrbqOhfxKZm+ --SDvGfhuEPSCb3+wDR6Q+Au7B/A6F8zDFPa17/0hi2K//iqFPlHVulbjwH9fuuPxU --UneH -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAi925atxT994Vx6EwrbqOhfxKZm+SDvG --fhuEPSCb3+wDR6Q+Au7B/A6F8zDFPa17/0hi2K//iqFPlHVulbjwH9fuuPxUUneH -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C10:KAS-ECC-CDH_K-283_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBL3sGTAMiv3u2GSZ0nA5It9Xsv/sN+Rc --A6XikJ3jwzO9BqXhAapPQIRPJBPx/L3tADsdFcnx33VI3iorv3G1FmV62NjHfPct -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C10 --PeerKey=KAS-ECC-CDH_K-283_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0701d92ed8687138014b4379f1c34677e1744f6ae8c89958a5962f14408d587b95472db3 -- --PrivateKey=KAS-ECC-CDH_K-283_C11 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkACqK9JfRo9rAcyo5Pe33 --U5Sj9RnOB/rtP3fcDmafOhscbdrboUwDSgAEBXHwyH+IiI7Ac4lhg0AhdlzE9cjb --Kx+eqbj+mEf4lkNJ/cRPBO98gESmCWlHRsyq/of8f58aeNAPg1T12n7i9dpyNawa --1LV8 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBXHwyH+IiI7Ac4lhg0AhdlzE9cjbKx+e --qbj+mEf4lkNJ/cRPBO98gESmCWlHRsyq/of8f58aeNAPg1T12n7i9dpyNawa1LV8 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C11:KAS-ECC-CDH_K-283_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBhH1OvS0iJkOelLlxzhWoedCebsPNtOr --GYmyzNmTkbbGs6E9BU6pWiNPZYlxlbyXsD+m0kbqWrX0HaIsCO2BeqfASt83KYKz -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C11 --PeerKey=KAS-ECC-CDH_K-283_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04f2301ed85a5c91c31a7fd125854904340a55e34976a20743bd33d95e476450f301ee62 -- --PrivateKey=KAS-ECC-CDH_K-283_C12 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAd6fukqyTQbnSuWtNq4Z --XCNgxyjrOMUO9TMynnDFrhn0ibbVoUwDSgAEBI1h4Lm4BkvMqM5A1PnmiyNoQTdy --akTqdcjy+IUPAzP76YXmBfyro41R4hEra5805necEMDFWcPs0VYCKWbPkqjH9lAg --p569 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBI1h4Lm4BkvMqM5A1PnmiyNoQTdyakTq --dcjy+IUPAzP76YXmBfyro41R4hEra5805necEMDFWcPs0VYCKWbPkqjH9lAgp569 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C12:KAS-ECC-CDH_K-283_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAScG7AoOdkJdirTg1VkwpEFuTdChr22X --mHJSmI2grJYnV3y+BCFehxUSnMdjAXkXAdxf4avNZytqoZukx+Uy7nqRPupg28nQ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C12 --PeerKey=KAS-ECC-CDH_K-283_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0643900f337ed362815f181e0628ed5184dad3e66a1f030e947f116696312d835f7f6e7b -- --PrivateKey=KAS-ECC-CDH_K-283_C13 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAV06Ii1XCcsznZPNKWUG --ZPOb8yAcXR6G067495W5/d9H2MSooUwDSgAEAeK4jeN3KwnGPQNuDbukNSRph0l7 --YoPauMzxACSG3gcwJ3tDA84YK38M6iGgah1N6HIsv8WbnZ15vHYLnRfYVnFWGuqt --1UlB -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAeK4jeN3KwnGPQNuDbukNSRph0l7YoPa --uMzxACSG3gcwJ3tDA84YK38M6iGgah1N6HIsv8WbnZ15vHYLnRfYVnFWGuqt1UlB -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C13:KAS-ECC-CDH_K-283_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBbsgvqT9hdAWJonFUAVAAUCbbHEtNWpS --95PXiqLYJhpDxbbeAxvlyvyKrvGbhhUDQTp7c7YLN7AYBJPYLpQm9Htlhzk9CN4I -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C13 --PeerKey=KAS-ECC-CDH_K-283_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=063b1a3db331f91abd0af837db9d5f040620d1ddd7fccf8b58e0df43698351ea1942548e -- --PrivateKey=KAS-ECC-CDH_K-283_C14 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAJjFcGZnku/aZfyeeQmT --EVjf1Ed76TMy5JPWmGa2YCxJUd5voUwDSgAEBNxndP5Gqw7Sdo03nnVko3xrsd0b --/FVXJ62Uwg9HMsq/KiyCBsbPD0IfkfyiK0hxIWqfH+OHjweRTpaulKx3C2di+dzg --j/ot -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBNxndP5Gqw7Sdo03nnVko3xrsd0b/FVX --J62Uwg9HMsq/KiyCBsbPD0IfkfyiK0hxIWqfH+OHjweRTpaulKx3C2di+dzgj/ot -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C14:KAS-ECC-CDH_K-283_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAQo8okNbE1/+oIeSt/GbTuGBIHwpvhzh --/erNtppmn5zd6RgaAkkIJ0semMbRl+0ng8PJU8Gzs0+kOosvV0JYTjf+pAcmm0O/ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C14 --PeerKey=KAS-ECC-CDH_K-283_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0516da1d64bc4b25ce4763e6438257d62fb1ffdeae16d68701d63b603ad53e8587927669 -- --PrivateKey=KAS-ECC-CDH_K-283_C15 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAPS220qHzdMAKcw76J5A --ubywFNAQqRolLFbLKGcfNUqATLTYoUwDSgAEBm3fBIMf0ccrxItwkGHBrqqtGcna --PYwVBvp3XU9aVBLu4ChtA6odExRv8ZJ5K3SlxkrTFQ+uNE+oMOD0RzPYZ/TgrgU1 --JsYr -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBm3fBIMf0ccrxItwkGHBrqqtGcnaPYwV --Bvp3XU9aVBLu4ChtA6odExRv8ZJ5K3SlxkrTFQ+uNE+oMOD0RzPYZ/TgrgU1JsYr -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C15:KAS-ECC-CDH_K-283_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBToN1hNeQ6EU5QAK7EC6JwmzphNzDxzC --AGtEaTXiN7/Mw5TYA7Zs5s8BUH1GLu7/9iEb1MVgcBFsaQdGj3x2/gEUC/DV+3t5 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C15 --PeerKey=KAS-ECC-CDH_K-283_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=049c68c333b96705eee4a3def0d568b0d4faf24df2fc2f1bf40da0af0946240c38e97f74 -- --PrivateKey=KAS-ECC-CDH_K-283_C16 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAauCxaYq5H7LzPZmzDMj --s1EoxS0XvhG68721YAbl1Wi6rYu8oUwDSgAEAKBK16WDZmpAQ3+WiwLKx5RnRbTK --lJAhxUQ963AYP4jhd4/gArtZHDLw2zQwNC8ON8RUScKTxU9rffb3l8CZLCgphYto --Dyvc -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAKBK16WDZmpAQ3+WiwLKx5RnRbTKlJAh --xUQ963AYP4jhd4/gArtZHDLw2zQwNC8ON8RUScKTxU9rffb3l8CZLCgphYtoDyvc -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C16:KAS-ECC-CDH_K-283_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBtSm8+h7bYxJy+UXqXXSq4xjORNVltaz --DMZcyAwShFCPSXibApY7NW8kNOwkm8tlie3k3jbOzTRQ5vXkd7/NwpraSu8PRaxT -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C16 --PeerKey=KAS-ECC-CDH_K-283_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04dd44c1a30edac2e39a5bc9902625880a18516385c90a9cc6b94c4f111e0260863ccab2 -- --PrivateKey=KAS-ECC-CDH_K-283_C17 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkABJUrxeRzHVpTOWQu1GK --dwp1BEYXGjDt1sA4KhfmiAoa6luBoUwDSgAEArdmyZOzmNJCanoKSenQAQedD8Mh --lxgcVurBgF5Ph8nfBV3qA257vTvpE51NQ6hlXvfVGgYtmUfRpIAQ7x6hDu3rJ/DR --/+dl -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEArdmyZOzmNJCanoKSenQAQedD8Mhlxgc --VurBgF5Ph8nfBV3qA257vTvpE51NQ6hlXvfVGgYtmUfRpIAQ7x6hDu3rJ/DR/+dl -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C17:KAS-ECC-CDH_K-283_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB2RS4Z16ELiFEj1QP10EM+Fj3xNP/7hV --j4rCbPswYp+M+wk+BrOiSypLB3dw05a78VSvQe7jUDVzpt6a/g9tGLAvyXYcoWQ9 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C17 --PeerKey=KAS-ECC-CDH_K-283_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0049c165339e9aeb2b516684b442921f1fef3091cf781e03fb3f56e93af1f3d6e500c81f -- --PrivateKey=KAS-ECC-CDH_K-283_C18 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkASAXuaBZn78TzuEIUKj4 --vQbMwAvSmsZ3nxvZM0ayLJgyfg+noUwDSgAEBCHGLcq1S6gA6vrCMvxzDOcPbVzF --P/U9NxJpzwRtrq9FGzPnA9Y19VIz2jxJCpWcbmOpT82+Rx+/yhnSxaP9ErBNs4DD --yJXM -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBCHGLcq1S6gA6vrCMvxzDOcPbVzFP/U9 --NxJpzwRtrq9FGzPnA9Y19VIz2jxJCpWcbmOpT82+Rx+/yhnSxaP9ErBNs4DDyJXM -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C18:KAS-ECC-CDH_K-283_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAY4Lt1FtLELp3ZbKr/XyC/3fPoYj/JR9 --TXBJFTZ5C4dBzdNyAywP/72i+oY8udFcNlRQINW7JNkw2vL+pFVffCTWrvuywB2S -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C18 --PeerKey=KAS-ECC-CDH_K-283_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0645d7f4c5479baff5bc0cba654a3dcfda56c0e9d19f50f9d8d8c6357c09a140effbf223 -- --PrivateKey=KAS-ECC-CDH_K-283_C19 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAE8ZfIVDLLQqF3ckmuQR --70uyZXukutNa5ThjWhUcjWpWT5zKoUwDSgAEBAyIkk1aJKhT+uQIrqWzvIJ9cxX7 --tY5uofamVnfdTE0wS9dfBUuChpraRDP3II+FcPJPBstkBG6KwIasV9Nwf8iCxjUn --M9/2 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBAyIkk1aJKhT+uQIrqWzvIJ9cxX7tY5u --ofamVnfdTE0wS9dfBUuChpraRDP3II+FcPJPBstkBG6KwIasV9Nwf8iCxjUnM9/2 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C19:KAS-ECC-CDH_K-283_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAkq7FV5JEkKC6jLltURiGum1E6oEdto7 --3bdSYNX1+i57iYmHAb37CgeaVbz84cqLzjAZy8rmFkADOEFm67sLtzNTlWWtxEbz -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C19 --PeerKey=KAS-ECC-CDH_K-283_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=028017c2a0240fd746ee72a0bcae1e53e05b7af254298094c381e735523854ea5fdd4f5c -- --PrivateKey=KAS-ECC-CDH_K-283_C20 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAU6JNIPR2LdiHPSL0kvI --oblbtAoIwWwyh0plK1miJSE5Qo2soUwDSgAEAVdOF84mMRxAq/MkP0iJournSoNB --qng4VRBW9DlbjwK9wye+AIbln5hTSPP415U4ALHXXhQVISScQ/4GFpE9tdHUvVQA --q85V -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAVdOF84mMRxAq/MkP0iJournSoNBqng4 --VRBW9DlbjwK9wye+AIbln5hTSPP415U4ALHXXhQVISScQ/4GFpE9tdHUvVQAq85V -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C20:KAS-ECC-CDH_K-283_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB1J1EryTSTjMUkDOcO9lIi24XBPJYcHz --H5FCBQZ9ZLGkyFMUAqq9uB/+0sABrLtNC3vlOTBOMuQx4C34sZKtdO0bSwYGv8kL -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C20 --PeerKey=KAS-ECC-CDH_K-283_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=02603c00998deba52db12814b1f77b2120cbc1dca59009c0d6ea40dcbcabca32c50380d8 -- --PrivateKey=KAS-ECC-CDH_K-283_C21 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAetvbJGogKVGIYXGpwDo --Y3uPRH0J0bJRRg/lfxv0Yu/d3a7AoUwDSgAEAxswJhBDiDdM+3x7TvZCEaR+ILlW --Gju8pTUWBAt72ig3MJRUAk+K6yOjXhwiIllnx5EYaMhO/dhz27zLx2Pq1n5yojJK --pMby -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAxswJhBDiDdM+3x7TvZCEaR+ILlWGju8 --pTUWBAt72ig3MJRUAk+K6yOjXhwiIllnx5EYaMhO/dhz27zLx2Pq1n5yojJKpMby -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C21:KAS-ECC-CDH_K-283_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB+wp2i8wTOuo1eJJ62BUpOT1lTTuWdJc --HcDhLMOPdouD2v/uARLH1KN/7IQicaCoItN2N+btVRkHEwAa7+EbBvfh004A/N7L -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C21 --PeerKey=KAS-ECC-CDH_K-283_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=026a719bff31da4b4ebaed7bd043064f9c3930b5774c4a99809332c808aacba4b9e3733a -- --PrivateKey=KAS-ECC-CDH_K-283_C22 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAUe+TjhmfjKmphq5gM7Z --LkJpWSWxE8aUp5YK7eouHVcaQtPeoUwDSgAEBvWZ8MFJRXoy8aL/q9Tf+RYlk4KR --K2QCtQzfXCNf3Rt5Dl6vBMzx2KS/63f/MpDmWsYB7luX/BsYaaLrnwt2J36AZsCG --d2xA -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBvWZ8MFJRXoy8aL/q9Tf+RYlk4KRK2QC --tQzfXCNf3Rt5Dl6vBMzx2KS/63f/MpDmWsYB7luX/BsYaaLrnwt2J36AZsCGd2xA -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C22:KAS-ECC-CDH_K-283_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBh71k4nt+PgnOmYqQZVBHpRIuxt3+wgA --vlJetaagOxlmVxmpApaG+Ed/tcdp77CCyz8aDHnbVcsmTiESwOd557VY9wBFgWoQ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C22 --PeerKey=KAS-ECC-CDH_K-283_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=048c48c993040619536f45482c494a39b32e75fe69e478ba06e376228b79eb83d3ff9168 -- --PrivateKey=KAS-ECC-CDH_K-283_C23 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAeGQC+Ya235VVZ2ZoLfZ --NURW9RUeL9e4PABbELFgBOvodsBooUwDSgAEBC7Mmf9ItT9mGbSEr4+lmyNKmByc --PpEHu9HNqszoGIXQbgKpAYPaDX/ufz5w4Rfw6KSnQsrRCu/NxKq5uzFFgjdoavtP --rPOp -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBC7Mmf9ItT9mGbSEr4+lmyNKmBycPpEH --u9HNqszoGIXQbgKpAYPaDX/ufz5w4Rfw6KSnQsrRCu/NxKq5uzFFgjdoavtPrPOp -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C23:KAS-ECC-CDH_K-283_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEB51XYO5u+XhRi7zlNrAxxlWorPVgRJe6 --Q94L62h3pUfD7dRYBCGzBR3TY5bSD/zXzzT8oCJRbdS/+sc/yZWunqgUzg5AJ/fG -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C23 --PeerKey=KAS-ECC-CDH_K-283_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=05d85b16bb2a0d32c73d1402838bdfa512d744fa88c74d3d90cf714c2480e03363d5c6ec -- --PrivateKey=KAS-ECC-CDH_K-283_C24 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAAQBHkwdwIBAQQkAHfkGrLQnDTFiKvHbUMS --YC5x9gAZAnuYbg3tNyU1wrapM6UzoUwDSgAEApIzI/FwB0Ii06aih62v09H+EnFd --V7kbH/R2orT8w4XeJh7MBMxJjWfGJnzHxMLUClbNwqbnFe3YsqlhTusz0Lb9Fiy7 --hacU -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-283_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEApIzI/FwB0Ii06aih62v09H+EnFdV7kb --H/R2orT8w4XeJh7MBMxJjWfGJnzHxMLUClbNwqbnFe3YsqlhTusz0Lb9Fiy7hacU -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-283_C24:KAS-ECC-CDH_K-283_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-283_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAkeE09PV6AIf/tiicJqfVNU5XZj6RCpl --WgXdlCYrYDWW+L/xA+jjngjM5V4b7S3+DS+MFBsGQB26A37LOEdEkwyBeNFGQWMk -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-283_C24 --PeerKey=KAS-ECC-CDH_K-283_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=066abb838b5f12b6fc15ceb745600686bc2d5773e53469c2ee920cfba5459a1cab20d153 -- --PrivateKey=KAS-ECC-CDH_K-409_C0 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMIS3EePGCCLnD6aCi1 --q/sORIiIs1sMi7CfgGYW3B7PIt2GI32TfBv95it1rmVZU/xrL36hbANqAAQAaKP4 --sS4C0Q4vUglVJrxASLj2rDqEUxdyhweJk48a7/gT4F5QnqlYfSt+SqFDRLrD7Ebw --ANHOtAx9XzKX4pVfDz6xQis+a7v79+tRi5wXro1A/rhKrzb15b2WB1srTb5TisAR --lirHBQ== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAGij+LEuAtEOL1IJVSa8QEi49qw6hFMX --cocHiZOPGu/4E+BeUJ6pWH0rfkqhQ0S6w+xG8ADRzrQMfV8yl+KVXw8+sUIrPmu7 --+/frUYucF66NQP64Sq829eW9lgdbK02+U4rAEZYqxwU= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C0:KAS-ECC-CDH_K-409_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAXf3NvYRYyDK+7W03sIC1AUIGC/gERib --geHzmY9UCGB6RrsVCsR7yqr95HuKe3L0eLwi0gHfTvSzfgEk5Vtn81ht4kqIpsXZ --iFQAfUsMS0zNaNUfr6dji75VXWC3Te8hfGpjxbQGj7c= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C0 --PeerKey=KAS-ECC-CDH_K-409_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0176bc5c4036ce5125493a58dd265f04d190f028366f7799f70aedf29ac67b5b37c37238593377a47944f5b639f43856dbd560ec -- --PrivateKey=KAS-ECC-CDH_K-409_C1 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNlGIu3eW5FH0RyehoG --dEQN0z0litL9x7mPr2SxHn6M5ejCHnmfH/L9KdTJSqFYliBopZ+hbANqAAQAMsV2 --hFLzwfO8VIeTea1CCJEmd0Kzf7CW7nuMIc7tAEHpRwzsO+3LeZ6QvbsxGSCD/wNE --APnGEikn+4JCRtHcHOD95xpoSagtQQZdodhSVqmxl5v38oY2b8izJIk+vjTlnARg --BzmUFA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEADLFdoRS88HzvFSHk3mtQgiRJndCs3+w --lu57jCHO7QBB6UcM7Dvty3mekL27MRkgg/8DRAD5xhIpJ/uCQkbR3Bzg/ecaaEmo --LUEGXaHYUlapsZeb9/KGNm/IsySJPr405ZwEYAc5lBQ= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C1:KAS-ECC-CDH_K-409_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAQxMaKnxpioyZVa22XennNnER2wFsa3U --os/TBoJJo8OSOCJCjTUsXXTl1krM7tvapu++TACGaulA3TG15uPyCztNh6agLHgX --PICqUQpu3/hSxinmBk3118YA/Zjljo6MZiu0uWyLqQU= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C1 --PeerKey=KAS-ECC-CDH_K-409_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00575d9e7f70a4a1c5c807b6b5d6b7330bdd764db2aa60f3bfe497e6bfe90f038fb4f6acf7ac06efc3d157c3dc907b2ae093c6a2 -- --PrivateKey=KAS-ECC-CDH_K-409_C2 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNssXw/whq0jlw3F8eR --EY1HYeLFGYa/FHlCVU3FoYv5u2xnvbupCKHouo53kPWaOXE09oOhbANqAAQAK4kE --GK/FeXyXRqRMoFk2euBmO88FgVaGDGE+4F4R2j8veZxwpo/nL9XawkadqhgQcCne --ATVpBLGXv54GV/Q0nSUruzdcZiBvwNgxJZm9vv7oYI7JSNzkhoB7qlNe0GrayceX --Y0cRqw== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACuJBBivxXl8l0akTKBZNnrgZjvPBYFW --hgxhPuBeEdo/L3mccKaP5y/V2sJGnaoYEHAp3gE1aQSxl7+eBlf0NJ0lK7s3XGYg --b8DYMSWZvb7+6GCOyUjc5IaAe6pTXtBq2snHl2NHEas= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C2:KAS-ECC-CDH_K-409_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAeTVgNXprYFnHGzWYtVWm6/k11qk9Emu --1WvYAGGVIMnzLE4jDE2RscQR+QhtUpG6E3AUogAMj/tCOS/zl7vUZ5cvPtJR1aB5 --ll2gsdKjzBbDHSVdzpiGk3styUHqsNi+i7zRWqbtltY= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C2 --PeerKey=KAS-ECC-CDH_K-409_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00ce87aa5e7700384df59d3f1075d282c1aa511391c42ef609b8de1264eca8f7737df91565c73ee884ea882d47c56d979141f0f2 -- --PrivateKey=KAS-ECC-CDH_K-409_C3 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMR1DvAjanOXe/JS075 --DZMk3ggDR/9N+GZF0yVgOi3/0o7K8HdexTyvWlVOr4toSH34hlShbANqAAQBJXtq --vUcNKUtZ3a7azVRdz0OAiviQ9XYoiAM0L8Yes5b1YK90NC4Qu5TSJMJNjlkA5bly --AdzK2X7O9Dh6HPUSsW3VvHq2FfvFCHrBnV/Cdi9hW0kE6jk0O7sYXbZKGff3Ds8N --VXsV6A== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEASV7ar1HDSlLWd2u2s1UXc9DgIr4kPV2 --KIgDNC/GHrOW9WCvdDQuELuU0iTCTY5ZAOW5cgHcytl+zvQ4ehz1ErFt1bx6thX7 --xQh6wZ1fwnYvYVtJBOo5NDu7GF22Shn39w7PDVV7Feg= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C3:KAS-ECC-CDH_K-409_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEALfRk1TK3MlHCCZ67Ysj5ITjKgOBSwJq --gA9boB6SBMQwUuTUfG/NkjKWVODpAVsBL3k0SgF5lcFXlsWuk+CiB6JwcAT7saSa --DUf9QE8S1XhJ2Dl81NLG0rS5D4ZEA9Ss0Woyt/9Id7Q= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C3 --PeerKey=KAS-ECC-CDH_K-409_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00691dd6b5177702d6a0b1f8b07f3b018478680de7ee079272ff75659335c96afcea7650caa01f996aa37946b78e14a83e579fb4 -- --PrivateKey=KAS-ECC-CDH_K-409_C4 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMNayWWVtUmd33ttSRq --GS8MBccnCjtOZKnWyHfNBtKWKhrITsLYl2X5Z/YETy36VpAxB/OhbANqAAQBk6+h --O9Hggc7l3xKG/kSik7fRsQwpCl8q574tAnNgCaJtg6qqkBeoyL9g76Ffzq0Hdn1I --AdAv1mp4BsTIRF+mFSVP8yu5wdhaOQT5OcEGHiUNPrZBMTCipVcJlHlTEOltw6/z --uCGK0w== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAZOvoTvR4IHO5d8Shv5EopO30bEMKQpf --Kue+LQJzYAmibYOqqpAXqMi/YO+hX86tB3Z9SAHQL9ZqeAbEyERfphUlT/MrucHY --WjkE+TnBBh4lDT62QTEwoqVXCZR5UxDpbcOv87ghitM= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C4:KAS-ECC-CDH_K-409_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPKhHM06U8leqY8xRPt31KaE+aH0I+uB --46i/viK2gPIYcPWMrraUbGs7hzaZz/0xQGP0CAD98m7t5sunJIJAcgkGzgdsxDIt --GLx2g9IkC6aEds55AieAsvpU4PfHZSi3f6Yx/lq7W5U= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C4 --PeerKey=KAS-ECC-CDH_K-409_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0136f5c04cf9a56db24ad99bd286feb800aea38d44f819be1c2a9dba15c635c4e122893570233a4c5754a41499eafa39a35aa57e -- --PrivateKey=KAS-ECC-CDH_K-409_C5 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNL9zUbGVh10B9jBsoS --fbihpfWXcZwNEOHWj11IVb8HYFeQaR/NDYtdsTfT/CZ53nWgZ4GhbANqAAQB04Zk --WqpI4v0JUOaprOnf9iyPXpTNukW9c8a+a/e3Y6LJqAeEYxLaOrghwEmsCGH4Izfw --ACpkNu+KEmGuzDjIIdp3Sjkf3Md1DJQ32d/mTIIzUIE5mfD9Twfx1tmAdAmGErxS --BEJJ1A== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAdOGZFqqSOL9CVDmqazp3/Ysj16UzbpF --vXPGvmv3t2OiyagHhGMS2jq4IcBJrAhh+CM38AAqZDbvihJhrsw4yCHad0o5H9zH --dQyUN9nf5kyCM1CBOZnw/U8H8dbZgHQJhhK8UgRCSdQ= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C5:KAS-ECC-CDH_K-409_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEARdEn76mstX06OTTmnIoQkzwb0Vr8645 --vB+yqZ5Bg7cW4ZT8UHRlZk0AnVvO46QmupMsEAEUbTK3DwnmX89p65rmYWLRC9BD --ad6OgYf6nD0bXdom8QtGnNSSXKN+CZRBV1fmiV5YgUU= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C5 --PeerKey=KAS-ECC-CDH_K-409_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=004f684f9d559d16485f0023bf012006265ed81f06fbc1441334a559e5500a3f77603565013694023e0d8f44fd12dcf69eb8d654 -- --PrivateKey=KAS-ECC-CDH_K-409_C6 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNp2mWQEDRcaQD97LMd --+bq+2+QlM5gpCzQBL7E0vFkUdXLmKmD1yszth7D40f98BJ3+lpKhbANqAAQAOGhw --GffCGd3ZVnsg9eoeilBFHdQL9bZfey4TPebzbko/j6L5d+/pIPhF0XbIpXAjzFXC --AUk5f7xCus+FxZ4EU13x1ScVdh7qmX1P+HIEhmzcPUpUwkJa0hSnoN1ZL0qZGrdo --yPQEvg== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEADhocBn3whnd2VZ7IPXqHopQRR3UC/W2 --X3suEz3m825KP4+i+Xfv6SD4RdF2yKVwI8xVwgFJOX+8QrrPhcWeBFNd8dUnFXYe --6pl9T/hyBIZs3D1KVMJCWtIUp6DdWS9KmRq3aMj0BL4= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C6:KAS-ECC-CDH_K-409_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEARmYDxEUne5eLC0AVh08JqQqWkTodHZd --3aTYGOpwTtu6I6vtXgi+ktZV155VxbxUeHtN1AE2az3aPph5xEgd3DZ+UcHAVBlF --lkY21QIWh8KFxH1A55/38LtWqTrFYL6Ny5cPWLI7EKc= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C6 --PeerKey=KAS-ECC-CDH_K-409_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00137894f637460a63576824536944cddb42dfe63169c84040a0345ad7516ec4f1ad00bb4de20ea6ea43824b9b0f74dfa6881cfc -- --PrivateKey=KAS-ECC-CDH_K-409_C7 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMG39qzyhsqKCHO/bWH --K7lfAjFhrk4tVJ0PsfOCVjQTWESRZX2xAcMjUUgyw2P2NqnmnoOhbANqAAQAPpqb --XyggZuIzhw3LAMSu0tc6Mx951JyNXC2TkIsO9ecrdIgU0biEBkLXW3qaVTAbHnyC --AQhfV2keBK+sbohOL9vY34AvTUNbzmESMasydHYerV4uajRKU/M8D6FW4xMgYvcr --zaP8DA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAD6am18oIGbiM4cNywDErtLXOjMfedSc --jVwtk5CLDvXnK3SIFNG4hAZC11t6mlUwGx58ggEIX1dpHgSvrG6ITi/b2N+AL01D --W85hEjGrMnR2Hq1eLmo0SlPzPA+hVuMTIGL3K82j/Aw= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C7:KAS-ECC-CDH_K-409_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAfo5tdM3XUMkeslQAGHr/3oMFbjF3+nH --UXhDhsmBhg3m4blYTaD0IRlBfzIzgpCRCpolngAr3s1QK6ZKbyHQj6QlA4nUJwMk --RW6UQWV0lccq12D7NIMl+Jt6VASiwhwqoHcRvPXzBBI= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C7 --PeerKey=KAS-ECC-CDH_K-409_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00f03b0b43a351311689eb1d3fc457013f294a7d02ad850c72e4ff9b64ce68a47beb49bc5bcbdc828534f8c8a5e13de5fe522eb0 -- --PrivateKey=KAS-ECC-CDH_K-409_C8 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMpsvyzCFlql1xbTNHn --UmfFQk4Ad0EU7CBRpXGymXZhifrSTpL5bj1SdzbqSANnvb3QUw6hbANqAAQBTHVz --mb4gHgiv2LSmcefTttf4hESYq1kuG/aTFTR86C29eF1FkiZg1NDSf6KwrGLnB/zs --AJjwdz0+/pwpCpkuygWHXTRj8HNrLf70r/2f8A+WreUzmZF96gdMeY/FNXOPDFaJ --okR/hg== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAUx1c5m+IB4Ir9i0pnHn07bX+IREmKtZ --Lhv2kxU0fOgtvXhdRZImYNTQ0n+isKxi5wf87ACY8Hc9Pv6cKQqZLsoFh100Y/Bz --ay3+9K/9n/APlq3lM5mRfeoHTHmPxTVzjwxWiaJEf4Y= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C8:KAS-ECC-CDH_K-409_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAbJV1bt10llwMB3p4OOVmhIgXVEfjmTw --QqAclQ20cbHW1YR/dWae6wvxh/FVnbOyKu7AlgF+WQz6hVNJE2GYwt3YpSEIgkc8 --ndWRwC4gLKBAS7yfY5HXOuAR2smWUVXSZQE5/i5U7Gc= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C8 --PeerKey=KAS-ECC-CDH_K-409_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=018f55b81f15f862aed042f37433050ac61718c9939d432b2a20e12d647f99753b8dd5127cf8963247fe7e1d5ade1442229bc646 -- --PrivateKey=KAS-ECC-CDH_K-409_C9 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMbmAFcAgLqFkF5caNz --BCUIOb1qbl2DSX9/k/D3Ryoh/OS+W+d26QlZ28QaDoXtIlg36NWhbANqAAQB/sCf --lFcWFOfNjpWOvNei/NjCSNQIzbo1ljBUXDE4OSJ3TTsk4gWR2LQelU4WZU/oXLrK --ADHg6x3RzkZ6i3jRDSW53pLP3Cdzgx5uKKFS0CripaUQmUzAEEYiVEQepBEhwGd/ --tBeL2g== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAf7An5RXFhTnzY6VjrzXovzYwkjUCM26 --NZYwVFwxODkid007JOIFkdi0HpVOFmVP6Fy6ygAx4Osd0c5Geot40Q0lud6Sz9wn --c4MebiihUtAq4qWlEJlMwBBGIlREHqQRIcBnf7QXi9o= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C9:KAS-ECC-CDH_K-409_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAOz3Bk9Sj62uOAyzgphIEQR6DX3ZqN6O --dvgXiqYAaed6lIrPp00sd6doUWWamBlwVNqNRAC5jhNJf3dgcnEcQsGNv8jrjIUj --/2M6+Yih8kLtPDxWXRjPIk+HUfKULjYLoW4PWDCVKRk= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C9 --PeerKey=KAS-ECC-CDH_K-409_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=002b560d1949297dc7e1bbe8ce49a595762924afcf0271e9c493c18ad5cbfcea5f3900c7b793ae5dd44f48884b0bc3b52c66e05a -- --PrivateKey=KAS-ECC-CDH_K-409_C10 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNHO87LE3cR5eiXY6QP --d9vi6owlCdIJBk45z5Ba+qkBCF+OeVybgBfJpdChuWgSwSSj/7+hbANqAAQByOmt --xIFuZgb//14afUinhUw1qvBV0xgz8Mq96LvE0kWOPNPIKkr4B0X1lbO6Evi1wM6Q --APxD8ZO1WJruYphXNeNig3TdRahqYbqveMIfpueHhW6muLiDFlQFcYJYZc5rhXit --1fqmnw== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAcjprcSBbmYG//9eGn1Ip4VMNarwVdMY --M/DKvei7xNJFjjzTyCpK+AdF9ZWzuhL4tcDOkAD8Q/GTtVia7mKYVzXjYoN03UWo --amG6r3jCH6bnh4Vupri4gxZUBXGCWGXOa4V4rdX6pp8= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C10:KAS-ECC-CDH_K-409_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAE4Fw02sRObhsIzfrmNXwg23pUTcJT3/ --HCPU26hxuWeBtqYWONc4Zdr+CpRDw+wyiFfSPgEibEJ3eLsiRiTNIVST16TzKk8U --GXkjZAlQXYz1jYHf08eT5ZVDp4AxTzzY7hdmTcLkY54= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C10 --PeerKey=KAS-ECC-CDH_K-409_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=000b43cb539bb4bb42f195ffdbcdeb482b69301c0155a840cd381f55c465a8e57ec51d6555871537b56bf84a1544cae2b2b8eb38 -- --PrivateKey=KAS-ECC-CDH_K-409_C11 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMg3d1nE0pBg3i6oN38 --kRHAou1JKyiVad0AYb8SJtI1vapSA9Pvor0BQdKs4nw66Oba8R+hbANqAAQBZ9V3 --sqQ8wafYimvog8KNv0jD4fvyGtg+en49dT+wttP4DNE3b9mL4mD0lHV83AYyVtWy --AV7XADt9K9XgNZMDZgrdCQBJA5z33zlpieoYxwL3BMRc9v3nrQctMSU9HVKV6cXR --1cYsOw== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAWfVd7KkPMGn2Ipr6IPCjb9Iw+H78hrY --Pnp+PXU/sLbT+AzRN2/Zi+Jg9JR1fNwGMlbVsgFe1wA7fSvV4DWTA2YK3QkASQOc --9985aYnqGMcC9wTEXPb9560HLTElPR1SlenF0dXGLDs= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C11:KAS-ECC-CDH_K-409_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAW9pYP0jV9L3C193i+XgqnFVa50vTM6x --T3gS2oWKuHKBi0YQ1BqPZiALQ0NCIifZ/d9xLgCq9ZKnJedzg4iJa5vp94wcPWly --ufmQNNAswPl3ap9sL5t9UB91vhhZmwiMTFiBxmFG5bk= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C11 --PeerKey=KAS-ECC-CDH_K-409_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0113dd2cf8732ceb8a893e149f13d52026e5d829322d0f1233a624fd6b74d56e7e6374d70942a25152ce5073831660333fb3e070 -- --PrivateKey=KAS-ECC-CDH_K-409_C12 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNgelplMhd7UvI0knF9 --0Keyr5jgSIT3cHXkYEQQxQRKCEYezzfE76PtwstmfIS4ZBWTa3ChbANqAAQAClZ3 --rGwA0mRgVNvr/FNtsKmzUaJAinPgg61i0YL7h8uAMixTlVPs28ITzoTGbd+NwdI0 --ATJ6CjdpJA/aRflLsHNhx0qoyNEZQUp7VmbiWjq2iBl1OWMlp39UGhuiaAEqgsUR --DSpJ4g== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAApWd6xsANJkYFTb6/xTbbCps1GiQIpz --4IOtYtGC+4fLgDIsU5VT7NvCE86Exm3fjcHSNAEyego3aSQP2kX5S7BzYcdKqMjR --GUFKe1Zm4lo6togZdTljJad/VBobomgBKoLFEQ0qSeI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C12:KAS-ECC-CDH_K-409_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPVJxH3I6S/s04tXUIlYgORJ8eMavgux --6syEKY+DYQjlowjMuVeNy9S+YXd1LrIx548BHACTZj7D/LVNZ2iXv8ldteVK1u6h --7HtGykvz0lNYOfEByz5tXxG2o2v0A2PDHJ+IE3hiZ08= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C12 --PeerKey=KAS-ECC-CDH_K-409_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00c8e62ac25c11e86b98642e4ec7adde9d9436f9337369fb065abc9ea784f90b8b8bebae35da92185486191dd9f49370b1148ce6 -- --PrivateKey=KAS-ECC-CDH_K-409_C13 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDM02ppFNxHwSgseobmv --cB4Nw6Vc3VheQ+Ps9B6TTsr4gP8WFNzlzJkqaa3fxAja4bCbjQWhbANqAAQB97/0 --NVR6iVFtAX0b2sTNo2BBoNPf0DJYVisuKPQM1k9q4rcEV3c/lnXP/EDAIeRwKwjW --ABPFmnLwyD9buQoL/ueYlS+5HuMpyYxLWRT0Ra58hIN2cFK19SmXRiFUXdzWN39e --OH1XPA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAfe/9DVUeolRbQF9G9rEzaNgQaDT39Ay --WFYrLij0DNZPauK3BFd3P5Z1z/xAwCHkcCsI1gATxZpy8Mg/W7kKC/7nmJUvuR7j --KcmMS1kU9EWufISDdnBStfUpl0YhVF3c1jd/Xjh9Vzw= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C13:KAS-ECC-CDH_K-409_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAEEeXUyW413ptUHaX6xpEzZGLIgtjozk --1utxIUF+cJUMTZUC9kVl1abPpzXJDu+Dx7hh4gCWuQTjfKHC21mlRhVifhwzVhYP --4XUoSq3DsvoGugswqqB8hOZOSGUuX+swNZUGbg+EaPc= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C13 --PeerKey=KAS-ECC-CDH_K-409_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=012505746f1a40ef75f950595211ce04f87f1daffffdf8c12600a9e2994c8c1d8b19c0e0559adf9a94762cb983569de6d0d8baca -- --PrivateKey=KAS-ECC-CDH_K-409_C14 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMxQa+7qLTZ8MvoKX82 --WHMZZzlGXj4gqJr5/fiwHRlaoQUuYXa1+thWE2trMg7r/AjBzQGhbANqAAQBgF/8 --V26KRfBil7IzXQOryK39Fa03522A07QYDV9y78kPPysDas2Bf0D9SQZKol6jg8gu --AfItprUKxWKJQ/BbFBSTyswPArzfO//bQ1gjQ7aGFXYaGAvX0asd3BX1N0qPZl0T --tLkScg== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAYBf/FduikXwYpeyM10Dq8it/RWtN+dt --gNO0GA1fcu/JDz8rA2rNgX9A/UkGSqJeo4PILgHyLaa1CsViiUPwWxQUk8rMDwK8 --3zv/20NYI0O2hhV2GhgL19GrHdwV9TdKj2ZdE7S5EnI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C14:KAS-ECC-CDH_K-409_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAA+oJD8ACjOYgIofiP/Fo0KWj+5ceyap --4f+ibvqIXnThxWICfZXbCMwVvSWj/BGrTcE8ogD+1ofHGX/xrrmA5yo6fDGBQgUs --I4mwhm2zuH5cgCXnm7T0+Zb6Y1KrnLIBcu941v/KkG8= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C14 --PeerKey=KAS-ECC-CDH_K-409_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=019a71ab576546e2351aa92b6075e8229813e6a2cb3647147b192b4597f1217223e7197d846c0d65ea0d4aa4c503bd000ba312ba -- --PrivateKey=KAS-ECC-CDH_K-409_C15 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNOUXeWysnXx1MW615o --lj/mMkeB+rmG6UAgDnEd2/mILZmmIKl2NS4klnSM+2Hcy/bWWcyhbANqAAQAVqRS --+x1VgHnD6RvyL4aITKiXiIBv59bWykC1SFB5133EPkZqcSWXksZf9qtyBAZsDmeo --AfKbcj2ffU3mzML5cIB5xdMK5dlg5ip8T23Ji/yVtPUx8ZfDlIZwVDJZQgPCUUcV --bf1bXA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAFakUvsdVYB5w+kb8i+GiEyol4iAb+fW --1spAtUhQedd9xD5GanEll5LGX/arcgQGbA5nqAHym3I9n31N5szC+XCAecXTCuXZ --YOYqfE9tyYv8lbT1MfGXw5SGcFQyWUIDwlFHFW39W1w= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C15:KAS-ECC-CDH_K-409_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAL59WAQyY6svQiUtQbWC2GLCskPOGFdg --gb1u3S9j8BZPNlyuZyaNIn85RGd+HBRq+GS4rgGkvLxkFthll6FIyk1hDuZWoAAm --zmBHvZ+9QNiVMBlqRpOuWV1plWUDudKrSqvnyVihTGk= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C15 --PeerKey=KAS-ECC-CDH_K-409_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=014f4b7ea93c9dd846d2228c2b6a8dfe616057232b7af845a570cb6cacf9feef2d8ef4fafb285b38e63cce0a09b4d82dbe43a390 -- --PrivateKey=KAS-ECC-CDH_K-409_C16 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMcgLZNUegCVpnnvixL --mDz6S36RsRLi7KX50Mt+PU+Fr/ezOpIeqhJMtwAuq2KXPWXha8mhbANqAAQB/Q5O --r7JsCMn450fUmR9GjHa0hkFm43ZCtYPbKFpLxMM5eZF9kSmpHLCnXBrufNT7q3PO --AEaO+rz0SPzOgh896B6ZTXmn2Z6piayB+hNfesiLFUx2eQnGgffkjACy5mu664+G --iPRGcg== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAf0OTq+ybAjJ+OdH1JkfRox2tIZBZuN2 --QrWD2yhaS8TDOXmRfZEpqRywp1wa7nzU+6tzzgBGjvq89Ej8zoIfPegemU15p9me --qYmsgfoTX3rIixVMdnkJxoH35IwAsuZruuuPhoj0RnI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C16:KAS-ECC-CDH_K-409_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAR/qWNnjbPjtTvO0L3fM6pO/VCrJIUHc --LAlAYZhfPfeG0ZKle+4HJVCzAlg/D5QoMBsbdgGz3MG4o1RSZEJzhjKeuB/pkmVA --QGlHgcDYsnweSUQrmbq5Pvlmb+oU1IQ+5LxbBFrFDBE= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C16 --PeerKey=KAS-ECC-CDH_K-409_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=001fe2ed30ad4143c5eeb0b7622e6aa49e4e4d51c1ddc467b3fc54215dae931be0b6b6443e716895acb6570cdc21fcbdae46e5d6 -- --PrivateKey=KAS-ECC-CDH_K-409_C17 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNDyWwyz2SLA2ESQhrb --qpJc1UF1q6055Wgb/J60sbZJrsHIduwexGEPGzsGUUpI5up6SiWhbANqAAQA3hge --gbnnd21HRpSi0STQuHbZVI8g7jOGMElF2RMfkEV9m5ON8JiwNb7ar4DtbZeUBPxw --AYGjUW2+qdqX1uzs2xD5bVRGnSc6s2bomkD9ztzxvag31cFL0QwLaiqcikeBASXH --ZN017w== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAN4YHoG553dtR0aUotEk0Lh22VSPIO4z --hjBJRdkTH5BFfZuTjfCYsDW+2q+A7W2XlAT8cAGBo1Ftvqnal9bs7NsQ+W1URp0n --OrNm6JpA/c7c8b2oN9XBS9EMC2oqnIpHgQElx2TdNe8= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C17:KAS-ECC-CDH_K-409_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAMqAk0C9EzVLYHHQc+Zbmw0rrILiKr/K --x+cK/Z0iSFLw4hKXbl7II+uJUOArx1ns9W95qAAxKB6JdkAaq1j6jq+GNv6wExcL --yrV4G+CijScznpRw4WbH9oXy6pFDMQ3KGzq44cjmBZI= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C17 --PeerKey=KAS-ECC-CDH_K-409_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01610efb48fd22261921f7484ed6382fceb6bdf28f3bc2340a175b7971b93ed5ff357ed55e5307bbf42e40a5b3fabdaed0ce19a2 -- --PrivateKey=KAS-ECC-CDH_K-409_C18 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDM2NoVLjuAlS7LQ6+3H --ILZrIBKaIfGk/jkRjP3U0Tfb5eVw6+LEin+awhz/PlrfR0NGl9uhbANqAAQB78DN --GobOdUTyX0TmOgkTwR/WsIvAmtjNgvOvfjKnp+ys1W4lUmWJMTh51Kf9Q4LUEU5K --AFo073QDWZwvg/PoMplSSJPyQY/5XWwv3Ao9uXDmL93PTNoYKqeLVP2MLoGPse4t --0ndnYw== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAe/AzRqGznVE8l9E5joJE8Ef1rCLwJrY --zYLzr34yp6fsrNVuJVJliTE4edSn/UOC1BFOSgBaNO90A1mcL4Pz6DKZUkiT8kGP --+V1sL9wKPblw5i/dz0zaGCqni1T9jC6Bj7HuLdJ3Z2M= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C18:KAS-ECC-CDH_K-409_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAHR5WwqcoHBJH7VKO8JJmB3vvsA35AQP --dmVkKLFTi5eFA/gfgK2e+XxeEnulHsBAWEuaIAA+zifz2u/nvf/fpyeyr5WvhZGv --lGzd/jfoVkO40XnKi5UpEG+cXzqVqIGSJfnX1Kcw/SI= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C18 --PeerKey=KAS-ECC-CDH_K-409_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=008d990982aac8d5371b867de21e09064fef30e73321337dc24f19ad5ddb6c4ad217136b7c61e360a73fa7571d526c8f514a06d4 -- --PrivateKey=KAS-ECC-CDH_K-409_C19 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNJmKBioyFwuzWJVNLC --SW2ohiAIJ/oTVmg2ribjjVGSbKPSAlife/on6iLTmZc9tvn96fShbANqAAQA9xWQ --sEKQtfPNm6DjlKO+WhUU9F5TSX9s3tv4OXKOAogTXXaeSyiTLIdYI/4lbokZl8R2 --AJ0WunJqWp4JEDvJSgnYB5rI7fI0EMhGn3n1XzNVz7OtcDYk7G117OrjiB2iCQPH --HeH1rA== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAPcVkLBCkLXzzZug45SjvloVFPReU0l/ --bN7b+DlyjgKIE112nksokyyHWCP+JW6JGZfEdgCdFrpyalqeCRA7yUoJ2AeayO3y --NBDIRp959V8zVc+zrXA2JOxtdezq44gdogkDxx3h9aw= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C19:KAS-ECC-CDH_K-409_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAR62TtQknhGVstEwejWlFNZtKbpvkET5 --wCtLLTyz49TAzcVInN37liJsnOPjb7j/Lu8gjACZiAsNDUPFxXmtd92uaPLJF/Sw --YuqNd3uc30Zcu1kQfnCZJxToy/rHYpbV7emcSNOKiXM= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C19 --PeerKey=KAS-ECC-CDH_K-409_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0155dc98729c8c1bc65eb8a3ec09135f46bfa313bf56aa3169e312db8991abda338f8ac7a75bce42884068efb7e6e625939d2b88 -- --PrivateKey=KAS-ECC-CDH_K-409_C20 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNaP4Bf48Mmb+s+C7fa --Z2G7EXYYvFevNXtT8Znm5MvBKBl1MhQD6m3mGOwy6GuMoeENfEOhbANqAAQBrkYO --EkhQTTPWftdQ8dYY5Tco1V45DfwY2UtW27PTwL3JbJLKHsqfRPuKWM823PzAWIy+ --APcBH8Mh72JY3Pwf3CwKTlTIbsk5vJzspsKRdQwf9UCzSkGHk4QqLFyrYGHbvptb --4/phFQ== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAa5GDhJIUE0z1n7XUPHWGOU3KNVeOQ38 --GNlLVtuz08C9yWySyh7Kn0T7iljPNtz8wFiMvgD3AR/DIe9iWNz8H9wsCk5UyG7J --Obyc7KbCkXUMH/VAs0pBh5OEKixcq2Bh276bW+P6YRU= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C20:KAS-ECC-CDH_K-409_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKFelqd26tuPigthNgM1y1AX19lxFkiT --QemVFX8a3xeOVii60+gwvuVEMxGRZIhttcNGVABVHKVgXkrgU0U0oKs0PQOaO6eh --zOgyxNZeJrrnq45fnHSz1CGlKOVZd4qye1mq4akW1Os= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C20 --PeerKey=KAS-ECC-CDH_K-409_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0109e85c684d027a625ec5e6df952e2f20a14ed5b092d1b1b38435251303844d230fffc53d84b923555e1e1cbebe20b5d68c3bc6 -- --PrivateKey=KAS-ECC-CDH_K-409_C21 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNVkB6bZYa38zcmYOvP --6QJJkAyQLXxjKo0X+uIdP94wNzJbV3XqxaF0oe4rP/K8XOadjMGhbANqAAQAupUi --M1Mbamx63m8zjST8ZXd7XTBSl+ZtMssbxQbFvKIofTrNM/4ZZT1siKBuyjcSzpyq --AHFr6xTwIjNjDzRgPjCb9uJXLwt5HfpMWCr2o3q83WTo14WpXd/1m7xvvht/xzVy --Xvzwug== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEALqVIjNTG2pset5vM40k/GV3e10wUpfm --bTLLG8UGxbyiKH06zTP+GWU9bIigbso3Es6cqgBxa+sU8CIzYw80YD4wm/biVy8L --eR36TFgq9qN6vN1k6NeFqV3f9Zu8b74bf8c1cl788Lo= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C21:KAS-ECC-CDH_K-409_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAWQn5yvFfSapEKZyLqwsePuoq//MvBGp --+Dd7/iE+2a1kveKuhof4/x39sptdzs0CJpgowgCtT5q8IdoNMfGWWc07DBhVgUNq --wIsVwLSKesOe7QPg7pfhZM+qWrx3RBLL//lKnqKpY2o= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C21 --PeerKey=KAS-ECC-CDH_K-409_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01ae814e02c4684c21dd7e58a65ec51ec68c37e59e299ce65608186c0acce08e41c8320b1941a611fe66b1921b558d7f402d0eb0 -- --PrivateKey=KAS-ECC-CDH_K-409_C22 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDMESuQ70kfnWvp72Nwo --51vbnd2Z31ZmjIMUVNwo8+mkTs/Ue6hCCihvHvNy/SmzZd+bgvGhbANqAAQAICaU --83jXCWXUKCitXzcTe/i2POwsDRWOW6lMqx+OYeWjAJhro0mzrfPvwF5lZwr4jNPW --ALrw2krtuXL4iiFd+/9k5CkPrcJdo/DYPzXmW8QXfTAl1x2O65xBRw88cZ4A7x+3 --VS5qiQ== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACAmlPN41wll1CgorV83E3v4tjzsLA0V --jlupTKsfjmHlowCYa6NJs63z78BeZWcK+IzT1gC68NpK7bly+IohXfv/ZOQpD63C --XaPw2D815lvEF30wJdcdjuucQUcPPHGeAO8ft1Uuaok= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C22:KAS-ECC-CDH_K-409_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAS6J3M35dYUazPApTPS94SWckHptOs72 --nxk5tVjE0hFSLk6qxhPjrISRyT3rbTRKn4esvgGlJgjq0J0tsSOg3Hgqsg3beT1b --twrJXFjmIUa+tiu2aP1X+SA45Fhc3h+R7oxSUmr+sbU= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C22 --PeerKey=KAS-ECC-CDH_K-409_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0140e7db3f6415d884822ccc7316a329dfed177b76c0117abd722feca889bee4e14e65d26c6cc935c0e94205f05fc1a7abfb0348 -- --PrivateKey=KAS-ECC-CDH_K-409_C23 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNW1zcwdTracP2AHHSc --Lx8aYe9b1uy3lqnhXv6bvmFY9mlUJ4c1D01kO9pvPoxkI7gXtTChbANqAAQAJaBr --caCuJS8vkFIhmD6/ziGtlhIaXA3MXvDQ/sMB7HfvS5FYGP7c2n8/1zPH+eUpB5y2 --AAJokNUwO2Gcf4H2D7grJrC5jY8kxFyrQaRO6zo6MSlE6Im0A14ENgswUEPjDQy5 --BBqJ3g== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEACWga3GgriUvL5BSIZg+v84hrZYSGlwN --zF7w0P7DAex370uRWBj+3Np/P9czx/nlKQectgACaJDVMDthnH+B9g+4KyawuY2P --JMRcq0GkTus6OjEpROiJtANeBDYLMFBD4w0MuQQaid4= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C23:KAS-ECC-CDH_K-409_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKupOuHRVSiAsx9QP8S+n5HRAkfxTIFg --Ff+yutKauBgOe1CicUTgHCHmPD2vzSUTCLrHaADkq2blFL0Cq+rhxxI3iKaSWE3b --SpCaIX+zXeZliCM9re9wNv+dnyTro3cuL6MDe7rmPP4= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C23 --PeerKey=KAS-ECC-CDH_K-409_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=002ec4deac3e83d60ad39969f2f93b49f31875831ecd51ea5c37ca48de081c0c8cc660edc53a222f3043447f9cb752763be7494a -- --PrivateKey=KAS-ECC-CDH_K-409_C24 -------BEGIN PRIVATE KEY----- --MIHBAgEAMBAGByqGSM49AgEGBSuBBAAkBIGpMIGmAgEBBDNisCbUlyBmDPak9Wm+ --mN+hCMjroII0rpqH88iLbGWTS5loFTIqFvmqvtEzF793Jb6lgI6hbANqAAQAD1KS --U5TLUrwzDgY5DAwKLhDtl5cUn7zIjYD7yuwXPiSgXa75hAHV5H87dlvtu4JGMShW --AT2ZwXEIBdX8fbclmsnhNLQR0A1z+wdi49IRzcVr9/cUUS0EpjDIcyVR7nNCh0ds --9RHoNg== -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-409_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAA9SklOUy1K8Mw4GOQwMCi4Q7ZeXFJ+8 --yI2A+8rsFz4koF2u+YQB1eR/O3Zb7buCRjEoVgE9mcFxCAXV/H23JZrJ4TS0EdAN --c/sHYuPSEc3Fa/f3FFEtBKYwyHMlUe5zQodHbPUR6DY= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-409_C24:KAS-ECC-CDH_K-409_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-409_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAKpOuJhEPM4+0sBy2Fh3WsIhwk4z7Kbz --FXlmNUS7M6SgaKhtE/FntlMExffyX4lfZbL0KACDze0wIRtm8a3xcxi23lDXckwF --hJleBotyRwOuCO1xoyszSYensx1sJjcVKRcyfTeszTM= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-409_C24 --PeerKey=KAS-ECC-CDH_K-409_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01c9cc05d19f96c4d233039cfbc43ab68d657bb507f46a353091fe98fc0f422a8e7593c195d326977a2be6bbd2cb44eb1fe81650 -- --PrivateKey=KAS-ECC-CDH_K-571_C0 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAXPNFjHhjs4Btzs1 --cv+qdJXEvIH0B4rlDWnLHjOKzxNGkRcRKSEWbd8tKfOp+OEMZ+iMmpkgOoNFZb52 --rFkSZDZzmmr6ApzFoYGVA4GSAAQD+/u8+6YJFX9oojEm2AX3x177Gb77WV46l14I --/0a9NMi4e5ZFwOhuoK2RVGXVyFbGm7m3IrDRe/l62VxGAt6hfGtRIFTLItgHHBbf --ceG3G0vT2ZOIJ9OVkJO52x/4a+1zlEpC3LZ8wzEC4owdDpgEpkUGVvS/M61y7Pe7 --g70oLN5LwV1OSAZKqK0vApefXz8= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD+/u8+6YJFX9oojEm2AX3x177Gb77 --WV46l14I/0a9NMi4e5ZFwOhuoK2RVGXVyFbGm7m3IrDRe/l62VxGAt6hfGtRIFTL --ItgHHBbfceG3G0vT2ZOIJ9OVkJO52x/4a+1zlEpC3LZ8wzEC4owdDpgEpkUGVvS/ --M61y7Pe7g70oLN5LwV1OSAZKqK0vApefXz8= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C0:KAS-ECC-CDH_K-571_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDEGpcHZI6CZDqjGAIw2w2a1PlYiuY --RkBEdB+8eEAoTbi79gKGbDDMv1+bflnMHZv8xblw+mJNqbFfbLM29d2n5rmSTV3O --RUMAXFx7vVp4msTGKD3rDQ03xIUrqlfWvCsKxjN/6wlwTETRs4W3DMOU+iNdg+bn --EReH5X0JAsDLEyoZCm5i85hRHAwsTNUNRXA= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C0 --PeerKey=KAS-ECC-CDH_K-571_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=003198a6b5d6cce847e24348a6a6ceff7a89ed3794d7acedc4e858c80ad04a74dbc02c7038e05ab26b2a299ec92ee0d2c7e66a81872a5157fbc5d4d37ad598d6ddee995ed28a2d74 -- --PrivateKey=KAS-ECC-CDH_K-571_C1 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAJN+2zqilWPSJIWR --yftEiYUJX5E6dFgxVZPPzofmj7DxpSW3MQoQEXbjTUXBAEU4lU4gRFQ4F8qw1WPf --bLDV6GF7u6FQ51XhoYGVA4GSAAQCNjzFYksG3xlWvvpZfUx1fMKxABo+FUTSRAgp --D2lId0VbqS5WCIRi8P+svTk8+DW1a3BGoV1Lck3Gw1c8sVbA3ymKqLElXLgECfdz --uY1e3Cc02DWVMoG4KsDhXZAtiHp8a6dWKaN2cbEB0Y3f3EGT2YsYVRQUxJFzAEUw --95dtJ8Jzpz3buJj8tfrenAu3iD8= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCNjzFYksG3xlWvvpZfUx1fMKxABo+ --FUTSRAgpD2lId0VbqS5WCIRi8P+svTk8+DW1a3BGoV1Lck3Gw1c8sVbA3ymKqLEl --XLgECfdzuY1e3Cc02DWVMoG4KsDhXZAtiHp8a6dWKaN2cbEB0Y3f3EGT2YsYVRQU --xJFzAEUw95dtJ8Jzpz3buJj8tfrenAu3iD8= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C1:KAS-ECC-CDH_K-571_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCESI8S3KbIGvgH4CFqZfh3eXNsnwE --iSWic2m8ymo+L7/GVjfx7OsTO+dJZ5oXsc5Ygh9GvRhEqJzwBCyAQ8sQXgGj/JSN --JmMCsewubiwjdbRksKUCxQU7WzSL0IF4xyxgMQXQRoGWpGldwmfW4QnxsSdEU7bv --8U3fN4OWnoglZI3rwhav/5JY9kTXfs2ZEc8= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C1 --PeerKey=KAS-ECC-CDH_K-571_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00577147459262e5ad42f222827f20ed574b2118924205bcdbd339ce20cfb085d072fd70f4ca1f5768fafaeb5710f7ccbea4fc2ae5377b0cff20a889a2201739139bf788a9bf2d7d -- --PrivateKey=KAS-ECC-CDH_K-571_C2 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIADQJmwdz8CHuDT3R --hccEtRWKlDKNqgl2j61YBN8dovwGcZDPECjDAje/KkjaE6uuNaJcPmOH05k/m1aD --Bbi/CBj/Un3YIF30oYGVA4GSAAQGdNzE91XET9q9wHhIgQe7ZKRgupMsfhhUhMzS --f6hwAxEH6ZVSBLBjC5tNNgjZqpMdfHZswuRYeOttjNlr33EbL+i0e40jPtUF2Wvm --t+K6dMgDKvGcovKznS/U6MibFWtrJcLqT3H3SgLKfaKkY6zXYF1TUP0WqckFJTTn --6B1kjkBgorAcRZwmDLZWfaH8UxQ= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGdNzE91XET9q9wHhIgQe7ZKRgupMs --fhhUhMzSf6hwAxEH6ZVSBLBjC5tNNgjZqpMdfHZswuRYeOttjNlr33EbL+i0e40j --PtUF2Wvmt+K6dMgDKvGcovKznS/U6MibFWtrJcLqT3H3SgLKfaKkY6zXYF1TUP0W --qckFJTTn6B1kjkBgorAcRZwmDLZWfaH8UxQ= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C2:KAS-ECC-CDH_K-571_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQATUi+WZ67HtYCRy16h/TNIID0TsKI --Vf7MOpzd4lVReHq9J8wdp+d4F+lMnAKJwAWg4247z7DTgejMloS2990FF38W9j+H --IcoGLPca8KL441xNf5MSvTSoRqOA9j8NxylMGIdxAzV+INHw7v8xKpk96yoez8gK --6galtx5Pi5zvrrzTJiaRkGT4ivQW2G4+evM= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C2 --PeerKey=KAS-ECC-CDH_K-571_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=014662b261d0bc2168642bfa4f80c4b3fe8176f604ad3703f443ec7aaa3dcf3c5465b869a8fcea60b8f55ce7118806c5d28a04848bd961db0061209b59bc02979acce9324d7c0c31 -- --PrivateKey=KAS-ECC-CDH_K-571_C3 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIABVHQ433b8teKuaS --WEW7+wO0++glVhbsf72XtI8RJpIhn08SdebSRT1bzzusQQbwFhuBGfSH2ItfjI4I --s6oXuD/gEQLXY5LToYGVA4GSAAQEJ+LcEe5SI72cPZQYx5EUaC+R3aBufYjDOafl --bg37Y2tuY/3oo4EUbstwXKIC0rc99AhFF2PFFmBmqX/05PMvC0zJQjRLCy0HYMij --iOLuon72g4x9RQUuOMvuIJbL6J93R3QTQHZljfkMYsfcDj/emV16mQkJkwCatsU1 --Z329s3bxg+tQktLLaog3tr6jXc0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEJ+LcEe5SI72cPZQYx5EUaC+R3aBu --fYjDOaflbg37Y2tuY/3oo4EUbstwXKIC0rc99AhFF2PFFmBmqX/05PMvC0zJQjRL --Cy0HYMijiOLuon72g4x9RQUuOMvuIJbL6J93R3QTQHZljfkMYsfcDj/emV16mQkJ --kwCatsU1Z329s3bxg+tQktLLaog3tr6jXc0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C3:KAS-ECC-CDH_K-571_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGvyUuYsmWkXGpcXZx2g9wMulSCkl+ --yDH03HdqyH4BlK+ZVGxB0IBI6gbakjXPE2nD6lPmuMu3p/1CljVFSNRO30Y/d600 --GwIClNX35zbc2JkBmOTg8LOYuKxqh3ZK9gFZYjSi4WLJxmfkfrPZh++66wO142ma --OO+VPHT7KP19ik7Fo2MZzMRKGaqIIB3ay/g= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C3 --PeerKey=KAS-ECC-CDH_K-571_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=051ec4db0622b7b1c798366453c70f959376ea3942aed2e931ff62a4019eb12ba5ff119214c8bfd8bdb66e62b562400f2d3d48a84b1b3baad3667f735ad4d0f183bdb91aaedcf1f1 -- --PrivateKey=KAS-ECC-CDH_K-571_C4 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMe0JSypsZLF/qqa --IQ/YTi5IMgJx8Q9n6p6zCw3oCG1Z2uBCWf0SsIbYkOItRdJ9fIRV3Petp5bjXjox --ODQsxza8PtN4HEEZoYGVA4GSAAQDJWI4OOixjYG2gGBzQlTrArjrsiZFVvyYUMNt --MDVEmqdk81Hbr3u8qbmtsR8nzIihrG+3GqEO+NDQk5Kwyn6qelzBQHjMGLsAmPx2 --VtneOlGSPbopDsvkE++NlR8k6SSMtVIwn5cSf7lCns9t0Htt6JTharYOM7TucwJM --y+hm3l4X8bR43HcnobtCNxggsS0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDJWI4OOixjYG2gGBzQlTrArjrsiZF --VvyYUMNtMDVEmqdk81Hbr3u8qbmtsR8nzIihrG+3GqEO+NDQk5Kwyn6qelzBQHjM --GLsAmPx2VtneOlGSPbopDsvkE++NlR8k6SSMtVIwn5cSf7lCns9t0Htt6JTharYO --M7TucwJMy+hm3l4X8bR43HcnobtCNxggsS0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C4:KAS-ECC-CDH_K-571_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFcB5jsBwWxOsZk4JluhNMrHMWJ44v --HrQKBHdUSL3tl+ejfQH+2KTgtD/026IaR3WczUW/lnHdIu7GW0r/i424nf4+SQwK --ydYC3Ze2QVruKwHP6zzSoDV4q/7Zyoe+mibYmVlah7y9lydI+moL5OtVfmnG0o4r --uhWA3HTidR18zZGMRrS+aHWk5MKQ2VnCPBI= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C4 --PeerKey=KAS-ECC-CDH_K-571_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=05b355eb5c47d8027b6c5301d2463b99c636db207792e2975ab1a53c1cbb131280288432a79a3b47271d6a2bd777298baf8a675f66be9dc72c3588d299df8b52e7840322b43c2071 -- --PrivateKey=KAS-ECC-CDH_K-571_C5 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAGbMUZgNOFG0iMLB --gUlsg1BfuVex7EqE3x4QXjDQAry5eLbQvcO3ZE7T37wzymv+Q2LNjMVBdAsN6M8u --3M5FkuNPoRrCbskioYGVA4GSAAQHcfop5ZMNbf0206nnFZZ1/SPQteH9muZFSsqe --gSfx5+P1MitcFrCVVzsyZtCPDcMwQ/+z17COTgUu0/A0mjKQJepv8+FmhUcCL5lP --mXRpLbtuWMx65fkGUu4jHgo5YVadxkbRFFIqN3dBDBs1LWaAefgAELtUDkwoQIZl --gQ/mH9YOcNMMaI6rj94ENk3uXJs= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHcfop5ZMNbf0206nnFZZ1/SPQteH9 --muZFSsqegSfx5+P1MitcFrCVVzsyZtCPDcMwQ/+z17COTgUu0/A0mjKQJepv8+Fm --hUcCL5lPmXRpLbtuWMx65fkGUu4jHgo5YVadxkbRFFIqN3dBDBs1LWaAefgAELtU --DkwoQIZlgQ/mH9YOcNMMaI6rj94ENk3uXJs= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C5:KAS-ECC-CDH_K-571_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDL6GBb9IxfBa1sZol1G+l5FqxXuny --sdEnTCoGAjmU2zCfrVb2CzzlfzLfx9BFqEt9gFIyvjTH51lRTDCiUge6gAIVsgYP --BMIEFGlZPVdIByuayP3gIwlSibzfZasb/AhW+D6a4GyJcwO9FvXkWCPWX+yDEP1D --MrZc/0enma9PfIY44tf4WUjEPxBTTJgMy2I= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C5 --PeerKey=KAS-ECC-CDH_K-571_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=052bd78bf1326c6d91840a351d4874d36b147139882356c595b8607f9998773092a99adf70adeed19e122d4d2fec16285f000161145135d96355cba039a96335e7716724c249f88b -- --PrivateKey=KAS-ECC-CDH_K-571_C6 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZkNFfosyQ54PUMi --AXhLq1a20p0fJmWnbNAT65b2MA7Y92K3ilWWrH6MHnYWfxB8IEQ7GscyEB6fCsoS --VRpTbRUt8rPbDyDeoYGVA4GSAAQHbD1y8OcV8kkbydmSeKjvPDkLOpbpmXs35be9 --il8Hr2j44O44krY/8RKnOoSfDoSngtT7Qm618vFa2szp5UdqbazPOn+popEFQKdj --gjWZ4MhgJ7rMjLsw46JGcnb8T35f1O04XfxviD/te8pp3yGgZotV69KS2o/WNWo+ --xc0cdiwBRzqgZwBMrO2tVk/gaRA= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHbD1y8OcV8kkbydmSeKjvPDkLOpbp --mXs35be9il8Hr2j44O44krY/8RKnOoSfDoSngtT7Qm618vFa2szp5UdqbazPOn+p --opEFQKdjgjWZ4MhgJ7rMjLsw46JGcnb8T35f1O04XfxviD/te8pp3yGgZotV69KS --2o/WNWo+xc0cdiwBRzqgZwBMrO2tVk/gaRA= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C6:KAS-ECC-CDH_K-571_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD5j3UyYwVE2HJkCt2OuMvLW3nWVP6 --PWg4wdYT1Ej8pzvzAtMCEqltMrlUnhfFzzlcVlGR9qItrE2nweGp2brobr+3LILq --GZoEFgmrnBLBXlEnAF6+/2/R9ztpEu0HCvh/X/wh35A93h1xVYLdL2mQQCAARc26 --ns11isTQhNTI14IZ9vrZTTQa132szau1Sis= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C6 --PeerKey=KAS-ECC-CDH_K-571_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0226c28e5a6bc735935f9df2c1b02d096d4dee41ffb95a67905aab8de1b2d8c66e2bb471293091438d3f05df7e48003e58a958b72f839f7f2e2c54287fa3cadcd41a2542ae4ec03a -- --PrivateKey=KAS-ECC-CDH_K-571_C7 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIACsJN+cx9Z3d3w6U --+6krsabOuBnnZZvPbt1LSvScLvJcW2A5JW+Sg2PhhASxZT05mAVMLCWj+DoMVUih --OePmoYB1Z0bNNO4poYGVA4GSAAQCcMTADeJwkBDHzwR6DOabh/QdykjTW3H7pLJY --iG1zrkLe+4ZTlRwb0+tM4OYXWpRsZ6+md1NHXFH9UlsP2fWiba/KMZ+qXhUGaAu9 --woFQX10/vil0SpmeB/9hJXaZP2+L4xE9se5s8jeZhnu8gKFAN2qbYydFH5i/j9Hb --RvnZzAXohwTVcS1FZ+HfQNOeme8= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCcMTADeJwkBDHzwR6DOabh/QdykjT --W3H7pLJYiG1zrkLe+4ZTlRwb0+tM4OYXWpRsZ6+md1NHXFH9UlsP2fWiba/KMZ+q --XhUGaAu9woFQX10/vil0SpmeB/9hJXaZP2+L4xE9se5s8jeZhnu8gKFAN2qbYydF --H5i/j9HbRvnZzAXohwTVcS1FZ+HfQNOeme8= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C7:KAS-ECC-CDH_K-571_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQG+Rp84Rupvy3h/gcPnchDu3F8MG2c --Y7UHjSoRMj8gycDXt3Q9MR3azc9d0A9JixmWcseK4l5oZNYr3BaTXW+42tIILTZ2 --6/MEWTxbrRLD1lXGYRx8qXEfnjKij+5Us7gkOWKjxV1B8sGF5MWLeimY6XgCG5W3 --JGNdrMvX/DDSByB5e8KRNixVsCSssr3PPVk= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C7 --PeerKey=KAS-ECC-CDH_K-571_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=051a3deb052d3e99bb6ab6c6b284db2c998e9bee543e02e57f1b13fe9fafbfe53a89658c58eb947dbd178aea2f6cb28e305c9867bd65bb26f71793f90c984ca11113e1a8dbc8f7d1 -- --PrivateKey=KAS-ECC-CDH_K-571_C8 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAc1Bz/diQCqDTn4K --uQj8VJQPaXtQAipN/tjPCxPX4O5SP78z7paTiV+RjZThWwhGVdYbIpTKUcQSP+Xg --ho6dDRysITjwV3oXoYGVA4GSAAQGEHl7vG2RMRgK5Uq2bmeAhJJYNpdBRw4HbPBe --B4W7TnkAuQjTjY2rO5QnuVKt0g77dYz/gK62QcTd4e7aVQnzhtVlhVlgnO8GjSUV --9CWg4wN1RzQvG2/5MXY/UFLlNupPeDd7XJQUWcjCIBSCr8882nOQ6eXTGUUYZMoD --aDVBqyzXep2I/XphDKhF7lzT1Jg= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGEHl7vG2RMRgK5Uq2bmeAhJJYNpdB --Rw4HbPBeB4W7TnkAuQjTjY2rO5QnuVKt0g77dYz/gK62QcTd4e7aVQnzhtVlhVlg --nO8GjSUV9CWg4wN1RzQvG2/5MXY/UFLlNupPeDd7XJQUWcjCIBSCr8882nOQ6eXT --GUUYZMoDaDVBqyzXep2I/XphDKhF7lzT1Jg= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C8:KAS-ECC-CDH_K-571_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFqyp/EKyJ+YxAlYCrwRrZDJM2Dmqy --gpILWdMWyp8rI661CHbLG8vo7prmtVM/3NEa1PhtiRjWY4nah8mL8dYyO9CUfYCZ --CDsGieGUcnZ5HcuVJxg+MqCAcrfgPcrRdf48/Xvu/ISNzvSDOAxgBUEThccCfJpS --tgpuU3qHU4DSW8R8e/I2TdaKZvIdD1eGakI= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C8 --PeerKey=KAS-ECC-CDH_K-571_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00697c751ddbca7034fb4d3fc1b2618daf78cdae464e8332d1215020c8f896f4864c7a6f2c61a363f730f58fd3bdb4f78a90b40aeb83b4fbc1d8d37cf6a27a6f722c68a82979fa16 -- --PrivateKey=KAS-ECC-CDH_K-571_C9 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZ3/DXKosELE6S8d --rnQHv0oQbNpWTbdQjlp2sDEwyR1eXLzy9XjC6d7kOEn5Edd3PUwmfigsJ3tzH4im --7w7t3VIPV+dD6/lloYGVA4GSAAQFu2Cl/o47Fzz4QT6vQToyhqWnqjePIURsYQV2 --lgEnRtAtEKgx94XJyWVh/8atT57N9JN//9jmmECOZg/olvftRK9rO0LqhJ8Dfjo1 --5Iqma9hRxZ+FHUof8zTg5YnawwmGrNBtbrjOI28qlojyeKFNz+BmC1+g6X7Pzrv1 --tA09P1FQpVRay6YjnABBmsctwsw= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFu2Cl/o47Fzz4QT6vQToyhqWnqjeP --IURsYQV2lgEnRtAtEKgx94XJyWVh/8atT57N9JN//9jmmECOZg/olvftRK9rO0Lq --hJ8Dfjo15Iqma9hRxZ+FHUof8zTg5YnawwmGrNBtbrjOI28qlojyeKFNz+BmC1+g --6X7Pzrv1tA09P1FQpVRay6YjnABBmsctwsw= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C9:KAS-ECC-CDH_K-571_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQANAkcOsb8UpnfGPFi6veiB/wVQ6pJ --jnJy4VqSdy9XdyIpBpRW4hnJwocr1TeDsPsTRfXoRnTENEEpoxQUa3Aw/HUZeiDF --iKoEnjo/XuZYdeFAEImXBji4B9+XVopZlcj+L1Akc7g/WMVWxfIU7W8D747OAUAa --ITS8BB9mki/MTjk44MbTAutCIAZ4qXE58pE= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C9 --PeerKey=KAS-ECC-CDH_K-571_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0322517da30e010aeaa2ec9bad2745d8e67f906294ecd6b1d16808be3837f79070d0e1bbbd617f4b8b031d3b51ea2acc59de408a130138c78571f8800fa907caf550d23323d1c818 -- --PrivateKey=KAS-ECC-CDH_K-571_C10 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAeFBbUKZJsq+pUe7 --J3ZxClL3EwOTCBAgMSs5Yhletu0XxtQ2vEaltHp6qs+PgRf+o8r6FmZcwYRbDslP --r2h1ebHBFroYPoJfoYGVA4GSAAQGVmClhoihZYipwWuCcgQKMK/jFQYwZ2Aj/hZW --ht+9pk/IWZXdwYycWwKb/71N/6j2KYnGOaaGI+yngAnLCI7hy0LEhVt50wIEksOG --fxN78nh6erBWjTB5uNmh4LC6XSnQx7phbQuydyXaLKa8Z78IT6tSWZ7UKw70h0NC --PLxvQTVpLDCa4mMMxKU5C+k/J0s= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGVmClhoihZYipwWuCcgQKMK/jFQYw --Z2Aj/hZWht+9pk/IWZXdwYycWwKb/71N/6j2KYnGOaaGI+yngAnLCI7hy0LEhVt5 --0wIEksOGfxN78nh6erBWjTB5uNmh4LC6XSnQx7phbQuydyXaLKa8Z78IT6tSWZ7U --Kw70h0NCPLxvQTVpLDCa4mMMxKU5C+k/J0s= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C10:KAS-ECC-CDH_K-571_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQFe3xlvFHoe9rTfCtNrmf7AIznH9MH --LkG3fFYtfEF0iHKiC++FF7pL6JY33emOK6GzsB9jlAcT4oI9jatopcx4Vh3hQIXk --z4cAundDClVgCJ36xPaLTzSTejhN1ge8u1+rVnen+uCe0Hz63jmeh86f3ZOXxoGq --M3jOO8grAH9t5PfLltrfVaTIc0o385pcLyU= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C10 --PeerKey=KAS-ECC-CDH_K-571_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=000911ec1cf82a22c849b401dfe56453a06f4af32644ea8b63135b68a979236d05968eeadca7f0cd339d295cc58967a7f38cfad6e947a71295733e42ca3c1ba9b4ff6195607bb530 -- --PrivateKey=KAS-ECC-CDH_K-571_C11 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAZY2Pu8aDlvpfY92 --Af5A/0AQ9JSfAWkIqQbtXNrxIh06WTs6Rna+r9H6FLwPfFM7FwhvIH+cSEz8L7w9 --sr5BI6jobztJEczjoYGVA4GSAAQBsS44kU7gB1qIjW1hzcdXDFEdkKnjoOJzjDqZ --gauauppsYUYLrQeaKEKaUgfSyAGvL9zto2ZEChFoZ2Xpunf3prxVAS1MlRAHDt5Y --d2Zf1jatz9ByINdF7XrAqbAgIVn0UMn2wbg3GSpp7mrZVTJ+uc0yagWItZcj206P --0lixHbiIpT6xTyvghRJogykFmJI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBsS44kU7gB1qIjW1hzcdXDFEdkKnj --oOJzjDqZgauauppsYUYLrQeaKEKaUgfSyAGvL9zto2ZEChFoZ2Xpunf3prxVAS1M --lRAHDt5Yd2Zf1jatz9ByINdF7XrAqbAgIVn0UMn2wbg3GSpp7mrZVTJ+uc0yagWI --tZcj206P0lixHbiIpT6xTyvghRJogykFmJI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C11:KAS-ECC-CDH_K-571_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQG+nR37exfHnQogfjXsq9WN1ET6ZK3 --l/04frW1PDPGunI2QXssfm40YmfxuMbXhX1uCPmmDobeI9pLNoQk+wA/lrTIn10k --SnQHPh/t9i6MgSg2IrU+ss2ye2TDwd142gyQ3Ww8d2rRRjAuQ6ulQTebyPO93C4Z --/xXZZmTOLQnrb7WxOEioKzG0UtjoTaO4Uxg= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C11 --PeerKey=KAS-ECC-CDH_K-571_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0724c979affb3ab8d307529759bae5fa67319d441851e5817fef014350e3014e068428c9dac395c5e7b9e5b8877457b3e4625ef49ede4ae3626755eefc3fb3cf09c23e8a5a9f8c25 -- --PrivateKey=KAS-ECC-CDH_K-571_C12 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAKGaDt9Qg0f0QCzs --vOEn3GQQsZZ9P4nms7oItIqtCM1speXRIozcxBocOA8q6QUtc9t1UOejwdhXBWyY --lH9bLHHDPE7rwSEMoYGVA4GSAAQGKfcFWDCHCOaSmxrQ/jEoqK9/llkbR8uOosNF --QSCm05PtmJ0TIxxmGWajeLln76ZNPAk46cC4sWyZ1zSb3Vni1EgE+P7h+0cGpeUP --1QJNiVPjIkKCMlDpmMpgK1JZlAUSlzWodOgzs71z16ncU63qCSuo0kIH9epWV6KZ --GbiKbWP9CpQ7Vt3kyEeEgbV3I+Q= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGKfcFWDCHCOaSmxrQ/jEoqK9/llkb --R8uOosNFQSCm05PtmJ0TIxxmGWajeLln76ZNPAk46cC4sWyZ1zSb3Vni1EgE+P7h --+0cGpeUP1QJNiVPjIkKCMlDpmMpgK1JZlAUSlzWodOgzs71z16ncU63qCSuo0kIH --9epWV6KZGbiKbWP9CpQ7Vt3kyEeEgbV3I+Q= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C12:KAS-ECC-CDH_K-571_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBi7bL/L+67UaFZLNo8LCrw/vKR9zB --nyyEa/ooc3DhuRL2tw4IUZ9XfwysMlt5/Wa2sjqh4q4mK80ueossLZjZ7XelTHKV --+Y0Fvpu9kXcrtCJmq6nIk+VmcM+2bK++RAHKLLV2W0aVBISFl8f0RumYFHRnhxWK --g+v443loVzY6jgT4dCoJ1+yhY4bWD9fIWN8= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C12 --PeerKey=KAS-ECC-CDH_K-571_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=005a526588a3a2ce08b20925e83987eb0a1e68f997102df7f9af83823ac8e06abbd29c04cb1f974ba9c9ac49b48b5af37679a39b532d359cdec3d41b3f80a1ee12c80276256b738d -- --PrivateKey=KAS-ECC-CDH_K-571_C13 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAEysP8wAc0RCzdgO --r4JEEsIOqe6wPUO5mdSd5hhzYCAgorPEeWX29FO5G3osHZPhOolURTPjWhIs/IYS --yGkLabt6VXh1+WCyoYGVA4GSAAQD4hHDtJhpJ8Q4jRaAy0dw3ubHgmZyRYLGbMxQ --xssoI5R01SH6zHIGr2uynM7XM+27wNILkmTOY9lDcYjj0xwOC8Pp+diEKeQDenxZ --ASqC1ZzB4vD9T9dR5XN6y3fyoHmeCvOJlqteEQkKY5bMSA5vKqvY+tRGEWkeWCIR --X9SdKgAMm0nR9JZOJNQ/u4H6h58= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD4hHDtJhpJ8Q4jRaAy0dw3ubHgmZy --RYLGbMxQxssoI5R01SH6zHIGr2uynM7XM+27wNILkmTOY9lDcYjj0xwOC8Pp+diE --KeQDenxZASqC1ZzB4vD9T9dR5XN6y3fyoHmeCvOJlqteEQkKY5bMSA5vKqvY+tRG --EWkeWCIRX9SdKgAMm0nR9JZOJNQ/u4H6h58= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C13:KAS-ECC-CDH_K-571_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDIYS2hj4stbxxuv9ba1ehBZSDHMEa --nl7t7EgE4gFuPdBkz/0Soe6g9pMpEd7TRazlwf8lC5ZI2TuVM4ba6bVijDxiUnuJ --BRkH94PgNBqHHmJW2jSeu1OfiHZ9fawVEePD5NQ7D9MdXdLC8PF26sVEqHH0K5g/ --j7pN9nq2ojm335lyJjBLcxZdli9OHS0Y3p8= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C13 --PeerKey=KAS-ECC-CDH_K-571_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=049db68dc9fb4cfbad8247ca4fe7c573c0640abead8f319194d665ecaf4f04b61f84f5df0d8a6386f6df04ca1a685a7394567eba5deb9f739b1e623ed6507021593f0e22e2dfc3f6 -- --PrivateKey=KAS-ECC-CDH_K-571_C14 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIANUUFE1FSLz8vPVw --Cffo7hBLFUVvSRgmvf2bpn6HH9vY/ISQ7LyyaQkfx1KeXlVxOoHeIMDtAeyzFZrm --FCS9vFZTcyWH0elPoYGVA4GSAAQD7l+He3N9rkC6+R4MxYHf6NKR+MRR1b/AtpDf --cCWHXZVp1SAhs7aJDgGiupWJnikoqQLNXcgUPAfqJnSanJQGi1w0xZawlD4Fjhul --FqgYyumzcIYofgiAg+K0If7wtZuoFqsDE3XQnXr31XhmdEaHvju0HOInbTo4+Xu7 --n7WfJKkvAIWwTuXtGsDvpnE5T3M= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD7l+He3N9rkC6+R4MxYHf6NKR+MRR --1b/AtpDfcCWHXZVp1SAhs7aJDgGiupWJnikoqQLNXcgUPAfqJnSanJQGi1w0xZaw --lD4FjhulFqgYyumzcIYofgiAg+K0If7wtZuoFqsDE3XQnXr31XhmdEaHvju0HOIn --bTo4+Xu7n7WfJKkvAIWwTuXtGsDvpnE5T3M= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C14:KAS-ECC-CDH_K-571_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHHhZ+WeKnCev0vj2D+53GntdJ46uK --VOICw1+NRd6qK9qGwq+hsKBHVNGImPzdmxhfHYui4YCkesKRu0qtj5l/c7FCO81+ --m5IFcRkIW8fLICPSP4gQFCD59Qjw25T4377dXL6IzsgKnccI32zM34FddbFGKA18 --0uuXzxp91VC+Ujgk+TKnd2efLun2bUJY3aY= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C14 --PeerKey=KAS-ECC-CDH_K-571_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0343c45daab4f91e02ef9bd6e1cd157b00ab0ab0a3e0d9734918a1d896cdf7cc1212bf74d7bb9bf96bd4abf42df325756c407217f44a5950c2b66af820692742ed7ebe14e48d2d88 -- --PrivateKey=KAS-ECC-CDH_K-571_C15 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMzG3KWphVg84AgS --w9B4IvY0HHnXjBay565Lv1v/rBrNneq2eBk/j4mw4qrlLjAxFETdESU/ltYts6v7 --F+Qj8N3w6ZEIEVTDoYGVA4GSAAQDgmIVNDz9Stlo1XK6st7iJ5+ejv+g/4Cw313S --6oIrUCJ05QfIfSQp3Yu9um64q0M7HuHK06l8fSRBlP2aQ/Ph/zMUTi24CGQHD0UI --rjkc4kFUs4hzrwCC2ViVrJL9GqMhupO+70BKY/exr6H+7Jl4hVI6ZoitqU3UXrMs --p/G7h+Y8Tel0kxlsO1PPg9IY3Dc= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDgmIVNDz9Stlo1XK6st7iJ5+ejv+g --/4Cw313S6oIrUCJ05QfIfSQp3Yu9um64q0M7HuHK06l8fSRBlP2aQ/Ph/zMUTi24 --CGQHD0UIrjkc4kFUs4hzrwCC2ViVrJL9GqMhupO+70BKY/exr6H+7Jl4hVI6Zoit --qU3UXrMsp/G7h+Y8Tel0kxlsO1PPg9IY3Dc= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C15:KAS-ECC-CDH_K-571_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHTxp7XPsO7vHhXmNRLHMYja++iOjp --xCBzsrZSufAoIU8L7HkULYiJQWq/eoPin0eee8PKZX7woQwuo63jEXwNNp2swjOd --HBIA6JkqVAdnUwKfLA6djBZua6hIlqR4X//1mMSCPlRh/wBUkLt/tth4rDT0J/2d --tIy98S65gm1o/SzxcdTWHD8nXUSUfU30x1I= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C15 --PeerKey=KAS-ECC-CDH_K-571_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04a565cb3e15236a7f6c413afeb419c082427b10a6d07ff87e81740716433c06b3254414381e4ff9860340dd6201ab6621d162cd12047a5515ab1d65f20c97eb3d7132642f8ad58a -- --PrivateKey=KAS-ECC-CDH_K-571_C16 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAYhiE2WL0X59wzTd --gAOSakR8NKGX7l1tC7xG6F7Bz6aAKFjRw2cnbKVyuieqel0eIWkCQWtIr25Cd5Re --Rl19hA3/FDhUPKpGoYGVA4GSAAQEf2zEIQfEDBaNxnmoZPlptT91YlcRO3UCeW76 --VM3M5wS5NE7kv5ZHUtaJECYr0mq2s0cIRASygwbKNCXymJTOb9QpPFlzUi8GDP21 --RnZ1p4mSO+lzxmRdvibQCjnU6BJVIXKRo4gs+o+R9KqCFNNSTJXvaiTkezudDvVf --ZwdWrkpNnGXwdfQXCy0YqvvKAmU= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEf2zEIQfEDBaNxnmoZPlptT91YlcR --O3UCeW76VM3M5wS5NE7kv5ZHUtaJECYr0mq2s0cIRASygwbKNCXymJTOb9QpPFlz --Ui8GDP21RnZ1p4mSO+lzxmRdvibQCjnU6BJVIXKRo4gs+o+R9KqCFNNSTJXvaiTk --ezudDvVfZwdWrkpNnGXwdfQXCy0YqvvKAmU= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C16:KAS-ECC-CDH_K-571_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAS1Szzv1BX16qykrk5drPvOIMuhky --ovUFSbzTFjABetIUdd8VT/N74TymGkxgM2sz0P/HYqqenp/G5v0XJQteQCK1UUHS --P78Fb3yNZcVo3pW9FmT/9xQp7HOJh2l/IX3lrfNtFKgLb+WF5GheA8gYOKvt/cBa --HgFAevSrmJ/B0Sc7qKGCxGGFbV7/5wXX3+U= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C16 --PeerKey=KAS-ECC-CDH_K-571_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=047265831f1f589b5f30806e2fb80aa7844cbf32b6993384beaac7d992b327b97dfd0bb89ca09e711507e846ed4ad003e7115fa8843b23d38f320e43b5eb506bde48fbd7af4983b9 -- --PrivateKey=KAS-ECC-CDH_K-571_C17 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAEwN03FeiIjcIiIG --nn9hGAFoUUAwPha4tENDPV4YpLGAPVaAQWrr2nrn6USRVL40an3LNsHbInRGc/s7 --JF5YRAeH7T3sbT21oYGVA4GSAAQC+yQessKKGwZ1tXYP5WY++mA+sFkIQvRVlz8F --c+FIpH5j+X6N+aVwsGVdWvxCAZ/pX+RP2wKmgnHYLfWAAQ+R3/DLPZvaiZIDP5Op --3DnYdAO2qU3AYy3sZ1eELQqvitjEHrtjcFi/wRwZo6mr3fIEIB70+W/pYpIzpQcK --CHlNFEcAkeMM3Ydqr2VAdicjMjQ= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQC+yQessKKGwZ1tXYP5WY++mA+sFkI --QvRVlz8Fc+FIpH5j+X6N+aVwsGVdWvxCAZ/pX+RP2wKmgnHYLfWAAQ+R3/DLPZva --iZIDP5Op3DnYdAO2qU3AYy3sZ1eELQqvitjEHrtjcFi/wRwZo6mr3fIEIB70+W/p --YpIzpQcKCHlNFEcAkeMM3Ydqr2VAdicjMjQ= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C17:KAS-ECC-CDH_K-571_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQH7HG+oIEZCpxM3/gJ7Stlp3gAzRs7 --7/0eQATRJqw1LSQjXHl6WlZ9rvc5PSdmOBMup/D2HlUNwlHTQfZhAvlsKr9+43wP --ye0A78KshwWy+cnAapEKMExCsa1TEBrrDRRjGdwkgVx8wZg7HK2R1fnG1e7xZ3of --LSvddaH7TFeWpMVpZKo+Q/PaJsc37dnLCRA= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C17 --PeerKey=KAS-ECC-CDH_K-571_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=059b62c25c96955b8fb4deddcf90ebe6845ee71ea357739273d6d67f21a0c47d154add9d5d4d2b657fe1988ad614b0b4902faa92fe999abd754ad33cd6b92fe2f6a68a6f2c1eeb27 -- --PrivateKey=KAS-ECC-CDH_K-571_C18 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAH1UGU/CJsw59kDT --0XublbcLUfmK1coZkVZhCNg543fiG6SMv0QVMLM0HdxhsKWBQaqmZTAkH6UpUF1w --gEslYMW+SBMQuZYtoYGVA4GSAAQC7V86LvpKsPnbX87XsTAN5NRXqa0IJ0V+XhxL --wV69GDd13ktzwfgg3UAzNmEA5ItBZNBOn7bPGkvbVRIqhgBfvQvSzdvJX6cDJ/5l --TvaFY8yIiKzKhRY8KxVPtwsPSitYw2OIoMJfgKTIh5d9RgANxNhulc/Y+QZcAOso --ZTyPtHe7tcY91HuDyl4Phx6e7T0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQC7V86LvpKsPnbX87XsTAN5NRXqa0I --J0V+XhxLwV69GDd13ktzwfgg3UAzNmEA5ItBZNBOn7bPGkvbVRIqhgBfvQvSzdvJ --X6cDJ/5lTvaFY8yIiKzKhRY8KxVPtwsPSitYw2OIoMJfgKTIh5d9RgANxNhulc/Y --+QZcAOsoZTyPtHe7tcY91HuDyl4Phx6e7T0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C18:KAS-ECC-CDH_K-571_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQGcIaGtPWtL+xFeq1axKPcSGekd+tU --/A1JNRG1Vh6hUd1Mr11DEZg1ALSMgEOvCeP0BC1aB+vwUKToAdru8zF74JOVUCBF --KykFJchoJYO1X37OxZuSCEb3XRHQIen/sgAYY59quTAiRywZLTmOFQzcYwoR/PlC --5dI4zWwUsw9Eok0vhD7F0TXdx6vaVgR6vCE= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C18 --PeerKey=KAS-ECC-CDH_K-571_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=02777c72853b76b29f69d3aa27a1659789a025af0633d833b22b57bf328d231ebd128bf96a4c8a7ffd2ee7a51e5ebb7a8e5bca20e4ad49671a2123dfbc0d6c40594e04765186de06 -- --PrivateKey=KAS-ECC-CDH_K-571_C19 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAQdAuVgoUkIEXNU1 --jX/5Iyt9fUE69+IFwoX4hJLvJ6L7hQ4FZ+wkxIDHWtMvcDQgJchiZ9vk/4CixQnl --uaRRMOmefHzIzG7OoYGVA4GSAAQD8/WFyv1GpmO2z4uDI++RWdUZXTEY8+3zhzLK --D/c7LQZdnmmuHjl4ss5txhUA97i79vanC0e7ZMxP0ZW7pqyTK3C+r+F0FIoAsVZv --5hnyzACroF4kpszLyRM4su71U9oNR31sjArExlbhNNvPMf+xXGfVib0pGPEXSQnl --QoxxyQ44xOEbViNqv6HeaoV5600= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQD8/WFyv1GpmO2z4uDI++RWdUZXTEY --8+3zhzLKD/c7LQZdnmmuHjl4ss5txhUA97i79vanC0e7ZMxP0ZW7pqyTK3C+r+F0 --FIoAsVZv5hnyzACroF4kpszLyRM4su71U9oNR31sjArExlbhNNvPMf+xXGfVib0p --GPEXSQnlQoxxyQ44xOEbViNqv6HeaoV5600= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C19:KAS-ECC-CDH_K-571_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHznZ0QD38YoldceKrWHznNfJ58S99 --8xYTNb5D/CkI6nNvb1i5MteTr/ZvMyc11NOPBcsDzydcoOANofVzgeCL/rUBeHc0 --InIH1mSfPZHnv1+N5hG9lxgYEG3y43k1u0ZM2edGlinGrn5/KyJAJ2yw7tt6JtDH --03f0AJod1Ip5PMmT+w1KBNsdutRJMwS8XA4= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C19 --PeerKey=KAS-ECC-CDH_K-571_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=02c2ec1632e83416182a9a438f7360b88061bab84f5bded3dd8a0c87baf44507df94fdcf99353b107e61cfcfc8af071b3aa8cec7b34a542bf2ab8ea0bd9db67d66b428c9a6c14458 -- --PrivateKey=KAS-ECC-CDH_K-571_C20 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAMheXS3tW8O2tVP+ --CgIxG3K8XNyOlt8XnOV1EcJqyehz/B92zd6afY5Sp+m+XHdTYgMx6Jd6mJArSK6Y --mc6KamY2YRJ2riODoYGVA4GSAAQCiapSCf57Gte5xeDmMLpeApKeobHxFNMKBkgB --K/Ap4GZFPy0o4dUDZl3Qgz8Lo35Fg7Q03ZlWEAoa5uVPltk0fYBnQdOnbjEDOv6H --sp7e9Ef/WgLmP2SQW19TrIVs/XdVrVQoEuzdVo6K4fnTL+oPAgGNz9DhbWpqJ5e3 --49yFW/22sNCyUl4UNnjVOb+MBnI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQCiapSCf57Gte5xeDmMLpeApKeobHx --FNMKBkgBK/Ap4GZFPy0o4dUDZl3Qgz8Lo35Fg7Q03ZlWEAoa5uVPltk0fYBnQdOn --bjEDOv6Hsp7e9Ef/WgLmP2SQW19TrIVs/XdVrVQoEuzdVo6K4fnTL+oPAgGNz9Dh --bWpqJ5e349yFW/22sNCyUl4UNnjVOb+MBnI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C20:KAS-ECC-CDH_K-571_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEg61zguNIr8fycdUNjTm4FLfW3AxW --KmulVlaARb0tYgkGqxEG+RN/9yWJLoQ2qM17iIkqMvGasmnirTDX8OwA46BS+7xG --YwcEHMSw8ZXcc8So4QYF8qOCkjq9I4HyTkq71AHgh8UNGPbasBol236J3/9oxmNJ --T7TQh6gWuFRE2IK+wqwl5C/eeOvMp5pv3fA= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C20 --PeerKey=KAS-ECC-CDH_K-571_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=07e1d202a54d34020939f7aed56931f21b206761e4fc79b9a7b320f81077be322ae7809446b5b3ea701618ecdb0a1796ab80407a281bdbcb4d580131b61f8743bfef7a4d9c5941f1 -- --PrivateKey=KAS-ECC-CDH_K-571_C21 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAFOkjP2o7iMs6jVJ --knsi83XWCWVgAl4hMWHUPu0C0HNl2e3nyT1FfqUeojaeh0Y+3b8loGux8ID7R2MH --SoKD3T1p8d6GUpXjoYGVA4GSAAQEeQ+dtgC5oKV+A9J0o9I6VaoNhrLW+gf6/jyd --TDOTdx3eiccKZHCjG60QXCHUhEzXv8O1lzj51sUoxBTVJPiODIYuThev9FQF3BLb --BOJInbikbN7/n42dLgDQJPZWx4HrTS2xZ2JLOnCt2qoVjKAGAdTK0GWRe+vnZpEv --q6mYf8xfyKeN0hZDqmUOakp+IGE= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQEeQ+dtgC5oKV+A9J0o9I6VaoNhrLW --+gf6/jydTDOTdx3eiccKZHCjG60QXCHUhEzXv8O1lzj51sUoxBTVJPiODIYuThev --9FQF3BLbBOJInbikbN7/n42dLgDQJPZWx4HrTS2xZ2JLOnCt2qoVjKAGAdTK0GWR --e+vnZpEvq6mYf8xfyKeN0hZDqmUOakp+IGE= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C21:KAS-ECC-CDH_K-571_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHpejrSWhJehG5DGDhPV88YcaGhXOm --ttt8IIqFbVTnT0No4oEAueC/SfwxBOFG+9p4RiOjbZ8B8j6636sE1/SP9mUGxpi+ --3REBPblo/HzTOMuOMEKhcfowb5q29shl3cW6X+mUow2PwfoScZHwjk4UuaoIalL7 --yqRtIhB/1t9TEItT/gu5a8l0wDqMZSj5eS0= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C21 --PeerKey=KAS-ECC-CDH_K-571_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=07f49ee5d822b17e3f1ec9946fad8d0a0a6b327242afe675806b3e6b7541745e21cd1b70df926af057a9f8deae4cb9a1edc782014426152e8aa4cf6a4080dad4678dc8ff0d9e1af9 -- --PrivateKey=KAS-ECC-CDH_K-571_C22 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAVpeWUb+LJyubUEs --YYwb0HckQysvHe2xMn2Kmc6DDmsDD0AlwUtOPRkS6pp4KQoc/H0BiaMMYUAQyHMU --ahgvY5GTopEu3NBKoYGVA4GSAAQDFAiH6HA5eXhp9dnbUNkbpp0L/cWmd8cAYQVi --9oDZUaXgUXyy+WY2fUjkI7BG205ovBxLMYPcgL7hJuiQFJlM34PEMSo+XqcHuNcG --liyxkvDtFMTacQ0bGwc/2MpJepQ3mnRUycPUzm5f0uY4aFKnfFQ1q7I1NtzIOYbO --3UUSdS8pXKUA8FX0YnY8KftnjKo= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDFAiH6HA5eXhp9dnbUNkbpp0L/cWm --d8cAYQVi9oDZUaXgUXyy+WY2fUjkI7BG205ovBxLMYPcgL7hJuiQFJlM34PEMSo+ --XqcHuNcGliyxkvDtFMTacQ0bGwc/2MpJepQ3mnRUycPUzm5f0uY4aFKnfFQ1q7I1 --NtzIOYbO3UUSdS8pXKUA8FX0YnY8KftnjKo= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C22:KAS-ECC-CDH_K-571_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQBPKr4zi4jIc8lbytkqomt1paMKYYk --oivTjvlN6zpw6kTOh6lI6la/DulAcTT4yXsXsfVFYf93R+P2tlb4DWB3jQW4xMu7 --zzwAR6Lco+tnVLCp/Rawgfykl7Kd0uyeanWW0GsFnCqxiQD8xYcVJHJ245DfHbqy --a6gSNaTcZzgjf879OBK3q0NskmxQxgDm6Qc= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C22 --PeerKey=KAS-ECC-CDH_K-571_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=058cd5608dd9d64d4d822baeca123358a4d7e56d3777ecdf569a149c2f85ed35479eaeaababd0b026dc3b56aedafedfc8491040413f85b669d8512a3ef7bc8fe8706b5c7585370aa -- --PrivateKey=KAS-ECC-CDH_K-571_C23 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIAL1Y4ZwF336ZvZYg --cOC0x1dgQoWER+AjtBuyl0Womkh03+MloV040vuehw9BndFfSqrGXbvFrCxUD1fN --sORbyGYhcm2SLRSqoYGVA4GSAAQB5LKid93Xjy8RnAW2rh6noqdElh4IlA9lae6I --CMU7x6EhOAZO1cjCIu7yd05wwovOOmwF86ZU4SEAarYryUOB0Byg0bCCNNYH7tjN --eoo1SbDZ74eGh579ycD0zpCzmRozy7sdNwTbk1ExOLGaUOysiA5XjeIQRvA6IABI --GAiEvELPmq/ljMHq9TbW0l8VQdg= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQB5LKid93Xjy8RnAW2rh6noqdElh4I --lA9lae6ICMU7x6EhOAZO1cjCIu7yd05wwovOOmwF86ZU4SEAarYryUOB0Byg0bCC --NNYH7tjNeoo1SbDZ74eGh579ycD0zpCzmRozy7sdNwTbk1ExOLGaUOysiA5XjeIQ --RvA6IABIGAiEvELPmq/ljMHq9TbW0l8VQdg= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C23:KAS-ECC-CDH_K-571_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHQ7PJZag+6fa9uZAaHcwfeBllRKiL --nPgRf4ntFXTlxdgE/EUREsJXh34SsKZsaTxmVcErukU12Z1iQF9Knc68BW2LfLut --oSAD76WKo6jGok9DxVgf7AQUQq6VUnXbwdRtEBVgWdJje5qCmUsCSiR9KmZyS6kN --Anh7FosfofS2dJZFQGxDj40xbWcPHg2LAwE= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C23 --PeerKey=KAS-ECC-CDH_K-571_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=03bf7a59bbdd688682c45664d20c19cb2d24fcca6772120cbeed1cde762d449ebf22855627eb6b2be6e7f7c0f0034d02686f2a4488549f8cb198e02b46972bcb88914bea66dd6400 -- --PrivateKey=KAS-ECC-CDH_K-571_C24 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJgSB6DCB5QIBAQRIARRjBw/LSii+Tipn --wpx/pIpMWFowdAXQahoGeOkJ3W6vuJhmLN2LzAGd6xTl2S0XK6HEOO8PZNgBB8fo --5oAp9OCqgUoQmco4oYGVA4GSAAQAk5OY5GOIbw27SKdPVzoSFQAGaOELV5idwwCy --+ajAjNQ9bLt/Rux3wcKUsj+GKZAn0rk/1usYIQqCML9G45IfGCySYMMIR6sD1I7G --M7naFlDqdiZWs+MfJq7Afnymqvwe18tGbqrzmT4EZwSMlnux6bSuBzojDB4vdOLm --GGZs9WoG8rZew5Vbb/uwapCM9hY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_K-571_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAk5OY5GOIbw27SKdPVzoSFQAGaOEL --V5idwwCy+ajAjNQ9bLt/Rux3wcKUsj+GKZAn0rk/1usYIQqCML9G45IfGCySYMMI --R6sD1I7GM7naFlDqdiZWs+MfJq7Afnymqvwe18tGbqrzmT4EZwSMlnux6bSuBzoj --DB4vdOLmGGZs9WoG8rZew5Vbb/uwapCM9hY= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_K-571_C24:KAS-ECC-CDH_K-571_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_K-571_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQHIvHnoGB3UNri1ixdPUcPAGwyVFWO --qqKU7u28qNML9Ku5Vd62LkF5kl9sut87+HdvFdyuNVat33lxBad7f29xIGyg5uqR --4YgDXRCMoNYgyrlrfL9hfRtawG43eSYpiGVk/RR8WOVeQjNE/08fukrw/jQVKzhL --doXKrRXTvCcOQ0Iq2HTnHkCKcabIqQ0q2Xg= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_K-571_C24 --PeerKey=KAS-ECC-CDH_K-571_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=06d410e9ba6b8b87b00d0f676de8ba27f6afe7e308c2e992f318fc14cba0a447316ad86e8e6c1d3345d8e4035735232c2c597e760b8800a89a521567b09408f9c7be279c137c963f -- --PrivateKey=KAS-ECC-CDH_B-163_C0 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUD7a4XPej6DPBBLWp73IH9 --vQYXrfihLgMsAAQDVGZwHQsAMNCYtu0jQ9NVwkyQcnEA2LwC80HSYYYN+2Xwy38L --SI2Clsw= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA1RmcB0LADDQmLbtI0PTVcJMkHJxANi8 --AvNB0mGGDftl8Mt/C0iNgpbM -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C0:KAS-ECC-CDH_B-163_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA6ZHujLaxx7GeAsGOKcM0k/DvUyOAuae --lhVBhEpKozdpp7znEPZkClYM -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C0 --PeerKey=KAS-ECC-CDH_B-163_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0100fb42d177ffe6c31378e2e04e0da7376ffe8765 -- --PrivateKey=KAS-ECC-CDH_B-163_C1 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBeNzIIWQl1L9xyPKSXdGv --htwEomihLgMsAAQBHklDDN0G8udluPLMBnzUJOLnVIUAg68VsizX39Hf9zlr8/MD --j1BSSZE= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAR5JQwzdBvLnZbjyzAZ81CTi51SFAIOv --FbIs19/R3/c5a/PzA49QUkmR -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C1:KAS-ECC-CDH_B-163_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEASgomJNkhtwuPNFYXzLVVEJk4ZHkBenp --i7dJm/iV93+PyDAdbhx6n2GR -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C1 --PeerKey=KAS-ECC-CDH_B-163_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0681c9e59eb7eba769f5b6f2b06ddf1efd12997995 -- --PrivateKey=KAS-ECC-CDH_B-163_C2 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUD6h555SoHCJjWo8TnSOla --yHENd/ahLgMsAAQBN4YLo0WK8Twir4Il9WHgEzHNh6gHcgNW4V3HP5/uehwCH+yp --fNQSBOM= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEATeGC6NFivE8Iq+CJfVh4BMxzYeoB3ID --VuFdxz+f7nocAh/sqXzUEgTj -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C2:KAS-ECC-CDH_B-163_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBYdPzIxITAFBcxAty3DGJO5hCNMdAElp --P07ccUsNC6pb/F2LxqwECJ3k -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C2 --PeerKey=KAS-ECC-CDH_B-163_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01e0749a21fc508f76dade85435bbbe12c448bd8c4 -- --PrivateKey=KAS-ECC-CDH_B-163_C3 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBrVypq8i83MSCmVrRqXfk --cnFQuzahLgMsAAQCWueDEbD882lWajGfiYSVRq6uwwUGQOsP31IEgK++ufJnT+sd --bfSC1/U= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAlrngxGw/PNpVmoxn4mElUaursMFBkDr --D99SBICvvrnyZ0/rHW30gtf1 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C3:KAS-ECC-CDH_B-163_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEADdI15jxQCaPHnGLOyOqKswDM8B0AMQq --knq1eWlhIwlVdayUmwen0dS8 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C3 --PeerKey=KAS-ECC-CDH_B-163_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0320398f7acf791e0d602d7b94742cce58e9fddbac -- --PrivateKey=KAS-ECC-CDH_B-163_C4 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC0oqKodifo+Xllv/RgIJU --7heg0PqhLgMsAAQG5sUklKtjyJyXiFVvcWZ387SAQqAE6YJYucVvAtPttMpbCu6q --naqm/g8= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBubFJJSrY8icl4hVb3Fmd/O0gEKgBOmC --WLnFbwLT7bTKWwruqp2qpv4P -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C4:KAS-ECC-CDH_B-163_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA4DbPfKxwBVKjoyzBK7NWB018xXNBxU0 --7C6LNX2eBp1/H6mL1E7YsGgm -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C4 --PeerKey=KAS-ECC-CDH_B-163_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=03e4de43de85223d818e5be6549c29cdfa1afe1782 -- --PrivateKey=KAS-ECC-CDH_B-163_C5 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC4XD39NwVL+Rwb5nZviKe --ExfYK72hLgMsAAQHkA2sJR3oqUTPChvy6y7+7hRnbpsAkeffZ/d2InKdWbfjS5Rx --J+f6Ll0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5ANrCUd6KlEzwob8usu/u4UZ26bAJHn --32f3diJynVm340uUcSfn+i5d -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C5:KAS-ECC-CDH_B-163_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEATbg0FtPOYuCfhmARhSLL0FXP8B8BzmT --TOwQVyhS4fYZIi4vXsTg+lqm -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C5 --PeerKey=KAS-ECC-CDH_B-163_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=037b178aab014d5abab305e37deed7f4798cdb862c -- --PrivateKey=KAS-ECC-CDH_B-163_C6 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCkj0sgCzsQt7yYz3r3KdZ --1ZdE0+ihLgMsAAQCzctPke19F3aNuAvis6yeCVax2XEDJDP0VabNJT6RWC0vb1px --JlXaHWk= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAs3LT5HtfRd2jbgL4rOsnglWsdlxAyQz --9FWmzSU+kVgtL29acSZV2h1p -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C6:KAS-ECC-CDH_B-163_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB2w65KeBZzYn0Om8thX2JqFgpV3aBYwO --yPJknC3c2cJLZDQzsU2QfFkD -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C6 --PeerKey=KAS-ECC-CDH_B-163_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00958b2aaa6061222dd248a6b9700fb6839dacdc99 -- --PrivateKey=KAS-ECC-CDH_B-163_C7 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCWxe9bkIH2fsaOvAv1dsm --r4NIrrChLgMsAAQG9vWx87GPRdtPs3d+aED7WlthqRQHN84UrrJOBZFYWnQXuJJW --dJ9GHeY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBvb1sfOxj0XbT7N3fmhA+1pbYakUBzfO --FK6yTgWRWFp0F7iSVnSfRh3m -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C7:KAS-ECC-CDH_B-163_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEANZfBRbBs+7ZIg5Zs9BJ3RFTF5rFAgv+ --EHqJpzYM0uIXU01t8pjMS8RY -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C7 --PeerKey=KAS-ECC-CDH_B-163_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0393387e1dab35748f20d506a0e2b4dc0ee6c3ff39 -- --PrivateKey=KAS-ECC-CDH_B-163_C8 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUAE36BMq0oiSPmSBHpIpj1 --wNzJVwWhLgMsAAQG8s3R1jDdcx7Xf5Acew5zVRXibU4BBi8vcVxNKvl7sb6LbPou --PuMUJT4= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBvLN0dYw3XMe13+QHHsOc1UV4m1OAQYv --L3FcTSr5e7G+i2z6Lj7jFCU+ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C8:KAS-ECC-CDH_B-163_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBA2QPOKzD3CmoDhJsOF1j++Ih70xBKvY --vbfBMnyZszgg2+GK4RT7Q1lJ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C8 --PeerKey=KAS-ECC-CDH_B-163_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0212358d3f8bce69b662447333b3edbbc9b2f7e805 -- --PrivateKey=KAS-ECC-CDH_B-163_C9 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBxIxQt9Ps3zuQG60O78Pj --gm486p+hLgMsAAQBkXVXMRfdhR5u6/2fseWohOv+/uUDrfN+Te1SVz+lfIyyv8ps --ZcNnRGI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAZF1VzEX3YUebuv9n7HlqITr/v7lA63z --fk3tUlc/pXyMsr/KbGXDZ0Ri -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C9:KAS-ECC-CDH_B-163_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAi7SRkPwzsaMjkrRqixDadiqA/WUBczK --YrbdHTFt7b0PHVML7W5VazrY -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C9 --PeerKey=KAS-ECC-CDH_B-163_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=023472fa59846f7be07cf060cdd69a9fbb27d4fe44 -- --PrivateKey=KAS-ECC-CDH_B-163_C10 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBFi2e06ZgRV6MAV0eRdFR --V0mj3NKhLgMsAAQEKD6w5QhdGYs3j8lfb7TDGYtNPHgBB6EWjy9HuWPks6kCTgw1 --el69+Sw= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBCg+sOUIXRmLN4/JX2+0wxmLTTx4AQeh --Fo8vR7lj5LOpAk4MNXpevfks -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C10:KAS-ECC-CDH_B-163_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5P0sxFy7uZvJ2nrMF0DtcP3z/+LAfPs --7Gu9qb3opNoU2z5f+TS5g1sX -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C10 --PeerKey=KAS-ECC-CDH_B-163_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0173a056c4c9ef6707cd23928999c4680f42b71f7c -- --PrivateKey=KAS-ECC-CDH_B-163_C11 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBmh0W9KVy88G1HqKs5pKA --5xN7j4yhLgMsAAQFzt6Wpw9xTNaJY/LWyiNiaak48xEGza3VS29zPICTR4fijCzP --WLEie8A= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBc7elqcPcUzWiWPy1sojYmmpOPMRBs2t --1UtvczyAk0eH4owsz1ixInvA -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C11:KAS-ECC-CDH_B-163_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAup6UINGAvES9t0ObSXwZPnQXv8mAb8/ --adFKzIMzUzqIwuiCSGOkeuAn -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C11 --PeerKey=KAS-ECC-CDH_B-163_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=03d34f411a297d7c990fa4a83b5f54759607f9d33f -- --PrivateKey=KAS-ECC-CDH_B-163_C12 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC79RADa08+tjRY3+pKQxL --dYowFbahLgMsAAQFExMbS8ty72irBD7oT8jLA7bY8YcBILfVdyu7F+yxyegMNvgI --/VSpOq4= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBRMTG0vLcu9oqwQ+6E/IywO22PGHASC3 --1XcruxfsscnoDDb4CP1UqTqu -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C12:KAS-ECC-CDH_B-163_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBt0TBTSeiqCAIAc6DeWvxdwbamLTA0l+ --t79Aie8CzQpd0Phr2HmKRMVs -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C12 --PeerKey=KAS-ECC-CDH_B-163_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=06120aed8d4c1e506710e2cfb98ca2022e642ca89f -- --PrivateKey=KAS-ECC-CDH_B-163_C13 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBKw1kl3z8E7SDRe9wctGj --iQ6vuVuhLgMsAAQBuTY89Ic1Z2h42AzhSBuFiGg/dEQHaPpzJ81yUsj2lu1JR4aJ --Fa2h+10= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAbk2PPSHNWdoeNgM4UgbhYhoP3REB2j6 --cyfNclLI9pbtSUeGiRWtoftd -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C13:KAS-ECC-CDH_B-163_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBaDjQRGOaYJ9an+CgvvwuUQA8IJABCO5 --k9Q2f79PZQTZ4JpkEjo7U9Eo -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C13 --PeerKey=KAS-ECC-CDH_B-163_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=021a58087968c5df57afd7c343a4cfa2ee8e7073f1 -- --PrivateKey=KAS-ECC-CDH_B-163_C14 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDOslTgD0ERrPNpOvQcbTr --AnwRv9ihLgMsAAQFxEbpiWykTMpzPp9OW2Sv3cBTchEGutGyUiaS+XCzi+aTXcfR --wJ3NIG8= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBcRG6YlspEzKcz6fTltkr93AU3IRBrrR --slImkvlws4vmk13H0cCdzSBv -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C14:KAS-ECC-CDH_B-163_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEABqSPWGRY0MGEkweJnMJsH26Mt7LBaNR --f1Qmo0Eacn7dwpo+wilVg2jR -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C14 --PeerKey=KAS-ECC-CDH_B-163_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=03da9c0879219e48c3df56174898fab9ee5b0a6bcd -- --PrivateKey=KAS-ECC-CDH_B-163_C15 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUBvXkUWuf0LGsl0cOJZewI --/SdTOnqhLgMsAAQA6dj8OgJpJcit1Qj5IPouX/UoJogFt79jElmsfTaTbBMP8gbY --ILE73oE= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAOnY/DoCaSXIrdUI+SD6Ll/1KCaIBbe/ --YxJZrH02k2wTD/IG2CCxO96B -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C15:KAS-ECC-CDH_B-163_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAvqLrw1hKK3ZuQKqGByB4kKYRR4uArk9 --H2kTkU/+FVnHwRTGMbtrKWF+ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C15 --PeerKey=KAS-ECC-CDH_B-163_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=05b33fe3874d32aed99919265cc0074902e538fe54 -- --PrivateKey=KAS-ECC-CDH_B-163_C16 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDMMofWtd9embYdCMygCDJ --HsefN2ShLgMsAAQFujfTaZfE8qvmA9/gQiMnOOgrCzoHPIzZUARJcqAFxvGvjkMG --4MzvuUY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBbo302mXxPKr5gPf4EIjJzjoKws6BzyM --2VAESXKgBcbxr45DBuDM77lG -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C16:KAS-ECC-CDH_B-163_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA1Pi2kWrfEkwKAw+20upABLVbfYvAmkx --4wuX/173uswN5NlJBwhSLjsr -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C16 --PeerKey=KAS-ECC-CDH_B-163_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=053dbce9826af4d290036feb46875e975b7848a9c4 -- --PrivateKey=KAS-ECC-CDH_B-163_C17 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUC0jFAB01u3dW8CZsX3hKv --ud3y7L6hLgMsAAQG4GzHww9e1+aGw6daHUQld3BgHLIDDcQUxK+zkO1GevRxqpvS --t18y39g= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBuBsx8MPXtfmhsOnWh1EJXdwYByyAw3E --FMSvs5DtRnr0caqb0rdfMt/Y -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C17:KAS-ECC-CDH_B-163_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEByFnCITaqM1idjjskPNEjvsPJIm6BPhK --mDvsayiJyCEb8jEUm1vrzHXg -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C17 --PeerKey=KAS-ECC-CDH_B-163_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00d49b971cab937f40908913fe259849679ca076d9 -- --PrivateKey=KAS-ECC-CDH_B-163_C18 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCRJwbn/CeepoDsX9f9GER --X18/Gn+hLgMsAAQHP53d3EZQkz3szJVG05KjXbvGanYE3nVY3eZJ9yMis54xyOKc --5vWZSF4= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBz+d3dxGUJM97MyVRtOSo127xmp2BN51 --WN3mSfcjIrOeMcjinOb1mUhe -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C18:KAS-ECC-CDH_B-163_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAdYxnsLcXAjwJhrtAjFBjW3D0M2nA45k --lT982scdBS5VhVdGtD1EGBuR -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C18 --PeerKey=KAS-ECC-CDH_B-163_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0483ad0b7f8a716273f624b8979c19126705266e4b -- --PrivateKey=KAS-ECC-CDH_B-163_C19 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUA0IuV2aTOck7EYszhJwH9 --jD1T/c2hLgMsAAQAJqdw2G4cibp6hq72Sbp+qG/H1bIB2xAg4Pdk31SlPCPJOM7J --jZp3rR0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEACancNhuHIm6eoau9km6fqhvx9WyAdsQ --IOD3ZN9UpTwjyTjOyY2ad60d -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C19:KAS-ECC-CDH_B-163_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBPFnkHv0uY6Gltgdp9LBBW76DcFMBsua --tlFDgyuc79XZzmnsTbLt0Geq -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C19 --PeerKey=KAS-ECC-CDH_B-163_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00f69dcb547119fc9b8c454335aab184c3ada5f1c6 -- --PrivateKey=KAS-ECC-CDH_B-163_C20 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDgI7+atUNJQ2HGS4WSZzj --JZQo87ihLgMsAAQAE6AuJfySeHWvpVe9Zz9lhwRZ5nEEA4265cXlQIRwiiS8P9By --52nBI3c= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEABOgLiX8knh1r6VXvWc/ZYcEWeZxBAON --uuXF5UCEcIokvD/QcudpwSN3 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C20:KAS-ECC-CDH_B-163_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB5ttFMdDJxQC0TI2AyFf6zxosURVBOOQ --VoalOMJaAr6pL0IYQCG16iWT -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C20 --PeerKey=KAS-ECC-CDH_B-163_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01bc5ee5261b2bba55b10cbaa6cc3c97b98d00ffea -- --PrivateKey=KAS-ECC-CDH_B-163_C21 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUCrSMqekHmzCSVU42HsCPN --7HtuHyOhLgMsAAQFSeMHgNk/eW/c9pGQVXXYXGZFO9sCFiqIW+oxNEVD9dBhkTad --7G5w6Wc= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBUnjB4DZP3lv3PaRkFV12FxmRTvbAhYq --iFvqMTRFQ/XQYZE2nexucOln -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C21:KAS-ECC-CDH_B-163_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB3L0LScqBX3g/5Jsn5RgXGZ10hUmBgLn --5TJV3pv1jAV+77ebzkMbXDgI -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C21 --PeerKey=KAS-ECC-CDH_B-163_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=008574d838d3de87965fc1b4343fe4f078588c4ea1 -- --PrivateKey=KAS-ECC-CDH_B-163_C22 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUA3Jmxnz2IR4dRkOlYiyu9 --gw29OpWhLgMsAAQA9l2YTXHcwYvxcqvk05k84PfPMkwAG0nmos8Rc6raw69sCelm --8xFBq9k= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAPZdmE1x3MGL8XKr5NOZPOD3zzJMABtJ --5qLPEXOq2sOvbAnpZvMRQavZ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C22:KAS-ECC-CDH_B-163_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBQskKUYJcXOanW1WcLxtdZ5WVnaLBJK8 --LT9jjUl45MpYylpO8ZxezOqN -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C22 --PeerKey=KAS-ECC-CDH_B-163_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04579b477a92ed961cfdb2014407e88e7716452a4b -- --PrivateKey=KAS-ECC-CDH_B-163_C23 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDVquFsE0IUbj2a0p5ZSbT --8+OIKEShLgMsAAQHdqLhr5MtdFGQcL+pQeqpPp/16XoFq+ntRiRf0BRiUNKlY8Ru --v3rNI0I= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEB3ai4a+TLXRRkHC/qUHqqT6f9el6Bavp --7UYkX9AUYlDSpWPEbr96zSNC -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C23:KAS-ECC-CDH_B-163_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAX1SEW8MlVh/G3sGx26Y2ZyC3PIMAk6i --K92ZC9eeY+c1shKCrhtepmZI -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C23 --PeerKey=KAS-ECC-CDH_B-163_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=035a8c10e64403c52ef8d17c5f4dead0df81fb1f21 -- --PrivateKey=KAS-ECC-CDH_B-163_C24 -------BEGIN PRIVATE KEY----- --MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUAentUdVDHWKnefwbi845V --9enkTOahLgMsAAQEWVLAtRfmhcqwlHAyf51LISdRsEkESkKabvsEvOoCQKtYBd50 --CqYfmU4= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-163_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBFlSwLUX5oXKsJRwMn+dSyEnUbBJBEpC --mm77BLzqAkCrWAXedAqmH5lO -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-163_C24:KAS-ECC-CDH_B-163_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-163_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEA6fqELodaqVFcAtAtzeVGp5zbfoMBPk1 --L7KsJETpKHVONlX9YuOkJWTo -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-163_C24 --PeerKey=KAS-ECC-CDH_B-163_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=000142615e3607ac148c4de8f334be849235d01cdb -- --PrivateKey=KAS-ECC-CDH_B-233_C0 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4APD7kdKwNC8HfVn48NfX3 --ZsUzKy1nMP8OTY51rtuhQAM+AAQAYeiptRf9BaAm7DdmFiKf2GOaH6dt7+U5gCL5 --2cgAcGtcsIc4qUVS/uWEsTcv6tSveQQJCfz29QCEu/o= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGHoqbUX/QWgJuw3ZhYin9hjmh+nbe/l --OYAi+dnIAHBrXLCHOKlFUv7lhLE3L+rUr3kECQn89vUAhLv6 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C0:KAS-ECC-CDH_B-233_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEdWut3vw9wzerJ7VFLrEK/9njH1tVwz --DpDw9oaiASp59lIyMIohyYwBVVzK/H3OFcj+0wJadgy9bCMn -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C0 --PeerKey=KAS-ECC-CDH_B-233_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00e9f3d8c4f1bec0f920e763ea1bb7415899f01734609e7547dc425ec946 -- --PrivateKey=KAS-ECC-CDH_B-233_C1 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AqkGloBpOZqZ5l7C+FvVr --FgsFYa0H868pZDhkYdChQAM+AAQALZFAJEZVcGjED8B13uk5FrDxqTkuR+VrdHEl --rh8BOrCRXkrPd5UWgm+h3BiFoGq8XQgJySJAzPnD2KQ= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAC2RQCRGVXBoxA/Add7pORaw8ak5Lkfl --a3RxJa4fATqwkV5Kz3eVFoJvodwYhaBqvF0ICckiQMz5w9ik -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C1:KAS-ECC-CDH_B-233_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEARhqAo+aGNuSf2MlPCA+smqjq6DUCxo6 --vGTkeiKtAMvYuV+J5CESi8c6Q8XMJU44ZwlquJ14iy7TuQqW -------END PUBLIC KEY----- -- -- --Derive=KAS-ECC-CDH_B-233_C1 --PeerKey=KAS-ECC-CDH_B-233_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00f1fbecfadb158d62eb1109c085124fad67a8795b58815eb396c95db4b9 -- --PrivateKey=KAS-ECC-CDH_B-233_C2 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4Axmd8KAaLRi40hizmydit --jBs8fv6Ay6tB2kGSeOShQAM+AAQAQssxHc/ySCos7OaWwetkxprCqlmSCaXBh2Oj --FQoBsDKfNsE10ALwi+Pj/6naGMXWpww2D0+HHxK/P5U= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAELLMR3P8kgqLOzmlsHrZMaawqpZkgml --wYdjoxUKAbAynzbBNdAC8Ivj4/+p2hjF1qcMNg9Phx8Svz+V -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C2:KAS-ECC-CDH_B-233_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJO/hWIWAiOOmNCcmIKNUaSUYDYsI8UU --HT0bI1KWAISXFSGHqLOylYodCi7s/0SSJRgHy/0D1fJoW8o3 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C2 --PeerKey=KAS-ECC-CDH_B-233_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=019ea831c51d88a7cf754495a1c474082ed481c8eb83190a77defb09d479 -- --PrivateKey=KAS-ECC-CDH_B-233_C3 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AnGECSz3/IZs38b5nAYBK --3yR0FESN0PDcUSk6yROhQAM+AAQAEkEg2ECYUOceM8ni2cQOoyvtEdd4BHhumwdo --kqsAba4bpIFylv9jBzusnOBl1DMboaXImcwcB0Bdrj4= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEABJBINhAmFDnHjPJ4tnEDqMr7RHXeAR4 --bpsHaJKrAG2uG6SBcpb/Ywc7rJzgZdQzG6GlyJnMHAdAXa4+ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C3:KAS-ECC-CDH_B-233_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEVJZIaSr5XYjk4dSRTYyXaaraxaD3V4 --MmXz65ZXAbCUtIAvOXZj0OaC+r8clMTiFOSDJ7le78uSt3H9 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C3 --PeerKey=KAS-ECC-CDH_B-233_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00088425fb04c2ce408f08d81385a322703a077bf00ba0791e4e79b80419 -- --PrivateKey=KAS-ECC-CDH_B-233_C4 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AbmnQZNvZp5T2jmmaDpQb --3aalOhzso7PbgpJbb4uhQAM+AAQAxX1h/LH+6Q1djJfL8YjI74JZsK4lh+zx/4zS --4voAuK2GxoBaSrRFE9u6L1CYuenB4Ftnn1KTeuzisYI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAMV9Yfyx/ukNXYyXy/GIyO+CWbCuJYfs --8f+M0uL6ALithsaAWkq0RRPbui9QmLnpweBbZ59Sk3rs4rGC -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C4:KAS-ECC-CDH_B-233_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHPFz0oB0J47QbXnd4xrm6Utr4j8QE+O --L9CdtAJ+AHA5Htqnbw45cDlMrAM4BhBYhYw8c9XLUS5TJjBP -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C4 --PeerKey=KAS-ECC-CDH_B-233_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=019b5efb23bc18a4f18c22fe2fd5cdbd02372cabde5e5c9f4b4f9a49438f -- --PrivateKey=KAS-ECC-CDH_B-233_C5 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AWuXeMMfDFxgTot0+PqLF --zqoEc8OUV+mSkHHhpCChQAM+AAQBfPn8oF1KVeS2j+56O9Q/BHMD8qJm2Bu14ex+ --JVgAOwr0PeBQAzl94dSyeCetL81nXL9hpEWh7EClabY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAXz5/KBdSlXkto/uejvUPwRzA/KiZtgb --teHsfiVYADsK9D3gUAM5feHUsngnrS/NZ1y/YaRFoexApWm2 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C5:KAS-ECC-CDH_B-233_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEASOmsIGnYehsBC4ZFK9H8JOyZVVD5WRY --S2BkJTmpAFGO48GuVGQE3x7M1pqmhWQx0ciIHPBXjP9OuMEb -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C5 --PeerKey=KAS-ECC-CDH_B-233_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01f36d9519c3d47f030eeac3338db583b96fefa551a4b56cc5567f2d9d7a -- --PrivateKey=KAS-ECC-CDH_B-233_C6 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AxoeWlVtotfiCfjisB4Kx --rCxFUsrvDGCVhGfNhcGhQAM+AAQANHifvGDxCGA0yPLOhv1KozUZTJFGiQNX3EdW --meQB0395Yyf3HsMVEEaEY9CykFSIpKYCZ4cN/uVnwlA= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEADR4n7xg8QhgNMjyzob9SqM1GUyRRokD --V9xHVpnkAdN/eWMn9x7DFRBGhGPQspBUiKSmAmeHDf7lZ8JQ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C6:KAS-ECC-CDH_B-233_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUH7vys2HCyM5e2r+iKqR1VYHlsaZmAD --YqDue8V0Aa6jysID+MeAR1omCbKXDMhvlupAEcNI2oJiszSq -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C6 --PeerKey=KAS-ECC-CDH_B-233_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00e54b1c916ff3ba1aa0b2b99f0ebde4f1a4cc6a10d959bb2f7f4c777b84 -- --PrivateKey=KAS-ECC-CDH_B-233_C7 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AdCRcyX3UUJNWieo/ynsL --MMHWfObovhfLEZJXXK+hQAM+AAQB4cVwrMZTxwb9d0AZSlVN5/N5mhK4INapQRl/ --dh0B4iJejQ1ByAj26tevMg+yX+0pqZCYoPDhHNhp5Tw= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAeHFcKzGU8cG/XdAGUpVTefzeZoSuCDW --qUEZf3YdAeIiXo0NQcgI9urXrzIPsl/tKamQmKDw4RzYaeU8 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C7:KAS-ECC-CDH_B-233_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJag0/Nuj3U3kQdM6ml7JHFifgyeeilK --ApqdO5QpALdnF0opILYvHwL6eQl4RdUdk+DIEEQQgxot1Vw8 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C7 --PeerKey=KAS-ECC-CDH_B-233_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00bc0dcf7585753cc79aa412d2740b4b2d1c644fc9755cb0550286bcf68e -- --PrivateKey=KAS-ECC-CDH_B-233_C8 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4Al77tS3OKYgXMnqBGtEi1 --IxKLkxAaAtlkQ16xeAahQAM+AAQBg1jalAeacAoQsgojJdM9gOletPxKmBAcMSY1 --k5wADE9ELQBxx70dIXzyNf0DHewwnoXqIBTmi1D8K6A= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAYNY2pQHmnAKELIKIyXTPYDpXrT8SpgQ --HDEmNZOcAAxPRC0Acce9HSF88jX9Ax3sMJ6F6iAU5otQ/Cug -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C8:KAS-ECC-CDH_B-233_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAWa+JCazv45tBaJNfR8sDjKeQSDPyOb/ --UkhvCVWGAHNx4ogUX8JaWpy18qOGA08vMoxuqiTIsJboqx8M -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C8 --PeerKey=KAS-ECC-CDH_B-233_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01b7ef3148be331115321b1c2a68832fdfb991b26224a60dddce3e060d27 -- --PrivateKey=KAS-ECC-CDH_B-233_C9 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AdZxV2lXh/bW6f4uJOrqu --WSW5sIGEo9VUlXrPPsChQAM+AAQAKvJfgQ4YqBtp2iVKZbimx6uA3cJ8hWIuI0it --0TIBKLdT5LIajDrPhaq5Kpqmp7M/LLadcCS6+OiwcUI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEACryX4EOGKgbadolSmW4psergN3CfIVi --LiNIrdEyASi3U+SyGow6z4WquSqapqezPyy2nXAkuvjosHFC -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C9:KAS-ECC-CDH_B-233_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAYHzuwsJdxMnfF87Rs7wKqnL4pq5XHbp --tgofelHlAC4vtnLXK/ePfP7cQNNybGtPtYVBfHR2tlXjK707 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C9 --PeerKey=KAS-ECC-CDH_B-233_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0041249865c913b287a253150b207e2682efd96057cb0709e9bbb48c0fc9 -- --PrivateKey=KAS-ECC-CDH_B-233_C10 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A7mOdifDkM8B14u9XzCQ1 --gelbJh+Kk7jvb16/gBWhQAM+AAQABmOPa82FBDOV0B12f/d+nWd/N+9ADy4W/uht --uvIAbBJJYmbeux2DQ7loTifF9xKcFwJKjmcEZypfPWM= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAAZjj2vNhQQzldAddn/3fp1nfzfvQA8u --Fv7obbryAGwSSWJm3rsdg0O5aE4nxfcSnBcCSo5nBGcqXz1j -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C10:KAS-ECC-CDH_B-233_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAGWqQRXlnmBFqvme4b7KH6uSO73JGSBu --CTFiC6mWASjQC3dYmaWKWbyyq3nWCeLc2pjmUju2cWhVT4Tm -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C10 --PeerKey=KAS-ECC-CDH_B-233_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01cf480fbc2be2c2c4448c88890972c7ff9cbe08a75e26c3809596b8b5c0 -- --PrivateKey=KAS-ECC-CDH_B-233_C11 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AkpsJtnspqk/xXWd5oXMw --ZQSfrrLCJwEsSfJ37VGhQAM+AAQAygQD2V2F8MsK5NKurhjhh7ecIB7WjBStJO0A --OSIAz2sKUCspDQru6CBmGsz26ll2h8Rcf5Onc9JfYqY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAMoEA9ldhfDLCuTSrq4Y4Ye3nCAe1owU --rSTtADkiAM9rClArKQ0K7uggZhrM9upZdofEXH+Tp3PSX2Km -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C11:KAS-ECC-CDH_B-233_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEATV25wDzY2f7dBhC8jGInzaCKqspM8JF --7tV7naytAXkQ6QcaPkLn8hs2Pw5ofSiYEKTsKcNuzhSFTh3R -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C11 --PeerKey=KAS-ECC-CDH_B-233_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01ce8abf3c8ccfa30e5f35ddb75f5e106aab1e67086156a1ededa1717b77 -- --PrivateKey=KAS-ECC-CDH_B-233_C12 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A4nrwTv4thv/tbs33GPwL --jgSe0iLnYAw84xzk6XqhQAM+AAQBRewNtf5iuSVHeSASJoryG6koqP2Y0KHe49j7 --JVkBCgMc6laxg+kwkwCKtwXMkJnltlxctEBzJLlv7pA= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUXsDbX+YrklR3kgEiaK8hupKKj9mNCh --3uPY+yVZAQoDHOpWsYPpMJMAircFzJCZ5bZcXLRAcyS5b+6Q -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C12:KAS-ECC-CDH_B-233_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAOn7pxpkq7F3+kNsuXOcn2jAFVrciXE5 --wb89+ZpTAZrxExvkfeCIcINdoUlG/tcwNBefgJKY0BSbFt02 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C12 --PeerKey=KAS-ECC-CDH_B-233_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0025df759a20312361b9f6767efe8e8d69979e34639469a91fed9fce04f8 -- --PrivateKey=KAS-ECC-CDH_B-233_C13 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AGnJte5koaR6wFJyo8O3u --R70Mc0ETq2ADJB7hk96hQAM+AAQAdCa/qIeP5ZsWqbjGORCh4vvGsHuplboEwxQC --ES4AlE6WFmdssvx/oPnhuHo1h0gkPoD7YiZChGRaak0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHQmv6iHj+WbFqm4xjkQoeL7xrB7qZW6 --BMMUAhEuAJROlhZnbLL8f6D54bh6NYdIJD6A+2ImQoRkWmpN -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C13:KAS-ECC-CDH_B-233_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAR+ZSkFswZkLjGF2ej1o++pzr3tItlXk --dHD8zHkfAV3piINdaBLwvdcAeolZceGgb00izhMDyfVe/mR8 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C13 --PeerKey=KAS-ECC-CDH_B-233_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00437ab4a53756ff678a1f580c0fd1f33b23021d62060808453b4aabe627 -- --PrivateKey=KAS-ECC-CDH_B-233_C14 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A9FnHZyFpwSWeThmTM5ZM --H/+851rTDd4SZPXLhtGhQAM+AAQBtEqBiV0hBfoWpuCVJsCa5/bL284hCHD04z24 --tvQAseByxiomQpdfBsaHxkZ9opXvk/BNHFSUpiRoPIA= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAbRKgYldIQX6FqbglSbAmuf2y9vOIQhw --9OM9uLb0ALHgcsYqJkKXXwbGh8ZGfaKV75PwTRxUlKYkaDyA -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C14:KAS-ECC-CDH_B-233_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQUTYgruDQR4hyQ46Zsj6kkAFT+TZusX --1hvfNaoZARNt+8hAG72g1nXKBqDP9r3UZ8CsmpeCkzAHKOfc -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C14 --PeerKey=KAS-ECC-CDH_B-233_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01ebd55823c57d1fc7b36cf1ed2051ead64db6d114014d3407186f50d957 -- --PrivateKey=KAS-ECC-CDH_B-233_C15 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AZWpHuHcrCLHZB8gj+2xF --xl+fGPi0Pzph5sdGEeGhQAM+AAQBU8262S640g2gwceq1G0IM2y8l26Nb4OUfk9N --ZhYByXe5el4SBcpmVF3zpSa24yXgh8DgcIOf5+we54g= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVPNutkuuNINoMHHqtRtCDNsvJdujW+D --lH5PTWYWAcl3uXpeEgXKZlRd86UmtuMl4IfA4HCDn+fsHueI -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C15:KAS-ECC-CDH_B-233_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEADXf/skRftcWdieiSj693Umj9F2RrRhA --HT1Emy/vAZMXVM5c9Vehwazt/l6aewuR+BZD2oWGpoZYhfBC -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C15 --PeerKey=KAS-ECC-CDH_B-233_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=006d07f6e08b11a060ccec43b07ca7d9eaf6c3ece06f4785519284bf6f0a -- --PrivateKey=KAS-ECC-CDH_B-233_C16 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A8U9exO+vhuQ/7OZfF/+R --sajWG+NBbu64hPTi0U6hQAM+AAQB2fjAHpwg9hUOx2IKdeOelvkke+zhN7A2W+xU --JUwAYAg3O54IeAUpTa2uAIlGZ/259rik0WKV5bnSGm0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAdn4wB6cIPYVDsdiCnXjnpb5JHvs4Tew --NlvsVCVMAGAINzueCHgFKU2trgCJRmf9ufa4pNFileW50hpt -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C16:KAS-ECC-CDH_B-233_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAEhFzmYbHq40wWmfG/443IfvKLiwp3cf --82bcIdhjAQlrGVSwbqpwc+2TmAGqKXTaHWDWbpfDHfD2h2+v -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C16 --PeerKey=KAS-ECC-CDH_B-233_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00aea594f092b4052f7564b2e5651bcf43ef7e336a064d6bfb1a89cf5e51 -- --PrivateKey=KAS-ECC-CDH_B-233_C17 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AH6XL2IoUb2zPX3nfvHCG --j9m7TIEVl2yWJw/3vF6hQAM+AAQBTSdvQoHLUKJrKeyB/O2W0OkJmUsihUM4VSVt --WNsArEeSr2Kg3E/U7sOE+/P7uCyDR0hrwesTOLx/OrA= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAU0nb0KBy1CiaynsgfztltDpCZlLIoVD --OFUlbVjbAKxHkq9ioNxP1O7DhPvz+7gsg0dIa8HrEzi8fzqw -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C17:KAS-ECC-CDH_B-233_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAUc0GSFlyW+9t5TKseLR7xEeGiCnIF2w --GqgDoDKiAezfw5QLfQYYzWMVRBdR9mPfdNNWSS75NLS6KyrR -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C17 --PeerKey=KAS-ECC-CDH_B-233_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0099d6d076e14ccfee15ed7e7ef384bfee12deba8c9ae8f6cca3486a1494 -- --PrivateKey=KAS-ECC-CDH_B-233_C18 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A9YaE6hSmj++4zCayZ6E0 --GcYtcmG60U5TaKmBmhihQAM+AAQAmmWoU5QHD+DloQgWTrKJzD137QhI/VfzhOYs --qiAA5/VvLCe+T66yDidMJgTG3C2IWXAwrSFk+tA8uQQ= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJplqFOUBw/g5aEIFk6yicw9d+0ISP1X --84TmLKogAOf1bywnvk+usg4nTCYExtwtiFlwMK0hZPrQPLkE -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C18:KAS-ECC-CDH_B-233_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAH4fMlHioKpt4fjfhrhe2dEdpetxNq3U --XqfSXIZ8ANligeB1benapV0u9lc7sv4t0Jtx2RGRpaBDuuDz -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C18 --PeerKey=KAS-ECC-CDH_B-233_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01b1e977c43afd203132c085b95db0e2046a4b6ac2c046ee9ad665050578 -- --PrivateKey=KAS-ECC-CDH_B-233_C19 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4A7vskeJsytDbOOWIsEUw5 --ps0eWOyUQ8iHDl7i+AGhQAM+AAQBP7HKntcJuzhvugLMeGL9bGThCHvl9h6nM5Rs --FjQBy0CX5EpzBwDev+gUP7+byjo9bEaYWifNUEOyylo= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAT+xyp7XCbs4b7oCzHhi/Wxk4Qh75fYe --pzOUbBY0ActAl+RKcwcA3r/oFD+/m8o6PWxGmFonzVBDsspa -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C19:KAS-ECC-CDH_B-233_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAL4e51DycSsqyyDEXpc1fFDbO+iVsz+D --DHG8n089AV/sgQzbF5/NHOjk3BokmeQN6KSkmpQg8A5WEQz0 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C19 --PeerKey=KAS-ECC-CDH_B-233_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=000e4cb704355cba1b40cee3da102cb048519a91b4c789b3757cfdd933aa -- --PrivateKey=KAS-ECC-CDH_B-233_C20 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AF1JNUGYWvSBcs5eLx146 --NHYjPkm23CBvlxFpdVehQAM+AAQBUKFzJ4Ree8edjs4Skw3Ct3ZUyqEIK1ewz44F --sawAFRx2gi2N9e/9jGlDOVtqjVOEMdQuhG6f+N5+ruY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVChcyeEXnvHnY7OEpMNwrd2VMqhCCtX --sM+OBbGsABUcdoItjfXv/YxpQzlbao1ThDHULoRun/jefq7m -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C20:KAS-ECC-CDH_B-233_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAVwuLOC8cizqTLx8M1LL4NKLWwAuRNk3 --BYldeRr8AU9haYOtCOdFMVxHZ7CuIab9imKcJYznrvpMF6jg -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C20 --PeerKey=KAS-ECC-CDH_B-233_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00d8c13bc5e819c6101daef3f6fb5be6bccecf233c4b7fc65054e8e8d3bc -- --PrivateKey=KAS-ECC-CDH_B-233_C21 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AprBdMKcD8ReagPioZLNM --oVxFPoKAihCV5DXpusuhQAM+AAQAk7MlIlH9nW2cgdeM8fE0zdVU1jwqHi8a+hTi --1OQAiusKirP/Xk+wI/fhkX8BCIkK8Rq8p9oCf62sw7Q= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJOzJSJR/Z1tnIHXjPHxNM3VVNY8Kh4v --GvoU4tTkAIrrCoqz/15PsCP34ZF/AQiJCvEavKfaAn+trMO0 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C21:KAS-ECC-CDH_B-233_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEALr6m7qScl7vDEoK/L1CY+VfUVVkW1xY --qWvD6ellANGz0ONdYX4J4HjFcaX0HqIt/REtZ6lNjfu6Zump -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C21 --PeerKey=KAS-ECC-CDH_B-233_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0129af50fa085133771753f297a313bba0d2f5882e7634b7ef5adce760ff -- --PrivateKey=KAS-ECC-CDH_B-233_C22 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AFo0JgJ659qzzETTrXrGv --lm4hK5tr5oz9IkAUJemhQAM+AAQBcQoF8CtVBXKVFrGsc9RfPPCPHFE00vc9ElcC --Q8kBhhGxDatQdYPyvhD9Qpb1N9SvCVdvlpefHq3+KRw= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAXEKBfArVQVylRaxrHPUXzzwjxxRNNL3 --PRJXAkPJAYYRsQ2rUHWD8r4Q/UKW9TfUrwlXb5aXnx6t/ikc -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C22:KAS-ECC-CDH_B-233_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAHmL9at2G7as/tDO8c1xs+9G8lBDI8r8 --QIFZLdb2AWJ3rrPhysASGwfZN4o6DLxlZ7SEI5KeNtyFXp0a -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C22 --PeerKey=KAS-ECC-CDH_B-233_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0077c4ea1095fadc4cb4190a3fd530c7d15325e5d79b8e8a2b708e2344cf -- --PrivateKey=KAS-ECC-CDH_B-233_C23 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AOCT3HsMlW70DZC14LMZ5 --Th5Uqo+l8qMx7hP3hFChQAM+AAQBpONajDJxfyqqPu7xd4SOWA4P7WyAloaPasxO --HAkBNydgToHTqdk9JD/nni24pEIzSo6hhSufg8rhvD4= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAaTjWowycX8qqj7u8XeEjlgOD+1sgJaG --j2rMThwJATcnYE6B06nZPSQ/554tuKRCM0qOoYUrn4PK4bw+ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C23:KAS-ECC-CDH_B-233_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAV9yPamjjC2lBiwX0Lg3Ui98aceT95wX --+2ll1EoDATKxd2CsLiu5+BPtd5DFzTqg04q2Ti4nLd9KTCwa -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C23 --PeerKey=KAS-ECC-CDH_B-233_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00d9eb3c79cf442595dad03ed4a38daf358b97d5dfc01cb61ff200a47958 -- --PrivateKey=KAS-ECC-CDH_B-233_C24 -------BEGIN PRIVATE KEY----- --MH4CAQAwEAYHKoZIzj0CAQYFK4EEABsEZzBlAgEBBB4AkK3Asgfa44FiLPkuBLzn --R5GA7G4XcWYvXDF5vZmhQAM+AAQBBq2/m7/bMINZin9tsukdLnwXT3BfwhZjG30F --7fIBkNhMpvRpX9vKQNJqdJmKBcPXYdvwiYG2RcDqI54= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-233_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQatv5u/2zCDWYp/bbLpHS58F09wX8IW --Yxt9Be3yAZDYTKb0aV/bykDSanSZigXD12Hb8ImBtkXA6iOe -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-233_C24:KAS-ECC-CDH_B-233_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-233_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAFG3C7i44jQbhoIdVLl0tpa9pEOst+pl --ll0n0qxwAMd4Tu+InEccnSaz4N4krStL+Lu6b+GPUaQSGIBY -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-233_C24 --PeerKey=KAS-ECC-CDH_B-233_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0124c19cffc0b9549bfa378a548e8ce11ee7fca28d2d898de49ae1f2ff61 -- --PrivateKey=KAS-ECC-CDH_B-283_C0 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAvQ0VYQiRqLMjsBo6dbG --5BYPa6Tjtdgx2Twdqo/T1almDHuxoUwDSgAEBWHklVYwGBaYBNTI4kNbSv2F2jdt --kUtp05JG+OBhE6oy5kLSB4Gn9Z3n9C9fnWw0gfM/xd6zV8bs9MdY43DSQ13j2O5z --dwP0 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBWHklVYwGBaYBNTI4kNbSv2F2jdtkUtp --05JG+OBhE6oy5kLSB4Gn9Z3n9C9fnWw0gfM/xd6zV8bs9MdY43DSQ13j2O5zdwP0 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C0:KAS-ECC-CDH_B-283_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAlBOGheBnTnwEKSmmgVoKZQCtY+USjhM --fRpiyck+pNH/MA4TAmUTL3tMZLdLkXntDy4hH0Mo1iVAUCL1VBcNqTK4D998GqsS -------END PUBLIC KEY----- -- -- --Derive=KAS-ECC-CDH_B-283_C0 --PeerKey=KAS-ECC-CDH_B-283_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=065194e26090e74047ee75f13f9769d20e1b52189650011e283daa090732cc53755dc366 -- --PrivateKey=KAS-ECC-CDH_B-283_C1 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkArlB5pLgqYTF/6iDyfn4 --JWpDqx/RrZeCpC5CmpTpEOSCuRwjoUwDSgAEB7kK8Ra3N9kAjkwY9q1TnSnuF5AA --ih2vLoVvpnLspKr8lspjBqr3jQ8gZXt3uXzKMOq3m2eaOqqQsQkH+XnN6YjOcYSR --AQwq -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB7kK8Ra3N9kAjkwY9q1TnSnuF5AAih2v --LoVvpnLspKr8lspjBqr3jQ8gZXt3uXzKMOq3m2eaOqqQsQkH+XnN6YjOcYSRAQwq -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C1:KAS-ECC-CDH_B-283_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAWI6lnXoxANm4mEx5Hsa8GyLM6z16S9U --ZEgW3LhEOCyUTMIfAp0oD01MDF/XD34kCVlQEovqPK48pG9qX3C3Of4amQJogE44 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C1 --PeerKey=KAS-ECC-CDH_B-283_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=075c535cc70de19c92d7314afa2f33200903431f6990ad40ac31dadaf4e492a799b75b05 -- --PrivateKey=KAS-ECC-CDH_B-283_C2 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAofeFyulDzJ7/H1ajAFW --0lofC59x04mFLy47WHQGy3TvO9BBoUwDSgAEAKA0kHZfyQwjVTwOK3nfojK1GnPy --FVTl6xjaTJlNkl+O0rvvAwT/1BxbCrKnC4IYjo8VeNarfTzjzjT6RdzDIgfxY+kc --XWgU -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAKA0kHZfyQwjVTwOK3nfojK1GnPyFVTl --6xjaTJlNkl+O0rvvAwT/1BxbCrKnC4IYjo8VeNarfTzjzjT6RdzDIgfxY+kcXWgU -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C2:KAS-ECC-CDH_B-283_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB7g2lyhDL3Uo0+7IpniOac0uuIFixHUS --dC7g8CfMtBV6KKIjBZhut/EJqh+FVuuivciOSRO2Xv+5ROrmOWNsun4B3DcYvLNh -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C2 --PeerKey=KAS-ECC-CDH_B-283_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=02956f63d48a49a330e2068955cc2886dbfd5bf72a81b10ed83f2d758dd315eca172927d -- --PrivateKey=KAS-ECC-CDH_B-283_C3 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAVO7uKPOShuZlg9WGGq1 --Agf1iPMMlL7vKECEI7pE/IdfrzjYoUwDSgAEBPLCRUiZYjrxO2WCCroUVzhAf3cY --arr6UtJLNb/fWAj/6uB2ARH0SEYK0kMKrseI3ikVSEdaHlg22sUg2OSTyfYBJ15w --6inS -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBPLCRUiZYjrxO2WCCroUVzhAf3cYarr6 --UtJLNb/fWAj/6uB2ARH0SEYK0kMKrseI3ikVSEdaHlg22sUg2OSTyfYBJ15w6inS -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C3:KAS-ECC-CDH_B-283_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBzsJKipNfJoXu4jnW0Cp5OQ7mYE89haC --1JuSkFwt1gZ5Cu05BWatRSotjvCjJ86OKFYUb+yvCeRDHMwEJWoHf2BwHORHa22s -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C3 --PeerKey=KAS-ECC-CDH_B-283_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=068a3f6938c44b797524377508585842c6a7f1af5ffe9131dd3ff786ae56e1739345d3d7 -- --PrivateKey=KAS-ECC-CDH_B-283_C4 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAyrA3LmqOXJAH59YhF7X --Zdo2t9b3c1V3m/skOYJ/81VqdXgcoUwDSgAEBxWchrnGrbIWDCjYYRj4RWSpDBSe --3igylGNnekyHcp+JfC+YAIp4Fn4WkGJZkrDvwuDvb21h6Bg3yOzf2rUdFTQON+fY --0FEg -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBxWchrnGrbIWDCjYYRj4RWSpDBSe3igy --lGNnekyHcp+JfC+YAIp4Fn4WkGJZkrDvwuDvb21h6Bg3yOzf2rUdFTQON+fY0FEg -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C4:KAS-ECC-CDH_B-283_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBFXoe8Iwzn/FhjEt0gfFKeR+PHTMDOXQ --c/v0sclX+Mu9kRO8Ah/79i+yUx2znvLQvc4NnBQckunNymJ8qjm1k/xKAhDo7kgf -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C4 --PeerKey=KAS-ECC-CDH_B-283_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=019b48d5eeaeb05b58801ae8f345ad9bacb91daac885e506949b849ebc67bcbfa308aab7 -- --PrivateKey=KAS-ECC-CDH_B-283_C5 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAmib8hR10y/nGnNV79mn --eHyqlUXr64U+UYTOQhUkKQUfQMvEoUwDSgAEANflvPrFePzXKBgGRRdtfgiLaNMw --ognxi5aGYv7RY0KzkhogBvdQs7XpjgCZtpWWWqHRZHXRB0+SMRJ+1wPiaW1LVq/e --u86q -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEANflvPrFePzXKBgGRRdtfgiLaNMwognx --i5aGYv7RY0KzkhogBvdQs7XpjgCZtpWWWqHRZHXRB0+SMRJ+1wPiaW1LVq/eu86q -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C5:KAS-ECC-CDH_B-283_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBlLMyJIfQ5r0KiMBI2tYQ6QvH9mez+G0 --E0w94BTNx2A1NHzAAzQdgHSfGl7J96xiUjhP79OLbyu83Bj+vobBYPXnjAA/Bm4G -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C5 --PeerKey=KAS-ECC-CDH_B-283_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=061b3bef1766460f6296ed47d39ebf5a710d202d2b7e7cac0f0d3b235405eece99aa30d7 -- --PrivateKey=KAS-ECC-CDH_B-283_C6 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAQUgQpiN3fRw0KLjb/9b --k+xp9NJAqON8BkzE1ZlGe6J688nxoUwDSgAEAMfJ/3fgGLiAG934hnAlVrEmptmh --gxofYPNYcuUkwTTVU+SkADXXZ7WLSZ2ftUViw4MEEa9Z5wiKSjMz1dx/5bD38eHF --46wr -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAMfJ/3fgGLiAG934hnAlVrEmptmhgxof --YPNYcuUkwTTVU+SkADXXZ7WLSZ2ftUViw4MEEa9Z5wiKSjMz1dx/5bD38eHF46wr -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C6:KAS-ECC-CDH_B-283_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBiMxuTOvtDhPo6TSJFUa6BILxV/H6nPy --vnSeIXr8ThunnnYPAr9RxE+DYcMFTK1kD5JEb+OCCwY89LsiyhfAonT9RvUFBPvs -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C6 --PeerKey=KAS-ECC-CDH_B-283_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=055d579458860a3dd92ac6570847632f04460755c22a4c432cf4dde9611d2ce1608ca185 -- --PrivateKey=KAS-ECC-CDH_B-283_C7 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA7ua1fpVLTjRp3y1U8Yx --4tCUDbawTwvXAR6nNb5Q0EXampwdoUwDSgAEBocHGAXCWn0LFzn3z2gbLylcT52J --NzUdIdHUP2NOmlcQW/EnBjO6IYcuN5xQ5Eg3KxwOZehdB+3XEtfcBvppopn2A33s --5mDc -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBocHGAXCWn0LFzn3z2gbLylcT52JNzUd --IdHUP2NOmlcQW/EnBjO6IYcuN5xQ5Eg3KxwOZehdB+3XEtfcBvppopn2A33s5mDc -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C7:KAS-ECC-CDH_B-283_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAh6C1q9tMhGYF2/4mGwrx4agCBMmzIXw --JrcbMqwGwLrmtMuiAelzP6nSmWEmlCDbJO3A1a4oXXjJrhSzixAZ8TZS8ZAnfcR/ -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C7 --PeerKey=KAS-ECC-CDH_B-283_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=054fa7c6c84fb89e5892d9194540860ea31ae2b6e37a86971344230ea512a3f6c0569216 -- --PrivateKey=KAS-ECC-CDH_B-283_C8 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkATOqRF3IDX1aCX0doR1R --DmVxp4O0+yNUAnF9aLqP0UVOazGfoUwDSgAEAtJuRqbtn88dL4nGPYDgFy3ttPWu --3f8JKDaqyFmQlIhVV+rZB9ZxOXRwHBYK7eyPlOZEa/fTx5DL/4cCzHhAp4GOW2Ji --cfcj -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAtJuRqbtn88dL4nGPYDgFy3ttPWu3f8J --KDaqyFmQlIhVV+rZB9ZxOXRwHBYK7eyPlOZEa/fTx5DL/4cCzHhAp4GOW2Jicfcj -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C8:KAS-ECC-CDH_B-283_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBF1i0B217xc9DP8xWpKpoQXRrXhP+bCO --ch81gOBiZf9TihlLBrdkwf92mFSWuURRt1bE8w/fxjjYmQMSu+zL+9c+jFqFWtt1 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C8 --PeerKey=KAS-ECC-CDH_B-283_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0353ff03afda3772984aadc4000e1275656607154b06c3a59c664945fa6fde1c255ffa86 -- --PrivateKey=KAS-ECC-CDH_B-283_C9 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAEZh8QeptXAEXduwc4q2 --mxwXqazBHaXax/2GSz38NqJSgtaqoUwDSgAEBhurvv7lIRxJF1Bs5fn549HlKyUG --84ygluG2U8qftp9GEFcCABS/0u8ii1oD4mIwweiXrQgacEATzuVRZspG3jlfxS9d --ISA6 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBhurvv7lIRxJF1Bs5fn549HlKyUG84yg --luG2U8qftp9GEFcCABS/0u8ii1oD4mIwweiXrQgacEATzuVRZspG3jlfxS9dISA6 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C9:KAS-ECC-CDH_B-283_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBKVhtRhK3tnHvZho8wQ7Xi3lGQj5wD1e --awijCIvMUO4yA+JjBYFbV5/13sb6yXe6cIizM79MAjHaAhh07gDXH+JdP01QpXrD -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C9 --PeerKey=KAS-ECC-CDH_B-283_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=050795ba093d2e02398c358951f20c9e3b4f60628a96a4d0c46cb8fc0005e5331b38a09a -- --PrivateKey=KAS-ECC-CDH_B-283_C10 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkADa9IfhKudtvS93JRjXx --n4CssoE9pTmeB3eDLC/r3HGGKr4zoUwDSgAEBo7jJFdU1R33eABGrzmstAfEmYxi --C/+U+zdPr0tJgAbuoM+IA2akSfCez7rsxJ2IAwf1ckbBHFvqAK9CcYZ3qN7xXlkm --2hgi -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBo7jJFdU1R33eABGrzmstAfEmYxiC/+U --+zdPr0tJgAbuoM+IA2akSfCez7rsxJ2IAwf1ckbBHFvqAK9CcYZ3qN7xXlkm2hgi -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C10:KAS-ECC-CDH_B-283_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAdfXU2zYOD4cCxuKrgK6qf0sTmiyGAjB --dU0LFRNhFX+BJFkwBzA02kFnl9qVo4Nu7yex+icfWaQ0hI6YC60v3VP/0eNm/2kX -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C10 --PeerKey=KAS-ECC-CDH_B-283_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=02ab08d63cdb4be2502558e67eab27570f2d029e7f981d153b973080585d01e42f7187d9 -- --PrivateKey=KAS-ECC-CDH_B-283_C11 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAWWXrm5J550GkDSXKmNS --Wjw+LSwlO54d0/N4FoEs9UrWXFRqoUwDSgAEBQ6gc1ItvlFAj4Xwpghr1Mjv5XL4 --Cq2t1+cOu0tyi/2/1PG8B9pSABfHrSkWonGbhViVj3fHEtNSz/nArZn7yYoOBl63 --rH/r -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBQ6gc1ItvlFAj4Xwpghr1Mjv5XL4Cq2t --1+cOu0tyi/2/1PG8B9pSABfHrSkWonGbhViVj3fHEtNSz/nArZn7yYoOBl63rH/r -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C11:KAS-ECC-CDH_B-283_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAgQvWj/l49MzW7e8253L2HFu0Y1/wv9C --l7wf63zKMQAi4iE9B767bA4EbVr9v6h+qYyn9V6c27BV0MxUm0RY1pmL27NFF3OI -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C11 --PeerKey=KAS-ECC-CDH_B-283_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0599757e3ffeb484b32d3b47828b6823d46786d35477082ceacf3a5a11552394fe58f53b -- --PrivateKey=KAS-ECC-CDH_B-283_C12 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAV6oVnx7grSD+jZejmgc --CmNfVjocgUcLTf5E8ZT6ket4QhgeoUwDSgAEB6/isitU/olcJCwgwFSYn6gE5ZGX --DdqKfOEJ1r0xttqo8vx0BgczvVpOqbXqcJCs/ukYEGt/JScvP3yzbto4us0hN1YQ --zeko -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB6/isitU/olcJCwgwFSYn6gE5ZGXDdqK --fOEJ1r0xttqo8vx0BgczvVpOqbXqcJCs/ukYEGt/JScvP3yzbto4us0hN1YQzeko -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C12:KAS-ECC-CDH_B-283_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBnr994j49IMcPH12BNB6W9xZ2kLZMnMf --r16vB1MoCWaraTeQABs50dhytl4xJRwfWE5P4+111TrZDoNv6QyNuU/nfO8LynIE -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C12 --PeerKey=KAS-ECC-CDH_B-283_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=005e331af55e96153d8a7b906a4a19016a26381977b49f80b9d70db099053c6a3b8e80d5 -- --PrivateKey=KAS-ECC-CDH_B-283_C13 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkACkR2TjZUIrsy5h34SfR --sUYaza7QNfIOD3RMd08ccnA7XEtJoUwDSgAEA4a/3+YDc74RS0F8Tc60QyI/3mfA --/vKe0PhntaFfXqDMtNzKAvrDjshJTPdXYjPsgoLeOEtn8MqASAhCAQOdGUyL2k9u --Cv8+ -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA4a/3+YDc74RS0F8Tc60QyI/3mfA/vKe --0PhntaFfXqDMtNzKAvrDjshJTPdXYjPsgoLeOEtn8MqASAhCAQOdGUyL2k9uCv8+ -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C13:KAS-ECC-CDH_B-283_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAYhmpPovfCU05WOikd6HGoswUqZ09dvC --O53qDozv2garwyyPBY3Ezxv5hdG1ZpcIR8umuKT0DH5ipYCLByC7uM3ztFMeOAvn -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C13 --PeerKey=KAS-ECC-CDH_B-283_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=07e132ea71a16c7cc261b9d6ff6fc52cc490da616b07d92f9e591fc1e630d3442572338f -- --PrivateKey=KAS-ECC-CDH_B-283_C14 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAWYvVUhWwCCKMbGVFI+C --jgtckqTqTAMySL6/lXtYa0Ce1ZhQoUwDSgAEBwVSZMPeOmItJv561wC96gRdSzzn --GPTmrkTPN2w6lqJlCzIhAPRcwROGaK3IFQ03wHK7QkVmDBh4VoPHsXqh+4WRumza --I2V6 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBwVSZMPeOmItJv561wC96gRdSzznGPTm --rkTPN2w6lqJlCzIhAPRcwROGaK3IFQ03wHK7QkVmDBh4VoPHsXqh+4WRumzaI2V6 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C14:KAS-ECC-CDH_B-283_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAAVx177wVgiRcvE0I6WFq5efS49351LA --QsDGUmO0dpgeXzFXBEvKaT6dOxp/pq1C2382saZXEtCe87txXiZAoYL0NmIGhsCk -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C14 --PeerKey=KAS-ECC-CDH_B-283_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=010f26817098ce1bbd6743784d6fb65e60699c14933a2c8d854027aa58b58db9e66a53a7 -- --PrivateKey=KAS-ECC-CDH_B-283_C15 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkASwBAKmWPuF9es9N344C --2K5187mRFPU2avtKAK3po8DuOaiHoUwDSgAEB3lPoZxrENOZ4PUtNvSDx4UYSOYr --rPlbWvUeygmtRF7hnvNNBhQNLuFs0KbLGWBQmnzMZkvpdkSpWuFvShc9moZwFfCD --fwVg -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB3lPoZxrENOZ4PUtNvSDx4UYSOYrrPlb --WvUeygmtRF7hnvNNBhQNLuFs0KbLGWBQmnzMZkvpdkSpWuFvShc9moZwFfCDfwVg -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C15:KAS-ECC-CDH_B-283_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAW60u7PDhuD0L7A3vuR4xMDb++Vcxo4z --/bApueXnJK/0/Yv2AlFDL4RWikSXHoarcV04eeYU4Qclc174+2ZS0HnHkI8RvR8B -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C15 --PeerKey=KAS-ECC-CDH_B-283_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00bdd8ccd1b40c5bc2efc1c105999350fefaf784710914ff639582f1277678699491140c -- --PrivateKey=KAS-ECC-CDH_B-283_C16 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA0XCdrBezp58hoEfjIr0 --iyLbQdQGYnUAlhG4gNfSzvMpxQ6CoUwDSgAEAHr//PoxwRCqs7s5RTCkHEFq9Wa/ --uo8Vn5hEN+eZ3dqvjN/SBl+zxoRGp0BourfjargOmEcH45pKFD9aRtZGNC+fEvJq --Mikb -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAHr//PoxwRCqs7s5RTCkHEFq9Wa/uo8V --n5hEN+eZ3dqvjN/SBl+zxoRGp0BourfjargOmEcH45pKFD9aRtZGNC+fEvJqMikb -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C16:KAS-ECC-CDH_B-283_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAkF8ZWlNhQx8hm9+EWOaX4cYypqrs5L6 --hhDi1dfdozdaYH+bBRM5ONyZFE0W6nUlw/5OMuMg7QdbllJ+E7KpnJ8nrenvnty2 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C16 --PeerKey=KAS-ECC-CDH_B-283_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=014a83e747c90aec6101c0a752d92eef7475b00051ecad3d7c2e50cf4eba1ef3c80b8c94 -- --PrivateKey=KAS-ECC-CDH_B-283_C17 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA6/Vr/o0a1JZaX2SF5Uq --/NA93+wEYxvZlcEKwlg7DKjSRh9doUwDSgAEBrTCw2FbJmVD3hiciWz/d7VVfHgs --IVlhrHMkGF/JqBCY8uvqBH/vGWBzmuCu45o//bguiQ1CNvwi2tOV1JC8Ol7qWOjN --A+27 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBrTCw2FbJmVD3hiciWz/d7VVfHgsIVlh --rHMkGF/JqBCY8uvqBH/vGWBzmuCu45o//bguiQ1CNvwi2tOV1JC8Ol7qWOjNA+27 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C17:KAS-ECC-CDH_B-283_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAMXWFJ+HF0ujf0wcb2f2kFq7MZ9Sa3qh --vh3SBd+TCrHJG7H4AMLiHhIGzUu1tiKr6Xyj8lLLxo0FSnf466utWT+xhjMGkov3 -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C17 --PeerKey=KAS-ECC-CDH_B-283_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00afd29e352779a39021536ea50c24fa264c599f8f8fe8f2ccf0615a6547a064d7c1a150 -- --PrivateKey=KAS-ECC-CDH_B-283_C18 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA9V3H4SFw7i+YqVvOTZR --PjtjGlYalCYT35UUD0cyFN9hfExOoUwDSgAEBZBsxFKbIgIo77sFRb9V7APIb4fi --9OOjy/QE4HtzpbGl9SjNAWWI5IDEhWzS7pqvHjAoEvvAsz9SfCm3fOD0h46gidAl --pEDA -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBZBsxFKbIgIo77sFRb9V7APIb4fi9OOj --y/QE4HtzpbGl9SjNAWWI5IDEhWzS7pqvHjAoEvvAsz9SfCm3fOD0h46gidAlpEDA -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C18:KAS-ECC-CDH_B-283_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAXMETlvmOZfXkl5DG78ATPDwuoWqKVo0 --Ho9YV6EgvonXdlPpBzfMBJaQ+XCCSnsMICJDloLJ2C9PI+SOXwf+qWJnyjvU1zCl -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C18 --PeerKey=KAS-ECC-CDH_B-283_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0477990f17d65589289c28e54a56a83bc05ef4ea6863c5ebe840925c9fbef64ccd6e69a4 -- --PrivateKey=KAS-ECC-CDH_B-283_C19 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAOLAxgL7EyOZ7p8xAINl --6iLMEmD3n+OuYQibim+kVZyska7IoUwDSgAEBubjGMDEwLZh39PnIgkOzTL9yco9 --Fo2ccXTB1Arbss5nLZJSBAvcHbx7Fj98lVH0faqClKwtxP4NRyxOLyz+/JXVI/9Z --4OiA -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBubjGMDEwLZh39PnIgkOzTL9yco9Fo2c --cXTB1Arbss5nLZJSBAvcHbx7Fj98lVH0faqClKwtxP4NRyxOLyz+/JXVI/9Z4OiA -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C19:KAS-ECC-CDH_B-283_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBoWH5p3t30tVrFHyoX3Yv9b5TnIQAyFC --Fb+ySySCgedaPGWUBE7unHArxMHiEMfMIUUkWSVorA+f1n1uoCtNw++0LPuyJj2s -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C19 --PeerKey=KAS-ECC-CDH_B-283_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=067a661346fe052ca27f3f03e75bbdfc8fe6d0d85c62c8f79525252aa241ae9de97d56c3 -- --PrivateKey=KAS-ECC-CDH_B-283_C20 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAy1XP964Wk2iKXiWYxQU --UY1LoH3E3XL3MXKIkNC0TTbyMJwOoUwDSgAEBvb/6gqHvZ7rU5xIo/y/OIFZhiJZ --x/eEDmSAn77bAag4EsDGB8eVuPKEf8OfpWwt4ebLv0lFCHyy47kZ3HdrTMHIPksc --ebi6 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBvb/6gqHvZ7rU5xIo/y/OIFZhiJZx/eE --DmSAn77bAag4EsDGB8eVuPKEf8OfpWwt4ebLv0lFCHyy47kZ3HdrTMHIPkscebi6 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C20:KAS-ECC-CDH_B-283_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA/EibYAsV1+HGiE7gVD3gYu9YlZjtz5y --CnN/BxiWCG2gsUzZB9HLDOGcmKY6r3sxTx9XIOMohwUzhKwPXrabbEcajj09Fudv -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C20 --PeerKey=KAS-ECC-CDH_B-283_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=06476b0620eef165941a4507e6d798d6f150ab29333c0552281b629170d3291b2f9b3f41 -- --PrivateKey=KAS-ECC-CDH_B-283_C21 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAKaqy13T6DWBT0UtggfR --WlM2OPcOlPh8Bhlu/4g41I7tLiZ0oUwDSgAEAt0Ak6jUGYMfNLrGxgpXDFHQjmmb --GByWS2Z9DRftcqSRGazZAakZdr5dXgN/IjUNZ6t7+rUbvE+mAm00fSj7RAe8zEDd --EKAO -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAt0Ak6jUGYMfNLrGxgpXDFHQjmmbGByW --S2Z9DRftcqSRGazZAakZdr5dXgN/IjUNZ6t7+rUbvE+mAm00fSj7RAe8zEDdEKAO -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C21:KAS-ECC-CDH_B-283_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAqkR5+bS/HcNHqvH33AbsRkISmhZANIt --UtWY/h0o/IkbMbSHAbjcZxPKRT6RsuxOTR+DSwjuvH6IhsOkWOcJJSQsSyK/CyBT -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C21 --PeerKey=KAS-ECC-CDH_B-283_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0746719f2ad08f8a8d6d6fbf15723f336285ce75d3a2fcbd5a0c54c577517a22bc264161 -- --PrivateKey=KAS-ECC-CDH_B-283_C22 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkABEvsqtWRDdlZ2oeQbPL --kesaZ5DpZO6QDPySlWNrpMb6h6rSoUwDSgAEA/UH2ZzCSY4sf1T7PJwDLzglSOLj --Fo+hQBJaUmBIVo87s+WhBScN9378fWxV+SWbyCJzyba982duE8NgGxswIrli3hEp --yzsU -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEA/UH2ZzCSY4sf1T7PJwDLzglSOLjFo+h --QBJaUmBIVo87s+WhBScN9378fWxV+SWbyCJzyba982duE8NgGxswIrli3hEpyzsU -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C22:KAS-ECC-CDH_B-283_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEB1QapR1zAuK7VXwn7BXX+cOuO3bsL4bL --lejerX+ga1eDl/HxAX6iL2tUdPD18PTq1UFyBkBRU40+IypTDfyl8qDcZ3Rsi7Ha -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C22 --PeerKey=KAS-ECC-CDH_B-283_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=03cda4b5f44b5d3dc248310f994419fbcbd665115d1876046652251ad4aeeb1dcf184288 -- --PrivateKey=KAS-ECC-CDH_B-283_C23 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkA+TxxPMOKo1v1Vn3/ogg --6IaUneh8AdjrZMe0DxVIy2F6kmAzoUwDSgAEBeP8VuwWKIXBKR5K6cGcjrK7VZ63 --7NWBdUm1ouo6ZtlRiAqmBMAE8q5NtPdItDe8EV4G6iAXqHeYKY3WAEYW/P/cx+wt --/W25 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBeP8VuwWKIXBKR5K6cGcjrK7VZ637NWB --dUm1ouo6ZtlRiAqmBMAE8q5NtPdItDe8EV4G6iAXqHeYKY3WAEYW/P/cx+wt/W25 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C23:KAS-ECC-CDH_B-283_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAh+xTlLNQkOlIPYwIpsd1pYcSb2W9D+p --yuN63YTaeuctwweOAN1ji/kFP61qpP8tMwuKSiC/4wIPQLlpIwLQsKPC2HeFbsRq -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C23 --PeerKey=KAS-ECC-CDH_B-283_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=015c892f95768a96ab5a4f9523b7fd466e101f63b88ad8f1fecb3027cd70aa00735dcc90 -- --PrivateKey=KAS-ECC-CDH_B-283_C24 -------BEGIN PRIVATE KEY----- --MIGQAgEAMBAGByqGSM49AgEGBSuBBAARBHkwdwIBAQQkAK5+s9QDVPn4/tGPIWLe --44FWyuBTW1U3DaNjjwFmiuz5cIvmoUwDSgAEBh6IWONo2ckX8SnZMt3EzKUh/0Gf --HXQjDoqlsbPpzmf0HEtMArDX+9xjajvDS73SqJKRtWew+yrzI4OGi9QNS6TKyYgM --JUC4 -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-283_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBh6IWONo2ckX8SnZMt3EzKUh/0GfHXQj --DoqlsbPpzmf0HEtMArDX+9xjajvDS73SqJKRtWew+yrzI4OGi9QNS6TKyYgMJUC4 -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-283_C24:KAS-ECC-CDH_B-283_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-283_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEANCO04VqvvfUpiJDyS1uZwzrOvMjV/25 --05wZF1oQ0curNs54BdufrX/Ir+eci5zkjmL/oNRrgFqeWCHidhwlwO26krEgsGPy -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-283_C24 --PeerKey=KAS-ECC-CDH_B-283_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01adf5a96358e18d69fd383b4dc7b20dd646b68a5c9f1417bcf426240ca22b8f32bdf1a4 -- --PrivateKey=KAS-ECC-CDH_B-409_C0 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQArOkhA//iYqwXrUKk --bUNm9MtMWA7/OrHd5r3f27c3SBHVKx+pkyC0r11OkgjBTrjvqJFsoWwDagAEAE68 --TUrPm0BNq8OvPoy+qLiLMpmdPst/NnsS6zpigLhAA44iaBY3p9FkNuAU9pYWq/cu --RQCeJBCVQcgCQhfpqyyWP6njc2QAlabCWibu+sWOQ0LAyFRIsnCVkqEkAv4raKeT --xVjOjNY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAE68TUrPm0BNq8OvPoy+qLiLMpmdPst/ --NnsS6zpigLhAA44iaBY3p9FkNuAU9pYWq/cuRQCeJBCVQcgCQhfpqyyWP6njc2QA --labCWibu+sWOQ0LAyFRIsnCVkqEkAv4raKeTxVjOjNY= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C0:KAS-ECC-CDH_B-409_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAUaYmlApe+Nz3WZcRUVaKuTCIdpc1CQA --e9l/no6Eb5Z0Dz+ljDyUEpZxzdTX6mUKKq3p1wG0K//ahDlGoUrWCA+VuPxrfhc1 --KNCO02/mQKr4WqAPte3VkFo4s8eWG3cit3uNy0S7JfU= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C0 --PeerKey=KAS-ECC-CDH_B-409_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01d48a586be9285fa38dd3e70b0330b0ffebd327ceefef88fdc1521ef2fd61cbc9124e03b0c926e70fa56acb3edb54c3c48fab2b -- --PrivateKey=KAS-ECC-CDH_B-409_C1 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAP/IvfXwEmYmkPg6j --9dYXmBWcF4qnktedH/6/+Ntw7h/eBApLXx7TP7P/I8ROfGshsGI7oWwDagAEAdXJ --Jg5z6jbk3qqkuPRUH2eAZraQdxqG8NrcWA/biVmB5t0C3SZO2fnBdjvVSmBSotPb --pwEacGgmNl7OKOOLM2ILygFtLZM4UY39aGg3BHbay0HjuUdGV2nr6BtiBzFnNXb3 --dFHQ/hQ= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAdXJJg5z6jbk3qqkuPRUH2eAZraQdxqG --8NrcWA/biVmB5t0C3SZO2fnBdjvVSmBSotPbpwEacGgmNl7OKOOLM2ILygFtLZM4 --UY39aGg3BHbay0HjuUdGV2nr6BtiBzFnNXb3dFHQ/hQ= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C1:KAS-ECC-CDH_B-409_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAX6fAbHW5XAjKDMNIyod0/LFksxAn2yu --8HCEQIN/NZdRDxEZVKpR5WRsz0fv8fB6T4rhywA3FPbqH9FDznUeLYW69UxVI5dh --CO1IL9auEDdDExynFgJrFqHkliMfmRzcj220R/X5X44= -------END PUBLIC KEY----- -- -- --Derive=KAS-ECC-CDH_B-409_C1 --PeerKey=KAS-ECC-CDH_B-409_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01856c92b46d671d8a7f6cc468efb60a61093d006c95bb931c1fccc336d4a8490fe17fe163c972bac39fe728f24534a0c34d2d21 -- --PrivateKey=KAS-ECC-CDH_B-409_C2 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAlt4sOSnECF+cwdN3 --jC2/Pbfw9357p7vE5AjH1l4si4iwdV8WC621JOdpfFDmDI2Z5W2koWwDagAEAZxH --15kUyL2udU7F7B6ByP8ympOOaXHu48lFxOv0ieFLFeYTVhbImMgLewa4r2cGHHaa --tQAAiAIrT7DnVOxPq4z0/GNiVUJnVfqZtWgFwV6sBDJRVdzL+kFF4WHEDxib26o9 --0+DD1sk= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAZxH15kUyL2udU7F7B6ByP8ympOOaXHu --48lFxOv0ieFLFeYTVhbImMgLewa4r2cGHHaatQAAiAIrT7DnVOxPq4z0/GNiVUJn --VfqZtWgFwV6sBDJRVdzL+kFF4WHEDxib26o90+DD1sk= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C2:KAS-ECC-CDH_B-409_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAYPuNVqTzROv8XVqCOWOIZWoJimNQ/bQ --e7HDgrTlaNAICTkmAAnGr8vtDyMlLgHW0UxtjwGyMJs4GcJFSkitJTrJe848ebUf --UO1oA88FRkt0paHeIhE+I8AYxc7ZGG3bmBxini6ds+4= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C2 --PeerKey=KAS-ECC-CDH_B-409_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01972e225e08b47512e92c0da9a1bdddb1802be402222cac5788b322e101feeb06b66b2fe726c1cd8aec92e02f37d15f4c97e64d -- --PrivateKey=KAS-ECC-CDH_B-409_C3 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAq9XWHN4xGAMBwmnV --KvhWuqObifXvRTZ/VRkhDHHXezGNBT7AwvSb9G3gXKvyPH0r19I/oWwDagAEAafv --PRfDAehmG6ZsHN7oKptE1xaQnjZjtCPcBu9r5PYWzReTIc56Vy2kvKLom3aO3IRZ --swDfdDhJogvDAmBitCDTlC8Y4tbFMH5uGVXjOwnVlR3FmzGisdWMIz4siW4tnMqo --7rjo8RM= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAafvPRfDAehmG6ZsHN7oKptE1xaQnjZj --tCPcBu9r5PYWzReTIc56Vy2kvKLom3aO3IRZswDfdDhJogvDAmBitCDTlC8Y4tbF --MH5uGVXjOwnVlR3FmzGisdWMIz4siW4tnMqo7rjo8RM= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C3:KAS-ECC-CDH_B-409_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOhd6dY+NOXHu6b/mxb0yE2V8R3+khB7 --H77K6Yzm7/PblthpAL/SLNQj284eVya+jll5MwC3FBdx98gW1V7IxTgi0uehkvpU --oX5bmbLZCWG1Spn+1Tq6S9oaQHStPSP5yREgV5W1RQs= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C3 --PeerKey=KAS-ECC-CDH_B-409_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00b6661a866abbf1843dea8f220e360fe7cd7d9e85c316138fd2532a57d7d2a6bfe6e5518019c603a2d0e338ac6a8690093c2883 -- --PrivateKey=KAS-ECC-CDH_B-409_C4 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA8yPI7kM8m6FdNwgG --mDSsxNk3vlAX4dGC7HZGarooLHO14+lv4QYUNkFALHLGJIS6HxLyoWwDagAEALdP --UlIBGfwIU2zqWEIg3psGJAHmT/Y1kwXC5rDASpX3e69T4jwyau52IRSVwwssFQuS --dQFUBYji/VaI0bNXY5CMH4I+7sqJQvYhbOBM72btaZHfaiL7dEEbE9BlE6ZbZOYo --Fe4CBpc= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEALdPUlIBGfwIU2zqWEIg3psGJAHmT/Y1 --kwXC5rDASpX3e69T4jwyau52IRSVwwssFQuSdQFUBYji/VaI0bNXY5CMH4I+7sqJ --QvYhbOBM72btaZHfaiL7dEEbE9BlE6ZbZOYoFe4CBpc= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C4:KAS-ECC-CDH_B-409_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMqHCsvk6zrmXt2V1pROsJDg5VBxK+Ox --Np5HMgP1Kxg4ZU96Q0K9gwlwT+1pM66dFizNfQF5bMKGvz1TrWNpdzdPg1bkVzC3 --qkOAX7UoAfc74+mzKAiYSq677Xvl455RM1sN/zR4KUg= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C4 --PeerKey=KAS-ECC-CDH_B-409_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=010889037c707d90b833d03256ff2e8a5ffce16fb3613486221494a4fee82e74625a93d966c2028d0930115494f9456cec4d2b6d -- --PrivateKey=KAS-ECC-CDH_B-409_C5 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAEz2iulSzYkTIBC8O --LaNxjlbb0oSO9Ce92yQXf2JEdbU0AK/csYh56P5rRgmk97vCFSsToWwDagAEAOOi --9OY8+8HuhEdFqz4eW+VzIEYJrs5eKLj7iriuBomEZ6lae1nAiYpBSr/ycDzLzcCS --CQENc8Q7YwFwOVEErK1sGlY9MpZjIzKhSB3cLDGDa9Gj7hpzZNf1uClduVo3RbS7 --vrgJW8I= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOOi9OY8+8HuhEdFqz4eW+VzIEYJrs5e --KLj7iriuBomEZ6lae1nAiYpBSr/ycDzLzcCSCQENc8Q7YwFwOVEErK1sGlY9MpZj --IzKhSB3cLDGDa9Gj7hpzZNf1uClduVo3RbS7vrgJW8I= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C5:KAS-ECC-CDH_B-409_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAH62Hf3fw8DQg/4iE5Z5hjgdnjDmhK/f --K6yPGjYujG1jWN+VkwYAQn38HrFBGP0SObZ7aQFbqH+YEUzsiyy0W7o9zwBrKH4H --477x2ifOCNqeT0i9JB9ZofnJPIN4hHFXUPQIX5E/T3o= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C5 --PeerKey=KAS-ECC-CDH_B-409_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=010a8aafbb243fc9466bf381eae173c01be95d88a9c131b07ed54d2f117cd3af4019ffb196ebe8290b1269622f9df26763ffa211 -- --PrivateKey=KAS-ECC-CDH_B-409_C6 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA33VUwBMv1OSiuSF4 --dfmSSlXKsxm3anwXnPAiKTdXmZbPlJILr9RT5S9dL8SAATKfvXjEoWwDagAEAWCF --HP+UfOcqEYqrTa1M4sPOm8Mwzh0G761/Yw5Fu883CX2UBR2dMQq/+o2W7SKoR8vm --kwB5o93eY2vGKvQebsDgc/5kYuOK1Lnjo27MgROixjlM7SGr3I7Flp5Y4AnqE9vp --KalnCco= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWCFHP+UfOcqEYqrTa1M4sPOm8Mwzh0G --761/Yw5Fu883CX2UBR2dMQq/+o2W7SKoR8vmkwB5o93eY2vGKvQebsDgc/5kYuOK --1Lnjo27MgROixjlM7SGr3I7Flp5Y4AnqE9vpKalnCco= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C6:KAS-ECC-CDH_B-409_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAILxSOw00dCLJueeN3LhLWWVmLc7b/8L --qxhF6aW1BxRJ7ydZ/tY6qAYkuDprLp1zm4P22wEJzqBIpyC6dJ/FIsha9f54N1HD --n+jQUVug8NPc0Z8Ywi2jkJ8C14c1qhGy/roPjTMMVwM= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C6 --PeerKey=KAS-ECC-CDH_B-409_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01e17b8844c4c757553a628d6f4c48f3a337ed2bbb6e4047dbfcfbfd02bb81c6e096f8ccbb7f2e5d10ee9cbcc960e3a99e79bd09 -- --PrivateKey=KAS-ECC-CDH_B-409_C7 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAMnNd1/EY0p+fPKs6 --By24yIbUL6Xee+plA27TyNRKEej5b04abyVIiMqyFDBRkaJt0drRoWwDagAEAC05 --4PifuHUVHuOzVPjqFZ5/um8j+Kdk1J4H70PxjTz4bhuqrgrXnUAAcJpQJS8c42Ax --NQDORKm3dbA89CsxAklmB5TCXgQisDrZurqiNhBhMlH+DlQEbgT5IQQ23TdgA9GP --mN/a4Yk= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAC054PifuHUVHuOzVPjqFZ5/um8j+Kdk --1J4H70PxjTz4bhuqrgrXnUAAcJpQJS8c42AxNQDORKm3dbA89CsxAklmB5TCXgQi --sDrZurqiNhBhMlH+DlQEbgT5IQQ23TdgA9GPmN/a4Yk= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C7:KAS-ECC-CDH_B-409_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAIPKBN+EWOXmzm4TuTfatJhSHYJvuVQS --NFZ+mV8Gg8gPQ4UW7v8M+JGKX4tSYszco5l0FwBfizwg4/4lWe/g6FoSJ235Iu8P --Qlf+cDviUp9u/7bymaGiUcAeONQ8pspXbvHgvrbJEh4= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C7 --PeerKey=KAS-ECC-CDH_B-409_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01167edf7a3c50e13be126eb2caf6b5f8f761cc8dba413246423b877df74a3aa3f48144b44cd133ad9f2d05ef97a08f7ca511d7f -- --PrivateKey=KAS-ECC-CDH_B-409_C8 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAsE8ztoeZYw1i9EM3 --x3xaa24Pdga1yHJEqk59ppjMj/HTMRtI7nyaaBK6+QVDea62HAwToWwDagAEAcWU --DC3is3NYJK4plMFQhvqVh1Dk2DEjrwR+mzwmR0bJtdkZ2iFTVdjCiygIo30MxfL2 --oQAKv+bxUQoYLv943YAum6IeZorqVzLHMt38XfkwH1iZ8CuugPgoJgHvPu/kFO8s --cm/gAlg= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAcWUDC3is3NYJK4plMFQhvqVh1Dk2DEj --rwR+mzwmR0bJtdkZ2iFTVdjCiygIo30MxfL2oQAKv+bxUQoYLv943YAum6IeZorq --VzLHMt38XfkwH1iZ8CuugPgoJgHvPu/kFO8scm/gAlg= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C8:KAS-ECC-CDH_B-409_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATEVNql0W3R15sL9ckwj2epmgDoTm0fj --riY7D7fkLjMWJ5u/YiriYlMbLiKD7MGmEnybCQHUjMx4HwvewxMJEARLdpCamr1/ --yxhAfcQvY5EvomZyCAA6stKBAq3PuT3cBTdg5Twtqng= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C8 --PeerKey=KAS-ECC-CDH_B-409_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=015c0d202bfdee2dfbd4be91625171992e6c6b1a1d06cc1b2b66ed64c9d928bd4f062912900d3f89045c7190f513d3b019a634f5 -- --PrivateKey=KAS-ECC-CDH_B-409_C9 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA1OvDHJpl7jsavZ1u --ZJV4DFTmM/WiqfYchAjXZ9CRbZHLVM/Nk3U435LPxFk44zt31yTyoWwDagAEAU36 --qnBRjzZ838qJeVoNs3S7e0B6WMqsJLpGgk3OeFAQZ9fgRn0wueH9uwp+rOFfsMII --zwGdYr4rEqF6ePbJ9+cDZpdl92PGI1/nr3jyUETpnEsbkGU2QLPwrkgaVdR9HrF7 --hsW62hs= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAU36qnBRjzZ838qJeVoNs3S7e0B6WMqs --JLpGgk3OeFAQZ9fgRn0wueH9uwp+rOFfsMIIzwGdYr4rEqF6ePbJ9+cDZpdl92PG --I1/nr3jyUETpnEsbkGU2QLPwrkgaVdR9HrF7hsW62hs= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C9:KAS-ECC-CDH_B-409_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAQwnNTD1T+F0u71cJ3GlWkLmQFDDvyUj --5ggq9HbrAleHaW7fbkON0Fa1mPUABjPCZP17pQBEPnLak7DHgl9CI8eWgm/RMiNF --6iWt898aLGlYkIwP2bE+k8wAX07LFVov/3rFT6gYB4U= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C9 --PeerKey=KAS-ECC-CDH_B-409_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=007c32383aae80e1111207894c8cc5be66fe538af4a19195742a94a4c3f5c765d9776a56177c485ddb53c038b70478959d374627 -- --PrivateKey=KAS-ECC-CDH_B-409_C10 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAJhdqr5imQzVm8dzB --kZ6URT6cvzyX4Gm0oXQmRJFn9qEImsFqECpLPkMql4v7RiVdxD0aoWwDagAEAVNf --yUm0kDAwi8Dal5PVcIh2asjPIujWwnbY8/dlDzATXh9sADAME0Ti8DBuoOJwsJqA --rwC4/D+mHcIsVVAfKmspRJRtmfe7/vvses9PsgDBAC4yLDkXLsCits4IB/Hj67Hq --NAA1MUM= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAVNfyUm0kDAwi8Dal5PVcIh2asjPIujW --wnbY8/dlDzATXh9sADAME0Ti8DBuoOJwsJqArwC4/D+mHcIsVVAfKmspRJRtmfe7 --/vvses9PsgDBAC4yLDkXLsCits4IB/Hj67HqNAA1MUM= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C10:KAS-ECC-CDH_B-409_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATvrjTbR5/U9gL7qM+/D4AmN6uqheXfa --j5qunFdueSDo9tpVogkwzmD9SQtPsBVNSSd9mQEdwdh/NS4SvbQaG3ofHlFmKe0y --PF1bJj/wNvAj8P9fci0FbCSkEfU7NH0HhthPe+h5EFo= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C10 --PeerKey=KAS-ECC-CDH_B-409_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01166107ab98db1dbe22c5888a70c992af4faf4623ef593802aedfe433809c53ef4ab0b2dc4dc2546488b356ef3265356055d8f5 -- --PrivateKey=KAS-ECC-CDH_B-409_C11 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAvz5zlccqqEwJYOXG --kCLOOQZ0BFNEc8THgpQk+B8dRLMfIOK5guJRz5/7Mnp9g09Z0ZSKoWwDagAEARy8 --TtkDaifv/In/1V+h4+rQ+5O6z6Cni8r+ORSrGpeGD+wTNMqroHJDWRYD5neRrqS8 --twEBB0xERidjCtClJY4kQ41x8mq5TQW7R9Grl4WMS5LG/xy5vma5hP6OFuRPOT5j --+dZCgcg= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEARy8TtkDaifv/In/1V+h4+rQ+5O6z6Cn --i8r+ORSrGpeGD+wTNMqroHJDWRYD5neRrqS8twEBB0xERidjCtClJY4kQ41x8mq5 --TQW7R9Grl4WMS5LG/xy5vma5hP6OFuRPOT5j+dZCgcg= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C11:KAS-ECC-CDH_B-409_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWkMdGSekuHBAE9D/W5GkL5ZWQTFbSrN --haSa8KF9NDaMh2jQOe3pySrSayYwa1/973v9GQCBJ19+L/BopsG5LdOMA0JW7XMi --sCdwKZTHT1uBgSTTShkJh/1liJL8meesuYd71v6UaRk= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C11 --PeerKey=KAS-ECC-CDH_B-409_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=007e7a249094eb52bee0115b8bd5545f81bf0b7d66998fe124c9a3dd3c5715d03b2f973d47c19af5108a2ae005fcca65e61f337d -- --PrivateKey=KAS-ECC-CDH_B-409_C12 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAltQDsPpgHJp1qn3p --/p4R1C76k9lt01EC2gXTrIB+RBlOGOeci1vhHF+znIvU4xIyWvryoWwDagAEAAmD --OUYpTUruzbb3JUykicD/E68txuLKViaDXV3SIkFEDDemNpDNEYZ1gf9htyUtB6+4 --/wBhg/7m9NbvW3I8U8lsXB7N2EZS43nJN4eNdm+DNwUAQSNZwi1HeL34B7PITluD --NQkQoak= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAAmDOUYpTUruzbb3JUykicD/E68txuLK --ViaDXV3SIkFEDDemNpDNEYZ1gf9htyUtB6+4/wBhg/7m9NbvW3I8U8lsXB7N2EZS --43nJN4eNdm+DNwUAQSNZwi1HeL34B7PITluDNQkQoak= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C12:KAS-ECC-CDH_B-409_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAFwk9K2b3LFGBoWiLaVNvd0VB+9t5Gna --QXDOMBR1eaVJRduxvOnwLkcAM7sV/Bpw+DHnmwF8qTK5CgjKLj9VxQzA4T0nnXvJ --EZxXPD90FBC7fBytEHbDukKu0c5p1WIosIL7beDu+2g= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C12 --PeerKey=KAS-ECC-CDH_B-409_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00b9d8b68642b2729340d8b7c5ed3b3a8913c4a3f6b947473017c0e105bc7edc60daa9b0732772220f93eca4878085f756e3adad -- --PrivateKey=KAS-ECC-CDH_B-409_C13 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAZxJewwmrXcfqVo+I --FaKzDPrDNmu08BYNU3OKuZXOdWgfzV5JLzqXJbTPdbpDAaeGBJNCoWwDagAEAfHR --ruX8WUykoiuButcH2CG+8yU5ZvXXeVYVdIOWFpb0xgR2pCtFK4nB7LNhVHXsnJbc --hwB1XF71WIm0Fc76DogaPvyb6G82xnYVQjtFLqtM1WEa70GY3bMa7LQ07u7BLt0F --kTrxn8Q= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAfHRruX8WUykoiuButcH2CG+8yU5ZvXX --eVYVdIOWFpb0xgR2pCtFK4nB7LNhVHXsnJbchwB1XF71WIm0Fc76DogaPvyb6G82 --xnYVQjtFLqtM1WEa70GY3bMa7LQ07u7BLt0FkTrxn8Q= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C13:KAS-ECC-CDH_B-409_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAKq/aquz6Q+VbXAE/8iTxw+OkM3DH8DH --qI8WMgVB1YRDrzlAXYiNlnZVfN05SyfcVEn5RQEn8m26BsM/j7RdlVz9tc7dqT3Y --pF20LuC5JkoFTBaoe+2tRcDZoPNbvGqnoSlWIug+vos= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C13 --PeerKey=KAS-ECC-CDH_B-409_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=017d60394c7ee64ba73db91484713370daa821255807349c237e5849411bf0bab3a1b353be3cd07eeddc5c2ffc74336225dae6f7 -- --PrivateKey=KAS-ECC-CDH_B-409_C14 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAayzCOH9pr9Q5eLf2 --a9F2ZiVwgbpNZu5qmoK3yHxKxfDrprwtmByh2p/yArpyy3/pwGzwoWwDagAEAIak --TW7k6MUNHhDX0dETqWEHUCEGeeDkyrjGImeEKTitXZM8mA7vnUZEeRu/01u6xknS --EwEdpjISYxYF/qDpP1gmsZKbK9HblQYV/LBetHvZy2nq4DscM9ep5HszWkBJgjj+ --24mZsE0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAIakTW7k6MUNHhDX0dETqWEHUCEGeeDk --yrjGImeEKTitXZM8mA7vnUZEeRu/01u6xknSEwEdpjISYxYF/qDpP1gmsZKbK9Hb --lQYV/LBetHvZy2nq4DscM9ep5HszWkBJgjj+24mZsE0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C14:KAS-ECC-CDH_B-409_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAB9P+/IvZ8FZGwp3DlY8Crpm/gFWHF4i --flIrXd4jx0jKz49KAikN4mtHdn04ilyDbT7/SwAtJz8uhRblCDiPjtIBXsn+Z8Zv --gyzysmHfrVhWEoBC+0phqRo3s0HeQpbUv2O/Z6NFinQ= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C14 --PeerKey=KAS-ECC-CDH_B-409_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00b19e052edd44421ee2f5ba845911fed9183d885da85d51dc819ca565ce574f7db257509876377b40c5a08349019563b60e13e9 -- --PrivateKey=KAS-ECC-CDH_B-409_C15 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAPgmPPxleidpx1jZw --APgEB5rcoydbLnk+jTEsjkAs8NDOUzF0L4dRX03ZzGaCRhlLlXK2oWwDagAEAQr0 --rjNLpAvWU44PCVqlb2GivStfOOlUt2F9kroQYDzcyoNlVNAkLds31eFXawvmnw7s --5wGzNVIa7DBfMU1/I+0ozAxNI/M6Z4X8bG3pPl+rzicTAvlVf20q53xScg7aWi4V --Q2RD39I= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAQr0rjNLpAvWU44PCVqlb2GivStfOOlU --t2F9kroQYDzcyoNlVNAkLds31eFXawvmnw7s5wGzNVIa7DBfMU1/I+0ozAxNI/M6 --Z4X8bG3pPl+rzicTAvlVf20q53xScg7aWi4VQ2RD39I= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C15:KAS-ECC-CDH_B-409_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAbCDPrNEBFDj+lFIwlwt8uACBibyQHQi --IX5Oy4vYp1GnK6suxWQq6Q/SnYxNeenMGRtbpQAjB4kFtqMwCf/qGhl325Q1ea++ --uHGXAFlpaynvkN2EYXdrNDoJyFOlOOTyL9+FT8vztzQ= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C15 --PeerKey=KAS-ECC-CDH_B-409_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01697512676ae56ff5ab778c411042d217ad24a24ea05bbc253e4395fecc8a07fe77ae0ca4ed977459f1a14d9b83931bccf46107 -- --PrivateKey=KAS-ECC-CDH_B-409_C16 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAfYSTE8ZJna5HKwvd --t23sRYBvguCYcjMB3zO2u7l/eUvyaHn8M8KXP4bBVRVJZBqBm1cRoWwDagAEAEgS --rxk3YwuOp9D/cjy7BbeidA/Eyb55LbIE+SlnTDLkfYXkdwuQPTKQptYsJ0yyV7do --NwCMb2FxF4a/XFTrDBsxJtZBskpmYrZ7JXMCqaYaqM1QOEa8uxsU+lyXRUNotsJ9 --0t4q6As= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAEgSrxk3YwuOp9D/cjy7BbeidA/Eyb55 --LbIE+SlnTDLkfYXkdwuQPTKQptYsJ0yyV7doNwCMb2FxF4a/XFTrDBsxJtZBskpm --YrZ7JXMCqaYaqM1QOEa8uxsU+lyXRUNotsJ90t4q6As= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C16:KAS-ECC-CDH_B-409_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXS9Iz+GHHuFPMqPWjg1dISe8s127yK8 --DhWfcTodBzh8QgOxH0wzm2aWdPzx2sGZcDvrBwHix3jMpklj2HMp5XyLyW0PZzcE --H9CH2vwH3WcOLOclVH4aJhxD+8VOFMNHPr27Mf2oRzo= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C16 --PeerKey=KAS-ECC-CDH_B-409_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=015960ea8b92bd77d52874e3ea82ed1763440189d68728d3974d4c01d6aafdbb5274648f6f3eaa4faf3fc72d09892ab038cb2fb7 -- --PrivateKey=KAS-ECC-CDH_B-409_C17 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAv6WUhWxnwoNrf7Fx --tnx6Qa5D7zRQiYAkqTE2VPzzHh4fusetUrK8Q1iXWlxhq59OPk6eoWwDagAEAOG1 --MJpEgAqRatik0ZuCpYsA7gSCSAUKbtbDPOG8lwFUfpPXyQQvhJBlS3OizX1z9zPA --vwGAsgM4dGNR+sz7mjcRpOE4RXVQu/WDFgNMbyFqU3SSY9/+I1m93NyJ7GRGqaSp --9O+QyG0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAOG1MJpEgAqRatik0ZuCpYsA7gSCSAUK --btbDPOG8lwFUfpPXyQQvhJBlS3OizX1z9zPAvwGAsgM4dGNR+sz7mjcRpOE4RXVQ --u/WDFgNMbyFqU3SSY9/+I1m93NyJ7GRGqaSp9O+QyG0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C17:KAS-ECC-CDH_B-409_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMHctzfSUwNbuR0qSoXzfQAUK+gfySeM --sjpNHXnSfI08RECyyEK8HiH2kk4U3IMbCr+4RQAMc9VoewSQzMB/ZUEBrN2zbNDC --7szhZd8nb4O+IR0B0w/1wkPwkAVy7m3wf1Od9qRomws= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C17 --PeerKey=KAS-ECC-CDH_B-409_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01127491ff33a67ffc4757416cd02a081cafb723aff52af35b069b89963e8e3ef5bc19c5a093ccf511e3c3c19be789280e986809 -- --PrivateKey=KAS-ECC-CDH_B-409_C18 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQASgIOBsQA7ySYwRHN --4VCHzaSKb7LswB2YW1fw05IZIOksQ/OraIEp3AGtKfwx1o6WIjGboWwDagAEAWci --f2KElZTtY/JH94Cy0R3ZosLHG9a3EpTPi1nOaQv+ANqbwduNHarJv/jADnvfBx/g --0wE2w+p30JPZc5++aJExixSVl3hZm9Hn1al7/IL/6F/VqaAbgvcuEfrZbS9ctXmP --We/qFe0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAWcif2KElZTtY/JH94Cy0R3ZosLHG9a3 --EpTPi1nOaQv+ANqbwduNHarJv/jADnvfBx/g0wE2w+p30JPZc5++aJExixSVl3hZ --m9Hn1al7/IL/6F/VqaAbgvcuEfrZbS9ctXmPWe/qFe0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C18:KAS-ECC-CDH_B-409_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAT2WomfRoqnqg66xsB2KziLiUcgvX1/D --71mXowEadKEBFd9g6Y0TnN02DnTXb6Ui7rVvSwFrZVq3zQ059Yj77+xU5PRQR2ZM --izvo5XqxE3cPX+DGIwD0oJ+iiZ5zu8mCMmX1XVz0rhg= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C18 --PeerKey=KAS-ECC-CDH_B-409_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01254508553eab09fbc2fafe13fa9b324d9217d7d0ba4cedbe5dc869ad68de4f87774dd17d6428ed242c71956f252969e6bd5837 -- --PrivateKey=KAS-ECC-CDH_B-409_C19 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAwZs5FmX1A1NUf8cs --ntAZ9TEWkO5B58iVqn75LGD7nzRU36xXUkWmhp8f3sdF1j6lbIkioWwDagAEAFOn --piqLQES2Cvdu+ltEQpv2X2WYfWoGIWPdVfCNyakbi7m2Jw+KAmEj+Z65NyzL3SfK --OwCt1G9+pwkvSN2qL+uWyyS/ktJij7bk983fUj5fhAEc+Kq6vWAJoT8ppjtrfuZk --xm84KfM= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAFOnpiqLQES2Cvdu+ltEQpv2X2WYfWoG --IWPdVfCNyakbi7m2Jw+KAmEj+Z65NyzL3SfKOwCt1G9+pwkvSN2qL+uWyyS/ktJi --j7bk983fUj5fhAEc+Kq6vWAJoT8ppjtrfuZkxm84KfM= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C19:KAS-ECC-CDH_B-409_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXh7MLOyBOKYaQudcR/+7xZ63FeSBotc --jUIuyQ+Uwr3ShM2/i+5kL3C9e+LakGue27ws0QBDB4+RIRApChPZAWDw5xWC+jnA --512BkOuBHUUCIARMxtaA2VapiGDm/IW7htZZkKFgxbg= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C19 --PeerKey=KAS-ECC-CDH_B-409_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=004b9accc21d7122835fc21410ed1d83767c47a54ffee5f0c180fc55f3d0e8484af3ad38020294be92f02f0ba7e2b4f4eb1db07f -- --PrivateKey=KAS-ECC-CDH_B-409_C20 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAbJCYtT0Q8qwChKmZ --AmWPZn6kyrKGmK8/oHAGobtGNjsQPEqkySwcP+dTkJf6cLik+kbFoWwDagAEANPt --9lL0P5yakqLk00uoP11+lQwoNGoqaFG/dVRwUBQKTpwcG1AOHSrTZMMGuaRK9QOm --IQCZsmxkNn8ZA9qV31FWLSUELAGhrdp1u6WL2w2KqzULUuz76YSIwmGd4BzXD14A --iVO8pUc= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEANPt9lL0P5yakqLk00uoP11+lQwoNGoq --aFG/dVRwUBQKTpwcG1AOHSrTZMMGuaRK9QOmIQCZsmxkNn8ZA9qV31FWLSUELAGh --rdp1u6WL2w2KqzULUuz76YSIwmGd4BzXD14AiVO8pUc= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C20:KAS-ECC-CDH_B-409_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAenaCtGhWsPEMfIglU7S5QKve3RsP9V7 --Ls63dIZYAgoJVmSHg1TfCqGB5X5erSyYWtMCPQCcznOlRwg0i0j48/Z0u3ZU9EHy --g9TopOyPhZLvUjlfJMES1ZQtOuCP/o2Znv3jmYiKfPM= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C20 --PeerKey=KAS-ECC-CDH_B-409_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0093e2581c159d74d11f8667ee03399208b5c1a4ee5b20070ce8d97d251ef1236dc81dd688b2f07a730e6b8aeca0c193a28b178f -- --PrivateKey=KAS-ECC-CDH_B-409_C21 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAp/o4qKuAMNa0l6I7 --3l5QB+OdFNqfgtxWSuPNtK9fz0G8/vetrbWRcebX09PDrGf3vnBzoWwDagAEABO7 --O6kdXSSIr1ctmVzvj/+x/YXRE0IejSwMOql824qTP8DT8F9GRs6EHr3PGphgS/+j --3wHy4E6hagEtSGTPLKdWSEbec6M/JFeNxNIhNZxPL4bKgjywWWv+R2Dp6ty0rVCK --saFx7L0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEABO7O6kdXSSIr1ctmVzvj/+x/YXRE0Ie --jSwMOql824qTP8DT8F9GRs6EHr3PGphgS/+j3wHy4E6hagEtSGTPLKdWSEbec6M/ --JFeNxNIhNZxPL4bKgjywWWv+R2Dp6ty0rVCKsaFx7L0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C21:KAS-ECC-CDH_B-409_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAMSSlPtxKUIiGiUAMkr3vYx+wc0bgJTe --0brAAQqGlgg/fvrsqlED1nYkmeG+SFfTIAMCgQBWT6ERCzk5Jd+7JLqaazNz9GJO --y8PhL5cG86sFQpktjbbI2Lsl+gYU1Ib20ayfPZi57f4= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C21 --PeerKey=KAS-ECC-CDH_B-409_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=008e2f1c4bad19c46a5134afccf7f4ec14ab591c8b8ea48d9c3d1e7354ab43ba20aa39a65fd92cdc176cf3dedecbf9da49a8d855 -- --PrivateKey=KAS-ECC-CDH_B-409_C22 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQAzp+Ce9JMAUw+5Z7e --90cXjWwDDBlmmtjnGLoTAr70ta0sEjNEj1J1spqJbAsuew2pIGi+oWwDagAEAXbj --EBLZxgSy0aGSKijYpXTwYMw2OIsoFtL4EX2iDAaZqwoI92+6pHbwqcQkv0yVK0dU --/QEf7cPo+Ogo4P+/Av2F0pwCAf0PU78mFMEK5RzLWMvEkAw4zEyaUthtifm4wt5O --In9OIo4= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAXbjEBLZxgSy0aGSKijYpXTwYMw2OIso --FtL4EX2iDAaZqwoI92+6pHbwqcQkv0yVK0dU/QEf7cPo+Ogo4P+/Av2F0pwCAf0P --U78mFMEK5RzLWMvEkAw4zEyaUthtifm4wt5OIn9OIo4= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C22:KAS-ECC-CDH_B-409_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATSt0sSZFy33ktlKmziV4kW4QHPDJSY6 --hYwen3zzCkTyaNP4NYQR3AqcqrUFwKvAFhML9QAxwjaxQ8oDbIg2Qff5uVf095ij --FmfEFWA0Ann84JYqIb2LtS+iPbcahPNaV5TvXgdZct0= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C22 --PeerKey=KAS-ECC-CDH_B-409_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0190a1693eebe287ec980236d8762804d23fdb6f222763a0efc364f9280fdd53394c2badcc51ff09557f3b97cae7f70d790bf9df -- --PrivateKey=KAS-ECC-CDH_B-409_C23 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQA4287mhNBmVsT/nC8 --VF0nnm2xSCySsTzozA2hwQDqL6qAOmSljMfrHP0WdXCDXFIvZZNHoWwDagAEANHK --gjk7jVC9GJipCb85Mz7KO96YsLDc7Wb4KGMOaebrEot87CPwcmAEcHMmCnZTMd1v --VwBsU1/5Q6D+dQ/Gw5kEppEroevA9GwbCCPkATx3R16imz8ySBlm8bFlvtumwXoU --lPttTz0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEANHKgjk7jVC9GJipCb85Mz7KO96YsLDc --7Wb4KGMOaebrEot87CPwcmAEcHMmCnZTMd1vVwBsU1/5Q6D+dQ/Gw5kEppEroevA --9GwbCCPkATx3R16imz8ySBlm8bFlvtumwXoUlPttTz0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C23:KAS-ECC-CDH_B-409_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAPDsly3J/f0IzY38unKYtN8tvYDCCyiJ --5mOsWMw0jL+Pn/0x/7UGGNbDjXKpnVxdLqzAAQC7C0iJPNuRXmXNXXl4BIAgF6KV --NDZUJGo3/jpg196YfmqaEKrwY9lrEBhGEszSZAfX4D4= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C23 --PeerKey=KAS-ECC-CDH_B-409_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=001469dabcf2210aa7de0040b201221eb4d1a4725431fb5a93212a66ddea4187e078f5e3d82606f6cdfc0ffe6b69574d1d0ba643 -- --PrivateKey=KAS-ECC-CDH_B-409_C24 -------BEGIN PRIVATE KEY----- --MIHCAgEAMBAGByqGSM49AgEGBSuBBAAlBIGqMIGnAgEBBDQACKBnFu1vTPco+QGZ --KPNnx3qQUkkLmouoelnNyoTnfGopmFP1SW/r5lL0ujM1AcT88rovoWwDagAEAKBF --tea7t5UElfbV1kWit9cgBnJdAiPH/3VTQCLJJgqw0tjTM3iaPcz8OolQLKUAvQwf --YQHsVW4bFiHsGJNlThmNWSPjEUeKi9L//ygMkJL/wHNyiamXSStunr+TGUdjTvf0 --O0Kc82o= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-409_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAKBFtea7t5UElfbV1kWit9cgBnJdAiPH --/3VTQCLJJgqw0tjTM3iaPcz8OolQLKUAvQwfYQHsVW4bFiHsGJNlThmNWSPjEUeK --i9L//ygMkJL/wHNyiamXSStunr+TGUdjTvf0O0Kc82o= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-409_C24:KAS-ECC-CDH_B-409_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-409_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEATeERODe7P867Fq2506BI7qY2LkaUHz8 --oNhQl6rZRMFbT9icjL4sdFHY7GQQRUIbS/aXiwFkR8ITyQNd57zCm91h1u5u1Vec --Nr7Fa8a0T5KGv56Z+sl/NWcIzQMQ2/Yzj5r417E1kQI= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-409_C24 --PeerKey=KAS-ECC-CDH_B-409_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=005c701a93d7790322aa7c67440fdd9ee8057a0dae86d1e856ae89e7893da178bd67777f86db2be5c8e31dc50ed8a440aabc342d -- --PrivateKey=KAS-ECC-CDH_B-571_C0 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0TyK+h5mblbIof2 --dDDqj+ZGxi/ji3zmHx+VZZfCe93ZkC4g1ENqvzvr2CQ+wpoASBqKLBn1UOmWQbXx --Sq+7W9qVOnVZ+GU6oYGVA4GSAAQGr3H87BopBBFv4Uh4Zjdkwex0hw5dLVORnwtj --WRLbgN1UYNnmmUWP+ElMW/x0+6jTsS9l8BXo3vEN4z8YABkfTLUC0hk4uVEBlYQX --exicZkH/tni214M9jUuyXe5QGN2k5MDSGQSMAc0Nqer/40bVPPGgezOz291Lw6yr --5IMvmYHv8mYJkarIUhR5he6jpR4= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGr3H87BopBBFv4Uh4Zjdkwex0hw5d --LVORnwtjWRLbgN1UYNnmmUWP+ElMW/x0+6jTsS9l8BXo3vEN4z8YABkfTLUC0hk4 --uVEBlYQXexicZkH/tni214M9jUuyXe5QGN2k5MDSGQSMAc0Nqer/40bVPPGgezOz --291Lw6yr5IMvmYHv8mYJkarIUhR5he6jpR4= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C0:KAS-ECC-CDH_B-571_C0-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C0-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDtj9foRKua18RPHZRRP5MvWAg4m1A --DBFgmjpjS5oyX0FrDj0yFXNMaKHCyPrR0Lues5OaQa8iQh9oeB5+sGZLnfXOpEje --qjsAjmzHe83cgW6Ez8H2JoJPok09X9M9gJPL/h/E2IG2O0lBI7x1lnDtyxiHuzud --WotRa8UDgoFjcJ1NrLWU0nehWpLAZOV3DRs= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C0 --PeerKey=KAS-ECC-CDH_B-571_C0-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=06775e1b99a236e02b020bc73666e5751c1210dcb6e9b02a69f4075376e49f7a1476d2209e861abb73f5e3ad189d268e035b1de93d47b3a64de5783c9a09bc223e1cc612f26dcdf1 -- --PrivateKey=KAS-ECC-CDH_B-571_C1 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAvTSt+Y2YObCCUng --bcZwvoqvglMOC26v4hAR/p0PRAfIVJUVc0UozaKZ6fz3OKl/v0PEu6JnRLMnUxtA --FD4Vi8hkWQnqiIRWoYGVA4GSAAQG6nEYJ62O1Ym3Ce819qnNRiV5i9iH5f5ZxR8P --QcMot+zfhHNsQ/tw45hu5eX5huAJ9kEVinXM5rOfU6i/BoKDAZTkAHFI3u8Exrny --pgmfwDZ/qWCTlMMiGtjG+xEdK9xDBQU4BHiNMur3ZDFAbnaKRIy1yONMgSJe7JAV --q72SclwAJxLtMZLYB7Nq/qhT9yI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C1-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG6nEYJ62O1Ym3Ce819qnNRiV5i9iH --5f5ZxR8PQcMot+zfhHNsQ/tw45hu5eX5huAJ9kEVinXM5rOfU6i/BoKDAZTkAHFI --3u8ExrnypgmfwDZ/qWCTlMMiGtjG+xEdK9xDBQU4BHiNMur3ZDFAbnaKRIy1yONM --gSJe7JAVq72SclwAJxLtMZLYB7Nq/qhT9yI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C1:KAS-ECC-CDH_B-571_C1-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C1-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFdcuwWfQjMJ+ZO2wGrHHXvMXR5qGa --/nKBHLYSpiOMnMwzHmfaDBC4jMKl8e8v9ta3RAZdJC9ZjaLWM11MO+z1w5U5QMYO --/McGtDNlLjo2oHAYqorT0v8x7Xhc5WAXFu/3cQ/BPG/5/3XH83AdRZ/Y/nDAtK/O --2ghoFxfbmCHYyFj9OeJ0/zd3L46EhW5wZ0U= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C1 --PeerKey=KAS-ECC-CDH_B-571_C1-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=03a80ea8cfecb858f9b77bdb46b6cda26320ee8c561a2fd6b7e0a2b62201fbfe60f577780c75a98a11a69de4c4ee911930d2200b6972bc3123d7f278615ecc65984a59fe352a1cec -- --PrivateKey=KAS-ECC-CDH_B-571_C2 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAStjE7VoU8+NAnME --nPftKrjmMuWSVu0EM2aFdkjz8qlnTK62+w/NX7qwu6u84XoPxKeBSEmcOJr1dIY3 --RkFpWw6FLzFS7sckoYGVA4GSAAQECnh2PRcEWd00tcBOx4LmmMvpA6WjSFUcUkjZ --2s8ZvLmkmOoF6A4tbMHz6lujpDhVuAHIwDVv4+Ke4iS7kfTtDIVng3m3JUIB/0nO --CmLp7a5qpjqYSORPGFQS0P60a4f5FCS9r/7VFoMh7XbyNfddM2Z/bX1qnIV7tPhU --QvxA+aIMBK4GNipG7O6hXEXWm+s= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C2-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQECnh2PRcEWd00tcBOx4LmmMvpA6Wj --SFUcUkjZ2s8ZvLmkmOoF6A4tbMHz6lujpDhVuAHIwDVv4+Ke4iS7kfTtDIVng3m3 --JUIB/0nOCmLp7a5qpjqYSORPGFQS0P60a4f5FCS9r/7VFoMh7XbyNfddM2Z/bX1q --nIV7tPhUQvxA+aIMBK4GNipG7O6hXEXWm+s= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C2:KAS-ECC-CDH_B-571_C2-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C2-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGSqZoMP9EMkpnroqQeJaJe1B1Zs9S --3+E+Otux55NmXStxg1h1Tv6AnkSWIYUC/rVgTb+8BKEQfKnsTq3H0QqdbRR0zt9X --gUUG9j9p+MGLZ/EQUbPTAjahokkIiyvKtc/4MM256z51wehyUuXY5huxpmNI+2ge --li1lq8VNXeot1yxVRZB0AHT3xmxLjf0wdWE= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C2 --PeerKey=KAS-ECC-CDH_B-571_C2-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=03edea7e47ded7c2ab1115f4ebcbb42677c7fba6e0cfd811602896251ada1d5a0b461aaf4e000f4d4231b96d8dee7630d9f1b7860e6418dac8c3b07b66af6fd1acdb44b2683b29b4 -- --PrivateKey=KAS-ECC-CDH_B-571_C3 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAhmXtUgcDPbPQ2v+ --Ngw7EZueTdVvPChHr/sgIcusS1fcGPUHXWeK8rpunu+8QTjYGAU/LfMqEOiuXWQJ --9bLx88q/NvgI/cB8oYGVA4GSAAQFYM+RMowmu6E/ccm13d0FwYWWnYi9Dp00o2B6 --kjsjpbZ1RSFnADri8K3VFB6kvkHrrpHTpqoVw5Pb9YWtbJIUsmnoa08FS/UC4y7C --QEGKmk+QF+Yy+Kd4l6IjPW8fRbj3qoGPhH3bPOq1paEsdU/OjVewMgoHa1NEHc+f --Ze8yBOCJGR7xVv92IpSJenL8qTI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C3-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFYM+RMowmu6E/ccm13d0FwYWWnYi9 --Dp00o2B6kjsjpbZ1RSFnADri8K3VFB6kvkHrrpHTpqoVw5Pb9YWtbJIUsmnoa08F --S/UC4y7CQEGKmk+QF+Yy+Kd4l6IjPW8fRbj3qoGPhH3bPOq1paEsdU/OjVewMgoH --a1NEHc+fZe8yBOCJGR7xVv92IpSJenL8qTI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C3:KAS-ECC-CDH_B-571_C3-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C3-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFBnGvZcvvkvMF5frLQojMBKTGl4o7 --eK/kBJxqmV/ow8C7YJq+SdFSse7WxxTSVP5u/xWanr0krRaRnvdvRHAFfrfCZaS9 --lugFHQjiHSZNjk28c0CIQqtXzXjTI+fetiWzdBmUuK/+Aa9EYWIttBmv7q0EWEX2 --w9ttmC9FtpK+oRzyXRiso8g77IQMdYKnBi0= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C3 --PeerKey=KAS-ECC-CDH_B-571_C3-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=005b640015330f8416f2bbbf8b5660e01a7abba8b0197a29e52bb535d62f89ad0443e08b6e0d1d15f4eb03c0fe35e3e43bd7739cb692092698a2cd13126cee4432831ec7423b3434 -- --PrivateKey=KAS-ECC-CDH_B-571_C4 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIArU5rMdwdYeZ9Dln --Dq6Fubo0qLTzccyTWiDOjFZlIe7NjE9a/xFq4Nsq1urhozhENMWZN5ghrQXYGtoF --SCmd/ZjP1tPxVzUkoYGVA4GSAAQG2uU4yCBEOXdBXO9OeZdLp2K2m0NIECAMxv/z --JqI0TNIb4ZwVNkLfgqPlelUxqL8Zdn4ZldJyj8tmHVjsVh7yOjTYYHlxSQ0FBCQ8 --eSuQMYTqclqUfKiSGMqcj6Hgmn3WjeiOrpD5vSqN9BTdaaiysaLe0sbX9RTIkHmX --Yk6wvJ6pM6LUdO+Pg7rqMkODTeI= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C4-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG2uU4yCBEOXdBXO9OeZdLp2K2m0NI --ECAMxv/zJqI0TNIb4ZwVNkLfgqPlelUxqL8Zdn4ZldJyj8tmHVjsVh7yOjTYYHlx --SQ0FBCQ8eSuQMYTqclqUfKiSGMqcj6Hgmn3WjeiOrpD5vSqN9BTdaaiysaLe0sbX --9RTIkHmXYk6wvJ6pM6LUdO+Pg7rqMkODTeI= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C4:KAS-ECC-CDH_B-571_C4-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C4-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDmsnpGvWUB03NM42k9SQFdPAeQTpJ --uSJGuj1t6FXj3t9uf97amrf3+Edudwzpu8OppeuYRUPcw39fEb5uKKHRCQkx9cW1 --o1EHgNMtuxNImb2i6YhIlBh4OHq6ZmX9JCUhYM4xI/aPm1vY8lSji4TsU2Ul/gB6 --hjtvzEifk3oFpf2UbWKCUyign4Ony6J/6l4= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C4 --PeerKey=KAS-ECC-CDH_B-571_C4-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=027af05ecd0332784d64b0b1bdb45c310fd445c5a6d6b34f35f4eaa3fa3e171ab98763d243a1dedf46aa29864620a47d05eeaefd748186bcbcf187c01e7ce36e2a53ded071036b59 -- --PrivateKey=KAS-ECC-CDH_B-571_C5 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAxipbjgngtRHbxvr --9pehB28i4dLshHR/n8QlBdVUfaqgjYFHIXWWWZWGhc9OpLuhL/+2avCfZpRSHxHA --m2YmyK5S+/szalKhoYGVA4GSAAQGdw8vzS6bf4vFwpLSg6uthRVQcf4373zoTzTH --YW2j2+G9zpqwTOp7xLwljF0qt3I509CEVost/3eZiCiNn8a7Nk9RnQ6FWtME9qH0 --5f4A/pol2EWbiIA5iO8r8v71oj8T56fn80Wav8PVwAMDq8xQgPq4GwnVvgMg75kF --GaBq8TwpVi7pVXFagswNrvLF4Os= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C5-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGdw8vzS6bf4vFwpLSg6uthRVQcf43 --73zoTzTHYW2j2+G9zpqwTOp7xLwljF0qt3I509CEVost/3eZiCiNn8a7Nk9RnQ6F --WtME9qH05f4A/pol2EWbiIA5iO8r8v71oj8T56fn80Wav8PVwAMDq8xQgPq4GwnV --vgMg75kFGaBq8TwpVi7pVXFagswNrvLF4Os= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C5:KAS-ECC-CDH_B-571_C5-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C5-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG9liEkQYKHogUjkve44vGdHE/44TX --z9v1vZDJ27bhWH5Fnc5uDWm4ss/rUFW+5WpzwTQ2BgGYrUdQ2uglPqg5ouJG1UFF --l3UFthuPfY1sgWKiJp5yh9RZA0uPqsA2D8+Z+yHaNKMU5nNTGbnQNia5JoNpNF86 --YkrK2yGbIHGI0OlFy8Z8mCBo0yYT/CH4sPQ= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C5 --PeerKey=KAS-ECC-CDH_B-571_C5-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0763c0d659a7c080912005a2afd60ce57e610619b388ef3d5dd3c9386ab12069c6ef3a8e72eb741cba2da5c6f9267f6c09fada6459690ed4e432445d6f0f72dbcb059c87df36f665 -- --PrivateKey=KAS-ECC-CDH_B-571_C6 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAotDGetwVM/2OCgg --xS+cMy6uZw0fB8/I8UcukmD15Ho4V2gBbNIAZwDKe9xdHVZ9kkYK98KkJd0NeK7u --PRX7KNcRZ+ZIa4HEoYGVA4GSAAQFsbEUzvE6pd8wbOdBl9aA+bjJ2PZ1OgnbiEZq --a7BOrx64c4NgItdQT0X66FqOSlQX7dfOOg5eueeSZIhO14NXez/FLYJfC1cBjjIm --42tLM2eZxGhLulBemE3IgZFm8XzrhA42ElsoOoyGNd3353BAbZhW2Cs3z/H7zF0/ --XPS1XspB7hMfIep7yxnOBfZWQkU= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C6-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFsbEUzvE6pd8wbOdBl9aA+bjJ2PZ1 --OgnbiEZqa7BOrx64c4NgItdQT0X66FqOSlQX7dfOOg5eueeSZIhO14NXez/FLYJf --C1cBjjIm42tLM2eZxGhLulBemE3IgZFm8XzrhA42ElsoOoyGNd3353BAbZhW2Cs3 --z/H7zF0/XPS1XspB7hMfIep7yxnOBfZWQkU= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C6:KAS-ECC-CDH_B-571_C6-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C6-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFpSzr9oEDyrAmbPLGicSPCAVJ//xw --25gJwqRvkItyib5ZcynznuHkzKOYZk/6m9zwEpP0NZPRiOEkEdV+VZs/ajDpVUhp --8EkBThNxZfsNUw6GU9fLKoRhjdOvz6PwhWAXkUKq6XJ5DOdGov1EadQVWHRDeMZA --rnOkibt/gc3KaxuxZ8eUwm1iOKDSVq/DuiE= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C6 --PeerKey=KAS-ECC-CDH_B-571_C6-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0428413f2d2aad4d5288885c2edc8b976321ae1dd4fc6b41275fb88b8c5e7776165effce79025163538a0e83c919220a407ead6cefd616b4b05294488c2ef5d30ab8caa55ccbd1b1 -- --PrivateKey=KAS-ECC-CDH_B-571_C7 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgEV0X5B4TF4tCoA --TAHV5O8cdiQQScfTG/DqhdbgcKLiuSCA5h3lRvzL1NmRI2uzYO8/IG7hbYhDoN3I --A0Y2ZKjM3C2HoQJ3oYGVA4GSAAQGyKw0NkrK4148QXFgMz5IZBho/MoEwNV3vgb1 --irClX9fbd5/nN3edoz0An1e1utSXAurPV1rLryffgzBwzYk6eSR3DJLv86AGG4Ll --RdQcYv7waLNM2/ATlhFdKhQX+XGUg9JphrbVL49t4Gg3eV9tndfNCVdBEUMYxuim --IGs97u8BTw5EsNxmhOEA5Kw2FlA= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C7-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGyKw0NkrK4148QXFgMz5IZBho/MoE --wNV3vgb1irClX9fbd5/nN3edoz0An1e1utSXAurPV1rLryffgzBwzYk6eSR3DJLv --86AGG4LlRdQcYv7waLNM2/ATlhFdKhQX+XGUg9JphrbVL49t4Gg3eV9tndfNCVdB --EUMYxuimIGs97u8BTw5EsNxmhOEA5Kw2FlA= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C7:KAS-ECC-CDH_B-571_C7-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C7-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCbi8e5k55WOkCVHp9sKHhSGbz0sAS --fCu5sJ7iMtPZUY7kSuj1u0M6CIBp+jhs1ciQJxG3YqwNo6ejQgRyxH6FD5iN1gpj --bX0Gd/9RAFLU9GCEn7jvDU81Gc0jjk4caItzbPbjdZVQ0TSh5so8tHnWi03F0Luh --ruF4vW/hXsGW+x9ifYcHk5T294VOBTIo3uU= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C7 --PeerKey=KAS-ECC-CDH_B-571_C7-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=031bd2a84369e93dfa00581446d52762100d985cc7bb91c4fa8be7472e2e8e9781c52b19a54330442441bacae23f4bdc76486eb475d51f26aafbfb272a5ab5db184a4d3c3006e5d1 -- --PrivateKey=KAS-ECC-CDH_B-571_C8 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAIR7VF70lhVnHwi+ --c6SRRwYxhEkzQBEepNzhPC+SHwe/rP/IRB9MfJ0EefV/OhP0wzxj7UfDpD+y8G0G --qXgOXAs6wwQQrcSRoYGVA4GSAAQGmU3cWuLFtvRdwytxDxpJORpH86D4wteEZVL+ --SH7wHMoEMRVbtUUzsGeinoNnNzr5XWp/C/mNhptwj0j5XxuIoVMP4iVH6X4E9iiN --TXBPM6iYAx59AEb78eNKcsivGQ9NMxYzQ8iXugwNivioYjahw7ZVuXncRSLTPWam --ZbO2UBVw8HYyKvCtK7qqBOoumV0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C8-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGmU3cWuLFtvRdwytxDxpJORpH86D4 --wteEZVL+SH7wHMoEMRVbtUUzsGeinoNnNzr5XWp/C/mNhptwj0j5XxuIoVMP4iVH --6X4E9iiNTXBPM6iYAx59AEb78eNKcsivGQ9NMxYzQ8iXugwNivioYjahw7ZVuXnc --RSLTPWamZbO2UBVw8HYyKvCtK7qqBOoumV0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C8:KAS-ECC-CDH_B-571_C8-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C8-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCPuT57CTe4gOs+2WGMTE8etQ5TEfx --eU0ItZn/wV8OXaspEdl+Aw3ffLS7rfilvOBcNTWPvQz5XT1cf/PNjua1TjedjQEj --k5sGBr4j58V0bb04QE/WB/t/J47iSdyOJ0DPG7mxwHsc9+ClCkMlZ9GGl5moAxIl --ENtDeYGiqhJuuarzx74FqA+sFJXhxAyhwQY= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C8 --PeerKey=KAS-ECC-CDH_B-571_C8-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04df20154fa49a1d6e04dc2ba6e55a7f2ae575de5e2c6e4091a4d2c36aa93ca9699b890f0ee4df53aa75d0d9babad68605bc027ec67c187a6826aac0f4bc596baae788b376110216 -- --PrivateKey=KAS-ECC-CDH_B-571_C9 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0wkWDArQ4V/Eq2L --2ah1I3ZBoh4hyjz5oJVtPP7e2WpeH1M9gntSj7tYbak+77tm0HeLGbGn+28Xu/nn --m5rO/N17lgXniY8moYGVA4GSAAQDLTp6QJnwif6pGJIR9zZvLtxKv7MWxcBZSNje --V/ygI7+2oRsQLqQSC6YhksDfYQvY0vY/xXcn9Ka2QKv40pn6xWxMeviDSeoE5jmf --HO0madOlUG016ivr/M8M7IS8lzg6rcO0g0f2KWJuYJb4kENeWTNnUEj9zvze3j7W --FuZWDULp4XxUkuMLwt5GicBZLss= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C9-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDLTp6QJnwif6pGJIR9zZvLtxKv7MW --xcBZSNjeV/ygI7+2oRsQLqQSC6YhksDfYQvY0vY/xXcn9Ka2QKv40pn6xWxMeviD --SeoE5jmfHO0madOlUG016ivr/M8M7IS8lzg6rcO0g0f2KWJuYJb4kENeWTNnUEj9 --zvze3j7WFuZWDULp4XxUkuMLwt5GicBZLss= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C9:KAS-ECC-CDH_B-571_C9-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C9-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQA1KCxHBc5vtCU5y16aSODaDbZIVdG --xyzGgARaNtga314lOU8mmiraHZQ568M7uTHW+llaJSYcJEoeF7BG+xD7VLsxIojP --Lo0HUgT1DTKrimq7/5gtH+NyuMVBW7W3JrNGqk8IvjL4yigsHvbhUkIzYNl7cooH --Tms887kScYsWks2YMBl0GiVBgkI0vcjDI/k= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C9 --PeerKey=KAS-ECC-CDH_B-571_C9-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=037a380f525590582658e2dd272a32de67fc0cf5390b37f4d33c1359f075d4461ea38a55027317892a3d1d22f5ea333ad437667d2f3eb8781c39504036ae33e4b0a26b6894722f0b -- --PrivateKey=KAS-ECC-CDH_B-571_C10 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAS23haA8Jr46bppY --LlwyqJVwrUMItxPOVHHqGT3sHzLWi0/N+xYA/bHstnaeJqDgV4Etu/DtSVWSZl5r --jpqXN4owtcZg+63BoYGVA4GSAAQH7ffuDsd/Wmw8nsTtj9PLgUo0LpzGRwtUeB7W --wUHiEVyG29e6J5k+t+vteji+SI+W/d+pgvNpGqHCppf3cGv/PRrdc5YGYZQHs4JL --f3smb6Qv5Tatwqx5udHltAjnIXs6md3rmS8xI/8tFod00wCoGKMmkuJlr8b29XjZ --vTEhEytZeYQfei0GDolIkB1lfBw= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C10-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH7ffuDsd/Wmw8nsTtj9PLgUo0LpzG --RwtUeB7WwUHiEVyG29e6J5k+t+vteji+SI+W/d+pgvNpGqHCppf3cGv/PRrdc5YG --YZQHs4JLf3smb6Qv5Tatwqx5udHltAjnIXs6md3rmS8xI/8tFod00wCoGKMmkuJl --r8b29XjZvTEhEytZeYQfei0GDolIkB1lfBw= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C10:KAS-ECC-CDH_B-571_C10-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C10-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDu4QDK3//zieszzVLid3fZGzctWY0 --3w+FIKdzD4q+sF+ZM9ikNS0cd2fMP5uAzv/N0Ms6l7WSg/0KZ03E/SQDM/AgyCtI --BMUHRJkzasOoBUMHiZAnaCUgJrUm7OVKwo6MyHjxi6+fq0K6TONOSWiqwe5qC7Fc --mnCYgqU3KvVuoLNoFzhfu/6sS5BgaeU/v7o= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C10 --PeerKey=KAS-ECC-CDH_B-571_C10-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0420de313bddce87d07321e3f0af404d9d13e5369b79506e807178711153c9b1837cd055562eff3aadfc5954a221eeebb1bec1696d3df1cccfb8b61172a50d83cee95f4140ba070b -- --PrivateKey=KAS-ECC-CDH_B-571_C11 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgJgana2oT1uKSgL --wWE+EVAldwskX1Vh1Yg+E14VnMQ3sck1Wy7uKzur7yKf5UWqsrzKFV6JcklfGXS9 --sewOYMTmx5xI8mpGoYGVA4GSAAQG5026TgcC8YbTNNPEniV44e36xWRkXdqMSliB --WPjXo+9jJDZTwNUHQnc0+0zIet9KNr1avKH5ILm9bjv6UckW1XEIhFlOlIUFuSFH --ottIo4MMz6KJUaK36OuEMTuZsKmQMceDTGM/hlovmESVJSiuXe4CQoqCTN+34gko --/8U0IN846tC0JA0GWdWtsf8uLcs= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C11-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQG5026TgcC8YbTNNPEniV44e36xWRk --XdqMSliBWPjXo+9jJDZTwNUHQnc0+0zIet9KNr1avKH5ILm9bjv6UckW1XEIhFlO --lIUFuSFHottIo4MMz6KJUaK36OuEMTuZsKmQMceDTGM/hlovmESVJSiuXe4CQoqC --TN+34gko/8U0IN846tC0JA0GWdWtsf8uLcs= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C11:KAS-ECC-CDH_B-571_C11-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C11-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGVWpMyYRmeUqT0DOIU2d296SzNEw9 --xOuWCkpkWPx4ac1ORbLxQMRop9TruoTJSCM3oqitqsiKmmKdoD3SR1JmQrCrcft6 --jHAFS5fZUrGfdChW2s9OUN8MMQO68lP03mWj2crOY/6CkG0sjoozEvtTXgD5tcpp --+H28f6P32H/gJFNmBKr+RkBZPMz+9vrAKKY= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C11 --PeerKey=KAS-ECC-CDH_B-571_C11-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0606228f5a05077aeefbefac23c0d5bac7a6062bfc2b02ce8bba6698ea96b456b1f0d32c6e05dbb9be61a83090428eedea18c74f41238edede9e3a12e28722d2f314613c2e84d6db -- --PrivateKey=KAS-ECC-CDH_B-571_C12 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAEhng0isM7kvLFln --cQPqQJlGtVk9EF/EmDNRxO3pKcS5O/xpWHZVXjrOQXuCrAW4Mmdqwj4pVaCe5kog --pfmOYkmfQ7p/f8jhoYGVA4GSAAQDHdSAjSs0G4iB9eUKLczjjfg5AJ+SGFl439mm --DNruAFzbqCZVZHc21AevuQxnzdsTuisBYY9F6KJ0MX4C93D4Dvh7u8GxEFYFCgZx --ycDOV6SU5pEfE3bPH8M5OIW6jCb23cu1Nhh2hgo1r8H0Vg8pcMMNs/HIF9vIrysC --Xa7TqdoS0vrp1xTOrYBEXmoKCBM= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C12-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDHdSAjSs0G4iB9eUKLczjjfg5AJ+S --GFl439mmDNruAFzbqCZVZHc21AevuQxnzdsTuisBYY9F6KJ0MX4C93D4Dvh7u8Gx --EFYFCgZxycDOV6SU5pEfE3bPH8M5OIW6jCb23cu1Nhh2hgo1r8H0Vg8pcMMNs/HI --F9vIrysCXa7TqdoS0vrp1xTOrYBEXmoKCBM= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C12:KAS-ECC-CDH_B-571_C12-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C12-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBAFGCsCmkhSju9f/QIhrYcIWrrGpy --cFIDo8Fomru8DhKSel6Ds1Khutl3BhAfRKECLMwNVSLcXRyhQz3gOiuh34ZIdfUi --vmEBiwKpjws+TM9EqWk5ogg6sfKgTa/Vvc7jz/Q4uwi/8SBDqhksX8804TtcKXQs --XYZLnKxGvqbpbfKxvkSTrPlQIk1xc3+ZBlg= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C12 --PeerKey=KAS-ECC-CDH_B-571_C12-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=052669336019db5eddef5eab2336abeb60bbc7295e4bb663ab43e373fb6d888d7433ec89a487a91d4a59c289a9509ddd1bab33cd02a7bf37aaad78dbedf0b4ae5f2f35d15cb4e628 -- --PrivateKey=KAS-ECC-CDH_B-571_C13 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIABe6ty14j4t4ub/E --kShjxaSJIv5p6KTPXm6Rdj79VHehzUOd7dCv6lBOOzr2gj6jCJwDdO2a7iSohRbI --zzr6vplbm5Z187WroYGVA4GSAAQBYcFLvITkLsdneow3cAZezR8PROrIJCpxWmGX --Hn5P//eP9Xob8blcv8LtlX0RlfnqUICXFcJDnHVD5XNSATVCbUdTW4v8hTMBJTYz --0CJRRk7cxT7Z6KntkykyDvXurzXWTFm5c1yW4H8aYuwXvO5PBM2ahaPrUEqvN7s4 --jGx9CNkKoLaFVrXAaOy/ClmERg0= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C13-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBYcFLvITkLsdneow3cAZezR8PROrI --JCpxWmGXHn5P//eP9Xob8blcv8LtlX0RlfnqUICXFcJDnHVD5XNSATVCbUdTW4v8 --hTMBJTYz0CJRRk7cxT7Z6KntkykyDvXurzXWTFm5c1yW4H8aYuwXvO5PBM2ahaPr --UEqvN7s4jGx9CNkKoLaFVrXAaOy/ClmERg0= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C13:KAS-ECC-CDH_B-571_C13-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C13-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH+rTlkyjHAPdGSb2Qp9Uf8olY/nIN --qqsyjPybACqnBs6zmTTbnM+B3uyVaJzox3a0/GVCqCNYzFHrvG2OUyLLP6bkaV4X --D8EFrNRc/6Kd2zTuQudBACZ5jjeo0anOn5KU2lGYFktpAQxoxTKBzL/EB9FBCX2h --N+eEnyKP3BoHqimL4myncfR6xP6ycj1aZmY= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C13 --PeerKey=KAS-ECC-CDH_B-571_C13-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=062de5aa98b440c6cb7a1428f6b5e47452b30454eec4d651982b531121febbd5a3833b180017f7ddb5ce38d7bb1c842de1a8a8fc7fc981e24733b7662813fd010a4e757ca4ea5c28 -- --PrivateKey=KAS-ECC-CDH_B-571_C14 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAqstQwJ7CPir+jWY --7wFEOZpgtgN7F6OuQT1CLvohZ+nqTxnX7KmNhcZ8H+hfvLwfErr6MKhdvfVCRmiJ --MV8VMt78XRgVCfAIoYGVA4GSAAQDKMDWf9VS6hDlvfe4fVC/TcujTcpWmuuGnFx9 --x9gyzjD+7TLiWnI3k/l8VX4vl4xeE0nmm3PvmRYAH/sNbNssY0PjRTg4bm4B0VG0 --btAEJjzZpcDUaoQNAyImMfkv+SgOlaNXRs28r9n+1oEcdhS51Qqigo3HonWznT1B --ijSd0eK3MhH03po0tC/KEbl2Dso= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C14-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQDKMDWf9VS6hDlvfe4fVC/TcujTcpW --muuGnFx9x9gyzjD+7TLiWnI3k/l8VX4vl4xeE0nmm3PvmRYAH/sNbNssY0PjRTg4 --bm4B0VG0btAEJjzZpcDUaoQNAyImMfkv+SgOlaNXRs28r9n+1oEcdhS51Qqigo3H --onWznT1BijSd0eK3MhH03po0tC/KEbl2Dso= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C14:KAS-ECC-CDH_B-571_C14-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C14-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQHJnYwKtGHMbdiArxRQp6/fsz2Ml9O --CEwvkuMojtKQSIueNnIOKdqi2xmTp9F86O+djM7GHeikBxduJnTCXVe/8sRlljWL --NgUDwAItUyKQkeFK8PdFDeyhy124IecVkGCP4Jhtc+iMkV5e6N/ryJVZE9kWT5kv --VjlKZi7xHIIU6K2oXfGxewuXQUzdZi0Yi10= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C14 --PeerKey=KAS-ECC-CDH_B-571_C14-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=07c7eb4892816cc3388ebcdfb412984e05910c112dd15b8e5481719401701aceba22fcf35aab0c3b040096161011f6177097c505395d9d6d8a713f6a5100fb476adbe7b9cdf4b68b -- --PrivateKey=KAS-ECC-CDH_B-571_C15 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAEnG5MBaGXskr9Jw --ckP/v9VbAIj9M9h9rk0hBI918rhiVjB1JB0vNv3Q6UBatCqlXL8gldq8Pa7frp3r --kiIgeD6Fkc/WdgCxoYGVA4GSAAQAH+KaTC3QALvtEpEhuI7btcObNAA/FwrBn6mo --XF/lh6q4ITYfSWNEDyWstJdYgQVS8Gtxmp60O3IOm3rW751BJI1fM1+ZUVoBSZ25 --WAjHGdJOsFxjPbiwXPlpygv2VkNbH98bCSgpD2pr+ICtuf1TyG7Hbg9izonL60wm --b2Sodtd4IxoAMMOKoA1mxr1oB4U= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C15-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAH+KaTC3QALvtEpEhuI7btcObNAA/ --FwrBn6moXF/lh6q4ITYfSWNEDyWstJdYgQVS8Gtxmp60O3IOm3rW751BJI1fM1+Z --UVoBSZ25WAjHGdJOsFxjPbiwXPlpygv2VkNbH98bCSgpD2pr+ICtuf1TyG7Hbg9i --zonL60wmb2Sodtd4IxoAMMOKoA1mxr1oB4U= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C15:KAS-ECC-CDH_B-571_C15-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C15-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGzXkx/PGTX4HzAUee2a0Mb5oFvs9O --Vzov9Am6/EQuwZX34/39COWBYdTg/Tf2KpaUIbGc1I/oSKXX90uBN6fHJqnL03os --87QEtbLNg7J4lXUcNNOsW5YKEz7BiwOcLhKNNEHbT3bot1BkCUYZsSLl+y8cJ5ZV --mtlTxxHjMNx79V7fKfCVyuRVV7fI1YQ9ib0= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C15 --PeerKey=KAS-ECC-CDH_B-571_C15-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=05c638349000ec30881cd190c067e7f12b6b42d5842a8285a8ff0dc7e9c9eaf483309e48314fdc2ce7f9da6a468e549c8e70a50b68d07aee29708a98172209e5cd2e8c09cb66d982 -- --PrivateKey=KAS-ECC-CDH_B-571_C16 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAYazHOSQx/KPJ5MH --WkrmRayznnH/6UTuYr+CWH8cPL4ojOYCTY0DXxB9mk+u1Xp7Ie4dbnEpoJgATyLM --1SdAwDSm3ze1PQcyoYGVA4GSAAQGsV8ahZ49gJJGEbIMG5Tf9r0FdP74GTfx5U0U --jS0x+MIbDqnOAxyUVXBvCFpp/UkkGFWMfemq3CyamW5+0f7aMpx9dgm7ayIDKRBU --TLE24sKaozVyqmw0caUuvKayKL7nSfqf/ikpakpbaqDG3J8JUhbnsVE9gcugB5Sj --9Vj3ShtUHHOyMI9PjnQCi1wrzfM= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C16-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGsV8ahZ49gJJGEbIMG5Tf9r0FdP74 --GTfx5U0UjS0x+MIbDqnOAxyUVXBvCFpp/UkkGFWMfemq3CyamW5+0f7aMpx9dgm7 --ayIDKRBUTLE24sKaozVyqmw0caUuvKayKL7nSfqf/ikpakpbaqDG3J8JUhbnsVE9 --gcugB5Sj9Vj3ShtUHHOyMI9PjnQCi1wrzfM= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C16:KAS-ECC-CDH_B-571_C16-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C16-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCmEtlMHTDaiWa2VbVVWUSwscx+lDy --AF0ASanZd95cALegVMlgzdcHiWMhSQvkM71e/9RMVk6qLVAhF1BQxb/BY82x6B3x --M1oBp4bSkJizNPXBxK6GpBvydcxnh9pyBpFlV6T0MxkhQQNFZ+BB1V15SncHx6ry --iELVyPWQN1pDZWkYqoDlWwKFNHzOj/4fFeg= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C16 --PeerKey=KAS-ECC-CDH_B-571_C16-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=007a40a59b6632156a43158565a4eeaf80618e501c5ac5afdab4ce3cb76ac99a0bcd17e9eec549373ace8c96aac78e2af6600483a2c49ec81298a083d5237118de96a953999beb26 -- --PrivateKey=KAS-ECC-CDH_B-571_C17 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA0H46GGC3k/D9DhX --JQqSmkGZTTMdoVTAJJ+g0cJqbeDoNfoIqMxSTj2sKGOD+QvS9NLHUULx04EI2cBi --FDyObtu9oK+Hp2rVoYGVA4GSAAQCxcXrcydAJnJXPDe0kokDQ6tCK1G8ZbYAdm7B --0HkI/wO8/edpTYMrzeUpRjOd8Kq0B0rgeon4IfWhEw0rc9sMQjrnoCOuLBgEdu09 --vZNtHDaYekNRLI8FYuMWEi0Fp+3U5CSJhMEfbrhSFdWqoCYqlfIGZsnb9FJIrhd9 --Lf/6OmqVBTMpi1w/Shti2h6vzVE= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C17-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCxcXrcydAJnJXPDe0kokDQ6tCK1G8 --ZbYAdm7B0HkI/wO8/edpTYMrzeUpRjOd8Kq0B0rgeon4IfWhEw0rc9sMQjrnoCOu --LBgEdu09vZNtHDaYekNRLI8FYuMWEi0Fp+3U5CSJhMEfbrhSFdWqoCYqlfIGZsnb --9FJIrhd9Lf/6OmqVBTMpi1w/Shti2h6vzVE= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C17:KAS-ECC-CDH_B-571_C17-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C17-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBqGguCezNGGjaICkWpWHuhRPA1zRw --zTQa7nntk1VqOm58eyAwLsdKDFFwqON9eKm10N45AOsqZjpyR895Q/04HZWzqv0V --YWcFL+zGj3aV1OQaCAxHZQ0gKHTaFjoXSOVQNzlY4xvQquUgmW0w84RzD0hU9eVO --aMwklYrcUuKkxAc1ZRTz6nFmBW3Gfk0Rj6g= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C17 --PeerKey=KAS-ECC-CDH_B-571_C17-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=021fd2726973405fc30d2a1f2115907cbd0de90bb6bcb0496452e389b1b10ccf38e2400617040cf0dbb188f345337678b0ad8603dcfe926582d4321f384daec0943e2cd267f48343 -- --PrivateKey=KAS-ECC-CDH_B-571_C18 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAgenOC2KIlcSJuDA --bCaB0JvKGbXbfnu/wTrCCDid+BaNd2FeMMqGEDk25T3ZrwHN/iT1COxgk5l3XOhM --hon41flvZS4BTg3ooYGVA4GSAAQEYI3AUSvFXHNM1WKsWCX3yji3k/js6bmBzBxA --Mt3YA5Fk0MZGtCsv1FO1odOnSuI8MsfVhAB948004zEhuQ+rOtpmIbOsl4UGqp/7 --/WXFCTcIRnB2dKxyPawkpvM6Hgu834skujLPe97I/ckjO3V7wHPWTe30hMb6Ae8o --6HT7DTT1iw4ysYZFwwvctRbuOEE= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C18-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQEYI3AUSvFXHNM1WKsWCX3yji3k/js --6bmBzBxAMt3YA5Fk0MZGtCsv1FO1odOnSuI8MsfVhAB948004zEhuQ+rOtpmIbOs --l4UGqp/7/WXFCTcIRnB2dKxyPawkpvM6Hgu834skujLPe97I/ckjO3V7wHPWTe30 --hMb6Ae8o6HT7DTT1iw4ysYZFwwvctRbuOEE= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C18:KAS-ECC-CDH_B-571_C18-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C18-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCza8TmgzaKADWESj/5NcyOzSg/PSM --lABHn/TIKRy/RvFsQeRAmq7fFLxgpkKy17qs3o4AUd2K4Bv1rS5uZJDHfNQGqZnF --ZeYHjt0p22o7h6EVBbV8VD/7dGpbQPuD1yBhgPOun8siLFQRp3R2Zgx7MRtkYxCQ --WImpWg8v3DXTD8YcxVYKKRQjLWKtNjhrkXk= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C18 --PeerKey=KAS-ECC-CDH_B-571_C18-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=07a47bdc7d54ecd391672f131b3214d0efc4d40195db1ec993a62fe9da875efff5403bd708fa491a01a94f4bddc7d516baffff9fbdd213ca1a4905f9aa679d65da25c0f1fd2afb0a -- --PrivateKey=KAS-ECC-CDH_B-571_C19 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAGuo8SzG4OeN+Mxi --mISKdAAl5yxi0JnpJYSsdvWVrB/HJMsGqFoH8NRED6893qLyZfIBXdBZoWoDopkV --uHMdYEUSzu8iuEHzoYGVA4GSAAQGNvQ16AYAZmEIc3MAdzqO1v+o6/gwfIH/X0Q1 --PpG60IYzG4/v8/HNuG4GG95fccX7k48RfiImqX0rZrCY6f9SUYLIFucCxqkBwb2K --+uapQQj8LHVdXeP6Kks0cfwqXN9K3aaFKb8YD/KNsVSrQxEkezkuk6M1u+h5Zgi7 --1gE/Q83MhG7CImdCPDz9os6KPZY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C19-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQGNvQ16AYAZmEIc3MAdzqO1v+o6/gw --fIH/X0Q1PpG60IYzG4/v8/HNuG4GG95fccX7k48RfiImqX0rZrCY6f9SUYLIFucC --xqkBwb2K+uapQQj8LHVdXeP6Kks0cfwqXN9K3aaFKb8YD/KNsVSrQxEkezkuk6M1 --u+h5Zgi71gE/Q83MhG7CImdCPDz9os6KPZY= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C19:KAS-ECC-CDH_B-571_C19-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C19-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQABRUS5KDbxTXJe+EP+nQldYOCiDBA --RmYB1TkbyzWCwRUlKTJJ8kSXzIByFrNMksHgdXgcg5HD9tPRT4ih1Q6p/HX/jVHM --+TMDnaRsrIZqs0dhesWotPFlcDTjuN22a8QnPi4c4BZB7OY2l53oskktxp6IU3w2 --scOtDTUif4Z+Q9+ciRfc6fjB7zujy1youlI= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C19 --PeerKey=KAS-ECC-CDH_B-571_C19-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=07326196a7decc92c81ae5a0779c9a42f53d94cfa4c3a13f19dbb554138e0e864eee6bc93e39214e2f74705a4b172aab510444c93b5b3e62517bbb7279337102db1c61de349d9747 -- --PrivateKey=KAS-ECC-CDH_B-571_C20 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAQcW8ud08n9C3j9s --lpTY7KIXmCMJHSAvK6FikZOhyYcAaTOY/8gxV/fOSFjnU145kNIZvCSd4WRVjKyA --fuFZd4oBLaGeUBK/oYGVA4GSAAQBULOt3hYqfwk1Daz0YEGf6GuZ3NlPRCg/uj5D --0oG5O7VCgoEs5SJlqUg4lo1nqdbs3BtstkzxWUUhxHSepD2OTsBF5kX/I4sHtDMh --thGLh8Rse1IojfXdHPfaYYPs5WM7TBfK42LYIRkffVeSOSgzmq332F9/Gd6UhnCe --TS3e9CxVu012o8tQytKgmOrVlSo= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C20-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBULOt3hYqfwk1Daz0YEGf6GuZ3NlP --RCg/uj5D0oG5O7VCgoEs5SJlqUg4lo1nqdbs3BtstkzxWUUhxHSepD2OTsBF5kX/ --I4sHtDMhthGLh8Rse1IojfXdHPfaYYPs5WM7TBfK42LYIRkffVeSOSgzmq332F9/ --Gd6UhnCeTS3e9CxVu012o8tQytKgmOrVlSo= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C20:KAS-ECC-CDH_B-571_C20-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C20-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQATC3lZCQxvMbrgu/UNVVAqLXSOxKw --330xrWlCW5RUmHdEPujdfAnPu+2G8TZlkx1LKiF1nDPhC0rPxjuh72GsqqGMlOPP --yTMBdlt6N+uAbUMZbSkx2hoZU3QtPg2nzLZ+Df26XgNJFMzj7mOTv95AZw9AYZYG --faiyk8aENZPdIhyJv5eWNna9BE6MirjnF60= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C20 --PeerKey=KAS-ECC-CDH_B-571_C20-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=059052d3e1c66efa4b7dd39e74299e886367d8fe49d7cab90e4f051bec10316438fb29b1290dfdaec169decd622a1010cf0a0275008814f4861b4d83ba78515a8768d978be430011 -- --PrivateKey=KAS-ECC-CDH_B-571_C21 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAdAQP8eUivEH5R9N --LMA5K2aAgFnR8my6Bb5qOB9SLUy4VBN5NKzNHOozYJSOQG0xCMlDdp3HALTJzAzB --2EurWKNeJ+skBHXwoYGVA4GSAAQBK9qN7T7X6LbTm1hVpY1yW2XjhXwqZ0mW6zk6 --Pj+RWVu/qHJTpW66wrEO1Aavnb/1OyImX761p2nKzitgtF2/l87tKwoE21ACZFSC --fv4psySuPy1MDco6OpVJFRHFMWRaz1RbRe9qxKUMCdPSHyE8p2uW+xgkLsvgivaH --Vd5OEHcXNHWCbqq+0mp1w2nNew8= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C21-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBK9qN7T7X6LbTm1hVpY1yW2XjhXwq --Z0mW6zk6Pj+RWVu/qHJTpW66wrEO1Aavnb/1OyImX761p2nKzitgtF2/l87tKwoE --21ACZFSCfv4psySuPy1MDco6OpVJFRHFMWRaz1RbRe9qxKUMCdPSHyE8p2uW+xgk --LsvgivaHVd5OEHcXNHWCbqq+0mp1w2nNew8= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C21:KAS-ECC-CDH_B-571_C21-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C21-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQCUDig5yrowW424+O1BO1zQe9wm5/s --i+kBdzRtdsp7xxM9DsKArPBmAFxcwQtSqmVDNf6CCmYX5WDicJA/8cLMivE5jyTf --4rADEHTKOTGAGmrLdltukUQXLtgdmZ7Z6DW9NVJrA+8qE/eDdgMrDrgUbCMTI2X8 --4Xany9ykSzWqN5hZ9oisJtxkyBSaQyLQg9E= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C21 --PeerKey=KAS-ECC-CDH_B-571_C21-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=03acfa4b3d1c2a6b62af23bdff6a215a416d4437ce6cc114d17dc4201195987a5d7301da11b913254702d7172e31d64e59b24deaa3270f20445e51dc484f7a2b8c3cbeb0bb9efb28 -- --PrivateKey=KAS-ECC-CDH_B-571_C22 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAy0vVX/ke40oD2gu --JP2mJ916WOmwCCKjqvbregFPR2wXlBrcXiI4owgNcG8eFqRRt+kpQneZMMVnCkcy --gcrHi4WNHxzJmwr/oYGVA4GSAAQEDzEw50scjrJl58TmkhQR65cUGCZ+jeqHnC6L --Vjhk8jphsjQiyaBvoXiooVXj54RXWXWH8+NbefGdDC4YWu9G25WBnL4SexAByR0n --wq5xE+sDvpjpTTrW3seR+sL+DSyMmLcTcbBYpkn6nD+jzNu6kyOVwnr/og2VrAQb --yZeOP1MIKaLGTImxvM6sBoVPuQM= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C22-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQEDzEw50scjrJl58TmkhQR65cUGCZ+ --jeqHnC6LVjhk8jphsjQiyaBvoXiooVXj54RXWXWH8+NbefGdDC4YWu9G25WBnL4S --exAByR0nwq5xE+sDvpjpTTrW3seR+sL+DSyMmLcTcbBYpkn6nD+jzNu6kyOVwnr/ --og2VrAQbyZeOP1MIKaLGTImxvM6sBoVPuQM= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C22:KAS-ECC-CDH_B-571_C22-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C22-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBvf/9acLgj7A8hT7y69CI5o0jP9uV --8LJG3nlV1hUHff0LD/AsZNAd55M1kJa4XgV7G3+fWSYtwnV/GCQ+GC4aC/6dy7An --1osCGL59lWAp8TnBnS2jRnc7FtevyFirjctg1+SErs7DCcs/6pavOQNjfl2022eL --tdubCxjYPPnrwbGq8k9DZ+xTNoTOnVZYLUM= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C22 --PeerKey=KAS-ECC-CDH_B-571_C22-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=067a58e5b3287bb9aa83ed9ca2d718cf7165fb574b6a446c3019849cd1584673d561b574bc8f68419437c5e8113e060847cad3b5ddc2f67ad75bc1e3f04554e63a5e4945cfcb65f5 -- --PrivateKey=KAS-ECC-CDH_B-571_C23 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIA+7ikZaovnDrOjEE --ZAWcwMTELxNIerGgdiwsvjBOvmNQPmxwaKf0vBl/gfZbQpXBSyEPPLI3i2dAH89S --vsAsE7YbbeFOG35boYGVA4GSAAQBd6zF/p9C9N4tJ6ub9vfg6s4wPCZv+LNGkIKr --qTZ+ZkQL1rG9i24a7JK2XjWuqPAH8J1M1n7qXWAAc2yru53MyUPrtWVqBYYHFvGJ --jiqMJzGd56JpjyHV3likuLjdArXkMxENOXf+6OxcCJ0XCvAqStPB+rRLDR4qO+up --4HGc2L+DZEeNaGxONfdFfSTQIdY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C23-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBd6zF/p9C9N4tJ6ub9vfg6s4wPCZv --+LNGkIKrqTZ+ZkQL1rG9i24a7JK2XjWuqPAH8J1M1n7qXWAAc2yru53MyUPrtWVq --BYYHFvGJjiqMJzGd56JpjyHV3likuLjdArXkMxENOXf+6OxcCJ0XCvAqStPB+rRL --DR4qO+up4HGc2L+DZEeNaGxONfdFfSTQIdY= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C23:KAS-ECC-CDH_B-571_C23-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C23-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAj8O0FPNBK0A/AcJTvSImFQIl3aqz --TSAQifSdeeXcwuO2ghb6pm2sRFKcf+O6TSjYFbCII1lVcTu3chODUztdlCIbTtHh --YrgCsyIB3icrGzK2pqWOoiQRxI9dxc8PlYcuZ1HtYizuzqIqVWl13mADhpriCvOb --QrqIcXicgujzrTz2AG9DvEx9QQIDLEP495c= -------END PUBLIC KEY----- -- -- --Availablein = default --Derive=KAS-ECC-CDH_B-571_C23 --PeerKey=KAS-ECC-CDH_B-571_C23-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=06b272ca3330c0cdfbe60a1746bc0ddea6257536cdd8e976f2517eb541460a3f0e6ea7fec2b495e0f57712c8cac35e8a7d64d876c29851bbfeb6fe726d57e0be43dc76a584ef9c93 -- --PrivateKey=KAS-ECC-CDH_B-571_C24 -------BEGIN PRIVATE KEY----- --MIIBAAIBADAQBgcqhkjOPQIBBgUrgQQAJwSB6DCB5QIBAQRIAWmi2HWGlEwxc7+a --InXjCAAD22SMLR4cVuLDfODXzZ+Bjqa3u6ND93TvDzNOpcEu8L51k9BO2UVFjXHh --cRLrAdkEHSEzsTRzoYGVA4GSAAQFHlIXZCZa9/AbzZw/0CLf2y1KLFizsj0uVQMC --xCqt1X0d9vwY5GW9mEQkle7SLz/WcAKEyfp4M7UWUUm44akeDgmaClcy1cIBmOfn --0JTiB1KMWDhl0mKpGPwqOSYelcB9y9BE79OYGJkHivPrlzmCAaRlDw3Mvxn5Isjb --w4Ob9r4AU/hFMccYQ6nmoQKrWNY= -------END PRIVATE KEY----- -- --PublicKey=KAS-ECC-CDH_B-571_C24-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFHlIXZCZa9/AbzZw/0CLf2y1KLFiz --sj0uVQMCxCqt1X0d9vwY5GW9mEQkle7SLz/WcAKEyfp4M7UWUUm44akeDgmaClcy --1cIBmOfn0JTiB1KMWDhl0mKpGPwqOSYelcB9y9BE79OYGJkHivPrlzmCAaRlDw3M --vxn5Isjbw4Ob9r4AU/hFMccYQ6nmoQKrWNY= -------END PUBLIC KEY----- -- --PrivPubKeyPair = KAS-ECC-CDH_B-571_C24:KAS-ECC-CDH_B-571_C24-PUBLIC -- -- --PublicKey=KAS-ECC-CDH_B-571_C24-Peer-PUBLIC -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQFZagplNfm9T7ra/Z1I+5oD/t3ARhn --PD4VwyAObI0fJsq68AwdpI5jdDFkl8ul8Z8XQg8mdjP0DlsGNieJv/Ea31ltWxz3 --aO8Bay1Nqsqca+2XayBk71Q1KliuNDZ4NaYhDhV4KRwd6NZ8ILw9b/piDIezCYor --nzq7jSys1bLuK2g5nqxOj2XOvdZjAP0Em1s= -------END PUBLIC KEY----- -- -- --Derive=KAS-ECC-CDH_B-571_C24 --PeerKey=KAS-ECC-CDH_B-571_C24-Peer-PUBLIC --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=02da266a269bdc8d8b2a0c6bb5762f102fc801c8d5394a9271539136bd81d4b69cfbb7525cd0a983fb7f7e9deec583b8f8e574c6184b2d79831ec770649e484dc006fa35b0bffd0b -diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt ---- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt.ec-curves 2021-05-17 10:45:03.968368782 +0200 -+++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt 2021-05-17 10:45:54.211747865 +0200 -@@ -31,12 +31,6 @@ MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUP - x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ== - -----END PUBLIC KEY----- - --PublicKey=KAS-ECC-CDH_K-163_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBx+LKHfWAn2cGt5CRPLeoSaS7yPVBcFe --53YiHHK4SzR844PzgGe4nD6a -------END PUBLIC KEY----- -- - PrivateKey = RSA-2048 - -----BEGIN PRIVATE KEY----- - MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNAIHqeyrh6gbV -@@ -77,9 +71,3 @@ Result = KEYPAIR_TYPE_MISMATCH - - PrivPubKeyPair = RSA-2048:P-256-PUBLIC - Result = KEYPAIR_TYPE_MISMATCH -- --PrivPubKeyPair = RSA-2048:KAS-ECC-CDH_K-163_C0-PUBLIC --Result = KEYPAIR_TYPE_MISMATCH -- --PrivPubKeyPair = Alice-25519:KAS-ECC-CDH_K-163_C0-PUBLIC --Result = KEYPAIR_TYPE_MISMATCH -diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp.t.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp.t ---- openssl-3.0.0-alpha16/test/recipes/30-test_evp.t.ec-curves 2021-05-17 10:49:28.050844977 +0200 -+++ openssl-3.0.0-alpha16/test/recipes/30-test_evp.t 2021-05-17 10:53:53.480444576 +0200 -@@ -111,7 +111,6 @@ my @defltfiles = qw( - evppkey_kdf_tls1_prf.txt - evppkey_rsa.txt - ); --push @defltfiles, qw(evppkey_brainpool.txt) unless $no_ec; - push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2; - - plan tests => + PrivateKey=ALICE_cf_prime256v1 diff --git a/0012-Fix-SPKAC-data-from-stdin.patch b/0012-Fix-SPKAC-data-from-stdin.patch deleted file mode 100644 index b9da02d..0000000 --- a/0012-Fix-SPKAC-data-from-stdin.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff -up openssl-3.0.0-alpha16/apps/lib/apps.c.spkac openssl-3.0.0-alpha16/apps/lib/apps.c ---- openssl-3.0.0-alpha16/apps/lib/apps.c.spkac 2021-06-04 09:28:48.162316896 +0200 -+++ openssl-3.0.0-alpha16/apps/lib/apps.c 2021-06-04 09:32:53.911795489 +0200 -@@ -403,14 +403,18 @@ CONF *app_load_config_verbose(const char - - CONF *app_load_config_internal(const char *filename, int quiet) - { -- BIO *in = NULL; /* leads to empty config in case filename == "" */ -+ BIO *in; - CONF *conf; - -- if (*filename != '\0' -- && (in = bio_open_default_(filename, 'r', FORMAT_TEXT, quiet)) == NULL) -- return NULL; -- conf = app_load_config_bio(in, filename); -- BIO_free(in); -+ if (filename == NULL || *filename != '\0') { -+ if ((in = bio_open_default_(filename, 'r', FORMAT_TEXT, quiet)) == NULL) -+ return NULL; -+ conf = app_load_config_bio(in, filename); -+ BIO_free(in); -+ } else { -+ /* Return empty config if filename is empty string. */ -+ conf = NCONF_new_ex(app_libctx, NULL); -+ } - return conf; - } - diff --git a/0013-Fix-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch b/0013-Fix-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch deleted file mode 100644 index 7467edd..0000000 --- a/0013-Fix-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch +++ /dev/null @@ -1,41 +0,0 @@ -diff -up openssl-3.0.0-alpha16/providers/implementations/keymgmt/ecx_kmgmt.c.edsize openssl-3.0.0-alpha16/providers/implementations/keymgmt/ecx_kmgmt.c ---- openssl-3.0.0-alpha16/providers/implementations/keymgmt/ecx_kmgmt.c.edsize 2021-06-04 09:51:12.567348198 +0200 -+++ openssl-3.0.0-alpha16/providers/implementations/keymgmt/ecx_kmgmt.c 2021-06-04 09:52:55.650321215 +0200 -@@ -309,14 +309,14 @@ static int x448_get_params(void *key, OS - static int ed25519_get_params(void *key, OSSL_PARAM params[]) - { - return ecx_get_params(key, params, ED25519_BITS, ED25519_SECURITY_BITS, -- ED25519_KEYLEN) -+ ED25519_SIGSIZE) - && ed_get_params(key, params); - } - - static int ed448_get_params(void *key, OSSL_PARAM params[]) - { - return ecx_get_params(key, params, ED448_BITS, ED448_SECURITY_BITS, -- ED448_KEYLEN) -+ ED448_SIGSIZE) - && ed_get_params(key, params); - } - -diff -up openssl-3.0.0-alpha16/test/evp_pkey_provided_test.c.edsize openssl-3.0.0-alpha16/test/evp_pkey_provided_test.c ---- openssl-3.0.0-alpha16/test/evp_pkey_provided_test.c.edsize 2021-06-04 09:51:24.540461209 +0200 -+++ openssl-3.0.0-alpha16/test/evp_pkey_provided_test.c 2021-06-04 09:54:26.531182412 +0200 -@@ -979,7 +979,7 @@ static int test_fromdata_ecx(int tst) - fromdata_params = ed25519_fromdata_params; - bits = ED25519_BITS; - security_bits = ED25519_SECURITY_BITS; -- size = ED25519_KEYLEN; -+ size = ED25519_SIGSIZE; - alg = "ED25519"; - break; - -@@ -987,7 +987,7 @@ static int test_fromdata_ecx(int tst) - fromdata_params = ed448_fromdata_params; - bits = ED448_BITS; - security_bits = ED448_SECURITY_BITS; -- size = ED448_KEYLEN; -+ size = ED448_SIGSIZE; - alg = "ED448"; - break; - default: diff --git a/0014-Return0-OPENSSL-init-crypto-cleanup.patch b/0014-Return0-OPENSSL-init-crypto-cleanup.patch deleted file mode 100644 index 041c0e7..0000000 --- a/0014-Return0-OPENSSL-init-crypto-cleanup.patch +++ /dev/null @@ -1,34 +0,0 @@ -diff -up openssl-3.0.0-alpha16/crypto/init.c.softhsm openssl-3.0.0-alpha16/crypto/init.c ---- openssl-3.0.0-alpha16/crypto/init.c.softhsm 2021-06-04 09:40:22.637748149 +0200 -+++ openssl-3.0.0-alpha16/crypto/init.c 2021-06-04 09:44:09.695867437 +0200 -@@ -454,6 +454,13 @@ int OPENSSL_init_crypto(uint64_t opts, c - uint64_t tmp; - int aloaddone = 0; - -+ /* Applications depend on 0 being returned when cleanup was already done */ -+ if (stopped) { -+ if (!(opts & OPENSSL_INIT_BASE_ONLY)) -+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL); -+ return 0; -+ } -+ - /* - * We ignore failures from this function. It is probably because we are - * on a platform that doesn't support lockless atomic loads (we may not -@@ -476,15 +483,7 @@ int OPENSSL_init_crypto(uint64_t opts, c - /* - * At some point we should look at this function with a view to moving - * most/all of this into OSSL_LIB_CTX. -- */ -- -- if (stopped) { -- if (!(opts & OPENSSL_INIT_BASE_ONLY)) -- ERR_raise(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL); -- return 0; -- } -- -- /* -+ * - * When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the - * *only* option specified. With that option we return immediately after - * doing the requested limited initialization. Note that diff --git a/0015-Cleanup-peer-point-formats-regotiation.patch b/0015-Cleanup-peer-point-formats-regotiation.patch deleted file mode 100644 index 51e3440..0000000 --- a/0015-Cleanup-peer-point-formats-regotiation.patch +++ /dev/null @@ -1,36 +0,0 @@ -diff -up openssl-3.0.0-alpha16/ssl/statem/extensions.c.reneg openssl-3.0.0-alpha16/ssl/statem/extensions.c ---- openssl-3.0.0-alpha16/ssl/statem/extensions.c.reneg 2021-06-04 10:03:01.313023512 +0200 -+++ openssl-3.0.0-alpha16/ssl/statem/extensions.c 2021-06-04 10:05:43.019538516 +0200 -@@ -45,6 +45,7 @@ static int tls_parse_certificate_authori - #ifndef OPENSSL_NO_SRP - static int init_srp(SSL *s, unsigned int context); - #endif -+static int init_ec_point_formats(SSL *s, unsigned int context); - static int init_etm(SSL *s, unsigned int context); - static int init_ems(SSL *s, unsigned int context); - static int final_ems(SSL *s, unsigned int context, int sent); -@@ -158,7 +159,7 @@ static const EXTENSION_DEFINITION ext_de - TLSEXT_TYPE_ec_point_formats, - SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO - | SSL_EXT_TLS1_2_AND_BELOW_ONLY, -- NULL, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats, -+ init_ec_point_formats, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats, - tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats, - final_ec_pt_formats - }, -@@ -1144,6 +1145,15 @@ static int init_srp(SSL *s, unsigned int - } - #endif - -+static int init_ec_point_formats(SSL *s, unsigned int context) -+{ -+ OPENSSL_free(s->ext.peer_ecpointformats); -+ s->ext.peer_ecpointformats = NULL; -+ s->ext.peer_ecpointformats_len = 0; -+ -+ return 1; -+} -+ - static int init_etm(SSL *s, unsigned int context) - { - s->ext.use_etm = 0; diff --git a/0016-Fix-default-digest-SHA256.patch b/0016-Fix-default-digest-SHA256.patch deleted file mode 100644 index c419f41..0000000 --- a/0016-Fix-default-digest-SHA256.patch +++ /dev/null @@ -1,45 +0,0 @@ -diff -up openssl-3.0.0-alpha16/apps/dgst.c.digest openssl-3.0.0-alpha16/apps/dgst.c ---- openssl-3.0.0-alpha16/apps/dgst.c.digest 2021-06-04 10:21:03.153697643 +0200 -+++ openssl-3.0.0-alpha16/apps/dgst.c 2021-06-04 10:22:26.737489944 +0200 -@@ -330,6 +330,8 @@ int dgst_main(int argc, char **argv) - } - - if (hmac_key != NULL) { -+ if (md == NULL) -+ md = (EVP_MD *)EVP_sha256(); - sigkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, impl, - (unsigned char *)hmac_key, - strlen(hmac_key)); -diff -up openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t.digest openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t ---- openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t.digest 2021-06-04 10:21:18.871846631 +0200 -+++ openssl-3.0.0-alpha16/test/recipes/20-test_dgst.t 2021-06-04 10:23:56.862344245 +0200 -@@ -17,7 +17,7 @@ use OpenSSL::Test::Utils; - - setup("test_dgst"); - --plan tests => 7; -+plan tests => 8; - - sub tsignverify { - my $testtext = shift; -@@ -115,6 +115,20 @@ subtest "HMAC generation with `dgst` CLI - ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)"); - ok($hmacdata[1] =~ $expected, - "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)"); -+}; -+ -+subtest "HMAC generation with `dgst` CLI, default digest" => sub { -+ plan tests => 2; -+ -+ my $testdata = srctop_file('test', 'data.bin'); -+ #HMAC the data twice to check consistency -+ my @hmacdata = run(app(['openssl', 'dgst', '-hmac', '123456', -+ $testdata, $testdata]), capture => 1); -+ chomp(@hmacdata); -+ my $expected = qr/HMAC-SHA256\(\Q$testdata\E\)= 6f12484129c4a761747f13d8234a1ff0e074adb34e9e9bf3a155c391b97b9a7c/; -+ ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected ($hmacdata[0]) vs ($expected)"); -+ ok($hmacdata[1] =~ $expected, -+ "HMAC: Check second HMAC value is consistent with the first ($hmacdata[1]) vs ($expected)"); - }; - - subtest "Custom length XOF digest generation with `dgst` CLI" => sub { diff --git a/0017-use-AI-ADDRCONFIG-explicit-hostname.patch b/0017-use-AI-ADDRCONFIG-explicit-hostname.patch index 15d9199..f4152ce 100644 --- a/0017-use-AI-ADDRCONFIG-explicit-hostname.patch +++ b/0017-use-AI-ADDRCONFIG-explicit-hostname.patch @@ -1,6 +1,6 @@ -diff -up openssl-3.0.0-alpha16/crypto/bio/b_addr.c.use-explicit openssl-3.0.0-alpha16/crypto/bio/b_addr.c ---- openssl-3.0.0-alpha16/crypto/bio/b_addr.c.use-explicit 2021-07-06 14:06:05.706578389 +0200 -+++ openssl-3.0.0-alpha16/crypto/bio/b_addr.c 2021-07-06 14:07:24.482329505 +0200 +diff -up openssl-3.0.0-alpha16/crypto/bio/bio_addr.c.use-explicit openssl-3.0.0-alpha16/crypto/bio/bio_addr.c +--- openssl-3.0.0-alpha16/crypto/bio/bio_addr.c.use-explicit 2021-07-06 14:06:05.706578389 +0200 ++++ openssl-3.0.0-alpha16/crypto/bio/bio_addr.c 2021-07-06 14:07:24.482329505 +0200 @@ -696,7 +696,7 @@ int BIO_lookup_ex(const char *host, cons hints.ai_protocol = protocol; # ifdef AI_ADDRCONFIG diff --git a/0019-dual-abi.patch b/0019-dual-abi.patch new file mode 100644 index 0000000..15bd2c0 --- /dev/null +++ b/0019-dual-abi.patch @@ -0,0 +1,1321 @@ +diff -up openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi openssl-3.0.0-beta1/crypto/evp/exchange.c +--- openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi 2021-07-02 15:28:23.331896975 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/exchange.c 2021-07-02 17:17:56.332300741 +0200 +@@ -472,6 +472,7 @@ const char *EVP_KEYEXCH_get0_description + { + return keyexch->description; + } ++RHEL_ALIAS1(EVP_KEYEXCH_description); + + int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name) + { +diff -up openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kdf_lib.c +--- openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi 2021-07-02 14:57:12.576376884 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/kdf_lib.c 2021-07-02 14:59:05.277356425 +0200 +@@ -92,11 +92,13 @@ const char *EVP_KDF_get0_name(const EVP_ + { + return kdf->type_name; + } ++RHEL_ALIAS1(EVP_KDF_name); + + const char *EVP_KDF_get0_description(const EVP_KDF *kdf) + { + return kdf->description; + } ++RHEL_ALIAS1(EVP_KDF_description); + + int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name) + { +@@ -107,6 +109,7 @@ const OSSL_PROVIDER *EVP_KDF_get0_provid + { + return kdf->prov; + } ++RHEL_ALIAS1(EVP_KDF_provider); + + const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx) + { +diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kem.c +--- openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi 2021-07-02 14:59:25.315530582 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/kem.c 2021-07-02 15:28:04.812733083 +0200 +@@ -328,6 +328,7 @@ OSSL_PROVIDER *EVP_KEM_get0_provider(con + { + return kem->prov; + } ++RHEL_ALIAS1(EVP_KEM_provider); + + EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties) +@@ -352,11 +353,13 @@ const char *EVP_KEM_get0_name(const EVP_ + { + return kem->type_name; + } ++RHEL_ALIAS1(EVP_KEM_name); + + const char *EVP_KEM_get0_description(const EVP_KEM *kem) + { + return kem->description; + } ++RHEL_ALIAS1(EVP_KEM_description); + + void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_KEM *kem, void *arg), +diff -up openssl-3.0.0-beta1/include/openssl/decoder.h.dual-abi openssl-3.0.0-beta1/include/openssl/decoder.h +--- openssl-3.0.0-beta1/include/openssl/decoder.h.dual-abi 2021-07-02 12:39:19.758597953 +0200 ++++ openssl-3.0.0-beta1/include/openssl/decoder.h 2021-07-02 13:21:55.717630285 +0200 +@@ -32,9 +32,12 @@ int OSSL_DECODER_up_ref(OSSL_DECODER *en + void OSSL_DECODER_free(OSSL_DECODER *encoder); + + const OSSL_PROVIDER *OSSL_DECODER_get0_provider(const OSSL_DECODER *encoder); ++# define OSSL_DECODER_provider OSSL_DECODER_get0_provider + const char *OSSL_DECODER_get0_properties(const OSSL_DECODER *encoder); ++# define OSSL_DECODER_properties OSSL_DECODER_get0_properties + const char *OSSL_DECODER_get0_name(const OSSL_DECODER *decoder); + const char *OSSL_DECODER_get0_description(const OSSL_DECODER *decoder); ++# define OSSL_DECODER_description OSSL_DECODER_get0_description + int OSSL_DECODER_is_a(const OSSL_DECODER *encoder, const char *name); + + void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx, +diff -up openssl-3.0.0-beta1/include/openssl/encoder.h.dual-abi openssl-3.0.0-beta1/include/openssl/encoder.h +--- openssl-3.0.0-beta1/include/openssl/encoder.h.dual-abi 2021-07-02 13:22:22.889885589 +0200 ++++ openssl-3.0.0-beta1/include/openssl/encoder.h 2021-07-02 13:23:55.732757920 +0200 +@@ -32,9 +32,12 @@ int OSSL_ENCODER_up_ref(OSSL_ENCODER *en + void OSSL_ENCODER_free(OSSL_ENCODER *encoder); + + const OSSL_PROVIDER *OSSL_ENCODER_get0_provider(const OSSL_ENCODER *encoder); ++# define OSSL_ENCODER_provider OSSL_ENCODER_get0_provider + const char *OSSL_ENCODER_get0_properties(const OSSL_ENCODER *encoder); ++# define OSSL_ENCODER_properties OSSL_ENCODER_get0_properties + const char *OSSL_ENCODER_get0_name(const OSSL_ENCODER *kdf); + const char *OSSL_ENCODER_get0_description(const OSSL_ENCODER *kdf); ++# define OSSL_ENCODER_description OSSL_ENCODER_get0_description + int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name); + + void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx, +diff -up openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi openssl-3.0.0-beta1/include/openssl/evp.h +--- openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi 2021-07-02 11:06:34.316615418 +0200 ++++ openssl-3.0.0-beta1/include/openssl/evp.h 2021-07-02 13:24:10.653898116 +0200 +@@ -534,11 +534,13 @@ int EVP_MD_get_type(const EVP_MD *md); + const char *EVP_MD_get0_name(const EVP_MD *md); + # define EVP_MD_name EVP_MD_get0_name + const char *EVP_MD_get0_description(const EVP_MD *md); ++# define EVP_MD_description EVP_MD_get0_description + int EVP_MD_is_a(const EVP_MD *md, const char *name); + int EVP_MD_names_do_all(const EVP_MD *md, + void (*fn)(const char *name, void *data), + void *data); + const OSSL_PROVIDER *EVP_MD_get0_provider(const EVP_MD *md); ++#define EVP_MD_provider EVP_MD_get0_provider + int EVP_MD_get_pkey_type(const EVP_MD *md); + # define EVP_MD_pkey_type EVP_MD_get_pkey_type + int EVP_MD_get_size(const EVP_MD *md); +@@ -579,11 +581,13 @@ int EVP_CIPHER_get_nid(const EVP_CIPHER + const char *EVP_CIPHER_get0_name(const EVP_CIPHER *cipher); + # define EVP_CIPHER_name EVP_CIPHER_get0_name + const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher); ++# define EVP_CIPHER_description EVP_CIPHER_get0_description + int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name); + int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, + void (*fn)(const char *name, void *data), + void *data); + const OSSL_PROVIDER *EVP_CIPHER_get0_provider(const EVP_CIPHER *cipher); ++# define EVP_CIPHER_provider EVP_CIPHER_get0_provider + int EVP_CIPHER_get_block_size(const EVP_CIPHER *cipher); + # define EVP_CIPHER_block_size EVP_CIPHER_get_block_size + # ifndef OPENSSL_NO_DEPRECATED_3_0 +@@ -1198,15 +1202,19 @@ EVP_MAC *EVP_MAC_fetch(OSSL_LIB_CTX *lib + int EVP_MAC_up_ref(EVP_MAC *mac); + void EVP_MAC_free(EVP_MAC *mac); + const char *EVP_MAC_get0_name(const EVP_MAC *mac); ++# define EVP_MAC_name EVP_MAC_get0_name + const char *EVP_MAC_get0_description(const EVP_MAC *mac); ++# define EVP_MAC_description EVP_MAC_get0_description + int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); + const OSSL_PROVIDER *EVP_MAC_get0_provider(const EVP_MAC *mac); ++# define EVP_MAC_provider EVP_MAC_get0_provider + int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); + + EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac); + void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx); + EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src); + EVP_MAC *EVP_MAC_CTX_get0_mac(EVP_MAC_CTX *ctx); ++# define EVP_MAC_CTX_mac EVP_MAC_CTX_get0_mac + int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); + int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); + +@@ -1242,14 +1250,18 @@ EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *l + int EVP_RAND_up_ref(EVP_RAND *rand); + void EVP_RAND_free(EVP_RAND *rand); + const char *EVP_RAND_get0_name(const EVP_RAND *rand); ++# define EVP_RAND_name EVP_RAND_get0_name + const char *EVP_RAND_get0_description(const EVP_RAND *md); ++# define EVP_RAND_description EVP_RAND_get0_description + int EVP_RAND_is_a(const EVP_RAND *rand, const char *name); + const OSSL_PROVIDER *EVP_RAND_get0_provider(const EVP_RAND *rand); ++# define EVP_RAND_provider EVP_RAND_get0_provider + int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]); + + EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent); + void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx); + EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAND_CTX *ctx); ++# define EVP_RAND_CTX_rand EVP_RAND_CTX_get0_rand + int EVP_RAND_CTX_get_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[]); + int EVP_RAND_CTX_set_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[]); + const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand); +@@ -1282,7 +1294,9 @@ __owur int EVP_RAND_enable_locking(EVP_R + + int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx); + unsigned int EVP_RAND_get_strength(EVP_RAND_CTX *ctx); ++# define EVP_RAND_strength EVP_RAND_get_strength + int EVP_RAND_get_state(EVP_RAND_CTX *ctx); ++# define EVP_RAND_state EVP_RAND_get_state + + # define EVP_RAND_STATE_UNINITIALISED 0 + # define EVP_RAND_STATE_READY 1 +@@ -1757,8 +1771,11 @@ EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_ + int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt); + void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt); + const OSSL_PROVIDER *EVP_KEYMGMT_get0_provider(const EVP_KEYMGMT *keymgmt); ++# define EVP_KEYMGMT_provider EVP_KEYMGMT_get0_provider + const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt); ++# define EVP_KEYMGMT_name EVP_KEYMGMT_get0_name + const char *EVP_KEYMGMT_get0_description(const EVP_KEYMGMT *keymgmt); ++# define EVP_KEYMGMT_description EVP_KEYMGMT_get0_description + int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name); + void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), +@@ -1838,11 +1855,14 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY + void EVP_SIGNATURE_free(EVP_SIGNATURE *signature); + int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature); + OSSL_PROVIDER *EVP_SIGNATURE_get0_provider(const EVP_SIGNATURE *signature); ++# define EVP_SIGNATURE_provider EVP_SIGNATURE_get0_provider + EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties); + int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name); + const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE *signature); ++# define EVP_SIGNATURE_name EVP_SIGNATURE_get0_name + const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature); ++# define EVP_SIGNATURE_description EVP_SIGNATURE_get0_description + void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_SIGNATURE *signature, + void *data), +@@ -1856,11 +1876,14 @@ const OSSL_PARAM *EVP_SIGNATURE_settable + void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher); + int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher); + OSSL_PROVIDER *EVP_ASYM_CIPHER_get0_provider(const EVP_ASYM_CIPHER *cipher); ++# define EVP_ASYM_CIPHER_provider EVP_ASYM_CIPHER_get0_provider + EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties); + int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name); + const char *EVP_ASYM_CIPHER_get0_name(const EVP_ASYM_CIPHER *cipher); ++# define EVP_ASYM_CIPHER_name EVP_ASYM_CIPHER_get0_name + const char *EVP_ASYM_CIPHER_get0_description(const EVP_ASYM_CIPHER *cipher); ++# define EVP_ASYM_CIPHER_description EVP_ASYM_CIPHER_get0_description + void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_ASYM_CIPHER *cipher, + void *arg), +@@ -1874,11 +1897,14 @@ const OSSL_PARAM *EVP_ASYM_CIPHER_settab + void EVP_KEM_free(EVP_KEM *wrap); + int EVP_KEM_up_ref(EVP_KEM *wrap); + OSSL_PROVIDER *EVP_KEM_get0_provider(const EVP_KEM *wrap); ++# define EVP_KEM_provider EVP_KEM_get0_provider + EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties); + int EVP_KEM_is_a(const EVP_KEM *wrap, const char *name); + const char *EVP_KEM_get0_name(const EVP_KEM *wrap); ++# define EVP_KEM_name EVP_KEM_get0_name + const char *EVP_KEM_get0_description(const EVP_KEM *wrap); ++# define EVP_KEM_description EVP_KEM_get0_description + void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_KEM *wrap, void *arg), void *arg); + int EVP_KEM_names_do_all(const EVP_KEM *wrap, +@@ -2140,9 +2166,12 @@ int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exch + EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties); + OSSL_PROVIDER *EVP_KEYEXCH_get0_provider(const EVP_KEYEXCH *exchange); ++# define EVP_KEYEXCH_provider EVP_KEYEXCH_get0_provider + int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name); + const char *EVP_KEYEXCH_get0_name(const EVP_KEYEXCH *keyexch); ++# define EVP_KEYEXCH_name EVP_KEYEXCH_get0_name + const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch); ++# define EVP_KEYEXCH_description EVP_KEYEXCH_get0_description + void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_KEYEXCH *keyexch, void *data), + void *data); +diff -up openssl-3.0.0-beta1/include/openssl/kdf.h.dual-abi openssl-3.0.0-beta1/include/openssl/kdf.h +--- openssl-3.0.0-beta1/include/openssl/kdf.h.dual-abi 2021-07-02 11:26:04.355711366 +0200 ++++ openssl-3.0.0-beta1/include/openssl/kdf.h 2021-07-02 11:57:44.950361808 +0200 +@@ -34,9 +34,12 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kd + void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); + EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src); + const char *EVP_KDF_get0_description(const EVP_KDF *kdf); ++# define EVP_KDF_description EVP_KDF_get0_description + int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name); + const char *EVP_KDF_get0_name(const EVP_KDF *kdf); ++# define EVP_KDF_name EVP_KDF_get0_name + const OSSL_PROVIDER *EVP_KDF_get0_provider(const EVP_KDF *kdf); ++# define EVP_KDF_provider EVP_KDF_get0_provider + const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx); + + void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx); +diff -up openssl-3.0.0-beta1/include/openssl/provider.h.dual-abi openssl-3.0.0-beta1/include/openssl/provider.h +--- openssl-3.0.0-beta1/include/openssl/provider.h.dual-abi 2021-07-02 13:53:27.941487991 +0200 ++++ openssl-3.0.0-beta1/include/openssl/provider.h 2021-07-02 13:54:12.265889498 +0200 +@@ -52,6 +52,7 @@ int OSSL_PROVIDER_add_builtin(OSSL_LIB_C + + /* Information */ + const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov); ++# define OSSL_PROVIDER_name OSSL_PROVIDER_get0_name + + # ifdef __cplusplus + } +diff -up openssl-3.0.0-beta1/include/openssl/store.h.dual-abi openssl-3.0.0-beta1/include/openssl/store.h +--- openssl-3.0.0-beta1/include/openssl/store.h.dual-abi 2021-07-02 13:54:41.990088355 +0200 ++++ openssl-3.0.0-beta1/include/openssl/store.h 2021-07-02 13:56:05.817649168 +0200 +@@ -260,8 +260,11 @@ int OSSL_STORE_LOADER_up_ref(OSSL_STORE_ + void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader); + const OSSL_PROVIDER *OSSL_STORE_LOADER_get0_provider(const OSSL_STORE_LOADER * + loader); ++# define OSSL_STORE_LOADER_provider OSSL_STORE_LOADER_get0_provider + const char *OSSL_STORE_LOADER_get0_properties(const OSSL_STORE_LOADER *loader); ++# define OSSL_STORE_LOADER_properties OSSL_STORE_LOADER_get0_properties + const char *OSSL_STORE_LOADER_get0_description(const OSSL_STORE_LOADER *loader); ++# define OSSL_STORE_LOADER_description OSSL_STORE_LOADER_get0_description + int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, + const char *scheme); + void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx, +diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-12 23:22:43.652838373 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-12 23:40:46.085974883 +0200 +@@ -430,6 +430,7 @@ const OSSL_PROVIDER *OSSL_DECODER_get0_p + + return decoder->base.prov; + } ++RHEL_ALIAS1(OSSL_DECODER_provider); + + const char *OSSL_DECODER_get0_properties(const OSSL_DECODER *decoder) + { +@@ -440,6 +441,7 @@ const char *OSSL_DECODER_get0_properties + + return decoder->base.algodef->property_definition; + } ++RHEL_ALIAS1(OSSL_DECODER_properties); + + const OSSL_PROPERTY_LIST * + ossl_decoder_parsed_properties(const OSSL_DECODER *decoder) +@@ -471,6 +473,7 @@ const char *OSSL_DECODER_get0_descriptio + { + return decoder->base.algodef->algorithm_description; + } ++RHEL_ALIAS1(OSSL_DECODER_description); + + int OSSL_DECODER_is_a(const OSSL_DECODER *decoder, const char *name) + { +diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-12 23:22:06.307513672 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-08 14:20:58.568247805 +0200 +@@ -439,6 +439,7 @@ const OSSL_PROVIDER *OSSL_ENCODER_get0_p + + return encoder->base.prov; + } ++RHEL_ALIAS1(OSSL_ENCODER_provider); + + const char *OSSL_ENCODER_get0_properties(const OSSL_ENCODER *encoder) + { +@@ -449,6 +450,7 @@ const char *OSSL_ENCODER_get0_properties + + return encoder->base.algodef->property_definition; + } ++RHEL_ALIAS1(OSSL_ENCODER_properties); + + const OSSL_PROPERTY_LIST * + ossl_encoder_parsed_properties(const OSSL_ENCODER *encoder) +diff -up openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi openssl-3.0.0-beta1/crypto/evp/signature.c +--- openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi 2021-07-12 23:35:50.113380220 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/signature.c 2021-07-12 23:42:13.074732176 +0200 +@@ -304,6 +304,7 @@ OSSL_PROVIDER *EVP_SIGNATURE_get0_provid + { + return signature->prov; + } ++RHEL_ALIAS1(EVP_SIGNATURE_provider); + + EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties) +diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/crypto/provider.c +--- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-12 23:20:52.911866341 +0200 ++++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-08 14:17:56.222526254 +0200 +@@ -133,6 +133,7 @@ const char *OSSL_PROVIDER_get0_name(cons + { + return ossl_provider_name(prov); + } ++RHEL_ALIAS1(OSSL_PROVIDER_name); + + int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx, + int (*cb)(OSSL_PROVIDER *provider, +diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-beta1/crypto/store/store_meth.c +--- openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi 2021-07-12 23:19:45.894383707 +0200 ++++ openssl-3.0.0-beta1/crypto/store/store_meth.c 2021-07-08 10:32:19.767282116 +0200 +@@ -398,6 +398,7 @@ const OSSL_PROVIDER *OSSL_STORE_LOADER_g + + return loader->prov; + } ++RHEL_ALIAS1(OSSL_STORE_LOADER_provider); + + const char *OSSL_STORE_LOADER_get0_properties(const OSSL_STORE_LOADER *loader) + { +@@ -408,6 +409,7 @@ const char *OSSL_STORE_LOADER_get0_prope + + return loader->propdef; + } ++RHEL_ALIAS1(OSSL_STORE_LOADER_properties); + + int ossl_store_loader_get_number(const OSSL_STORE_LOADER *loader) + { +@@ -423,6 +425,7 @@ const char *OSSL_STORE_LOADER_get0_descr + { + return loader->description; + } ++RHEL_ALIAS1(OSSL_STORE_LOADER_description); + + int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, const char *name) + { +diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-13 01:01:18.919145746 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-13 01:02:00.137533120 +0200 +@@ -23,6 +23,21 @@ + */ + #define NAME_SEPARATOR ':' + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + /* Simple method structure constructor and destructor */ + static OSSL_DECODER *ossl_decoder_new(void) + { +diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-13 01:01:31.433263354 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-13 01:02:26.169777773 +0200 +@@ -23,6 +23,21 @@ + */ + #define NAME_SEPARATOR ':' + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + /* Simple method structure constructor and destructor */ + static OSSL_ENCODER *ossl_encoder_new(void) + { +diff -up openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi openssl-3.0.0-beta1/crypto/evp/asymcipher.c +--- openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi 2021-07-13 01:11:45.757160664 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/asymcipher.c 2021-07-13 01:12:10.821406727 +0200 +@@ -17,6 +17,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation, + const OSSL_PARAM params[]) + { +@@ -413,6 +428,7 @@ OSSL_PROVIDER *EVP_ASYM_CIPHER_get0_prov + { + return cipher->prov; + } ++RHEL_ALIAS1(EVP_ASYM_CIPHER_provider); + + EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties) +@@ -437,11 +453,13 @@ const char *EVP_ASYM_CIPHER_get0_name(co + { + return cipher->type_name; + } ++RHEL_ALIAS1(EVP_ASYM_CIPHER_name); + + const char *EVP_ASYM_CIPHER_get0_description(const EVP_ASYM_CIPHER *cipher) + { + return cipher->description; + } ++RHEL_ALIAS1(EVP_ASYM_CIPHER_description); + + void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_ASYM_CIPHER *cipher, +diff -up openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_lib.c +--- openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi 2021-07-13 01:10:08.970210463 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/evp_lib.c 2021-07-13 01:10:20.596324598 +0200 +@@ -31,6 +31,21 @@ + #include "crypto/asn1.h" + #include "internal/provider.h" + #include "evp_local.h" ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + + #if !defined(FIPS_MODULE) + +@@ -337,6 +352,7 @@ int EVP_CIPHER_get_type(const EVP_CIPHER + #endif + } + } ++RHEL_ALIAS1(EVP_CIPHER_type); + + int evp_cipher_cache_constants(EVP_CIPHER *cipher) + { +@@ -389,11 +405,13 @@ int EVP_CIPHER_get_block_size(const EVP_ + { + return cipher->block_size; + } ++RHEL_ALIAS1(EVP_CIPHER_block_size); + + int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx) + { + return EVP_CIPHER_get_block_size(ctx->cipher); + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_block_size); + + int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e) + { +@@ -466,11 +484,13 @@ int EVP_CIPHER_CTX_is_encrypting(const E + { + return ctx->encrypt; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_encrypting); + + unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher) + { + return cipher->flags; + } ++RHEL_ALIAS1(EVP_CIPHER_flags); + + void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) + { +@@ -501,6 +521,7 @@ int EVP_CIPHER_get_iv_length(const EVP_C + { + return cipher->iv_len; + } ++RHEL_ALIAS1(EVP_CIPHER_iv_length); + + int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx) + { +@@ -522,6 +543,7 @@ legacy: + } + return len; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_iv_length); + + int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx) + { +@@ -533,6 +555,7 @@ int EVP_CIPHER_CTX_get_tag_length(const + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); + return ret == 1 ? (int)v : 0; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_tag_length); + + #ifndef OPENSSL_NO_DEPRECATED_3_0 + const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx) +@@ -615,6 +638,7 @@ int EVP_CIPHER_CTX_get_num(const EVP_CIP + + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_num); + + int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num) + { +@@ -634,6 +658,7 @@ int EVP_CIPHER_get_key_length(const EVP_ + { + return cipher->key_len; + } ++RHEL_ALIAS1(EVP_CIPHER_key_length); + + int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx) + { +@@ -646,16 +671,19 @@ int EVP_CIPHER_CTX_get_key_length(const + + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_key_length); + + int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher) + { + return cipher->nid; + } ++RHEL_ALIAS1(EVP_CIPHER_nid); + + int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher->nid; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_nid); + + int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name) + { +@@ -679,6 +707,7 @@ const char *EVP_CIPHER_get0_name(const E + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_CIPHER_name); + + const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher) + { +@@ -690,6 +719,7 @@ const char *EVP_CIPHER_get0_description( + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_CIPHER_description); + + int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, + void (*fn)(const char *name, void *data), +@@ -705,11 +735,13 @@ const OSSL_PROVIDER *EVP_CIPHER_get0_pro + { + return cipher->prov; + } ++RHEL_ALIAS1(EVP_CIPHER_provider); + + int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher) + { + return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE; + } ++RHEL_ALIAS1(EVP_CIPHER_mode); + + int EVP_MD_is_a(const EVP_MD *md, const char *name) + { +@@ -733,6 +765,7 @@ const char *EVP_MD_get0_description(cons + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_MD_description); + + const char *EVP_MD_get0_name(const EVP_MD *md) + { +@@ -746,6 +779,7 @@ const char *EVP_MD_get0_name(const EVP_M + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_MD_name); + + int EVP_MD_names_do_all(const EVP_MD *md, + void (*fn)(const char *name, void *data), +@@ -761,16 +795,19 @@ const OSSL_PROVIDER *EVP_MD_get0_provide + { + return md->prov; + } ++RHEL_ALIAS1(EVP_MD_provider); + + int EVP_MD_get_type(const EVP_MD *md) + { + return md->type; + } ++RHEL_ALIAS1(EVP_MD_type); + + int EVP_MD_get_pkey_type(const EVP_MD *md) + { + return md->pkey_type; + } ++RHEL_ALIAS1(EVP_MD_pkey_type); + + int EVP_MD_get_block_size(const EVP_MD *md) + { +@@ -780,6 +817,7 @@ int EVP_MD_get_block_size(const EVP_MD * + } + return md->block_size; + } ++RHEL_ALIAS1(EVP_MD_block_size); + + int EVP_MD_get_size(const EVP_MD *md) + { +@@ -789,11 +827,13 @@ int EVP_MD_get_size(const EVP_MD *md) + } + return md->md_size; + } ++RHEL_ALIAS1(EVP_MD_size); + + unsigned long EVP_MD_get_flags(const EVP_MD *md) + { + return md->flags; + } ++RHEL_ALIAS1(EVP_MD_flags); + + EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type) + { +@@ -1007,6 +1047,7 @@ EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(co + { + return ctx->pctx; + } ++RHEL_ALIAS1(EVP_MD_CTX_pkey_ctx); + + #if !defined(FIPS_MODULE) + void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx) +@@ -1033,6 +1074,7 @@ void *EVP_MD_CTX_get0_md_data(const EVP_ + { + return ctx->md_data; + } ++RHEL_ALIAS1(EVP_MD_CTX_md_data); + + int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, + const void *data, size_t count) +diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c +--- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-13 00:54:33.231325700 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-13 00:57:22.596922955 +0200 +@@ -26,6 +26,22 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ ++ + struct evp_rand_st { + OSSL_PROVIDER *prov; + int name_id; +@@ -302,11 +318,13 @@ const char *EVP_RAND_get0_name(const EVP + { + return rand->type_name; + } ++RHEL_ALIAS1(EVP_RAND_name); + + const char *EVP_RAND_get0_description(const EVP_RAND *rand) + { + return rand->description; + } ++RHEL_ALIAS1(EVP_RAND_description); + + int EVP_RAND_is_a(const EVP_RAND *rand, const char *name) + { +@@ -317,6 +335,7 @@ const OSSL_PROVIDER *EVP_RAND_get0_provi + { + return rand->prov; + } ++RHEL_ALIAS1(EVP_RAND_provider); + + int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]) + { +@@ -399,6 +418,7 @@ EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAN + { + return ctx->meth; + } ++RHEL_ALIAS1(EVP_RAND_CTX_rand); + + static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx, + OSSL_PARAM params[]) +@@ -633,6 +653,7 @@ unsigned int EVP_RAND_get_strength(EVP_R + evp_rand_unlock(ctx); + return res; + } ++RHEL_ALIAS1(EVP_RAND_strength); + + static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out, + size_t outlen) +@@ -667,6 +688,7 @@ int EVP_RAND_get_state(EVP_RAND_CTX *ctx + state = EVP_RAND_STATE_ERROR; + return state; + } ++RHEL_ALIAS1(EVP_RAND_state); + + static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx) + { +diff -up openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi openssl-3.0.0-beta1/crypto/evp/exchange.c +--- openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi 2021-07-12 23:58:50.656415550 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/exchange.c 2021-07-13 00:43:35.764165305 +0200 +@@ -17,6 +17,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov) + { + EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH)); +@@ -170,6 +185,7 @@ OSSL_PROVIDER *EVP_KEYEXCH_get0_provider + { + return exchange->prov; + } ++RHEL_ALIAS1(EVP_KEYEXCH_provider); + + EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties) +@@ -467,6 +483,7 @@ const char *EVP_KEYEXCH_get0_name(const + { + return keyexch->type_name; + } ++RHEL_ALIAS1(EVP_KEYEXCH_name); + + const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch) + { +diff -up openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kdf_lib.c +--- openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi 2021-07-13 01:05:40.212601404 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/kdf_lib.c 2021-07-13 01:06:03.238817806 +0200 +@@ -23,6 +23,21 @@ + #include "internal/provider.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) + { + EVP_KDF_CTX *ctx = NULL; +diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kem.c +--- openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi 2021-07-13 01:05:02.966251358 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/kem.c 2021-07-13 01:04:49.023120319 +0200 +@@ -17,6 +17,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation, + const OSSL_PARAM params[]) + { +diff -up openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c +--- openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi 2021-07-13 00:01:22.784863826 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c 2021-07-13 00:44:18.815566635 +0200 +@@ -17,6 +17,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static void *keymgmt_new(void) + { + EVP_KEYMGMT *keymgmt = NULL; +@@ -250,6 +265,7 @@ const OSSL_PROVIDER *EVP_KEYMGMT_get0_pr + { + return keymgmt->prov; + } ++RHEL_ALIAS1(EVP_KEYMGMT_provider); + + int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt) + { +@@ -260,11 +276,13 @@ const char *EVP_KEYMGMT_get0_description + { + return keymgmt->description; + } ++RHEL_ALIAS1(EVP_KEYMGMT_description); + + const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt) + { + return keymgmt->type_name; + } ++RHEL_ALIAS1(EVP_KEYMGMT_name); + + int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name) + { +diff -up openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_lib.c +--- openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi 2021-07-13 00:03:56.495327168 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/mac_lib.c 2021-07-13 00:44:48.459842988 +0200 +@@ -19,6 +19,21 @@ + #include "internal/provider.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac) + { + EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX)); +@@ -81,6 +96,7 @@ EVP_MAC *EVP_MAC_CTX_get0_mac(EVP_MAC_CT + { + return ctx->meth; + } ++RHEL_ALIAS1(EVP_MAC_CTX_mac); + + static size_t get_size_t_ctx_param(EVP_MAC_CTX *ctx, const char *name) + { +@@ -212,11 +228,13 @@ const char *EVP_MAC_get0_name(const EVP_ + { + return mac->type_name; + } ++RHEL_ALIAS1(EVP_MAC_name); + + const char *EVP_MAC_get0_description(const EVP_MAC *mac) + { + return mac->description; + } ++RHEL_ALIAS1(EVP_MAC_description); + + int EVP_MAC_is_a(const EVP_MAC *mac, const char *name) + { +diff -up openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_meth.c +--- openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi 2021-07-13 00:06:10.565599500 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/mac_meth.c 2021-07-13 00:45:14.925089707 +0200 +@@ -7,6 +7,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static int evp_mac_up_ref(void *vmac) + { + EVP_MAC *mac = vmac; +@@ -179,6 +194,7 @@ const OSSL_PROVIDER *EVP_MAC_get0_provid + { + return mac->prov; + } ++RHEL_ALIAS1(EVP_MAC_provider); + + const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac) + { +diff -up openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/p_lib.c +--- openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi 2021-07-13 00:49:03.477220320 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/p_lib.c 2021-07-13 00:53:25.178683891 +0200 +@@ -49,6 +49,21 @@ + + #include "e_os.h" /* strcasecmp on Windows */ + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, + int len, EVP_KEYMGMT *keymgmt); + static void evp_pkey_free_it(EVP_PKEY *key); +@@ -69,6 +84,7 @@ int EVP_PKEY_get_bits(const EVP_PKEY *pk + } + return size < 0 ? 0 : size; + } ++RHEL_ALIAS1(EVP_PKEY_bits); + + int EVP_PKEY_get_security_bits(const EVP_PKEY *pkey) + { +@@ -81,6 +97,7 @@ int EVP_PKEY_get_security_bits(const EVP + } + return size < 0 ? 0 : size; + } ++RHEL_ALIAS1(EVP_PKEY_security_bits); + + int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) + { +@@ -974,11 +991,13 @@ int EVP_PKEY_get_id(const EVP_PKEY *pkey + { + return pkey->type; + } ++RHEL_ALIAS1(EVP_PKEY_id); + + int EVP_PKEY_get_base_id(const EVP_PKEY *pkey) + { + return EVP_PKEY_type(pkey->type); + } ++RHEL_ALIAS1(EVP_PKEY_base_id); + + /* + * These hard coded cases are pure hackery to get around the fact +@@ -1780,6 +1799,7 @@ int EVP_PKEY_get_size(const EVP_PKEY *pk + } + return size < 0 ? 0 : size; + } ++RHEL_ALIAS1(EVP_PKEY_size); + + const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey) + { +@@ -1794,6 +1814,7 @@ const char *EVP_PKEY_get0_description(co + #endif + return NULL; + } ++RHEL_ALIAS1(EVP_PKEY_description); + + void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, + EVP_KEYMGMT **keymgmt, +diff -up openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c +--- openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c.dual-abi 2021-07-13 00:47:14.791207121 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c 2021-07-13 00:48:48.716082716 +0200 +@@ -34,6 +34,21 @@ + + #ifndef FIPS_MODULE + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx, + int keytype, int optype, + int cmd, const char *name, +@@ -1076,6 +1091,7 @@ int EVP_PKEY_CTX_set_hkdf_mode(EVP_PKEY_ + + return EVP_PKEY_CTX_set_params(ctx, int_params); + } ++RHEL_ALIAS1(EVP_PKEY_CTX_hkdf_mode); + + int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass, + int passlen) +diff -up openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi openssl-3.0.0-beta1/crypto/evp/signature.c +--- openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi 2021-07-13 00:58:07.602347388 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/signature.c 2021-07-13 00:59:52.391332550 +0200 +@@ -18,6 +18,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov) + { + EVP_SIGNATURE *signature = OPENSSL_zalloc(sizeof(EVP_SIGNATURE)); +@@ -329,11 +344,13 @@ const char *EVP_SIGNATURE_get0_name(cons + { + return signature->type_name; + } ++RHEL_ALIAS1(EVP_SIGNATURE_name); + + const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature) + { + return signature->description; + } ++RHEL_ALIAS1(EVP_SIGNATURE_description); + + void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_SIGNATURE *signature, +diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-beta1/crypto/store/store_meth.c +--- openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi 2021-07-13 01:02:51.062011712 +0200 ++++ openssl-3.0.0-beta1/crypto/store/store_meth.c 2021-07-13 01:03:16.138247380 +0200 +@@ -15,6 +15,21 @@ + #include "internal/provider.h" + #include "store_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader) + { + int ref = 0; +diff -up openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi openssl-3.0.0-beta1/include/openssl/evp.h +--- openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi 2021-07-13 10:36:25.622755098 +0200 ++++ openssl-3.0.0-beta1/include/openssl/evp.h 2021-07-13 10:36:43.680926345 +0200 +@@ -1394,6 +1394,7 @@ int EVP_PKEY_up_ref(EVP_PKEY *pkey); + EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey); + void EVP_PKEY_free(EVP_PKEY *pkey); + const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey); ++#define EVP_PKEY_description EVP_PKEY_get0_description + + EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, + long length); +diff -up openssl-3.0.0-beta1/crypto/http/http_client.c.dual-abi openssl-3.0.0-beta1/crypto/http/http_client.c +--- openssl-3.0.0-beta1/crypto/http/http_client.c.dual-abi 2021-07-13 22:47:01.463713204 +0200 ++++ openssl-3.0.0-beta1/crypto/http/http_client.c 2021-07-13 22:46:32.064435146 +0200 +@@ -784,6 +784,11 @@ int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP + + } + ++int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx) ++{ ++ return OSSL_HTTP_REQ_CTX_nbio_d2i(rctx, (ASN1_VALUE **)(presp), ASN1_ITEM_rptr(OCSP_RESPONSE)); ++} ++ + #ifndef OPENSSL_NO_SOCK + + /* set up a new connection BIO, to HTTP server or to HTTP(S) proxy if given */ +diff -up openssl-3.0.0-beta1/include/openssl/http.h.dual-abi openssl-3.0.0-beta1/include/openssl/http.h +--- openssl-3.0.0-beta1/include/openssl/http.h.dual-abi 2021-07-13 22:46:13.628260778 +0200 ++++ openssl-3.0.0-beta1/include/openssl/http.h 2021-07-13 22:45:33.390880219 +0200 +@@ -52,6 +52,7 @@ int OSSL_HTTP_REQ_CTX_set1_req(OSSL_HTTP + int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx); + int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP_REQ_CTX *rctx, + ASN1_VALUE **pval, const ASN1_ITEM *it); ++int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx); + BIO *OSSL_HTTP_REQ_CTX_exchange(OSSL_HTTP_REQ_CTX *rctx); + BIO *OSSL_HTTP_REQ_CTX_get0_mem_bio(const OSSL_HTTP_REQ_CTX *rctx); + size_t OSSL_HTTP_REQ_CTX_get_resp_len(const OSSL_HTTP_REQ_CTX *rctx); +diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-13 23:41:29.425486504 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-13 23:42:00.393819678 +0200 +@@ -497,6 +497,7 @@ const char *OSSL_ENCODER_get0_descriptio + { + return encoder->base.algodef->algorithm_description; + } ++RHEL_ALIAS1(OSSL_ENCODER_description); + + int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name) + { +diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/util/libcrypto.num +--- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-13 23:38:25.166562563 +0200 ++++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-13 23:40:38.622939932 +0200 +@@ -5414,3 +5414,76 @@ ASN1_item_d2i_bio_ex + ASN1_item_d2i_ex ? 3_0_0 EXIST::FUNCTION: + ASN1_TIME_print_ex ? 3_0_0 EXIST::FUNCTION: + ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: ++EVP_ASYM_CIPHER_description ? 3_0_0 EXIST::FUNCTION: ++EVP_ASYM_CIPHER_name ? 3_0_0 EXIST::FUNCTION: ++EVP_ASYM_CIPHER_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_block_size ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_encrypting ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_iv_length ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_key_length ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_nid ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_num ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_tag_length ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_block_size ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_description ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_flags ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_iv_length ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_key_length ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_mode ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_name ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_nid ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_type ? 3_0_0 EXIST::FUNCTION: ++EVP_KDF_description ? 3_0_0 EXIST::FUNCTION: ++EVP_KDF_name ? 3_0_0 EXIST::FUNCTION: ++EVP_KDF_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_KEM_description ? 3_0_0 EXIST::FUNCTION: ++EVP_KEM_name ? 3_0_0 EXIST::FUNCTION: ++EVP_KEM_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYEXCH_description ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYEXCH_name ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYEXCH_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYMGMT_description ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYMGMT_name ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYMGMT_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_MAC_CTX_mac ? 3_0_0 EXIST::FUNCTION: ++EVP_MAC_description ? 3_0_0 EXIST::FUNCTION: ++EVP_MAC_name ? 3_0_0 EXIST::FUNCTION: ++EVP_MAC_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_CTX_md_data ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_CTX_pkey_ctx ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_block_size ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_description ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_flags ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_name ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_pkey_type ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_size ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_type ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_CTX_hkdf_mode ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_base_id ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_bits ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_description ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_id ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_security_bits ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_size ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_CTX_rand ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_description ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_name ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_state ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_strength ? 3_0_0 EXIST::FUNCTION: ++EVP_SIGNATURE_description ? 3_0_0 EXIST::FUNCTION: ++EVP_SIGNATURE_name ? 3_0_0 EXIST::FUNCTION: ++EVP_SIGNATURE_provider ? 3_0_0 EXIST::FUNCTION: ++OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: ++OSSL_DECODER_description ? 3_0_0 EXIST::FUNCTION: ++OSSL_DECODER_provider ? 3_0_0 EXIST::FUNCTION: ++OSSL_ENCODER_description ? 3_0_0 EXIST::FUNCTION: ++OSSL_ENCODER_properties ? 3_0_0 EXIST::FUNCTION: ++OSSL_ENCODER_provider ? 3_0_0 EXIST::FUNCTION: ++OSSL_PROVIDER_name ? 3_0_0 EXIST::FUNCTION: ++OSSL_STORE_LOADER_description ? 3_0_0 EXIST::FUNCTION: ++OSSL_STORE_LOADER_properties ? 3_0_0 EXIST::FUNCTION: ++OSSL_STORE_LOADER_provider ? 3_0_0 EXIST::FUNCTION: ++OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: +diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/crypto/provider.c +--- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-14 00:37:49.301207962 +0200 ++++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-14 00:39:34.796200433 +0200 +@@ -13,6 +13,21 @@ + #include + #include "internal/provider.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name, + int retain_fallbacks) + { +diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/util/libcrypto.num +--- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-14 08:43:00.374838367 +0200 ++++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-14 08:43:20.421006957 +0200 +@@ -5486,4 +5486,3 @@ OSSL_PROVIDER_name ? 3_0_0 EXIS + OSSL_STORE_LOADER_description ? 3_0_0 EXIST::FUNCTION: + OSSL_STORE_LOADER_properties ? 3_0_0 EXIST::FUNCTION: + OSSL_STORE_LOADER_provider ? 3_0_0 EXIST::FUNCTION: +-OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: diff --git a/dual-abi.patch b/dual-abi.patch new file mode 100644 index 0000000..15bd2c0 --- /dev/null +++ b/dual-abi.patch @@ -0,0 +1,1321 @@ +diff -up openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi openssl-3.0.0-beta1/crypto/evp/exchange.c +--- openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi 2021-07-02 15:28:23.331896975 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/exchange.c 2021-07-02 17:17:56.332300741 +0200 +@@ -472,6 +472,7 @@ const char *EVP_KEYEXCH_get0_description + { + return keyexch->description; + } ++RHEL_ALIAS1(EVP_KEYEXCH_description); + + int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name) + { +diff -up openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kdf_lib.c +--- openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi 2021-07-02 14:57:12.576376884 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/kdf_lib.c 2021-07-02 14:59:05.277356425 +0200 +@@ -92,11 +92,13 @@ const char *EVP_KDF_get0_name(const EVP_ + { + return kdf->type_name; + } ++RHEL_ALIAS1(EVP_KDF_name); + + const char *EVP_KDF_get0_description(const EVP_KDF *kdf) + { + return kdf->description; + } ++RHEL_ALIAS1(EVP_KDF_description); + + int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name) + { +@@ -107,6 +109,7 @@ const OSSL_PROVIDER *EVP_KDF_get0_provid + { + return kdf->prov; + } ++RHEL_ALIAS1(EVP_KDF_provider); + + const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx) + { +diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kem.c +--- openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi 2021-07-02 14:59:25.315530582 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/kem.c 2021-07-02 15:28:04.812733083 +0200 +@@ -328,6 +328,7 @@ OSSL_PROVIDER *EVP_KEM_get0_provider(con + { + return kem->prov; + } ++RHEL_ALIAS1(EVP_KEM_provider); + + EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties) +@@ -352,11 +353,13 @@ const char *EVP_KEM_get0_name(const EVP_ + { + return kem->type_name; + } ++RHEL_ALIAS1(EVP_KEM_name); + + const char *EVP_KEM_get0_description(const EVP_KEM *kem) + { + return kem->description; + } ++RHEL_ALIAS1(EVP_KEM_description); + + void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_KEM *kem, void *arg), +diff -up openssl-3.0.0-beta1/include/openssl/decoder.h.dual-abi openssl-3.0.0-beta1/include/openssl/decoder.h +--- openssl-3.0.0-beta1/include/openssl/decoder.h.dual-abi 2021-07-02 12:39:19.758597953 +0200 ++++ openssl-3.0.0-beta1/include/openssl/decoder.h 2021-07-02 13:21:55.717630285 +0200 +@@ -32,9 +32,12 @@ int OSSL_DECODER_up_ref(OSSL_DECODER *en + void OSSL_DECODER_free(OSSL_DECODER *encoder); + + const OSSL_PROVIDER *OSSL_DECODER_get0_provider(const OSSL_DECODER *encoder); ++# define OSSL_DECODER_provider OSSL_DECODER_get0_provider + const char *OSSL_DECODER_get0_properties(const OSSL_DECODER *encoder); ++# define OSSL_DECODER_properties OSSL_DECODER_get0_properties + const char *OSSL_DECODER_get0_name(const OSSL_DECODER *decoder); + const char *OSSL_DECODER_get0_description(const OSSL_DECODER *decoder); ++# define OSSL_DECODER_description OSSL_DECODER_get0_description + int OSSL_DECODER_is_a(const OSSL_DECODER *encoder, const char *name); + + void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx, +diff -up openssl-3.0.0-beta1/include/openssl/encoder.h.dual-abi openssl-3.0.0-beta1/include/openssl/encoder.h +--- openssl-3.0.0-beta1/include/openssl/encoder.h.dual-abi 2021-07-02 13:22:22.889885589 +0200 ++++ openssl-3.0.0-beta1/include/openssl/encoder.h 2021-07-02 13:23:55.732757920 +0200 +@@ -32,9 +32,12 @@ int OSSL_ENCODER_up_ref(OSSL_ENCODER *en + void OSSL_ENCODER_free(OSSL_ENCODER *encoder); + + const OSSL_PROVIDER *OSSL_ENCODER_get0_provider(const OSSL_ENCODER *encoder); ++# define OSSL_ENCODER_provider OSSL_ENCODER_get0_provider + const char *OSSL_ENCODER_get0_properties(const OSSL_ENCODER *encoder); ++# define OSSL_ENCODER_properties OSSL_ENCODER_get0_properties + const char *OSSL_ENCODER_get0_name(const OSSL_ENCODER *kdf); + const char *OSSL_ENCODER_get0_description(const OSSL_ENCODER *kdf); ++# define OSSL_ENCODER_description OSSL_ENCODER_get0_description + int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name); + + void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx, +diff -up openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi openssl-3.0.0-beta1/include/openssl/evp.h +--- openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi 2021-07-02 11:06:34.316615418 +0200 ++++ openssl-3.0.0-beta1/include/openssl/evp.h 2021-07-02 13:24:10.653898116 +0200 +@@ -534,11 +534,13 @@ int EVP_MD_get_type(const EVP_MD *md); + const char *EVP_MD_get0_name(const EVP_MD *md); + # define EVP_MD_name EVP_MD_get0_name + const char *EVP_MD_get0_description(const EVP_MD *md); ++# define EVP_MD_description EVP_MD_get0_description + int EVP_MD_is_a(const EVP_MD *md, const char *name); + int EVP_MD_names_do_all(const EVP_MD *md, + void (*fn)(const char *name, void *data), + void *data); + const OSSL_PROVIDER *EVP_MD_get0_provider(const EVP_MD *md); ++#define EVP_MD_provider EVP_MD_get0_provider + int EVP_MD_get_pkey_type(const EVP_MD *md); + # define EVP_MD_pkey_type EVP_MD_get_pkey_type + int EVP_MD_get_size(const EVP_MD *md); +@@ -579,11 +581,13 @@ int EVP_CIPHER_get_nid(const EVP_CIPHER + const char *EVP_CIPHER_get0_name(const EVP_CIPHER *cipher); + # define EVP_CIPHER_name EVP_CIPHER_get0_name + const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher); ++# define EVP_CIPHER_description EVP_CIPHER_get0_description + int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name); + int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, + void (*fn)(const char *name, void *data), + void *data); + const OSSL_PROVIDER *EVP_CIPHER_get0_provider(const EVP_CIPHER *cipher); ++# define EVP_CIPHER_provider EVP_CIPHER_get0_provider + int EVP_CIPHER_get_block_size(const EVP_CIPHER *cipher); + # define EVP_CIPHER_block_size EVP_CIPHER_get_block_size + # ifndef OPENSSL_NO_DEPRECATED_3_0 +@@ -1198,15 +1202,19 @@ EVP_MAC *EVP_MAC_fetch(OSSL_LIB_CTX *lib + int EVP_MAC_up_ref(EVP_MAC *mac); + void EVP_MAC_free(EVP_MAC *mac); + const char *EVP_MAC_get0_name(const EVP_MAC *mac); ++# define EVP_MAC_name EVP_MAC_get0_name + const char *EVP_MAC_get0_description(const EVP_MAC *mac); ++# define EVP_MAC_description EVP_MAC_get0_description + int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); + const OSSL_PROVIDER *EVP_MAC_get0_provider(const EVP_MAC *mac); ++# define EVP_MAC_provider EVP_MAC_get0_provider + int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); + + EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac); + void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx); + EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src); + EVP_MAC *EVP_MAC_CTX_get0_mac(EVP_MAC_CTX *ctx); ++# define EVP_MAC_CTX_mac EVP_MAC_CTX_get0_mac + int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); + int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); + +@@ -1242,14 +1250,18 @@ EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *l + int EVP_RAND_up_ref(EVP_RAND *rand); + void EVP_RAND_free(EVP_RAND *rand); + const char *EVP_RAND_get0_name(const EVP_RAND *rand); ++# define EVP_RAND_name EVP_RAND_get0_name + const char *EVP_RAND_get0_description(const EVP_RAND *md); ++# define EVP_RAND_description EVP_RAND_get0_description + int EVP_RAND_is_a(const EVP_RAND *rand, const char *name); + const OSSL_PROVIDER *EVP_RAND_get0_provider(const EVP_RAND *rand); ++# define EVP_RAND_provider EVP_RAND_get0_provider + int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]); + + EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent); + void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx); + EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAND_CTX *ctx); ++# define EVP_RAND_CTX_rand EVP_RAND_CTX_get0_rand + int EVP_RAND_CTX_get_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[]); + int EVP_RAND_CTX_set_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[]); + const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand); +@@ -1282,7 +1294,9 @@ __owur int EVP_RAND_enable_locking(EVP_R + + int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx); + unsigned int EVP_RAND_get_strength(EVP_RAND_CTX *ctx); ++# define EVP_RAND_strength EVP_RAND_get_strength + int EVP_RAND_get_state(EVP_RAND_CTX *ctx); ++# define EVP_RAND_state EVP_RAND_get_state + + # define EVP_RAND_STATE_UNINITIALISED 0 + # define EVP_RAND_STATE_READY 1 +@@ -1757,8 +1771,11 @@ EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_ + int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt); + void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt); + const OSSL_PROVIDER *EVP_KEYMGMT_get0_provider(const EVP_KEYMGMT *keymgmt); ++# define EVP_KEYMGMT_provider EVP_KEYMGMT_get0_provider + const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt); ++# define EVP_KEYMGMT_name EVP_KEYMGMT_get0_name + const char *EVP_KEYMGMT_get0_description(const EVP_KEYMGMT *keymgmt); ++# define EVP_KEYMGMT_description EVP_KEYMGMT_get0_description + int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name); + void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), +@@ -1838,11 +1855,14 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY + void EVP_SIGNATURE_free(EVP_SIGNATURE *signature); + int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature); + OSSL_PROVIDER *EVP_SIGNATURE_get0_provider(const EVP_SIGNATURE *signature); ++# define EVP_SIGNATURE_provider EVP_SIGNATURE_get0_provider + EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties); + int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name); + const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE *signature); ++# define EVP_SIGNATURE_name EVP_SIGNATURE_get0_name + const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature); ++# define EVP_SIGNATURE_description EVP_SIGNATURE_get0_description + void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_SIGNATURE *signature, + void *data), +@@ -1856,11 +1876,14 @@ const OSSL_PARAM *EVP_SIGNATURE_settable + void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher); + int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher); + OSSL_PROVIDER *EVP_ASYM_CIPHER_get0_provider(const EVP_ASYM_CIPHER *cipher); ++# define EVP_ASYM_CIPHER_provider EVP_ASYM_CIPHER_get0_provider + EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties); + int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name); + const char *EVP_ASYM_CIPHER_get0_name(const EVP_ASYM_CIPHER *cipher); ++# define EVP_ASYM_CIPHER_name EVP_ASYM_CIPHER_get0_name + const char *EVP_ASYM_CIPHER_get0_description(const EVP_ASYM_CIPHER *cipher); ++# define EVP_ASYM_CIPHER_description EVP_ASYM_CIPHER_get0_description + void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_ASYM_CIPHER *cipher, + void *arg), +@@ -1874,11 +1897,14 @@ const OSSL_PARAM *EVP_ASYM_CIPHER_settab + void EVP_KEM_free(EVP_KEM *wrap); + int EVP_KEM_up_ref(EVP_KEM *wrap); + OSSL_PROVIDER *EVP_KEM_get0_provider(const EVP_KEM *wrap); ++# define EVP_KEM_provider EVP_KEM_get0_provider + EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties); + int EVP_KEM_is_a(const EVP_KEM *wrap, const char *name); + const char *EVP_KEM_get0_name(const EVP_KEM *wrap); ++# define EVP_KEM_name EVP_KEM_get0_name + const char *EVP_KEM_get0_description(const EVP_KEM *wrap); ++# define EVP_KEM_description EVP_KEM_get0_description + void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_KEM *wrap, void *arg), void *arg); + int EVP_KEM_names_do_all(const EVP_KEM *wrap, +@@ -2140,9 +2166,12 @@ int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exch + EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties); + OSSL_PROVIDER *EVP_KEYEXCH_get0_provider(const EVP_KEYEXCH *exchange); ++# define EVP_KEYEXCH_provider EVP_KEYEXCH_get0_provider + int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name); + const char *EVP_KEYEXCH_get0_name(const EVP_KEYEXCH *keyexch); ++# define EVP_KEYEXCH_name EVP_KEYEXCH_get0_name + const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch); ++# define EVP_KEYEXCH_description EVP_KEYEXCH_get0_description + void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_KEYEXCH *keyexch, void *data), + void *data); +diff -up openssl-3.0.0-beta1/include/openssl/kdf.h.dual-abi openssl-3.0.0-beta1/include/openssl/kdf.h +--- openssl-3.0.0-beta1/include/openssl/kdf.h.dual-abi 2021-07-02 11:26:04.355711366 +0200 ++++ openssl-3.0.0-beta1/include/openssl/kdf.h 2021-07-02 11:57:44.950361808 +0200 +@@ -34,9 +34,12 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kd + void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); + EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src); + const char *EVP_KDF_get0_description(const EVP_KDF *kdf); ++# define EVP_KDF_description EVP_KDF_get0_description + int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name); + const char *EVP_KDF_get0_name(const EVP_KDF *kdf); ++# define EVP_KDF_name EVP_KDF_get0_name + const OSSL_PROVIDER *EVP_KDF_get0_provider(const EVP_KDF *kdf); ++# define EVP_KDF_provider EVP_KDF_get0_provider + const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx); + + void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx); +diff -up openssl-3.0.0-beta1/include/openssl/provider.h.dual-abi openssl-3.0.0-beta1/include/openssl/provider.h +--- openssl-3.0.0-beta1/include/openssl/provider.h.dual-abi 2021-07-02 13:53:27.941487991 +0200 ++++ openssl-3.0.0-beta1/include/openssl/provider.h 2021-07-02 13:54:12.265889498 +0200 +@@ -52,6 +52,7 @@ int OSSL_PROVIDER_add_builtin(OSSL_LIB_C + + /* Information */ + const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov); ++# define OSSL_PROVIDER_name OSSL_PROVIDER_get0_name + + # ifdef __cplusplus + } +diff -up openssl-3.0.0-beta1/include/openssl/store.h.dual-abi openssl-3.0.0-beta1/include/openssl/store.h +--- openssl-3.0.0-beta1/include/openssl/store.h.dual-abi 2021-07-02 13:54:41.990088355 +0200 ++++ openssl-3.0.0-beta1/include/openssl/store.h 2021-07-02 13:56:05.817649168 +0200 +@@ -260,8 +260,11 @@ int OSSL_STORE_LOADER_up_ref(OSSL_STORE_ + void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader); + const OSSL_PROVIDER *OSSL_STORE_LOADER_get0_provider(const OSSL_STORE_LOADER * + loader); ++# define OSSL_STORE_LOADER_provider OSSL_STORE_LOADER_get0_provider + const char *OSSL_STORE_LOADER_get0_properties(const OSSL_STORE_LOADER *loader); ++# define OSSL_STORE_LOADER_properties OSSL_STORE_LOADER_get0_properties + const char *OSSL_STORE_LOADER_get0_description(const OSSL_STORE_LOADER *loader); ++# define OSSL_STORE_LOADER_description OSSL_STORE_LOADER_get0_description + int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, + const char *scheme); + void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx, +diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-12 23:22:43.652838373 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-12 23:40:46.085974883 +0200 +@@ -430,6 +430,7 @@ const OSSL_PROVIDER *OSSL_DECODER_get0_p + + return decoder->base.prov; + } ++RHEL_ALIAS1(OSSL_DECODER_provider); + + const char *OSSL_DECODER_get0_properties(const OSSL_DECODER *decoder) + { +@@ -440,6 +441,7 @@ const char *OSSL_DECODER_get0_properties + + return decoder->base.algodef->property_definition; + } ++RHEL_ALIAS1(OSSL_DECODER_properties); + + const OSSL_PROPERTY_LIST * + ossl_decoder_parsed_properties(const OSSL_DECODER *decoder) +@@ -471,6 +473,7 @@ const char *OSSL_DECODER_get0_descriptio + { + return decoder->base.algodef->algorithm_description; + } ++RHEL_ALIAS1(OSSL_DECODER_description); + + int OSSL_DECODER_is_a(const OSSL_DECODER *decoder, const char *name) + { +diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-12 23:22:06.307513672 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-08 14:20:58.568247805 +0200 +@@ -439,6 +439,7 @@ const OSSL_PROVIDER *OSSL_ENCODER_get0_p + + return encoder->base.prov; + } ++RHEL_ALIAS1(OSSL_ENCODER_provider); + + const char *OSSL_ENCODER_get0_properties(const OSSL_ENCODER *encoder) + { +@@ -449,6 +450,7 @@ const char *OSSL_ENCODER_get0_properties + + return encoder->base.algodef->property_definition; + } ++RHEL_ALIAS1(OSSL_ENCODER_properties); + + const OSSL_PROPERTY_LIST * + ossl_encoder_parsed_properties(const OSSL_ENCODER *encoder) +diff -up openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi openssl-3.0.0-beta1/crypto/evp/signature.c +--- openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi 2021-07-12 23:35:50.113380220 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/signature.c 2021-07-12 23:42:13.074732176 +0200 +@@ -304,6 +304,7 @@ OSSL_PROVIDER *EVP_SIGNATURE_get0_provid + { + return signature->prov; + } ++RHEL_ALIAS1(EVP_SIGNATURE_provider); + + EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties) +diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/crypto/provider.c +--- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-12 23:20:52.911866341 +0200 ++++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-08 14:17:56.222526254 +0200 +@@ -133,6 +133,7 @@ const char *OSSL_PROVIDER_get0_name(cons + { + return ossl_provider_name(prov); + } ++RHEL_ALIAS1(OSSL_PROVIDER_name); + + int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx, + int (*cb)(OSSL_PROVIDER *provider, +diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-beta1/crypto/store/store_meth.c +--- openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi 2021-07-12 23:19:45.894383707 +0200 ++++ openssl-3.0.0-beta1/crypto/store/store_meth.c 2021-07-08 10:32:19.767282116 +0200 +@@ -398,6 +398,7 @@ const OSSL_PROVIDER *OSSL_STORE_LOADER_g + + return loader->prov; + } ++RHEL_ALIAS1(OSSL_STORE_LOADER_provider); + + const char *OSSL_STORE_LOADER_get0_properties(const OSSL_STORE_LOADER *loader) + { +@@ -408,6 +409,7 @@ const char *OSSL_STORE_LOADER_get0_prope + + return loader->propdef; + } ++RHEL_ALIAS1(OSSL_STORE_LOADER_properties); + + int ossl_store_loader_get_number(const OSSL_STORE_LOADER *loader) + { +@@ -423,6 +425,7 @@ const char *OSSL_STORE_LOADER_get0_descr + { + return loader->description; + } ++RHEL_ALIAS1(OSSL_STORE_LOADER_description); + + int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, const char *name) + { +diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-13 01:01:18.919145746 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-13 01:02:00.137533120 +0200 +@@ -23,6 +23,21 @@ + */ + #define NAME_SEPARATOR ':' + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + /* Simple method structure constructor and destructor */ + static OSSL_DECODER *ossl_decoder_new(void) + { +diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-13 01:01:31.433263354 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-13 01:02:26.169777773 +0200 +@@ -23,6 +23,21 @@ + */ + #define NAME_SEPARATOR ':' + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + /* Simple method structure constructor and destructor */ + static OSSL_ENCODER *ossl_encoder_new(void) + { +diff -up openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi openssl-3.0.0-beta1/crypto/evp/asymcipher.c +--- openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi 2021-07-13 01:11:45.757160664 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/asymcipher.c 2021-07-13 01:12:10.821406727 +0200 +@@ -17,6 +17,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation, + const OSSL_PARAM params[]) + { +@@ -413,6 +428,7 @@ OSSL_PROVIDER *EVP_ASYM_CIPHER_get0_prov + { + return cipher->prov; + } ++RHEL_ALIAS1(EVP_ASYM_CIPHER_provider); + + EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties) +@@ -437,11 +453,13 @@ const char *EVP_ASYM_CIPHER_get0_name(co + { + return cipher->type_name; + } ++RHEL_ALIAS1(EVP_ASYM_CIPHER_name); + + const char *EVP_ASYM_CIPHER_get0_description(const EVP_ASYM_CIPHER *cipher) + { + return cipher->description; + } ++RHEL_ALIAS1(EVP_ASYM_CIPHER_description); + + void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_ASYM_CIPHER *cipher, +diff -up openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_lib.c +--- openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi 2021-07-13 01:10:08.970210463 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/evp_lib.c 2021-07-13 01:10:20.596324598 +0200 +@@ -31,6 +31,21 @@ + #include "crypto/asn1.h" + #include "internal/provider.h" + #include "evp_local.h" ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + + #if !defined(FIPS_MODULE) + +@@ -337,6 +352,7 @@ int EVP_CIPHER_get_type(const EVP_CIPHER + #endif + } + } ++RHEL_ALIAS1(EVP_CIPHER_type); + + int evp_cipher_cache_constants(EVP_CIPHER *cipher) + { +@@ -389,11 +405,13 @@ int EVP_CIPHER_get_block_size(const EVP_ + { + return cipher->block_size; + } ++RHEL_ALIAS1(EVP_CIPHER_block_size); + + int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx) + { + return EVP_CIPHER_get_block_size(ctx->cipher); + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_block_size); + + int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e) + { +@@ -466,11 +484,13 @@ int EVP_CIPHER_CTX_is_encrypting(const E + { + return ctx->encrypt; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_encrypting); + + unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher) + { + return cipher->flags; + } ++RHEL_ALIAS1(EVP_CIPHER_flags); + + void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) + { +@@ -501,6 +521,7 @@ int EVP_CIPHER_get_iv_length(const EVP_C + { + return cipher->iv_len; + } ++RHEL_ALIAS1(EVP_CIPHER_iv_length); + + int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx) + { +@@ -522,6 +543,7 @@ legacy: + } + return len; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_iv_length); + + int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx) + { +@@ -533,6 +555,7 @@ int EVP_CIPHER_CTX_get_tag_length(const + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); + return ret == 1 ? (int)v : 0; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_tag_length); + + #ifndef OPENSSL_NO_DEPRECATED_3_0 + const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx) +@@ -615,6 +638,7 @@ int EVP_CIPHER_CTX_get_num(const EVP_CIP + + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_num); + + int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num) + { +@@ -634,6 +658,7 @@ int EVP_CIPHER_get_key_length(const EVP_ + { + return cipher->key_len; + } ++RHEL_ALIAS1(EVP_CIPHER_key_length); + + int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx) + { +@@ -646,16 +671,19 @@ int EVP_CIPHER_CTX_get_key_length(const + + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_key_length); + + int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher) + { + return cipher->nid; + } ++RHEL_ALIAS1(EVP_CIPHER_nid); + + int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher->nid; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_nid); + + int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name) + { +@@ -679,6 +707,7 @@ const char *EVP_CIPHER_get0_name(const E + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_CIPHER_name); + + const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher) + { +@@ -690,6 +719,7 @@ const char *EVP_CIPHER_get0_description( + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_CIPHER_description); + + int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, + void (*fn)(const char *name, void *data), +@@ -705,11 +735,13 @@ const OSSL_PROVIDER *EVP_CIPHER_get0_pro + { + return cipher->prov; + } ++RHEL_ALIAS1(EVP_CIPHER_provider); + + int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher) + { + return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE; + } ++RHEL_ALIAS1(EVP_CIPHER_mode); + + int EVP_MD_is_a(const EVP_MD *md, const char *name) + { +@@ -733,6 +765,7 @@ const char *EVP_MD_get0_description(cons + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_MD_description); + + const char *EVP_MD_get0_name(const EVP_MD *md) + { +@@ -746,6 +779,7 @@ const char *EVP_MD_get0_name(const EVP_M + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_MD_name); + + int EVP_MD_names_do_all(const EVP_MD *md, + void (*fn)(const char *name, void *data), +@@ -761,16 +795,19 @@ const OSSL_PROVIDER *EVP_MD_get0_provide + { + return md->prov; + } ++RHEL_ALIAS1(EVP_MD_provider); + + int EVP_MD_get_type(const EVP_MD *md) + { + return md->type; + } ++RHEL_ALIAS1(EVP_MD_type); + + int EVP_MD_get_pkey_type(const EVP_MD *md) + { + return md->pkey_type; + } ++RHEL_ALIAS1(EVP_MD_pkey_type); + + int EVP_MD_get_block_size(const EVP_MD *md) + { +@@ -780,6 +817,7 @@ int EVP_MD_get_block_size(const EVP_MD * + } + return md->block_size; + } ++RHEL_ALIAS1(EVP_MD_block_size); + + int EVP_MD_get_size(const EVP_MD *md) + { +@@ -789,11 +827,13 @@ int EVP_MD_get_size(const EVP_MD *md) + } + return md->md_size; + } ++RHEL_ALIAS1(EVP_MD_size); + + unsigned long EVP_MD_get_flags(const EVP_MD *md) + { + return md->flags; + } ++RHEL_ALIAS1(EVP_MD_flags); + + EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type) + { +@@ -1007,6 +1047,7 @@ EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(co + { + return ctx->pctx; + } ++RHEL_ALIAS1(EVP_MD_CTX_pkey_ctx); + + #if !defined(FIPS_MODULE) + void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx) +@@ -1033,6 +1074,7 @@ void *EVP_MD_CTX_get0_md_data(const EVP_ + { + return ctx->md_data; + } ++RHEL_ALIAS1(EVP_MD_CTX_md_data); + + int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, + const void *data, size_t count) +diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c +--- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-13 00:54:33.231325700 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-13 00:57:22.596922955 +0200 +@@ -26,6 +26,22 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ ++ + struct evp_rand_st { + OSSL_PROVIDER *prov; + int name_id; +@@ -302,11 +318,13 @@ const char *EVP_RAND_get0_name(const EVP + { + return rand->type_name; + } ++RHEL_ALIAS1(EVP_RAND_name); + + const char *EVP_RAND_get0_description(const EVP_RAND *rand) + { + return rand->description; + } ++RHEL_ALIAS1(EVP_RAND_description); + + int EVP_RAND_is_a(const EVP_RAND *rand, const char *name) + { +@@ -317,6 +335,7 @@ const OSSL_PROVIDER *EVP_RAND_get0_provi + { + return rand->prov; + } ++RHEL_ALIAS1(EVP_RAND_provider); + + int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]) + { +@@ -399,6 +418,7 @@ EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAN + { + return ctx->meth; + } ++RHEL_ALIAS1(EVP_RAND_CTX_rand); + + static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx, + OSSL_PARAM params[]) +@@ -633,6 +653,7 @@ unsigned int EVP_RAND_get_strength(EVP_R + evp_rand_unlock(ctx); + return res; + } ++RHEL_ALIAS1(EVP_RAND_strength); + + static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out, + size_t outlen) +@@ -667,6 +688,7 @@ int EVP_RAND_get_state(EVP_RAND_CTX *ctx + state = EVP_RAND_STATE_ERROR; + return state; + } ++RHEL_ALIAS1(EVP_RAND_state); + + static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx) + { +diff -up openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi openssl-3.0.0-beta1/crypto/evp/exchange.c +--- openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi 2021-07-12 23:58:50.656415550 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/exchange.c 2021-07-13 00:43:35.764165305 +0200 +@@ -17,6 +17,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov) + { + EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH)); +@@ -170,6 +185,7 @@ OSSL_PROVIDER *EVP_KEYEXCH_get0_provider + { + return exchange->prov; + } ++RHEL_ALIAS1(EVP_KEYEXCH_provider); + + EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, + const char *properties) +@@ -467,6 +483,7 @@ const char *EVP_KEYEXCH_get0_name(const + { + return keyexch->type_name; + } ++RHEL_ALIAS1(EVP_KEYEXCH_name); + + const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch) + { +diff -up openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kdf_lib.c +--- openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi 2021-07-13 01:05:40.212601404 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/kdf_lib.c 2021-07-13 01:06:03.238817806 +0200 +@@ -23,6 +23,21 @@ + #include "internal/provider.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) + { + EVP_KDF_CTX *ctx = NULL; +diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kem.c +--- openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi 2021-07-13 01:05:02.966251358 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/kem.c 2021-07-13 01:04:49.023120319 +0200 +@@ -17,6 +17,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation, + const OSSL_PARAM params[]) + { +diff -up openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c +--- openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi 2021-07-13 00:01:22.784863826 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c 2021-07-13 00:44:18.815566635 +0200 +@@ -17,6 +17,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static void *keymgmt_new(void) + { + EVP_KEYMGMT *keymgmt = NULL; +@@ -250,6 +265,7 @@ const OSSL_PROVIDER *EVP_KEYMGMT_get0_pr + { + return keymgmt->prov; + } ++RHEL_ALIAS1(EVP_KEYMGMT_provider); + + int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt) + { +@@ -260,11 +276,13 @@ const char *EVP_KEYMGMT_get0_description + { + return keymgmt->description; + } ++RHEL_ALIAS1(EVP_KEYMGMT_description); + + const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt) + { + return keymgmt->type_name; + } ++RHEL_ALIAS1(EVP_KEYMGMT_name); + + int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name) + { +diff -up openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_lib.c +--- openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi 2021-07-13 00:03:56.495327168 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/mac_lib.c 2021-07-13 00:44:48.459842988 +0200 +@@ -19,6 +19,21 @@ + #include "internal/provider.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac) + { + EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX)); +@@ -81,6 +96,7 @@ EVP_MAC *EVP_MAC_CTX_get0_mac(EVP_MAC_CT + { + return ctx->meth; + } ++RHEL_ALIAS1(EVP_MAC_CTX_mac); + + static size_t get_size_t_ctx_param(EVP_MAC_CTX *ctx, const char *name) + { +@@ -212,11 +228,13 @@ const char *EVP_MAC_get0_name(const EVP_ + { + return mac->type_name; + } ++RHEL_ALIAS1(EVP_MAC_name); + + const char *EVP_MAC_get0_description(const EVP_MAC *mac) + { + return mac->description; + } ++RHEL_ALIAS1(EVP_MAC_description); + + int EVP_MAC_is_a(const EVP_MAC *mac, const char *name) + { +diff -up openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_meth.c +--- openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi 2021-07-13 00:06:10.565599500 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/mac_meth.c 2021-07-13 00:45:14.925089707 +0200 +@@ -7,6 +7,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static int evp_mac_up_ref(void *vmac) + { + EVP_MAC *mac = vmac; +@@ -179,6 +194,7 @@ const OSSL_PROVIDER *EVP_MAC_get0_provid + { + return mac->prov; + } ++RHEL_ALIAS1(EVP_MAC_provider); + + const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac) + { +diff -up openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/p_lib.c +--- openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi 2021-07-13 00:49:03.477220320 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/p_lib.c 2021-07-13 00:53:25.178683891 +0200 +@@ -49,6 +49,21 @@ + + #include "e_os.h" /* strcasecmp on Windows */ + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, + int len, EVP_KEYMGMT *keymgmt); + static void evp_pkey_free_it(EVP_PKEY *key); +@@ -69,6 +84,7 @@ int EVP_PKEY_get_bits(const EVP_PKEY *pk + } + return size < 0 ? 0 : size; + } ++RHEL_ALIAS1(EVP_PKEY_bits); + + int EVP_PKEY_get_security_bits(const EVP_PKEY *pkey) + { +@@ -81,6 +97,7 @@ int EVP_PKEY_get_security_bits(const EVP + } + return size < 0 ? 0 : size; + } ++RHEL_ALIAS1(EVP_PKEY_security_bits); + + int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) + { +@@ -974,11 +991,13 @@ int EVP_PKEY_get_id(const EVP_PKEY *pkey + { + return pkey->type; + } ++RHEL_ALIAS1(EVP_PKEY_id); + + int EVP_PKEY_get_base_id(const EVP_PKEY *pkey) + { + return EVP_PKEY_type(pkey->type); + } ++RHEL_ALIAS1(EVP_PKEY_base_id); + + /* + * These hard coded cases are pure hackery to get around the fact +@@ -1780,6 +1799,7 @@ int EVP_PKEY_get_size(const EVP_PKEY *pk + } + return size < 0 ? 0 : size; + } ++RHEL_ALIAS1(EVP_PKEY_size); + + const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey) + { +@@ -1794,6 +1814,7 @@ const char *EVP_PKEY_get0_description(co + #endif + return NULL; + } ++RHEL_ALIAS1(EVP_PKEY_description); + + void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, + EVP_KEYMGMT **keymgmt, +diff -up openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c +--- openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c.dual-abi 2021-07-13 00:47:14.791207121 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c 2021-07-13 00:48:48.716082716 +0200 +@@ -34,6 +34,21 @@ + + #ifndef FIPS_MODULE + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx, + int keytype, int optype, + int cmd, const char *name, +@@ -1076,6 +1091,7 @@ int EVP_PKEY_CTX_set_hkdf_mode(EVP_PKEY_ + + return EVP_PKEY_CTX_set_params(ctx, int_params); + } ++RHEL_ALIAS1(EVP_PKEY_CTX_hkdf_mode); + + int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass, + int passlen) +diff -up openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi openssl-3.0.0-beta1/crypto/evp/signature.c +--- openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi 2021-07-13 00:58:07.602347388 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/signature.c 2021-07-13 00:59:52.391332550 +0200 +@@ -18,6 +18,21 @@ + #include "crypto/evp.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov) + { + EVP_SIGNATURE *signature = OPENSSL_zalloc(sizeof(EVP_SIGNATURE)); +@@ -329,11 +344,13 @@ const char *EVP_SIGNATURE_get0_name(cons + { + return signature->type_name; + } ++RHEL_ALIAS1(EVP_SIGNATURE_name); + + const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature) + { + return signature->description; + } ++RHEL_ALIAS1(EVP_SIGNATURE_description); + + void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, + void (*fn)(EVP_SIGNATURE *signature, +diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-beta1/crypto/store/store_meth.c +--- openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi 2021-07-13 01:02:51.062011712 +0200 ++++ openssl-3.0.0-beta1/crypto/store/store_meth.c 2021-07-13 01:03:16.138247380 +0200 +@@ -15,6 +15,21 @@ + #include "internal/provider.h" + #include "store_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader) + { + int ref = 0; +diff -up openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi openssl-3.0.0-beta1/include/openssl/evp.h +--- openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi 2021-07-13 10:36:25.622755098 +0200 ++++ openssl-3.0.0-beta1/include/openssl/evp.h 2021-07-13 10:36:43.680926345 +0200 +@@ -1394,6 +1394,7 @@ int EVP_PKEY_up_ref(EVP_PKEY *pkey); + EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey); + void EVP_PKEY_free(EVP_PKEY *pkey); + const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey); ++#define EVP_PKEY_description EVP_PKEY_get0_description + + EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, + long length); +diff -up openssl-3.0.0-beta1/crypto/http/http_client.c.dual-abi openssl-3.0.0-beta1/crypto/http/http_client.c +--- openssl-3.0.0-beta1/crypto/http/http_client.c.dual-abi 2021-07-13 22:47:01.463713204 +0200 ++++ openssl-3.0.0-beta1/crypto/http/http_client.c 2021-07-13 22:46:32.064435146 +0200 +@@ -784,6 +784,11 @@ int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP + + } + ++int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx) ++{ ++ return OSSL_HTTP_REQ_CTX_nbio_d2i(rctx, (ASN1_VALUE **)(presp), ASN1_ITEM_rptr(OCSP_RESPONSE)); ++} ++ + #ifndef OPENSSL_NO_SOCK + + /* set up a new connection BIO, to HTTP server or to HTTP(S) proxy if given */ +diff -up openssl-3.0.0-beta1/include/openssl/http.h.dual-abi openssl-3.0.0-beta1/include/openssl/http.h +--- openssl-3.0.0-beta1/include/openssl/http.h.dual-abi 2021-07-13 22:46:13.628260778 +0200 ++++ openssl-3.0.0-beta1/include/openssl/http.h 2021-07-13 22:45:33.390880219 +0200 +@@ -52,6 +52,7 @@ int OSSL_HTTP_REQ_CTX_set1_req(OSSL_HTTP + int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx); + int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP_REQ_CTX *rctx, + ASN1_VALUE **pval, const ASN1_ITEM *it); ++int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx); + BIO *OSSL_HTTP_REQ_CTX_exchange(OSSL_HTTP_REQ_CTX *rctx); + BIO *OSSL_HTTP_REQ_CTX_get0_mem_bio(const OSSL_HTTP_REQ_CTX *rctx); + size_t OSSL_HTTP_REQ_CTX_get_resp_len(const OSSL_HTTP_REQ_CTX *rctx); +diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-13 23:41:29.425486504 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-13 23:42:00.393819678 +0200 +@@ -497,6 +497,7 @@ const char *OSSL_ENCODER_get0_descriptio + { + return encoder->base.algodef->algorithm_description; + } ++RHEL_ALIAS1(OSSL_ENCODER_description); + + int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name) + { +diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/util/libcrypto.num +--- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-13 23:38:25.166562563 +0200 ++++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-13 23:40:38.622939932 +0200 +@@ -5414,3 +5414,76 @@ ASN1_item_d2i_bio_ex + ASN1_item_d2i_ex ? 3_0_0 EXIST::FUNCTION: + ASN1_TIME_print_ex ? 3_0_0 EXIST::FUNCTION: + ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: ++EVP_ASYM_CIPHER_description ? 3_0_0 EXIST::FUNCTION: ++EVP_ASYM_CIPHER_name ? 3_0_0 EXIST::FUNCTION: ++EVP_ASYM_CIPHER_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_block_size ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_encrypting ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_iv_length ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_key_length ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_nid ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_num ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_CTX_tag_length ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_block_size ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_description ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_flags ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_iv_length ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_key_length ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_mode ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_name ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_nid ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_CIPHER_type ? 3_0_0 EXIST::FUNCTION: ++EVP_KDF_description ? 3_0_0 EXIST::FUNCTION: ++EVP_KDF_name ? 3_0_0 EXIST::FUNCTION: ++EVP_KDF_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_KEM_description ? 3_0_0 EXIST::FUNCTION: ++EVP_KEM_name ? 3_0_0 EXIST::FUNCTION: ++EVP_KEM_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYEXCH_description ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYEXCH_name ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYEXCH_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYMGMT_description ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYMGMT_name ? 3_0_0 EXIST::FUNCTION: ++EVP_KEYMGMT_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_MAC_CTX_mac ? 3_0_0 EXIST::FUNCTION: ++EVP_MAC_description ? 3_0_0 EXIST::FUNCTION: ++EVP_MAC_name ? 3_0_0 EXIST::FUNCTION: ++EVP_MAC_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_CTX_md_data ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_CTX_pkey_ctx ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_block_size ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_description ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_flags ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_name ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_pkey_type ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_size ? 3_0_0 EXIST::FUNCTION: ++EVP_MD_type ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_CTX_hkdf_mode ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_base_id ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_bits ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_description ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_id ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_security_bits ? 3_0_0 EXIST::FUNCTION: ++EVP_PKEY_size ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_CTX_rand ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_description ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_name ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_provider ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_state ? 3_0_0 EXIST::FUNCTION: ++EVP_RAND_strength ? 3_0_0 EXIST::FUNCTION: ++EVP_SIGNATURE_description ? 3_0_0 EXIST::FUNCTION: ++EVP_SIGNATURE_name ? 3_0_0 EXIST::FUNCTION: ++EVP_SIGNATURE_provider ? 3_0_0 EXIST::FUNCTION: ++OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: ++OSSL_DECODER_description ? 3_0_0 EXIST::FUNCTION: ++OSSL_DECODER_provider ? 3_0_0 EXIST::FUNCTION: ++OSSL_ENCODER_description ? 3_0_0 EXIST::FUNCTION: ++OSSL_ENCODER_properties ? 3_0_0 EXIST::FUNCTION: ++OSSL_ENCODER_provider ? 3_0_0 EXIST::FUNCTION: ++OSSL_PROVIDER_name ? 3_0_0 EXIST::FUNCTION: ++OSSL_STORE_LOADER_description ? 3_0_0 EXIST::FUNCTION: ++OSSL_STORE_LOADER_properties ? 3_0_0 EXIST::FUNCTION: ++OSSL_STORE_LOADER_provider ? 3_0_0 EXIST::FUNCTION: ++OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: +diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/crypto/provider.c +--- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-14 00:37:49.301207962 +0200 ++++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-14 00:39:34.796200433 +0200 +@@ -13,6 +13,21 @@ + #include + #include "internal/provider.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ + OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name, + int retain_fallbacks) + { +diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/util/libcrypto.num +--- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-14 08:43:00.374838367 +0200 ++++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-14 08:43:20.421006957 +0200 +@@ -5486,4 +5486,3 @@ OSSL_PROVIDER_name ? 3_0_0 EXIS + OSSL_STORE_LOADER_description ? 3_0_0 EXIST::FUNCTION: + OSSL_STORE_LOADER_properties ? 3_0_0 EXIST::FUNCTION: + OSSL_STORE_LOADER_provider ? 3_0_0 EXIST::FUNCTION: +-OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: diff --git a/ectest.c b/ectest.c index a4481dc..625305c 100644 --- a/ectest.c +++ b/ectest.c @@ -28,9 +28,9 @@ #include #include #include -#include "openssl/core_names.h" -#include "openssl/param_build.h" -#include "openssl/evp.h" +#include +#include +#include static size_t crv_len = 0; static EC_builtin_curve *curves = NULL; diff --git a/openssl.spec b/openssl.spec index 0eb6b9c..f7a9390 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.alpha16.7%{?dist} +Release: 0.beta1.1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -50,24 +50,14 @@ Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch # Add check to see if fips flag is enabled in kernel #Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch -# Avoid sending alerts after shutdown -Patch10: 0010-Avoid-sending-alert-after-shutdown.patch # remove unsupported EC curves Patch11: 0011-Remove-EC-curves.patch -# Fix reading SPKAC data from stdin -Patch12: 0012-Fix-SPKAC-data-from-stdin.patch -# Fix incorrect OSSL_PKEY_PARAM_MAX_SIZE for ed25519 and ed448 -Patch13: 0013-Fix-incorrect-OSSL_PKEY_PARAM_MAX_SIZE.patch -# Return 0 after cleanup in OPENSSL_init_crypto() -Patch14: 0014-Return0-OPENSSL-init-crypto-cleanup.patch -# Cleanup the peer point formats on regotiation -Patch15: 0015-Cleanup-peer-point-formats-regotiation.patch -# Fix default digest to SHA256 -Patch16: 0016-Fix-default-digest-SHA256.patch # Use AI_ADDRCONFIG only when explicit host name is given Patch17: 0017-use-AI-ADDRCONFIG-explicit-hostname.patch # Fix segmentation fault in BN_lebin2bn() Patch18: 0018-Fix-crash-BN_lebin2bn.patch +# Temporary dual-ABI build patch +Patch19: 0019-dual-abi.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -79,7 +69,7 @@ BuildRequires: /usr/bin/pod2man BuildRequires: /usr/sbin/sysctl BuildRequires: perl(Test::Harness), perl(Test::More), perl(Math::BigInt) BuildRequires: perl(Module::Load::Conditional), perl(File::Temp) -BuildRequires: perl(Time::HiRes), perl(IPC::Cmd), perl(Pod::Html) +BuildRequires: perl(Time::HiRes), perl(IPC::Cmd), perl(Pod::Html), perl(Digest::SHA) BuildRequires: perl(FindBin), perl(lib), perl(File::Compare), perl(File::Copy), perl(bigint) BuildRequires: git-core Requires: coreutils @@ -123,7 +113,7 @@ package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit. %prep -%autosetup -S git -n %{name}-%{version}-alpha16 +%autosetup -S git -n %{name}-%{version}-beta1 # The hobble_openssl is called here redundantly, just to be sure. # The tarball has already the sources removed. @@ -334,8 +324,6 @@ cat $RPM_BUILD_ROOT/%{_prefix}/include/openssl/configuration.h >> \ install -m644 %{SOURCE9} \ $RPM_BUILD_ROOT/%{_prefix}/include/openssl/configuration.h %endif -LD_LIBRARY_PATH=`pwd`${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}} -export LD_LIBRARY_PATH %files %{!?_licensedir:%global license %%doc} @@ -392,6 +380,10 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Wed Jul 14 2021 Sahana Prasad 3.0.0-0.beta1.1 +- Update to Beta1 version +- Includes a patch to support dual-ABI, as Beta1 brekas ABI with alpha16 + * Tue Jul 06 2021 Sahana Prasad 3.0.0-0.alpha16.7 - Fixes override of openssl_conf in openssl.cnf - Use AI_ADDRCONFIG only when explicit host name is given diff --git a/sources b/sources index 4813daf..f255757 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-3.0.0-hobbled.tar.xz) = fa5e40d22f0358b39d8eb47ee675e91ad88a93a5234dab12b27ec19c455a701042a3a70541fee1ba7ee28dbbca6024e84deb5b2fa6cc7e773374ea1e067a1b80 +SHA512 (openssl-3.0.0-hobbled.tar.xz) = 05f3e01621be98e776061a86b8fec68bdafeac720c8f968b1c4fafc5f328839701d2ffd67d6bd695c3dbf67e3efb03b3c856ed046d751359bc89b867205b7fe9 From a3158ae4f767423d8e2a6815b62553dd98c9db2a Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Wed, 14 Jul 2021 14:20:07 +0200 Subject: [PATCH 23/41] Removes unused patch dual-abi.patch Related: rhbz#1903209 Signed-off-by: Sahana Prasad --- dual-abi.patch | 1321 ------------------------------------------------ openssl.spec | 5 +- 2 files changed, 4 insertions(+), 1322 deletions(-) delete mode 100644 dual-abi.patch diff --git a/dual-abi.patch b/dual-abi.patch deleted file mode 100644 index 15bd2c0..0000000 --- a/dual-abi.patch +++ /dev/null @@ -1,1321 +0,0 @@ -diff -up openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi openssl-3.0.0-beta1/crypto/evp/exchange.c ---- openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi 2021-07-02 15:28:23.331896975 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/exchange.c 2021-07-02 17:17:56.332300741 +0200 -@@ -472,6 +472,7 @@ const char *EVP_KEYEXCH_get0_description - { - return keyexch->description; - } -+RHEL_ALIAS1(EVP_KEYEXCH_description); - - int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name) - { -diff -up openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kdf_lib.c ---- openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi 2021-07-02 14:57:12.576376884 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/kdf_lib.c 2021-07-02 14:59:05.277356425 +0200 -@@ -92,11 +92,13 @@ const char *EVP_KDF_get0_name(const EVP_ - { - return kdf->type_name; - } -+RHEL_ALIAS1(EVP_KDF_name); - - const char *EVP_KDF_get0_description(const EVP_KDF *kdf) - { - return kdf->description; - } -+RHEL_ALIAS1(EVP_KDF_description); - - int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name) - { -@@ -107,6 +109,7 @@ const OSSL_PROVIDER *EVP_KDF_get0_provid - { - return kdf->prov; - } -+RHEL_ALIAS1(EVP_KDF_provider); - - const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx) - { -diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kem.c ---- openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi 2021-07-02 14:59:25.315530582 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/kem.c 2021-07-02 15:28:04.812733083 +0200 -@@ -328,6 +328,7 @@ OSSL_PROVIDER *EVP_KEM_get0_provider(con - { - return kem->prov; - } -+RHEL_ALIAS1(EVP_KEM_provider); - - EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties) -@@ -352,11 +353,13 @@ const char *EVP_KEM_get0_name(const EVP_ - { - return kem->type_name; - } -+RHEL_ALIAS1(EVP_KEM_name); - - const char *EVP_KEM_get0_description(const EVP_KEM *kem) - { - return kem->description; - } -+RHEL_ALIAS1(EVP_KEM_description); - - void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_KEM *kem, void *arg), -diff -up openssl-3.0.0-beta1/include/openssl/decoder.h.dual-abi openssl-3.0.0-beta1/include/openssl/decoder.h ---- openssl-3.0.0-beta1/include/openssl/decoder.h.dual-abi 2021-07-02 12:39:19.758597953 +0200 -+++ openssl-3.0.0-beta1/include/openssl/decoder.h 2021-07-02 13:21:55.717630285 +0200 -@@ -32,9 +32,12 @@ int OSSL_DECODER_up_ref(OSSL_DECODER *en - void OSSL_DECODER_free(OSSL_DECODER *encoder); - - const OSSL_PROVIDER *OSSL_DECODER_get0_provider(const OSSL_DECODER *encoder); -+# define OSSL_DECODER_provider OSSL_DECODER_get0_provider - const char *OSSL_DECODER_get0_properties(const OSSL_DECODER *encoder); -+# define OSSL_DECODER_properties OSSL_DECODER_get0_properties - const char *OSSL_DECODER_get0_name(const OSSL_DECODER *decoder); - const char *OSSL_DECODER_get0_description(const OSSL_DECODER *decoder); -+# define OSSL_DECODER_description OSSL_DECODER_get0_description - int OSSL_DECODER_is_a(const OSSL_DECODER *encoder, const char *name); - - void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx, -diff -up openssl-3.0.0-beta1/include/openssl/encoder.h.dual-abi openssl-3.0.0-beta1/include/openssl/encoder.h ---- openssl-3.0.0-beta1/include/openssl/encoder.h.dual-abi 2021-07-02 13:22:22.889885589 +0200 -+++ openssl-3.0.0-beta1/include/openssl/encoder.h 2021-07-02 13:23:55.732757920 +0200 -@@ -32,9 +32,12 @@ int OSSL_ENCODER_up_ref(OSSL_ENCODER *en - void OSSL_ENCODER_free(OSSL_ENCODER *encoder); - - const OSSL_PROVIDER *OSSL_ENCODER_get0_provider(const OSSL_ENCODER *encoder); -+# define OSSL_ENCODER_provider OSSL_ENCODER_get0_provider - const char *OSSL_ENCODER_get0_properties(const OSSL_ENCODER *encoder); -+# define OSSL_ENCODER_properties OSSL_ENCODER_get0_properties - const char *OSSL_ENCODER_get0_name(const OSSL_ENCODER *kdf); - const char *OSSL_ENCODER_get0_description(const OSSL_ENCODER *kdf); -+# define OSSL_ENCODER_description OSSL_ENCODER_get0_description - int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name); - - void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx, -diff -up openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi openssl-3.0.0-beta1/include/openssl/evp.h ---- openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi 2021-07-02 11:06:34.316615418 +0200 -+++ openssl-3.0.0-beta1/include/openssl/evp.h 2021-07-02 13:24:10.653898116 +0200 -@@ -534,11 +534,13 @@ int EVP_MD_get_type(const EVP_MD *md); - const char *EVP_MD_get0_name(const EVP_MD *md); - # define EVP_MD_name EVP_MD_get0_name - const char *EVP_MD_get0_description(const EVP_MD *md); -+# define EVP_MD_description EVP_MD_get0_description - int EVP_MD_is_a(const EVP_MD *md, const char *name); - int EVP_MD_names_do_all(const EVP_MD *md, - void (*fn)(const char *name, void *data), - void *data); - const OSSL_PROVIDER *EVP_MD_get0_provider(const EVP_MD *md); -+#define EVP_MD_provider EVP_MD_get0_provider - int EVP_MD_get_pkey_type(const EVP_MD *md); - # define EVP_MD_pkey_type EVP_MD_get_pkey_type - int EVP_MD_get_size(const EVP_MD *md); -@@ -579,11 +581,13 @@ int EVP_CIPHER_get_nid(const EVP_CIPHER - const char *EVP_CIPHER_get0_name(const EVP_CIPHER *cipher); - # define EVP_CIPHER_name EVP_CIPHER_get0_name - const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher); -+# define EVP_CIPHER_description EVP_CIPHER_get0_description - int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name); - int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, - void (*fn)(const char *name, void *data), - void *data); - const OSSL_PROVIDER *EVP_CIPHER_get0_provider(const EVP_CIPHER *cipher); -+# define EVP_CIPHER_provider EVP_CIPHER_get0_provider - int EVP_CIPHER_get_block_size(const EVP_CIPHER *cipher); - # define EVP_CIPHER_block_size EVP_CIPHER_get_block_size - # ifndef OPENSSL_NO_DEPRECATED_3_0 -@@ -1198,15 +1202,19 @@ EVP_MAC *EVP_MAC_fetch(OSSL_LIB_CTX *lib - int EVP_MAC_up_ref(EVP_MAC *mac); - void EVP_MAC_free(EVP_MAC *mac); - const char *EVP_MAC_get0_name(const EVP_MAC *mac); -+# define EVP_MAC_name EVP_MAC_get0_name - const char *EVP_MAC_get0_description(const EVP_MAC *mac); -+# define EVP_MAC_description EVP_MAC_get0_description - int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); - const OSSL_PROVIDER *EVP_MAC_get0_provider(const EVP_MAC *mac); -+# define EVP_MAC_provider EVP_MAC_get0_provider - int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); - - EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac); - void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx); - EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src); - EVP_MAC *EVP_MAC_CTX_get0_mac(EVP_MAC_CTX *ctx); -+# define EVP_MAC_CTX_mac EVP_MAC_CTX_get0_mac - int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); - int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); - -@@ -1242,14 +1250,18 @@ EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *l - int EVP_RAND_up_ref(EVP_RAND *rand); - void EVP_RAND_free(EVP_RAND *rand); - const char *EVP_RAND_get0_name(const EVP_RAND *rand); -+# define EVP_RAND_name EVP_RAND_get0_name - const char *EVP_RAND_get0_description(const EVP_RAND *md); -+# define EVP_RAND_description EVP_RAND_get0_description - int EVP_RAND_is_a(const EVP_RAND *rand, const char *name); - const OSSL_PROVIDER *EVP_RAND_get0_provider(const EVP_RAND *rand); -+# define EVP_RAND_provider EVP_RAND_get0_provider - int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]); - - EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent); - void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx); - EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAND_CTX *ctx); -+# define EVP_RAND_CTX_rand EVP_RAND_CTX_get0_rand - int EVP_RAND_CTX_get_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[]); - int EVP_RAND_CTX_set_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[]); - const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand); -@@ -1282,7 +1294,9 @@ __owur int EVP_RAND_enable_locking(EVP_R - - int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx); - unsigned int EVP_RAND_get_strength(EVP_RAND_CTX *ctx); -+# define EVP_RAND_strength EVP_RAND_get_strength - int EVP_RAND_get_state(EVP_RAND_CTX *ctx); -+# define EVP_RAND_state EVP_RAND_get_state - - # define EVP_RAND_STATE_UNINITIALISED 0 - # define EVP_RAND_STATE_READY 1 -@@ -1757,8 +1771,11 @@ EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_ - int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt); - void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt); - const OSSL_PROVIDER *EVP_KEYMGMT_get0_provider(const EVP_KEYMGMT *keymgmt); -+# define EVP_KEYMGMT_provider EVP_KEYMGMT_get0_provider - const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt); -+# define EVP_KEYMGMT_name EVP_KEYMGMT_get0_name - const char *EVP_KEYMGMT_get0_description(const EVP_KEYMGMT *keymgmt); -+# define EVP_KEYMGMT_description EVP_KEYMGMT_get0_description - int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name); - void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), -@@ -1838,11 +1855,14 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY - void EVP_SIGNATURE_free(EVP_SIGNATURE *signature); - int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature); - OSSL_PROVIDER *EVP_SIGNATURE_get0_provider(const EVP_SIGNATURE *signature); -+# define EVP_SIGNATURE_provider EVP_SIGNATURE_get0_provider - EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties); - int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name); - const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE *signature); -+# define EVP_SIGNATURE_name EVP_SIGNATURE_get0_name - const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature); -+# define EVP_SIGNATURE_description EVP_SIGNATURE_get0_description - void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_SIGNATURE *signature, - void *data), -@@ -1856,11 +1876,14 @@ const OSSL_PARAM *EVP_SIGNATURE_settable - void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher); - int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher); - OSSL_PROVIDER *EVP_ASYM_CIPHER_get0_provider(const EVP_ASYM_CIPHER *cipher); -+# define EVP_ASYM_CIPHER_provider EVP_ASYM_CIPHER_get0_provider - EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties); - int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name); - const char *EVP_ASYM_CIPHER_get0_name(const EVP_ASYM_CIPHER *cipher); -+# define EVP_ASYM_CIPHER_name EVP_ASYM_CIPHER_get0_name - const char *EVP_ASYM_CIPHER_get0_description(const EVP_ASYM_CIPHER *cipher); -+# define EVP_ASYM_CIPHER_description EVP_ASYM_CIPHER_get0_description - void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_ASYM_CIPHER *cipher, - void *arg), -@@ -1874,11 +1897,14 @@ const OSSL_PARAM *EVP_ASYM_CIPHER_settab - void EVP_KEM_free(EVP_KEM *wrap); - int EVP_KEM_up_ref(EVP_KEM *wrap); - OSSL_PROVIDER *EVP_KEM_get0_provider(const EVP_KEM *wrap); -+# define EVP_KEM_provider EVP_KEM_get0_provider - EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties); - int EVP_KEM_is_a(const EVP_KEM *wrap, const char *name); - const char *EVP_KEM_get0_name(const EVP_KEM *wrap); -+# define EVP_KEM_name EVP_KEM_get0_name - const char *EVP_KEM_get0_description(const EVP_KEM *wrap); -+# define EVP_KEM_description EVP_KEM_get0_description - void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_KEM *wrap, void *arg), void *arg); - int EVP_KEM_names_do_all(const EVP_KEM *wrap, -@@ -2140,9 +2166,12 @@ int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exch - EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties); - OSSL_PROVIDER *EVP_KEYEXCH_get0_provider(const EVP_KEYEXCH *exchange); -+# define EVP_KEYEXCH_provider EVP_KEYEXCH_get0_provider - int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name); - const char *EVP_KEYEXCH_get0_name(const EVP_KEYEXCH *keyexch); -+# define EVP_KEYEXCH_name EVP_KEYEXCH_get0_name - const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch); -+# define EVP_KEYEXCH_description EVP_KEYEXCH_get0_description - void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_KEYEXCH *keyexch, void *data), - void *data); -diff -up openssl-3.0.0-beta1/include/openssl/kdf.h.dual-abi openssl-3.0.0-beta1/include/openssl/kdf.h ---- openssl-3.0.0-beta1/include/openssl/kdf.h.dual-abi 2021-07-02 11:26:04.355711366 +0200 -+++ openssl-3.0.0-beta1/include/openssl/kdf.h 2021-07-02 11:57:44.950361808 +0200 -@@ -34,9 +34,12 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kd - void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); - EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src); - const char *EVP_KDF_get0_description(const EVP_KDF *kdf); -+# define EVP_KDF_description EVP_KDF_get0_description - int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name); - const char *EVP_KDF_get0_name(const EVP_KDF *kdf); -+# define EVP_KDF_name EVP_KDF_get0_name - const OSSL_PROVIDER *EVP_KDF_get0_provider(const EVP_KDF *kdf); -+# define EVP_KDF_provider EVP_KDF_get0_provider - const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx); - - void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx); -diff -up openssl-3.0.0-beta1/include/openssl/provider.h.dual-abi openssl-3.0.0-beta1/include/openssl/provider.h ---- openssl-3.0.0-beta1/include/openssl/provider.h.dual-abi 2021-07-02 13:53:27.941487991 +0200 -+++ openssl-3.0.0-beta1/include/openssl/provider.h 2021-07-02 13:54:12.265889498 +0200 -@@ -52,6 +52,7 @@ int OSSL_PROVIDER_add_builtin(OSSL_LIB_C - - /* Information */ - const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov); -+# define OSSL_PROVIDER_name OSSL_PROVIDER_get0_name - - # ifdef __cplusplus - } -diff -up openssl-3.0.0-beta1/include/openssl/store.h.dual-abi openssl-3.0.0-beta1/include/openssl/store.h ---- openssl-3.0.0-beta1/include/openssl/store.h.dual-abi 2021-07-02 13:54:41.990088355 +0200 -+++ openssl-3.0.0-beta1/include/openssl/store.h 2021-07-02 13:56:05.817649168 +0200 -@@ -260,8 +260,11 @@ int OSSL_STORE_LOADER_up_ref(OSSL_STORE_ - void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader); - const OSSL_PROVIDER *OSSL_STORE_LOADER_get0_provider(const OSSL_STORE_LOADER * - loader); -+# define OSSL_STORE_LOADER_provider OSSL_STORE_LOADER_get0_provider - const char *OSSL_STORE_LOADER_get0_properties(const OSSL_STORE_LOADER *loader); -+# define OSSL_STORE_LOADER_properties OSSL_STORE_LOADER_get0_properties - const char *OSSL_STORE_LOADER_get0_description(const OSSL_STORE_LOADER *loader); -+# define OSSL_STORE_LOADER_description OSSL_STORE_LOADER_get0_description - int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, - const char *scheme); - void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx, -diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-12 23:22:43.652838373 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-12 23:40:46.085974883 +0200 -@@ -430,6 +430,7 @@ const OSSL_PROVIDER *OSSL_DECODER_get0_p - - return decoder->base.prov; - } -+RHEL_ALIAS1(OSSL_DECODER_provider); - - const char *OSSL_DECODER_get0_properties(const OSSL_DECODER *decoder) - { -@@ -440,6 +441,7 @@ const char *OSSL_DECODER_get0_properties - - return decoder->base.algodef->property_definition; - } -+RHEL_ALIAS1(OSSL_DECODER_properties); - - const OSSL_PROPERTY_LIST * - ossl_decoder_parsed_properties(const OSSL_DECODER *decoder) -@@ -471,6 +473,7 @@ const char *OSSL_DECODER_get0_descriptio - { - return decoder->base.algodef->algorithm_description; - } -+RHEL_ALIAS1(OSSL_DECODER_description); - - int OSSL_DECODER_is_a(const OSSL_DECODER *decoder, const char *name) - { -diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-12 23:22:06.307513672 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-08 14:20:58.568247805 +0200 -@@ -439,6 +439,7 @@ const OSSL_PROVIDER *OSSL_ENCODER_get0_p - - return encoder->base.prov; - } -+RHEL_ALIAS1(OSSL_ENCODER_provider); - - const char *OSSL_ENCODER_get0_properties(const OSSL_ENCODER *encoder) - { -@@ -449,6 +450,7 @@ const char *OSSL_ENCODER_get0_properties - - return encoder->base.algodef->property_definition; - } -+RHEL_ALIAS1(OSSL_ENCODER_properties); - - const OSSL_PROPERTY_LIST * - ossl_encoder_parsed_properties(const OSSL_ENCODER *encoder) -diff -up openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi openssl-3.0.0-beta1/crypto/evp/signature.c ---- openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi 2021-07-12 23:35:50.113380220 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/signature.c 2021-07-12 23:42:13.074732176 +0200 -@@ -304,6 +304,7 @@ OSSL_PROVIDER *EVP_SIGNATURE_get0_provid - { - return signature->prov; - } -+RHEL_ALIAS1(EVP_SIGNATURE_provider); - - EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties) -diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/crypto/provider.c ---- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-12 23:20:52.911866341 +0200 -+++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-08 14:17:56.222526254 +0200 -@@ -133,6 +133,7 @@ const char *OSSL_PROVIDER_get0_name(cons - { - return ossl_provider_name(prov); - } -+RHEL_ALIAS1(OSSL_PROVIDER_name); - - int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx, - int (*cb)(OSSL_PROVIDER *provider, -diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-beta1/crypto/store/store_meth.c ---- openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi 2021-07-12 23:19:45.894383707 +0200 -+++ openssl-3.0.0-beta1/crypto/store/store_meth.c 2021-07-08 10:32:19.767282116 +0200 -@@ -398,6 +398,7 @@ const OSSL_PROVIDER *OSSL_STORE_LOADER_g - - return loader->prov; - } -+RHEL_ALIAS1(OSSL_STORE_LOADER_provider); - - const char *OSSL_STORE_LOADER_get0_properties(const OSSL_STORE_LOADER *loader) - { -@@ -408,6 +409,7 @@ const char *OSSL_STORE_LOADER_get0_prope - - return loader->propdef; - } -+RHEL_ALIAS1(OSSL_STORE_LOADER_properties); - - int ossl_store_loader_get_number(const OSSL_STORE_LOADER *loader) - { -@@ -423,6 +425,7 @@ const char *OSSL_STORE_LOADER_get0_descr - { - return loader->description; - } -+RHEL_ALIAS1(OSSL_STORE_LOADER_description); - - int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, const char *name) - { -diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-13 01:01:18.919145746 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-13 01:02:00.137533120 +0200 -@@ -23,6 +23,21 @@ - */ - #define NAME_SEPARATOR ':' - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - /* Simple method structure constructor and destructor */ - static OSSL_DECODER *ossl_decoder_new(void) - { -diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-13 01:01:31.433263354 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-13 01:02:26.169777773 +0200 -@@ -23,6 +23,21 @@ - */ - #define NAME_SEPARATOR ':' - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - /* Simple method structure constructor and destructor */ - static OSSL_ENCODER *ossl_encoder_new(void) - { -diff -up openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi openssl-3.0.0-beta1/crypto/evp/asymcipher.c ---- openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi 2021-07-13 01:11:45.757160664 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/asymcipher.c 2021-07-13 01:12:10.821406727 +0200 -@@ -17,6 +17,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation, - const OSSL_PARAM params[]) - { -@@ -413,6 +428,7 @@ OSSL_PROVIDER *EVP_ASYM_CIPHER_get0_prov - { - return cipher->prov; - } -+RHEL_ALIAS1(EVP_ASYM_CIPHER_provider); - - EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties) -@@ -437,11 +453,13 @@ const char *EVP_ASYM_CIPHER_get0_name(co - { - return cipher->type_name; - } -+RHEL_ALIAS1(EVP_ASYM_CIPHER_name); - - const char *EVP_ASYM_CIPHER_get0_description(const EVP_ASYM_CIPHER *cipher) - { - return cipher->description; - } -+RHEL_ALIAS1(EVP_ASYM_CIPHER_description); - - void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_ASYM_CIPHER *cipher, -diff -up openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_lib.c ---- openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi 2021-07-13 01:10:08.970210463 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/evp_lib.c 2021-07-13 01:10:20.596324598 +0200 -@@ -31,6 +31,21 @@ - #include "crypto/asn1.h" - #include "internal/provider.h" - #include "evp_local.h" -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - - #if !defined(FIPS_MODULE) - -@@ -337,6 +352,7 @@ int EVP_CIPHER_get_type(const EVP_CIPHER - #endif - } - } -+RHEL_ALIAS1(EVP_CIPHER_type); - - int evp_cipher_cache_constants(EVP_CIPHER *cipher) - { -@@ -389,11 +405,13 @@ int EVP_CIPHER_get_block_size(const EVP_ - { - return cipher->block_size; - } -+RHEL_ALIAS1(EVP_CIPHER_block_size); - - int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx) - { - return EVP_CIPHER_get_block_size(ctx->cipher); - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_block_size); - - int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e) - { -@@ -466,11 +484,13 @@ int EVP_CIPHER_CTX_is_encrypting(const E - { - return ctx->encrypt; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_encrypting); - - unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher) - { - return cipher->flags; - } -+RHEL_ALIAS1(EVP_CIPHER_flags); - - void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) - { -@@ -501,6 +521,7 @@ int EVP_CIPHER_get_iv_length(const EVP_C - { - return cipher->iv_len; - } -+RHEL_ALIAS1(EVP_CIPHER_iv_length); - - int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx) - { -@@ -522,6 +543,7 @@ legacy: - } - return len; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_iv_length); - - int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx) - { -@@ -533,6 +555,7 @@ int EVP_CIPHER_CTX_get_tag_length(const - ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); - return ret == 1 ? (int)v : 0; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_tag_length); - - #ifndef OPENSSL_NO_DEPRECATED_3_0 - const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx) -@@ -615,6 +638,7 @@ int EVP_CIPHER_CTX_get_num(const EVP_CIP - - return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_num); - - int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num) - { -@@ -634,6 +658,7 @@ int EVP_CIPHER_get_key_length(const EVP_ - { - return cipher->key_len; - } -+RHEL_ALIAS1(EVP_CIPHER_key_length); - - int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx) - { -@@ -646,16 +671,19 @@ int EVP_CIPHER_CTX_get_key_length(const - - return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_key_length); - - int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher) - { - return cipher->nid; - } -+RHEL_ALIAS1(EVP_CIPHER_nid); - - int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx) - { - return ctx->cipher->nid; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_nid); - - int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name) - { -@@ -679,6 +707,7 @@ const char *EVP_CIPHER_get0_name(const E - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_CIPHER_name); - - const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher) - { -@@ -690,6 +719,7 @@ const char *EVP_CIPHER_get0_description( - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_CIPHER_description); - - int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, - void (*fn)(const char *name, void *data), -@@ -705,11 +735,13 @@ const OSSL_PROVIDER *EVP_CIPHER_get0_pro - { - return cipher->prov; - } -+RHEL_ALIAS1(EVP_CIPHER_provider); - - int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher) - { - return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE; - } -+RHEL_ALIAS1(EVP_CIPHER_mode); - - int EVP_MD_is_a(const EVP_MD *md, const char *name) - { -@@ -733,6 +765,7 @@ const char *EVP_MD_get0_description(cons - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_MD_description); - - const char *EVP_MD_get0_name(const EVP_MD *md) - { -@@ -746,6 +779,7 @@ const char *EVP_MD_get0_name(const EVP_M - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_MD_name); - - int EVP_MD_names_do_all(const EVP_MD *md, - void (*fn)(const char *name, void *data), -@@ -761,16 +795,19 @@ const OSSL_PROVIDER *EVP_MD_get0_provide - { - return md->prov; - } -+RHEL_ALIAS1(EVP_MD_provider); - - int EVP_MD_get_type(const EVP_MD *md) - { - return md->type; - } -+RHEL_ALIAS1(EVP_MD_type); - - int EVP_MD_get_pkey_type(const EVP_MD *md) - { - return md->pkey_type; - } -+RHEL_ALIAS1(EVP_MD_pkey_type); - - int EVP_MD_get_block_size(const EVP_MD *md) - { -@@ -780,6 +817,7 @@ int EVP_MD_get_block_size(const EVP_MD * - } - return md->block_size; - } -+RHEL_ALIAS1(EVP_MD_block_size); - - int EVP_MD_get_size(const EVP_MD *md) - { -@@ -789,11 +827,13 @@ int EVP_MD_get_size(const EVP_MD *md) - } - return md->md_size; - } -+RHEL_ALIAS1(EVP_MD_size); - - unsigned long EVP_MD_get_flags(const EVP_MD *md) - { - return md->flags; - } -+RHEL_ALIAS1(EVP_MD_flags); - - EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type) - { -@@ -1007,6 +1047,7 @@ EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(co - { - return ctx->pctx; - } -+RHEL_ALIAS1(EVP_MD_CTX_pkey_ctx); - - #if !defined(FIPS_MODULE) - void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx) -@@ -1033,6 +1074,7 @@ void *EVP_MD_CTX_get0_md_data(const EVP_ - { - return ctx->md_data; - } -+RHEL_ALIAS1(EVP_MD_CTX_md_data); - - int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, - const void *data, size_t count) -diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c ---- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-13 00:54:33.231325700 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-13 00:57:22.596922955 +0200 -@@ -26,6 +26,22 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ -+ - struct evp_rand_st { - OSSL_PROVIDER *prov; - int name_id; -@@ -302,11 +318,13 @@ const char *EVP_RAND_get0_name(const EVP - { - return rand->type_name; - } -+RHEL_ALIAS1(EVP_RAND_name); - - const char *EVP_RAND_get0_description(const EVP_RAND *rand) - { - return rand->description; - } -+RHEL_ALIAS1(EVP_RAND_description); - - int EVP_RAND_is_a(const EVP_RAND *rand, const char *name) - { -@@ -317,6 +335,7 @@ const OSSL_PROVIDER *EVP_RAND_get0_provi - { - return rand->prov; - } -+RHEL_ALIAS1(EVP_RAND_provider); - - int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]) - { -@@ -399,6 +418,7 @@ EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAN - { - return ctx->meth; - } -+RHEL_ALIAS1(EVP_RAND_CTX_rand); - - static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx, - OSSL_PARAM params[]) -@@ -633,6 +653,7 @@ unsigned int EVP_RAND_get_strength(EVP_R - evp_rand_unlock(ctx); - return res; - } -+RHEL_ALIAS1(EVP_RAND_strength); - - static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out, - size_t outlen) -@@ -667,6 +688,7 @@ int EVP_RAND_get_state(EVP_RAND_CTX *ctx - state = EVP_RAND_STATE_ERROR; - return state; - } -+RHEL_ALIAS1(EVP_RAND_state); - - static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx) - { -diff -up openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi openssl-3.0.0-beta1/crypto/evp/exchange.c ---- openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi 2021-07-12 23:58:50.656415550 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/exchange.c 2021-07-13 00:43:35.764165305 +0200 -@@ -17,6 +17,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov) - { - EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH)); -@@ -170,6 +185,7 @@ OSSL_PROVIDER *EVP_KEYEXCH_get0_provider - { - return exchange->prov; - } -+RHEL_ALIAS1(EVP_KEYEXCH_provider); - - EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties) -@@ -467,6 +483,7 @@ const char *EVP_KEYEXCH_get0_name(const - { - return keyexch->type_name; - } -+RHEL_ALIAS1(EVP_KEYEXCH_name); - - const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch) - { -diff -up openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kdf_lib.c ---- openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi 2021-07-13 01:05:40.212601404 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/kdf_lib.c 2021-07-13 01:06:03.238817806 +0200 -@@ -23,6 +23,21 @@ - #include "internal/provider.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) - { - EVP_KDF_CTX *ctx = NULL; -diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kem.c ---- openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi 2021-07-13 01:05:02.966251358 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/kem.c 2021-07-13 01:04:49.023120319 +0200 -@@ -17,6 +17,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation, - const OSSL_PARAM params[]) - { -diff -up openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c ---- openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi 2021-07-13 00:01:22.784863826 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c 2021-07-13 00:44:18.815566635 +0200 -@@ -17,6 +17,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static void *keymgmt_new(void) - { - EVP_KEYMGMT *keymgmt = NULL; -@@ -250,6 +265,7 @@ const OSSL_PROVIDER *EVP_KEYMGMT_get0_pr - { - return keymgmt->prov; - } -+RHEL_ALIAS1(EVP_KEYMGMT_provider); - - int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt) - { -@@ -260,11 +276,13 @@ const char *EVP_KEYMGMT_get0_description - { - return keymgmt->description; - } -+RHEL_ALIAS1(EVP_KEYMGMT_description); - - const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt) - { - return keymgmt->type_name; - } -+RHEL_ALIAS1(EVP_KEYMGMT_name); - - int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name) - { -diff -up openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_lib.c ---- openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi 2021-07-13 00:03:56.495327168 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/mac_lib.c 2021-07-13 00:44:48.459842988 +0200 -@@ -19,6 +19,21 @@ - #include "internal/provider.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac) - { - EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX)); -@@ -81,6 +96,7 @@ EVP_MAC *EVP_MAC_CTX_get0_mac(EVP_MAC_CT - { - return ctx->meth; - } -+RHEL_ALIAS1(EVP_MAC_CTX_mac); - - static size_t get_size_t_ctx_param(EVP_MAC_CTX *ctx, const char *name) - { -@@ -212,11 +228,13 @@ const char *EVP_MAC_get0_name(const EVP_ - { - return mac->type_name; - } -+RHEL_ALIAS1(EVP_MAC_name); - - const char *EVP_MAC_get0_description(const EVP_MAC *mac) - { - return mac->description; - } -+RHEL_ALIAS1(EVP_MAC_description); - - int EVP_MAC_is_a(const EVP_MAC *mac, const char *name) - { -diff -up openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_meth.c ---- openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi 2021-07-13 00:06:10.565599500 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/mac_meth.c 2021-07-13 00:45:14.925089707 +0200 -@@ -7,6 +7,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static int evp_mac_up_ref(void *vmac) - { - EVP_MAC *mac = vmac; -@@ -179,6 +194,7 @@ const OSSL_PROVIDER *EVP_MAC_get0_provid - { - return mac->prov; - } -+RHEL_ALIAS1(EVP_MAC_provider); - - const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac) - { -diff -up openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/p_lib.c ---- openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi 2021-07-13 00:49:03.477220320 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/p_lib.c 2021-07-13 00:53:25.178683891 +0200 -@@ -49,6 +49,21 @@ - - #include "e_os.h" /* strcasecmp on Windows */ - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, - int len, EVP_KEYMGMT *keymgmt); - static void evp_pkey_free_it(EVP_PKEY *key); -@@ -69,6 +84,7 @@ int EVP_PKEY_get_bits(const EVP_PKEY *pk - } - return size < 0 ? 0 : size; - } -+RHEL_ALIAS1(EVP_PKEY_bits); - - int EVP_PKEY_get_security_bits(const EVP_PKEY *pkey) - { -@@ -81,6 +97,7 @@ int EVP_PKEY_get_security_bits(const EVP - } - return size < 0 ? 0 : size; - } -+RHEL_ALIAS1(EVP_PKEY_security_bits); - - int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) - { -@@ -974,11 +991,13 @@ int EVP_PKEY_get_id(const EVP_PKEY *pkey - { - return pkey->type; - } -+RHEL_ALIAS1(EVP_PKEY_id); - - int EVP_PKEY_get_base_id(const EVP_PKEY *pkey) - { - return EVP_PKEY_type(pkey->type); - } -+RHEL_ALIAS1(EVP_PKEY_base_id); - - /* - * These hard coded cases are pure hackery to get around the fact -@@ -1780,6 +1799,7 @@ int EVP_PKEY_get_size(const EVP_PKEY *pk - } - return size < 0 ? 0 : size; - } -+RHEL_ALIAS1(EVP_PKEY_size); - - const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey) - { -@@ -1794,6 +1814,7 @@ const char *EVP_PKEY_get0_description(co - #endif - return NULL; - } -+RHEL_ALIAS1(EVP_PKEY_description); - - void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, - EVP_KEYMGMT **keymgmt, -diff -up openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c ---- openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c.dual-abi 2021-07-13 00:47:14.791207121 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c 2021-07-13 00:48:48.716082716 +0200 -@@ -34,6 +34,21 @@ - - #ifndef FIPS_MODULE - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx, - int keytype, int optype, - int cmd, const char *name, -@@ -1076,6 +1091,7 @@ int EVP_PKEY_CTX_set_hkdf_mode(EVP_PKEY_ - - return EVP_PKEY_CTX_set_params(ctx, int_params); - } -+RHEL_ALIAS1(EVP_PKEY_CTX_hkdf_mode); - - int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass, - int passlen) -diff -up openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi openssl-3.0.0-beta1/crypto/evp/signature.c ---- openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi 2021-07-13 00:58:07.602347388 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/signature.c 2021-07-13 00:59:52.391332550 +0200 -@@ -18,6 +18,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov) - { - EVP_SIGNATURE *signature = OPENSSL_zalloc(sizeof(EVP_SIGNATURE)); -@@ -329,11 +344,13 @@ const char *EVP_SIGNATURE_get0_name(cons - { - return signature->type_name; - } -+RHEL_ALIAS1(EVP_SIGNATURE_name); - - const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature) - { - return signature->description; - } -+RHEL_ALIAS1(EVP_SIGNATURE_description); - - void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_SIGNATURE *signature, -diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-beta1/crypto/store/store_meth.c ---- openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi 2021-07-13 01:02:51.062011712 +0200 -+++ openssl-3.0.0-beta1/crypto/store/store_meth.c 2021-07-13 01:03:16.138247380 +0200 -@@ -15,6 +15,21 @@ - #include "internal/provider.h" - #include "store_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader) - { - int ref = 0; -diff -up openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi openssl-3.0.0-beta1/include/openssl/evp.h ---- openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi 2021-07-13 10:36:25.622755098 +0200 -+++ openssl-3.0.0-beta1/include/openssl/evp.h 2021-07-13 10:36:43.680926345 +0200 -@@ -1394,6 +1394,7 @@ int EVP_PKEY_up_ref(EVP_PKEY *pkey); - EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey); - void EVP_PKEY_free(EVP_PKEY *pkey); - const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey); -+#define EVP_PKEY_description EVP_PKEY_get0_description - - EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, - long length); -diff -up openssl-3.0.0-beta1/crypto/http/http_client.c.dual-abi openssl-3.0.0-beta1/crypto/http/http_client.c ---- openssl-3.0.0-beta1/crypto/http/http_client.c.dual-abi 2021-07-13 22:47:01.463713204 +0200 -+++ openssl-3.0.0-beta1/crypto/http/http_client.c 2021-07-13 22:46:32.064435146 +0200 -@@ -784,6 +784,11 @@ int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP - - } - -+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx) -+{ -+ return OSSL_HTTP_REQ_CTX_nbio_d2i(rctx, (ASN1_VALUE **)(presp), ASN1_ITEM_rptr(OCSP_RESPONSE)); -+} -+ - #ifndef OPENSSL_NO_SOCK - - /* set up a new connection BIO, to HTTP server or to HTTP(S) proxy if given */ -diff -up openssl-3.0.0-beta1/include/openssl/http.h.dual-abi openssl-3.0.0-beta1/include/openssl/http.h ---- openssl-3.0.0-beta1/include/openssl/http.h.dual-abi 2021-07-13 22:46:13.628260778 +0200 -+++ openssl-3.0.0-beta1/include/openssl/http.h 2021-07-13 22:45:33.390880219 +0200 -@@ -52,6 +52,7 @@ int OSSL_HTTP_REQ_CTX_set1_req(OSSL_HTTP - int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx); - int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP_REQ_CTX *rctx, - ASN1_VALUE **pval, const ASN1_ITEM *it); -+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx); - BIO *OSSL_HTTP_REQ_CTX_exchange(OSSL_HTTP_REQ_CTX *rctx); - BIO *OSSL_HTTP_REQ_CTX_get0_mem_bio(const OSSL_HTTP_REQ_CTX *rctx); - size_t OSSL_HTTP_REQ_CTX_get_resp_len(const OSSL_HTTP_REQ_CTX *rctx); -diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-13 23:41:29.425486504 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-13 23:42:00.393819678 +0200 -@@ -497,6 +497,7 @@ const char *OSSL_ENCODER_get0_descriptio - { - return encoder->base.algodef->algorithm_description; - } -+RHEL_ALIAS1(OSSL_ENCODER_description); - - int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name) - { -diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/util/libcrypto.num ---- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-13 23:38:25.166562563 +0200 -+++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-13 23:40:38.622939932 +0200 -@@ -5414,3 +5414,76 @@ ASN1_item_d2i_bio_ex - ASN1_item_d2i_ex ? 3_0_0 EXIST::FUNCTION: - ASN1_TIME_print_ex ? 3_0_0 EXIST::FUNCTION: - ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: -+EVP_ASYM_CIPHER_description ? 3_0_0 EXIST::FUNCTION: -+EVP_ASYM_CIPHER_name ? 3_0_0 EXIST::FUNCTION: -+EVP_ASYM_CIPHER_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_block_size ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_encrypting ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_iv_length ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_key_length ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_nid ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_num ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_tag_length ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_block_size ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_description ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_flags ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_iv_length ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_key_length ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_mode ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_name ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_nid ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_type ? 3_0_0 EXIST::FUNCTION: -+EVP_KDF_description ? 3_0_0 EXIST::FUNCTION: -+EVP_KDF_name ? 3_0_0 EXIST::FUNCTION: -+EVP_KDF_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_KEM_description ? 3_0_0 EXIST::FUNCTION: -+EVP_KEM_name ? 3_0_0 EXIST::FUNCTION: -+EVP_KEM_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYEXCH_description ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYEXCH_name ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYEXCH_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYMGMT_description ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYMGMT_name ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYMGMT_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_MAC_CTX_mac ? 3_0_0 EXIST::FUNCTION: -+EVP_MAC_description ? 3_0_0 EXIST::FUNCTION: -+EVP_MAC_name ? 3_0_0 EXIST::FUNCTION: -+EVP_MAC_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_CTX_md_data ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_CTX_pkey_ctx ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_block_size ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_description ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_flags ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_name ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_pkey_type ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_size ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_type ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_CTX_hkdf_mode ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_base_id ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_bits ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_description ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_id ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_security_bits ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_size ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_CTX_rand ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_description ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_name ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_state ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_strength ? 3_0_0 EXIST::FUNCTION: -+EVP_SIGNATURE_description ? 3_0_0 EXIST::FUNCTION: -+EVP_SIGNATURE_name ? 3_0_0 EXIST::FUNCTION: -+EVP_SIGNATURE_provider ? 3_0_0 EXIST::FUNCTION: -+OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: -+OSSL_DECODER_description ? 3_0_0 EXIST::FUNCTION: -+OSSL_DECODER_provider ? 3_0_0 EXIST::FUNCTION: -+OSSL_ENCODER_description ? 3_0_0 EXIST::FUNCTION: -+OSSL_ENCODER_properties ? 3_0_0 EXIST::FUNCTION: -+OSSL_ENCODER_provider ? 3_0_0 EXIST::FUNCTION: -+OSSL_PROVIDER_name ? 3_0_0 EXIST::FUNCTION: -+OSSL_STORE_LOADER_description ? 3_0_0 EXIST::FUNCTION: -+OSSL_STORE_LOADER_properties ? 3_0_0 EXIST::FUNCTION: -+OSSL_STORE_LOADER_provider ? 3_0_0 EXIST::FUNCTION: -+OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: -diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/crypto/provider.c ---- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-14 00:37:49.301207962 +0200 -+++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-14 00:39:34.796200433 +0200 -@@ -13,6 +13,21 @@ - #include - #include "internal/provider.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name, - int retain_fallbacks) - { -diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/util/libcrypto.num ---- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-14 08:43:00.374838367 +0200 -+++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-14 08:43:20.421006957 +0200 -@@ -5486,4 +5486,3 @@ OSSL_PROVIDER_name ? 3_0_0 EXIS - OSSL_STORE_LOADER_description ? 3_0_0 EXIST::FUNCTION: - OSSL_STORE_LOADER_properties ? 3_0_0 EXIST::FUNCTION: - OSSL_STORE_LOADER_provider ? 3_0_0 EXIST::FUNCTION: --OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: diff --git a/openssl.spec b/openssl.spec index f7a9390..cb3d4f3 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta1.1%{?dist} +Release: 0.beta1.2%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -380,6 +380,9 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Wed Jul 14 2021 Sahana Prasad 3.0.0-0.beta1.2 +- Removes unused patch dual-abi.patch + * Wed Jul 14 2021 Sahana Prasad 3.0.0-0.beta1.1 - Update to Beta1 version - Includes a patch to support dual-ABI, as Beta1 brekas ABI with alpha16 From 529b968a17789708170c054b7e771c61f4d03d0c Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Mon, 19 Jul 2021 13:59:36 +0200 Subject: [PATCH 24/41] Update patch dual-abi.patch to add the #define macros in implementation files instead of public header files Related: rhbz#1903209 Signed-off-by: Sahana Prasad --- 0019-dual-abi.patch | 440 +++++++++++++++++++++----------------------- openssl.spec | 6 +- 2 files changed, 210 insertions(+), 236 deletions(-) diff --git a/0019-dual-abi.patch b/0019-dual-abi.patch index 15bd2c0..9c9f41f 100644 --- a/0019-dual-abi.patch +++ b/0019-dual-abi.patch @@ -59,230 +59,6 @@ diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypt void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEM *kem, void *arg), -diff -up openssl-3.0.0-beta1/include/openssl/decoder.h.dual-abi openssl-3.0.0-beta1/include/openssl/decoder.h ---- openssl-3.0.0-beta1/include/openssl/decoder.h.dual-abi 2021-07-02 12:39:19.758597953 +0200 -+++ openssl-3.0.0-beta1/include/openssl/decoder.h 2021-07-02 13:21:55.717630285 +0200 -@@ -32,9 +32,12 @@ int OSSL_DECODER_up_ref(OSSL_DECODER *en - void OSSL_DECODER_free(OSSL_DECODER *encoder); - - const OSSL_PROVIDER *OSSL_DECODER_get0_provider(const OSSL_DECODER *encoder); -+# define OSSL_DECODER_provider OSSL_DECODER_get0_provider - const char *OSSL_DECODER_get0_properties(const OSSL_DECODER *encoder); -+# define OSSL_DECODER_properties OSSL_DECODER_get0_properties - const char *OSSL_DECODER_get0_name(const OSSL_DECODER *decoder); - const char *OSSL_DECODER_get0_description(const OSSL_DECODER *decoder); -+# define OSSL_DECODER_description OSSL_DECODER_get0_description - int OSSL_DECODER_is_a(const OSSL_DECODER *encoder, const char *name); - - void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx, -diff -up openssl-3.0.0-beta1/include/openssl/encoder.h.dual-abi openssl-3.0.0-beta1/include/openssl/encoder.h ---- openssl-3.0.0-beta1/include/openssl/encoder.h.dual-abi 2021-07-02 13:22:22.889885589 +0200 -+++ openssl-3.0.0-beta1/include/openssl/encoder.h 2021-07-02 13:23:55.732757920 +0200 -@@ -32,9 +32,12 @@ int OSSL_ENCODER_up_ref(OSSL_ENCODER *en - void OSSL_ENCODER_free(OSSL_ENCODER *encoder); - - const OSSL_PROVIDER *OSSL_ENCODER_get0_provider(const OSSL_ENCODER *encoder); -+# define OSSL_ENCODER_provider OSSL_ENCODER_get0_provider - const char *OSSL_ENCODER_get0_properties(const OSSL_ENCODER *encoder); -+# define OSSL_ENCODER_properties OSSL_ENCODER_get0_properties - const char *OSSL_ENCODER_get0_name(const OSSL_ENCODER *kdf); - const char *OSSL_ENCODER_get0_description(const OSSL_ENCODER *kdf); -+# define OSSL_ENCODER_description OSSL_ENCODER_get0_description - int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name); - - void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx, -diff -up openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi openssl-3.0.0-beta1/include/openssl/evp.h ---- openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi 2021-07-02 11:06:34.316615418 +0200 -+++ openssl-3.0.0-beta1/include/openssl/evp.h 2021-07-02 13:24:10.653898116 +0200 -@@ -534,11 +534,13 @@ int EVP_MD_get_type(const EVP_MD *md); - const char *EVP_MD_get0_name(const EVP_MD *md); - # define EVP_MD_name EVP_MD_get0_name - const char *EVP_MD_get0_description(const EVP_MD *md); -+# define EVP_MD_description EVP_MD_get0_description - int EVP_MD_is_a(const EVP_MD *md, const char *name); - int EVP_MD_names_do_all(const EVP_MD *md, - void (*fn)(const char *name, void *data), - void *data); - const OSSL_PROVIDER *EVP_MD_get0_provider(const EVP_MD *md); -+#define EVP_MD_provider EVP_MD_get0_provider - int EVP_MD_get_pkey_type(const EVP_MD *md); - # define EVP_MD_pkey_type EVP_MD_get_pkey_type - int EVP_MD_get_size(const EVP_MD *md); -@@ -579,11 +581,13 @@ int EVP_CIPHER_get_nid(const EVP_CIPHER - const char *EVP_CIPHER_get0_name(const EVP_CIPHER *cipher); - # define EVP_CIPHER_name EVP_CIPHER_get0_name - const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher); -+# define EVP_CIPHER_description EVP_CIPHER_get0_description - int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name); - int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, - void (*fn)(const char *name, void *data), - void *data); - const OSSL_PROVIDER *EVP_CIPHER_get0_provider(const EVP_CIPHER *cipher); -+# define EVP_CIPHER_provider EVP_CIPHER_get0_provider - int EVP_CIPHER_get_block_size(const EVP_CIPHER *cipher); - # define EVP_CIPHER_block_size EVP_CIPHER_get_block_size - # ifndef OPENSSL_NO_DEPRECATED_3_0 -@@ -1198,15 +1202,19 @@ EVP_MAC *EVP_MAC_fetch(OSSL_LIB_CTX *lib - int EVP_MAC_up_ref(EVP_MAC *mac); - void EVP_MAC_free(EVP_MAC *mac); - const char *EVP_MAC_get0_name(const EVP_MAC *mac); -+# define EVP_MAC_name EVP_MAC_get0_name - const char *EVP_MAC_get0_description(const EVP_MAC *mac); -+# define EVP_MAC_description EVP_MAC_get0_description - int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); - const OSSL_PROVIDER *EVP_MAC_get0_provider(const EVP_MAC *mac); -+# define EVP_MAC_provider EVP_MAC_get0_provider - int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); - - EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac); - void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx); - EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src); - EVP_MAC *EVP_MAC_CTX_get0_mac(EVP_MAC_CTX *ctx); -+# define EVP_MAC_CTX_mac EVP_MAC_CTX_get0_mac - int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); - int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); - -@@ -1242,14 +1250,18 @@ EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *l - int EVP_RAND_up_ref(EVP_RAND *rand); - void EVP_RAND_free(EVP_RAND *rand); - const char *EVP_RAND_get0_name(const EVP_RAND *rand); -+# define EVP_RAND_name EVP_RAND_get0_name - const char *EVP_RAND_get0_description(const EVP_RAND *md); -+# define EVP_RAND_description EVP_RAND_get0_description - int EVP_RAND_is_a(const EVP_RAND *rand, const char *name); - const OSSL_PROVIDER *EVP_RAND_get0_provider(const EVP_RAND *rand); -+# define EVP_RAND_provider EVP_RAND_get0_provider - int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]); - - EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent); - void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx); - EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAND_CTX *ctx); -+# define EVP_RAND_CTX_rand EVP_RAND_CTX_get0_rand - int EVP_RAND_CTX_get_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[]); - int EVP_RAND_CTX_set_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[]); - const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand); -@@ -1282,7 +1294,9 @@ __owur int EVP_RAND_enable_locking(EVP_R - - int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx); - unsigned int EVP_RAND_get_strength(EVP_RAND_CTX *ctx); -+# define EVP_RAND_strength EVP_RAND_get_strength - int EVP_RAND_get_state(EVP_RAND_CTX *ctx); -+# define EVP_RAND_state EVP_RAND_get_state - - # define EVP_RAND_STATE_UNINITIALISED 0 - # define EVP_RAND_STATE_READY 1 -@@ -1757,8 +1771,11 @@ EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_ - int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt); - void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt); - const OSSL_PROVIDER *EVP_KEYMGMT_get0_provider(const EVP_KEYMGMT *keymgmt); -+# define EVP_KEYMGMT_provider EVP_KEYMGMT_get0_provider - const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt); -+# define EVP_KEYMGMT_name EVP_KEYMGMT_get0_name - const char *EVP_KEYMGMT_get0_description(const EVP_KEYMGMT *keymgmt); -+# define EVP_KEYMGMT_description EVP_KEYMGMT_get0_description - int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name); - void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), -@@ -1838,11 +1855,14 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY - void EVP_SIGNATURE_free(EVP_SIGNATURE *signature); - int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature); - OSSL_PROVIDER *EVP_SIGNATURE_get0_provider(const EVP_SIGNATURE *signature); -+# define EVP_SIGNATURE_provider EVP_SIGNATURE_get0_provider - EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties); - int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name); - const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE *signature); -+# define EVP_SIGNATURE_name EVP_SIGNATURE_get0_name - const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature); -+# define EVP_SIGNATURE_description EVP_SIGNATURE_get0_description - void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_SIGNATURE *signature, - void *data), -@@ -1856,11 +1876,14 @@ const OSSL_PARAM *EVP_SIGNATURE_settable - void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher); - int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher); - OSSL_PROVIDER *EVP_ASYM_CIPHER_get0_provider(const EVP_ASYM_CIPHER *cipher); -+# define EVP_ASYM_CIPHER_provider EVP_ASYM_CIPHER_get0_provider - EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties); - int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name); - const char *EVP_ASYM_CIPHER_get0_name(const EVP_ASYM_CIPHER *cipher); -+# define EVP_ASYM_CIPHER_name EVP_ASYM_CIPHER_get0_name - const char *EVP_ASYM_CIPHER_get0_description(const EVP_ASYM_CIPHER *cipher); -+# define EVP_ASYM_CIPHER_description EVP_ASYM_CIPHER_get0_description - void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_ASYM_CIPHER *cipher, - void *arg), -@@ -1874,11 +1897,14 @@ const OSSL_PARAM *EVP_ASYM_CIPHER_settab - void EVP_KEM_free(EVP_KEM *wrap); - int EVP_KEM_up_ref(EVP_KEM *wrap); - OSSL_PROVIDER *EVP_KEM_get0_provider(const EVP_KEM *wrap); -+# define EVP_KEM_provider EVP_KEM_get0_provider - EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties); - int EVP_KEM_is_a(const EVP_KEM *wrap, const char *name); - const char *EVP_KEM_get0_name(const EVP_KEM *wrap); -+# define EVP_KEM_name EVP_KEM_get0_name - const char *EVP_KEM_get0_description(const EVP_KEM *wrap); -+# define EVP_KEM_description EVP_KEM_get0_description - void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_KEM *wrap, void *arg), void *arg); - int EVP_KEM_names_do_all(const EVP_KEM *wrap, -@@ -2140,9 +2166,12 @@ int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exch - EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties); - OSSL_PROVIDER *EVP_KEYEXCH_get0_provider(const EVP_KEYEXCH *exchange); -+# define EVP_KEYEXCH_provider EVP_KEYEXCH_get0_provider - int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name); - const char *EVP_KEYEXCH_get0_name(const EVP_KEYEXCH *keyexch); -+# define EVP_KEYEXCH_name EVP_KEYEXCH_get0_name - const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch); -+# define EVP_KEYEXCH_description EVP_KEYEXCH_get0_description - void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_KEYEXCH *keyexch, void *data), - void *data); -diff -up openssl-3.0.0-beta1/include/openssl/kdf.h.dual-abi openssl-3.0.0-beta1/include/openssl/kdf.h ---- openssl-3.0.0-beta1/include/openssl/kdf.h.dual-abi 2021-07-02 11:26:04.355711366 +0200 -+++ openssl-3.0.0-beta1/include/openssl/kdf.h 2021-07-02 11:57:44.950361808 +0200 -@@ -34,9 +34,12 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kd - void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); - EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src); - const char *EVP_KDF_get0_description(const EVP_KDF *kdf); -+# define EVP_KDF_description EVP_KDF_get0_description - int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name); - const char *EVP_KDF_get0_name(const EVP_KDF *kdf); -+# define EVP_KDF_name EVP_KDF_get0_name - const OSSL_PROVIDER *EVP_KDF_get0_provider(const EVP_KDF *kdf); -+# define EVP_KDF_provider EVP_KDF_get0_provider - const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx); - - void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx); -diff -up openssl-3.0.0-beta1/include/openssl/provider.h.dual-abi openssl-3.0.0-beta1/include/openssl/provider.h ---- openssl-3.0.0-beta1/include/openssl/provider.h.dual-abi 2021-07-02 13:53:27.941487991 +0200 -+++ openssl-3.0.0-beta1/include/openssl/provider.h 2021-07-02 13:54:12.265889498 +0200 -@@ -52,6 +52,7 @@ int OSSL_PROVIDER_add_builtin(OSSL_LIB_C - - /* Information */ - const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov); -+# define OSSL_PROVIDER_name OSSL_PROVIDER_get0_name - - # ifdef __cplusplus - } -diff -up openssl-3.0.0-beta1/include/openssl/store.h.dual-abi openssl-3.0.0-beta1/include/openssl/store.h ---- openssl-3.0.0-beta1/include/openssl/store.h.dual-abi 2021-07-02 13:54:41.990088355 +0200 -+++ openssl-3.0.0-beta1/include/openssl/store.h 2021-07-02 13:56:05.817649168 +0200 -@@ -260,8 +260,11 @@ int OSSL_STORE_LOADER_up_ref(OSSL_STORE_ - void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader); - const OSSL_PROVIDER *OSSL_STORE_LOADER_get0_provider(const OSSL_STORE_LOADER * - loader); -+# define OSSL_STORE_LOADER_provider OSSL_STORE_LOADER_get0_provider - const char *OSSL_STORE_LOADER_get0_properties(const OSSL_STORE_LOADER *loader); -+# define OSSL_STORE_LOADER_properties OSSL_STORE_LOADER_get0_properties - const char *OSSL_STORE_LOADER_get0_description(const OSSL_STORE_LOADER *loader); -+# define OSSL_STORE_LOADER_description OSSL_STORE_LOADER_get0_description - int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, - const char *scheme); - void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx, diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c --- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-12 23:22:43.652838373 +0200 +++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-12 23:40:46.085974883 +0200 @@ -1158,17 +934,6 @@ diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-be int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader) { int ref = 0; -diff -up openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi openssl-3.0.0-beta1/include/openssl/evp.h ---- openssl-3.0.0-beta1/include/openssl/evp.h.dual-abi 2021-07-13 10:36:25.622755098 +0200 -+++ openssl-3.0.0-beta1/include/openssl/evp.h 2021-07-13 10:36:43.680926345 +0200 -@@ -1394,6 +1394,7 @@ int EVP_PKEY_up_ref(EVP_PKEY *pkey); - EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey); - void EVP_PKEY_free(EVP_PKEY *pkey); - const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey); -+#define EVP_PKEY_description EVP_PKEY_get0_description - - EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, - long length); diff -up openssl-3.0.0-beta1/crypto/http/http_client.c.dual-abi openssl-3.0.0-beta1/crypto/http/http_client.c --- openssl-3.0.0-beta1/crypto/http/http_client.c.dual-abi 2021-07-13 22:47:01.463713204 +0200 +++ openssl-3.0.0-beta1/crypto/http/http_client.c 2021-07-13 22:46:32.064435146 +0200 @@ -1319,3 +1084,208 @@ diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/uti OSSL_STORE_LOADER_properties ? 3_0_0 EXIST::FUNCTION: OSSL_STORE_LOADER_provider ? 3_0_0 EXIST::FUNCTION: -OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: +diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-17 22:00:59.773016162 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-17 22:02:15.768898376 +0200 +@@ -38,6 +38,9 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define OSSL_DECODER_provider OSSL_DECODER_get0_provider ++#define OSSL_DECODER_properties OSSL_DECODER_get0_properties ++#define OSSL_DECODER_description OSSL_DECODER_get0_description + /* Simple method structure constructor and destructor */ + static OSSL_DECODER *ossl_decoder_new(void) + { +diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c +--- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-17 22:11:45.414684273 +0200 ++++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-17 22:13:31.863953270 +0200 +@@ -38,6 +38,10 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define OSSL_ENCODER_provider OSSL_ENCODER_get0_provider ++#define OSSL_ENCODER_properties OSSL_ENCODER_get0_properties ++#define OSSL_ENCODER_description OSSL_ENCODER_get0_description ++ + /* Simple method structure constructor and destructor */ + static OSSL_ENCODER *ossl_encoder_new(void) + { +diff -up openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi openssl-3.0.0-beta1/crypto/evp/asymcipher.c +--- openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi 2021-07-17 22:41:57.601106537 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/asymcipher.c 2021-07-17 22:43:21.232142660 +0200 +@@ -32,6 +32,10 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define EVP_ASYM_CIPHER_provider EVP_ASYM_CIPHER_get0_provider ++#define EVP_ASYM_CIPHER_name EVP_ASYM_CIPHER_get0_name ++#define EVP_ASYM_CIPHER_description EVP_ASYM_CIPHER_get0_description ++ + static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation, + const OSSL_PARAM params[]) + { +diff -up openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_lib.c +--- openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi 2021-07-17 22:24:40.140969959 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/evp_lib.c 2021-07-17 22:25:50.977834241 +0200 +@@ -43,6 +43,10 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define EVP_MD_description EVP_MD_get0_description ++#define EVP_MD_provider EVP_MD_get0_provider ++#define EVP_CIPHER_description EVP_CIPHER_get0_description ++#define EVP_CIPHER_provider EVP_CIPHER_get0_provider + + #if !defined(FIPS_MODULE) + +diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c +--- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-17 22:29:25.742454581 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-17 22:33:36.158699400 +0200 +@@ -41,6 +41,12 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define EVP_RAND_name EVP_RAND_get0_name ++#define EVP_RAND_description EVP_RAND_get0_description ++#define EVP_RAND_provider EVP_RAND_get0_provider ++#define EVP_RAND_CTX_rand EVP_RAND_CTX_get0_rand ++#define EVP_RAND_strength EVP_RAND_get_strength ++#define EVP_RAND_state EVP_RAND_get_state + + struct evp_rand_st { + OSSL_PROVIDER *prov; +diff -up openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kdf_lib.c +--- openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi 2021-07-19 11:05:37.011176112 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/kdf_lib.c 2021-07-19 11:07:00.979312903 +0200 +@@ -38,6 +38,10 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define EVP_KDF_description EVP_KDF_get0_description ++#define EVP_KDF_name EVP_KDF_get0_name ++#define EVP_KDF_provider EVP_KDF_get0_provider ++ + EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) + { + EVP_KDF_CTX *ctx = NULL; +diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kem.c +--- openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi 2021-07-17 22:43:48.398479226 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/kem.c 2021-07-17 22:57:43.456546917 +0200 +@@ -32,6 +32,10 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define EVP_KEM_provider EVP_KEM_get0_provider ++#define EVP_KEM_name EVP_KEM_get0_name ++#define EVP_KEM_description EVP_KEM_get0_description ++ + static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation, + const OSSL_PARAM params[]) + { +diff -up openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c +--- openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi 2021-07-17 22:37:22.080738360 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c 2021-07-17 22:39:05.847978640 +0200 +@@ -32,6 +32,10 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define EVP_KEYMGMT_provider EVP_KEYMGMT_get0_provider ++#define EVP_KEYMGMT_name EVP_KEYMGMT_get0_name ++#define EVP_KEYMGMT_description EVP_KEYMGMT_get0_description ++ + static void *keymgmt_new(void) + { + EVP_KEYMGMT *keymgmt = NULL; +diff -up openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_lib.c +--- openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi 2021-07-17 22:26:15.364131776 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/mac_lib.c 2021-07-17 22:29:32.718539694 +0200 +@@ -34,6 +34,10 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define EVP_MAC_name EVP_MAC_get0_name ++#define EVP_MAC_description EVP_MAC_get0_description ++# define EVP_MAC_CTX_mac EVP_MAC_CTX_get0_mac ++ + EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac) + { + EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX)); +diff -up openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_meth.c +--- openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi 2021-07-17 22:27:04.406730147 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/mac_meth.c 2021-07-17 22:30:30.482255830 +0200 +@@ -22,6 +22,8 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++# define EVP_MAC_provider EVP_MAC_get0_provider ++ + static int evp_mac_up_ref(void *vmac) + { + EVP_MAC *mac = vmac; +diff -up openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi openssl-3.0.0-beta1/crypto/evp/signature.c +--- openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi 2021-07-17 22:40:02.942686000 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/signature.c 2021-07-17 22:41:27.180729654 +0200 +@@ -33,6 +33,10 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define EVP_SIGNATURE_provider EVP_SIGNATURE_get0_provider ++#define EVP_SIGNATURE_name EVP_SIGNATURE_get0_name ++#define EVP_SIGNATURE_description EVP_SIGNATURE_get0_description ++ + static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov) + { + EVP_SIGNATURE *signature = OPENSSL_zalloc(sizeof(EVP_SIGNATURE)); +diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/crypto/provider.c +--- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-19 11:07:31.301723423 +0200 ++++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-19 11:08:09.354238585 +0200 +@@ -28,6 +28,8 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define OSSL_PROVIDER_name OSSL_PROVIDER_get0_name ++ + OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name, + int retain_fallbacks) + { +diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-beta1/crypto/store/store_meth.c +--- openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi 2021-07-19 11:09:38.398444097 +0200 ++++ openssl-3.0.0-beta1/crypto/store/store_meth.c 2021-07-19 12:35:14.153417504 +0200 +@@ -30,6 +30,10 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define OSSL_STORE_LOADER_provider OSSL_STORE_LOADER_get0_provider ++#define OSSL_STORE_LOADER_properties OSSL_STORE_LOADER_get0_properties ++#define OSSL_STORE_LOADER_description OSSL_STORE_LOADER_get0_description ++ + int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader) + { + int ref = 0; +diff -up openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi openssl-3.0.0-beta1/crypto/evp/exchange.c +--- openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi 2021-07-19 12:53:41.708859841 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/exchange.c 2021-07-19 12:54:27.782435636 +0200 +@@ -32,6 +32,10 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define EVP_KEYEXCH_provider EVP_KEYEXCH_get0_provider ++#define EVP_KEYEXCH_name EVP_KEYEXCH_get0_name ++#define EVP_KEYEXCH_description EVP_KEYEXCH_get0_description ++ + static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov) + { + EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH)); +diff -up openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/p_lib.c +--- openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi 2021-07-19 13:07:31.799790073 +0200 ++++ openssl-3.0.0-beta1/crypto/evp/p_lib.c 2021-07-19 13:08:23.334480304 +0200 +@@ -64,6 +64,8 @@ + #define RHEL_ALIAS1(old_id) \ + RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) + ++#define EVP_PKEY_description EVP_PKEY_get0_description ++ + static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, + int len, EVP_KEYMGMT *keymgmt); + static void evp_pkey_free_it(EVP_PKEY *key); diff --git a/openssl.spec b/openssl.spec index cb3d4f3..106dff4 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta1.2%{?dist} +Release: 0.beta1.3%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -380,6 +380,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Mon Jul 19 2021 Sahana Prasad 3.0.0-0.beta1.3 +- Update patch dual-abi.patch to add the #define macros in implementation + files instead of public header files + * Wed Jul 14 2021 Sahana Prasad 3.0.0-0.beta1.2 - Removes unused patch dual-abi.patch From e3d0ba4f1edef1ce5caf08130f179c5491ccf3c8 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Wed, 21 Jul 2021 14:37:35 +0200 Subject: [PATCH 25/41] NVR Bump to Update to OpenSSL 3.0 Beta1 version Related: rhbz#1903209 Signed-off-by: Sahana Prasad --- openssl.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/openssl.spec b/openssl.spec index 106dff4..4e0dbab 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta1.3%{?dist} +Release: 0.beta1.4%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -380,6 +380,9 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Wed Jul 21 2021 Sahana Prasad 3.0.0-0.beta1.4 +- NVR bump to update to OpenSSL 3.0 Beta1 + * Mon Jul 19 2021 Sahana Prasad 3.0.0-0.beta1.3 - Update patch dual-abi.patch to add the #define macros in implementation files instead of public header files From b7c6b85c955d93cf9c5e309dc1ff14adc97e3da9 Mon Sep 17 00:00:00 2001 From: Aleksandra Fedorova Date: Thu, 15 Jul 2021 09:15:42 +0200 Subject: [PATCH 26/41] Add RHEL gating configuration --- gating.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 gating.yaml diff --git a/gating.yaml b/gating.yaml new file mode 100644 index 0000000..3b0dbc9 --- /dev/null +++ b/gating.yaml @@ -0,0 +1,9 @@ +--- !Policy +product_versions: + - rhel-9 +decision_context: osci_compose_gate +rules: + - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} + - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional} + - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.userspace-fips-mode.functional} + - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation} From 0b6afca185c2c3a0c6201efd6865f3ed62444103 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Thu, 22 Jul 2021 15:38:17 +0200 Subject: [PATCH 27/41] - Prevents creation of duplicate cert entries in PKCS #12 files Resolves: rhbz#1978670 Signed-off-by: Sahana Prasad --- 0020-no-dup-cert-entries.patch | 75 ++++++++++++++++++++++++++++++++++ openssl.spec | 8 +++- 2 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 0020-no-dup-cert-entries.patch diff --git a/0020-no-dup-cert-entries.patch b/0020-no-dup-cert-entries.patch new file mode 100644 index 0000000..792a1ae --- /dev/null +++ b/0020-no-dup-cert-entries.patch @@ -0,0 +1,75 @@ +diff -up openssl-3.0.0-beta1/apps/pkcs12.c.dup-pkcs12 openssl-3.0.0-beta1/apps/pkcs12.c +--- openssl-3.0.0-beta1/apps/pkcs12.c.dup-pkcs12 2021-07-22 14:59:14.777544688 +0200 ++++ openssl-3.0.0-beta1/apps/pkcs12.c 2021-07-22 15:06:04.768908265 +0200 +@@ -571,8 +571,6 @@ int pkcs12_main(int argc, char **argv) + infile); + goto export_end; + } +- } else { +- ee_cert = X509_dup(sk_X509_value(certs, 0)); /* take 1st cert */ + } + } + +@@ -588,8 +586,13 @@ int pkcs12_main(int argc, char **argv) + int vret; + STACK_OF(X509) *chain2; + X509_STORE *store; ++ X509 *ee_cert_tmp = ee_cert; + +- if (ee_cert == NULL) { ++ /* Assume the first cert if we haven't got anything else */ ++ if (ee_cert_tmp == NULL && certs != NULL) ++ ee_cert_tmp = sk_X509_value(certs, 0); ++ ++ if (ee_cert_tmp == NULL) { + BIO_printf(bio_err, + "No end entity certificate to check with -chain\n"); + goto export_end; +@@ -600,7 +603,7 @@ int pkcs12_main(int argc, char **argv) + == NULL) + goto export_end; + +- vret = get_cert_chain(ee_cert, store, untrusted_certs, &chain2); ++ vret = get_cert_chain(ee_cert_tmp, store, untrusted_certs, &chain2); + X509_STORE_free(store); + + if (vret == X509_V_OK) { +diff -up openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t.dup-pkcs12 openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t +--- openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t.dup-pkcs12 2021-07-22 15:06:22.715077291 +0200 ++++ openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t 2021-07-22 15:17:52.250559784 +0200 +@@ -54,7 +54,7 @@ if (eval { require Win32::API; 1; }) { + } + $ENV{OPENSSL_WIN32_UTF8}=1; + +-plan tests => 7; ++plan tests => 10; + + # Test different PKCS#12 formats + ok(run(test(["pkcs12_format_test"])), "test pkcs12 formats"); +@@ -73,6 +73,7 @@ my @path = qw(test certs); + my $outfile1 = "out1.p12"; + my $outfile2 = "out2.p12"; + my $outfile3 = "out3.p12"; ++my $outfile5 = "out5.p12"; + + # Test the -chain option with -untrusted + ok(run(app(["openssl", "pkcs12", "-export", "-chain", +@@ -108,4 +109,18 @@ SKIP: { + "test_pkcs12_passcerts_legacy"); + } + ++ok(run(app(["openssl", "pkcs12", "-export", "-out", $outfile5, ++ "-in", srctop_file(@path, "ee-cert.pem"), "-caname", "testname", ++ "-nokeys", "-passout", "pass:", "-certpbe", "NONE"])), ++ "test nokeys single cert"); ++ ++my @pkcs12info = run(app(["openssl", "pkcs12", "-info", "-in", $outfile5, ++ "-passin", "pass:"]), capture => 1); ++ ++# Test that with one input certificate, we get one output certificate ++ok(grep(/subject=CN = server.example/, @pkcs12info) == 1, ++ "test one cert in output"); ++# Test that the expected friendly name is present in the output ++ok(grep(/testname/, @pkcs12info) == 1, "test friendly name in output"); ++ + SetConsoleOutputCP($savedcp) if (defined($savedcp)); diff --git a/openssl.spec b/openssl.spec index 4e0dbab..6d146a5 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta1.4%{?dist} +Release: 0.beta1.5%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -58,6 +58,8 @@ Patch17: 0017-use-AI-ADDRCONFIG-explicit-hostname.patch Patch18: 0018-Fix-crash-BN_lebin2bn.patch # Temporary dual-ABI build patch Patch19: 0019-dual-abi.patch +# Prevents creation of duplicate cert entries in PKCS #12 files +Patch20: 0020-no-dup-cert-entries.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -380,6 +382,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Thu Jul 22 2021 Sahana Prasad 3.0.0-0.beta1.5 +- Prevents creation of duplicate cert entries in PKCS #12 files +- Resolves: rhbz#1978670 + * Wed Jul 21 2021 Sahana Prasad 3.0.0-0.beta1.4 - NVR bump to update to OpenSSL 3.0 Beta1 From fe7445d93d4d0e2095fe9035db7faaa00d65858b Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Tue, 3 Aug 2021 15:03:00 +0200 Subject: [PATCH 28/41] Rebase to upstream version beta2 Related: rhbz#1903209 Signed-off-by: Sahana Prasad --- ...PROFILE-SYSTEM-system-default-cipher.patch | 6 +- ...-use-AI-ADDRCONFIG-explicit-hostname.patch | 12 - 0018-Fix-crash-BN_lebin2bn.patch | 12 - 0019-dual-abi.patch | 478 +++++++++--------- 0020-no-dup-cert-entries.patch | 75 --- openssl.spec | 14 +- sources | 2 +- 7 files changed, 246 insertions(+), 353 deletions(-) delete mode 100644 0017-use-AI-ADDRCONFIG-explicit-hostname.patch delete mode 100644 0018-Fix-crash-BN_lebin2bn.patch delete mode 100644 0020-no-dup-cert-entries.patch diff --git a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch index 08c7125..9ad572d 100644 --- a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +++ b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch @@ -280,9 +280,9 @@ index 404a706fab..e81fa9ec3e 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION: - ASN1_item_d2i_bio_ex ? 3_0_0 EXIST::FUNCTION: - ASN1_item_d2i_ex ? 3_0_0 EXIST::FUNCTION: - ASN1_TIME_print_ex ? 3_0_0 EXIST::FUNCTION: + ASN1_TIME_print_ex 5553 3_0_0 EXIST::FUNCTION: + EVP_PKEY_get0_provider 5554 3_0_0 EXIST::FUNCTION: + EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION: +ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: -- 2.26.2 diff --git a/0017-use-AI-ADDRCONFIG-explicit-hostname.patch b/0017-use-AI-ADDRCONFIG-explicit-hostname.patch deleted file mode 100644 index f4152ce..0000000 --- a/0017-use-AI-ADDRCONFIG-explicit-hostname.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openssl-3.0.0-alpha16/crypto/bio/bio_addr.c.use-explicit openssl-3.0.0-alpha16/crypto/bio/bio_addr.c ---- openssl-3.0.0-alpha16/crypto/bio/bio_addr.c.use-explicit 2021-07-06 14:06:05.706578389 +0200 -+++ openssl-3.0.0-alpha16/crypto/bio/bio_addr.c 2021-07-06 14:07:24.482329505 +0200 -@@ -696,7 +696,7 @@ int BIO_lookup_ex(const char *host, cons - hints.ai_protocol = protocol; - # ifdef AI_ADDRCONFIG - # ifdef AF_UNSPEC -- if (family == AF_UNSPEC) -+ if (host != NULL && family == AF_UNSPEC) - # endif - hints.ai_flags |= AI_ADDRCONFIG; - # endif diff --git a/0018-Fix-crash-BN_lebin2bn.patch b/0018-Fix-crash-BN_lebin2bn.patch deleted file mode 100644 index 375c960..0000000 --- a/0018-Fix-crash-BN_lebin2bn.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up openssl-3.0.0-alpha16/apps/x509.c.segfault-bn openssl-3.0.0-alpha16/apps/x509.c ---- openssl-3.0.0-alpha16/apps/x509.c.segfault-bn 2021-07-06 22:12:37.021406952 +0200 -+++ openssl-3.0.0-alpha16/apps/x509.c 2021-07-06 22:13:40.540996922 +0200 -@@ -934,7 +934,7 @@ int x509_main(int argc, char **argv) - } else if (i == modulus) { - BIO_printf(out, "Modulus="); - if (EVP_PKEY_is_a(pkey, "RSA")) { -- BIGNUM *n; -+ BIGNUM *n = NULL; - - /* Every RSA key has an 'n' */ - EVP_PKEY_get_bn_param(pkey, "n", &n); diff --git a/0019-dual-abi.patch b/0019-dual-abi.patch index 9c9f41f..84a41e5 100644 --- a/0019-dual-abi.patch +++ b/0019-dual-abi.patch @@ -251,231 +251,6 @@ diff -up openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi openssl-3.0.0-beta void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_ASYM_CIPHER *cipher, -diff -up openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_lib.c ---- openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi 2021-07-13 01:10:08.970210463 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/evp_lib.c 2021-07-13 01:10:20.596324598 +0200 -@@ -31,6 +31,21 @@ - #include "crypto/asn1.h" - #include "internal/provider.h" - #include "evp_local.h" -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - - #if !defined(FIPS_MODULE) - -@@ -337,6 +352,7 @@ int EVP_CIPHER_get_type(const EVP_CIPHER - #endif - } - } -+RHEL_ALIAS1(EVP_CIPHER_type); - - int evp_cipher_cache_constants(EVP_CIPHER *cipher) - { -@@ -389,11 +405,13 @@ int EVP_CIPHER_get_block_size(const EVP_ - { - return cipher->block_size; - } -+RHEL_ALIAS1(EVP_CIPHER_block_size); - - int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx) - { - return EVP_CIPHER_get_block_size(ctx->cipher); - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_block_size); - - int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e) - { -@@ -466,11 +484,13 @@ int EVP_CIPHER_CTX_is_encrypting(const E - { - return ctx->encrypt; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_encrypting); - - unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher) - { - return cipher->flags; - } -+RHEL_ALIAS1(EVP_CIPHER_flags); - - void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) - { -@@ -501,6 +521,7 @@ int EVP_CIPHER_get_iv_length(const EVP_C - { - return cipher->iv_len; - } -+RHEL_ALIAS1(EVP_CIPHER_iv_length); - - int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx) - { -@@ -522,6 +543,7 @@ legacy: - } - return len; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_iv_length); - - int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx) - { -@@ -533,6 +555,7 @@ int EVP_CIPHER_CTX_get_tag_length(const - ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); - return ret == 1 ? (int)v : 0; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_tag_length); - - #ifndef OPENSSL_NO_DEPRECATED_3_0 - const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx) -@@ -615,6 +638,7 @@ int EVP_CIPHER_CTX_get_num(const EVP_CIP - - return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_num); - - int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num) - { -@@ -634,6 +658,7 @@ int EVP_CIPHER_get_key_length(const EVP_ - { - return cipher->key_len; - } -+RHEL_ALIAS1(EVP_CIPHER_key_length); - - int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx) - { -@@ -646,16 +671,19 @@ int EVP_CIPHER_CTX_get_key_length(const - - return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_key_length); - - int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher) - { - return cipher->nid; - } -+RHEL_ALIAS1(EVP_CIPHER_nid); - - int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx) - { - return ctx->cipher->nid; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_nid); - - int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name) - { -@@ -679,6 +707,7 @@ const char *EVP_CIPHER_get0_name(const E - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_CIPHER_name); - - const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher) - { -@@ -690,6 +719,7 @@ const char *EVP_CIPHER_get0_description( - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_CIPHER_description); - - int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, - void (*fn)(const char *name, void *data), -@@ -705,11 +735,13 @@ const OSSL_PROVIDER *EVP_CIPHER_get0_pro - { - return cipher->prov; - } -+RHEL_ALIAS1(EVP_CIPHER_provider); - - int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher) - { - return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE; - } -+RHEL_ALIAS1(EVP_CIPHER_mode); - - int EVP_MD_is_a(const EVP_MD *md, const char *name) - { -@@ -733,6 +765,7 @@ const char *EVP_MD_get0_description(cons - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_MD_description); - - const char *EVP_MD_get0_name(const EVP_MD *md) - { -@@ -746,6 +779,7 @@ const char *EVP_MD_get0_name(const EVP_M - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_MD_name); - - int EVP_MD_names_do_all(const EVP_MD *md, - void (*fn)(const char *name, void *data), -@@ -761,16 +795,19 @@ const OSSL_PROVIDER *EVP_MD_get0_provide - { - return md->prov; - } -+RHEL_ALIAS1(EVP_MD_provider); - - int EVP_MD_get_type(const EVP_MD *md) - { - return md->type; - } -+RHEL_ALIAS1(EVP_MD_type); - - int EVP_MD_get_pkey_type(const EVP_MD *md) - { - return md->pkey_type; - } -+RHEL_ALIAS1(EVP_MD_pkey_type); - - int EVP_MD_get_block_size(const EVP_MD *md) - { -@@ -780,6 +817,7 @@ int EVP_MD_get_block_size(const EVP_MD * - } - return md->block_size; - } -+RHEL_ALIAS1(EVP_MD_block_size); - - int EVP_MD_get_size(const EVP_MD *md) - { -@@ -789,11 +827,13 @@ int EVP_MD_get_size(const EVP_MD *md) - } - return md->md_size; - } -+RHEL_ALIAS1(EVP_MD_size); - - unsigned long EVP_MD_get_flags(const EVP_MD *md) - { - return md->flags; - } -+RHEL_ALIAS1(EVP_MD_flags); - - EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type) - { -@@ -1007,6 +1047,7 @@ EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(co - { - return ctx->pctx; - } -+RHEL_ALIAS1(EVP_MD_CTX_pkey_ctx); - - #if !defined(FIPS_MODULE) - void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx) -@@ -1033,6 +1074,7 @@ void *EVP_MD_CTX_get0_md_data(const EVP_ - { - return ctx->md_data; - } -+RHEL_ALIAS1(EVP_MD_CTX_md_data); - - int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, - const void *data, size_t count) diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c --- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-13 00:54:33.231325700 +0200 +++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-13 00:57:22.596922955 +0200 @@ -975,8 +750,8 @@ diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/uti --- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-13 23:38:25.166562563 +0200 +++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-13 23:40:38.622939932 +0200 @@ -5414,3 +5414,76 @@ ASN1_item_d2i_bio_ex - ASN1_item_d2i_ex ? 3_0_0 EXIST::FUNCTION: - ASN1_TIME_print_ex ? 3_0_0 EXIST::FUNCTION: + EVP_PKEY_get0_provider 5554 3_0_0 EXIST::FUNCTION: + EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION: ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: +EVP_ASYM_CIPHER_description ? 3_0_0 EXIST::FUNCTION: +EVP_ASYM_CIPHER_name ? 3_0_0 EXIST::FUNCTION: @@ -1055,8 +830,8 @@ diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/cryp --- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-14 00:37:49.301207962 +0200 +++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-14 00:39:34.796200433 +0200 @@ -13,6 +13,21 @@ - #include #include "internal/provider.h" + #include "provider_local.h" +/* Macro machinery. */ + @@ -1125,20 +900,6 @@ diff -up openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi openssl-3.0.0-beta static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation, const OSSL_PARAM params[]) { -diff -up openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_lib.c ---- openssl-3.0.0-beta1/crypto/evp/evp_lib.c.dual-abi 2021-07-17 22:24:40.140969959 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/evp_lib.c 2021-07-17 22:25:50.977834241 +0200 -@@ -43,6 +43,10 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define EVP_MD_description EVP_MD_get0_description -+#define EVP_MD_provider EVP_MD_get0_provider -+#define EVP_CIPHER_description EVP_CIPHER_get0_description -+#define EVP_CIPHER_provider EVP_CIPHER_get0_provider - - #if !defined(FIPS_MODULE) - diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c --- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-17 22:29:25.742454581 +0200 +++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-17 22:33:36.158699400 +0200 @@ -1289,3 +1050,236 @@ diff -up openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi openssl-3.0.0-beta1/cry static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, int len, EVP_KEYMGMT *keymgmt); static void evp_pkey_free_it(EVP_PKEY *key); +diff -up openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta2/crypto/evp/evp_lib.c +--- openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi 2021-08-03 12:50:08.359814508 +0200 ++++ openssl-3.0.0-beta2/crypto/evp/evp_lib.c 2021-08-03 12:55:14.025810602 +0200 +@@ -28,6 +28,26 @@ + #include "internal/provider.h" + #include "evp_local.h" + ++/* Macro machinery. */ ++ ++/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C ++ * identifier). The controlling C identifier symbol is ALIAS_ID (a C ++ * identifier). */ ++#define RHEL_ALIAS3(alias_id, new_id, old_string) \ ++ extern __typeof(new_id) alias_id \ ++ __asm__ (old_string) \ ++ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) ++ ++/* Defines an alias using OLD_ID, which must be an macro identifier ++ * that expands to the new identifier. */ ++#define RHEL_ALIAS1(old_id) \ ++ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) ++ ++#define EVP_MD_description EVP_MD_get0_description ++#define EVP_MD_provider EVP_MD_get0_provider ++#define EVP_CIPHER_description EVP_CIPHER_get0_description ++#define EVP_CIPHER_provider EVP_CIPHER_get0_provider ++ + #if !defined(FIPS_MODULE) + # include "crypto/asn1.h" + +diff -up openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta2/crypto/evp/evp_lib.c +--- openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi 2021-08-03 13:11:46.436671855 +0200 ++++ openssl-3.0.0-beta2/crypto/evp/evp_lib.c 2021-08-03 13:31:36.873461438 +0200 +@@ -337,6 +337,7 @@ int EVP_CIPHER_get_type(const EVP_CIPHER + #endif + } + } ++RHEL_ALIAS1(EVP_CIPHER_type); + + int evp_cipher_cache_constants(EVP_CIPHER *cipher) + { +@@ -389,11 +390,13 @@ int EVP_CIPHER_get_block_size(const EVP_ + { + return cipher->block_size; + } ++RHEL_ALIAS1(EVP_CIPHER_block_size); + + int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx) + { + return EVP_CIPHER_get_block_size(ctx->cipher); + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_block_size); + + int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e) + { +@@ -466,11 +469,13 @@ int EVP_CIPHER_CTX_is_encrypting(const E + { + return ctx->encrypt; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_encrypting); + + unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher) + { + return cipher->flags; + } ++RHEL_ALIAS1(EVP_CIPHER_flags); + + void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) + { +@@ -501,6 +506,7 @@ int EVP_CIPHER_get_iv_length(const EVP_C + { + return cipher->iv_len; + } ++RHEL_ALIAS1(EVP_CIPHER_iv_length); + + int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx) + { +@@ -522,6 +543,7 @@ legacy: + } + return len; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_iv_length); + + int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx) + { +@@ -533,6 +539,7 @@ int EVP_CIPHER_CTX_get_tag_length(const + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); + return ret == 1 ? (int)v : 0; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_tag_length); + + #ifndef OPENSSL_NO_DEPRECATED_3_0 + const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx) +@@ -615,6 +622,7 @@ int EVP_CIPHER_CTX_get_num(const EVP_CIP + + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_num); + + int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num) + { +@@ -634,6 +642,7 @@ int EVP_CIPHER_get_key_length(const EVP_ + { + return cipher->key_len; + } ++RHEL_ALIAS1(EVP_CIPHER_key_length); + + int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx) + { +@@ -646,16 +655,19 @@ int EVP_CIPHER_CTX_get_key_length(const + + return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_key_length); + + int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher) + { + return cipher->nid; + } ++RHEL_ALIAS1(EVP_CIPHER_nid); + + int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher->nid; + } ++RHEL_ALIAS1(EVP_CIPHER_CTX_nid); + + int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name) + { +@@ -679,6 +691,7 @@ const char *EVP_CIPHER_get0_name(const E + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_CIPHER_name); + + const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher) + { +@@ -690,6 +703,7 @@ const char *EVP_CIPHER_get0_description( + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_CIPHER_description); + + int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, + void (*fn)(const char *name, void *data), +@@ -705,11 +719,13 @@ const OSSL_PROVIDER *EVP_CIPHER_get0_pro + { + return cipher->prov; + } ++RHEL_ALIAS1(EVP_CIPHER_provider); + + int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher) + { + return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE; + } ++RHEL_ALIAS1(EVP_CIPHER_mode); + + int EVP_MD_is_a(const EVP_MD *md, const char *name) + { +@@ -733,6 +749,7 @@ const char *EVP_MD_get0_description(cons + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_MD_description); + + const char *EVP_MD_get0_name(const EVP_MD *md) + { +@@ -746,6 +763,7 @@ const char *EVP_MD_get0_name(const EVP_M + return NULL; + #endif + } ++RHEL_ALIAS1(EVP_MD_name); + + int EVP_MD_names_do_all(const EVP_MD *md, + void (*fn)(const char *name, void *data), +@@ -761,16 +779,19 @@ const OSSL_PROVIDER *EVP_MD_get0_provide + { + return md->prov; + } ++RHEL_ALIAS1(EVP_MD_provider); + + int EVP_MD_get_type(const EVP_MD *md) + { + return md->type; + } ++RHEL_ALIAS1(EVP_MD_type); + + int EVP_MD_get_pkey_type(const EVP_MD *md) + { + return md->pkey_type; + } ++RHEL_ALIAS1(EVP_MD_pkey_type); + + int EVP_MD_get_block_size(const EVP_MD *md) + { +@@ -780,6 +801,7 @@ int EVP_MD_get_block_size(const EVP_MD * + } + return md->block_size; + } ++RHEL_ALIAS1(EVP_MD_block_size); + + int EVP_MD_get_size(const EVP_MD *md) + { +@@ -789,11 +811,13 @@ int EVP_MD_get_size(const EVP_MD *md) + } + return md->md_size; + } ++RHEL_ALIAS1(EVP_MD_size); + + unsigned long EVP_MD_get_flags(const EVP_MD *md) + { + return md->flags; + } ++RHEL_ALIAS1(EVP_MD_flags); + + EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type) + { +@@ -1008,6 +1032,7 @@ EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(co + { + return ctx->pctx; + } ++RHEL_ALIAS1(EVP_MD_CTX_pkey_ctx); + + #if !defined(FIPS_MODULE) + void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx) +@@ -1034,6 +1059,7 @@ void *EVP_MD_CTX_get0_md_data(const EVP_ + { + return ctx->md_data; + } ++RHEL_ALIAS1(EVP_MD_CTX_md_data); + + int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, + const void *data, size_t count) diff --git a/0020-no-dup-cert-entries.patch b/0020-no-dup-cert-entries.patch deleted file mode 100644 index 792a1ae..0000000 --- a/0020-no-dup-cert-entries.patch +++ /dev/null @@ -1,75 +0,0 @@ -diff -up openssl-3.0.0-beta1/apps/pkcs12.c.dup-pkcs12 openssl-3.0.0-beta1/apps/pkcs12.c ---- openssl-3.0.0-beta1/apps/pkcs12.c.dup-pkcs12 2021-07-22 14:59:14.777544688 +0200 -+++ openssl-3.0.0-beta1/apps/pkcs12.c 2021-07-22 15:06:04.768908265 +0200 -@@ -571,8 +571,6 @@ int pkcs12_main(int argc, char **argv) - infile); - goto export_end; - } -- } else { -- ee_cert = X509_dup(sk_X509_value(certs, 0)); /* take 1st cert */ - } - } - -@@ -588,8 +586,13 @@ int pkcs12_main(int argc, char **argv) - int vret; - STACK_OF(X509) *chain2; - X509_STORE *store; -+ X509 *ee_cert_tmp = ee_cert; - -- if (ee_cert == NULL) { -+ /* Assume the first cert if we haven't got anything else */ -+ if (ee_cert_tmp == NULL && certs != NULL) -+ ee_cert_tmp = sk_X509_value(certs, 0); -+ -+ if (ee_cert_tmp == NULL) { - BIO_printf(bio_err, - "No end entity certificate to check with -chain\n"); - goto export_end; -@@ -600,7 +603,7 @@ int pkcs12_main(int argc, char **argv) - == NULL) - goto export_end; - -- vret = get_cert_chain(ee_cert, store, untrusted_certs, &chain2); -+ vret = get_cert_chain(ee_cert_tmp, store, untrusted_certs, &chain2); - X509_STORE_free(store); - - if (vret == X509_V_OK) { -diff -up openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t.dup-pkcs12 openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t ---- openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t.dup-pkcs12 2021-07-22 15:06:22.715077291 +0200 -+++ openssl-3.0.0-beta1/test/recipes/80-test_pkcs12.t 2021-07-22 15:17:52.250559784 +0200 -@@ -54,7 +54,7 @@ if (eval { require Win32::API; 1; }) { - } - $ENV{OPENSSL_WIN32_UTF8}=1; - --plan tests => 7; -+plan tests => 10; - - # Test different PKCS#12 formats - ok(run(test(["pkcs12_format_test"])), "test pkcs12 formats"); -@@ -73,6 +73,7 @@ my @path = qw(test certs); - my $outfile1 = "out1.p12"; - my $outfile2 = "out2.p12"; - my $outfile3 = "out3.p12"; -+my $outfile5 = "out5.p12"; - - # Test the -chain option with -untrusted - ok(run(app(["openssl", "pkcs12", "-export", "-chain", -@@ -108,4 +109,18 @@ SKIP: { - "test_pkcs12_passcerts_legacy"); - } - -+ok(run(app(["openssl", "pkcs12", "-export", "-out", $outfile5, -+ "-in", srctop_file(@path, "ee-cert.pem"), "-caname", "testname", -+ "-nokeys", "-passout", "pass:", "-certpbe", "NONE"])), -+ "test nokeys single cert"); -+ -+my @pkcs12info = run(app(["openssl", "pkcs12", "-info", "-in", $outfile5, -+ "-passin", "pass:"]), capture => 1); -+ -+# Test that with one input certificate, we get one output certificate -+ok(grep(/subject=CN = server.example/, @pkcs12info) == 1, -+ "test one cert in output"); -+# Test that the expected friendly name is present in the output -+ok(grep(/testname/, @pkcs12info) == 1, "test friendly name in output"); -+ - SetConsoleOutputCP($savedcp) if (defined($savedcp)); diff --git a/openssl.spec b/openssl.spec index 6d146a5..2f2642a 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta1.5%{?dist} +Release: 0.beta2.1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -52,14 +52,8 @@ Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch #Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch # remove unsupported EC curves Patch11: 0011-Remove-EC-curves.patch -# Use AI_ADDRCONFIG only when explicit host name is given -Patch17: 0017-use-AI-ADDRCONFIG-explicit-hostname.patch -# Fix segmentation fault in BN_lebin2bn() -Patch18: 0018-Fix-crash-BN_lebin2bn.patch # Temporary dual-ABI build patch Patch19: 0019-dual-abi.patch -# Prevents creation of duplicate cert entries in PKCS #12 files -Patch20: 0020-no-dup-cert-entries.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -115,7 +109,7 @@ package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit. %prep -%autosetup -S git -n %{name}-%{version}-beta1 +%autosetup -S git -n %{name}-%{version}-beta2 # The hobble_openssl is called here redundantly, just to be sure. # The tarball has already the sources removed. @@ -382,6 +376,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Tue Aug 03 2021 Sahana Prasad 3.0.0-0.beta2.1 +- Rebase to upstream version beta2 +- Related: rhbz#1903209 + * Thu Jul 22 2021 Sahana Prasad 3.0.0-0.beta1.5 - Prevents creation of duplicate cert entries in PKCS #12 files - Resolves: rhbz#1978670 diff --git a/sources b/sources index f255757..8b1e2d7 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-3.0.0-hobbled.tar.xz) = 05f3e01621be98e776061a86b8fec68bdafeac720c8f968b1c4fafc5f328839701d2ffd67d6bd695c3dbf67e3efb03b3c856ed046d751359bc89b867205b7fe9 +SHA512 (openssl-3.0.0-hobbled.tar.xz) = 096758a79680921d2b18929177d2ee43b7fb62fa30164a16ab1749b8349aac5e6e3d0761419b6c9f0a591c8991c133d142e56ab92f197d142649b58e66d876f7 From c5d8025ca8c9ccf7003aff1dce6e9bc00f11966f Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Wed, 4 Aug 2021 10:37:11 +0200 Subject: [PATCH 29/41] Remove tier 0 functional test from gating.yaml. These tests are removed from dist-git and are executed as tier1 or higher tests already. Signed-off-by: Sahana Prasad --- gating.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/gating.yaml b/gating.yaml index 3b0dbc9..e56bc9d 100644 --- a/gating.yaml +++ b/gating.yaml @@ -3,7 +3,6 @@ product_versions: - rhel-9 decision_context: osci_compose_gate rules: - - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional} - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.userspace-fips-mode.functional} - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation} From ecb6630fd3dd1a4a22d0f0dcc1c5fbf0c8d3a8cd Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Wed, 4 Aug 2021 15:55:01 +0200 Subject: [PATCH 30/41] When signature_algorithm extension is omitted, use more relevant alerts Resolves: rhbz#1965017 --- 0020-sigalgs-fix-alerts.patch | 22 ++++++++++++++++++++++ openssl.spec | 8 +++++++- 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 0020-sigalgs-fix-alerts.patch diff --git a/0020-sigalgs-fix-alerts.patch b/0020-sigalgs-fix-alerts.patch new file mode 100644 index 0000000..b1d571a --- /dev/null +++ b/0020-sigalgs-fix-alerts.patch @@ -0,0 +1,22 @@ +diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c +index 3579202c22..134c948bcb 100644 +--- a/ssl/t1_lib.c ++++ b/ssl/t1_lib.c +@@ -3302,7 +3302,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) + if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) { + if (!fatalerrs) + return 1; +- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ++ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, + SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); + return 0; + } +@@ -3317,7 +3317,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) + if (i == sent_sigslen) { + if (!fatalerrs) + return 1; +- SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, ++ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, + SSL_R_WRONG_SIGNATURE_TYPE); + return 0; + } diff --git a/openssl.spec b/openssl.spec index 2f2642a..5bb6f7d 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta2.1%{?dist} +Release: 0.beta2.2%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -54,6 +54,8 @@ Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch Patch11: 0011-Remove-EC-curves.patch # Temporary dual-ABI build patch Patch19: 0019-dual-abi.patch +# Update alerts according to #1965017 +Patch20: 0020-sigalgs-fix-alerts.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -376,6 +378,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Wed Aug 04 2021 Dmitry Belyavskiy - 3.0.0-0.beta2.2 +- When signature_algorithm extension is omitted, use more relevant alerts +- Resolves: rhbz#1965017 + * Tue Aug 03 2021 Sahana Prasad 3.0.0-0.beta2.1 - Rebase to upstream version beta2 - Related: rhbz#1903209 From 2862adca42d2b2287f50533798b087bd9e4f36c2 Mon Sep 17 00:00:00 2001 From: Mohan Boddu Date: Mon, 9 Aug 2021 22:44:21 +0000 Subject: [PATCH 31/41] Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 Signed-off-by: Mohan Boddu --- openssl.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/openssl.spec b/openssl.spec index 5bb6f7d..64e409d 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta2.2%{?dist} +Release: 0.beta2.2%{?dist}.1 Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -378,6 +378,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Mon Aug 09 2021 Mohan Boddu - 1:3.0.0-0.beta2.2.1 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + * Wed Aug 04 2021 Dmitry Belyavskiy - 3.0.0-0.beta2.2 - When signature_algorithm extension is omitted, use more relevant alerts - Resolves: rhbz#1965017 From 0c6f4a599c949a6ece9595915a9843818a6ef2d0 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Tue, 10 Aug 2021 16:52:53 +0200 Subject: [PATCH 32/41] - Fixes core dump in openssl req -modulus - Fixes 'openssl req' to not ask for password when non-encrypted private key is used - cms: Do not try to check binary format on stdin and -rctform fix - Resolves: rhbz#1988137, rhbz#1988468, rhbz#1988137 Signed-off-by: Sahana Prasad --- 0021-fix-core-dump-req.patch | 38 +++++++++++++++++++++++++++++ 0022-fix-openssl-req-password.patch | 33 +++++++++++++++++++++++++ 0023-cms-stdin.patch | 38 +++++++++++++++++++++++++++++ openssl.spec | 15 +++++++++++- 4 files changed, 123 insertions(+), 1 deletion(-) create mode 100644 0021-fix-core-dump-req.patch create mode 100644 0022-fix-openssl-req-password.patch create mode 100644 0023-cms-stdin.patch diff --git a/0021-fix-core-dump-req.patch b/0021-fix-core-dump-req.patch new file mode 100644 index 0000000..e4cf377 --- /dev/null +++ b/0021-fix-core-dump-req.patch @@ -0,0 +1,38 @@ +diff -up openssl-3.0.0-beta2/apps/req.c.req-segfault openssl-3.0.0-beta2/apps/req.c +--- openssl-3.0.0-beta2/apps/req.c.req-segfault 2021-08-10 16:24:58.784384336 +0200 ++++ openssl-3.0.0-beta2/apps/req.c 2021-08-10 16:26:38.347688172 +0200 +@@ -996,8 +996,8 @@ int req_main(int argc, char **argv) + if (EVP_PKEY_is_a(tpubkey, "RSA")) { + BIGNUM *n = NULL; + +- /* Every RSA key has an 'n' */ +- EVP_PKEY_get_bn_param(pkey, "n", &n); ++ if (!EVP_PKEY_get_bn_param(tpubkey, "n", &n)) ++ goto end; + BN_print(out, n); + BN_free(n); + } else { +diff -up openssl-3.0.0-beta2/test/recipes/25-test_req.t.req-segfault openssl-3.0.0-beta2/test/recipes/25-test_req.t +--- openssl-3.0.0-beta2/test/recipes/25-test_req.t.req-segfault 2021-08-10 16:26:53.305884053 +0200 ++++ openssl-3.0.0-beta2/test/recipes/25-test_req.t 2021-08-10 16:28:33.674221058 +0200 +@@ -78,7 +78,7 @@ subtest "generating alt certificate requ + + + subtest "generating certificate requests with RSA" => sub { +- plan tests => 7; ++ plan tests => 8; + + SKIP: { + skip "RSA is not supported by this OpenSSL build", 2 +@@ -105,6 +105,11 @@ subtest "generating certificate requests + + ok(run(app(["openssl", "req", + "-config", srctop_file("test", "test.cnf"), ++ "-modulus", "-in", "testreq-rsa.pem", "-noout"])), ++ "Printing a modulus of the request key"); ++ ++ ok(run(app(["openssl", "req", ++ "-config", srctop_file("test", "test.cnf"), + "-new", "-out", "testreq_withattrs_pem.pem", "-utf8", + "-key", srctop_file("test", "testrsa_withattrs.pem")])), + "Generating request from a key with extra attributes - PEM"); diff --git a/0022-fix-openssl-req-password.patch b/0022-fix-openssl-req-password.patch new file mode 100644 index 0000000..077b4c5 --- /dev/null +++ b/0022-fix-openssl-req-password.patch @@ -0,0 +1,33 @@ +diff -up openssl-3.0.0-beta2/apps/req.c.req-password openssl-3.0.0-beta2/apps/req.c +--- openssl-3.0.0-beta2/apps/req.c.req-password 2021-08-10 16:31:04.726233653 +0200 ++++ openssl-3.0.0-beta2/apps/req.c 2021-08-10 16:31:58.286947297 +0200 +@@ -686,7 +686,7 @@ int req_main(int argc, char **argv) + EVP_PKEY_CTX_free(genctx); + genctx = NULL; + } +- if (keyout == NULL) { ++ if (keyout == NULL && keyfile == NULL) { + keyout = NCONF_get_string(req_conf, section, KEYFILE); + if (keyout == NULL) + ERR_clear_error(); +diff -up openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in.req-password openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in +--- openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in.req-password 2021-08-10 16:32:21.863261416 +0200 ++++ openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in 2021-08-10 16:33:19.173025012 +0200 +@@ -205,11 +205,12 @@ See L for det + =item B<-keyout> I + + This gives the filename to write any private key to that has been newly created +-or read from B<-key>. +-If the B<-keyout> option is not given the filename specified in the +-configuration file with the B option is used, if present. +-If a new key is generated and no filename is specified +-the key is written to standard output. ++or read from B<-key>. If neither the B<-keyout> option nor the B<-key> option ++are given then the filename specified in the configuration file with the ++B option is used, if present. Thus, if you want to write the ++private key and the B<-key> option is provided, you should provide the ++B<-keyout> option explicitly. If a new key is generated and no filename is ++specified the key is written to standard output. + + =item B<-noenc> + diff --git a/0023-cms-stdin.patch b/0023-cms-stdin.patch new file mode 100644 index 0000000..0c18c12 --- /dev/null +++ b/0023-cms-stdin.patch @@ -0,0 +1,38 @@ +diff -up openssl-3.0.0-beta2/apps/cms.c.cms-stdin openssl-3.0.0-beta2/apps/cms.c +--- openssl-3.0.0-beta2/apps/cms.c.cms-stdin 2021-08-10 16:20:07.787573587 +0200 ++++ openssl-3.0.0-beta2/apps/cms.c 2021-08-10 16:23:08.500940124 +0200 +@@ -278,6 +278,8 @@ static void warn_binary(const char *file + unsigned char linebuf[1024], *cur, *end; + int len; + ++ if (file == NULL) ++ return; /* cannot give a warning for stdin input */ + if ((bio = bio_open_default(file, 'r', FORMAT_BINARY)) == NULL) + return; /* cannot give a proper warning since there is an error */ + while ((len = BIO_read(bio, linebuf, sizeof(linebuf))) > 0) { +@@ -482,13 +484,9 @@ int cms_main(int argc, char **argv) + rr_allorfirst = 1; + break; + case OPT_RCTFORM: +- if (rctformat == FORMAT_ASN1) { +- if (!opt_format(opt_arg(), +- OPT_FMT_PEMDER | OPT_FMT_SMIME, &rctformat)) +- goto opthelp; +- } else { +- rcms = load_content_info(rctformat, rctin, 0, NULL, "recipient"); +- } ++ if (!opt_format(opt_arg(), ++ OPT_FMT_PEMDER | OPT_FMT_SMIME, &rctformat)) ++ goto opthelp; + break; + case OPT_CERTFILE: + certfile = opt_arg(); +@@ -954,7 +952,7 @@ int cms_main(int argc, char **argv) + goto end; + } + +- rcms = load_content_info(rctformat, rctin, 0, NULL, "recipient"); ++ rcms = load_content_info(rctformat, rctin, 0, NULL, "receipt"); + if (rcms == NULL) + goto end; + } diff --git a/openssl.spec b/openssl.spec index 64e409d..86d283a 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta2.2%{?dist}.1 +Release: 0.beta2.3%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -56,6 +56,12 @@ Patch11: 0011-Remove-EC-curves.patch Patch19: 0019-dual-abi.patch # Update alerts according to #1965017 Patch20: 0020-sigalgs-fix-alerts.patch +# Fixes core dump in openssl req -modulus +Patch21: 0021-fix-core-dump-req.patch +# Fixes 'openssl req' to not ask for password when non-encrypted key +Patch22: 0022-fix-openssl-req-password.patch +# cms: Do not try to check binary format on stdin and -rctform fix +Patch23: 0023-cms-stdin.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -378,6 +384,13 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Tue Aug 10 2021 Sahana Prasad - 3.0.0-0.beta2.3 +- Fixes core dump in openssl req -modulus +- Fixes 'openssl req' to not ask for password when non-encrypted private key + is used +- cms: Do not try to check binary format on stdin and -rctform fix +- Resolves: rhbz#1988137, rhbz#1988468, rhbz#1988137 + * Mon Aug 09 2021 Mohan Boddu - 1:3.0.0-0.beta2.2.1 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 From 03899fca38777a94a380800c6734a749caab1892 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Mon, 16 Aug 2021 11:44:00 +0200 Subject: [PATCH 33/41] Adds support for IDEA encryption. Resolves: rhbz#1990602 Signed-off-by: Sahana Prasad --- openssl.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/openssl.spec b/openssl.spec index 86d283a..47051b5 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta2.3%{?dist} +Release: 0.beta2.4%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -203,7 +203,7 @@ export HASHBANGPERL=/usr/bin/perl --system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \ zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \ enable-cms enable-md2 enable-rc5 enable-ktls enable-fips\ - no-idea no-mdc2 no-ec2m no-sm2 no-sm4 \ + no-mdc2 no-ec2m no-sm2 no-sm4 \ shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\""' # Do not run this in a production package the FIPS symbols must be patched-in @@ -384,6 +384,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Mon Aug 16 2021 Sahana Prasad - 3.0.0-0.beta2.4 +- Adds support for IDEA encryption. +- Resolves: rhbz#1990602 + * Tue Aug 10 2021 Sahana Prasad - 3.0.0-0.beta2.3 - Fixes core dump in openssl req -modulus - Fixes 'openssl req' to not ask for password when non-encrypted private key From 49de59749c67dd13e4a2fc02f9b0e380cf0cc75c Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Mon, 16 Aug 2021 12:49:09 +0200 Subject: [PATCH 34/41] Add instruction for loading legacy provider in openssl.cnf Resolves: rhbz#1975836 Signed-off-by: Sahana Prasad --- 0024-load-legacy-prov.patch | 67 +++++++++++++++++++++++++++++++++++++ openssl.spec | 8 ++++- 2 files changed, 74 insertions(+), 1 deletion(-) create mode 100644 0024-load-legacy-prov.patch diff --git a/0024-load-legacy-prov.patch b/0024-load-legacy-prov.patch new file mode 100644 index 0000000..be0b354 --- /dev/null +++ b/0024-load-legacy-prov.patch @@ -0,0 +1,67 @@ +diff -up openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov openssl-3.0.0-beta2/apps/openssl.cnf +--- openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov 2021-08-16 14:02:48.029645419 +0200 ++++ openssl-3.0.0-beta2/apps/openssl.cnf 2021-08-16 14:14:48.006409467 +0200 +@@ -43,28 +43,29 @@ tsa_policy1 = 1.2.3.4.1 + tsa_policy2 = 1.2.3.4.5.6 + tsa_policy3 = 1.2.3.4.5.7 + +-# For FIPS +-# Optionally include a file that is generated by the OpenSSL fipsinstall +-# application. This file contains configuration data required by the OpenSSL +-# fips provider. It contains a named section e.g. [fips_sect] which is +-# referenced from the [provider_sect] below. +-# Refer to the OpenSSL security policy for more information. +-# .include fipsmodule.cnf +- + [openssl_init] + providers = provider_sect + # Load default TLS policy configuration + ssl_conf = ssl_module + +-# List of providers to load ++# Uncomment the sections that start with ## below to enable the legacy provider. ++# Loading the legacy provider enables support for the following algorithms: ++# Hashing Algorithms / Message Digests: MD2, MD4, MDC2, WHIRLPOOL, RIPEMD160 ++# Symmetric Ciphers: Blowfish, CAST, DES, IDEA, RC2, RC4,RC5, SEED ++# Key Derivation Function (KDF): PBKDF1 ++# In general it is not recommended to use the above mentioned algorithms for ++# security critical operations, as they are cryptographically weak or vulnerable ++# to side-channel attacks and as such have been deprecated. ++ + [provider_sect] +-default = default_sect +-# The fips section name should match the section name inside the +-# included fipsmodule.cnf. +-# fips = fips_sect +- +-[default_sect] +-# activate = 1 ++##default = default_sect ++##legacy = legacy_sect ++## ++##[default_sect] ++##activate = 1 ++## ++##[legacy_sect] ++##activate = 1 + + [ ssl_module ] + +diff -up openssl-3.0.0-beta2/doc/man5/config.pod.legacy-prov openssl-3.0.0-beta2/doc/man5/config.pod +--- openssl-3.0.0-beta2/doc/man5/config.pod.legacy-prov 2021-08-16 14:12:35.021606001 +0200 ++++ openssl-3.0.0-beta2/doc/man5/config.pod 2021-08-16 14:14:47.077396867 +0200 +@@ -269,6 +269,14 @@ significant. + All parameters in the section as well as sub-sections are made + available to the provider. + ++=head3 Loading the legacy provider ++ ++Uncomment the sections that start with ## in openssl.cnf ++to enable the legacy provider. ++Note: In general it is not recommended to use the above mentioned algorithms for ++security critical operations, as they are cryptographically weak or vulnerable ++to side-channel attacks and as such have been deprecated. ++ + =head2 EVP Configuration + + The name B in the initialization section names the section diff --git a/openssl.spec b/openssl.spec index 47051b5..6d1bc37 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta2.4%{?dist} +Release: 0.beta2.5%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -62,6 +62,8 @@ Patch21: 0021-fix-core-dump-req.patch Patch22: 0022-fix-openssl-req-password.patch # cms: Do not try to check binary format on stdin and -rctform fix Patch23: 0023-cms-stdin.patch +# Instructions to load legacy provider in openssl.cnf +Patch24: 0024-load-legacy-prov.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -384,6 +386,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Mon Aug 16 2021 Sahana Prasad - 3.0.0-0.beta2.5 +- Add instruction for loading legacy provider in openssl.cnf +- Resolves: rhbz#1975836 + * Mon Aug 16 2021 Sahana Prasad - 3.0.0-0.beta2.4 - Adds support for IDEA encryption. - Resolves: rhbz#1990602 From ddd1eb3708fec5bb97de672f5f3e2934da6d4a93 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Mon, 23 Aug 2021 10:45:49 +0200 Subject: [PATCH 35/41] Correctly processing CMS reading from /dev/stdin Resolves: rhbz#1986315 --- 0025-cms-stdin2.patch | 70 +++++++++++++++++++++++++++++++++++++++++++ openssl.spec | 8 ++++- 2 files changed, 77 insertions(+), 1 deletion(-) create mode 100644 0025-cms-stdin2.patch diff --git a/0025-cms-stdin2.patch b/0025-cms-stdin2.patch new file mode 100644 index 0000000..6a76025 --- /dev/null +++ b/0025-cms-stdin2.patch @@ -0,0 +1,70 @@ +From 9bdf6bb619543248c1bee1d8207b455c1ee40ab6 Mon Sep 17 00:00:00 2001 +From: Dmitry Belyavskiy +Date: Fri, 20 Aug 2021 16:45:15 +0200 +Subject: [PATCH] Get rid of warn_binary + +Current implementation of warn_binary introduces a regression +when the content is passed in /dev/stdin as an explicit file name +and reads the file to be processed twice otherwise. + +I suggest to reimplement this functionality after 3.0 if necessary. + +Fixes #16359 +--- + apps/cms.c | 29 ----------------------------- + 1 file changed, 29 deletions(-) + +diff --git a/apps/cms.c b/apps/cms.c +index c22027e3b198..b30273f1710d 100644 +--- a/apps/cms.c ++++ b/apps/cms.c +@@ -272,31 +272,6 @@ static CMS_ContentInfo *load_content_info(int informat, BIO *in, int flags, + return NULL; + } + +-static void warn_binary(const char *file) +-{ +- BIO *bio; +- unsigned char linebuf[1024], *cur, *end; +- int len; +- +- if (file == NULL) +- return; /* cannot give a warning for stdin input */ +- if ((bio = bio_open_default(file, 'r', FORMAT_BINARY)) == NULL) +- return; /* cannot give a proper warning since there is an error */ +- while ((len = BIO_read(bio, linebuf, sizeof(linebuf))) > 0) { +- end = linebuf + len; +- for (cur = linebuf; cur < end; cur++) { +- if (*cur == '\0' || *cur >= 0x80) { +- BIO_printf(bio_err, "Warning: input file '%s' contains %s" +- " character; better use -binary option\n", +- file, *cur == '\0' ? "NUL" : "8-bit"); +- goto end; +- } +- } +- } +- end: +- BIO_free(bio); +-} +- + int cms_main(int argc, char **argv) + { + CONF *conf = NULL; +@@ -911,8 +886,6 @@ int cms_main(int argc, char **argv) + goto end; + } + +- if ((flags & CMS_BINARY) == 0) +- warn_binary(infile); + in = bio_open_default(infile, 'r', + binary_files ? FORMAT_BINARY : informat); + if (in == NULL) +@@ -924,8 +897,6 @@ int cms_main(int argc, char **argv) + goto end; + if (contfile != NULL) { + BIO_free(indata); +- if ((flags & CMS_BINARY) == 0) +- warn_binary(contfile); + if ((indata = BIO_new_file(contfile, "rb")) == NULL) { + BIO_printf(bio_err, "Can't read content file %s\n", contfile); + goto end; diff --git a/openssl.spec b/openssl.spec index 6d1bc37..e5b2110 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta2.5%{?dist} +Release: 0.beta2.6%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -64,6 +64,8 @@ Patch22: 0022-fix-openssl-req-password.patch Patch23: 0023-cms-stdin.patch # Instructions to load legacy provider in openssl.cnf Patch24: 0024-load-legacy-prov.patch +# cms: don't read /dev/stdin twice +Patch25: 0025-cms-stdin2.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -386,6 +388,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Mon Aug 23 2021 Dmitry Belyavskiy - 1:3.0.0-0.beta2.6 +- Correctly process CMS reading from /dev/stdin +- Resolves: rhbz#1986315 + * Mon Aug 16 2021 Sahana Prasad - 3.0.0-0.beta2.5 - Add instruction for loading legacy provider in openssl.cnf - Resolves: rhbz#1975836 From 07de966235b62c48df6918c33cf60ab7ae577120 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Wed, 25 Aug 2021 17:02:52 +0200 Subject: [PATCH 36/41] - Removes the dual-abi build as it not required anymore. The mass rebuild was completed and all packages are rebuilt against Beta version. Resolves: rhbz#1984097 Signed-off-by: Sahana Prasad --- 0019-dual-abi.patch | 1285 ------------------------------------------- openssl.spec | 9 +- 2 files changed, 6 insertions(+), 1288 deletions(-) delete mode 100644 0019-dual-abi.patch diff --git a/0019-dual-abi.patch b/0019-dual-abi.patch deleted file mode 100644 index 84a41e5..0000000 --- a/0019-dual-abi.patch +++ /dev/null @@ -1,1285 +0,0 @@ -diff -up openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi openssl-3.0.0-beta1/crypto/evp/exchange.c ---- openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi 2021-07-02 15:28:23.331896975 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/exchange.c 2021-07-02 17:17:56.332300741 +0200 -@@ -472,6 +472,7 @@ const char *EVP_KEYEXCH_get0_description - { - return keyexch->description; - } -+RHEL_ALIAS1(EVP_KEYEXCH_description); - - int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name) - { -diff -up openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kdf_lib.c ---- openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi 2021-07-02 14:57:12.576376884 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/kdf_lib.c 2021-07-02 14:59:05.277356425 +0200 -@@ -92,11 +92,13 @@ const char *EVP_KDF_get0_name(const EVP_ - { - return kdf->type_name; - } -+RHEL_ALIAS1(EVP_KDF_name); - - const char *EVP_KDF_get0_description(const EVP_KDF *kdf) - { - return kdf->description; - } -+RHEL_ALIAS1(EVP_KDF_description); - - int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name) - { -@@ -107,6 +109,7 @@ const OSSL_PROVIDER *EVP_KDF_get0_provid - { - return kdf->prov; - } -+RHEL_ALIAS1(EVP_KDF_provider); - - const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx) - { -diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kem.c ---- openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi 2021-07-02 14:59:25.315530582 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/kem.c 2021-07-02 15:28:04.812733083 +0200 -@@ -328,6 +328,7 @@ OSSL_PROVIDER *EVP_KEM_get0_provider(con - { - return kem->prov; - } -+RHEL_ALIAS1(EVP_KEM_provider); - - EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties) -@@ -352,11 +353,13 @@ const char *EVP_KEM_get0_name(const EVP_ - { - return kem->type_name; - } -+RHEL_ALIAS1(EVP_KEM_name); - - const char *EVP_KEM_get0_description(const EVP_KEM *kem) - { - return kem->description; - } -+RHEL_ALIAS1(EVP_KEM_description); - - void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_KEM *kem, void *arg), -diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-12 23:22:43.652838373 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-12 23:40:46.085974883 +0200 -@@ -430,6 +430,7 @@ const OSSL_PROVIDER *OSSL_DECODER_get0_p - - return decoder->base.prov; - } -+RHEL_ALIAS1(OSSL_DECODER_provider); - - const char *OSSL_DECODER_get0_properties(const OSSL_DECODER *decoder) - { -@@ -440,6 +441,7 @@ const char *OSSL_DECODER_get0_properties - - return decoder->base.algodef->property_definition; - } -+RHEL_ALIAS1(OSSL_DECODER_properties); - - const OSSL_PROPERTY_LIST * - ossl_decoder_parsed_properties(const OSSL_DECODER *decoder) -@@ -471,6 +473,7 @@ const char *OSSL_DECODER_get0_descriptio - { - return decoder->base.algodef->algorithm_description; - } -+RHEL_ALIAS1(OSSL_DECODER_description); - - int OSSL_DECODER_is_a(const OSSL_DECODER *decoder, const char *name) - { -diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-12 23:22:06.307513672 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-08 14:20:58.568247805 +0200 -@@ -439,6 +439,7 @@ const OSSL_PROVIDER *OSSL_ENCODER_get0_p - - return encoder->base.prov; - } -+RHEL_ALIAS1(OSSL_ENCODER_provider); - - const char *OSSL_ENCODER_get0_properties(const OSSL_ENCODER *encoder) - { -@@ -449,6 +450,7 @@ const char *OSSL_ENCODER_get0_properties - - return encoder->base.algodef->property_definition; - } -+RHEL_ALIAS1(OSSL_ENCODER_properties); - - const OSSL_PROPERTY_LIST * - ossl_encoder_parsed_properties(const OSSL_ENCODER *encoder) -diff -up openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi openssl-3.0.0-beta1/crypto/evp/signature.c ---- openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi 2021-07-12 23:35:50.113380220 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/signature.c 2021-07-12 23:42:13.074732176 +0200 -@@ -304,6 +304,7 @@ OSSL_PROVIDER *EVP_SIGNATURE_get0_provid - { - return signature->prov; - } -+RHEL_ALIAS1(EVP_SIGNATURE_provider); - - EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties) -diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/crypto/provider.c ---- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-12 23:20:52.911866341 +0200 -+++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-08 14:17:56.222526254 +0200 -@@ -133,6 +133,7 @@ const char *OSSL_PROVIDER_get0_name(cons - { - return ossl_provider_name(prov); - } -+RHEL_ALIAS1(OSSL_PROVIDER_name); - - int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx, - int (*cb)(OSSL_PROVIDER *provider, -diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-beta1/crypto/store/store_meth.c ---- openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi 2021-07-12 23:19:45.894383707 +0200 -+++ openssl-3.0.0-beta1/crypto/store/store_meth.c 2021-07-08 10:32:19.767282116 +0200 -@@ -398,6 +398,7 @@ const OSSL_PROVIDER *OSSL_STORE_LOADER_g - - return loader->prov; - } -+RHEL_ALIAS1(OSSL_STORE_LOADER_provider); - - const char *OSSL_STORE_LOADER_get0_properties(const OSSL_STORE_LOADER *loader) - { -@@ -408,6 +409,7 @@ const char *OSSL_STORE_LOADER_get0_prope - - return loader->propdef; - } -+RHEL_ALIAS1(OSSL_STORE_LOADER_properties); - - int ossl_store_loader_get_number(const OSSL_STORE_LOADER *loader) - { -@@ -423,6 +425,7 @@ const char *OSSL_STORE_LOADER_get0_descr - { - return loader->description; - } -+RHEL_ALIAS1(OSSL_STORE_LOADER_description); - - int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, const char *name) - { -diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-13 01:01:18.919145746 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-13 01:02:00.137533120 +0200 -@@ -23,6 +23,21 @@ - */ - #define NAME_SEPARATOR ':' - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - /* Simple method structure constructor and destructor */ - static OSSL_DECODER *ossl_decoder_new(void) - { -diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-13 01:01:31.433263354 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-13 01:02:26.169777773 +0200 -@@ -23,6 +23,21 @@ - */ - #define NAME_SEPARATOR ':' - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - /* Simple method structure constructor and destructor */ - static OSSL_ENCODER *ossl_encoder_new(void) - { -diff -up openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi openssl-3.0.0-beta1/crypto/evp/asymcipher.c ---- openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi 2021-07-13 01:11:45.757160664 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/asymcipher.c 2021-07-13 01:12:10.821406727 +0200 -@@ -17,6 +17,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation, - const OSSL_PARAM params[]) - { -@@ -413,6 +428,7 @@ OSSL_PROVIDER *EVP_ASYM_CIPHER_get0_prov - { - return cipher->prov; - } -+RHEL_ALIAS1(EVP_ASYM_CIPHER_provider); - - EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties) -@@ -437,11 +453,13 @@ const char *EVP_ASYM_CIPHER_get0_name(co - { - return cipher->type_name; - } -+RHEL_ALIAS1(EVP_ASYM_CIPHER_name); - - const char *EVP_ASYM_CIPHER_get0_description(const EVP_ASYM_CIPHER *cipher) - { - return cipher->description; - } -+RHEL_ALIAS1(EVP_ASYM_CIPHER_description); - - void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_ASYM_CIPHER *cipher, -diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c ---- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-13 00:54:33.231325700 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-13 00:57:22.596922955 +0200 -@@ -26,6 +26,22 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ -+ - struct evp_rand_st { - OSSL_PROVIDER *prov; - int name_id; -@@ -302,11 +318,13 @@ const char *EVP_RAND_get0_name(const EVP - { - return rand->type_name; - } -+RHEL_ALIAS1(EVP_RAND_name); - - const char *EVP_RAND_get0_description(const EVP_RAND *rand) - { - return rand->description; - } -+RHEL_ALIAS1(EVP_RAND_description); - - int EVP_RAND_is_a(const EVP_RAND *rand, const char *name) - { -@@ -317,6 +335,7 @@ const OSSL_PROVIDER *EVP_RAND_get0_provi - { - return rand->prov; - } -+RHEL_ALIAS1(EVP_RAND_provider); - - int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]) - { -@@ -399,6 +418,7 @@ EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAN - { - return ctx->meth; - } -+RHEL_ALIAS1(EVP_RAND_CTX_rand); - - static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx, - OSSL_PARAM params[]) -@@ -633,6 +653,7 @@ unsigned int EVP_RAND_get_strength(EVP_R - evp_rand_unlock(ctx); - return res; - } -+RHEL_ALIAS1(EVP_RAND_strength); - - static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out, - size_t outlen) -@@ -667,6 +688,7 @@ int EVP_RAND_get_state(EVP_RAND_CTX *ctx - state = EVP_RAND_STATE_ERROR; - return state; - } -+RHEL_ALIAS1(EVP_RAND_state); - - static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx) - { -diff -up openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi openssl-3.0.0-beta1/crypto/evp/exchange.c ---- openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi 2021-07-12 23:58:50.656415550 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/exchange.c 2021-07-13 00:43:35.764165305 +0200 -@@ -17,6 +17,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov) - { - EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH)); -@@ -170,6 +185,7 @@ OSSL_PROVIDER *EVP_KEYEXCH_get0_provider - { - return exchange->prov; - } -+RHEL_ALIAS1(EVP_KEYEXCH_provider); - - EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, - const char *properties) -@@ -467,6 +483,7 @@ const char *EVP_KEYEXCH_get0_name(const - { - return keyexch->type_name; - } -+RHEL_ALIAS1(EVP_KEYEXCH_name); - - const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch) - { -diff -up openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kdf_lib.c ---- openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi 2021-07-13 01:05:40.212601404 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/kdf_lib.c 2021-07-13 01:06:03.238817806 +0200 -@@ -23,6 +23,21 @@ - #include "internal/provider.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) - { - EVP_KDF_CTX *ctx = NULL; -diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kem.c ---- openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi 2021-07-13 01:05:02.966251358 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/kem.c 2021-07-13 01:04:49.023120319 +0200 -@@ -17,6 +17,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation, - const OSSL_PARAM params[]) - { -diff -up openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c ---- openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi 2021-07-13 00:01:22.784863826 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c 2021-07-13 00:44:18.815566635 +0200 -@@ -17,6 +17,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static void *keymgmt_new(void) - { - EVP_KEYMGMT *keymgmt = NULL; -@@ -250,6 +265,7 @@ const OSSL_PROVIDER *EVP_KEYMGMT_get0_pr - { - return keymgmt->prov; - } -+RHEL_ALIAS1(EVP_KEYMGMT_provider); - - int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt) - { -@@ -260,11 +276,13 @@ const char *EVP_KEYMGMT_get0_description - { - return keymgmt->description; - } -+RHEL_ALIAS1(EVP_KEYMGMT_description); - - const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt) - { - return keymgmt->type_name; - } -+RHEL_ALIAS1(EVP_KEYMGMT_name); - - int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name) - { -diff -up openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_lib.c ---- openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi 2021-07-13 00:03:56.495327168 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/mac_lib.c 2021-07-13 00:44:48.459842988 +0200 -@@ -19,6 +19,21 @@ - #include "internal/provider.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac) - { - EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX)); -@@ -81,6 +96,7 @@ EVP_MAC *EVP_MAC_CTX_get0_mac(EVP_MAC_CT - { - return ctx->meth; - } -+RHEL_ALIAS1(EVP_MAC_CTX_mac); - - static size_t get_size_t_ctx_param(EVP_MAC_CTX *ctx, const char *name) - { -@@ -212,11 +228,13 @@ const char *EVP_MAC_get0_name(const EVP_ - { - return mac->type_name; - } -+RHEL_ALIAS1(EVP_MAC_name); - - const char *EVP_MAC_get0_description(const EVP_MAC *mac) - { - return mac->description; - } -+RHEL_ALIAS1(EVP_MAC_description); - - int EVP_MAC_is_a(const EVP_MAC *mac, const char *name) - { -diff -up openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_meth.c ---- openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi 2021-07-13 00:06:10.565599500 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/mac_meth.c 2021-07-13 00:45:14.925089707 +0200 -@@ -7,6 +7,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static int evp_mac_up_ref(void *vmac) - { - EVP_MAC *mac = vmac; -@@ -179,6 +194,7 @@ const OSSL_PROVIDER *EVP_MAC_get0_provid - { - return mac->prov; - } -+RHEL_ALIAS1(EVP_MAC_provider); - - const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac) - { -diff -up openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/p_lib.c ---- openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi 2021-07-13 00:49:03.477220320 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/p_lib.c 2021-07-13 00:53:25.178683891 +0200 -@@ -49,6 +49,21 @@ - - #include "e_os.h" /* strcasecmp on Windows */ - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, - int len, EVP_KEYMGMT *keymgmt); - static void evp_pkey_free_it(EVP_PKEY *key); -@@ -69,6 +84,7 @@ int EVP_PKEY_get_bits(const EVP_PKEY *pk - } - return size < 0 ? 0 : size; - } -+RHEL_ALIAS1(EVP_PKEY_bits); - - int EVP_PKEY_get_security_bits(const EVP_PKEY *pkey) - { -@@ -81,6 +97,7 @@ int EVP_PKEY_get_security_bits(const EVP - } - return size < 0 ? 0 : size; - } -+RHEL_ALIAS1(EVP_PKEY_security_bits); - - int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) - { -@@ -974,11 +991,13 @@ int EVP_PKEY_get_id(const EVP_PKEY *pkey - { - return pkey->type; - } -+RHEL_ALIAS1(EVP_PKEY_id); - - int EVP_PKEY_get_base_id(const EVP_PKEY *pkey) - { - return EVP_PKEY_type(pkey->type); - } -+RHEL_ALIAS1(EVP_PKEY_base_id); - - /* - * These hard coded cases are pure hackery to get around the fact -@@ -1780,6 +1799,7 @@ int EVP_PKEY_get_size(const EVP_PKEY *pk - } - return size < 0 ? 0 : size; - } -+RHEL_ALIAS1(EVP_PKEY_size); - - const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey) - { -@@ -1794,6 +1814,7 @@ const char *EVP_PKEY_get0_description(co - #endif - return NULL; - } -+RHEL_ALIAS1(EVP_PKEY_description); - - void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, - EVP_KEYMGMT **keymgmt, -diff -up openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c ---- openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c.dual-abi 2021-07-13 00:47:14.791207121 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/pmeth_lib.c 2021-07-13 00:48:48.716082716 +0200 -@@ -34,6 +34,21 @@ - - #ifndef FIPS_MODULE - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx, - int keytype, int optype, - int cmd, const char *name, -@@ -1076,6 +1091,7 @@ int EVP_PKEY_CTX_set_hkdf_mode(EVP_PKEY_ - - return EVP_PKEY_CTX_set_params(ctx, int_params); - } -+RHEL_ALIAS1(EVP_PKEY_CTX_hkdf_mode); - - int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass, - int passlen) -diff -up openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi openssl-3.0.0-beta1/crypto/evp/signature.c ---- openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi 2021-07-13 00:58:07.602347388 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/signature.c 2021-07-13 00:59:52.391332550 +0200 -@@ -18,6 +18,21 @@ - #include "crypto/evp.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov) - { - EVP_SIGNATURE *signature = OPENSSL_zalloc(sizeof(EVP_SIGNATURE)); -@@ -329,11 +344,13 @@ const char *EVP_SIGNATURE_get0_name(cons - { - return signature->type_name; - } -+RHEL_ALIAS1(EVP_SIGNATURE_name); - - const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature) - { - return signature->description; - } -+RHEL_ALIAS1(EVP_SIGNATURE_description); - - void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, - void (*fn)(EVP_SIGNATURE *signature, -diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-beta1/crypto/store/store_meth.c ---- openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi 2021-07-13 01:02:51.062011712 +0200 -+++ openssl-3.0.0-beta1/crypto/store/store_meth.c 2021-07-13 01:03:16.138247380 +0200 -@@ -15,6 +15,21 @@ - #include "internal/provider.h" - #include "store_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader) - { - int ref = 0; -diff -up openssl-3.0.0-beta1/crypto/http/http_client.c.dual-abi openssl-3.0.0-beta1/crypto/http/http_client.c ---- openssl-3.0.0-beta1/crypto/http/http_client.c.dual-abi 2021-07-13 22:47:01.463713204 +0200 -+++ openssl-3.0.0-beta1/crypto/http/http_client.c 2021-07-13 22:46:32.064435146 +0200 -@@ -784,6 +784,11 @@ int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP - - } - -+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx) -+{ -+ return OSSL_HTTP_REQ_CTX_nbio_d2i(rctx, (ASN1_VALUE **)(presp), ASN1_ITEM_rptr(OCSP_RESPONSE)); -+} -+ - #ifndef OPENSSL_NO_SOCK - - /* set up a new connection BIO, to HTTP server or to HTTP(S) proxy if given */ -diff -up openssl-3.0.0-beta1/include/openssl/http.h.dual-abi openssl-3.0.0-beta1/include/openssl/http.h ---- openssl-3.0.0-beta1/include/openssl/http.h.dual-abi 2021-07-13 22:46:13.628260778 +0200 -+++ openssl-3.0.0-beta1/include/openssl/http.h 2021-07-13 22:45:33.390880219 +0200 -@@ -52,6 +52,7 @@ int OSSL_HTTP_REQ_CTX_set1_req(OSSL_HTTP - int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx); - int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP_REQ_CTX *rctx, - ASN1_VALUE **pval, const ASN1_ITEM *it); -+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx); - BIO *OSSL_HTTP_REQ_CTX_exchange(OSSL_HTTP_REQ_CTX *rctx); - BIO *OSSL_HTTP_REQ_CTX_get0_mem_bio(const OSSL_HTTP_REQ_CTX *rctx); - size_t OSSL_HTTP_REQ_CTX_get_resp_len(const OSSL_HTTP_REQ_CTX *rctx); -diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-13 23:41:29.425486504 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-13 23:42:00.393819678 +0200 -@@ -497,6 +497,7 @@ const char *OSSL_ENCODER_get0_descriptio - { - return encoder->base.algodef->algorithm_description; - } -+RHEL_ALIAS1(OSSL_ENCODER_description); - - int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name) - { -diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/util/libcrypto.num ---- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-13 23:38:25.166562563 +0200 -+++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-13 23:40:38.622939932 +0200 -@@ -5414,3 +5414,76 @@ ASN1_item_d2i_bio_ex - EVP_PKEY_get0_provider 5554 3_0_0 EXIST::FUNCTION: - EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION: - ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: -+EVP_ASYM_CIPHER_description ? 3_0_0 EXIST::FUNCTION: -+EVP_ASYM_CIPHER_name ? 3_0_0 EXIST::FUNCTION: -+EVP_ASYM_CIPHER_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_block_size ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_encrypting ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_iv_length ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_key_length ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_nid ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_num ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_CTX_tag_length ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_block_size ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_description ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_flags ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_iv_length ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_key_length ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_mode ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_name ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_nid ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_CIPHER_type ? 3_0_0 EXIST::FUNCTION: -+EVP_KDF_description ? 3_0_0 EXIST::FUNCTION: -+EVP_KDF_name ? 3_0_0 EXIST::FUNCTION: -+EVP_KDF_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_KEM_description ? 3_0_0 EXIST::FUNCTION: -+EVP_KEM_name ? 3_0_0 EXIST::FUNCTION: -+EVP_KEM_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYEXCH_description ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYEXCH_name ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYEXCH_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYMGMT_description ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYMGMT_name ? 3_0_0 EXIST::FUNCTION: -+EVP_KEYMGMT_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_MAC_CTX_mac ? 3_0_0 EXIST::FUNCTION: -+EVP_MAC_description ? 3_0_0 EXIST::FUNCTION: -+EVP_MAC_name ? 3_0_0 EXIST::FUNCTION: -+EVP_MAC_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_CTX_md_data ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_CTX_pkey_ctx ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_block_size ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_description ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_flags ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_name ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_pkey_type ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_size ? 3_0_0 EXIST::FUNCTION: -+EVP_MD_type ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_CTX_hkdf_mode ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_base_id ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_bits ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_description ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_id ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_security_bits ? 3_0_0 EXIST::FUNCTION: -+EVP_PKEY_size ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_CTX_rand ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_description ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_name ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_provider ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_state ? 3_0_0 EXIST::FUNCTION: -+EVP_RAND_strength ? 3_0_0 EXIST::FUNCTION: -+EVP_SIGNATURE_description ? 3_0_0 EXIST::FUNCTION: -+EVP_SIGNATURE_name ? 3_0_0 EXIST::FUNCTION: -+EVP_SIGNATURE_provider ? 3_0_0 EXIST::FUNCTION: -+OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: -+OSSL_DECODER_description ? 3_0_0 EXIST::FUNCTION: -+OSSL_DECODER_provider ? 3_0_0 EXIST::FUNCTION: -+OSSL_ENCODER_description ? 3_0_0 EXIST::FUNCTION: -+OSSL_ENCODER_properties ? 3_0_0 EXIST::FUNCTION: -+OSSL_ENCODER_provider ? 3_0_0 EXIST::FUNCTION: -+OSSL_PROVIDER_name ? 3_0_0 EXIST::FUNCTION: -+OSSL_STORE_LOADER_description ? 3_0_0 EXIST::FUNCTION: -+OSSL_STORE_LOADER_properties ? 3_0_0 EXIST::FUNCTION: -+OSSL_STORE_LOADER_provider ? 3_0_0 EXIST::FUNCTION: -+OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: -diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/crypto/provider.c ---- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-14 00:37:49.301207962 +0200 -+++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-14 00:39:34.796200433 +0200 -@@ -13,6 +13,21 @@ - #include "internal/provider.h" - #include "provider_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ - OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name, - int retain_fallbacks) - { -diff -up openssl-3.0.0-beta1/util/libcrypto.num.dual-abi openssl-3.0.0-beta1/util/libcrypto.num ---- openssl-3.0.0-beta1/util/libcrypto.num.dual-abi 2021-07-14 08:43:00.374838367 +0200 -+++ openssl-3.0.0-beta1/util/libcrypto.num 2021-07-14 08:43:20.421006957 +0200 -@@ -5486,4 +5486,3 @@ OSSL_PROVIDER_name ? 3_0_0 EXIS - OSSL_STORE_LOADER_description ? 3_0_0 EXIST::FUNCTION: - OSSL_STORE_LOADER_properties ? 3_0_0 EXIST::FUNCTION: - OSSL_STORE_LOADER_provider ? 3_0_0 EXIST::FUNCTION: --OCSP_sendreq_nbio ? 3_0_0 EXIST::FUNCTION: -diff -up openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c.dual-abi 2021-07-17 22:00:59.773016162 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/decoder_meth.c 2021-07-17 22:02:15.768898376 +0200 -@@ -38,6 +38,9 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define OSSL_DECODER_provider OSSL_DECODER_get0_provider -+#define OSSL_DECODER_properties OSSL_DECODER_get0_properties -+#define OSSL_DECODER_description OSSL_DECODER_get0_description - /* Simple method structure constructor and destructor */ - static OSSL_DECODER *ossl_decoder_new(void) - { -diff -up openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c ---- openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c.dual-abi 2021-07-17 22:11:45.414684273 +0200 -+++ openssl-3.0.0-beta1/crypto/encode_decode/encoder_meth.c 2021-07-17 22:13:31.863953270 +0200 -@@ -38,6 +38,10 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define OSSL_ENCODER_provider OSSL_ENCODER_get0_provider -+#define OSSL_ENCODER_properties OSSL_ENCODER_get0_properties -+#define OSSL_ENCODER_description OSSL_ENCODER_get0_description -+ - /* Simple method structure constructor and destructor */ - static OSSL_ENCODER *ossl_encoder_new(void) - { -diff -up openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi openssl-3.0.0-beta1/crypto/evp/asymcipher.c ---- openssl-3.0.0-beta1/crypto/evp/asymcipher.c.dual-abi 2021-07-17 22:41:57.601106537 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/asymcipher.c 2021-07-17 22:43:21.232142660 +0200 -@@ -32,6 +32,10 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define EVP_ASYM_CIPHER_provider EVP_ASYM_CIPHER_get0_provider -+#define EVP_ASYM_CIPHER_name EVP_ASYM_CIPHER_get0_name -+#define EVP_ASYM_CIPHER_description EVP_ASYM_CIPHER_get0_description -+ - static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation, - const OSSL_PARAM params[]) - { -diff -up openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi openssl-3.0.0-beta1/crypto/evp/evp_rand.c ---- openssl-3.0.0-beta1/crypto/evp/evp_rand.c.dual-abi 2021-07-17 22:29:25.742454581 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/evp_rand.c 2021-07-17 22:33:36.158699400 +0200 -@@ -41,6 +41,12 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define EVP_RAND_name EVP_RAND_get0_name -+#define EVP_RAND_description EVP_RAND_get0_description -+#define EVP_RAND_provider EVP_RAND_get0_provider -+#define EVP_RAND_CTX_rand EVP_RAND_CTX_get0_rand -+#define EVP_RAND_strength EVP_RAND_get_strength -+#define EVP_RAND_state EVP_RAND_get_state - - struct evp_rand_st { - OSSL_PROVIDER *prov; -diff -up openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kdf_lib.c ---- openssl-3.0.0-beta1/crypto/evp/kdf_lib.c.dual-abi 2021-07-19 11:05:37.011176112 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/kdf_lib.c 2021-07-19 11:07:00.979312903 +0200 -@@ -38,6 +38,10 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define EVP_KDF_description EVP_KDF_get0_description -+#define EVP_KDF_name EVP_KDF_get0_name -+#define EVP_KDF_provider EVP_KDF_get0_provider -+ - EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) - { - EVP_KDF_CTX *ctx = NULL; -diff -up openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi openssl-3.0.0-beta1/crypto/evp/kem.c ---- openssl-3.0.0-beta1/crypto/evp/kem.c.dual-abi 2021-07-17 22:43:48.398479226 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/kem.c 2021-07-17 22:57:43.456546917 +0200 -@@ -32,6 +32,10 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define EVP_KEM_provider EVP_KEM_get0_provider -+#define EVP_KEM_name EVP_KEM_get0_name -+#define EVP_KEM_description EVP_KEM_get0_description -+ - static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation, - const OSSL_PARAM params[]) - { -diff -up openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c ---- openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c.dual-abi 2021-07-17 22:37:22.080738360 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/keymgmt_meth.c 2021-07-17 22:39:05.847978640 +0200 -@@ -32,6 +32,10 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define EVP_KEYMGMT_provider EVP_KEYMGMT_get0_provider -+#define EVP_KEYMGMT_name EVP_KEYMGMT_get0_name -+#define EVP_KEYMGMT_description EVP_KEYMGMT_get0_description -+ - static void *keymgmt_new(void) - { - EVP_KEYMGMT *keymgmt = NULL; -diff -up openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_lib.c ---- openssl-3.0.0-beta1/crypto/evp/mac_lib.c.dual-abi 2021-07-17 22:26:15.364131776 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/mac_lib.c 2021-07-17 22:29:32.718539694 +0200 -@@ -34,6 +34,10 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define EVP_MAC_name EVP_MAC_get0_name -+#define EVP_MAC_description EVP_MAC_get0_description -+# define EVP_MAC_CTX_mac EVP_MAC_CTX_get0_mac -+ - EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac) - { - EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX)); -diff -up openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi openssl-3.0.0-beta1/crypto/evp/mac_meth.c ---- openssl-3.0.0-beta1/crypto/evp/mac_meth.c.dual-abi 2021-07-17 22:27:04.406730147 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/mac_meth.c 2021-07-17 22:30:30.482255830 +0200 -@@ -22,6 +22,8 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+# define EVP_MAC_provider EVP_MAC_get0_provider -+ - static int evp_mac_up_ref(void *vmac) - { - EVP_MAC *mac = vmac; -diff -up openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi openssl-3.0.0-beta1/crypto/evp/signature.c ---- openssl-3.0.0-beta1/crypto/evp/signature.c.dual-abi 2021-07-17 22:40:02.942686000 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/signature.c 2021-07-17 22:41:27.180729654 +0200 -@@ -33,6 +33,10 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define EVP_SIGNATURE_provider EVP_SIGNATURE_get0_provider -+#define EVP_SIGNATURE_name EVP_SIGNATURE_get0_name -+#define EVP_SIGNATURE_description EVP_SIGNATURE_get0_description -+ - static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov) - { - EVP_SIGNATURE *signature = OPENSSL_zalloc(sizeof(EVP_SIGNATURE)); -diff -up openssl-3.0.0-beta1/crypto/provider.c.dual-abi openssl-3.0.0-beta1/crypto/provider.c ---- openssl-3.0.0-beta1/crypto/provider.c.dual-abi 2021-07-19 11:07:31.301723423 +0200 -+++ openssl-3.0.0-beta1/crypto/provider.c 2021-07-19 11:08:09.354238585 +0200 -@@ -28,6 +28,8 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define OSSL_PROVIDER_name OSSL_PROVIDER_get0_name -+ - OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name, - int retain_fallbacks) - { -diff -up openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi openssl-3.0.0-beta1/crypto/store/store_meth.c ---- openssl-3.0.0-beta1/crypto/store/store_meth.c.dual-abi 2021-07-19 11:09:38.398444097 +0200 -+++ openssl-3.0.0-beta1/crypto/store/store_meth.c 2021-07-19 12:35:14.153417504 +0200 -@@ -30,6 +30,10 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define OSSL_STORE_LOADER_provider OSSL_STORE_LOADER_get0_provider -+#define OSSL_STORE_LOADER_properties OSSL_STORE_LOADER_get0_properties -+#define OSSL_STORE_LOADER_description OSSL_STORE_LOADER_get0_description -+ - int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader) - { - int ref = 0; -diff -up openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi openssl-3.0.0-beta1/crypto/evp/exchange.c ---- openssl-3.0.0-beta1/crypto/evp/exchange.c.dual-abi 2021-07-19 12:53:41.708859841 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/exchange.c 2021-07-19 12:54:27.782435636 +0200 -@@ -32,6 +32,10 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define EVP_KEYEXCH_provider EVP_KEYEXCH_get0_provider -+#define EVP_KEYEXCH_name EVP_KEYEXCH_get0_name -+#define EVP_KEYEXCH_description EVP_KEYEXCH_get0_description -+ - static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov) - { - EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH)); -diff -up openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi openssl-3.0.0-beta1/crypto/evp/p_lib.c ---- openssl-3.0.0-beta1/crypto/evp/p_lib.c.dual-abi 2021-07-19 13:07:31.799790073 +0200 -+++ openssl-3.0.0-beta1/crypto/evp/p_lib.c 2021-07-19 13:08:23.334480304 +0200 -@@ -64,6 +64,8 @@ - #define RHEL_ALIAS1(old_id) \ - RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) - -+#define EVP_PKEY_description EVP_PKEY_get0_description -+ - static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, - int len, EVP_KEYMGMT *keymgmt); - static void evp_pkey_free_it(EVP_PKEY *key); -diff -up openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta2/crypto/evp/evp_lib.c ---- openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi 2021-08-03 12:50:08.359814508 +0200 -+++ openssl-3.0.0-beta2/crypto/evp/evp_lib.c 2021-08-03 12:55:14.025810602 +0200 -@@ -28,6 +28,26 @@ - #include "internal/provider.h" - #include "evp_local.h" - -+/* Macro machinery. */ -+ -+/* Defines OLD_STRING (a C string) as an alias for NEW_ID (a C -+ * identifier). The controlling C identifier symbol is ALIAS_ID (a C -+ * identifier). */ -+#define RHEL_ALIAS3(alias_id, new_id, old_string) \ -+ extern __typeof(new_id) alias_id \ -+ __asm__ (old_string) \ -+ __attribute__ ((__copy__ (new_id), __alias__ (#new_id))) -+ -+/* Defines an alias using OLD_ID, which must be an macro identifier -+ * that expands to the new identifier. */ -+#define RHEL_ALIAS1(old_id) \ -+ RHEL_ALIAS3(RHEL_ALIAS_##old_id, old_id, #old_id) -+ -+#define EVP_MD_description EVP_MD_get0_description -+#define EVP_MD_provider EVP_MD_get0_provider -+#define EVP_CIPHER_description EVP_CIPHER_get0_description -+#define EVP_CIPHER_provider EVP_CIPHER_get0_provider -+ - #if !defined(FIPS_MODULE) - # include "crypto/asn1.h" - -diff -up openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi openssl-3.0.0-beta2/crypto/evp/evp_lib.c ---- openssl-3.0.0-beta2/crypto/evp/evp_lib.c.dual-abi 2021-08-03 13:11:46.436671855 +0200 -+++ openssl-3.0.0-beta2/crypto/evp/evp_lib.c 2021-08-03 13:31:36.873461438 +0200 -@@ -337,6 +337,7 @@ int EVP_CIPHER_get_type(const EVP_CIPHER - #endif - } - } -+RHEL_ALIAS1(EVP_CIPHER_type); - - int evp_cipher_cache_constants(EVP_CIPHER *cipher) - { -@@ -389,11 +390,13 @@ int EVP_CIPHER_get_block_size(const EVP_ - { - return cipher->block_size; - } -+RHEL_ALIAS1(EVP_CIPHER_block_size); - - int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx) - { - return EVP_CIPHER_get_block_size(ctx->cipher); - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_block_size); - - int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e) - { -@@ -466,11 +469,13 @@ int EVP_CIPHER_CTX_is_encrypting(const E - { - return ctx->encrypt; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_encrypting); - - unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher) - { - return cipher->flags; - } -+RHEL_ALIAS1(EVP_CIPHER_flags); - - void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) - { -@@ -501,6 +506,7 @@ int EVP_CIPHER_get_iv_length(const EVP_C - { - return cipher->iv_len; - } -+RHEL_ALIAS1(EVP_CIPHER_iv_length); - - int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx) - { -@@ -522,6 +543,7 @@ legacy: - } - return len; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_iv_length); - - int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx) - { -@@ -533,6 +539,7 @@ int EVP_CIPHER_CTX_get_tag_length(const - ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); - return ret == 1 ? (int)v : 0; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_tag_length); - - #ifndef OPENSSL_NO_DEPRECATED_3_0 - const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx) -@@ -615,6 +622,7 @@ int EVP_CIPHER_CTX_get_num(const EVP_CIP - - return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_num); - - int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num) - { -@@ -634,6 +642,7 @@ int EVP_CIPHER_get_key_length(const EVP_ - { - return cipher->key_len; - } -+RHEL_ALIAS1(EVP_CIPHER_key_length); - - int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx) - { -@@ -646,16 +655,19 @@ int EVP_CIPHER_CTX_get_key_length(const - - return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_key_length); - - int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher) - { - return cipher->nid; - } -+RHEL_ALIAS1(EVP_CIPHER_nid); - - int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx) - { - return ctx->cipher->nid; - } -+RHEL_ALIAS1(EVP_CIPHER_CTX_nid); - - int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name) - { -@@ -679,6 +691,7 @@ const char *EVP_CIPHER_get0_name(const E - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_CIPHER_name); - - const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher) - { -@@ -690,6 +703,7 @@ const char *EVP_CIPHER_get0_description( - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_CIPHER_description); - - int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, - void (*fn)(const char *name, void *data), -@@ -705,11 +719,13 @@ const OSSL_PROVIDER *EVP_CIPHER_get0_pro - { - return cipher->prov; - } -+RHEL_ALIAS1(EVP_CIPHER_provider); - - int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher) - { - return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE; - } -+RHEL_ALIAS1(EVP_CIPHER_mode); - - int EVP_MD_is_a(const EVP_MD *md, const char *name) - { -@@ -733,6 +749,7 @@ const char *EVP_MD_get0_description(cons - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_MD_description); - - const char *EVP_MD_get0_name(const EVP_MD *md) - { -@@ -746,6 +763,7 @@ const char *EVP_MD_get0_name(const EVP_M - return NULL; - #endif - } -+RHEL_ALIAS1(EVP_MD_name); - - int EVP_MD_names_do_all(const EVP_MD *md, - void (*fn)(const char *name, void *data), -@@ -761,16 +779,19 @@ const OSSL_PROVIDER *EVP_MD_get0_provide - { - return md->prov; - } -+RHEL_ALIAS1(EVP_MD_provider); - - int EVP_MD_get_type(const EVP_MD *md) - { - return md->type; - } -+RHEL_ALIAS1(EVP_MD_type); - - int EVP_MD_get_pkey_type(const EVP_MD *md) - { - return md->pkey_type; - } -+RHEL_ALIAS1(EVP_MD_pkey_type); - - int EVP_MD_get_block_size(const EVP_MD *md) - { -@@ -780,6 +801,7 @@ int EVP_MD_get_block_size(const EVP_MD * - } - return md->block_size; - } -+RHEL_ALIAS1(EVP_MD_block_size); - - int EVP_MD_get_size(const EVP_MD *md) - { -@@ -789,11 +811,13 @@ int EVP_MD_get_size(const EVP_MD *md) - } - return md->md_size; - } -+RHEL_ALIAS1(EVP_MD_size); - - unsigned long EVP_MD_get_flags(const EVP_MD *md) - { - return md->flags; - } -+RHEL_ALIAS1(EVP_MD_flags); - - EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type) - { -@@ -1008,6 +1032,7 @@ EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(co - { - return ctx->pctx; - } -+RHEL_ALIAS1(EVP_MD_CTX_pkey_ctx); - - #if !defined(FIPS_MODULE) - void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx) -@@ -1034,6 +1059,7 @@ void *EVP_MD_CTX_get0_md_data(const EVP_ - { - return ctx->md_data; - } -+RHEL_ALIAS1(EVP_MD_CTX_md_data); - - int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, - const void *data, size_t count) diff --git a/openssl.spec b/openssl.spec index e5b2110..d372835 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta2.6%{?dist} +Release: 0.beta2.7%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -52,8 +52,6 @@ Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch #Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch # remove unsupported EC curves Patch11: 0011-Remove-EC-curves.patch -# Temporary dual-ABI build patch -Patch19: 0019-dual-abi.patch # Update alerts according to #1965017 Patch20: 0020-sigalgs-fix-alerts.patch # Fixes core dump in openssl req -modulus @@ -388,6 +386,11 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Wed Aug 25 2021 Sahana Prasad - 1:3.0.0-0.beta2.7 +- Removes the dual-abi build as it not required anymore. The mass rebuild + was completed and all packages are rebuilt against Beta version. +- Resolves: rhbz#1984097 + * Mon Aug 23 2021 Dmitry Belyavskiy - 1:3.0.0-0.beta2.6 - Correctly process CMS reading from /dev/stdin - Resolves: rhbz#1986315 From 34d46544a52161571d3c035e5649b450eaf705b8 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Thu, 9 Sep 2021 13:07:02 +0200 Subject: [PATCH 37/41] Rebase to upstream version 3.0.0 Related: rhbz#1990814 Signed-off-by: Sahana Prasad --- ...PROFILE-SYSTEM-system-default-cipher.patch | 2 +- 0020-sigalgs-fix-alerts.patch | 22 ------ 0021-fix-core-dump-req.patch | 38 ---------- 0022-fix-openssl-req-password.patch | 33 --------- 0023-cms-stdin.patch | 38 ---------- 0024-load-legacy-prov.patch | 42 ++++++----- 0025-cms-stdin2.patch | 70 ------------------- openssl.spec | 18 ++--- sources | 2 +- 9 files changed, 33 insertions(+), 232 deletions(-) delete mode 100644 0020-sigalgs-fix-alerts.patch delete mode 100644 0021-fix-core-dump-req.patch delete mode 100644 0022-fix-openssl-req-password.patch delete mode 100644 0023-cms-stdin.patch delete mode 100644 0025-cms-stdin2.patch diff --git a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch index 9ad572d..a32c9e8 100644 --- a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +++ b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch @@ -309,7 +309,7 @@ diff -up openssl-3.0.0-beta1/Configure.sys-default openssl-3.0.0-beta1/Configure +# # --banner=".." Output specified text instead of default completion banner # - # --cross-compile-prefix Add specified prefix to binutils components. + # -w Don't wait after showing a Configure warning @@ -385,6 +389,7 @@ $config{prefix}=""; $config{openssldir}=""; $config{processor}=""; diff --git a/0020-sigalgs-fix-alerts.patch b/0020-sigalgs-fix-alerts.patch deleted file mode 100644 index b1d571a..0000000 --- a/0020-sigalgs-fix-alerts.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c -index 3579202c22..134c948bcb 100644 ---- a/ssl/t1_lib.c -+++ b/ssl/t1_lib.c -@@ -3302,7 +3302,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) - if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) { - if (!fatalerrs) - return 1; -- SSLfatal(s, SSL_AD_INTERNAL_ERROR, -+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, - SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM); - return 0; - } -@@ -3317,7 +3317,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) - if (i == sent_sigslen) { - if (!fatalerrs) - return 1; -- SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, -+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, - SSL_R_WRONG_SIGNATURE_TYPE); - return 0; - } diff --git a/0021-fix-core-dump-req.patch b/0021-fix-core-dump-req.patch deleted file mode 100644 index e4cf377..0000000 --- a/0021-fix-core-dump-req.patch +++ /dev/null @@ -1,38 +0,0 @@ -diff -up openssl-3.0.0-beta2/apps/req.c.req-segfault openssl-3.0.0-beta2/apps/req.c ---- openssl-3.0.0-beta2/apps/req.c.req-segfault 2021-08-10 16:24:58.784384336 +0200 -+++ openssl-3.0.0-beta2/apps/req.c 2021-08-10 16:26:38.347688172 +0200 -@@ -996,8 +996,8 @@ int req_main(int argc, char **argv) - if (EVP_PKEY_is_a(tpubkey, "RSA")) { - BIGNUM *n = NULL; - -- /* Every RSA key has an 'n' */ -- EVP_PKEY_get_bn_param(pkey, "n", &n); -+ if (!EVP_PKEY_get_bn_param(tpubkey, "n", &n)) -+ goto end; - BN_print(out, n); - BN_free(n); - } else { -diff -up openssl-3.0.0-beta2/test/recipes/25-test_req.t.req-segfault openssl-3.0.0-beta2/test/recipes/25-test_req.t ---- openssl-3.0.0-beta2/test/recipes/25-test_req.t.req-segfault 2021-08-10 16:26:53.305884053 +0200 -+++ openssl-3.0.0-beta2/test/recipes/25-test_req.t 2021-08-10 16:28:33.674221058 +0200 -@@ -78,7 +78,7 @@ subtest "generating alt certificate requ - - - subtest "generating certificate requests with RSA" => sub { -- plan tests => 7; -+ plan tests => 8; - - SKIP: { - skip "RSA is not supported by this OpenSSL build", 2 -@@ -105,6 +105,11 @@ subtest "generating certificate requests - - ok(run(app(["openssl", "req", - "-config", srctop_file("test", "test.cnf"), -+ "-modulus", "-in", "testreq-rsa.pem", "-noout"])), -+ "Printing a modulus of the request key"); -+ -+ ok(run(app(["openssl", "req", -+ "-config", srctop_file("test", "test.cnf"), - "-new", "-out", "testreq_withattrs_pem.pem", "-utf8", - "-key", srctop_file("test", "testrsa_withattrs.pem")])), - "Generating request from a key with extra attributes - PEM"); diff --git a/0022-fix-openssl-req-password.patch b/0022-fix-openssl-req-password.patch deleted file mode 100644 index 077b4c5..0000000 --- a/0022-fix-openssl-req-password.patch +++ /dev/null @@ -1,33 +0,0 @@ -diff -up openssl-3.0.0-beta2/apps/req.c.req-password openssl-3.0.0-beta2/apps/req.c ---- openssl-3.0.0-beta2/apps/req.c.req-password 2021-08-10 16:31:04.726233653 +0200 -+++ openssl-3.0.0-beta2/apps/req.c 2021-08-10 16:31:58.286947297 +0200 -@@ -686,7 +686,7 @@ int req_main(int argc, char **argv) - EVP_PKEY_CTX_free(genctx); - genctx = NULL; - } -- if (keyout == NULL) { -+ if (keyout == NULL && keyfile == NULL) { - keyout = NCONF_get_string(req_conf, section, KEYFILE); - if (keyout == NULL) - ERR_clear_error(); -diff -up openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in.req-password openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in ---- openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in.req-password 2021-08-10 16:32:21.863261416 +0200 -+++ openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in 2021-08-10 16:33:19.173025012 +0200 -@@ -205,11 +205,12 @@ See L for det - =item B<-keyout> I - - This gives the filename to write any private key to that has been newly created --or read from B<-key>. --If the B<-keyout> option is not given the filename specified in the --configuration file with the B option is used, if present. --If a new key is generated and no filename is specified --the key is written to standard output. -+or read from B<-key>. If neither the B<-keyout> option nor the B<-key> option -+are given then the filename specified in the configuration file with the -+B option is used, if present. Thus, if you want to write the -+private key and the B<-key> option is provided, you should provide the -+B<-keyout> option explicitly. If a new key is generated and no filename is -+specified the key is written to standard output. - - =item B<-noenc> - diff --git a/0023-cms-stdin.patch b/0023-cms-stdin.patch deleted file mode 100644 index 0c18c12..0000000 --- a/0023-cms-stdin.patch +++ /dev/null @@ -1,38 +0,0 @@ -diff -up openssl-3.0.0-beta2/apps/cms.c.cms-stdin openssl-3.0.0-beta2/apps/cms.c ---- openssl-3.0.0-beta2/apps/cms.c.cms-stdin 2021-08-10 16:20:07.787573587 +0200 -+++ openssl-3.0.0-beta2/apps/cms.c 2021-08-10 16:23:08.500940124 +0200 -@@ -278,6 +278,8 @@ static void warn_binary(const char *file - unsigned char linebuf[1024], *cur, *end; - int len; - -+ if (file == NULL) -+ return; /* cannot give a warning for stdin input */ - if ((bio = bio_open_default(file, 'r', FORMAT_BINARY)) == NULL) - return; /* cannot give a proper warning since there is an error */ - while ((len = BIO_read(bio, linebuf, sizeof(linebuf))) > 0) { -@@ -482,13 +484,9 @@ int cms_main(int argc, char **argv) - rr_allorfirst = 1; - break; - case OPT_RCTFORM: -- if (rctformat == FORMAT_ASN1) { -- if (!opt_format(opt_arg(), -- OPT_FMT_PEMDER | OPT_FMT_SMIME, &rctformat)) -- goto opthelp; -- } else { -- rcms = load_content_info(rctformat, rctin, 0, NULL, "recipient"); -- } -+ if (!opt_format(opt_arg(), -+ OPT_FMT_PEMDER | OPT_FMT_SMIME, &rctformat)) -+ goto opthelp; - break; - case OPT_CERTFILE: - certfile = opt_arg(); -@@ -954,7 +952,7 @@ int cms_main(int argc, char **argv) - goto end; - } - -- rcms = load_content_info(rctformat, rctin, 0, NULL, "recipient"); -+ rcms = load_content_info(rctformat, rctin, 0, NULL, "receipt"); - if (rcms == NULL) - goto end; - } diff --git a/0024-load-legacy-prov.patch b/0024-load-legacy-prov.patch index be0b354..0c182e7 100644 --- a/0024-load-legacy-prov.patch +++ b/0024-load-legacy-prov.patch @@ -1,7 +1,7 @@ -diff -up openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov openssl-3.0.0-beta2/apps/openssl.cnf ---- openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov 2021-08-16 14:02:48.029645419 +0200 -+++ openssl-3.0.0-beta2/apps/openssl.cnf 2021-08-16 14:14:48.006409467 +0200 -@@ -43,28 +43,29 @@ tsa_policy1 = 1.2.3.4.1 +diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.cnf +--- openssl-3.0.0/apps/openssl.cnf.legacy-prov 2021-09-09 12:06:40.895793297 +0200 ++++ openssl-3.0.0/apps/openssl.cnf 2021-09-09 12:12:33.947482500 +0200 +@@ -42,36 +42,29 @@ tsa_policy1 = 1.2.3.4.1 tsa_policy2 = 1.2.3.4.5.6 tsa_policy3 = 1.2.3.4.5.7 @@ -19,6 +19,11 @@ diff -up openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov openssl-3.0.0-beta2/ap ssl_conf = ssl_module -# List of providers to load +-[provider_sect] +-default = default_sect +-# The fips section name should match the section name inside the +-# included fipsmodule.cnf. +-# fips = fips_sect +# Uncomment the sections that start with ## below to enable the legacy provider. +# Loading the legacy provider enables support for the following algorithms: +# Hashing Algorithms / Message Digests: MD2, MD4, MDC2, WHIRLPOOL, RIPEMD160 @@ -27,15 +32,18 @@ diff -up openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov openssl-3.0.0-beta2/ap +# In general it is not recommended to use the above mentioned algorithms for +# security critical operations, as they are cryptographically weak or vulnerable +# to side-channel attacks and as such have been deprecated. -+ - [provider_sect] --default = default_sect --# The fips section name should match the section name inside the --# included fipsmodule.cnf. --# fips = fips_sect -- + +-# If no providers are activated explicitly, the default one is activated implicitly. +-# See man 7 OSSL_PROVIDER-default for more details. +-# +-# If you add a section explicitly activating any other provider(s), you most +-# probably need to explicitly activate the default provider, otherwise it +-# becomes unavailable in openssl. As a consequence applications depending on +-# OpenSSL may not work correctly which could lead to significant system +-# problems including inability to remotely access the system. -[default_sect] -# activate = 1 ++[provider_sect] +##default = default_sect +##legacy = legacy_sect +## @@ -47,10 +55,10 @@ diff -up openssl-3.0.0-beta2/apps/openssl.cnf.legacy-prov openssl-3.0.0-beta2/ap [ ssl_module ] -diff -up openssl-3.0.0-beta2/doc/man5/config.pod.legacy-prov openssl-3.0.0-beta2/doc/man5/config.pod ---- openssl-3.0.0-beta2/doc/man5/config.pod.legacy-prov 2021-08-16 14:12:35.021606001 +0200 -+++ openssl-3.0.0-beta2/doc/man5/config.pod 2021-08-16 14:14:47.077396867 +0200 -@@ -269,6 +269,14 @@ significant. +diff -up openssl-3.0.0/doc/man5/config.pod.legacy-prov openssl-3.0.0/doc/man5/config.pod +--- openssl-3.0.0/doc/man5/config.pod.legacy-prov 2021-09-09 12:09:38.079040853 +0200 ++++ openssl-3.0.0/doc/man5/config.pod 2021-09-09 12:11:56.646224876 +0200 +@@ -273,6 +273,14 @@ significant. All parameters in the section as well as sub-sections are made available to the provider. @@ -62,6 +70,6 @@ diff -up openssl-3.0.0-beta2/doc/man5/config.pod.legacy-prov openssl-3.0.0-beta2 +security critical operations, as they are cryptographically weak or vulnerable +to side-channel attacks and as such have been deprecated. + - =head2 EVP Configuration + =head3 Default provider and its activation - The name B in the initialization section names the section + If no providers are activated explicitly, the default one is activated implicitly. diff --git a/0025-cms-stdin2.patch b/0025-cms-stdin2.patch deleted file mode 100644 index 6a76025..0000000 --- a/0025-cms-stdin2.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 9bdf6bb619543248c1bee1d8207b455c1ee40ab6 Mon Sep 17 00:00:00 2001 -From: Dmitry Belyavskiy -Date: Fri, 20 Aug 2021 16:45:15 +0200 -Subject: [PATCH] Get rid of warn_binary - -Current implementation of warn_binary introduces a regression -when the content is passed in /dev/stdin as an explicit file name -and reads the file to be processed twice otherwise. - -I suggest to reimplement this functionality after 3.0 if necessary. - -Fixes #16359 ---- - apps/cms.c | 29 ----------------------------- - 1 file changed, 29 deletions(-) - -diff --git a/apps/cms.c b/apps/cms.c -index c22027e3b198..b30273f1710d 100644 ---- a/apps/cms.c -+++ b/apps/cms.c -@@ -272,31 +272,6 @@ static CMS_ContentInfo *load_content_info(int informat, BIO *in, int flags, - return NULL; - } - --static void warn_binary(const char *file) --{ -- BIO *bio; -- unsigned char linebuf[1024], *cur, *end; -- int len; -- -- if (file == NULL) -- return; /* cannot give a warning for stdin input */ -- if ((bio = bio_open_default(file, 'r', FORMAT_BINARY)) == NULL) -- return; /* cannot give a proper warning since there is an error */ -- while ((len = BIO_read(bio, linebuf, sizeof(linebuf))) > 0) { -- end = linebuf + len; -- for (cur = linebuf; cur < end; cur++) { -- if (*cur == '\0' || *cur >= 0x80) { -- BIO_printf(bio_err, "Warning: input file '%s' contains %s" -- " character; better use -binary option\n", -- file, *cur == '\0' ? "NUL" : "8-bit"); -- goto end; -- } -- } -- } -- end: -- BIO_free(bio); --} -- - int cms_main(int argc, char **argv) - { - CONF *conf = NULL; -@@ -911,8 +886,6 @@ int cms_main(int argc, char **argv) - goto end; - } - -- if ((flags & CMS_BINARY) == 0) -- warn_binary(infile); - in = bio_open_default(infile, 'r', - binary_files ? FORMAT_BINARY : informat); - if (in == NULL) -@@ -924,8 +897,6 @@ int cms_main(int argc, char **argv) - goto end; - if (contfile != NULL) { - BIO_free(indata); -- if ((flags & CMS_BINARY) == 0) -- warn_binary(contfile); - if ((indata = BIO_new_file(contfile, "rb")) == NULL) { - BIO_printf(bio_err, "Can't read content file %s\n", contfile); - goto end; diff --git a/openssl.spec b/openssl.spec index d372835..c1110d5 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 0.beta2.7%{?dist} +Release: 1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -52,18 +52,8 @@ Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch #Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch # remove unsupported EC curves Patch11: 0011-Remove-EC-curves.patch -# Update alerts according to #1965017 -Patch20: 0020-sigalgs-fix-alerts.patch -# Fixes core dump in openssl req -modulus -Patch21: 0021-fix-core-dump-req.patch -# Fixes 'openssl req' to not ask for password when non-encrypted key -Patch22: 0022-fix-openssl-req-password.patch -# cms: Do not try to check binary format on stdin and -rctform fix -Patch23: 0023-cms-stdin.patch # Instructions to load legacy provider in openssl.cnf Patch24: 0024-load-legacy-prov.patch -# cms: don't read /dev/stdin twice -Patch25: 0025-cms-stdin2.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -119,7 +109,7 @@ package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit. %prep -%autosetup -S git -n %{name}-%{version}-beta2 +%autosetup -S git -n %{name}-%{version} # The hobble_openssl is called here redundantly, just to be sure. # The tarball has already the sources removed. @@ -386,6 +376,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Thu Sep 09 2021 Sahana Prasad - 1:3.0.0-1 +- Rebase to upstream version 3.0.0 +- Related: rhbz#1990814 + * Wed Aug 25 2021 Sahana Prasad - 1:3.0.0-0.beta2.7 - Removes the dual-abi build as it not required anymore. The mass rebuild was completed and all packages are rebuilt against Beta version. diff --git a/sources b/sources index 8b1e2d7..4173974 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-3.0.0-hobbled.tar.xz) = 096758a79680921d2b18929177d2ee43b7fb62fa30164a16ab1749b8349aac5e6e3d0761419b6c9f0a591c8991c133d142e56ab92f197d142649b58e66d876f7 +SHA512 (openssl-3.0.0-hobbled.tar.xz) = aeb6834de96bbf53b0e287c9f0ed866100d30dd02b694fd7142da855ac10074c9ad77cd7c1c688890094f31fd2ee5b5610a7ba1112775b94ae80ba51c66e0b27 From 3edf474b5dc3585e50641f8319e758746da913c6 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Mon, 20 Sep 2021 17:13:26 +0200 Subject: [PATCH 38/41] Avoid double-free on error seeding the RNG. Resolves: rhbz#1952844 --- 0030-tmp-Fix-rng-seed-double-free.patch | 18 ++++++++++++++++++ openssl.spec | 8 +++++++- 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 0030-tmp-Fix-rng-seed-double-free.patch diff --git a/0030-tmp-Fix-rng-seed-double-free.patch b/0030-tmp-Fix-rng-seed-double-free.patch new file mode 100644 index 0000000..35658eb --- /dev/null +++ b/0030-tmp-Fix-rng-seed-double-free.patch @@ -0,0 +1,18 @@ +diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c +index 173c99ce1732..7a4b780bb469 100644 +--- a/providers/implementations/rands/seed_src.c ++++ b/providers/implementations/rands/seed_src.c +@@ -201,10 +201,11 @@ static size_t seed_get_seed(void *vseed, unsigned char **pout, + ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + return 0; + } +- *pout = p; + if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance, +- adin, adin_len) != 0) ++ adin, adin_len) != 0) { ++ *pout = p; + return bytes_needed; ++ } + OPENSSL_secure_clear_free(p, bytes_needed); + return 0; + } diff --git a/openssl.spec b/openssl.spec index c1110d5..0714857 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -54,6 +54,8 @@ Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch Patch11: 0011-Remove-EC-curves.patch # Instructions to load legacy provider in openssl.cnf Patch24: 0024-load-legacy-prov.patch +# Tmp: Upstream #16636 +Patch30: 0030-tmp-Fix-rng-seed-double-free.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -376,6 +378,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Mon Sep 20 2021 Dmitry Belyavskiy - 1:3.0.0-2 +- Avoid double-free on error seeding the RNG. +- Resolves: rhbz#1952844 + * Thu Sep 09 2021 Sahana Prasad - 1:3.0.0-1 - Rebase to upstream version 3.0.0 - Related: rhbz#1990814 From b76c2316a3cad5139154ec4166efb94715f92aeb Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Wed, 22 Sep 2021 12:09:15 +0200 Subject: [PATCH 39/41] KTLS and FIPS may interfere, so tests need to be tuned Resolves: rhbz#1961643 --- 0031-tmp-Fix-test-names.patch | 40 +++++++++++++++++++++++++++++++++++ openssl.spec | 5 ++++- 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 0031-tmp-Fix-test-names.patch diff --git a/0031-tmp-Fix-test-names.patch b/0031-tmp-Fix-test-names.patch new file mode 100644 index 0000000..5c22f24 --- /dev/null +++ b/0031-tmp-Fix-test-names.patch @@ -0,0 +1,40 @@ +diff -up openssl-3.0.0/test/recipes/90-test_sslapi.t.beldmit openssl-3.0.0/test/recipes/90-test_sslapi.t +--- openssl-3.0.0/test/recipes/90-test_sslapi.t.beldmit 2021-09-22 11:56:49.452507975 +0200 ++++ openssl-3.0.0/test/recipes/90-test_sslapi.t 2021-09-22 11:57:19.371764742 +0200 +@@ -40,7 +40,7 @@ unless ($no_fips) { + srctop_file("test", "recipes", "90-test_sslapi_data", + "passwd.txt"), $tmpfilename, "fips", + srctop_file("test", "fips-and-base.cnf")])), +- "running sslapitest"); ++ "running sslapitest - FIPS"); + } + + unlink $tmpfilename; +diff --git a/test/sslapitest.c b/test/sslapitest.c +index e95d2657f46c..7af0eab3fce0 100644 +--- a/test/sslapitest.c ++++ b/test/sslapitest.c +@@ -1158,6 +1158,11 @@ static int execute_test_ktls(int cis_ktls, int sis_ktls, + goto end; + } + ++ if (is_fips && strstr(cipher, "CHACHA") != NULL) { ++ testresult = TEST_skip("CHACHA is not supported in FIPS"); ++ goto end; ++ } ++ + /* Create a session based on SHA-256 */ + if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), + TLS_client_method(), +@@ -1292,6 +1297,11 @@ static int execute_test_ktls_sendfile(int tls_version, const char *cipher) + goto end; + } + ++ if (is_fips && strstr(cipher, "CHACHA") != NULL) { ++ testresult = TEST_skip("CHACHA is not supported in FIPS"); ++ goto end; ++ } ++ + /* Create a session based on SHA-256 */ + if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), + TLS_client_method(), diff --git a/openssl.spec b/openssl.spec index 0714857..34bc1c9 100644 --- a/openssl.spec +++ b/openssl.spec @@ -56,6 +56,8 @@ Patch11: 0011-Remove-EC-curves.patch Patch24: 0024-load-legacy-prov.patch # Tmp: Upstream #16636 Patch30: 0030-tmp-Fix-rng-seed-double-free.patch +# Tmp: test name change +Patch31: 0031-tmp-Fix-test-names.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -380,7 +382,8 @@ install -m644 %{SOURCE9} \ %changelog * Mon Sep 20 2021 Dmitry Belyavskiy - 1:3.0.0-2 - Avoid double-free on error seeding the RNG. -- Resolves: rhbz#1952844 +- KTLS and FIPS may interfere, so tests need to be tuned +- Resolves: rhbz#1952844, rhbz#1961643 * Thu Sep 09 2021 Sahana Prasad - 1:3.0.0-1 - Rebase to upstream version 3.0.0 From 694c426faf758cdc28a14514831a6bc3e63afbe8 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Thu, 7 Oct 2021 18:13:47 +0200 Subject: [PATCH 40/41] Fix memory leak in s_client Related: rhbz#1996092 --- 0100-coverity.patch | 12 ++++++++++++ openssl.spec | 8 +++++++- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 0100-coverity.patch diff --git a/0100-coverity.patch b/0100-coverity.patch new file mode 100644 index 0000000..d81d531 --- /dev/null +++ b/0100-coverity.patch @@ -0,0 +1,12 @@ +diff -up openssl-3.0.0/apps/s_client.c.coverity openssl-3.0.0/apps/s_client.c +--- openssl-3.0.0/apps/s_client.c.coverity 2021-10-07 16:59:37.938432118 +0200 ++++ openssl-3.0.0/apps/s_client.c 2021-10-07 17:00:52.994075755 +0200 +@@ -3040,6 +3040,8 @@ int s_client_main(int argc, char **argv) + #endif + OPENSSL_free(connectstr); + OPENSSL_free(bindstr); ++ OPENSSL_free(bindhost); ++ OPENSSL_free(bindport); + OPENSSL_free(host); + OPENSSL_free(port); + OPENSSL_free(thost); diff --git a/openssl.spec b/openssl.spec index 34bc1c9..cac882d 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.0.0 -Release: 2%{?dist} +Release: 3%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -58,6 +58,8 @@ Patch24: 0024-load-legacy-prov.patch Patch30: 0030-tmp-Fix-rng-seed-double-free.patch # Tmp: test name change Patch31: 0031-tmp-Fix-test-names.patch +# Tmp: coverity +Patch100: 0100-coverity.patch License: ASL 2.0 URL: http://www.openssl.org/ @@ -380,6 +382,10 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Thu Oct 07 2021 Dmitry Belyavskiy - 1:3.0.0-3 +- Fix memory leak in s_client +- Related: rhbz#1996092 + * Mon Sep 20 2021 Dmitry Belyavskiy - 1:3.0.0-2 - Avoid double-free on error seeding the RNG. - KTLS and FIPS may interfere, so tests need to be tuned From 910ecb6eafa298ca6ff7b363caa0365ebcae59d1 Mon Sep 17 00:00:00 2001 From: Michel Alexandre Salim Date: Wed, 10 Nov 2021 14:57:16 -0800 Subject: [PATCH 41/41] Fork c9s' openssl to openssl3 for epel8 (and possibly Fedora <= 35) - drop epoch as this is a new package - adopt code for handling clashing files from openssl11 Signed-off-by: Michel Alexandre Salim --- openssl.spec => openssl3.spec | 93 ++++++++++++++++++++--------------- 1 file changed, 52 insertions(+), 41 deletions(-) rename openssl.spec => openssl3.spec (88%) diff --git a/openssl.spec b/openssl3.spec similarity index 88% rename from openssl.spec rename to openssl3.spec index cac882d..c090847 100644 --- a/openssl.spec +++ b/openssl3.spec @@ -13,10 +13,9 @@ %global _performance_build 1 Summary: Utilities from the general purpose cryptography library with TLS implementation -Name: openssl +Name: openssl3 Version: 3.0.0 -Release: 3%{?dist} -Epoch: 1 +Release: 3%{?dist}.1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. # The original openssl upstream tarball cannot be shipped in the .src.rpm. @@ -75,7 +74,7 @@ BuildRequires: perl(Time::HiRes), perl(IPC::Cmd), perl(Pod::Html), perl(Digest:: BuildRequires: perl(FindBin), perl(lib), perl(File::Compare), perl(File::Copy), perl(bigint) BuildRequires: git-core Requires: coreutils -Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} %description The OpenSSL toolkit provides support for secure communications between @@ -96,7 +95,7 @@ support cryptographic algorithms and protocols. %package devel Summary: Files for development of applications which will use OpenSSL -Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires: pkgconfig %description devel @@ -104,18 +103,8 @@ OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support various cryptographic algorithms and protocols. -%package perl -Summary: Perl scripts provided with OpenSSL -Requires: perl-interpreter -Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} - -%description perl -OpenSSL is a toolkit for supporting cryptography. The openssl-perl -package provides Perl scripts for converting certificates and keys -from other formats to the formats used by the OpenSSL toolkit. - %prep -%autosetup -S git -n %{name}-%{version} +%autosetup -S git -n openssl-%{version} # The hobble_openssl is called here redundantly, just to be sure. # The tarball has already the sources removed. @@ -327,29 +316,60 @@ install -m644 %{SOURCE9} \ $RPM_BUILD_ROOT/%{_prefix}/include/openssl/configuration.h %endif +# Transformation for openssl3 +# see openssl11.spec +mkdir -p $RPM_BUILD_ROOT{%{_libdir},%{_includedir}}/%{name}/ +rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.cnf +rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf +rm -f $RPM_BUILD_ROOT%{_libdir}/*.so +mv -f $RPM_BUILD_ROOT%{_includedir}/{openssl,%{name}/openssl}/ +mv -f $RPM_BUILD_ROOT%{_bindir}/{openssl,%{name}} + +for pc in libcrypto libssl openssl; do + sed -e 's@\(Libs: -L${libdir}\)@\1 -L${libdir}/%{name}@' \ + -e 's@\(Cflags: -I${includedir}\)@\1 -I${includedir}/%{name}@' \ + -e 's@\(Requires.*:.*\)\(libssl\)@\1\23@g' \ + -e 's@\(Requires.*:.*\)\(libcrypto\)@\1\23@g' \ + $RPM_BUILD_ROOT%{_libdir}/pkgconfig/${pc}.pc > $RPM_BUILD_ROOT%{_libdir}/pkgconfig/${pc}3.pc + touch -c -r $RPM_BUILD_ROOT%{_libdir}/pkgconfig/${pc}.pc $RPM_BUILD_ROOT%{_libdir}/pkgconfig/${pc}3.pc + rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/${pc}.pc +done + +ln -s ../libcrypto.so.%{version} $RPM_BUILD_ROOT%{_libdir}/%{name}/libcrypto.so +ln -s ../libssl.so.%{version} $RPM_BUILD_ROOT%{_libdir}/%{name}/libssl.so + +pushd $RPM_BUILD_ROOT%{_mandir} + for manpage in man*/* ; do + [ "${manpage}" = "man1/%{name}.1" ] && continue + if [ -L ${manpage} ]; then + TARGET=`ls -l ${manpage} | awk '{ print $NF }'` + ln -snf ${TARGET}11 ${manpage} + rm -f ${manpage} + else + mv -f ${manpage} ${manpage}3 + fi + done +popd + +# No openssl3-perl, because it wouldn't be really different or newer +rm -rf $RPM_BUILD_ROOT{%{_sysconfdir}/pki/CA/,{%{_bindir},%{_mandir}/man1}/{CA.pl,c_rehash,*tsget}*} + +# Remove dummy cert tools +rm -f $RPM_BUILD_ROOT%{_bindir}/{make,renew}-dummy-cert + %files %{!?_licensedir:%global license %%doc} %license LICENSE.txt %doc NEWS.md README.md -%{_bindir}/make-dummy-cert -%{_bindir}/renew-dummy-cert -%{_bindir}/openssl +%{_bindir}/%{name} %{_mandir}/man1/* %{_mandir}/man5/* %{_mandir}/man7/* %{_pkgdocdir}/Makefile.certificate -%exclude %{_mandir}/man1/*.pl* -%exclude %{_mandir}/man1/tsget* %files libs %{!?_licensedir:%global license %%doc} %license LICENSE.txt -%dir %{_sysconfdir}/pki/tls -%dir %{_sysconfdir}/pki/tls/certs -%dir %{_sysconfdir}/pki/tls/misc -%dir %{_sysconfdir}/pki/tls/private -%config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf -%config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf %attr(0755,root,root) %{_libdir}/libcrypto.so.%{version} %{_libdir}/libcrypto.so.%{soversion} %attr(0755,root,root) %{_libdir}/libssl.so.%{version} @@ -362,26 +382,17 @@ install -m644 %{SOURCE9} \ %files devel %doc CHANGES.md doc/dir-locals.example.el doc/openssl-c-indent.el -%{_prefix}/include/openssl -%{_libdir}/*.so +%{_prefix}/include/%{name} +%{_libdir}/%{name}/*.so %{_mandir}/man3/* %{_libdir}/pkgconfig/*.pc -%files perl -%{_bindir}/c_rehash -%{_bindir}/*.pl -%{_bindir}/tsget -%{_mandir}/man1/*.pl* -%{_mandir}/man1/tsget* -%dir %{_sysconfdir}/pki/CA -%dir %{_sysconfdir}/pki/CA/private -%dir %{_sysconfdir}/pki/CA/certs -%dir %{_sysconfdir}/pki/CA/crl -%dir %{_sysconfdir}/pki/CA/newcerts - %ldconfig_scriptlets libs %changelog +* Wed Nov 17 2021 Michel Alexandre Salim - 1:3.0.0-3.1 +- Fork c9s' openssl to openssl3 for epel8 (and possibly Fedora <= 35) + * Thu Oct 07 2021 Dmitry Belyavskiy - 1:3.0.0-3 - Fix memory leak in s_client - Related: rhbz#1996092